[openssh-commits] [openssh] 03/04: fix FIDO key support for !OPENSSL_HAS_ECC case
git+noreply at mindrot.org
git+noreply at mindrot.org
Fri Oct 1 16:36:30 AEST 2021
This is an automated email from the git hooks/post-receive script.
djm pushed a commit to branch master
in repository openssh.
commit 872595572b6c9a584ed754165e8b7c4c9e7e1d61
Author: Damien Miller <djm at mindrot.org>
Date: Fri Oct 1 16:35:05 2021 +1000
fix FIDO key support for !OPENSSL_HAS_ECC case
ok dtucker
---
sk-usbhid.c | 9 +++++++++
ssh-sk.c | 13 +++++++++++--
2 files changed, 20 insertions(+), 2 deletions(-)
diff --git a/sk-usbhid.c b/sk-usbhid.c
index 2fdf3d94..01412b69 100644
--- a/sk-usbhid.c
+++ b/sk-usbhid.c
@@ -31,6 +31,15 @@
#include <sha2.h>
#endif
+/*
+ * Almost every use of OpenSSL in this file is for ECDSA-NISTP256.
+ * This is strictly a larger hammer than necessary, but it reduces changes
+ * with upstream.
+ */
+#ifndef OPENSSL_HAS_ECC
+# undef WITH_OPENSSL
+#endif
+
#ifdef WITH_OPENSSL
#include <openssl/opensslv.h>
#include <openssl/crypto.h>
diff --git a/ssh-sk.c b/ssh-sk.c
index d254e77f..393b4ccd 100644
--- a/ssh-sk.c
+++ b/ssh-sk.c
@@ -29,10 +29,10 @@
#include <string.h>
#include <stdio.h>
-#ifdef WITH_OPENSSL
+#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC)
#include <openssl/objects.h>
#include <openssl/ec.h>
-#endif /* WITH_OPENSSL */
+#endif /* WITH_OPENSSL && OPENSSL_HAS_ECC */
#include "log.h"
#include "misc.h"
@@ -45,6 +45,15 @@
#include "sk-api.h"
#include "crypto_api.h"
+/*
+ * Almost every use of OpenSSL in this file is for ECDSA-NISTP256.
+ * This is strictly a larger hammer than necessary, but it reduces changes
+ * with upstream.
+ */
+#ifndef OPENSSL_HAS_ECC
+# undef WITH_OPENSSL
+#endif
+
struct sshsk_provider {
char *path;
void *dlhandle;
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list