[openssh-commits] [openssh] 01/06: complete PKCS#11 stubs and move to ssh-pkcs11.c

git+noreply at mindrot.org git+noreply at mindrot.org
Thu Oct 9 15:46:11 AEDT 2025 

This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch V_10_2
in repository openssh.

commit af17ae64a5cfee42334883d2802f40f779131740
Author: Damien Miller <djm at mindrot.org>
AuthorDate: Thu Oct 9 13:12:15 2025 +1100

    complete PKCS#11 stubs and move to ssh-pkcs11.c
    
    Should unbreak --disable-pkcs11 builds
---
 ssh-pkcs11-helper.c | 16 ----------------
 ssh-pkcs11.c        | 25 ++++++++++++++++++++++---
 2 files changed, 22 insertions(+), 19 deletions(-)

diff --git a/ssh-pkcs11-helper.c b/ssh-pkcs11-helper.c
index 7ed4bdb76..aeb5b7a8a 100644
--- a/ssh-pkcs11-helper.c
+++ b/ssh-pkcs11-helper.c
@@ -310,22 +310,6 @@ main(int argc, char **argv)
 	}
 }
 #else /* ENABLE_PKCS11 */
-/* stubs */
-int
-pkcs11_sign(struct sshkey *key,
-    u_char **sigp, size_t *lenp,
-    const u_char *data, size_t datalen,
-    const char *alg, const char *sk_provider,
-    const char *sk_pin, u_int compat)
-{
-	return SSH_ERR_INTERNAL_ERROR;
-}
-
-void
-pkcs11_key_free(struct sshkey *key)
-{
-}
-
 int
 main(int argc, char **argv)
 {
diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c
index 0a94fcd97..92822f851 100644
--- a/ssh-pkcs11.c
+++ b/ssh-pkcs11.c
@@ -2287,11 +2287,13 @@ out:
 
 #include "log.h"
 #include "sshkey.h"
+#include "ssherr.h"
+#include "ssh-pkcs11.h"
 
 int
 pkcs11_init(int interactive)
 {
-	error_f("dlopen() not supported");
+	error_f("PKCS#11 not supported");
 	return (-1);
 }
 
@@ -2299,13 +2301,30 @@ int
 pkcs11_add_provider(char *provider_id, char *pin, struct sshkey ***keyp,
     char ***labelsp)
 {
-	error_f("dlopen() not supported");
+	error_f("PKCS#11 not supported");
 	return (-1);
 }
 
+void
+pkcs11_key_free(struct sshkey *key)
+{
+	error_f("PKCS#11 not supported");
+}
+
+int
+pkcs11_sign(struct sshkey *key,
+    u_char **sigp, size_t *lenp,
+    const u_char *data, size_t datalen,
+    const char *alg, const char *sk_provider,
+    const char *sk_pin, u_int compat)
+{
+	error_f("PKCS#11 not supported");
+	return SSH_ERR_FEATURE_UNSUPPORTED;
+}
+
 void
 pkcs11_terminate(void)
 {
-	error_f("dlopen() not supported");
+	error_f("PKCS#11 not supported");
 }
 #endif /* ENABLE_PKCS11 */

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.

More information about the openssh-commits mailing list