From dac190b8e7576a13b831cb7b0791ff18057693af Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Mon, 27 Apr 2015 01:52:31 +0000 Subject: fix compilation with OPENSSL=no; ok dtucker@ --- usr.bin/ssh/monitor.c | 4 +++- usr.bin/ssh/packet.c | 16 +++++++++++++--- usr.bin/ssh/ssh-keygen.c | 8 ++++++-- 3 files changed, 22 insertions(+), 6 deletions(-) diff --git a/usr.bin/ssh/monitor.c b/usr.bin/ssh/monitor.c index 2fc01090980..3d1c7e6a3c4 100644 --- a/usr.bin/ssh/monitor.c +++ b/usr.bin/ssh/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.146 2015/04/17 04:32:31 djm Exp $ */ +/* $OpenBSD: monitor.c,v 1.147 2015/04/27 01:52:30 djm Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -1518,11 +1518,13 @@ monitor_apply_keystate(struct monitor *pmonitor) if ((kex = ssh->kex) != 0) { /* XXX set callbacks */ +#ifdef WITH_OPENSSL kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; kex->kex[KEX_ECDH_SHA2] = kexecdh_server; +#endif kex->kex[KEX_C25519_SHA256] = kexc25519_server; kex->load_host_public_key=&get_hostkey_public_by_type; kex->load_host_private_key=&get_hostkey_private_by_type; diff --git a/usr.bin/ssh/packet.c b/usr.bin/ssh/packet.c index 6d5e2a7b510..1f79240eefd 100644 --- a/usr.bin/ssh/packet.c +++ b/usr.bin/ssh/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.210 2015/03/24 20:10:08 markus Exp $ */ +/* $OpenBSD: packet.c,v 1.211 2015/04/27 01:52:30 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -778,10 +778,12 @@ ssh_packet_set_compress_hooks(struct ssh *ssh, void *ctx, * encrypted independently of each other. */ -#ifdef WITH_OPENSSL void ssh_packet_set_encryption_key(struct ssh *ssh, const u_char *key, u_int keylen, int number) { +#ifndef WITH_SSH1 + fatal("no SSH protocol 1 support"); +#else /* WITH_SSH1 */ struct session_state *state = ssh->state; const struct sshcipher *cipher = cipher_by_number(number); int r; @@ -806,8 +808,8 @@ ssh_packet_set_encryption_key(struct ssh *ssh, const u_char *key, u_int keylen, error("Warning: %s", wmsg); state->cipher_warning_done = 1; } +#endif /* WITH_SSH1 */ } -#endif /* * Finalizes and sends the packet. If the encryption key has been set, @@ -2713,23 +2715,27 @@ sshpkt_put_stringb(struct ssh *ssh, const struct sshbuf *v) return sshbuf_put_stringb(ssh->state->outgoing_packet, v); } +#ifdef WITH_OPENSSL int sshpkt_put_ec(struct ssh *ssh, const EC_POINT *v, const EC_GROUP *g) { return sshbuf_put_ec(ssh->state->outgoing_packet, v, g); } +#ifdef WITH_SSH1 int sshpkt_put_bignum1(struct ssh *ssh, const BIGNUM *v) { return sshbuf_put_bignum1(ssh->state->outgoing_packet, v); } +#endif /* WITH_SSH1 */ int sshpkt_put_bignum2(struct ssh *ssh, const BIGNUM *v) { return sshbuf_put_bignum2(ssh->state->outgoing_packet, v); } +#endif /* WITH_OPENSSL */ /* fetch data from the incoming packet */ @@ -2775,23 +2781,27 @@ sshpkt_get_cstring(struct ssh *ssh, char **valp, size_t *lenp) return sshbuf_get_cstring(ssh->state->incoming_packet, valp, lenp); } +#ifdef WITH_OPENSSL int sshpkt_get_ec(struct ssh *ssh, EC_POINT *v, const EC_GROUP *g) { return sshbuf_get_ec(ssh->state->incoming_packet, v, g); } +#ifdef WITH_SSH1 int sshpkt_get_bignum1(struct ssh *ssh, BIGNUM *v) { return sshbuf_get_bignum1(ssh->state->incoming_packet, v); } +#endif /* WITH_SSH1 */ int sshpkt_get_bignum2(struct ssh *ssh, BIGNUM *v) { return sshbuf_get_bignum2(ssh->state->incoming_packet, v); } +#endif /* WITH_OPENSSL */ int sshpkt_get_end(struct ssh *ssh) diff --git a/usr.bin/ssh/ssh-keygen.c b/usr.bin/ssh/ssh-keygen.c index a45e501ffcf..90c6ab349fe 100644 --- a/usr.bin/ssh/ssh-keygen.c +++ b/usr.bin/ssh/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.270 2015/04/24 01:36:01 deraadt Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.271 2015/04/27 01:52:30 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -176,11 +176,14 @@ int prime_test(FILE *, FILE *, u_int32_t, u_int32_t, char *, unsigned long, static void type_bits_valid(int type, const char *name, u_int32_t *bitsp) { +#ifdef WITH_OPENSSL u_int maxbits, nid; +#endif if (type == KEY_UNSPEC) fatal("unknown key type %s", key_type_name); if (*bitsp == 0) { +#ifdef WITH_OPENSSL if (type == KEY_DSA) *bitsp = DEFAULT_BITS_DSA; else if (type == KEY_ECDSA) { @@ -191,13 +194,14 @@ type_bits_valid(int type, const char *name, u_int32_t *bitsp) *bitsp = DEFAULT_BITS_ECDSA; } else +#endif *bitsp = DEFAULT_BITS; } +#ifdef WITH_OPENSSL maxbits = (type == KEY_DSA) ? OPENSSL_DSA_MAX_MODULUS_BITS : OPENSSL_RSA_MAX_MODULUS_BITS; if (*bitsp > maxbits) fatal("key bits exceeds maximum %d", maxbits); -#ifdef WITH_OPENSSL if (type == KEY_DSA && *bitsp != 1024) fatal("DSA keys must be 1024 bits"); else if (type != KEY_ECDSA && type != KEY_ED25519 && *bitsp < 768) -- cgit v1.2.3