[openssh-commits] [openssh] 01/01: Repair for non-ECC OpenSSL.

git+noreply at mindrot.org git+noreply at mindrot.org
Mon Feb 23 05:05:49 AEDT 2015


This is an automated email from the git hooks/post-receive script.

dtucker pushed a commit to branch master
in repository openssh.

commit f2004cd1adf34492eae0a44b1ef84e0e31b06088
Author: Darren Tucker <dtucker at zip.com.au>
Date:   Mon Feb 23 05:04:21 2015 +1100

    Repair for non-ECC OpenSSL.
    
    Ifdef out the ECC parts when building with an OpenSSL that doesn't have
    it.
---
 monitor.c     | 2 ++
 opacket.c     | 4 ++++
 ssh-keyscan.c | 2 ++
 ssh_api.c     | 4 ++++
 sshconnect2.c | 2 ++
 sshd.c        | 2 ++
 6 files changed, 16 insertions(+)

diff --git a/monitor.c b/monitor.c
index 8f5ab72..4f9c9fe 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1853,7 +1853,9 @@ monitor_apply_keystate(struct monitor *pmonitor)
 		kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
 		kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
 		kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
+# ifdef OPENSSL_HAS_ECC
 		kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
+# endif
 #endif /* WITH_OPENSSL */
 		kex->kex[KEX_C25519_SHA256] = kexc25519_server;
 		kex->load_host_public_key=&get_hostkey_public_by_type;
diff --git a/opacket.c b/opacket.c
index 7618eae..dd443c3 100644
--- a/opacket.c
+++ b/opacket.c
@@ -93,6 +93,7 @@ ssh_packet_put_bignum2(struct ssh *ssh, BIGNUM * value)
 		fatal("%s: %s", __func__, ssh_err(r));
 }
 
+# ifdef OPENSSL_HAS_ECC
 void
 ssh_packet_put_ecpoint(struct ssh *ssh, const EC_GROUP *curve,
     const EC_POINT *point)
@@ -102,6 +103,7 @@ ssh_packet_put_ecpoint(struct ssh *ssh, const EC_GROUP *curve,
 	if ((r = sshpkt_put_ec(ssh, point, curve)) != 0)
 		fatal("%s: %s", __func__, ssh_err(r));
 }
+# endif
 #endif /* WITH_OPENSSL */
 
 void
@@ -165,6 +167,7 @@ ssh_packet_get_bignum2(struct ssh *ssh, BIGNUM * value)
 		fatal("%s: %s", __func__, ssh_err(r));
 }
 
+# ifdef OPENSSL_HAS_ECC
 void
 ssh_packet_get_ecpoint(struct ssh *ssh, const EC_GROUP *curve, EC_POINT *point)
 {
@@ -173,6 +176,7 @@ ssh_packet_get_ecpoint(struct ssh *ssh, const EC_GROUP *curve, EC_POINT *point)
 	if ((r = sshpkt_get_ec(ssh, point, curve)) != 0)
 		fatal("%s: %s", __func__, ssh_err(r));
 }
+# endif
 #endif /* WITH_OPENSSL */
 
 void *
diff --git a/ssh-keyscan.c b/ssh-keyscan.c
index 2b13030..c5fb3b5 100644
--- a/ssh-keyscan.c
+++ b/ssh-keyscan.c
@@ -282,7 +282,9 @@ keygrab_ssh2(con *c)
 	c->c_ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;
 	c->c_ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
 	c->c_ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;
+# ifdef OPENSSL_HAS_ECC
 	c->c_ssh->kex->kex[KEX_ECDH_SHA2] = kexecdh_client;
+# endif
 #endif
 	c->c_ssh->kex->kex[KEX_C25519_SHA256] = kexc25519_client;
 	ssh_set_verify_host_key_callback(c->c_ssh, key_print_wrapper);
diff --git a/ssh_api.c b/ssh_api.c
index ca4789b..6c71258 100644
--- a/ssh_api.c
+++ b/ssh_api.c
@@ -105,7 +105,9 @@ ssh_init(struct ssh **sshp, int is_server, struct kex_params *kex_params)
 		ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
 		ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
 		ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
+# ifdef OPENSSL_HAS_ECC
 		ssh->kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
+# endif
 #endif /* WITH_OPENSSL */
 		ssh->kex->kex[KEX_C25519_SHA256] = kexc25519_server;
 		ssh->kex->load_host_public_key=&_ssh_host_public_key;
@@ -117,7 +119,9 @@ ssh_init(struct ssh **sshp, int is_server, struct kex_params *kex_params)
 		ssh->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;
 		ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
 		ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;
+# ifdef OPENSSL_HAS_ECC
 		ssh->kex->kex[KEX_ECDH_SHA2] = kexecdh_client;
+# endif
 #endif /* WITH_OPENSSL */
 		ssh->kex->kex[KEX_C25519_SHA256] = kexc25519_client;
 		ssh->kex->verify_host_key =&_ssh_verify_host_key;
diff --git a/sshconnect2.c b/sshconnect2.c
index 804194a..ba56f64 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -213,7 +213,9 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
 	kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;
 	kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
 	kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;
+# ifdef OPENSSL_HAS_ECC
 	kex->kex[KEX_ECDH_SHA2] = kexecdh_client;
+# endif
 #endif
 	kex->kex[KEX_C25519_SHA256] = kexc25519_client;
 	kex->client_version_string=client_version_string;
diff --git a/sshd.c b/sshd.c
index 312dcd8..e1c767c 100644
--- a/sshd.c
+++ b/sshd.c
@@ -2570,7 +2570,9 @@ do_ssh2_kex(void)
 	kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
 	kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
 	kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
+# ifdef OPENSSL_HAS_ECC
 	kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
+# endif
 #endif
 	kex->kex[KEX_C25519_SHA256] = kexc25519_server;
 	kex->server = 1;

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.


More information about the openssh-commits mailing list