Skip generating missing RSA1 key on startup unless ssh1 support is enabled.
Spotted by Jean-Pierre Radley
openssl=yes
ssh1=no
+COMMENT_OUT_RSA1="#no ssh1#"
AC_ARG_WITH([openssl],
[ --without-openssl Disable use of OpenSSL; use only limited internal crypto **EXPERIMENTAL** ],
[ if test "x$withval" = "xno" ; then
AC_MSG_ERROR([Cannot enable SSH protocol 1 with OpenSSL disabled])
fi
ssh1=yes
+ COMMENT_OUT_RSA1=""
elif test "x$withval" = "xno" ; then
ssh1=no
else
if test "x$ssh1" = "xyes" ; then
AC_MSG_RESULT([yes])
AC_DEFINE_UNQUOTED([WITH_SSH1], [1], [include SSH protocol version 1 support])
+ AC_SUBST([COMMENT_OUT_RSA1])
else
AC_MSG_RESULT([no])
fi
checkkeys() {
- if [ ! -f $HOST_KEY_RSA1 ]; then
- ${SSH_KEYGEN} -t rsa1 -f ${HOST_KEY_RSA1} -N ""
- fi
+@COMMENT_OUT_RSA1@ if [ ! -f $HOST_KEY_RSA1 ]; then
+@COMMENT_OUT_RSA1@ ${SSH_KEYGEN} -t rsa1 -f ${HOST_KEY_RSA1} -N ""
+@COMMENT_OUT_RSA1@ fi
if [ ! -f $HOST_KEY_DSA ]; then
${SSH_KEYGEN} -t dsa -f ${HOST_KEY_DSA} -N ""
fi