support --without-openssl at configure time

Disables and removes dependency on OpenSSL. Many features don't
work and the set of crypto options is greatly restricted. This
will only work on system with native arc4random or /dev/urandom.

Considered highly experimental for now.

Makefile.in

@@ -76,7 +76,7 @@ LIBOPENSSH_OBJS=\
 
 LIBSSH_OBJS=${LIBOPENSSH_OBJS} \
 	authfd.o authfile.o bufaux.o bufbn.o buffer.o \
-	canohost.o channels.o cipher.o cipher-aes.o \
+	canohost.o channels.o cipher.o cipher-aes.o cipher-aesctr.o \
 	cipher-bf1.o cipher-ctr.o cipher-3des1.o cleanup.o \
 	compat.o compress.o crc32.o deattack.o fatal.o hostfile.o \
 	log.o match.o md-sha256.o moduli.o nchan.o packet.o \
@@ -87,7 +87,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \
 	msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o \
 	ssh-pkcs11.o smult_curve25519_ref.o \
 	kexc25519.o kexc25519c.o poly1305.o chacha.o cipher-chachapoly.o \
-	ssh-ed25519.o digest-openssl.o hmac.o \
+	ssh-ed25519.o digest-openssl.o digest-libc.o hmac.o \
 	sc25519.o ge25519.o fe25519.o ed25519.o verify.o hash.o blocks.o
 
 SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \

bufbn.c

@@ -20,12 +20,15 @@
 
 #include "includes.h"
 
+#ifdef WITH_OPENSSL
+
 #include <sys/types.h>
 
 #include "buffer.h"
 #include "log.h"
 #include "ssherr.h"
 
+#ifdef WITH_SSH1
 int
 buffer_put_bignum_ret(Buffer *buffer, const BIGNUM *value)
 {
@@ -63,6 +66,7 @@ buffer_get_bignum(Buffer *buffer, BIGNUM *value)
 	if (buffer_get_bignum_ret(buffer, value) == -1)
 		fatal("%s: buffer error", __func__);
 }
+#endif /* WITH_SSH1 */
 
 int
 buffer_put_bignum2_ret(Buffer *buffer, const BIGNUM *value)
@@ -101,3 +105,5 @@ buffer_get_bignum2(Buffer *buffer, BIGNUM *value)
 	if (buffer_get_bignum2_ret(buffer, value) == -1)
 		fatal("%s: buffer error", __func__);
 }
+
+#endif /* WITH_OPENSSL */

cipher-aesctr.c

@@ -18,6 +18,8 @@
 #include <sys/types.h>
 #include <string.h>
 
+#ifndef WITH_OPENSSL
+
 #include "cipher-aesctr.h"
 
 /*
@@ -76,3 +78,4 @@ aesctr_encrypt_bytes(aesctr_ctx *x,const u8 *m,u8 *c,u32 bytes)
 		n = (n + 1) % AES_BLOCK_SIZE;
 	}
 }
+#endif /* !WITH_OPENSSL */

cipher-bf1.c

@@ -20,6 +20,8 @@
 
 #include "includes.h"
 
+#ifdef WITH_OPENSSL
+
 #include <sys/types.h>
 
 #include <stdarg.h>
@@ -98,3 +100,4 @@ evp_ssh1_bf(void)
 	ssh1_bf.key_len = 32;
 	return (&ssh1_bf);
 }
+#endif /* WITH_OPENSSL */

cipher-ctr.c

@@ -16,7 +16,7 @@
  */
 #include "includes.h"
 
-#ifndef OPENSSL_HAVE_EVPCTR
+#if defined(WITH_OPENSSL) && !defined(OPENSSL_HAVE_EVPCTR)
 #include <sys/types.h>
 
 #include <stdarg.h>
@@ -143,4 +143,4 @@ evp_aes_128_ctr(void)
 	return (&aes_ctr);
 }
 
-#endif /* OPENSSL_HAVE_EVPCTR */
+#endif /* defined(WITH_OPENSSL) && !defined(OPENSSL_HAVE_EVPCTR) */

configure.ac

@@ -121,14 +121,34 @@ AC_CHECK_DECL([PR_SET_NO_NEW_PRIVS], [have_linux_no_new_privs=1], , [
 	#include <linux/prctl.h>
 ])
 
+openssl=yes
 ssh1=yes
-AC_ARG_WITH([ssh1],
+AC_ARG_WITH([openssl],
-	[  --without-ssh1          Disable support for SSH protocol 1],
+	[  --without-openssl       Disable use of OpenSSL; use only limited internal crypto **EXPERIMENTAL** ],
 	[  if test "x$withval" = "xno" ; then
+		openssl=no
 		ssh1=no
 	   fi
 	]
 )
+AC_MSG_CHECKING([whether OpenSSL will be used for cryptography])
+if test "x$openssl" = "xyes" ; then
+	AC_MSG_RESULT([yes])
+	AC_DEFINE_UNQUOTED([WITH_OPENSSL], [1], [use libcrypto for cryptography])
+else
+	AC_MSG_RESULT([no])
+fi
+
+AC_ARG_WITH([ssh1],
+	[  --without-ssh1          Disable support for SSH protocol 1],
+	[
+		if test "x$withval" = "xno" ; then
+			ssh1=no
+		elif test "x$openssl" = "xno" ; then
+			AC_MSG_ERROR([Cannot enable SSH protocol 1 with OpenSSL disabled])
+		fi
+	]
+)
 AC_MSG_CHECKING([whether SSH protocol 1 support is enabled])
 if test "x$ssh1" = "xyes" ; then
 	AC_MSG_RESULT([yes])
@@ -1705,10 +1725,13 @@ AC_LINK_IFELSE(
 	[AC_DEFINE([HAVE_ISBLANK], [1], [Define if you have isblank(3C).])
 ])
 
-# PKCS#11 support requires dlopen() and co
+# PKCS11 depends on OpenSSL.
-AC_SEARCH_LIBS([dlopen], [dl],
+if test "x$openssl" = "xyes" ; then
-    [AC_DEFINE([ENABLE_PKCS11], [], [Enable for PKCS#11 support])]
+	# PKCS#11 support requires dlopen() and co
-)
+	AC_SEARCH_LIBS([dlopen], [dl],
+	    [AC_DEFINE([ENABLE_PKCS11], [], [Enable for PKCS#11 support])]
+	)
+fi
 
 # IRIX has a const char return value for gai_strerror()
 AC_CHECK_FUNCS([gai_strerror], [
@@ -2197,6 +2220,9 @@ saved_LDFLAGS="$LDFLAGS"
 AC_ARG_WITH([ssl-dir],
 	[  --with-ssl-dir=PATH     Specify path to OpenSSL installation ],
 	[
+		if test "x$openssl" = "xno" ; then
+			AC_MSG_ERROR([cannot use --with-ssl-dir when OpenSSL disabled])
+		fi
 		if test "x$withval" != "xno" ; then
 			case "$withval" in
 				# Relative paths
@@ -2229,443 +2255,456 @@ AC_ARG_WITH([ssl-dir],
 		fi
 	]
 )
-LIBS="-lcrypto $LIBS"
-AC_TRY_LINK_FUNC([RAND_add], [AC_DEFINE([HAVE_OPENSSL], [1],
-	[Define if your ssl headers are included
-	with #include <openssl/header.h>])],
-	[
-		dnl Check default openssl install dir
-		if test -n "${need_dash_r}"; then
-			LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
-		else
-			LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
-		fi
-		CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
-		AC_CHECK_HEADER([openssl/opensslv.h], ,
-		    [AC_MSG_ERROR([*** OpenSSL headers missing - please install first or check config.log ***])])
-		AC_TRY_LINK_FUNC([RAND_add], [AC_DEFINE([HAVE_OPENSSL])],
-			[
-				AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
-			]
-		)
-	]
-)
-
-# Determine OpenSSL header version
-AC_MSG_CHECKING([OpenSSL header version])
-AC_RUN_IFELSE(
-	[AC_LANG_PROGRAM([[
-#include <stdio.h>
-#include <string.h>
-#include <openssl/opensslv.h>
-#define DATA "conftest.sslincver"
-	]], [[
-	FILE *fd;
-	int rc;
-
-	fd = fopen(DATA,"w");
-	if(fd == NULL)
-		exit(1);
-
-	if ((rc = fprintf(fd ,"%08x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
-		exit(1);
-
-	exit(0);
-	]])],
-	[
-		ssl_header_ver=`cat conftest.sslincver`
-		AC_MSG_RESULT([$ssl_header_ver])
-	],
-	[
-		AC_MSG_RESULT([not found])
-		AC_MSG_ERROR([OpenSSL version header not found.])
-	],
-	[
-		AC_MSG_WARN([cross compiling: not checking])
-	]
-)
-
-# Determine OpenSSL library version
-AC_MSG_CHECKING([OpenSSL library version])
-AC_RUN_IFELSE(
-	[AC_LANG_PROGRAM([[
-#include <stdio.h>
-#include <string.h>
-#include <openssl/opensslv.h>
-#include <openssl/crypto.h>
-#define DATA "conftest.ssllibver"
-	]], [[
-	FILE *fd;
-	int rc;
-
-	fd = fopen(DATA,"w");
-	if(fd == NULL)
-		exit(1);
-
-	if ((rc = fprintf(fd ,"%08x (%s)\n", SSLeay(),
-	    SSLeay_version(SSLEAY_VERSION))) <0)
-		exit(1);
-
-	exit(0);
-	]])],
-	[
-		ssl_library_ver=`cat conftest.ssllibver`
-		# Check version is supported.
-		case "$ssl_library_ver" in
-			0090[[0-7]]*|009080[[0-5]]*)
-				AC_MSG_ERROR([OpenSSL >= 0.9.8f required (have "$ssl_library_ver")])
-		                ;;
-		        *) ;;
-		esac
-		AC_MSG_RESULT([$ssl_library_ver])
-	],
-	[
-		AC_MSG_RESULT([not found])
-		AC_MSG_ERROR([OpenSSL library not found.])
-	],
-	[
-		AC_MSG_WARN([cross compiling: not checking])
-	]
-)
-
-# XXX make --without-openssl work
-AC_DEFINE_UNQUOTED([WITH_OPENSSL], [1], [use libcrypto for cryptography])
 
 AC_ARG_WITH([openssl-header-check],
 	[  --without-openssl-header-check Disable OpenSSL version consistency check],
-	[  if test "x$withval" = "xno" ; then
-		openssl_check_nonfatal=1
-	   fi
-	]
-)
-
-# Sanity check OpenSSL headers
-AC_MSG_CHECKING([whether OpenSSL's headers match the library])
-AC_RUN_IFELSE(
-	[AC_LANG_PROGRAM([[
-#include <string.h>
-#include <openssl/opensslv.h>
-	]], [[
-	exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1);
-	]])],
 	[
-		AC_MSG_RESULT([yes])
+		if test "x$withval" = "xno" ; then
-	],
+			openssl_check_nonfatal=1
-	[
-		AC_MSG_RESULT([no])
-		if test "x$openssl_check_nonfatal" = "x"; then
-			AC_MSG_ERROR([Your OpenSSL headers do not match your
-library. Check config.log for details.
-If you are sure your installation is consistent, you can disable the check
-by running "./configure --without-openssl-header-check".
-Also see contrib/findssl.sh for help identifying header/library mismatches.
-])
-		else
-			AC_MSG_WARN([Your OpenSSL headers do not match your
-library. Check config.log for details.
-Also see contrib/findssl.sh for help identifying header/library mismatches.])
 		fi
-	],
-	[
-		AC_MSG_WARN([cross compiling: not checking])
 	]
 )
 
-AC_MSG_CHECKING([if programs using OpenSSL functions will link])
+openssl_engine=no
-AC_LINK_IFELSE(
-	[AC_LANG_PROGRAM([[ #include <openssl/evp.h> ]],
-	[[ SSLeay_add_all_algorithms(); ]])],
-	[
-		AC_MSG_RESULT([yes])
-	],
-	[
-		AC_MSG_RESULT([no])
-		saved_LIBS="$LIBS"
-		LIBS="$LIBS -ldl"
-		AC_MSG_CHECKING([if programs using OpenSSL need -ldl])
-		AC_LINK_IFELSE(
-			[AC_LANG_PROGRAM([[ #include <openssl/evp.h> ]],
-			[[ SSLeay_add_all_algorithms(); ]])],
-			[
-				AC_MSG_RESULT([yes])
-			],
-			[
-				AC_MSG_RESULT([no])
-				LIBS="$saved_LIBS"
-			]
-		)
-	]
-)
-
-AC_CHECK_FUNCS([ \
-	BN_is_prime_ex \
-	DSA_generate_parameters_ex \
-	EVP_DigestInit_ex \
-	EVP_DigestFinal_ex \
-	EVP_MD_CTX_init \
-	EVP_MD_CTX_cleanup \
-	EVP_MD_CTX_copy_ex \
-	HMAC_CTX_init \
-	RSA_generate_key_ex \
-	RSA_get_default_method \
-])
-
 AC_ARG_WITH([ssl-engine],
 	[  --with-ssl-engine       Enable OpenSSL (hardware) ENGINE support ],
-	[ if test "x$withval" != "xno" ; then
+	[
+		if test "x$openssl" = "xno" ; then
+			AC_MSG_ERROR([cannot use --with-ssl-engine when OpenSSL disabled])
+		fi
+		if test "x$withval" != "xno" ; then
+			openssl_engine=yes
+		fi
+	]
+)
+
+if test "x$openssl" = "xyes" ; then
+	LIBS="-lcrypto $LIBS"
+	AC_TRY_LINK_FUNC([RAND_add], [AC_DEFINE([HAVE_OPENSSL], [1],
+		[Define if your ssl headers are included
+		with #include <openssl/header.h>])],
+		[
+			dnl Check default openssl install dir
+			if test -n "${need_dash_r}"; then
+				LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
+			else
+				LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
+			fi
+			CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
+			AC_CHECK_HEADER([openssl/opensslv.h], ,
+			    [AC_MSG_ERROR([*** OpenSSL headers missing - please install first or check config.log ***])])
+			AC_TRY_LINK_FUNC([RAND_add], [AC_DEFINE([HAVE_OPENSSL])],
+				[
+					AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
+				]
+			)
+		]
+	)
+
+	# Determine OpenSSL header version
+	AC_MSG_CHECKING([OpenSSL header version])
+	AC_RUN_IFELSE(
+		[AC_LANG_PROGRAM([[
+	#include <stdio.h>
+	#include <string.h>
+	#include <openssl/opensslv.h>
+	#define DATA "conftest.sslincver"
+		]], [[
+		FILE *fd;
+		int rc;
+
+		fd = fopen(DATA,"w");
+		if(fd == NULL)
+			exit(1);
+
+		if ((rc = fprintf(fd ,"%08x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
+			exit(1);
+
+		exit(0);
+		]])],
+		[
+			ssl_header_ver=`cat conftest.sslincver`
+			AC_MSG_RESULT([$ssl_header_ver])
+		],
+		[
+			AC_MSG_RESULT([not found])
+			AC_MSG_ERROR([OpenSSL version header not found.])
+		],
+		[
+			AC_MSG_WARN([cross compiling: not checking])
+		]
+	)
+
+	# Determine OpenSSL library version
+	AC_MSG_CHECKING([OpenSSL library version])
+	AC_RUN_IFELSE(
+		[AC_LANG_PROGRAM([[
+	#include <stdio.h>
+	#include <string.h>
+	#include <openssl/opensslv.h>
+	#include <openssl/crypto.h>
+	#define DATA "conftest.ssllibver"
+		]], [[
+		FILE *fd;
+		int rc;
+
+		fd = fopen(DATA,"w");
+		if(fd == NULL)
+			exit(1);
+
+		if ((rc = fprintf(fd ,"%08x (%s)\n", SSLeay(),
+		    SSLeay_version(SSLEAY_VERSION))) <0)
+			exit(1);
+
+		exit(0);
+		]])],
+		[
+			ssl_library_ver=`cat conftest.ssllibver`
+			# Check version is supported.
+			case "$ssl_library_ver" in
+				0090[[0-7]]*|009080[[0-5]]*)
+					AC_MSG_ERROR([OpenSSL >= 0.9.8f required (have "$ssl_library_ver")])
+			                ;;
+			        *) ;;
+			esac
+			AC_MSG_RESULT([$ssl_library_ver])
+		],
+		[
+			AC_MSG_RESULT([not found])
+			AC_MSG_ERROR([OpenSSL library not found.])
+		],
+		[
+			AC_MSG_WARN([cross compiling: not checking])
+		]
+	)
+
+	# Sanity check OpenSSL headers
+	AC_MSG_CHECKING([whether OpenSSL's headers match the library])
+	AC_RUN_IFELSE(
+		[AC_LANG_PROGRAM([[
+	#include <string.h>
+	#include <openssl/opensslv.h>
+		]], [[
+		exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1);
+		]])],
+		[
+			AC_MSG_RESULT([yes])
+		],
+		[
+			AC_MSG_RESULT([no])
+			if test "x$openssl_check_nonfatal" = "x"; then
+				AC_MSG_ERROR([Your OpenSSL headers do not match your
+	library. Check config.log for details.
+	If you are sure your installation is consistent, you can disable the check
+	by running "./configure --without-openssl-header-check".
+	Also see contrib/findssl.sh for help identifying header/library mismatches.
+	])
+			else
+				AC_MSG_WARN([Your OpenSSL headers do not match your
+	library. Check config.log for details.
+	Also see contrib/findssl.sh for help identifying header/library mismatches.])
+			fi
+		],
+		[
+			AC_MSG_WARN([cross compiling: not checking])
+		]
+	)
+
+	AC_MSG_CHECKING([if programs using OpenSSL functions will link])
+	AC_LINK_IFELSE(
+		[AC_LANG_PROGRAM([[ #include <openssl/evp.h> ]],
+		[[ SSLeay_add_all_algorithms(); ]])],
+		[
+			AC_MSG_RESULT([yes])
+		],
+		[
+			AC_MSG_RESULT([no])
+			saved_LIBS="$LIBS"
+			LIBS="$LIBS -ldl"
+			AC_MSG_CHECKING([if programs using OpenSSL need -ldl])
+			AC_LINK_IFELSE(
+				[AC_LANG_PROGRAM([[ #include <openssl/evp.h> ]],
+				[[ SSLeay_add_all_algorithms(); ]])],
+				[
+					AC_MSG_RESULT([yes])
+				],
+				[
+					AC_MSG_RESULT([no])
+					LIBS="$saved_LIBS"
+				]
+			)
+		]
+	)
+
+	AC_CHECK_FUNCS([ \
+		BN_is_prime_ex \
+		DSA_generate_parameters_ex \
+		EVP_DigestInit_ex \
+		EVP_DigestFinal_ex \
+		EVP_MD_CTX_init \
+		EVP_MD_CTX_cleanup \
+		EVP_MD_CTX_copy_ex \
+		HMAC_CTX_init \
+		RSA_generate_key_ex \
+		RSA_get_default_method \
+	])
+
+	if test "x$openssl_engine" = "xyes" ; then
 		AC_MSG_CHECKING([for OpenSSL ENGINE support])
 		AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
-#include <openssl/engine.h>
+	#include <openssl/engine.h>
 			]], [[
-	ENGINE_load_builtin_engines();
+				ENGINE_load_builtin_engines();
-	ENGINE_register_all_complete();
+				ENGINE_register_all_complete();
 			]])],
 			[ AC_MSG_RESULT([yes])
 			  AC_DEFINE([USE_OPENSSL_ENGINE], [1],
 			     [Enable OpenSSL engine support])
 			], [ AC_MSG_ERROR([OpenSSL ENGINE support not found])
 		])
-	  fi ]
+	fi
-)
 
-# Check for OpenSSL without EVP_aes_{192,256}_cbc
+	# Check for OpenSSL without EVP_aes_{192,256}_cbc
-AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
+	AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
-AC_LINK_IFELSE(
+	AC_LINK_IFELSE(
-	[AC_LANG_PROGRAM([[
-#include <string.h>
-#include <openssl/evp.h>
-	]], [[
-	exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);
-	]])],
-	[
-		AC_MSG_RESULT([no])
-	],
-	[
-		AC_MSG_RESULT([yes])
-		AC_DEFINE([OPENSSL_LOBOTOMISED_AES], [1],
-		    [libcrypto is missing AES 192 and 256 bit functions])
-	]
-)
-
-# Check for OpenSSL with EVP_aes_*ctr
-AC_MSG_CHECKING([whether OpenSSL has AES CTR via EVP])
-AC_LINK_IFELSE(
-	[AC_LANG_PROGRAM([[
-#include <string.h>
-#include <openssl/evp.h>
-	]], [[
-	exit(EVP_aes_128_ctr() == NULL ||
-	    EVP_aes_192_cbc() == NULL ||
-	    EVP_aes_256_cbc() == NULL);
-	]])],
-	[
-		AC_MSG_RESULT([yes])
-		AC_DEFINE([OPENSSL_HAVE_EVPCTR], [1],
-		    [libcrypto has EVP AES CTR])
-	],
-	[
-		AC_MSG_RESULT([no])
-	]
-)
-
-# Check for OpenSSL with EVP_aes_*gcm
-AC_MSG_CHECKING([whether OpenSSL has AES GCM via EVP])
-AC_LINK_IFELSE(
-	[AC_LANG_PROGRAM([[
-#include <string.h>
-#include <openssl/evp.h>
-	]], [[
-	exit(EVP_aes_128_gcm() == NULL ||
-	    EVP_aes_256_gcm() == NULL ||
-	    EVP_CTRL_GCM_SET_IV_FIXED == 0 ||
-	    EVP_CTRL_GCM_IV_GEN == 0 ||
-	    EVP_CTRL_GCM_SET_TAG == 0 ||
-	    EVP_CTRL_GCM_GET_TAG == 0 ||
-	    EVP_CIPHER_CTX_ctrl(NULL, 0, 0, NULL) == 0);
-	]])],
-	[
-		AC_MSG_RESULT([yes])
-		AC_DEFINE([OPENSSL_HAVE_EVPGCM], [1],
-		    [libcrypto has EVP AES GCM])
-	],
-	[
-		AC_MSG_RESULT([no])
-		unsupported_algorithms="$unsupported_cipers \
-		   aes128-gcm@openssh.com aes256-gcm@openssh.com"
-	]
-)
-
-AC_SEARCH_LIBS([EVP_CIPHER_CTX_ctrl], [crypto],
-	[AC_DEFINE([HAVE_EVP_CIPHER_CTX_CTRL], [1],
-	    [Define if libcrypto has EVP_CIPHER_CTX_ctrl])])
-
-AC_MSG_CHECKING([if EVP_DigestUpdate returns an int])
-AC_LINK_IFELSE(
-	[AC_LANG_PROGRAM([[
-#include <string.h>
-#include <openssl/evp.h>
-	]], [[
-	if(EVP_DigestUpdate(NULL, NULL,0))
-		exit(0);
-	]])],
-	[
-		AC_MSG_RESULT([yes])
-	],
-	[
-		AC_MSG_RESULT([no])
-		AC_DEFINE([OPENSSL_EVP_DIGESTUPDATE_VOID], [1],
-		    [Define if EVP_DigestUpdate returns void])
-	]
-)
-
-# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
-# because the system crypt() is more featureful.
-if test "x$check_for_libcrypt_before" = "x1"; then
-	AC_CHECK_LIB([crypt], [crypt])
-fi
-
-# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
-# version in OpenSSL.
-if test "x$check_for_libcrypt_later" = "x1"; then
-	AC_CHECK_LIB([crypt], [crypt], [LIBS="$LIBS -lcrypt"])
-fi
-AC_CHECK_FUNCS([crypt DES_crypt])
-
-# Search for SHA256 support in libc and/or OpenSSL
-AC_CHECK_FUNCS([SHA256_Update EVP_sha256], ,
-    [unsupported_algorithms="$unsupported_algorithms \
-	hmac-sha2-256 hmac-sha2-512 \
-	diffie-hellman-group-exchange-sha256 \
-	hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com"
-     ]
-)
-# Search for RIPE-MD support in OpenSSL
-AC_CHECK_FUNCS([EVP_ripemd160], ,
-    [unsupported_algorithms="$unsupported_algorithms \
-	hmac-ripemd160
-	hmac-ripemd160@openssh.com
-	hmac-ripemd160-etm@openssh.com"
-     ]
-)
-
-# Check complete ECC support in OpenSSL
-AC_MSG_CHECKING([whether OpenSSL has NID_X9_62_prime256v1])
-AC_LINK_IFELSE(
-	[AC_LANG_PROGRAM([[
-#include <openssl/ec.h>
-#include <openssl/ecdh.h>
-#include <openssl/ecdsa.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/opensslv.h>
-#if OPENSSL_VERSION_NUMBER < 0x0090807f /* 0.9.8g */
-# error "OpenSSL < 0.9.8g has unreliable ECC code"
-#endif
-	]], [[
-	EC_KEY *e = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
-	const EVP_MD *m = EVP_sha256(); /* We need this too */
-	]])],
-	[ AC_MSG_RESULT([yes])
-	  enable_nistp256=1 ],
-	[ AC_MSG_RESULT([no]) ]
-)
-
-AC_MSG_CHECKING([whether OpenSSL has NID_secp384r1])
-AC_LINK_IFELSE(
-	[AC_LANG_PROGRAM([[
-#include <openssl/ec.h>
-#include <openssl/ecdh.h>
-#include <openssl/ecdsa.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/opensslv.h>
-#if OPENSSL_VERSION_NUMBER < 0x0090807f /* 0.9.8g */
-# error "OpenSSL < 0.9.8g has unreliable ECC code"
-#endif
-	]], [[
-	EC_KEY *e = EC_KEY_new_by_curve_name(NID_secp384r1);
-	const EVP_MD *m = EVP_sha384(); /* We need this too */
-	]])],
-	[ AC_MSG_RESULT([yes])
-	  enable_nistp384=1 ],
-	[ AC_MSG_RESULT([no]) ]
-)
-
-AC_MSG_CHECKING([whether OpenSSL has NID_secp521r1])
-AC_LINK_IFELSE(
-	[AC_LANG_PROGRAM([[
-#include <openssl/ec.h>
-#include <openssl/ecdh.h>
-#include <openssl/ecdsa.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/opensslv.h>
-#if OPENSSL_VERSION_NUMBER < 0x0090807f /* 0.9.8g */
-# error "OpenSSL < 0.9.8g has unreliable ECC code"
-#endif
-	]], [[
-	EC_KEY *e = EC_KEY_new_by_curve_name(NID_secp521r1);
-	const EVP_MD *m = EVP_sha512(); /* We need this too */
-	]])],
-	[ AC_MSG_RESULT([yes])
-	  AC_MSG_CHECKING([if OpenSSL's NID_secp521r1 is functional])
-	  AC_RUN_IFELSE(
 		[AC_LANG_PROGRAM([[
-#include <openssl/ec.h>
+	#include <string.h>
-#include <openssl/ecdh.h>
+	#include <openssl/evp.h>
-#include <openssl/ecdsa.h>
+		]], [[
-#include <openssl/evp.h>
+		exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);
-#include <openssl/objects.h>
+		]])],
-#include <openssl/opensslv.h>
+		[
-		]],[[
+			AC_MSG_RESULT([no])
-		EC_KEY *e = EC_KEY_new_by_curve_name(NID_secp521r1);
+		],
-		const EVP_MD *m = EVP_sha512(); /* We need this too */
+		[
-		exit(e == NULL || m == NULL);
+			AC_MSG_RESULT([yes])
+			AC_DEFINE([OPENSSL_LOBOTOMISED_AES], [1],
+			    [libcrypto is missing AES 192 and 256 bit functions])
+		]
+	)
+
+	# Check for OpenSSL with EVP_aes_*ctr
+	AC_MSG_CHECKING([whether OpenSSL has AES CTR via EVP])
+	AC_LINK_IFELSE(
+		[AC_LANG_PROGRAM([[
+	#include <string.h>
+	#include <openssl/evp.h>
+		]], [[
+		exit(EVP_aes_128_ctr() == NULL ||
+		    EVP_aes_192_cbc() == NULL ||
+		    EVP_aes_256_cbc() == NULL);
+		]])],
+		[
+			AC_MSG_RESULT([yes])
+			AC_DEFINE([OPENSSL_HAVE_EVPCTR], [1],
+			    [libcrypto has EVP AES CTR])
+		],
+		[
+			AC_MSG_RESULT([no])
+		]
+	)
+
+	# Check for OpenSSL with EVP_aes_*gcm
+	AC_MSG_CHECKING([whether OpenSSL has AES GCM via EVP])
+	AC_LINK_IFELSE(
+		[AC_LANG_PROGRAM([[
+	#include <string.h>
+	#include <openssl/evp.h>
+		]], [[
+		exit(EVP_aes_128_gcm() == NULL ||
+		    EVP_aes_256_gcm() == NULL ||
+		    EVP_CTRL_GCM_SET_IV_FIXED == 0 ||
+		    EVP_CTRL_GCM_IV_GEN == 0 ||
+		    EVP_CTRL_GCM_SET_TAG == 0 ||
+		    EVP_CTRL_GCM_GET_TAG == 0 ||
+		    EVP_CIPHER_CTX_ctrl(NULL, 0, 0, NULL) == 0);
+		]])],
+		[
+			AC_MSG_RESULT([yes])
+			AC_DEFINE([OPENSSL_HAVE_EVPGCM], [1],
+			    [libcrypto has EVP AES GCM])
+		],
+		[
+			AC_MSG_RESULT([no])
+			unsupported_algorithms="$unsupported_cipers \
+			   aes128-gcm@openssh.com aes256-gcm@openssh.com"
+		]
+	)
+
+	AC_SEARCH_LIBS([EVP_CIPHER_CTX_ctrl], [crypto],
+		[AC_DEFINE([HAVE_EVP_CIPHER_CTX_CTRL], [1],
+		    [Define if libcrypto has EVP_CIPHER_CTX_ctrl])])
+
+	AC_MSG_CHECKING([if EVP_DigestUpdate returns an int])
+	AC_LINK_IFELSE(
+		[AC_LANG_PROGRAM([[
+	#include <string.h>
+	#include <openssl/evp.h>
+		]], [[
+		if(EVP_DigestUpdate(NULL, NULL,0))
+			exit(0);
+		]])],
+		[
+			AC_MSG_RESULT([yes])
+		],
+		[
+			AC_MSG_RESULT([no])
+			AC_DEFINE([OPENSSL_EVP_DIGESTUPDATE_VOID], [1],
+			    [Define if EVP_DigestUpdate returns void])
+		]
+	)
+
+	# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
+	# because the system crypt() is more featureful.
+	if test "x$check_for_libcrypt_before" = "x1"; then
+		AC_CHECK_LIB([crypt], [crypt])
+	fi
+
+	# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
+	# version in OpenSSL.
+	if test "x$check_for_libcrypt_later" = "x1"; then
+		AC_CHECK_LIB([crypt], [crypt], [LIBS="$LIBS -lcrypt"])
+	fi
+
+	# Search for SHA256 support in libc and/or OpenSSL
+	AC_CHECK_FUNCS([SHA256_Update EVP_sha256], ,
+	    [unsupported_algorithms="$unsupported_algorithms \
+		hmac-sha2-256 hmac-sha2-512 \
+		diffie-hellman-group-exchange-sha256 \
+		hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com"
+	     ]
+	)
+	# Search for RIPE-MD support in OpenSSL
+	AC_CHECK_FUNCS([EVP_ripemd160], ,
+	    [unsupported_algorithms="$unsupported_algorithms \
+		hmac-ripemd160
+		hmac-ripemd160@openssh.com
+		hmac-ripemd160-etm@openssh.com"
+	     ]
+	)
+
+	# Check complete ECC support in OpenSSL
+	AC_MSG_CHECKING([whether OpenSSL has NID_X9_62_prime256v1])
+	AC_LINK_IFELSE(
+		[AC_LANG_PROGRAM([[
+	#include <openssl/ec.h>
+	#include <openssl/ecdh.h>
+	#include <openssl/ecdsa.h>
+	#include <openssl/evp.h>
+	#include <openssl/objects.h>
+	#include <openssl/opensslv.h>
+	#if OPENSSL_VERSION_NUMBER < 0x0090807f /* 0.9.8g */
+	# error "OpenSSL < 0.9.8g has unreliable ECC code"
+	#endif
+		]], [[
+		EC_KEY *e = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+		const EVP_MD *m = EVP_sha256(); /* We need this too */
 		]])],
 		[ AC_MSG_RESULT([yes])
-		  enable_nistp521=1 ],
+		  enable_nistp256=1 ],
-		[ AC_MSG_RESULT([no]) ],
+		[ AC_MSG_RESULT([no]) ]
-		[ AC_MSG_WARN([cross-compiling: assuming yes])
+	)
-		  enable_nistp521=1 ]
-	  )],
-	AC_MSG_RESULT([no])
-)
 
-COMMENT_OUT_ECC="#no ecc#"
+	AC_MSG_CHECKING([whether OpenSSL has NID_secp384r1])
-TEST_SSH_ECC=no
+	AC_LINK_IFELSE(
+		[AC_LANG_PROGRAM([[
+	#include <openssl/ec.h>
+	#include <openssl/ecdh.h>
+	#include <openssl/ecdsa.h>
+	#include <openssl/evp.h>
+	#include <openssl/objects.h>
+	#include <openssl/opensslv.h>
+	#if OPENSSL_VERSION_NUMBER < 0x0090807f /* 0.9.8g */
+	# error "OpenSSL < 0.9.8g has unreliable ECC code"
+	#endif
+		]], [[
+		EC_KEY *e = EC_KEY_new_by_curve_name(NID_secp384r1);
+		const EVP_MD *m = EVP_sha384(); /* We need this too */
+		]])],
+		[ AC_MSG_RESULT([yes])
+		  enable_nistp384=1 ],
+		[ AC_MSG_RESULT([no]) ]
+	)
 
-if test x$enable_nistp256 = x1 || test x$enable_nistp384 = x1 || \
+	AC_MSG_CHECKING([whether OpenSSL has NID_secp521r1])
-    test x$enable_nistp521 = x1; then
+	AC_LINK_IFELSE(
-	AC_DEFINE(OPENSSL_HAS_ECC, [1], [OpenSSL has ECC])
+		[AC_LANG_PROGRAM([[
-fi
+	#include <openssl/ec.h>
-if test x$enable_nistp256 = x1; then
+	#include <openssl/ecdh.h>
-	AC_DEFINE([OPENSSL_HAS_NISTP256], [1],
+	#include <openssl/ecdsa.h>
-	    [libcrypto has NID_X9_62_prime256v1])
+	#include <openssl/evp.h>
-	TEST_SSH_ECC=yes
+	#include <openssl/objects.h>
-	COMMENT_OUT_ECC=""
+	#include <openssl/opensslv.h>
-else
+	#if OPENSSL_VERSION_NUMBER < 0x0090807f /* 0.9.8g */
-	unsupported_algorithms="$unsupported_algorithms ecdsa-sha2-nistp256 \
+	# error "OpenSSL < 0.9.8g has unreliable ECC code"
-	    ecdh-sha2-nistp256 ecdsa-sha2-nistp256-cert-v01@openssh.com"
+	#endif
-fi
+		]], [[
-if test x$enable_nistp384 = x1; then
+		EC_KEY *e = EC_KEY_new_by_curve_name(NID_secp521r1);
-	AC_DEFINE([OPENSSL_HAS_NISTP384], [1], [libcrypto has NID_secp384r1])
+		const EVP_MD *m = EVP_sha512(); /* We need this too */
-	TEST_SSH_ECC=yes
+		]])],
-	COMMENT_OUT_ECC=""
+		[ AC_MSG_RESULT([yes])
-else
+		  AC_MSG_CHECKING([if OpenSSL's NID_secp521r1 is functional])
-	unsupported_algorithms="$unsupported_algorithms ecdsa-sha2-nistp384 \
+		  AC_RUN_IFELSE(
-	    ecdh-sha2-nistp384 ecdsa-sha2-nistp384-cert-v01@openssh.com"
+			[AC_LANG_PROGRAM([[
-fi
+	#include <openssl/ec.h>
-if test x$enable_nistp521 = x1; then
+	#include <openssl/ecdh.h>
-	AC_DEFINE([OPENSSL_HAS_NISTP521], [1], [libcrypto has NID_secp521r1])
+	#include <openssl/ecdsa.h>
-	TEST_SSH_ECC=yes
+	#include <openssl/evp.h>
-	COMMENT_OUT_ECC=""
+	#include <openssl/objects.h>
-else
+	#include <openssl/opensslv.h>
-	unsupported_algorithms="$unsupported_algorithms ecdh-sha2-nistp521 \
+			]],[[
-	    ecdsa-sha2-nistp521 ecdsa-sha2-nistp521-cert-v01@openssh.com"
+			EC_KEY *e = EC_KEY_new_by_curve_name(NID_secp521r1);
-fi
+			const EVP_MD *m = EVP_sha512(); /* We need this too */
+			exit(e == NULL || m == NULL);
+			]])],
+			[ AC_MSG_RESULT([yes])
+			  enable_nistp521=1 ],
+			[ AC_MSG_RESULT([no]) ],
+			[ AC_MSG_WARN([cross-compiling: assuming yes])
+			  enable_nistp521=1 ]
+		  )],
+		AC_MSG_RESULT([no])
+	)
 
-AC_SUBST([TEST_SSH_ECC])
+	COMMENT_OUT_ECC="#no ecc#"
-AC_SUBST([COMMENT_OUT_ECC])
+	TEST_SSH_ECC=no
+
+	if test x$enable_nistp256 = x1 || test x$enable_nistp384 = x1 || \
+	    test x$enable_nistp521 = x1; then
+		AC_DEFINE(OPENSSL_HAS_ECC, [1], [OpenSSL has ECC])
+	fi
+	if test x$enable_nistp256 = x1; then
+		AC_DEFINE([OPENSSL_HAS_NISTP256], [1],
+		    [libcrypto has NID_X9_62_prime256v1])
+		TEST_SSH_ECC=yes
+		COMMENT_OUT_ECC=""
+	else
+		unsupported_algorithms="$unsupported_algorithms ecdsa-sha2-nistp256 \
+		    ecdh-sha2-nistp256 ecdsa-sha2-nistp256-cert-v01@openssh.com"
+	fi
+	if test x$enable_nistp384 = x1; then
+		AC_DEFINE([OPENSSL_HAS_NISTP384], [1], [libcrypto has NID_secp384r1])
+		TEST_SSH_ECC=yes
+		COMMENT_OUT_ECC=""
+	else
+		unsupported_algorithms="$unsupported_algorithms ecdsa-sha2-nistp384 \
+		    ecdh-sha2-nistp384 ecdsa-sha2-nistp384-cert-v01@openssh.com"
+	fi
+	if test x$enable_nistp521 = x1; then
+		AC_DEFINE([OPENSSL_HAS_NISTP521], [1], [libcrypto has NID_secp521r1])
+		TEST_SSH_ECC=yes
+		COMMENT_OUT_ECC=""
+	else
+		unsupported_algorithms="$unsupported_algorithms ecdh-sha2-nistp521 \
+		    ecdsa-sha2-nistp521 ecdsa-sha2-nistp521-cert-v01@openssh.com"
+	fi
+
+	AC_SUBST([TEST_SSH_ECC])
+	AC_SUBST([COMMENT_OUT_ECC])
+else
+	AC_CHECK_LIB([crypt], [crypt], [LIBS="$LIBS -lcrypt"])
+	AC_CHECK_FUNCS([crypt DES_crypt])
+fi
 
 AC_CHECK_FUNCS([ \
 	arc4random \
@@ -2687,28 +2726,30 @@ LIBS="$saved_LIBS"
 ### Configure cryptographic random number support
 
 # Check wheter OpenSSL seeds itself
-AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
+if test "x$openssl" = "xyes" ; then
-AC_RUN_IFELSE(
+	AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
-	[AC_LANG_PROGRAM([[
+	AC_RUN_IFELSE(
-#include <string.h>
+		[AC_LANG_PROGRAM([[
-#include <openssl/rand.h>
+	#include <string.h>
-	]], [[
+	#include <openssl/rand.h>
-	exit(RAND_status() == 1 ? 0 : 1);
+		]], [[
-	]])],
+		exit(RAND_status() == 1 ? 0 : 1);
-	[
+		]])],
-		OPENSSL_SEEDS_ITSELF=yes
+		[
-		AC_MSG_RESULT([yes])
+			OPENSSL_SEEDS_ITSELF=yes
-	],
+			AC_MSG_RESULT([yes])
-	[
+		],
-		AC_MSG_RESULT([no])
+		[
-	],
+			AC_MSG_RESULT([no])
-	[
+		],
-		AC_MSG_WARN([cross compiling: assuming yes])
+		[
-		# This is safe, since we will fatal() at runtime if
+			AC_MSG_WARN([cross compiling: assuming yes])
-		# OpenSSL is not seeded correctly.
+			# This is safe, since we will fatal() at runtime if
-		OPENSSL_SEEDS_ITSELF=yes
+			# OpenSSL is not seeded correctly.
-	]
+			OPENSSL_SEEDS_ITSELF=yes
-)
+		]
+	)
+fi
 
 # PRNGD TCP socket
 AC_ARG_WITH([prngd-port],
@@ -2790,8 +2831,10 @@ elif test ! -z "$PRNGD_SOCKET" ; then
 	RAND_MSG="PRNGd socket $PRNGD_SOCKET"
 elif test ! -z "$OPENSSL_SEEDS_ITSELF" ; then
 	AC_DEFINE([OPENSSL_PRNG_ONLY], [1],
-		[Define if you want OpenSSL's internally seeded PRNG only])
+		[Define if you want the OpenSSL internally seeded PRNG only])
 	RAND_MSG="OpenSSL internal ONLY"
+elif test "x$openssl" = "xno" ; then
+	AC_MSG_WARN([OpenSSH will use /dev/urandom as a source of random numbers. It will fail if this device is not supported or accessible])
 else
 	AC_MSG_ERROR([OpenSSH has no source of random numbers. Please configure OpenSSL with an entropy source or re-run configure using one of the --with-prngd-port or --with-prngd-socket options])
 fi

digest-libc.c

@@ -18,15 +18,19 @@
 
 #include "includes.h"
 
+#ifndef WITH_OPENSSL
+
 #include <sys/types.h>
 #include <limits.h>
 #include <stdlib.h>
 #include <string.h>
 
+#if 0
 #include <md5.h>
 #include <rmd160.h>
 #include <sha1.h>
 #include <sha2.h>
+#endif
 
 #include "ssherr.h"
 #include "sshbuf.h"
@@ -89,30 +93,30 @@ const struct ssh_digest digests[SSH_DIGEST_MAX] = {
 		"SHA256",
 		SHA256_BLOCK_LENGTH,
 		SHA256_DIGEST_LENGTH,
-		sizeof(SHA2_CTX),
+		sizeof(SHA256_CTX),
-		(md_init_fn *) SHA256Init,
+		(md_init_fn *) SHA256_Init,
-		(md_update_fn *) SHA256Update,
+		(md_update_fn *) SHA256_Update,
-		(md_final_fn *) SHA256Final
+		(md_final_fn *) SHA256_Final
 	},
 	{
 		SSH_DIGEST_SHA384,
 		"SHA384",
 		SHA384_BLOCK_LENGTH,
 		SHA384_DIGEST_LENGTH,
-		sizeof(SHA2_CTX),
+		sizeof(SHA384_CTX),
-		(md_init_fn *) SHA384Init,
+		(md_init_fn *) SHA384_Init,
-		(md_update_fn *) SHA384Update,
+		(md_update_fn *) SHA384_Update,
-		(md_final_fn *) SHA384Final
+		(md_final_fn *) SHA384_Final
 	},
 	{
 		SSH_DIGEST_SHA512,
 		"SHA512",
 		SHA512_BLOCK_LENGTH,
 		SHA512_DIGEST_LENGTH,
-		sizeof(SHA2_CTX),
+		sizeof(SHA512_CTX),
-		(md_init_fn *) SHA512Init,
+		(md_init_fn *) SHA512_Init,
-		(md_update_fn *) SHA512Update,
+		(md_update_fn *) SHA512_Update,
-		(md_final_fn *) SHA512Final
+		(md_final_fn *) SHA512_Final
 	}
 };
 
@@ -257,3 +261,4 @@ ssh_digest_buffer(int alg, const struct sshbuf *b, u_char *d, size_t dlen)
 {
 	return ssh_digest_memory(alg, sshbuf_ptr(b), sshbuf_len(b), d, dlen);
 }
+#endif /* !WITH_OPENSSL */

digest-openssl.c

@@ -17,6 +17,8 @@
 
 #include "includes.h"
 
+#ifdef WITH_OPENSSL
+
 #include <sys/types.h>
 #include <limits.h>
 #include <stdlib.h>
@@ -200,3 +202,4 @@ ssh_digest_buffer(int alg, const struct sshbuf *b, u_char *d, size_t dlen)
 {
 	return ssh_digest_memory(alg, sshbuf_ptr(b), sshbuf_len(b), d, dlen);
 }
+#endif /* WITH_OPENSSL */

entropy.c

@@ -24,6 +24,8 @@
 
 #include "includes.h"
 
+#ifdef WITH_OPENSSL
+
 #include <sys/types.h>
 #include <sys/socket.h>
 #ifdef HAVE_SYS_UN_H
@@ -230,3 +232,13 @@ seed_rng(void)
 	if (RAND_status() != 1)
 		fatal("PRNG is not seeded");
 }
+
+#else /* WITH_OPENSSL */
+
+/* Handled in arc4random() */
+void
+seed_rng(void)
+{
+}
+
+#endif /* WITH_OPENSSL */

includes.h

@@ -167,7 +167,9 @@
 # endif
 #endif
 
+#ifdef WITH_OPENSSL
 #include <openssl/opensslv.h> /* For OPENSSL_VERSION_NUMBER */
+#endif
 
 #include "defines.h"
 

kex.c

@@ -90,9 +90,9 @@ static const struct kexalg kexalgs[] = {
 # endif /* OPENSSL_HAS_NISTP521 */
 #endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
-#ifdef HAVE_EVP_SHA256
+#if defined(HAVE_EVP_SHA256) || !defined(WITH_OPENSSL)
 	{ KEX_CURVE25519_SHA256, KEX_C25519_SHA256, 0, SSH_DIGEST_SHA256 },
-#endif /* HAVE_EVP_SHA256 */
+#endif /* HAVE_EVP_SHA256 || !WITH_OPENSSL */
 	{ NULL, -1, -1, -1},
 };
 

kexdh.c

@@ -25,6 +25,8 @@
 
 #include "includes.h"
 
+#ifdef WITH_OPENSSL
+
 #include <sys/types.h>
 
 #include <signal.h>
@@ -85,3 +87,4 @@ kex_dh_hash(
 	*hash = digest;
 	*hashlen = ssh_digest_bytes(SSH_DIGEST_SHA1);
 }
+#endif /* WITH_OPENSSL */

kexdhc.c

@@ -25,6 +25,8 @@
 
 #include "includes.h"
 
+#ifdef WITH_OPENSSL
+
 #include <sys/types.h>
 
 #include <openssl/dh.h>
@@ -159,3 +161,4 @@ kexdh_client(Kex *kex)
 	BN_clear_free(shared_secret);
 	kex_finish(kex);
 }
+#endif /* WITH_OPENSSL */

kexdhs.c

@@ -25,6 +25,8 @@
 
 #include "includes.h"
 
+#ifdef WITH_OPENSSL
+
 #include <sys/types.h>
 
 #include <stdarg.h>
@@ -158,3 +160,4 @@ kexdh_server(Kex *kex)
 	BN_clear_free(shared_secret);
 	kex_finish(kex);
 }
+#endif /* WITH_OPENSSL */

kexecdh.c

@@ -26,7 +26,7 @@
 
 #include "includes.h"
 
-#ifdef OPENSSL_HAS_ECC
+#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC)
 
 #include <sys/types.h>
 
@@ -94,4 +94,4 @@ kex_ecdh_hash(
 	*hash = digest;
 	*hashlen = ssh_digest_bytes(hash_alg);
 }
-#endif /* OPENSSL_HAS_ECC */
+#endif /* defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) */

kexecdhc.c

@@ -26,6 +26,8 @@
 
 #include "includes.h"
 
+#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC)
+
 #include <sys/types.h>
 
 #include <stdio.h>
@@ -42,8 +44,6 @@
 #include "dh.h"
 #include "ssh2.h"
 
-#ifdef OPENSSL_HAS_ECC
-
 #include <openssl/ecdh.h>
 
 void
@@ -156,10 +156,4 @@ kexecdh_client(Kex *kex)
 	BN_clear_free(shared_secret);
 	kex_finish(kex);
 }
-#else /* OPENSSL_HAS_ECC */
+#endif /* defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) */
-void
-kexecdh_client(Kex *kex)
-{
-	fatal("ECC support is not enabled");
-}
-#endif /* OPENSSL_HAS_ECC */

kexecdhs.c

@@ -26,6 +26,8 @@
 
 #include "includes.h"
 
+#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC)
+
 #include <sys/types.h>
 #include <string.h>
 #include <signal.h>
@@ -39,8 +41,6 @@
 #include "packet.h"
 #include "ssh2.h"
 
-#ifdef OPENSSL_HAS_ECC
-
 #include <openssl/ecdh.h>
 
 void
@@ -152,10 +152,4 @@ kexecdh_server(Kex *kex)
 	BN_clear_free(shared_secret);
 	kex_finish(kex);
 }
-#else /* OPENSSL_HAS_ECC */
+#endif /* defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) */
-void
-kexecdh_server(Kex *kex)
-{
-	fatal("ECC support is not enabled");
-}
-#endif /* OPENSSL_HAS_ECC */

kexgex.c

@@ -26,6 +26,8 @@
 
 #include "includes.h"
 
+#ifdef WITH_OPENSSL
+
 #include <sys/types.h>
 
 #include <openssl/evp.h>
@@ -96,3 +98,4 @@ kexgex_hash(
 	*hash = digest;
 	*hashlen = ssh_digest_bytes(hash_alg);
 }
+#endif /* WITH_OPENSSL */

kexgexc.c

@@ -26,6 +26,8 @@
 
 #include "includes.h"
 
+#ifdef WITH_OPENSSL
+
 #include <sys/types.h>
 
 #include <openssl/dh.h>
@@ -205,3 +207,4 @@ kexgex_client(Kex *kex)
 
 	kex_finish(kex);
 }
+#endif /* WITH_OPENSSL */

kexgexs.c

@@ -26,6 +26,8 @@
 
 #include "includes.h"
 
+#ifdef WITH_OPENSSL
+
 #include <sys/param.h>
 
 #include <stdarg.h>
@@ -206,3 +208,4 @@ kexgex_server(Kex *kex)
 
 	kex_finish(kex);
 }
+#endif /* WITH_OPENSSL */

krl.c

@@ -18,6 +18,8 @@
 
 #include "includes.h"
 
+#ifdef WITH_OPENSSL /* XXX just fix bignums and this is good */
+
 #include <sys/types.h>
 #include <sys/param.h>
 #include <openbsd-compat/sys-tree.h>
@@ -1282,3 +1284,4 @@ ssh_krl_file_contains_key(const char *path, const struct sshkey *key)
 		errno = oerrno;
 	return r;
 }
+#endif /* WITH_OPENSSL */

moduli.c

@@ -39,6 +39,8 @@
 
 #include "includes.h"
 
+#ifdef WITH_OPENSSL
+
 #include <sys/param.h>
 #include <sys/types.h>
 
@@ -802,3 +804,5 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted,
 
 	return (res);
 }
+
+#endif /* WITH_OPENSSL */

monitor_wrap.c

@@ -151,8 +151,10 @@ mm_request_receive(int sock, Buffer *m)
 	debug3("%s entering", __func__);
 
 	if (atomicio(read, sock, buf, sizeof(buf)) != sizeof(buf)) {
-		if (errno == EPIPE)
+		if (errno == EPIPE) {
+			error("%s: socket closed", __func__);
 			cleanup_exit(255);
+		}
 		fatal("%s: read: %s", __func__, strerror(errno));
 	}
 	msg_len = get_u32(buf);

openbsd-compat/Makefile.in

@@ -16,7 +16,7 @@ RANLIB=@RANLIB@
 INSTALL=@INSTALL@
 LDFLAGS=-L. @LDFLAGS@
 
-OPENBSD=base64.o basename.o bcrypt_pbkdf.o bindresvport.o blowfish.o daemon.o dirname.o fmt_scaled.o getcwd.o getgrouplist.o getopt_long.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o pwcache.o readpassphrase.o reallocarray.o realpath.o rresvport.o setenv.o setproctitle.o sha2.o sigact.o strlcat.o strlcpy.o strmode.o strnlen.o strptime.o strsep.o strtonum.o strtoll.o strtoul.o strtoull.o timingsafe_bcmp.o vis.o blowfish.o bcrypt_pbkdf.o explicit_bzero.o
+OPENBSD=base64.o basename.o bcrypt_pbkdf.o bindresvport.o blowfish.o daemon.o dirname.o fmt_scaled.o getcwd.o getgrouplist.o getopt_long.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o pwcache.o readpassphrase.o reallocarray.o realpath.o rresvport.o setenv.o setproctitle.o sha1.o sha2.o rmd160.o md5.o sigact.o strlcat.o strlcpy.o strmode.o strnlen.o strptime.o strsep.o strtonum.o strtoll.o strtoul.o strtoull.o timingsafe_bcmp.o vis.o blowfish.o bcrypt_pbkdf.o explicit_bzero.o
 
 COMPAT=arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o getrrsetbyname-ldns.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-poll.o bsd-setres_id.o bsd-snprintf.o bsd-statvfs.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xmmap.o xcrypt.o kludge-fd_set.o
 

openbsd-compat/arc4random.c

@@ -26,15 +26,19 @@
 
 #include "includes.h"
 
+#include <sys/types.h>
+
+#include <fcntl.h>
 #include <stdlib.h>
 #include <string.h>
 #include <unistd.h>
-#include <sys/types.h>
 
 #ifndef HAVE_ARC4RANDOM
 
+#ifdef WITH_OPENSSL
 #include <openssl/rand.h>
 #include <openssl/err.h>
+#endif
 
 #include "log.h"
 
@@ -73,14 +77,44 @@ _rs_init(u_char *buf, size_t n)
 	chacha_ivsetup(&rs, buf + KEYSZ);
 }
 
+#ifndef WITH_OPENSSL
+#define SSH_RANDOM_DEV "/dev/urandom"
+/* XXX use getrandom() if supported on Linux */
+static void
+getrnd(u_char *s, size_t len)
+{
+	int fd;
+	ssize_t r;
+	size_t o = 0;
+
+	if ((fd = open(SSH_RANDOM_DEV, O_RDONLY)) == -1)
+		fatal("Couldn't open %s: %s", SSH_RANDOM_DEV, strerror(errno));
+	while (o < len) {
+		r = read(fd, s + o, len - o);
+		if (r < 0) {
+			if (errno == EAGAIN || errno == EINTR ||
+			    errno == EWOULDBLOCK)
+				continue;
+			fatal("read %s: %s", SSH_RANDOM_DEV, strerror(errno));
+		}
+		o += r;
+	}
+	close(fd);
+}
+#endif
+
 static void
 _rs_stir(void)
 {
 	u_char rnd[KEYSZ + IVSZ];
 
+#ifdef WITH_OPENSSL
 	if (RAND_bytes(rnd, sizeof(rnd)) <= 0)
 		fatal("Couldn't obtain random bytes (error %ld)",
 		    ERR_get_error());
+#else
+	getrnd(rnd, sizeof(rnd));
+#endif
 
 	if (!rs_initialized) {
 		rs_initialized = 1;

openbsd-compat/bcrypt_pbkdf.c

@@ -32,6 +32,9 @@
 #endif
 
 #include "crypto_api.h"
+#ifdef SHA512_DIGEST_LENGTH
+# undef SHA512_DIGEST_LENGTH
+#endif
 #define SHA512_DIGEST_LENGTH crypto_hash_sha512_BYTES
 
 /*

openbsd-compat/openbsd-compat.h

@@ -43,7 +43,10 @@
 #include "readpassphrase.h"
 #include "vis.h"
 #include "getrrsetbyname.h"
+#include "sha1.h"
 #include "sha2.h"
+#include "rmd160.h"
+#include "md5.h"
 #include "blf.h"
 
 #ifndef HAVE_BASENAME

openbsd-compat/openssl-compat.c

@@ -19,6 +19,8 @@
 #define SSH_DONT_OVERLOAD_OPENSSL_FUNCS
 #include "includes.h"
 
+#ifdef WITH_OPENSSL
+
 #include <stdarg.h>
 #include <string.h>
 
@@ -78,3 +80,5 @@ ssh_OpenSSL_add_all_algorithms(void)
 	OPENSSL_config(NULL);
 }
 #endif
+
+#endif /* WITH_OPENSSL */

openbsd-compat/openssl-compat.h

@@ -20,6 +20,8 @@
 #define _OPENSSL_COMPAT_H
 
 #include "includes.h"
+#ifdef WITH_OPENSSL
+
 #include <openssl/opensslv.h>
 #include <openssl/evp.h>
 #include <openssl/rsa.h>
@@ -90,4 +92,5 @@ void ssh_OpenSSL_add_all_algorithms(void);
 
 #endif	/* SSH_DONT_OVERLOAD_OPENSSL_FUNCS */
 
+#endif /* WITH_OPENSSL */
 #endif /* _OPENSSL_COMPAT_H */

openbsd-compat/sha2.c

@@ -38,13 +38,18 @@
 
 #include "includes.h"
 
-#include <openssl/opensslv.h>
+#ifdef WITH_OPENSSL
+# include <openssl/opensslv.h>
+# if !defined(HAVE_EVP_SHA256) && (OPENSSL_VERSION_NUMBER >= 0x00907000L)
+#  define _NEED_SHA2 1
+# endif
+#else
+# define _NEED_SHA2 1
+#endif
+
+#if defined(_NEED_SHA2) && !defined(HAVE_SHA256_UPDATE)
 
-#if !defined(HAVE_EVP_SHA256) && !defined(HAVE_SHA256_UPDATE) && \
-    (OPENSSL_VERSION_NUMBER >= 0x00907000L)
-#include <sys/types.h>
 #include <string.h>
-#include "sha2.h"
 
 /*
  * UNROLLED TRANSFORM LOOP NOTE:
@@ -838,7 +843,6 @@ SHA512_Final(u_int8_t digest[SHA512_DIGEST_LENGTH], SHA512_CTX *context)
 }
 
 
-#if 0
 /*** SHA-384: *********************************************************/
 void
 SHA384_Init(SHA384_CTX *context)
@@ -851,9 +855,29 @@ SHA384_Init(SHA384_CTX *context)
 	context->bitcount[0] = context->bitcount[1] = 0;
 }
 
+#if 0
 __weak_alias(SHA384_Transform, SHA512_Transform);
 __weak_alias(SHA384_Update, SHA512_Update);
 __weak_alias(SHA384_Pad, SHA512_Pad);
+#endif
+
+void
+SHA384_Transform(u_int64_t state[8], const u_int8_t data[SHA512_BLOCK_LENGTH])
+{
+	return SHA512_Transform(state, data);
+}
+
+void
+SHA384_Update(SHA512_CTX *context, const u_int8_t *data, size_t len)
+{
+	SHA512_Update(context, data, len);
+}
+
+void
+SHA384_Pad(SHA512_CTX *context)
+{
+	SHA512_Pad(context);
+}
 
 void
 SHA384_Final(u_int8_t digest[SHA384_DIGEST_LENGTH], SHA384_CTX *context)
@@ -876,7 +900,5 @@ SHA384_Final(u_int8_t digest[SHA384_DIGEST_LENGTH], SHA384_CTX *context)
 	/* Zero out state data */
 	memset(context, 0, sizeof(*context));
 }
-#endif
 
-#endif /* !defined(HAVE_EVP_SHA256) && !defined(HAVE_SHA256_UPDATE) && \
+#endif /* defined(_NEED_SHA2) && !defined(HAVE_SHA256_UPDATE) */
-    (OPENSSL_VERSION_NUMBER >= 0x00907000L) */

openbsd-compat/sha2.h

@@ -41,10 +41,16 @@
 
 #include "includes.h"
 
-#include <openssl/opensslv.h>
+#ifdef WITH_OPENSSL
+# include <openssl/opensslv.h>
+# if !defined(HAVE_EVP_SHA256) && (OPENSSL_VERSION_NUMBER >= 0x00907000L)
+#  define _NEED_SHA2 1
+# endif
+#else
+# define _NEED_SHA2 1
+#endif
 
-#if !defined(HAVE_EVP_SHA256) && !defined(HAVE_SHA256_UPDATE) && \
+#if defined(_NEED_SHA2) && !defined(HAVE_SHA256_UPDATE)
-    (OPENSSL_VERSION_NUMBER >= 0x00907000L)
 
 /*** SHA-256/384/512 Various Length Definitions ***********************/
 #define SHA256_BLOCK_LENGTH		64
@@ -70,9 +76,7 @@ typedef struct _SHA512_CTX {
 	u_int8_t	buffer[SHA512_BLOCK_LENGTH];
 } SHA512_CTX;
 
-#if 0
 typedef SHA512_CTX SHA384_CTX;
-#endif
 
 void SHA256_Init(SHA256_CTX *);
 void SHA256_Transform(u_int32_t state[8], const u_int8_t [SHA256_BLOCK_LENGTH]);
@@ -91,7 +95,6 @@ char *SHA256_Data(const u_int8_t *, size_t, char *)
 	__attribute__((__bounded__(__string__,1,2)))
 	__attribute__((__bounded__(__minbytes__,3,SHA256_DIGEST_STRING_LENGTH)));
 
-#if 0
 void SHA384_Init(SHA384_CTX *);
 void SHA384_Transform(u_int64_t state[8], const u_int8_t [SHA384_BLOCK_LENGTH]);
 void SHA384_Update(SHA384_CTX *, const u_int8_t *, size_t)
@@ -108,7 +111,6 @@ char *SHA384_FileChunk(const char *, char *, off_t, off_t)
 char *SHA384_Data(const u_int8_t *, size_t, char *)
 	__attribute__((__bounded__(__string__,1,2)))
 	__attribute__((__bounded__(__minbytes__,3,SHA384_DIGEST_STRING_LENGTH)));
-#endif /* 0 */
 
 void SHA512_Init(SHA512_CTX *);
 void SHA512_Transform(u_int64_t state[8], const u_int8_t [SHA512_BLOCK_LENGTH]);
@@ -127,7 +129,6 @@ char *SHA512_Data(const u_int8_t *, size_t, char *)
 	__attribute__((__bounded__(__string__,1,2)))
 	__attribute__((__bounded__(__minbytes__,3,SHA512_DIGEST_STRING_LENGTH)));
 
-#endif /* !defined(HAVE_EVP_SHA256) && !defined(HAVE_SHA256_UPDATE) && \
+#endif /* defined(_NEED_SHA2) && !defined(HAVE_SHA256_UPDATE) */
-    (OPENSSL_VERSION_NUMBER >= 0x00907000L) */
 
 #endif /* _SSHSHA2_H */

openbsd-compat/xcrypt.c

@@ -57,7 +57,7 @@
 #  include "md5crypt.h"
 # endif
 
-# if !defined(HAVE_CRYPT) && defined(HAVE_DES_CRYPT)
+# if defined(WITH_OPENSSL) && !defined(HAVE_CRYPT) && defined(HAVE_DES_CRYPT)
 #  include <openssl/des.h>
 #  define crypt DES_crypt
 # endif

packet.c

@@ -1612,6 +1612,7 @@ packet_get_ecpoint(const EC_GROUP *curve, EC_POINT *point)
 	buffer_get_ecpoint(&active_state->incoming_packet, curve, point);
 }
 #endif
+#endif
 
 void *
 packet_get_raw(u_int *length_ptr)
@@ -1622,7 +1623,6 @@ packet_get_raw(u_int *length_ptr)
 		*length_ptr = bytes;
 	return buffer_ptr(&active_state->incoming_packet);
 }
-#endif
 
 int
 packet_remaining(void)

ssh-add.c

@@ -70,11 +70,13 @@ extern char *__progname;
 
 /* Default files to add */
 static char *default_files[] = {
+#ifdef WITH_OPENSSL
 	_PATH_SSH_CLIENT_ID_RSA,
 	_PATH_SSH_CLIENT_ID_DSA,
 #ifdef OPENSSL_HAS_ECC
 	_PATH_SSH_CLIENT_ID_ECDSA,
 #endif
+#endif /* WITH_OPENSSL */
 	_PATH_SSH_CLIENT_ID_ED25519,
 	_PATH_SSH_CLIENT_IDENTITY,
 	NULL
@@ -440,7 +442,9 @@ main(int argc, char **argv)
 	__progname = ssh_get_progname(argv[0]);
 	seed_rng();
 
+#ifdef WITH_OPENSSL
 	OpenSSL_add_all_algorithms();
+#endif
 
 	setvbuf(stdout, NULL, _IOLBF, 0);
 

ssh-dss.c

@@ -25,6 +25,8 @@
 
 #include "includes.h"
 
+#ifdef WITH_OPENSSL
+
 #include <sys/types.h>
 
 #include <openssl/bn.h>
@@ -217,3 +219,4 @@ ssh_dss_verify(const struct sshkey *key,
 	}
 	return ret;
 }
+#endif /* WITH_OPENSSL */

ssh-ecdsa.c

@@ -26,7 +26,7 @@
 
 #include "includes.h"
 
-#ifdef OPENSSL_HAS_ECC
+#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC)
 
 #include <sys/types.h>
 
@@ -189,4 +189,4 @@ ssh_ecdsa_verify(const struct sshkey *key,
 	return ret;
 }
 
-#endif /* OPENSSL_HAS_ECC */
+#endif /* WITH_OPENSSL && OPENSSL_HAS_ECC */

ssh-keygen.c

@@ -19,9 +19,11 @@
 #include <sys/stat.h>
 #include <sys/param.h>
 
+#ifdef WITH_OPENSSL
 #include <openssl/evp.h>
 #include <openssl/pem.h>
 #include "openbsd-compat/openssl-compat.h"
+#endif
 
 #include <errno.h>
 #include <fcntl.h>
@@ -179,7 +181,9 @@ int prime_test(FILE *, FILE *, u_int32_t, u_int32_t, char *, unsigned long,
 static void
 type_bits_valid(int type, u_int32_t *bitsp)
 {
+#ifdef WITH_OPENSSL
 	u_int maxbits;
+#endif
 
 	if (type == KEY_UNSPEC) {
 		fprintf(stderr, "unknown key type %s\n", key_type_name);
@@ -193,13 +197,13 @@ type_bits_valid(int type, u_int32_t *bitsp)
 		else
 			*bitsp = DEFAULT_BITS;
 	}
+#ifdef WITH_OPENSSL
 	maxbits = (type == KEY_DSA) ?
 	    OPENSSL_DSA_MAX_MODULUS_BITS : OPENSSL_RSA_MAX_MODULUS_BITS;
 	if (*bitsp > maxbits) {
 		fprintf(stderr, "key bits exceeds maximum %d\n", maxbits);
 		exit(1);
 	}
-#ifdef WITH_OPENSSL
 	if (type == KEY_DSA && *bitsp != 1024)
 		fatal("DSA keys must be 1024 bits");
 	else if (type != KEY_ECDSA && type != KEY_ED25519 && *bitsp < 768)
@@ -2102,10 +2106,12 @@ update_krl_from_file(struct passwd *pw, const char *file, const Key *ca,
 		fclose(krl_spec);
 	free(path);
 }
+#endif /* WITH_OPENSSL */
 
 static void
 do_gen_krl(struct passwd *pw, int updating, int argc, char **argv)
 {
+#ifdef WITH_OPENSSL
 	struct ssh_krl *krl;
 	struct stat sb;
 	Key *ca = NULL;
@@ -2155,11 +2161,15 @@ do_gen_krl(struct passwd *pw, int updating, int argc, char **argv)
 	ssh_krl_free(krl);
 	if (ca != NULL)
 		key_free(ca);
+#else /* WITH_OPENSSL */
+	fatal("KRLs not supported without OpenSSL");
+#endif /* WITH_OPENSSL */
 }
 
 static void
 do_check_krl(struct passwd *pw, int argc, char **argv)
 {
+#ifdef WITH_OPENSSL
 	int i, r, ret = 0;
 	char *comment;
 	struct ssh_krl *krl;
@@ -2182,8 +2192,10 @@ do_check_krl(struct passwd *pw, int argc, char **argv)
 	}
 	ssh_krl_free(krl);
 	exit(ret);
+#else /* WITH_OPENSSL */
+	fatal("KRLs not supported without OpenSSL");
+#endif /* WITH_OPENSSL */
 }
-#endif
 
 static void
 usage(void)
@@ -2249,7 +2261,9 @@ main(int argc, char **argv)
 
 	__progname = ssh_get_progname(argv[0]);
 
+#ifdef WITH_OPENSSL
 	OpenSSL_add_all_algorithms();
+#endif
 	log_init(argv[0], SYSLOG_LEVEL_INFO, SYSLOG_FACILITY_USER, 1);
 
 	seed_rng();
@@ -2427,6 +2441,7 @@ main(int argc, char **argv)
 				fatal("Invalid number: %s (%s)",
 					optarg, errstr);
 			break;
+#ifdef WITH_OPENSSL
 		case 'M':
 			memory = (u_int32_t)strtonum(optarg, 1, UINT_MAX, &errstr);
 			if (errstr)
@@ -2454,6 +2469,7 @@ main(int argc, char **argv)
 			if (BN_hex2bn(&start, optarg) == 0)
 				fatal("Invalid start point.");
 			break;
+#endif /* WITH_OPENSSL */
 		case 'V':
 			parse_cert_times(optarg);
 			break;
@@ -2493,7 +2509,6 @@ main(int argc, char **argv)
 		printf("Cannot use -l with -H or -R.\n");
 		usage();
 	}
-#ifdef WITH_OPENSSL
 	if (gen_krl) {
 		do_gen_krl(pw, update_krl, argc, argv);
 		return (0);
@@ -2502,7 +2517,6 @@ main(int argc, char **argv)
 		do_check_krl(pw, argc, argv);
 		return (0);
 	}
-#endif
 	if (ca_key_path != NULL) {
 		if (cert_key_id == NULL)
 			fatal("Must specify key id (-I) when certifying");

ssh-keysign.c

@@ -35,9 +35,11 @@
 #include <string.h>
 #include <unistd.h>
 
+#ifdef WITH_OPENSSL
 #include <openssl/evp.h>
 #include <openssl/rand.h>
 #include <openssl/rsa.h>
+#endif
 
 #include "xmalloc.h"
 #include "log.h"
@@ -161,7 +163,9 @@ main(int argc, char **argv)
 	u_char *signature, *data;
 	char *host, *fp;
 	u_int slen, dlen;
+#ifdef WITH_OPENSSL
 	u_int32_t rnd[256];
+#endif
 
 	/* Ensure that stdin and stdout are connected */
 	if ((fd = open(_PATH_DEVNULL, O_RDWR)) < 2)
@@ -204,9 +208,11 @@ main(int argc, char **argv)
 	if (found == 0)
 		fatal("could not open any host key");
 
+#ifdef WITH_OPENSSL
 	OpenSSL_add_all_algorithms();
 	arc4random_buf(rnd, sizeof(rnd));
 	RAND_seed(rnd, sizeof(rnd));
+#endif
 
 	found = 0;
 	for (i = 0; i < NUM_KEYTYPES; i++) {

ssh-rsa.c

@@ -17,6 +17,8 @@
 
 #include "includes.h"
 
+#ifdef WITH_OPENSSL
+
 #include <sys/types.h>
 
 #include <openssl/evp.h>
@@ -263,3 +265,4 @@ done:
 	}
 	return ret;
 }
+#endif /* WITH_OPENSSL */

sshd.c

@@ -623,7 +623,9 @@ privsep_preauth_child(void)
 
 	arc4random_stir();
 	arc4random_buf(rnd, sizeof(rnd));
+#ifdef WITH_OPENSSL
 	RAND_seed(rnd, sizeof(rnd));
+#endif
 	explicit_bzero(rnd, sizeof(rnd));
 
 	/* Demote the private keys to public keys. */
@@ -758,7 +760,9 @@ privsep_postauth(Authctxt *authctxt)
 
 	arc4random_stir();
 	arc4random_buf(rnd, sizeof(rnd));
+#ifdef WITH_OPENSSL
 	RAND_seed(rnd, sizeof(rnd));
+#endif
 	explicit_bzero(rnd, sizeof(rnd));
 
 	/* Drop privileges */
@@ -988,7 +992,7 @@ send_rexec_state(int fd, Buffer *conf)
 #endif
 		buffer_put_int(&m, 0);
 
-#ifndef OPENSSL_PRNG_ONLY
+#if defined(WITH_OPENSSL) && !defined(OPENSSL_PRNG_ONLY)
 	rexec_send_rng_seed(&m);
 #endif
 
@@ -1041,7 +1045,7 @@ recv_rexec_state(int fd, Buffer *conf)
 #endif
 	}
 
-#ifndef OPENSSL_PRNG_ONLY
+#if defined(WITH_OPENSSL) && !defined(OPENSSL_PRNG_ONLY)
 	rexec_recv_rng_seed(&m);
 #endif
 
@@ -1372,7 +1376,9 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
 			 */
 			arc4random_stir();
 			arc4random_buf(rnd, sizeof(rnd));
+#ifdef WITH_OPENSSL
 			RAND_seed(rnd, sizeof(rnd));
+#endif
 			explicit_bzero(rnd, sizeof(rnd));
 		}