diff options
| author | Darren Tucker <dtucker@zip.com.au> | 2010-09-10 12:28:24 +1000 |
|---|---|---|
| committer | Darren Tucker <dtucker@zip.com.au> | 2010-09-10 12:28:24 +1000 |
| commit | 8ccb7392e7ea45d2997afdfa981a450c7db85211 (patch) | |
| tree | 5dd0769c5ec6a54fffb0e77a670bdc4e84046a6c | |
| parent | 6af914a15c0c33e8b5bab5ca61919b8562ff1db9 (diff) | |
| download | openssh-git-8ccb7392e7ea45d2997afdfa981a450c7db85211.tar.gz | |
- (dtucker) [kex.h key.c packet.h ssh-agent.c ssh.c] A few more ECC ifdefs
for missing headers and compiler warnings.
| -rw-r--r-- | ChangeLog | 2 | ||||
| -rw-r--r-- | kex.h | 2 | ||||
| -rw-r--r-- | key.c | 10 | ||||
| -rw-r--r-- | packet.h | 6 | ||||
| -rw-r--r-- | ssh-agent.c | 3 | ||||
| -rw-r--r-- | ssh.c | 13 |
6 files changed, 31 insertions, 5 deletions
@@ -66,6 +66,8 @@ [kexecdhc.c kexecdhs.c key.c key.h myproposal.h packet.c readconf.c] [ssh-agent.c ssh-ecdsa.c ssh-keygen.c ssh.c] Disable ECDH and ECDSA on platforms that don't have the requisite OpenSSL support. ok dtucker@ + - (dtucker) [kex.h key.c packet.h ssh-agent.c ssh.c] A few more ECC ifdefs + for missing headers and compiler warnings. 20100831 - OpenBSD CVS Sync @@ -29,7 +29,9 @@ #include <signal.h> #include <openssl/evp.h> #include <openssl/hmac.h> +#ifdef OPENSSL_HAS_ECC #include <openssl/ec.h> +#endif #define KEX_COOKIE_LEN 16 @@ -261,7 +261,9 @@ cert_compare(struct KeyCert *a, struct KeyCert *b) int key_equal_public(const Key *a, const Key *b) { +#ifdef OPENSSL_HAS_ECC BN_CTX *bnctx; +#endif if (a == NULL || b == NULL || key_type_plain(a->type) != key_type_plain(b->type)) @@ -656,9 +658,12 @@ key_read(Key *ret, char **cpp) Key *k; int success = -1; char *cp, *space; - int len, n, type, curve_nid = -1; + int len, n, type; u_int bits; u_char *blob; +#ifdef OPENSSL_HAS_ECC + int curve_nid = -1; +#endif cp = *cpp; @@ -1437,11 +1442,12 @@ Key * key_from_blob(const u_char *blob, u_int blen) { Buffer b; - int rlen, type, nid = -1; + int rlen, type; char *ktype = NULL, *curve = NULL; Key *key = NULL; #ifdef OPENSSL_HAS_ECC EC_POINT *q = NULL; + int nid = -1; #endif #ifdef DEBUG_PK @@ -19,7 +19,9 @@ #include <termios.h> #include <openssl/bn.h> +#ifdef OPENSSL_HAS_ECC #include <openssl/ec.h> +#endif void packet_set_connection(int, int); void packet_set_timeout(int, int); @@ -43,7 +45,9 @@ void packet_put_int(u_int value); void packet_put_int64(u_int64_t value); void packet_put_bignum(BIGNUM * value); void packet_put_bignum2(BIGNUM * value); +#ifdef OPENSSL_HAS_ECC void packet_put_ecpoint(const EC_GROUP *, const EC_POINT *); +#endif void packet_put_string(const void *buf, u_int len); void packet_put_cstring(const char *str); void packet_put_raw(const void *buf, u_int len); @@ -61,7 +65,9 @@ u_int packet_get_int(void); u_int64_t packet_get_int64(void); void packet_get_bignum(BIGNUM * value); void packet_get_bignum2(BIGNUM * value); +#ifdef OPENSSL_HAS_ECC void packet_get_ecpoint(const EC_GROUP *, EC_POINT *); +#endif void *packet_get_raw(u_int *length_ptr); void *packet_get_string(u_int *length_ptr); char *packet_get_cstring(u_int *length_ptr); diff --git a/ssh-agent.c b/ssh-agent.c index 8f19fb15..45c8e37a 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -466,11 +466,12 @@ process_add_identity(SocketEntry *e, int version) Idtab *tab = idtab_lookup(version); Identity *id; int type, success = 0, death = 0, confirm = 0; - char *type_name, *comment, *curve; + char *type_name, *comment; Key *k = NULL; #ifdef OPENSSL_HAS_ECC BIGNUM *exponent; EC_POINT *q; + int *curve; #endif u_char *cert; u_int len; @@ -849,10 +849,19 @@ main(int ac, char **av) */ r = snprintf(buf, sizeof buf, "%s%s%s", pw->pw_dir, strcmp(pw->pw_dir, "/") ? "/" : "", _PATH_SSH_USER_DIR); - if (r > 0 && (size_t)r < sizeof(buf) && stat(buf, &st) < 0) + if (r > 0 && (size_t)r < sizeof(buf) && stat(buf, &st) < 0) { +#ifdef WITH_SELINUX + char *scon; + + matchpathcon(buf, 0700, &scon); + setfscreatecon(scon); +#endif if (mkdir(buf, 0700) < 0) error("Could not create directory '%.200s'.", buf); - +#ifdef WITH_SELINUX + setfscreatecon(NULL); +#endif + } /* load options.identity_files */ load_public_identity_files(); |