[openssh-commits] [openssh] 02/02: complete PKCS#11 stubs and move to ssh-pkcs11.c

git+noreply at mindrot.org git+noreply at mindrot.org
Thu Oct 9 13:12:54 AEDT 2025 

This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 081b8dbbe90d81a43b5e0f1995fe59a0e319aa15
Author: Damien Miller <djm at mindrot.org>
AuthorDate: Thu Oct 9 13:12:15 2025 +1100

    complete PKCS#11 stubs and move to ssh-pkcs11.c
    
    Should unbreak --disable-pkcs11 builds
---
 ssh-pkcs11-helper.c | 16 ----------------
 ssh-pkcs11.c        | 25 ++++++++++++++++++++++---
 2 files changed, 22 insertions(+), 19 deletions(-)

diff --git a/ssh-pkcs11-helper.c b/ssh-pkcs11-helper.c
index 7ed4bdb76..aeb5b7a8a 100644
--- a/ssh-pkcs11-helper.c
+++ b/ssh-pkcs11-helper.c
@@ -310,22 +310,6 @@ main(int argc, char **argv)
 	}
 }
 #else /* ENABLE_PKCS11 */
-/* stubs */
-int
-pkcs11_sign(struct sshkey *key,
-    u_char **sigp, size_t *lenp,
-    const u_char *data, size_t datalen,
-    const char *alg, const char *sk_provider,
-    const char *sk_pin, u_int compat)
-{
-	return SSH_ERR_INTERNAL_ERROR;
-}
-
-void
-pkcs11_key_free(struct sshkey *key)
-{
-}
-
 int
 main(int argc, char **argv)
 {
diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c
index f68617f47..c88179473 100644
--- a/ssh-pkcs11.c
+++ b/ssh-pkcs11.c
@@ -2289,11 +2289,13 @@ out:
 
 #include "log.h"
 #include "sshkey.h"
+#include "ssherr.h"
+#include "ssh-pkcs11.h"
 
 int
 pkcs11_init(int interactive)
 {
-	error_f("dlopen() not supported");
+	error_f("PKCS#11 not supported");
 	return (-1);
 }
 
@@ -2301,13 +2303,30 @@ int
 pkcs11_add_provider(char *provider_id, char *pin, struct sshkey ***keyp,
     char ***labelsp)
 {
-	error_f("dlopen() not supported");
+	error_f("PKCS#11 not supported");
 	return (-1);
 }
 
+void
+pkcs11_key_free(struct sshkey *key)
+{
+	error_f("PKCS#11 not supported");
+}
+
+int
+pkcs11_sign(struct sshkey *key,
+    u_char **sigp, size_t *lenp,
+    const u_char *data, size_t datalen,
+    const char *alg, const char *sk_provider,
+    const char *sk_pin, u_int compat)
+{
+	error_f("PKCS#11 not supported");
+	return SSH_ERR_FEATURE_UNSUPPORTED;
+}
+
 void
 pkcs11_terminate(void)
 {
-	error_f("dlopen() not supported");
+	error_f("PKCS#11 not supported");
 }
 #endif /* ENABLE_PKCS11 */

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.

More information about the openssh-commits mailing list