Christian Weisgerber wrote: > The latest amd64 package build has revealed a number of ports that are > broken after the l2k15 hackathon. > > A number of ports use SHA-0. It doesn't look like important > functionality, more like, let's support it because OpenSSL offers it: > > [...] > security/john-jumbo > [...]
This may actually be a functionality loss for john. It bruteforces encrypted or hashed passwords, so it supports old and weird algorithms. Maybe it can pull SHA-0 from a package. Or maybe no one needs to bruteforce anything that uses SHA-0 and SHA-0 support can be patched out without complaint. We could also talk to upstream about adding a preproc condition.
