[openssh-commits] [openssh] 03/03: more --without-openssl
git+noreply at mindrot.org
git+noreply at mindrot.org
Thu Jan 15 03:09:37 EST 2015
This is an automated email from the git hooks/post-receive script.
djm pushed a commit to branch master
in repository openssh.
commit b03ebe2c22b8166e4f64c37737f4278676e3488d
Author: Damien Miller <djm at mindrot.org>
Date: Thu Jan 15 03:08:58 2015 +1100
more --without-openssl
fix some regressions caused by upstream merges
enable KRLs now that they no longer require BIGNUMs
---
authfile.c | 2 --
krl.c | 3 ---
ssh-agent.c | 2 ++
ssh-keygen.c | 10 ----------
sshbuf.h | 6 +++---
5 files changed, 5 insertions(+), 18 deletions(-)
diff --git a/authfile.c b/authfile.c
index de97086..d47e005 100644
--- a/authfile.c
+++ b/authfile.c
@@ -551,12 +551,10 @@ sshkey_check_revoked(struct sshkey *key, const char *revoked_keys_file)
{
int r;
-#ifdef WITH_OPENSSL
r = ssh_krl_file_contains_key(revoked_keys_file, key);
/* If this was not a KRL to begin with then continue below */
if (r != SSH_ERR_KRL_BAD_MAGIC)
return r;
-#endif
/*
* If the file is not a KRL or we can't handle KRLs then attempt to
diff --git a/krl.c b/krl.c
index b19def7..3917338 100644
--- a/krl.c
+++ b/krl.c
@@ -18,8 +18,6 @@
#include "includes.h"
-#ifdef WITH_OPENSSL /* XXX just fix bignums and this is good */
-
#include <sys/types.h>
#include <sys/param.h>
#include <openbsd-compat/sys-tree.h>
@@ -1284,4 +1282,3 @@ ssh_krl_file_contains_key(const char *path, const struct sshkey *key)
errno = oerrno;
return r;
}
-#endif /* WITH_OPENSSL */
diff --git a/ssh-agent.c b/ssh-agent.c
index 4925d47..43000a4 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -524,6 +524,7 @@ reaper(void)
return (deadline - now);
}
+#ifdef WITH_SSH1
/*
* XXX this and the corresponding serialisation function probably belongs
* in key.c
@@ -565,6 +566,7 @@ agent_decode_rsa1(struct sshbuf *m, struct sshkey **kp)
sshkey_free(k);
return r;
}
+#endif
static void
process_add_identity(SocketEntry *e, int version)
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 75f8e2e..7f775ff 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1964,7 +1964,6 @@ do_show_cert(struct passwd *pw)
exit(0);
}
-#ifdef WITH_OPENSSL
static void
load_krl(const char *path, struct ssh_krl **krlp)
{
@@ -2106,12 +2105,10 @@ update_krl_from_file(struct passwd *pw, const char *file, const Key *ca,
fclose(krl_spec);
free(path);
}
-#endif /* WITH_OPENSSL */
static void
do_gen_krl(struct passwd *pw, int updating, int argc, char **argv)
{
-#ifdef WITH_OPENSSL
struct ssh_krl *krl;
struct stat sb;
Key *ca = NULL;
@@ -2161,15 +2158,11 @@ do_gen_krl(struct passwd *pw, int updating, int argc, char **argv)
ssh_krl_free(krl);
if (ca != NULL)
key_free(ca);
-#else /* WITH_OPENSSL */
- fatal("KRLs not supported without OpenSSL");
-#endif /* WITH_OPENSSL */
}
static void
do_check_krl(struct passwd *pw, int argc, char **argv)
{
-#ifdef WITH_OPENSSL
int i, r, ret = 0;
char *comment;
struct ssh_krl *krl;
@@ -2192,9 +2185,6 @@ do_check_krl(struct passwd *pw, int argc, char **argv)
}
ssh_krl_free(krl);
exit(ret);
-#else /* WITH_OPENSSL */
- fatal("KRLs not supported without OpenSSL");
-#endif /* WITH_OPENSSL */
}
static void
diff --git a/sshbuf.h b/sshbuf.h
index ac01919..eb0d92e 100644
--- a/sshbuf.h
+++ b/sshbuf.h
@@ -209,11 +209,11 @@ int sshbuf_peek_string_direct(const struct sshbuf *buf, const u_char **valp,
* curve points.
*/
int sshbuf_put_bignum2_bytes(struct sshbuf *buf, const void *v, size_t len);
-#ifdef WITH_OPENSSL
-int sshbuf_get_bignum2(struct sshbuf *buf, BIGNUM *v);
-int sshbuf_get_bignum1(struct sshbuf *buf, BIGNUM *v);
int sshbuf_get_bignum2_bytes_direct(struct sshbuf *buf,
const u_char **valp, size_t *lenp);
+#ifdef WITH_OPENSSL
+int sshbuf_get_bignum2(struct sshbuf *buf, BIGNUM *v);
+int sshbuf_get_bignum1(struct sshbuf *buf, BIGNUM *v);
int sshbuf_put_bignum2(struct sshbuf *buf, const BIGNUM *v);
int sshbuf_put_bignum1(struct sshbuf *buf, const BIGNUM *v);
# ifdef OPENSSL_HAS_ECC
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list