Hello,
Recent nettle version detection changes in dnsmasq 2.85 have brought build regression with HAVE_CRYPTOHASH defined due no MIN_VERSION macro is defined. Also, DNSSEC GOST validation is not consistent in case only hash but not signature functions are available. Please refer patch set attached. As for disabling GOST, what if disable it by default? Current implemented GOST algos are obsolete, newer ones didn't pass certification as DNSSEC algo, so. -- Best Regards, Vladislav Grishenko
0001-Fix-HAVE_CRYPOHASH-build-and-tune-GOST-ECDSA-usage.patch
Description: Binary data
0002-Allow-to-disable-DNSSEC-GOST-algo-validation.patch
Description: Binary data
_______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss