diff options
| author | Darren Tucker <dtucker@dtucker.net> | 2019-05-17 10:54:51 +1000 |
|---|---|---|
| committer | Darren Tucker <dtucker@dtucker.net> | 2019-05-17 10:54:51 +1000 |
| commit | 97370f6c2c3b825f8c577b7e6c00b1a98d30a6cf (patch) | |
| tree | 217d73211fcf07d34c96c7294a295bbe589d81fd | |
| parent | 633703babf8d9a88da85f23b800e1b88dec7cdbd (diff) | |
| download | openssh-git-97370f6c2c3b825f8c577b7e6c00b1a98d30a6cf.tar.gz | |
Fix building w/out ECC.
Ifdef out ECC specific code so that that it'll build against an OpenSSL
configured w/out ECC. With & ok djm@
| -rw-r--r-- | kexecdh.c | 26 | ||||
| -rw-r--r-- | ssh-pkcs11-helper.c | 2 | ||||
| -rw-r--r-- | ssh-pkcs11.c | 4 |
3 files changed, 32 insertions, 0 deletions
@@ -208,4 +208,30 @@ kex_ecdh_dec(struct kex *kex, const struct sshbuf *server_blob, kex->ec_client_key = NULL; return r; } + +#else + +#include "sshkey.h" +#include "kex.h" +#include "ssherr.h" + +int +kex_ecdh_keypair(struct kex *kex) +{ + return SSH_ERR_SIGN_ALG_UNSUPPORTED; +} + +int +kex_ecdh_enc(struct kex *kex, const struct sshbuf *client_blob, + struct sshbuf **server_blobp, struct sshbuf **shared_secretp) +{ + return SSH_ERR_SIGN_ALG_UNSUPPORTED; +} + +int +kex_ecdh_dec(struct kex *kex, const struct sshbuf *server_blob, + struct sshbuf **shared_secretp) +{ + return SSH_ERR_SIGN_ALG_UNSUPPORTED; +} #endif /* defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) */ diff --git a/ssh-pkcs11-helper.c b/ssh-pkcs11-helper.c index 807ceb66..cb873e20 100644 --- a/ssh-pkcs11-helper.c +++ b/ssh-pkcs11-helper.c @@ -206,6 +206,7 @@ process_sign(void) slen = ret; ok = 0; } +#ifdef OPENSSL_HAS_ECC } else if (key->type == KEY_ECDSA) { u_int xslen = ECDSA_size(key->ecdsa); @@ -219,6 +220,7 @@ process_sign(void) error("%s: ECDSA_sign" " returns %d", __func__, ret); slen = xslen; +#endif /* OPENSSL_HAS_ECC */ } else error("%s: don't know how to sign with key " "type %d", __func__, (int)key->type); diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c index 24bbc587..d9413bc4 100644 --- a/ssh-pkcs11.c +++ b/ssh-pkcs11.c @@ -916,7 +916,9 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx, X509 *x509 = NULL; EVP_PKEY *evp; RSA *rsa = NULL; +#ifdef OPENSSL_HAS_ECC EC_KEY *ec = NULL; +#endif struct sshkey *key = NULL; int i; #ifdef HAVE_EC_KEY_METHOD_NEW @@ -1043,7 +1045,9 @@ fail: free(cert_attr[i].pValue); X509_free(x509); RSA_free(rsa); +#ifdef OPENSSL_HAS_ECC EC_KEY_free(ec); +#endif return (key); } |