diff options
author | djm@openbsd.org <djm@openbsd.org> | 2015-05-28 07:37:31 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2015-05-28 18:54:58 +1000 |
commit | 1d9a2e2849c9864fe75daabf433436341c968e14 (patch) | |
tree | f6ea74e9078589c23ac77fc0d0f0320a5bc3f11b | |
parent | 496aeb25bc2d6c434171292e4714771b594bd00e (diff) | |
download | openssh-git-1d9a2e2849c9864fe75daabf433436341c968e14.tar.gz |
upstream commit
wrap all moduli-related code in #ifdef WITH_OPENSSL.
based on patch from Reuben Hawkins; bz#2388 feedback and ok dtucker@
Upstream-ID: d80cfc8be3e6ec65b3fac9e87c4466533b31b7cf
-rw-r--r-- | ssh-keygen.c | 68 |
1 files changed, 36 insertions, 32 deletions
diff --git a/ssh-keygen.c b/ssh-keygen.c index ff1d31b9..8259d87e 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.273 2015/05/28 04:40:13 djm Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.274 2015/05/28 07:37:31 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -180,16 +180,18 @@ extern char *__progname; char hostname[NI_MAXHOST]; +#ifdef WITH_OPENSSL /* moduli.c */ int gen_candidates(FILE *, u_int32_t, u_int32_t, BIGNUM *); int prime_test(FILE *, FILE *, u_int32_t, u_int32_t, char *, unsigned long, unsigned long); +#endif static void type_bits_valid(int type, const char *name, u_int32_t *bitsp) { #ifdef WITH_OPENSSL - u_int maxbits, nid; + u_int maxbits, nid; #endif if (type == KEY_UNSPEC) @@ -2196,9 +2198,11 @@ usage(void) " ssh-keygen -H [-f known_hosts_file]\n" " ssh-keygen -R hostname [-f known_hosts_file]\n" " ssh-keygen -r hostname [-f input_keyfile] [-g]\n" +#ifdef WITH_OPENSSL " ssh-keygen -G output_file [-v] [-b bits] [-M memory] [-S start_point]\n" " ssh-keygen -T output_file -f input_file [-v] [-a rounds] [-J num_lines]\n" " [-j start_line] [-K checkpt] [-W generator]\n" +#endif " ssh-keygen -s ca_key -I certificate_identity [-h] [-n principals]\n" " [-O option] [-V validity_interval] [-z serial_number] file ...\n" " ssh-keygen -L [-f input_keyfile]\n" @@ -2216,19 +2220,22 @@ int main(int argc, char **argv) { char dotsshdir[PATH_MAX], comment[1024], *passphrase1, *passphrase2; - char *checkpoint = NULL; - char out_file[PATH_MAX], *rr_hostname = NULL, *ep, *fp, *ra; + char *rr_hostname = NULL, *ep, *fp, *ra; struct sshkey *private, *public; struct passwd *pw; struct stat st; int r, opt, type, fd; + int gen_all_hostkeys = 0, gen_krl = 0, update_krl = 0, check_krl = 0; + FILE *f; + const char *errstr; +#ifdef WITH_OPENSSL + /* Moduli generation/screening */ + char out_file[PATH_MAX], *checkpoint = NULL; u_int32_t memory = 0, generator_wanted = 0; int do_gen_candidates = 0, do_screen_candidates = 0; - int gen_all_hostkeys = 0, gen_krl = 0, update_krl = 0, check_krl = 0; unsigned long start_lineno = 0, lines_to_process = 0; BIGNUM *start = NULL; - FILE *f; - const char *errstr; +#endif extern int optind; extern char *optarg; @@ -2281,12 +2288,6 @@ main(int argc, char **argv) case 'I': cert_key_id = optarg; break; - case 'J': - lines_to_process = strtoul(optarg, NULL, 10); - break; - case 'j': - start_lineno = strtoul(optarg, NULL, 10); - break; case 'R': delete_host = 1; rr_hostname = optarg; @@ -2328,8 +2329,8 @@ main(int argc, char **argv) change_comment = 1; break; case 'f': - if (strlcpy(identity_file, optarg, sizeof(identity_file)) >= - sizeof(identity_file)) + if (strlcpy(identity_file, optarg, + sizeof(identity_file)) >= sizeof(identity_file)) fatal("Identity filename too long"); have_identity = 1; break; @@ -2401,20 +2402,31 @@ main(int argc, char **argv) case 'r': rr_hostname = optarg; break; - case 'W': - generator_wanted = (u_int32_t)strtonum(optarg, 1, - UINT_MAX, &errstr); - if (errstr) - fatal("Desired generator has bad value: %s (%s)", - optarg, errstr); - break; case 'a': rounds = (int)strtonum(optarg, 1, INT_MAX, &errstr); if (errstr) fatal("Invalid number: %s (%s)", optarg, errstr); break; + case 'V': + parse_cert_times(optarg); + break; + case 'z': + errno = 0; + cert_serial = strtoull(optarg, &ep, 10); + if (*optarg < '0' || *optarg > '9' || *ep != '\0' || + (errno == ERANGE && cert_serial == ULLONG_MAX)) + fatal("Invalid serial number \"%s\"", optarg); + break; #ifdef WITH_OPENSSL + /* Moduli generation/screening */ + case 'W': + generator_wanted = (u_int32_t)strtonum(optarg, 1, + UINT_MAX, &errstr); + if (errstr) + fatal("Desired generator has bad value: %s (%s)", + optarg, errstr); + break; case 'M': memory = (u_int32_t)strtonum(optarg, 1, UINT_MAX, &errstr); if (errstr) @@ -2443,16 +2455,6 @@ main(int argc, char **argv) fatal("Invalid start point."); break; #endif /* WITH_OPENSSL */ - case 'V': - parse_cert_times(optarg); - break; - case 'z': - errno = 0; - cert_serial = strtoull(optarg, &ep, 10); - if (*optarg < '0' || *optarg > '9' || *ep != '\0' || - (errno == ERANGE && cert_serial == ULLONG_MAX)) - fatal("Invalid serial number \"%s\"", optarg); - break; case '?': default: usage(); @@ -2540,6 +2542,7 @@ main(int argc, char **argv) } } +#ifdef WITH_OPENSSL if (do_gen_candidates) { FILE *out = fopen(out_file, "w"); @@ -2579,6 +2582,7 @@ main(int argc, char **argv) fatal("modulus screening failed"); return (0); } +#endif if (gen_all_hostkeys) { do_gen_all_hostkeys(pw); |