diff options
author | Damien Miller <djm@mindrot.org> | 2015-01-30 23:10:17 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2015-02-18 22:29:32 +1100 |
commit | 773dda25e828c4c9a52f7bdce6e1e5924157beab (patch) | |
tree | 831507f35a8feb0ae984a7a13f521932a0fedb61 | |
parent | e89c780886b23600de1e1c8d74aabd1ff61f43f0 (diff) | |
download | openssh-git-773dda25e828c4c9a52f7bdce6e1e5924157beab.tar.gz |
repair --without-openssl; broken in refactor
-rw-r--r-- | kex.h | 20 | ||||
-rw-r--r-- | monitor.c | 2 | ||||
-rw-r--r-- | packet.c | 16 | ||||
-rw-r--r-- | packet.h | 25 | ||||
-rw-r--r-- | ssh-keygen.c | 5 | ||||
-rw-r--r-- | ssh_api.c | 2 |
6 files changed, 64 insertions, 6 deletions
@@ -34,6 +34,20 @@ #include "leakmalloc.h" #endif +#ifdef WITH_OPENSSL +# ifdef OPENSSL_HAS_ECC +# include <openssl/ec.h> +# else /* OPENSSL_HAS_ECC */ +# define EC_KEY void +# define EC_GROUP void +# define EC_POINT void +# endif /* OPENSSL_HAS_ECC */ +#else /* WITH_OPENSSL */ +# define EC_KEY void +# define EC_GROUP void +# define EC_POINT void +#endif /* WITH_OPENSSL */ + #define KEX_COOKIE_LEN 16 #define KEX_DH1 "diffie-hellman-group1-sha1" @@ -204,4 +218,10 @@ derive_ssh1_session_id(BIGNUM *, BIGNUM *, u_int8_t[8], u_int8_t[16]); void dump_digest(char *, u_char *, int); #endif +#if !defined(WITH_OPENSSL) || !defined(OPENSSL_HAS_ECC) +# undef EC_KEY +# undef EC_GROUP +# undef EC_POINT +#endif + #endif @@ -1848,11 +1848,13 @@ monitor_apply_keystate(struct monitor *pmonitor) if ((kex = ssh->kex) != 0) { /* XXX set callbacks */ +#ifdef WITH_OPENSSL kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; kex->kex[KEX_ECDH_SHA2] = kexecdh_server; +#endif /* WITH_OPENSSL */ kex->kex[KEX_C25519_SHA256] = kexc25519_server; kex->load_host_public_key=&get_hostkey_public_by_type; kex->load_host_private_key=&get_hostkey_private_by_type; @@ -788,10 +788,10 @@ ssh_packet_set_compress_hooks(struct ssh *ssh, void *ctx, * encrypted independently of each other. */ -#ifdef WITH_OPENSSL void ssh_packet_set_encryption_key(struct ssh *ssh, const u_char *key, u_int keylen, int number) { +#ifdef WITH_SSH1 struct session_state *state = ssh->state; const struct sshcipher *cipher = cipher_by_number(number); int r; @@ -816,8 +816,8 @@ ssh_packet_set_encryption_key(struct ssh *ssh, const u_char *key, u_int keylen, error("Warning: %s", wmsg); state->cipher_warning_done = 1; } +#endif /* WITH_SSH1 */ } -#endif /* * Finalizes and sends the packet. If the encryption key has been set, @@ -2727,23 +2727,29 @@ sshpkt_put_stringb(struct ssh *ssh, const struct sshbuf *v) return sshbuf_put_stringb(ssh->state->outgoing_packet, v); } +#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) int sshpkt_put_ec(struct ssh *ssh, const EC_POINT *v, const EC_GROUP *g) { return sshbuf_put_ec(ssh->state->outgoing_packet, v, g); } +#endif /* WITH_OPENSSL && OPENSSL_HAS_ECC */ +#ifdef WITH_SSH1 int sshpkt_put_bignum1(struct ssh *ssh, const BIGNUM *v) { return sshbuf_put_bignum1(ssh->state->outgoing_packet, v); } +#endif /* WITH_SSH1 */ +#ifdef WITH_OPENSSL int sshpkt_put_bignum2(struct ssh *ssh, const BIGNUM *v) { return sshbuf_put_bignum2(ssh->state->outgoing_packet, v); } +#endif /* WITH_OPENSSL */ /* fetch data from the incoming packet */ @@ -2789,23 +2795,29 @@ sshpkt_get_cstring(struct ssh *ssh, char **valp, size_t *lenp) return sshbuf_get_cstring(ssh->state->incoming_packet, valp, lenp); } +#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) int sshpkt_get_ec(struct ssh *ssh, EC_POINT *v, const EC_GROUP *g) { return sshbuf_get_ec(ssh->state->incoming_packet, v, g); } +#endif /* WITH_OPENSSL && OPENSSL_HAS_ECC */ +#ifdef WITH_SSH1 int sshpkt_get_bignum1(struct ssh *ssh, BIGNUM *v) { return sshbuf_get_bignum1(ssh->state->incoming_packet, v); } +#endif /* WITH_SSH1 */ +#ifdef WITH_OPENSSL int sshpkt_get_bignum2(struct ssh *ssh, BIGNUM *v) { return sshbuf_get_bignum2(ssh->state->incoming_packet, v); } +#endif /* WITH_OPENSSL */ int sshpkt_get_end(struct ssh *ssh) @@ -22,8 +22,18 @@ # include <openssl/bn.h> # ifdef OPENSSL_HAS_ECC # include <openssl/ec.h> -# endif -#endif +# else /* OPENSSL_HAS_ECC */ +# define EC_KEY void +# define EC_GROUP void +# define EC_POINT void +# endif /* OPENSSL_HAS_ECC */ +#else /* WITH_OPENSSL */ +# define BIGNUM void +# define EC_KEY void +# define EC_GROUP void +# define EC_POINT void +#endif /* WITH_OPENSSL */ + #include <sys/signal.h> #include <sys/queue.h> @@ -182,4 +192,15 @@ const u_char *sshpkt_ptr(struct ssh *, size_t *lenp); extern struct ssh *active_state; #include "opacket.h" +#if !defined(WITH_OPENSSL) +# undef BIGNUM +# undef EC_KEY +# undef EC_GROUP +# undef EC_POINT +#elif !defined(OPENSSL_HAS_ECC) +# undef EC_KEY +# undef EC_GROUP +# undef EC_POINT +#endif + #endif /* PACKET_H */ diff --git a/ssh-keygen.c b/ssh-keygen.c index 9b206825..92387482 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -192,6 +192,7 @@ type_bits_valid(int type, const char *name, u_int32_t *bitsp) exit(1); } if (*bitsp == 0) { +#ifdef WITH_OPENSSL if (type == KEY_DSA) *bitsp = DEFAULT_BITS_DSA; else if (type == KEY_ECDSA) { @@ -200,8 +201,8 @@ type_bits_valid(int type, const char *name, u_int32_t *bitsp) *bitsp = sshkey_curve_nid_to_bits(nid); if (*bitsp == 0) *bitsp = DEFAULT_BITS_ECDSA; - } - else + } else +#endif *bitsp = DEFAULT_BITS; } #ifdef WITH_OPENSSL @@ -81,7 +81,9 @@ ssh_init(struct ssh **sshp, int is_server, struct kex_params *kex_params) int r; if (!called) { +#ifdef WITH_OPENSSL OpenSSL_add_all_algorithms(); +#endif /* WITH_OPENSSL */ called = 1; } |