24159a
From 5f9236521f5add49669a97875b7d26cf35b28963 Mon Sep 17 00:00:00 2001
24159a
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
24159a
Date: Fri, 22 Jun 2018 14:05:18 +0200
24159a
Subject: [PATCH 1/2] Squashed commit of the following:
24159a
MIME-Version: 1.0
24159a
Content-Type: text/plain; charset=UTF-8
24159a
Content-Transfer-Encoding: 8bit
24159a
24159a
commit 3fd542379fa381b54381e07d6625ce53f9f9b1f0
24159a
Author: Petr Menšík <pemensik@redhat.com>
24159a
Date:   Thu Jun 21 12:00:35 2018 +0200
24159a
24159a
    Revert "4450.   [port]          Provide more nuanced HSM support which better matches"
24159a
24159a
    This reverts commit f3b4d031c1f714ff6e862670663aa5a18650951e.
24159a
24159a
    Revert PK11_MD5_DISABLED also from remaining files. Keep documentation
24159a
    changes.
24159a
24159a
commit f90934f734796595135cdd7a5008555a615dfe8e
24159a
Author: Petr Menšík <pemensik@redhat.com>
24159a
Date:   Wed Jun 20 19:31:19 2018 +0200
24159a
24159a
    Fix rndc-confgen default algorithm, report true algorithm in usage.
24159a
24159a
commit dd53212c12c6943a21a3c24d60995edd19e1d9f7
24159a
Author: Petr Menšík <pemensik@redhat.com>
24159a
Date:   Fri Feb 23 21:21:30 2018 +0100
24159a
24159a
    Cleanup only if initialization was successful
24159a
24159a
commit f163ea51c46bb22bf264a1ac983e2027e43845fa
24159a
Author: Petr Menšík <pemensik@redhat.com>
24159a
Date:   Mon Feb 5 12:19:28 2018 +0100
24159a
24159a
    Ensure dst backend is initialized first even before hmac algorithms.
24159a
24159a
commit 58751b60bd39168b7c8f817ede70473842432081
24159a
Author: Petr Menšík <pemensik@redhat.com>
24159a
Date:   Mon Feb 5 12:17:54 2018 +0100
24159a
24159a
    Skip initialization of MD5 based algorithms if not available.
24159a
24159a
commit 0572b98430d3c80f4a0b0c592b1e3bf7fde9b768
24159a
Author: Petr Menšík <pemensik@redhat.com>
24159a
Date:   Mon Feb 5 10:21:27 2018 +0100
24159a
24159a
    Change secalgs skipping to be more safe
24159a
24159a
commit 994f497a032930fce1370d507a265fbb293c66f4
24159a
Author: Petr Menšík <pemensik@redhat.com>
24159a
Date:   Wed Jan 31 18:26:11 2018 +0100
24159a
24159a
    Skip MD5 algorithm also in case of NULL name
24159a
24159a
commit abd82fbd2507c4b8f20e1ade202fd66d224fd646
24159a
Author: Petr Menšík <pemensik@redhat.com>
24159a
Date:   Wed Jan 31 16:54:29 2018 +0100
24159a
24159a
    Revert part of commit 1b5c641416eb6de7fc232fc89d31a40a4d439f3d related
24159a
    to SHA1.
24159a
24159a
commit b3c832d53a14a0779f598869bb99685c8e4b2bc0
24159a
Author: Petr Menšík <pemensik@redhat.com>
24159a
Date:   Wed Jan 31 11:38:12 2018 +0100
24159a
24159a
    Make MD5 behave like unknown algorithm in TSIG.
24159a
24159a
commit a64a3d6962ee93d6f8699b29bd6507dba0c244ed
24159a
Author: Petr Menšík <pemensik@redhat.com>
24159a
Date:   Tue Nov 28 20:14:37 2017 +0100
24159a
24159a
    Select token with most supported functions, instead of demanding it must support all functions
24159a
24159a
    Initialize PKCS#11 always until successfully initialized
24159a
24159a
commit db118c6368668099ea1b6e75860cc12e178afa3b
24159a
Author: Petr Menšík <pemensik@redhat.com>
24159a
Date:   Mon Jan 22 16:17:44 2018 +0100
24159a
24159a
    Handle MD5 unavailability from DST
24159a
24159a
commit 8f8824dca2f5b4d5a3a176d31ac3ee612321c4e3
24159a
Author: Petr Menšík <pemensik@redhat.com>
24159a
Date:   Mon Jan 22 14:11:16 2018 +0100
24159a
24159a
    Check runtime flag from library and applications, fail gracefully.
24159a
24159a
commit bd431384af7dcde8827e670c8749517ad677a967
24159a
Author: Petr Menšík <pemensik@redhat.com>
24159a
Date:   Mon Jan 22 08:39:08 2018 +0100
24159a
24159a
    Modify libraries to use isc_md5_available() if PK11_MD5_DISABLE is not
24159a
    defined.
24159a
    TODO: pk11.c should accept slot without MD5 support.
24159a
24159a
commit 160b13979ef3d0e92d2dd52d0987a3ec979be6cf
24159a
Author: Petr Menšík <pemensik@redhat.com>
24159a
Date:   Mon Jan 22 07:21:04 2018 +0100
24159a
24159a
    Add runtime detection whether MD5 is useable.
24159a
24159a
commit 23b27ce0f2ad496c331ae40349cc1074a1b11804
24159a
Author: Mark Andrews <marka@isc.org>
24159a
Date:   Fri Aug 19 08:25:54 2016 +1000
24159a
24159a
    4450.   [port]          Provide more nuanced HSM support which better matches
24159a
                            the specific PKCS11 providers capabilities. [RT #42458]
24159a
24159a
    (cherry picked from commit 8ee6f289d87851a5b898b24a64587f0e6bc225bc)
24159a
24159a
Fix compiler warnings
24159a
---
24159a
 bin/confgen/keygen.c             | 10 +++++-
24159a
 bin/confgen/rndc-confgen.c       | 12 ++++---
24159a
 bin/confgen/rndc-confgen.docbook |  3 +-
24159a
 bin/dig/dig.c                    |  5 ++-
24159a
 bin/dig/dig.docbook              |  6 ++--
24159a
 bin/dig/dighost.c                | 14 ++++++--
24159a
 bin/dnssec/dnssec-keyfromlabel.c |  9 +++++
24159a
 bin/dnssec/dnssec-keygen.c       | 19 +++++++++--
24159a
 bin/named/config.c               | 23 +++++++++++--
24159a
 bin/nsupdate/nsupdate.c          | 20 +++++++----
24159a
 bin/nsupdate/nsupdate.docbook    |  9 ++++-
24159a
 bin/rndc/rndc.c                  |  3 +-
24159a
 bin/tests/hashes/t_hashes.c      | 20 ++++++-----
24159a
 lib/bind9/check.c                |  8 +++++
24159a
 lib/dns/dst_api.c                | 23 +++++++++----
24159a
 lib/dns/dst_internal.h           |  3 +-
24159a
 lib/dns/dst_parse.c              | 12 ++++++-
24159a
 lib/dns/hmac_link.c              |  2 +-
24159a
 lib/dns/opensslrsa_link.c        |  4 +++
24159a
 lib/dns/pkcs11rsa_link.c         | 25 ++++++++++++--
24159a
 lib/dns/rcode.c                  | 19 +++++++++--
24159a
 lib/dns/tests/tsig_test.c        |  1 +
24159a
 lib/dns/tkey.c                   |  9 +++++
24159a
 lib/dns/tsec.c                   |  8 ++++-
24159a
 lib/dns/tsig.c                   | 22 +++++-------
24159a
 lib/isc/include/isc/md5.h        |  3 ++
24159a
 lib/isc/md5.c                    | 59 ++++++++++++++++++++++++++++++++
24159a
 lib/isc/pk11.c                   | 72 +++++++++++++++++++++++++++++++---------
24159a
 lib/isccc/cc.c                   | 48 ++++++++++++++++-----------
24159a
 29 files changed, 373 insertions(+), 98 deletions(-)
24159a
24159a
diff --git a/bin/confgen/keygen.c b/bin/confgen/keygen.c
24159a
index d0cdafed36..4eb027e723 100644
24159a
--- a/bin/confgen/keygen.c
24159a
+++ b/bin/confgen/keygen.c
24159a
@@ -28,6 +28,7 @@
24159a
 #include <isc/entropy.h>
24159a
 #include <isc/file.h>
24159a
 #include <isc/keyboard.h>
24159a
+#include <isc/md5.h>
24159a
 #include <isc/mem.h>
24159a
 #include <isc/result.h>
24159a
 #include <isc/string.h>
24159a
@@ -69,7 +70,7 @@ alg_totext(dns_secalg_t alg) {
24159a
  */
24159a
 dns_secalg_t
24159a
 alg_fromtext(const char *name) {
24159a
-	if (strcmp(name, "hmac-md5") == 0)
24159a
+	if (strcmp(name, "hmac-md5") == 0 && isc_md5_available())
24159a
 		return DST_ALG_HMACMD5;
24159a
 	if (strcmp(name, "hmac-sha1") == 0)
24159a
 		return DST_ALG_HMACSHA1;
24159a
@@ -126,6 +127,13 @@ generate_key(isc_mem_t *mctx, const char *randomfile, dns_secalg_t alg,
24159a
 
24159a
 	switch (alg) {
24159a
 	    case DST_ALG_HMACMD5:
24159a
+		if (isc_md5_available() == ISC_FALSE) {
24159a
+			fatal("unsupported algorithm %d\n", alg);
24159a
+		} else if (keysize < 1 || keysize > 512) {
24159a
+			fatal("keysize %d out of range (must be 1-512)\n",
24159a
+			      keysize);
24159a
+		}
24159a
+		break;
24159a
 	    case DST_ALG_HMACSHA1:
24159a
 	    case DST_ALG_HMACSHA224:
24159a
 	    case DST_ALG_HMACSHA256:
24159a
diff --git a/bin/confgen/rndc-confgen.c b/bin/confgen/rndc-confgen.c
24159a
index 3fd54fe2bb..c48a38f094 100644
24159a
--- a/bin/confgen/rndc-confgen.c
24159a
+++ b/bin/confgen/rndc-confgen.c
24159a
@@ -41,6 +41,7 @@
24159a
 #include <isc/file.h>
24159a
 #include <isc/keyboard.h>
24159a
 #include <isc/mem.h>
24159a
+#include <isc/md5.h>
24159a
 #include <isc/net.h>
24159a
 #include <isc/print.h>
24159a
 #include <isc/result.h>
24159a
@@ -66,7 +67,7 @@ const char *progname;
24159a
 
24159a
 isc_boolean_t verbose = ISC_FALSE;
24159a
 
24159a
-const char *keyfile, *keydef;
24159a
+const char *keyfile, *keydef, *algdef;
24159a
 
24159a
 ISC_PLATFORM_NORETURN_PRE static void
24159a
 usage(int status) ISC_PLATFORM_NORETURN_POST;
24159a
@@ -79,7 +80,7 @@ Usage:\n\
24159a
  %s [-a] [-b bits] [-c keyfile] [-k keyname] [-p port] [-r randomfile] \
24159a
 [-s addr] [-t chrootdir] [-u user]\n\
24159a
   -a:		 generate just the key clause and write it to keyfile (%s)\n\
24159a
-  -A alg:	 algorithm (default hmac-md5)\n\
24159a
+  -A alg:	 algorithm (default %s)\n\
24159a
   -b bits:	 from 1 through 512, default 256; total length of the secret\n\
24159a
   -c keyfile:	 specify an alternate key file (requires -a)\n\
24159a
   -k keyname:	 the name as it will be used  in named.conf and rndc.conf\n\
24159a
@@ -88,7 +89,7 @@ Usage:\n\
24159a
   -s addr:	 the address to which rndc should connect\n\
24159a
   -t chrootdir:	 write a keyfile in chrootdir as well (requires -a)\n\
24159a
   -u user:	 set the keyfile owner to \"user\" (requires -a)\n",
24159a
-		 progname, keydef);
24159a
+		 progname, keydef, algdef);
24159a
 
24159a
 	exit (status);
24159a
 }
24159a
@@ -124,9 +125,12 @@ main(int argc, char **argv) {
24159a
 	progname = program;
24159a
 
24159a
 	keyname = DEFAULT_KEYNAME;
24159a
-	alg = DST_ALG_HMACMD5;
24159a
 	serveraddr = DEFAULT_SERVER;
24159a
 	port = DEFAULT_PORT;
24159a
+	alg = DST_ALG_HMACSHA256;
24159a
+	if (isc_md5_available())
24159a
+		alg = DST_ALG_HMACMD5;
24159a
+	algdef = alg_totext(alg);
24159a
 
24159a
 	isc_commandline_errprint = ISC_FALSE;
24159a
 
24159a
diff --git a/bin/confgen/rndc-confgen.docbook b/bin/confgen/rndc-confgen.docbook
24159a
index f367b94aae..add8d7357f 100644
24159a
--- a/bin/confgen/rndc-confgen.docbook
24159a
+++ b/bin/confgen/rndc-confgen.docbook
24159a
@@ -136,7 +136,8 @@
24159a
           <para>
24159a
             Specifies the algorithm to use for the TSIG key.  Available
24159a
             choices are: hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256,
24159a
-            hmac-sha384 and hmac-sha512.  The default is hmac-md5.
24159a
+            hmac-sha384 and hmac-sha512.  The default is hmac-md5 or
24159a
+            if MD5 was disabled hmac-sha256.
24159a
           </para>
24159a
         </listitem>
24159a
       </varlistentry>
24159a
diff --git a/bin/dig/dig.c b/bin/dig/dig.c
24159a
index 634ccfbfbf..4db0e6430f 100644
24159a
--- a/bin/dig/dig.c
24159a
+++ b/bin/dig/dig.c
24159a
@@ -25,6 +25,7 @@
24159a
 #include <ctype.h>
24159a
 
24159a
 #include <isc/app.h>
24159a
+#include <isc/md5.h>
24159a
 #include <isc/netaddr.h>
24159a
 #include <isc/parseint.h>
24159a
 #include <isc/print.h>
24159a
@@ -1426,7 +1427,9 @@ dash_option(char *option, char *next, dig_lookup_t **lookup,
24159a
 			ptr = ptr2;
24159a
 			ptr2 = ptr3;
24159a
 		} else  {
24159a
-			hmacname = DNS_TSIG_HMACMD5_NAME;
24159a
+			hmacname = DNS_TSIG_HMACSHA256_NAME;
24159a
+			if (isc_md5_available())
24159a
+				hmacname = DNS_TSIG_HMACMD5_NAME;
24159a
 			digestbits = 0;
24159a
 		}
24159a
 		strncpy(keynametext, ptr, sizeof(keynametext));
24159a
diff --git a/bin/dig/dig.docbook b/bin/dig/dig.docbook
24159a
index 028f0fcd73..6ee5bd90bc 100644
24159a
--- a/bin/dig/dig.docbook
24159a
+++ b/bin/dig/dig.docbook
24159a
@@ -309,9 +309,11 @@
24159a
       responses using transaction signatures (TSIG), specify a TSIG key file
24159a
       using the <option>-k</option> option.  You can also specify the TSIG
24159a
       key itself on the command line using the <option>-y</option> option;
24159a
-      <parameter>hmac</parameter> is the type of the TSIG, default HMAC-MD5,
24159a
+      <parameter>hmac</parameter> is the type of the TSIG,
24159a
       <parameter>name</parameter> is the name of the TSIG key and
24159a
-      <parameter>key</parameter> is the actual key.  The key is a
24159a
+      <parameter>key</parameter> is the actual key. If <parameter>hmac</parameter>
24159a
+      is not specified, the default is <literal>hmac-md5</literal>
24159a
+      or if MD5 was disabled <literal>hmac-sha256</literal>.  The key is a
24159a
       base-64
24159a
       encoded string, typically generated by
24159a
       <citerefentry>
24159a
diff --git a/bin/dig/dighost.c b/bin/dig/dighost.c
24159a
index 3a066c68c9..3998a81a5d 100644
24159a
--- a/bin/dig/dighost.c
24159a
+++ b/bin/dig/dighost.c
24159a
@@ -81,6 +81,7 @@
24159a
 #include <isc/file.h>
24159a
 #include <isc/lang.h>
24159a
 #include <isc/log.h>
24159a
+#include <isc/md5.h>
24159a
 #include <isc/netaddr.h>
24159a
 #ifdef DIG_SIGCHASE
24159a
 #include <isc/netdb.h>
24159a
@@ -1025,9 +1026,10 @@ parse_hmac(const char *hmac) {
24159a
 
24159a
 	digestbits = 0;
24159a
 
24159a
-	if (strcasecmp(buf, "hmac-md5") == 0) {
24159a
+	if (strcasecmp(buf, "hmac-md5") == 0 && isc_md5_available()) {
24159a
 		hmacname = DNS_TSIG_HMACMD5_NAME;
24159a
-	} else if (strncasecmp(buf, "hmac-md5-", 9) == 0) {
24159a
+	} else if (strncasecmp(buf, "hmac-md5-", 9) == 0 &&
24159a
+		   isc_md5_available()) {
24159a
 		hmacname = DNS_TSIG_HMACMD5_NAME;
24159a
 		digestbits = parse_bits(&buf[9], "digest-bits [0..128]", 128);
24159a
 	} else if (strcasecmp(buf, "hmac-sha1") == 0) {
24159a
@@ -1145,7 +1147,13 @@ setup_file_key(void) {
24159a
 
24159a
 	switch (dst_key_alg(dstkey)) {
24159a
 	case DST_ALG_HMACMD5:
24159a
-		hmacname = DNS_TSIG_HMACMD5_NAME;
24159a
+		if (isc_md5_available()) {
24159a
+			hmacname = DNS_TSIG_HMACMD5_NAME;
24159a
+		} else {
24159a
+			printf(";; Couldn't create key %s: bad algorithm\n",
24159a
+			       keynametext);
24159a
+			goto failure;
24159a
+		}
24159a
 		break;
24159a
 	case DST_ALG_HMACSHA1:
24159a
 		hmacname = DNS_TSIG_HMACSHA1_NAME;
24159a
diff --git a/bin/dnssec/dnssec-keyfromlabel.c b/bin/dnssec/dnssec-keyfromlabel.c
24159a
index cc212e1ed1..a5854a1f4c 100644
24159a
--- a/bin/dnssec/dnssec-keyfromlabel.c
24159a
+++ b/bin/dnssec/dnssec-keyfromlabel.c
24159a
@@ -27,6 +27,7 @@
24159a
 #include <isc/commandline.h>
24159a
 #include <isc/entropy.h>
24159a
 #include <isc/mem.h>
24159a
+#include <isc/md5.h>
24159a
 #include <isc/region.h>
24159a
 #include <isc/print.h>
24159a
 #include <isc/string.h>
24159a
@@ -379,6 +380,11 @@ main(int argc, char **argv) {
24159a
 		if (freeit != NULL)
24159a
 			free(freeit);
24159a
 		return (1);
24159a
+	} else if (strcasecmp(algname, "RSAMD5") == 0 && isc_md5_available() == ISC_FALSE) {
24159a
+		fprintf(stderr, "The use of RSAMD5 was disabled\n");
24159a
+		if (freeit != NULL)
24159a
+			free(freeit);
24159a
+		return (1);
24159a
 	} else {
24159a
 		r.base = algname;
24159a
 		r.length = strlen(algname);
24159a
@@ -412,6 +418,9 @@ main(int argc, char **argv) {
24159a
 			fatal("invalid type %s", type);
24159a
 	}
24159a
 
24159a
+	if (alg == DST_ALG_RSAMD5 && isc_md5_available() == ISC_FALSE)
24159a
+		fatal("Key uses disabled RSAMD5");
24159a
+
24159a
 	if (nametype == NULL) {
24159a
 		if ((options & DST_TYPE_KEY) != 0) /* KEY */
24159a
 			fatal("no nametype specified");
24159a
diff --git a/bin/dnssec/dnssec-keygen.c b/bin/dnssec/dnssec-keygen.c
24159a
index 97b96ee1dc..c147bb4e6c 100644
24159a
--- a/bin/dnssec/dnssec-keygen.c
24159a
+++ b/bin/dnssec/dnssec-keygen.c
24159a
@@ -42,6 +42,7 @@
24159a
 #include <isc/buffer.h>
24159a
 #include <isc/commandline.h>
24159a
 #include <isc/entropy.h>
24159a
+#include <isc/md5.h>
24159a
 #include <isc/mem.h>
24159a
 #include <isc/region.h>
24159a
 #include <isc/string.h>
24159a
@@ -548,9 +549,21 @@ main(int argc, char **argv) {
24159a
 					"\"-a RSAMD5\"\n");
24159a
 			INSIST(freeit == NULL);
24159a
 			return (1);
24159a
-		} else if (strcasecmp(algname, "HMAC-MD5") == 0)
24159a
-			alg = DST_ALG_HMACMD5;
24159a
-		else if (strcasecmp(algname, "HMAC-SHA1") == 0)
24159a
+		} else if (strcasecmp(algname, "HMAC-MD5") == 0) {
24159a
+			if (isc_md5_available()) {
24159a
+				alg = DST_ALG_HMACMD5;
24159a
+			} else {
24159a
+				fprintf(stderr,
24159a
+					"The use of HMAC-MD5 was disabled\n");
24159a
+				INSIST(freeit == NULL);
24159a
+				return (1);
24159a
+			}
24159a
+		} else if (strcasecmp(algname, "RSAMD5") == 0 &&
24159a
+			   isc_md5_available() == ISC_FALSE) {
24159a
+			fprintf(stderr, "The use of RSAMD5 was disabled\n");
24159a
+			INSIST(freeit == NULL);
24159a
+			return (1);
24159a
+		} else if (strcasecmp(algname, "HMAC-SHA1") == 0)
24159a
 			alg = DST_ALG_HMACSHA1;
24159a
 		else if (strcasecmp(algname, "HMAC-SHA224") == 0)
24159a
 			alg = DST_ALG_HMACSHA224;
24159a
diff --git a/bin/named/config.c b/bin/named/config.c
24159a
index 818ed3797a..22d8a85405 100644
24159a
--- a/bin/named/config.c
24159a
+++ b/bin/named/config.c
24159a
@@ -25,6 +25,7 @@
24159a
 
24159a
 #include <isc/buffer.h>
24159a
 #include <isc/log.h>
24159a
+#include <isc/md5.h>
24159a
 #include <isc/mem.h>
24159a
 #include <isc/parseint.h>
24159a
 #include <isc/region.h>
24159a
@@ -828,6 +829,19 @@ ns_config_getkeyalgorithm(const char *str, dns_name_t **name,
24159a
 	return (ns_config_getkeyalgorithm2(str, name, NULL, digestbits));
24159a
 }
24159a
 
24159a
+static inline int
24159a
+algorithms_start() {
24159a
+	if (isc_md5_available() == ISC_FALSE) {
24159a
+		int i = 0;
24159a
+		while (algorithms[i].str != NULL &&
24159a
+			algorithms[i].hmac == hmacmd5) {
24159a
+			i++;
24159a
+		}
24159a
+		return i;
24159a
+	}
24159a
+	return 0;
24159a
+}
24159a
+
24159a
 isc_result_t
24159a
 ns_config_getkeyalgorithm2(const char *str, dns_name_t **name,
24159a
 			   unsigned int *typep, isc_uint16_t *digestbits)
24159a
@@ -837,7 +851,7 @@ ns_config_getkeyalgorithm2(const char *str, dns_name_t **name,
24159a
 	isc_uint16_t bits;
24159a
 	isc_result_t result;
24159a
 
24159a
-	for (i = 0; algorithms[i].str != NULL; i++) {
24159a
+	for (i = algorithms_start(); algorithms[i].str != NULL; i++) {
24159a
 		len = strlen(algorithms[i].str);
24159a
 		if (strncasecmp(algorithms[i].str, str, len) == 0 &&
24159a
 		    (str[len] == '\0' ||
24159a
@@ -859,7 +873,12 @@ ns_config_getkeyalgorithm2(const char *str, dns_name_t **name,
24159a
 
24159a
 	if (name != NULL) {
24159a
 		switch (algorithms[i].hmac) {
24159a
-		case hmacmd5: *name = dns_tsig_hmacmd5_name; break;
24159a
+		case hmacmd5:
24159a
+			if (isc_md5_available()) {
24159a
+				*name = dns_tsig_hmacmd5_name; break;
24159a
+			} else {
24159a
+				return (ISC_R_NOTFOUND);
24159a
+			}
24159a
 		case hmacsha1: *name = dns_tsig_hmacsha1_name; break;
24159a
 		case hmacsha224: *name = dns_tsig_hmacsha224_name; break;
24159a
 		case hmacsha256: *name = dns_tsig_hmacsha256_name; break;
24159a
diff --git a/bin/nsupdate/nsupdate.c b/bin/nsupdate/nsupdate.c
24159a
index 644e3d9fc0..336597a95d 100644
24159a
--- a/bin/nsupdate/nsupdate.c
24159a
+++ b/bin/nsupdate/nsupdate.c
24159a
@@ -37,6 +37,7 @@
24159a
 #include <isc/hash.h>
24159a
 #include <isc/lex.h>
24159a
 #include <isc/log.h>
24159a
+#include <isc/md5.h>
24159a
 #include <isc/mem.h>
24159a
 #include <isc/parseint.h>
24159a
 #include <isc/print.h>
24159a
@@ -440,9 +441,10 @@ parse_hmac(dns_name_t **hmac, const char *hmacstr, size_t len) {
24159a
 	strncpy(buf, hmacstr, len);
24159a
 	buf[len] = 0;
24159a
 
24159a
-	if (strcasecmp(buf, "hmac-md5") == 0) {
24159a
+	if (strcasecmp(buf, "hmac-md5") == 0 && isc_md5_available()) {
24159a
 		*hmac = DNS_TSIG_HMACMD5_NAME;
24159a
-	} else if (strncasecmp(buf, "hmac-md5-", 9) == 0) {
24159a
+	} else if (strncasecmp(buf, "hmac-md5-", 9) == 0 &&
24159a
+		   isc_md5_available()) {
24159a
 		*hmac = DNS_TSIG_HMACMD5_NAME;
24159a
 		result = isc_parse_uint16(&digestbits, &buf[9], 10);
24159a
 		if (result != ISC_R_SUCCESS || digestbits > 128)
24159a
@@ -538,7 +540,9 @@ setup_keystr(void) {
24159a
 		secretstr = n + 1;
24159a
 		digestbits = parse_hmac(&hmacname, keystr, s - keystr);
24159a
 	} else {
24159a
-		hmacname = DNS_TSIG_HMACMD5_NAME;
24159a
+		hmacname = DNS_TSIG_HMACSHA256_NAME;
24159a
+		if (isc_md5_available())
24159a
+			hmacname = DNS_TSIG_HMACMD5_NAME;
24159a
 		name = keystr;
24159a
 		n = s;
24159a
 	}
24159a
@@ -670,7 +674,8 @@ setup_keyfile(isc_mem_t *mctx, isc_log_t *lctx) {
24159a
 
24159a
 	switch (dst_key_alg(dstkey)) {
24159a
 	case DST_ALG_HMACMD5:
24159a
-		hmacname = DNS_TSIG_HMACMD5_NAME;
24159a
+		if (isc_md5_available())
24159a
+			hmacname = DNS_TSIG_HMACMD5_NAME;
24159a
 		break;
24159a
 	case DST_ALG_HMACSHA1:
24159a
 		hmacname = DNS_TSIG_HMACSHA1_NAME;
24159a
@@ -1462,8 +1467,11 @@ evaluate_key(char *cmdline) {
24159a
 	if (n != NULL) {
24159a
 		digestbits = parse_hmac(&hmacname, namestr, n - namestr);
24159a
 		namestr = n + 1;
24159a
-	} else
24159a
-		hmacname = DNS_TSIG_HMACMD5_NAME;
24159a
+	} else {
24159a
+		hmacname = DNS_TSIG_HMACSHA256_NAME;
24159a
+		if (isc_md5_available())
24159a
+			hmacname = DNS_TSIG_HMACMD5_NAME;
24159a
+	}
24159a
 
24159a
 	isc_buffer_init(&b, namestr, strlen(namestr));
24159a
 	isc_buffer_add(&b, strlen(namestr));
24159a
diff --git a/bin/nsupdate/nsupdate.docbook b/bin/nsupdate/nsupdate.docbook
24159a
index bbcc68110f..7d8e78f894 100644
24159a
--- a/bin/nsupdate/nsupdate.docbook
24159a
+++ b/bin/nsupdate/nsupdate.docbook
24159a
@@ -158,6 +158,9 @@
24159a
       <optional><parameter>hmac:</parameter></optional><parameter>keyname:secret.</parameter>
24159a
       <parameter>keyname</parameter> is the name of the key, and
24159a
       <parameter>secret</parameter> is the base64 encoded shared secret.
24159a
+      If <parameter>hmac</parameter> is not specified,
24159a
+      the default is <literal>hmac-md5</literal>
24159a
+      or if MD5 was disabled <literal>hmac-sha256</literal>.
24159a
       Use of the <option>-y</option> option is discouraged because the
24159a
       shared secret is supplied as a command line argument in clear text.
24159a
       This may be visible in the output from
24159a
@@ -371,13 +374,17 @@
24159a
         <varlistentry>
24159a
           <term>
24159a
               <command>key</command>
24159a
-              <arg choice="req">name</arg>
24159a
+              <arg choice="opt" rep="norepeat">hmac:</arg><arg choice="req">name</arg>
24159a
               <arg choice="req">secret</arg>
24159a
             </term>
24159a
           <listitem>
24159a
             <para>
24159a
               Specifies that all updates are to be TSIG-signed using the
24159a
               <parameter>keyname</parameter> <parameter>keysecret</parameter> pair.
24159a
+              If <parameter>hmac</parameter> is specified, then it sets the
24159a
+              signing algorithm in use; the default is
24159a
+              <literal>hmac-md5</literal> or if MD5 was disabled
24159a
+              <literal>hmac-sha256</literal>.
24159a
               The <command>key</command> command
24159a
               overrides any key specified on the command line via
24159a
               <option>-y</option> or <option>-k</option>.
24159a
diff --git a/bin/rndc/rndc.c b/bin/rndc/rndc.c
24159a
index 81e629f15c..0fd192d3a5 100644
24159a
--- a/bin/rndc/rndc.c
24159a
+++ b/bin/rndc/rndc.c
24159a
@@ -33,6 +33,7 @@
24159a
 #include <isc/file.h>
24159a
 #include <isc/log.h>
24159a
 #include <isc/net.h>
24159a
+#include <isc/md5.h>
24159a
 #include <isc/mem.h>
24159a
 #include <isc/random.h>
24159a
 #include <isc/socket.h>
24159a
@@ -607,7 +608,7 @@ parse_config(isc_mem_t *mctx, isc_log_t *log, const char *keyname,
24159a
 	secretstr = cfg_obj_asstring(secretobj);
24159a
 	algorithmstr = cfg_obj_asstring(algorithmobj);
24159a
 
24159a
-	if (strcasecmp(algorithmstr, "hmac-md5") == 0)
24159a
+	if (strcasecmp(algorithmstr, "hmac-md5") == 0 && isc_md5_available())
24159a
 		algorithm = ISCCC_ALG_HMACMD5;
24159a
 	else if (strcasecmp(algorithmstr, "hmac-sha1") == 0)
24159a
 		algorithm = ISCCC_ALG_HMACSHA1;
24159a
diff --git a/bin/tests/hashes/t_hashes.c b/bin/tests/hashes/t_hashes.c
24159a
index 47d08c572d..965271ad67 100644
24159a
--- a/bin/tests/hashes/t_hashes.c
24159a
+++ b/bin/tests/hashes/t_hashes.c
24159a
@@ -353,8 +353,10 @@ t_hashes(IN *in, OUT *out_sha1, OUT *out_sha224, OUT *out_md5)
24159a
 	t_hash("SHA1", (HASH_INIT)isc_sha1_init, (UPDATE)isc_sha1_update,
24159a
 	       (FINAL)isc_sha1_final, in, out_sha1);
24159a
 	t_sha224(in, out_sha224);
24159a
-	t_hash("md5", (HASH_INIT)isc_md5_init, (UPDATE)isc_md5_update,
24159a
-	       (FINAL)isc_md5_final, in, out_md5);
24159a
+	if (isc_md5_available()) {
24159a
+		t_hash("md5", (HASH_INIT)isc_md5_init, (UPDATE)isc_md5_update,
24159a
+		       (FINAL)isc_md5_final, in, out_md5);
24159a
+	}
24159a
 }
24159a
 
24159a
 
24159a
@@ -435,12 +437,14 @@ t1(void)
24159a
 	t_hashes(&abc, &abc_sha1, &abc_sha224, &abc_md5);
24159a
 	t_hashes(&abc_blah, &abc_blah_sha1, &abc_blah_sha224, &abc_blah_md5);
24159a
 
24159a
-	/*
24159a
-	 * three HMAC-md5 examples from RFC 2104
24159a
-	 */
24159a
-	t_md5hmac(&rfc2104_1, &rfc2104_1_hmac);
24159a
-	t_md5hmac(&rfc2104_2, &rfc2104_2_hmac);
24159a
-	t_md5hmac(&rfc2104_3, &rfc2104_3_hmac);
24159a
+	if (isc_md5_available()) {
24159a
+		/*
24159a
+		 * three HMAC-md5 examples from RFC 2104
24159a
+		 */
24159a
+		t_md5hmac(&rfc2104_1, &rfc2104_1_hmac);
24159a
+		t_md5hmac(&rfc2104_2, &rfc2104_2_hmac);
24159a
+		t_md5hmac(&rfc2104_3, &rfc2104_3_hmac);
24159a
+	}
24159a
 
24159a
 	/*
24159a
 	 * four HMAC-SHA tests from RFC 4634 starting on page 86
24159a
diff --git a/lib/bind9/check.c b/lib/bind9/check.c
24159a
index 5131b521f4..00c4b3e509 100644
24159a
--- a/lib/bind9/check.c
24159a
+++ b/lib/bind9/check.c
24159a
@@ -26,6 +26,7 @@
24159a
 #include <isc/base64.h>
24159a
 #include <isc/buffer.h>
24159a
 #include <isc/log.h>
24159a
+#include <isc/md5.h>
24159a
 #include <isc/mem.h>
24159a
 #include <isc/netaddr.h>
24159a
 #include <isc/parseint.h>
24159a
@@ -1895,6 +1896,13 @@ bind9_check_key(const cfg_obj_t *key, isc_log_t *logctx) {
24159a
 	}
24159a
 
24159a
 	algorithm = cfg_obj_asstring(algobj);
24159a
+	/* Skip hmac-md5* algorithms */
24159a
+	if (isc_md5_available() == ISC_FALSE &&
24159a
+	    strncasecmp(algorithm, "hmac-md5", 8) == 0) {
24159a
+		cfg_obj_log(algobj, logctx, ISC_LOG_ERROR,
24159a
+			    "disabled algorithm '%s'", algorithm);
24159a
+		return (ISC_R_DISABLED);
24159a
+	}
24159a
 	for (i = 0; algorithms[i].name != NULL; i++) {
24159a
 		len = strlen(algorithms[i].name);
24159a
 		if (strncasecmp(algorithms[i].name, algorithm, len) == 0 &&
24159a
diff --git a/lib/dns/dst_api.c b/lib/dns/dst_api.c
24159a
index e71f2026e5..e6375cf406 100644
24159a
--- a/lib/dns/dst_api.c
24159a
+++ b/lib/dns/dst_api.c
24159a
@@ -202,6 +202,12 @@ dst_lib_init2(isc_mem_t *mctx, isc_entropy_t *ectx,
24159a
 	dst_result_register();
24159a
 
24159a
 	memset(dst_t_func, 0, sizeof(dst_t_func));
24159a
+
24159a
+#ifdef OPENSSL
24159a
+	RETERR(dst__openssl_init(engine));
24159a
+#elif PKCS11CRYPTO
24159a
+	RETERR(dst__pkcs11_init(mctx, engine));
24159a
+#endif
24159a
 	RETERR(dst__hmacmd5_init(&dst_t_func[DST_ALG_HMACMD5]));
24159a
 	RETERR(dst__hmacsha1_init(&dst_t_func[DST_ALG_HMACSHA1]));
24159a
 	RETERR(dst__hmacsha224_init(&dst_t_func[DST_ALG_HMACSHA224]));
24159a
@@ -209,7 +215,6 @@ dst_lib_init2(isc_mem_t *mctx, isc_entropy_t *ectx,
24159a
 	RETERR(dst__hmacsha384_init(&dst_t_func[DST_ALG_HMACSHA384]));
24159a
 	RETERR(dst__hmacsha512_init(&dst_t_func[DST_ALG_HMACSHA512]));
24159a
 #ifdef OPENSSL
24159a
-	RETERR(dst__openssl_init(engine));
24159a
 	RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_RSAMD5],
24159a
 				    DST_ALG_RSAMD5));
24159a
 	RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_RSASHA1],
24159a
@@ -233,12 +238,16 @@ dst_lib_init2(isc_mem_t *mctx, isc_entropy_t *ectx,
24159a
 	RETERR(dst__opensslecdsa_init(&dst_t_func[DST_ALG_ECDSA384]));
24159a
 #endif
24159a
 #elif PKCS11CRYPTO
24159a
-	RETERR(dst__pkcs11_init(mctx, engine));
24159a
-	RETERR(dst__pkcs11rsa_init(&dst_t_func[DST_ALG_RSAMD5]));
24159a
-	RETERR(dst__pkcs11rsa_init(&dst_t_func[DST_ALG_RSASHA1]));
24159a
-	RETERR(dst__pkcs11rsa_init(&dst_t_func[DST_ALG_NSEC3RSASHA1]));
24159a
-	RETERR(dst__pkcs11rsa_init(&dst_t_func[DST_ALG_RSASHA256]));
24159a
-	RETERR(dst__pkcs11rsa_init(&dst_t_func[DST_ALG_RSASHA512]));
24159a
+	RETERR(dst__pkcs11rsa_init(&dst_t_func[DST_ALG_RSAMD5],
24159a
+				   DST_ALG_RSAMD5));
24159a
+	RETERR(dst__pkcs11rsa_init(&dst_t_func[DST_ALG_RSASHA1],
24159a
+				   DST_ALG_RSASHA1));
24159a
+	RETERR(dst__pkcs11rsa_init(&dst_t_func[DST_ALG_NSEC3RSASHA1],
24159a
+				   DST_ALG_NSEC3RSASHA1));
24159a
+	RETERR(dst__pkcs11rsa_init(&dst_t_func[DST_ALG_RSASHA256],
24159a
+				   DST_ALG_RSASHA256));
24159a
+	RETERR(dst__pkcs11rsa_init(&dst_t_func[DST_ALG_RSASHA512],
24159a
+				   DST_ALG_RSASHA512));
24159a
 	RETERR(dst__pkcs11dsa_init(&dst_t_func[DST_ALG_DSA]));
24159a
 	RETERR(dst__pkcs11dsa_init(&dst_t_func[DST_ALG_NSEC3DSA]));
24159a
 	RETERR(dst__pkcs11dh_init(&dst_t_func[DST_ALG_DH]));
24159a
diff --git a/lib/dns/dst_internal.h b/lib/dns/dst_internal.h
24159a
index b15135e634..66d322a278 100644
24159a
--- a/lib/dns/dst_internal.h
24159a
+++ b/lib/dns/dst_internal.h
24159a
@@ -232,7 +232,8 @@ isc_result_t dst__hmacsha384_init(struct dst_func **funcp);
24159a
 isc_result_t dst__hmacsha512_init(struct dst_func **funcp);
24159a
 isc_result_t dst__opensslrsa_init(struct dst_func **funcp,
24159a
 				  unsigned char algorithm);
24159a
-isc_result_t dst__pkcs11rsa_init(struct dst_func **funcp);
24159a
+isc_result_t dst__pkcs11rsa_init(struct dst_func **funcp,
24159a
+				 unsigned char algorithm);
24159a
 isc_result_t dst__openssldsa_init(struct dst_func **funcp);
24159a
 isc_result_t dst__pkcs11dsa_init(struct dst_func **funcp);
24159a
 isc_result_t dst__openssldh_init(struct dst_func **funcp);
24159a
diff --git a/lib/dns/dst_parse.c b/lib/dns/dst_parse.c
24159a
index ec622d9603..0e889cc740 100644
24159a
--- a/lib/dns/dst_parse.c
24159a
+++ b/lib/dns/dst_parse.c
24159a
@@ -40,6 +40,7 @@
24159a
 #include <isc/dir.h>
24159a
 #include <isc/fsaccess.h>
24159a
 #include <isc/lex.h>
24159a
+#include <isc/md5.h>
24159a
 #include <isc/mem.h>
24159a
 #include <isc/stdtime.h>
24159a
 #include <isc/string.h>
24159a
@@ -353,6 +354,10 @@ check_data(const dst_private_t *priv, const unsigned int alg,
24159a
 	/* XXXVIX this switch statement is too sparse to gen a jump table. */
24159a
 	switch (alg) {
24159a
 	case DST_ALG_RSAMD5:
24159a
+		if (isc_md5_available())
24159a
+			return (check_rsa(priv, external));
24159a
+		else
24159a
+			return (DST_R_UNSUPPORTEDALG);
24159a
 	case DST_ALG_RSASHA1:
24159a
 	case DST_ALG_NSEC3RSASHA1:
24159a
 	case DST_ALG_RSASHA256:
24159a
@@ -369,7 +374,10 @@ check_data(const dst_private_t *priv, const unsigned int alg,
24159a
 	case DST_ALG_ECDSA384:
24159a
 		return (check_ecdsa(priv, external));
24159a
 	case DST_ALG_HMACMD5:
24159a
-		return (check_hmac_md5(priv, old));
24159a
+		if (isc_md5_available())
24159a
+			return (check_hmac_md5(priv, old));
24159a
+		else
24159a
+			return (DST_R_UNSUPPORTEDALG);
24159a
 	case DST_ALG_HMACSHA1:
24159a
 		return (check_hmac_sha(priv, HMACSHA1_NTAGS, alg));
24159a
 	case DST_ALG_HMACSHA224:
24159a
@@ -587,6 +595,8 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex,
24159a
 		goto fail;
24159a
 	}
24159a
 
24159a
+	if (isc_md5_available() == ISC_FALSE && alg == DST_ALG_RSA)
24159a
+		alg = DST_ALG_RSASHA1;
24159a
 	check = check_data(priv, alg, ISC_TRUE, external);
24159a
 	if (check < 0) {
24159a
 		ret = DST_R_INVALIDPRIVATEKEY;
24159a
diff --git a/lib/dns/hmac_link.c b/lib/dns/hmac_link.c
24159a
index 3ac01a8c20..6b6801af1c 100644
24159a
--- a/lib/dns/hmac_link.c
24159a
+++ b/lib/dns/hmac_link.c
24159a
@@ -340,7 +340,7 @@ static dst_func_t hmacmd5_functions = {
24159a
 isc_result_t
24159a
 dst__hmacmd5_init(dst_func_t **funcp) {
24159a
 	REQUIRE(funcp != NULL);
24159a
-	if (*funcp == NULL)
24159a
+	if (*funcp == NULL && isc_md5_available())
24159a
 		*funcp = &hmacmd5_functions;
24159a
 	return (ISC_R_SUCCESS);
24159a
 }
24159a
diff --git a/lib/dns/opensslrsa_link.c b/lib/dns/opensslrsa_link.c
24159a
index 53c6d4bdd9..08291af016 100644
24159a
--- a/lib/dns/opensslrsa_link.c
24159a
+++ b/lib/dns/opensslrsa_link.c
24159a
@@ -1484,6 +1484,10 @@ dst__opensslrsa_init(dst_func_t **funcp, unsigned char algorithm) {
24159a
 
24159a
 	if (*funcp == NULL) {
24159a
 		switch (algorithm) {
24159a
+		case DST_ALG_RSAMD5:
24159a
+			if (isc_md5_available())
24159a
+				*funcp = &opensslrsa_functions;
24159a
+			break;
24159a
 		case DST_ALG_RSASHA256:
24159a
 #if defined(HAVE_EVP_SHA256) || !USE_EVP
24159a
 			*funcp = &opensslrsa_functions;
24159a
diff --git a/lib/dns/pkcs11rsa_link.c b/lib/dns/pkcs11rsa_link.c
24159a
index 010d4b64fc..6b556bcd11 100644
24159a
--- a/lib/dns/pkcs11rsa_link.c
24159a
+++ b/lib/dns/pkcs11rsa_link.c
24159a
@@ -89,6 +89,9 @@ pkcs11rsa_createctx_sign(dst_key_t *key, dst_context_t *dctx) {
24159a
 		key->key_alg == DST_ALG_RSASHA256 ||
24159a
 		key->key_alg == DST_ALG_RSASHA512);
24159a
 
24159a
+	if (key->key_alg == DST_ALG_RSAMD5 && isc_md5_available() == ISC_FALSE)
24159a
+		return (ISC_R_FAILURE);
24159a
+
24159a
 	rsa = key->keydata.pkey;
24159a
 
24159a
 	pk11_ctx = (pk11_context_t *) isc_mem_get(dctx->mctx,
24159a
@@ -216,6 +219,8 @@ pkcs11rsa_createctx_sign(dst_key_t *key, dst_context_t *dctx) {
24159a
 
24159a
 	switch (dctx->key->key_alg) {
24159a
 	case DST_ALG_RSAMD5:
24159a
+		if (isc_md5_available() == ISC_FALSE)
24159a
+			return (ISC_R_FAILURE);
24159a
 		mech.mechanism = CKM_MD5_RSA_PKCS;
24159a
 		break;
24159a
 	case DST_ALG_RSASHA1:
24159a
@@ -297,6 +302,9 @@ pkcs11rsa_createctx_verify(dst_key_t *key, unsigned int maxbits,
24159a
 		key->key_alg == DST_ALG_RSASHA256 ||
24159a
 		key->key_alg == DST_ALG_RSASHA512);
24159a
 
24159a
+	if (key->key_alg == DST_ALG_RSAMD5 && isc_md5_available() == ISC_FALSE)
24159a
+		return (ISC_R_FAILURE);
24159a
+
24159a
 	rsa = key->keydata.pkey;
24159a
 
24159a
 	pk11_ctx = (pk11_context_t *) isc_mem_get(dctx->mctx,
24159a
@@ -350,6 +358,8 @@ pkcs11rsa_createctx_verify(dst_key_t *key, unsigned int maxbits,
24159a
 
24159a
 	switch (dctx->key->key_alg) {
24159a
 	case DST_ALG_RSAMD5:
24159a
+		if (isc_md5_available() == ISC_FALSE)
24159a
+			return (ISC_R_FAILURE);
24159a
 		mech.mechanism = CKM_MD5_RSA_PKCS;
24159a
 		break;
24159a
 	case DST_ALG_RSASHA1:
24159a
@@ -1565,11 +1575,20 @@ static dst_func_t pkcs11rsa_functions = {
24159a
 };
24159a
 
24159a
 isc_result_t
24159a
-dst__pkcs11rsa_init(dst_func_t **funcp) {
24159a
+dst__pkcs11rsa_init(dst_func_t **funcp, unsigned char algorithm) {
24159a
 	REQUIRE(funcp != NULL);
24159a
 
24159a
-	if (*funcp == NULL)
24159a
-		*funcp = &pkcs11rsa_functions;
24159a
+	if (*funcp == NULL) {
24159a
+		switch (algorithm) {
24159a
+			case DST_ALG_RSAMD5:
24159a
+				if (isc_md5_available())
24159a
+					*funcp = &pkcs11rsa_functions;
24159a
+				break;
24159a
+			default:
24159a
+				*funcp = &pkcs11rsa_functions;
24159a
+				break;
24159a
+		}
24159a
+	}
24159a
 	return (ISC_R_SUCCESS);
24159a
 }
24159a
 
24159a
diff --git a/lib/dns/rcode.c b/lib/dns/rcode.c
24159a
index 091b3c70fb..c1251225d5 100644
24159a
--- a/lib/dns/rcode.c
24159a
+++ b/lib/dns/rcode.c
24159a
@@ -21,6 +21,7 @@
24159a
 #include <ctype.h>
24159a
 
24159a
 #include <isc/buffer.h>
24159a
+#include <isc/md5.h>
24159a
 #include <isc/parseint.h>
24159a
 #include <isc/print.h>
24159a
 #include <isc/region.h>
24159a
@@ -310,17 +311,31 @@ dns_cert_totext(dns_cert_t cert, isc_buffer_t *target) {
24159a
 	return (dns_mnemonic_totext(cert, target, certs));
24159a
 }
24159a
 
24159a
+static inline struct tbl *
24159a
+secalgs_tbl_start() {
24159a
+	struct tbl *algs = secalgs;
24159a
+
24159a
+	if (isc_md5_available() == ISC_FALSE) {
24159a
+		while (algs->name != NULL &&
24159a
+		       algs->value == DNS_KEYALG_RSAMD5)
24159a
+			++algs;
24159a
+	}
24159a
+	return algs;
24159a
+}
24159a
+
24159a
 isc_result_t
24159a
 dns_secalg_fromtext(dns_secalg_t *secalgp, isc_textregion_t *source) {
24159a
 	unsigned int value;
24159a
-	RETERR(dns_mnemonic_fromtext(&value, source, secalgs, 0xff));
24159a
+
24159a
+	RETERR(dns_mnemonic_fromtext(&value, source,
24159a
+	                             secalgs_tbl_start(), 0xff));
24159a
 	*secalgp = value;
24159a
 	return (ISC_R_SUCCESS);
24159a
 }
24159a
 
24159a
 isc_result_t
24159a
 dns_secalg_totext(dns_secalg_t secalg, isc_buffer_t *target) {
24159a
-	return (dns_mnemonic_totext(secalg, target, secalgs));
24159a
+	return (dns_mnemonic_totext(secalg, target, secalgs_tbl_start()));
24159a
 }
24159a
 
24159a
 void
24159a
diff --git a/lib/dns/tests/tsig_test.c b/lib/dns/tests/tsig_test.c
24159a
index 956e4a0469..c4b2f84837 100644
24159a
--- a/lib/dns/tests/tsig_test.c
24159a
+++ b/lib/dns/tests/tsig_test.c
24159a
@@ -10,6 +10,7 @@
24159a
 
24159a
 #include <config.h>
24159a
 #include <atf-c.h>
24159a
+#include <isc/md5.h>
24159a
 #include <isc/mem.h>
24159a
 
24159a
 #include <dns/rdatalist.h>
24159a
diff --git a/lib/dns/tkey.c b/lib/dns/tkey.c
24159a
index 7343b4c26f..59a78c8dca 100644
24159a
--- a/lib/dns/tkey.c
24159a
+++ b/lib/dns/tkey.c
24159a
@@ -230,6 +230,9 @@ compute_secret(isc_buffer_t *shared, isc_region_t *queryrandomness,
24159a
 	unsigned char digests[32];
24159a
 	unsigned int i;
24159a
 
24159a
+	if (isc_md5_available() == ISC_FALSE)
24159a
+		return (ISC_R_NOTIMPLEMENTED);
24159a
+
24159a
 	isc_buffer_usedregion(shared, &r);
24159a
 
24159a
 	/*
24159a
@@ -298,6 +301,12 @@ process_dhtkey(dns_message_t *msg, dns_name_t *signer, dns_name_t *name,
24159a
 		return (DNS_R_REFUSED);
24159a
 	}
24159a
 
24159a
+	if (isc_md5_available() == ISC_FALSE) {
24159a
+		tkey_log("process_dhtkey: MD5 was disabled");
24159a
+		tkeyout->error = dns_tsigerror_badalg;
24159a
+		return (ISC_R_SUCCESS);
24159a
+	}
24159a
+
24159a
 	if (!dns_name_equal(&tkeyin->algorithm, DNS_TSIG_HMACMD5_NAME)) {
24159a
 		tkey_log("process_dhtkey: algorithms other than "
24159a
 			 "hmac-md5 are not supported");
24159a
diff --git a/lib/dns/tsec.c b/lib/dns/tsec.c
24159a
index bfa6195d0d..fad645668c 100644
24159a
--- a/lib/dns/tsec.c
24159a
+++ b/lib/dns/tsec.c
24159a
@@ -18,6 +18,7 @@
24159a
 
24159a
 #include <config.h>
24159a
 
24159a
+#include <isc/md5.h>
24159a
 #include <isc/mem.h>
24159a
 
24159a
 #include <dns/tsec.h>
24159a
@@ -66,7 +67,12 @@ dns_tsec_create(isc_mem_t *mctx, dns_tsectype_t type, dst_key_t *key,
24159a
 	case dns_tsectype_tsig:
24159a
 		switch (dst_key_alg(key)) {
24159a
 		case DST_ALG_HMACMD5:
24159a
-			algname = dns_tsig_hmacmd5_name;
24159a
+			if (isc_md5_available()) {
24159a
+				algname = dns_tsig_hmacmd5_name;
24159a
+			} else {
24159a
+				isc_mem_put(mctx, tsec, sizeof(*tsec));
24159a
+				return (DNS_R_BADALG);
24159a
+			}
24159a
 			break;
24159a
 		case DST_ALG_HMACSHA1:
24159a
 			algname = dns_tsig_hmacsha1_name;
24159a
diff --git a/lib/dns/tsig.c b/lib/dns/tsig.c
24159a
index 325c901f93..804ef821f0 100644
24159a
--- a/lib/dns/tsig.c
24159a
+++ b/lib/dns/tsig.c
24159a
@@ -24,6 +24,7 @@
24159a
 
24159a
 #include <isc/buffer.h>
24159a
 #include <isc/mem.h>
24159a
+#include <isc/md5.h>
24159a
 #include <isc/print.h>
24159a
 #include <isc/refcount.h>
24159a
 #include <isc/serial.h>
24159a
@@ -316,7 +317,7 @@ dns_tsigkey_createfromkey(dns_name_t *name, dns_name_t *algorithm,
24159a
 		goto cleanup_key;
24159a
 	(void)dns_name_downcase(&tkey->name, &tkey->name, NULL);
24159a
 
24159a
-	if (dns_name_equal(algorithm, DNS_TSIG_HMACMD5_NAME)) {
24159a
+	if (dns_name_equal(algorithm, DNS_TSIG_HMACMD5_NAME) && isc_md5_available()) {
24159a
 		tkey->algorithm = DNS_TSIG_HMACMD5_NAME;
24159a
 		if (dstkey != NULL && dst_key_alg(dstkey) != DST_ALG_HMACMD5) {
24159a
 			ret = DNS_R_BADALG;
24159a
@@ -539,7 +540,7 @@ destroyring(dns_tsig_keyring_t *ring) {
24159a
 
24159a
 static unsigned int
24159a
 dst_alg_fromname(dns_name_t *algorithm) {
24159a
-	if (dns_name_equal(algorithm, DNS_TSIG_HMACMD5_NAME)) {
24159a
+	if (dns_name_equal(algorithm, DNS_TSIG_HMACMD5_NAME) && isc_md5_available()) {
24159a
 		return (DST_ALG_HMACMD5);
24159a
 	} else if (dns_name_equal(algorithm, DNS_TSIG_HMACSHA1_NAME)) {
24159a
 		return (DST_ALG_HMACSHA1);
24159a
@@ -724,7 +725,7 @@ dns_tsigkey_create(dns_name_t *name, dns_name_t *algorithm,
24159a
 	if (length > 0)
24159a
 		REQUIRE(secret != NULL);
24159a
 
24159a
-	if (dns_name_equal(algorithm, DNS_TSIG_HMACMD5_NAME)) {
24159a
+	if (dns_name_equal(algorithm, DNS_TSIG_HMACMD5_NAME) && isc_md5_available()) {
24159a
 		if (secret != NULL) {
24159a
 			isc_buffer_t b;
24159a
 
24159a
@@ -1322,7 +1323,8 @@ dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg,
24159a
 	ret = dst_key_sigsize(key, &siglen);
24159a
 	if (ret != ISC_R_SUCCESS)
24159a
 		return (ret);
24159a
-	if (alg == DST_ALG_HMACMD5 || alg == DST_ALG_HMACSHA1 ||
24159a
+	if ((alg == DST_ALG_HMACMD5 && isc_md5_available()) ||
24159a
+	    alg == DST_ALG_HMACSHA1 ||
24159a
 	    alg == DST_ALG_HMACSHA224 || alg == DST_ALG_HMACSHA256 ||
24159a
 	    alg == DST_ALG_HMACSHA384 || alg == DST_ALG_HMACSHA512)
24159a
 	{
24159a
@@ -1484,9 +1486,7 @@ dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg,
24159a
 	}
24159a
 
24159a
 	if (
24159a
-#ifndef PK11_MD5_DISABLE
24159a
-	    alg == DST_ALG_HMACMD5 ||
24159a
-#endif
24159a
+	    (alg == DST_ALG_HMACMD5 && isc_md5_available()) ||
24159a
 	    alg == DST_ALG_HMACSHA1 ||
24159a
 	    alg == DST_ALG_HMACSHA224 || alg == DST_ALG_HMACSHA256 ||
24159a
 	    alg == DST_ALG_HMACSHA384 || alg == DST_ALG_HMACSHA512)
24159a
@@ -1626,9 +1626,7 @@ tsig_verify_tcp(isc_buffer_t *source, dns_message_t *msg) {
24159a
 		if (ret != ISC_R_SUCCESS)
24159a
 			goto cleanup_querystruct;
24159a
 		if (
24159a
-#ifndef PK11_MD5_DISABLE
24159a
-			alg == DST_ALG_HMACMD5 ||
24159a
-#endif
24159a
+			(alg == DST_ALG_HMACMD5 && isc_md5_available()) ||
24159a
 			alg == DST_ALG_HMACSHA1 ||
24159a
 			alg == DST_ALG_HMACSHA224 ||
24159a
 			alg == DST_ALG_HMACSHA256 ||
24159a
@@ -1801,9 +1799,7 @@ tsig_verify_tcp(isc_buffer_t *source, dns_message_t *msg) {
24159a
 		if (ret != ISC_R_SUCCESS)
24159a
 			goto cleanup_context;
24159a
 		if (
24159a
-#ifndef PK11_MD5_DISABLE
24159a
-			alg == DST_ALG_HMACMD5 ||
24159a
-#endif
24159a
+			(alg == DST_ALG_HMACMD5 && isc_md5_available()) ||
24159a
 			alg == DST_ALG_HMACSHA1 ||
24159a
 			alg == DST_ALG_HMACSHA224 ||
24159a
 			alg == DST_ALG_HMACSHA256 ||
24159a
diff --git a/lib/isc/include/isc/md5.h b/lib/isc/include/isc/md5.h
24159a
index a2e00b382a..d4c2b8ab48 100644
24159a
--- a/lib/isc/include/isc/md5.h
24159a
+++ b/lib/isc/include/isc/md5.h
24159a
@@ -83,6 +83,9 @@ isc_md5_update(isc_md5_t *ctx, const unsigned char *buf, unsigned int len);
24159a
 void
24159a
 isc_md5_final(isc_md5_t *ctx, unsigned char *digest);
24159a
 
24159a
+isc_boolean_t
24159a
+isc_md5_available(void);
24159a
+
24159a
 ISC_LANG_ENDDECLS
24159a
 
24159a
 #endif /* ISC_MD5_H */
24159a
diff --git a/lib/isc/md5.c b/lib/isc/md5.c
24159a
index 2e3cf9a4a3..a5113df4b8 100644
24159a
--- a/lib/isc/md5.c
24159a
+++ b/lib/isc/md5.c
24159a
@@ -38,6 +38,7 @@
24159a
 
24159a
 #include <isc/assertions.h>
24159a
 #include <isc/md5.h>
24159a
+#include <isc/once.h>
24159a
 #include <isc/platform.h>
24159a
 #include <isc/string.h>
24159a
 #include <isc/types.h>
24159a
@@ -51,6 +52,9 @@
24159a
 
24159a
 #ifdef ISC_PLATFORM_OPENSSLHASH
24159a
 
24159a
+static isc_once_t available_once = ISC_ONCE_INIT;
24159a
+static isc_boolean_t available = ISC_FALSE;
24159a
+
24159a
 void
24159a
 isc_md5_init(isc_md5_t *ctx) {
24159a
 	EVP_DigestInit(ctx, EVP_md5());
24159a
@@ -71,8 +75,33 @@ isc_md5_final(isc_md5_t *ctx, unsigned char *digest) {
24159a
 	EVP_DigestFinal(ctx, digest, NULL);
24159a
 }
24159a
 
24159a
+static void
24159a
+do_detect_available() {
24159a
+	isc_md5_t local;
24159a
+	isc_md5_t *ctx = &local;
24159a
+	unsigned char digest[ISC_MD5_DIGESTLENGTH];
24159a
+
24159a
+	ctx->ctx = EVP_MD_CTX_new();
24159a
+	RUNTIME_CHECK(ctx->ctx != NULL);
24159a
+	available = ISC_TF(EVP_DigestInit(ctx->ctx, EVP_md5()) == 1);
24159a
+	if (available)
24159a
+		(void)EVP_DigestFinal(ctx->ctx, digest, NULL);
24159a
+	EVP_MD_CTX_free(ctx->ctx);
24159a
+	ctx->ctx = NULL;
24159a
+}
24159a
+
24159a
+isc_boolean_t
24159a
+isc_md5_available() {
24159a
+	RUNTIME_CHECK(isc_once_do(&available_once, do_detect_available)
24159a
+		      == ISC_R_SUCCESS);
24159a
+	return available;
24159a
+}
24159a
+
24159a
 #elif PKCS11CRYPTO
24159a
 
24159a
+static isc_once_t available_once = ISC_ONCE_INIT;
24159a
+static isc_boolean_t available = ISC_FALSE;
24159a
+
24159a
 void
24159a
 isc_md5_init(isc_md5_t *ctx) {
24159a
 	CK_RV rv;
24159a
@@ -115,6 +144,31 @@ isc_md5_final(isc_md5_t *ctx, unsigned char *digest) {
24159a
 	pk11_return_session(ctx);
24159a
 }
24159a
 
24159a
+static void
24159a
+do_detect_available() {
24159a
+	isc_md5_t local;
24159a
+	isc_md5_t *ctx = &local;
24159a
+	CK_RV rv;
24159a
+	CK_MECHANISM mech = { CKM_MD5, NULL, 0 };
24159a
+
24159a
+	if (pk11_get_session(ctx, OP_DIGEST, ISC_TRUE, ISC_FALSE,
24159a
+				       ISC_FALSE, NULL, 0) == ISC_R_SUCCESS)
24159a
+	{
24159a
+		rv = pkcs_C_DigestInit(ctx->session, &mech);
24159a
+		isc_md5_invalidate(ctx);
24159a
+		available = (ISC_TF(rv == CKR_OK));
24159a
+	} else {
24159a
+		available = ISC_FALSE;
24159a
+	}
24159a
+}
24159a
+
24159a
+isc_boolean_t
24159a
+isc_md5_available() {
24159a
+	RUNTIME_CHECK(isc_once_do(&available_once, do_detect_available)
24159a
+		      == ISC_R_SUCCESS);
24159a
+	return available;
24159a
+}
24159a
+
24159a
 #else
24159a
 
24159a
 static void
24159a
@@ -324,4 +378,9 @@ isc_md5_final(isc_md5_t *ctx, unsigned char *digest) {
24159a
 	memcpy(digest, ctx->buf, 16);
24159a
 	memset(ctx, 0, sizeof(isc_md5_t));	/* In case it's sensitive */
24159a
 }
24159a
+
24159a
+isc_boolean_t
24159a
+isc_md5_available() {
24159a
+	return ISC_TRUE;
24159a
+}
24159a
 #endif
24159a
diff --git a/lib/isc/pk11.c b/lib/isc/pk11.c
24159a
index de4479b7b0..6cce70f0cf 100644
24159a
--- a/lib/isc/pk11.c
24159a
+++ b/lib/isc/pk11.c
24159a
@@ -139,6 +139,8 @@
24159a
 #define PK11_NO_LOGERR 1
24159a
 #endif
24159a
 
24159a
+LIBISC_EXTERNAL_DATA isc_boolean_t pk11_verbose_init = ISC_FALSE;
24159a
+
24159a
 static isc_once_t once = ISC_ONCE_INIT;
24159a
 static isc_mem_t *pk11_mctx = NULL;
24159a
 static isc_int32_t allocsize = 0;
24159a
@@ -283,13 +285,12 @@ pk11_initialize(isc_mem_t *mctx, const char *engine) {
24159a
 	LOCK(&alloclock);
24159a
 	if ((mctx != NULL) && (pk11_mctx == NULL) && (allocsize == 0))
24159a
 		isc_mem_attach(mctx, &pk11_mctx);
24159a
+	UNLOCK(&alloclock);
24159a
+
24159a
+	LOCK(&sessionlock);
24159a
 	if (initialized) {
24159a
-		UNLOCK(&alloclock);
24159a
-		return (ISC_R_SUCCESS);
24159a
-	} else {
24159a
-		LOCK(&sessionlock);
24159a
-		initialized = ISC_TRUE;
24159a
-		UNLOCK(&alloclock);
24159a
+		result = ISC_R_SUCCESS;
24159a
+		goto unlock;
24159a
 	}
24159a
 
24159a
 	ISC_LIST_INIT(tokens);
24159a
@@ -327,6 +328,7 @@ pk11_initialize(isc_mem_t *mctx, const char *engine) {
24159a
 	}
24159a
 #endif
24159a
 #endif /* PKCS11CRYPTO */
24159a
+	initialized = ISC_TRUE;
24159a
 	result = ISC_R_SUCCESS;
24159a
  unlock:
24159a
 	UNLOCK(&sessionlock);
24159a
@@ -363,9 +365,14 @@ pk11_finalize(void) {
24159a
 		pk11_mem_put(token, sizeof(*token));
24159a
 		token = next;
24159a
 	}
24159a
+	LOCK(&alloclock);
24159a
 	if (pk11_mctx != NULL)
24159a
 		isc_mem_detach(&pk11_mctx);
24159a
+	UNLOCK(&alloclock);
24159a
+
24159a
+	LOCK(&sessionlock);
24159a
 	initialized = ISC_FALSE;
24159a
+	UNLOCK(&sessionlock);
24159a
 	return (ret);
24159a
 }
24159a
 
24159a
@@ -655,6 +662,15 @@ token_login(pk11_session_t *sp) {
24159a
 	return (ret);
24159a
 }
24159a
 
24159a
+#define PK11_TRACE(fmt) \
24159a
+	if (pk11_verbose_init) fprintf(stderr, fmt)
24159a
+#define PK11_TRACE1(fmt, arg) \
24159a
+	if (pk11_verbose_init) fprintf(stderr, fmt, arg)
24159a
+#define PK11_TRACE2(fmt, arg1, arg2) \
24159a
+	if (pk11_verbose_init) fprintf(stderr, fmt, arg1, arg2)
24159a
+#define PK11_TRACEM(mech) \
24159a
+	if (pk11_verbose_init) fprintf(stderr, #mech ": 0x%lx\n", rv)
24159a
+
24159a
 static void
24159a
 choose_slots(void) {
24159a
 	CK_MECHANISM_INFO mechInfo;
24159a
@@ -665,6 +681,8 @@ choose_slots(void) {
24159a
 	CK_ULONG slotCount;
24159a
 	pk11_token_t *token;
24159a
 	unsigned int i;
24159a
+	unsigned int best_rsa_algorithms = 0;
24159a
+	unsigned int best_digest_algorithms = 0;
24159a
 
24159a
 	slotCount = 0;
24159a
 	PK11_FATALCHECK(pkcs_C_GetSlotList, (CK_FALSE, NULL_PTR, &slotCount));
24159a
@@ -676,6 +694,8 @@ choose_slots(void) {
24159a
 	PK11_FATALCHECK(pkcs_C_GetSlotList, (CK_FALSE, slotList, &slotCount));
24159a
 
24159a
 	for (i = 0; i < slotCount; i++) {
24159a
+		unsigned int rsa_algorithms = 0;
24159a
+		unsigned int digest_algorithms = 0;
24159a
 		slot = slotList[i];
24159a
 
24159a
 		rv = pkcs_C_GetTokenInfo(slot, &tokenInfo);
24159a
@@ -708,8 +728,11 @@ choose_slots(void) {
24159a
 					     &mechInfo);
24159a
 		if ((rv != CKR_OK) ||
24159a
 		    ((mechInfo.flags & CKF_SIGN) == 0) ||
24159a
-		    ((mechInfo.flags & CKF_VERIFY) == 0))
24159a
-			goto try_dsa;
24159a
+		    ((mechInfo.flags & CKF_VERIFY) == 0)) {
24159a
+			PK11_TRACEM(CKM_MD5_RSA_PKCS);
24159a
+		}
24159a
+		else
24159a
+			++rsa_algorithms;
24159a
 		rv = pkcs_C_GetMechanismInfo(slot, CKM_SHA1_RSA_PKCS,
24159a
 					     &mechInfo);
24159a
 		if ((rv != CKR_OK) ||
24159a
@@ -729,8 +752,14 @@ choose_slots(void) {
24159a
 		    ((mechInfo.flags & CKF_VERIFY) == 0))
24159a
 			goto try_dsa;
24159a
 		token->operations |= 1 << OP_RSA;
24159a
-		if (best_rsa_token == NULL)
24159a
+		if (best_rsa_token == NULL) {
24159a
 			best_rsa_token = token;
24159a
+			best_rsa_algorithms = rsa_algorithms;
24159a
+		} else if (rsa_algorithms > best_rsa_algorithms) {
24159a
+			pk11_mem_put(best_rsa_token, sizeof(*best_rsa_token));
24159a
+			best_rsa_token = token;
24159a
+			best_rsa_algorithms = rsa_algorithms;
24159a
+		}
24159a
 
24159a
 	try_dsa:
24159a
 		rv = pkcs_C_GetMechanismInfo(slot, CKM_DSA_PARAMETER_GEN,
24159a
@@ -773,8 +802,11 @@ choose_slots(void) {
24159a
 
24159a
 	try_digest:
24159a
 		rv = pkcs_C_GetMechanismInfo(slot, CKM_MD5, &mechInfo);
24159a
-		if ((rv != CKR_OK) || ((mechInfo.flags & CKF_DIGEST) == 0))
24159a
-			continue;
24159a
+		if ((rv != CKR_OK) || ((mechInfo.flags & CKF_DIGEST) == 0)) {
24159a
+			PK11_TRACEM(CKM_MD5);
24159a
+		}
24159a
+		else
24159a
+			++digest_algorithms;
24159a
 		rv = pkcs_C_GetMechanismInfo(slot, CKM_SHA_1, &mechInfo);
24159a
 		if ((rv != CKR_OK) || ((mechInfo.flags & CKF_DIGEST) == 0))
24159a
 			continue;
24159a
@@ -792,13 +824,15 @@ choose_slots(void) {
24159a
 			continue;
24159a
 #ifdef PKCS11CRYPTOWITHHMAC
24159a
 		rv = pkcs_C_GetMechanismInfo(slot, CKM_MD5_HMAC, &mechInfo);
24159a
-		if ((rv != CKR_OK) || ((mechInfo.flags & CKF_SIGN) == 0))
24159a
-			continue;
24159a
+		if ((rv != CKR_OK) || ((mechInfo.flags & CKF_SIGN) == 0)) {
24159a
+			PK11_TRACEM(CKM_MD5_HMAC);
24159a
+		}
24159a
+		else
24159a
+			++digest_algorithms;
24159a
 #endif
24159a
 		rv = pkcs_C_GetMechanismInfo(slot, CKM_SHA_1_HMAC, &mechInfo);
24159a
 		if ((rv != CKR_OK) || ((mechInfo.flags & CKF_SIGN) == 0))
24159a
 			continue;
24159a
-		rv = pkcs_C_GetMechanismInfo(slot, CKM_SHA224_HMAC, &mechInfo);
24159a
 		if ((rv != CKR_OK) || ((mechInfo.flags & CKF_SIGN) == 0))
24159a
 			continue;
24159a
 		rv = pkcs_C_GetMechanismInfo(slot, CKM_SHA256_HMAC, &mechInfo);
24159a
@@ -811,8 +845,14 @@ choose_slots(void) {
24159a
 		if ((rv != CKR_OK) || ((mechInfo.flags & CKF_SIGN) == 0))
24159a
 			continue;
24159a
 		token->operations |= 1 << OP_DIGEST;
24159a
-		if (digest_token == NULL)
24159a
-			digest_token = token;
24159a
+			if (digest_token == NULL) {
24159a
+				digest_token = token;
24159a
+				best_digest_algorithms = digest_algorithms;
24159a
+			} else if (digest_algorithms > best_digest_algorithms) {
24159a
+				pk11_mem_put(digest_token, sizeof(*digest_token));
24159a
+				digest_token = token;
24159a
+				best_digest_algorithms = digest_algorithms;
24159a
+			}
24159a
 
24159a
 		/* ECDSA requires digest */
24159a
 		rv = pkcs_C_GetMechanismInfo(slot, CKM_EC_KEY_PAIR_GEN,
24159a
diff --git a/lib/isccc/cc.c b/lib/isccc/cc.c
24159a
index 9428374cc1..ca3cff27c9 100644
24159a
--- a/lib/isccc/cc.c
24159a
+++ b/lib/isccc/cc.c
24159a
@@ -254,11 +254,15 @@ sign(unsigned char *data, unsigned int length, unsigned char *hmac,
24159a
 
24159a
 	switch (algorithm) {
24159a
 	case ISCCC_ALG_HMACMD5:
24159a
-		isc_hmacmd5_init(&ctx.hmd5, secret->rstart,
24159a
-				 REGION_SIZE(*secret));
24159a
-		isc_hmacmd5_update(&ctx.hmd5, data, length);
24159a
-		isc_hmacmd5_sign(&ctx.hmd5, digest);
24159a
-		source.rend = digest + ISC_MD5_DIGESTLENGTH;
24159a
+		if (isc_md5_available()) {
24159a
+			isc_hmacmd5_init(&ctx.hmd5, secret->rstart,
24159a
+					 REGION_SIZE(*secret));
24159a
+			isc_hmacmd5_update(&ctx.hmd5, data, length);
24159a
+			isc_hmacmd5_sign(&ctx.hmd5, digest);
24159a
+			source.rend = digest + ISC_MD5_DIGESTLENGTH;
24159a
+		} else {
24159a
+			return (ISC_R_FAILURE);
24159a
+		}
24159a
 		break;
24159a
 
24159a
 	case ISCCC_ALG_HMACSHA1:
24159a
@@ -329,14 +333,14 @@ isccc_cc_towire(isccc_sexpr_t *alist, isccc_region_t *target,
24159a
 {
24159a
 	unsigned char *hmac_rstart, *signed_rstart;
24159a
 	isc_result_t result;
24159a
+	const isc_boolean_t md5 = ISC_TF(algorithm == ISCCC_ALG_HMACMD5);
24159a
 
24159a
-	if (algorithm == ISCCC_ALG_HMACMD5) {
24159a
-		if (REGION_SIZE(*target) < 4 + sizeof(auth_hmd5))
24159a
-			return (ISC_R_NOSPACE);
24159a
-	} else {
24159a
-		if (REGION_SIZE(*target) < 4 + sizeof(auth_hsha))
24159a
-			return (ISC_R_NOSPACE);
24159a
-	}
24159a
+	if (md5 && isc_md5_available() == ISC_FALSE)
24159a
+		return (ISC_R_NOTIMPLEMENTED);
24159a
+	if (REGION_SIZE(*target) < 4 + ((md5) ?
24159a
+				 sizeof(auth_hmd5) :
24159a
+				 sizeof(auth_hsha)))
24159a
+		return (ISC_R_NOSPACE);
24159a
 
24159a
 	/*
24159a
 	 * Emit protocol version.
24159a
@@ -348,7 +352,7 @@ isccc_cc_towire(isccc_sexpr_t *alist, isccc_region_t *target,
24159a
 		 * We'll replace the zeros with the real signature once
24159a
 		 * we know what it is.
24159a
 		 */
24159a
-		if (algorithm == ISCCC_ALG_HMACMD5) {
24159a
+		if (md5) {
24159a
 			hmac_rstart = target->rstart + HMD5_OFFSET;
24159a
 			PUT_MEM(auth_hmd5, sizeof(auth_hmd5), target->rstart);
24159a
 		} else {
24159a
@@ -404,7 +408,7 @@ verify(isccc_sexpr_t *alist, unsigned char *data, unsigned int length,
24159a
 	_auth = isccc_alist_lookup(alist, "_auth");
24159a
 	if (!isccc_alist_alistp(_auth))
24159a
 		return (ISC_R_FAILURE);
24159a
-	if (algorithm == ISCCC_ALG_HMACMD5)
24159a
+	if (algorithm == ISCCC_ALG_HMACMD5 && isc_md5_available())
24159a
 		hmac = isccc_alist_lookup(_auth, "hmd5");
24159a
 	else
24159a
 		hmac = isccc_alist_lookup(_auth, "hsha");
24159a
@@ -417,12 +421,16 @@ verify(isccc_sexpr_t *alist, unsigned char *data, unsigned int length,
24159a
 	target.rstart = digestb64;
24159a
 	switch (algorithm) {
24159a
 	case ISCCC_ALG_HMACMD5:
24159a
-		isc_hmacmd5_init(&ctx.hmd5, secret->rstart,
24159a
-				 REGION_SIZE(*secret));
24159a
-		isc_hmacmd5_update(&ctx.hmd5, data, length);
24159a
-		isc_hmacmd5_sign(&ctx.hmd5, digest);
24159a
-		source.rend = digest + ISC_MD5_DIGESTLENGTH;
24159a
-		break;
24159a
+		if (isc_md5_available()) {
24159a
+			isc_hmacmd5_init(&ctx.hmd5, secret->rstart,
24159a
+					 REGION_SIZE(*secret));
24159a
+			isc_hmacmd5_update(&ctx.hmd5, data, length);
24159a
+			isc_hmacmd5_sign(&ctx.hmd5, digest);
24159a
+			source.rend = digest + ISC_MD5_DIGESTLENGTH;
24159a
+			break;
24159a
+		} else {
24159a
+			return (ISC_R_FAILURE);
24159a
+		}
24159a
 
24159a
 	case ISCCC_ALG_HMACSHA1:
24159a
 		isc_hmacsha1_init(&ctx.hsha, secret->rstart,
24159a
-- 
24159a
2.14.4
24159a