mirror of git://anongit.mindrot.org/openssh.git
repair --without-openssl; broken in refactor
This commit is contained in:
parent
e89c780886
commit
773dda25e8
20
kex.h
20
kex.h
|
@ -34,6 +34,20 @@
|
|||
#include "leakmalloc.h"
|
||||
#endif
|
||||
|
||||
#ifdef WITH_OPENSSL
|
||||
# ifdef OPENSSL_HAS_ECC
|
||||
# include <openssl/ec.h>
|
||||
# else /* OPENSSL_HAS_ECC */
|
||||
# define EC_KEY void
|
||||
# define EC_GROUP void
|
||||
# define EC_POINT void
|
||||
# endif /* OPENSSL_HAS_ECC */
|
||||
#else /* WITH_OPENSSL */
|
||||
# define EC_KEY void
|
||||
# define EC_GROUP void
|
||||
# define EC_POINT void
|
||||
#endif /* WITH_OPENSSL */
|
||||
|
||||
#define KEX_COOKIE_LEN 16
|
||||
|
||||
#define KEX_DH1 "diffie-hellman-group1-sha1"
|
||||
|
@ -204,4 +218,10 @@ derive_ssh1_session_id(BIGNUM *, BIGNUM *, u_int8_t[8], u_int8_t[16]);
|
|||
void dump_digest(char *, u_char *, int);
|
||||
#endif
|
||||
|
||||
#if !defined(WITH_OPENSSL) || !defined(OPENSSL_HAS_ECC)
|
||||
# undef EC_KEY
|
||||
# undef EC_GROUP
|
||||
# undef EC_POINT
|
||||
#endif
|
||||
|
||||
#endif
|
||||
|
|
|
@ -1848,11 +1848,13 @@ monitor_apply_keystate(struct monitor *pmonitor)
|
|||
|
||||
if ((kex = ssh->kex) != 0) {
|
||||
/* XXX set callbacks */
|
||||
#ifdef WITH_OPENSSL
|
||||
kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
|
||||
kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
|
||||
kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
|
||||
kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
|
||||
kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
|
||||
#endif /* WITH_OPENSSL */
|
||||
kex->kex[KEX_C25519_SHA256] = kexc25519_server;
|
||||
kex->load_host_public_key=&get_hostkey_public_by_type;
|
||||
kex->load_host_private_key=&get_hostkey_private_by_type;
|
||||
|
|
16
packet.c
16
packet.c
|
@ -788,10 +788,10 @@ ssh_packet_set_compress_hooks(struct ssh *ssh, void *ctx,
|
|||
* encrypted independently of each other.
|
||||
*/
|
||||
|
||||
#ifdef WITH_OPENSSL
|
||||
void
|
||||
ssh_packet_set_encryption_key(struct ssh *ssh, const u_char *key, u_int keylen, int number)
|
||||
{
|
||||
#ifdef WITH_SSH1
|
||||
struct session_state *state = ssh->state;
|
||||
const struct sshcipher *cipher = cipher_by_number(number);
|
||||
int r;
|
||||
|
@ -816,8 +816,8 @@ ssh_packet_set_encryption_key(struct ssh *ssh, const u_char *key, u_int keylen,
|
|||
error("Warning: %s", wmsg);
|
||||
state->cipher_warning_done = 1;
|
||||
}
|
||||
#endif /* WITH_SSH1 */
|
||||
}
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Finalizes and sends the packet. If the encryption key has been set,
|
||||
|
@ -2727,23 +2727,29 @@ sshpkt_put_stringb(struct ssh *ssh, const struct sshbuf *v)
|
|||
return sshbuf_put_stringb(ssh->state->outgoing_packet, v);
|
||||
}
|
||||
|
||||
#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC)
|
||||
int
|
||||
sshpkt_put_ec(struct ssh *ssh, const EC_POINT *v, const EC_GROUP *g)
|
||||
{
|
||||
return sshbuf_put_ec(ssh->state->outgoing_packet, v, g);
|
||||
}
|
||||
#endif /* WITH_OPENSSL && OPENSSL_HAS_ECC */
|
||||
|
||||
#ifdef WITH_SSH1
|
||||
int
|
||||
sshpkt_put_bignum1(struct ssh *ssh, const BIGNUM *v)
|
||||
{
|
||||
return sshbuf_put_bignum1(ssh->state->outgoing_packet, v);
|
||||
}
|
||||
#endif /* WITH_SSH1 */
|
||||
|
||||
#ifdef WITH_OPENSSL
|
||||
int
|
||||
sshpkt_put_bignum2(struct ssh *ssh, const BIGNUM *v)
|
||||
{
|
||||
return sshbuf_put_bignum2(ssh->state->outgoing_packet, v);
|
||||
}
|
||||
#endif /* WITH_OPENSSL */
|
||||
|
||||
/* fetch data from the incoming packet */
|
||||
|
||||
|
@ -2789,23 +2795,29 @@ sshpkt_get_cstring(struct ssh *ssh, char **valp, size_t *lenp)
|
|||
return sshbuf_get_cstring(ssh->state->incoming_packet, valp, lenp);
|
||||
}
|
||||
|
||||
#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC)
|
||||
int
|
||||
sshpkt_get_ec(struct ssh *ssh, EC_POINT *v, const EC_GROUP *g)
|
||||
{
|
||||
return sshbuf_get_ec(ssh->state->incoming_packet, v, g);
|
||||
}
|
||||
#endif /* WITH_OPENSSL && OPENSSL_HAS_ECC */
|
||||
|
||||
#ifdef WITH_SSH1
|
||||
int
|
||||
sshpkt_get_bignum1(struct ssh *ssh, BIGNUM *v)
|
||||
{
|
||||
return sshbuf_get_bignum1(ssh->state->incoming_packet, v);
|
||||
}
|
||||
#endif /* WITH_SSH1 */
|
||||
|
||||
#ifdef WITH_OPENSSL
|
||||
int
|
||||
sshpkt_get_bignum2(struct ssh *ssh, BIGNUM *v)
|
||||
{
|
||||
return sshbuf_get_bignum2(ssh->state->incoming_packet, v);
|
||||
}
|
||||
#endif /* WITH_OPENSSL */
|
||||
|
||||
int
|
||||
sshpkt_get_end(struct ssh *ssh)
|
||||
|
|
25
packet.h
25
packet.h
|
@ -22,8 +22,18 @@
|
|||
# include <openssl/bn.h>
|
||||
# ifdef OPENSSL_HAS_ECC
|
||||
# include <openssl/ec.h>
|
||||
# endif
|
||||
#endif
|
||||
# else /* OPENSSL_HAS_ECC */
|
||||
# define EC_KEY void
|
||||
# define EC_GROUP void
|
||||
# define EC_POINT void
|
||||
# endif /* OPENSSL_HAS_ECC */
|
||||
#else /* WITH_OPENSSL */
|
||||
# define BIGNUM void
|
||||
# define EC_KEY void
|
||||
# define EC_GROUP void
|
||||
# define EC_POINT void
|
||||
#endif /* WITH_OPENSSL */
|
||||
|
||||
#include <sys/signal.h>
|
||||
#include <sys/queue.h>
|
||||
|
||||
|
@ -182,4 +192,15 @@ const u_char *sshpkt_ptr(struct ssh *, size_t *lenp);
|
|||
extern struct ssh *active_state;
|
||||
#include "opacket.h"
|
||||
|
||||
#if !defined(WITH_OPENSSL)
|
||||
# undef BIGNUM
|
||||
# undef EC_KEY
|
||||
# undef EC_GROUP
|
||||
# undef EC_POINT
|
||||
#elif !defined(OPENSSL_HAS_ECC)
|
||||
# undef EC_KEY
|
||||
# undef EC_GROUP
|
||||
# undef EC_POINT
|
||||
#endif
|
||||
|
||||
#endif /* PACKET_H */
|
||||
|
|
|
@ -192,6 +192,7 @@ type_bits_valid(int type, const char *name, u_int32_t *bitsp)
|
|||
exit(1);
|
||||
}
|
||||
if (*bitsp == 0) {
|
||||
#ifdef WITH_OPENSSL
|
||||
if (type == KEY_DSA)
|
||||
*bitsp = DEFAULT_BITS_DSA;
|
||||
else if (type == KEY_ECDSA) {
|
||||
|
@ -200,8 +201,8 @@ type_bits_valid(int type, const char *name, u_int32_t *bitsp)
|
|||
*bitsp = sshkey_curve_nid_to_bits(nid);
|
||||
if (*bitsp == 0)
|
||||
*bitsp = DEFAULT_BITS_ECDSA;
|
||||
}
|
||||
else
|
||||
} else
|
||||
#endif
|
||||
*bitsp = DEFAULT_BITS;
|
||||
}
|
||||
#ifdef WITH_OPENSSL
|
||||
|
|
Loading…
Reference in New Issue