Recommend running LibreSSL or OpenSSL self-tests.

author Darren Tucker <dtucker@dtucker.net>

Mon, 9 Dec 2019 06:23:22 +0000 (17:23 +1100)

committer Darren Tucker <dtucker@dtucker.net>

Mon, 9 Dec 2019 06:23:22 +0000 (17:23 +1100)
author Darren Tucker <dtucker@dtucker.net>
Mon, 9 Dec 2019 06:23:22 +0000 (17:23 +1100)
committer Darren Tucker <dtucker@dtucker.net>
Mon, 9 Dec 2019 06:23:22 +0000 (17:23 +1100)
diff --git a/INSTALL b/INSTALL

index 46fc9e98a59d04609944d759d368619450976441..5057dc287f14fe20c4726d0d7a9d39fd2722b513 100644 (file)
--- a/INSTALL
+++ b/INSTALL
@@ -31,6 +31,10 @@ If you must use a non-position-independent libcrypto, then you may need
  to configure OpenSSH --without-pie.  Note that due to a bug in EVP_CipherInit
  OpenSSL 1.1 versions prior to 1.1.0g can't be used.
  
+If you build either from source, running the OpenSSL self-test ("make
+tests") or the LibreSSL equivalent ("make check") and ensuring that all
+tests pass is strongly recommended.
+
  NB. If you operating system supports /dev/random, you should configure
  libcrypto (LibreSSL/OpenSSL) to use it. OpenSSH relies on libcrypto's
  direct support of /dev/random, or failing that, either prngd or egd.
author	Darren Tucker <dtucker@dtucker.net>
	Mon, 9 Dec 2019 06:23:22 +0000 (17:23 +1100)
committer	Darren Tucker <dtucker@dtucker.net>
	Mon, 9 Dec 2019 06:23:22 +0000 (17:23 +1100)