[openssh-commits] [openssh] 01/01: repair --without-openssl; broken in refactor
git+noreply at mindrot.org
git+noreply at mindrot.org
Wed Feb 18 22:30:16 AEDT 2015
This is an automated email from the git hooks/post-receive script.
djm pushed a commit to branch master
in repository openssh.
commit 773dda25e828c4c9a52f7bdce6e1e5924157beab
Author: Damien Miller <djm at mindrot.org>
Date: Fri Jan 30 23:10:17 2015 +1100
repair --without-openssl; broken in refactor
---
kex.h | 20 ++++++++++++++++++++
monitor.c | 2 ++
packet.c | 16 ++++++++++++++--
packet.h | 25 +++++++++++++++++++++++--
ssh-keygen.c | 5 +++--
ssh_api.c | 2 ++
6 files changed, 64 insertions(+), 6 deletions(-)
diff --git a/kex.h b/kex.h
index 99a7d55..f70b81f 100644
--- a/kex.h
+++ b/kex.h
@@ -34,6 +34,20 @@
#include "leakmalloc.h"
#endif
+#ifdef WITH_OPENSSL
+# ifdef OPENSSL_HAS_ECC
+# include <openssl/ec.h>
+# else /* OPENSSL_HAS_ECC */
+# define EC_KEY void
+# define EC_GROUP void
+# define EC_POINT void
+# endif /* OPENSSL_HAS_ECC */
+#else /* WITH_OPENSSL */
+# define EC_KEY void
+# define EC_GROUP void
+# define EC_POINT void
+#endif /* WITH_OPENSSL */
+
#define KEX_COOKIE_LEN 16
#define KEX_DH1 "diffie-hellman-group1-sha1"
@@ -204,4 +218,10 @@ derive_ssh1_session_id(BIGNUM *, BIGNUM *, u_int8_t[8], u_int8_t[16]);
void dump_digest(char *, u_char *, int);
#endif
+#if !defined(WITH_OPENSSL) || !defined(OPENSSL_HAS_ECC)
+# undef EC_KEY
+# undef EC_GROUP
+# undef EC_POINT
+#endif
+
#endif
diff --git a/monitor.c b/monitor.c
index 6e97def..bc4f039 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1848,11 +1848,13 @@ monitor_apply_keystate(struct monitor *pmonitor)
if ((kex = ssh->kex) != 0) {
/* XXX set callbacks */
+#ifdef WITH_OPENSSL
kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
+#endif /* WITH_OPENSSL */
kex->kex[KEX_C25519_SHA256] = kexc25519_server;
kex->load_host_public_key=&get_hostkey_public_by_type;
kex->load_host_private_key=&get_hostkey_private_by_type;
diff --git a/packet.c b/packet.c
index b29d875..b1219c8 100644
--- a/packet.c
+++ b/packet.c
@@ -788,10 +788,10 @@ ssh_packet_set_compress_hooks(struct ssh *ssh, void *ctx,
* encrypted independently of each other.
*/
-#ifdef WITH_OPENSSL
void
ssh_packet_set_encryption_key(struct ssh *ssh, const u_char *key, u_int keylen, int number)
{
+#ifdef WITH_SSH1
struct session_state *state = ssh->state;
const struct sshcipher *cipher = cipher_by_number(number);
int r;
@@ -816,8 +816,8 @@ ssh_packet_set_encryption_key(struct ssh *ssh, const u_char *key, u_int keylen,
error("Warning: %s", wmsg);
state->cipher_warning_done = 1;
}
+#endif /* WITH_SSH1 */
}
-#endif
/*
* Finalizes and sends the packet. If the encryption key has been set,
@@ -2727,23 +2727,29 @@ sshpkt_put_stringb(struct ssh *ssh, const struct sshbuf *v)
return sshbuf_put_stringb(ssh->state->outgoing_packet, v);
}
+#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC)
int
sshpkt_put_ec(struct ssh *ssh, const EC_POINT *v, const EC_GROUP *g)
{
return sshbuf_put_ec(ssh->state->outgoing_packet, v, g);
}
+#endif /* WITH_OPENSSL && OPENSSL_HAS_ECC */
+#ifdef WITH_SSH1
int
sshpkt_put_bignum1(struct ssh *ssh, const BIGNUM *v)
{
return sshbuf_put_bignum1(ssh->state->outgoing_packet, v);
}
+#endif /* WITH_SSH1 */
+#ifdef WITH_OPENSSL
int
sshpkt_put_bignum2(struct ssh *ssh, const BIGNUM *v)
{
return sshbuf_put_bignum2(ssh->state->outgoing_packet, v);
}
+#endif /* WITH_OPENSSL */
/* fetch data from the incoming packet */
@@ -2789,23 +2795,29 @@ sshpkt_get_cstring(struct ssh *ssh, char **valp, size_t *lenp)
return sshbuf_get_cstring(ssh->state->incoming_packet, valp, lenp);
}
+#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC)
int
sshpkt_get_ec(struct ssh *ssh, EC_POINT *v, const EC_GROUP *g)
{
return sshbuf_get_ec(ssh->state->incoming_packet, v, g);
}
+#endif /* WITH_OPENSSL && OPENSSL_HAS_ECC */
+#ifdef WITH_SSH1
int
sshpkt_get_bignum1(struct ssh *ssh, BIGNUM *v)
{
return sshbuf_get_bignum1(ssh->state->incoming_packet, v);
}
+#endif /* WITH_SSH1 */
+#ifdef WITH_OPENSSL
int
sshpkt_get_bignum2(struct ssh *ssh, BIGNUM *v)
{
return sshbuf_get_bignum2(ssh->state->incoming_packet, v);
}
+#endif /* WITH_OPENSSL */
int
sshpkt_get_end(struct ssh *ssh)
diff --git a/packet.h b/packet.h
index 01df9f4..cb19456 100644
--- a/packet.h
+++ b/packet.h
@@ -22,8 +22,18 @@
# include <openssl/bn.h>
# ifdef OPENSSL_HAS_ECC
# include <openssl/ec.h>
-# endif
-#endif
+# else /* OPENSSL_HAS_ECC */
+# define EC_KEY void
+# define EC_GROUP void
+# define EC_POINT void
+# endif /* OPENSSL_HAS_ECC */
+#else /* WITH_OPENSSL */
+# define BIGNUM void
+# define EC_KEY void
+# define EC_GROUP void
+# define EC_POINT void
+#endif /* WITH_OPENSSL */
+
#include <sys/signal.h>
#include <sys/queue.h>
@@ -182,4 +192,15 @@ const u_char *sshpkt_ptr(struct ssh *, size_t *lenp);
extern struct ssh *active_state;
#include "opacket.h"
+#if !defined(WITH_OPENSSL)
+# undef BIGNUM
+# undef EC_KEY
+# undef EC_GROUP
+# undef EC_POINT
+#elif !defined(OPENSSL_HAS_ECC)
+# undef EC_KEY
+# undef EC_GROUP
+# undef EC_POINT
+#endif
+
#endif /* PACKET_H */
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 9b20682..9238748 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -192,6 +192,7 @@ type_bits_valid(int type, const char *name, u_int32_t *bitsp)
exit(1);
}
if (*bitsp == 0) {
+#ifdef WITH_OPENSSL
if (type == KEY_DSA)
*bitsp = DEFAULT_BITS_DSA;
else if (type == KEY_ECDSA) {
@@ -200,8 +201,8 @@ type_bits_valid(int type, const char *name, u_int32_t *bitsp)
*bitsp = sshkey_curve_nid_to_bits(nid);
if (*bitsp == 0)
*bitsp = DEFAULT_BITS_ECDSA;
- }
- else
+ } else
+#endif
*bitsp = DEFAULT_BITS;
}
#ifdef WITH_OPENSSL
diff --git a/ssh_api.c b/ssh_api.c
index 265a3e6..ca4789b 100644
--- a/ssh_api.c
+++ b/ssh_api.c
@@ -81,7 +81,9 @@ ssh_init(struct ssh **sshp, int is_server, struct kex_params *kex_params)
int r;
if (!called) {
+#ifdef WITH_OPENSSL
OpenSSL_add_all_algorithms();
+#endif /* WITH_OPENSSL */
called = 1;
}
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list