[openssh-commits] [openssh] 01/01: repair --without-openssl; broken in refactor

git+noreply at mindrot.org git+noreply at mindrot.org
Wed Feb 18 22:30:16 AEDT 2015


This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 773dda25e828c4c9a52f7bdce6e1e5924157beab
Author: Damien Miller <djm at mindrot.org>
Date:   Fri Jan 30 23:10:17 2015 +1100

    repair --without-openssl; broken in refactor
---
 kex.h        | 20 ++++++++++++++++++++
 monitor.c    |  2 ++
 packet.c     | 16 ++++++++++++++--
 packet.h     | 25 +++++++++++++++++++++++--
 ssh-keygen.c |  5 +++--
 ssh_api.c    |  2 ++
 6 files changed, 64 insertions(+), 6 deletions(-)

diff --git a/kex.h b/kex.h
index 99a7d55..f70b81f 100644
--- a/kex.h
+++ b/kex.h
@@ -34,6 +34,20 @@
 #include "leakmalloc.h"
 #endif
 
+#ifdef WITH_OPENSSL
+# ifdef OPENSSL_HAS_ECC
+#  include <openssl/ec.h>
+# else /* OPENSSL_HAS_ECC */
+#  define EC_KEY	void
+#  define EC_GROUP	void
+#  define EC_POINT	void
+# endif /* OPENSSL_HAS_ECC */
+#else /* WITH_OPENSSL */
+# define EC_KEY		void
+# define EC_GROUP	void
+# define EC_POINT	void
+#endif /* WITH_OPENSSL */
+
 #define KEX_COOKIE_LEN	16
 
 #define	KEX_DH1			"diffie-hellman-group1-sha1"
@@ -204,4 +218,10 @@ derive_ssh1_session_id(BIGNUM *, BIGNUM *, u_int8_t[8], u_int8_t[16]);
 void	dump_digest(char *, u_char *, int);
 #endif
 
+#if !defined(WITH_OPENSSL) || !defined(OPENSSL_HAS_ECC)
+# undef EC_KEY
+# undef EC_GROUP
+# undef EC_POINT
+#endif
+
 #endif
diff --git a/monitor.c b/monitor.c
index 6e97def..bc4f039 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1848,11 +1848,13 @@ monitor_apply_keystate(struct monitor *pmonitor)
 
 	if ((kex = ssh->kex) != 0) {
 		/* XXX set callbacks */
+#ifdef WITH_OPENSSL
 		kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
 		kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
 		kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
 		kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
 		kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
+#endif /* WITH_OPENSSL */
 		kex->kex[KEX_C25519_SHA256] = kexc25519_server;
 		kex->load_host_public_key=&get_hostkey_public_by_type;
 		kex->load_host_private_key=&get_hostkey_private_by_type;
diff --git a/packet.c b/packet.c
index b29d875..b1219c8 100644
--- a/packet.c
+++ b/packet.c
@@ -788,10 +788,10 @@ ssh_packet_set_compress_hooks(struct ssh *ssh, void *ctx,
  * encrypted independently of each other.
  */
 
-#ifdef WITH_OPENSSL
 void
 ssh_packet_set_encryption_key(struct ssh *ssh, const u_char *key, u_int keylen, int number)
 {
+#ifdef WITH_SSH1
 	struct session_state *state = ssh->state;
 	const struct sshcipher *cipher = cipher_by_number(number);
 	int r;
@@ -816,8 +816,8 @@ ssh_packet_set_encryption_key(struct ssh *ssh, const u_char *key, u_int keylen,
 		error("Warning: %s", wmsg);
 		state->cipher_warning_done = 1;
 	}
+#endif /* WITH_SSH1 */
 }
-#endif
 
 /*
  * Finalizes and sends the packet.  If the encryption key has been set,
@@ -2727,23 +2727,29 @@ sshpkt_put_stringb(struct ssh *ssh, const struct sshbuf *v)
 	return sshbuf_put_stringb(ssh->state->outgoing_packet, v);
 }
 
+#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC)
 int
 sshpkt_put_ec(struct ssh *ssh, const EC_POINT *v, const EC_GROUP *g)
 {
 	return sshbuf_put_ec(ssh->state->outgoing_packet, v, g);
 }
+#endif /* WITH_OPENSSL && OPENSSL_HAS_ECC */
 
+#ifdef WITH_SSH1
 int
 sshpkt_put_bignum1(struct ssh *ssh, const BIGNUM *v)
 {
 	return sshbuf_put_bignum1(ssh->state->outgoing_packet, v);
 }
+#endif /* WITH_SSH1 */
 
+#ifdef WITH_OPENSSL
 int
 sshpkt_put_bignum2(struct ssh *ssh, const BIGNUM *v)
 {
 	return sshbuf_put_bignum2(ssh->state->outgoing_packet, v);
 }
+#endif /* WITH_OPENSSL */
 
 /* fetch data from the incoming packet */
 
@@ -2789,23 +2795,29 @@ sshpkt_get_cstring(struct ssh *ssh, char **valp, size_t *lenp)
 	return sshbuf_get_cstring(ssh->state->incoming_packet, valp, lenp);
 }
 
+#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC)
 int
 sshpkt_get_ec(struct ssh *ssh, EC_POINT *v, const EC_GROUP *g)
 {
 	return sshbuf_get_ec(ssh->state->incoming_packet, v, g);
 }
+#endif /* WITH_OPENSSL && OPENSSL_HAS_ECC */
 
+#ifdef WITH_SSH1
 int
 sshpkt_get_bignum1(struct ssh *ssh, BIGNUM *v)
 {
 	return sshbuf_get_bignum1(ssh->state->incoming_packet, v);
 }
+#endif /* WITH_SSH1 */
 
+#ifdef WITH_OPENSSL
 int
 sshpkt_get_bignum2(struct ssh *ssh, BIGNUM *v)
 {
 	return sshbuf_get_bignum2(ssh->state->incoming_packet, v);
 }
+#endif /* WITH_OPENSSL */
 
 int
 sshpkt_get_end(struct ssh *ssh)
diff --git a/packet.h b/packet.h
index 01df9f4..cb19456 100644
--- a/packet.h
+++ b/packet.h
@@ -22,8 +22,18 @@
 # include <openssl/bn.h>
 # ifdef OPENSSL_HAS_ECC
 #  include <openssl/ec.h>
-# endif
-#endif
+# else /* OPENSSL_HAS_ECC */
+#  define EC_KEY	void
+#  define EC_GROUP	void
+#  define EC_POINT	void
+# endif /* OPENSSL_HAS_ECC */
+#else /* WITH_OPENSSL */
+# define BIGNUM		void
+# define EC_KEY		void
+# define EC_GROUP	void
+# define EC_POINT	void
+#endif /* WITH_OPENSSL */
+
 #include <sys/signal.h>
 #include <sys/queue.h>
 
@@ -182,4 +192,15 @@ const u_char	*sshpkt_ptr(struct ssh *, size_t *lenp);
 extern struct ssh *active_state;
 #include "opacket.h"
 
+#if !defined(WITH_OPENSSL)
+# undef BIGNUM
+# undef EC_KEY
+# undef EC_GROUP
+# undef EC_POINT
+#elif !defined(OPENSSL_HAS_ECC)
+# undef EC_KEY
+# undef EC_GROUP
+# undef EC_POINT
+#endif
+
 #endif				/* PACKET_H */
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 9b20682..9238748 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -192,6 +192,7 @@ type_bits_valid(int type, const char *name, u_int32_t *bitsp)
 		exit(1);
 	}
 	if (*bitsp == 0) {
+#ifdef WITH_OPENSSL
 		if (type == KEY_DSA)
 			*bitsp = DEFAULT_BITS_DSA;
 		else if (type == KEY_ECDSA) {
@@ -200,8 +201,8 @@ type_bits_valid(int type, const char *name, u_int32_t *bitsp)
 				*bitsp = sshkey_curve_nid_to_bits(nid);
 			if (*bitsp == 0)
 				*bitsp = DEFAULT_BITS_ECDSA;
-		}
-		else
+		} else
+#endif
 			*bitsp = DEFAULT_BITS;
 	}
 #ifdef WITH_OPENSSL
diff --git a/ssh_api.c b/ssh_api.c
index 265a3e6..ca4789b 100644
--- a/ssh_api.c
+++ b/ssh_api.c
@@ -81,7 +81,9 @@ ssh_init(struct ssh **sshp, int is_server, struct kex_params *kex_params)
 	int r;
 
 	if (!called) {
+#ifdef WITH_OPENSSL
 		OpenSSL_add_all_algorithms();
+#endif /* WITH_OPENSSL */
 		called = 1;
 	}
 

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.


More information about the openssh-commits mailing list