repair --without-openssl; broken in refactor

2015-01-30 23:10:17 +11:00 · 2015-01-30 23:10:17 +11:00 · 773dda25e8
parent e89c780886
commit 773dda25e8
6 changed files with 64 additions and 6 deletions
--- a/kex.h
+++ b/kex.h
@ -34,6 +34,20 @@
 #include "leakmalloc.h"
 #endif

+#ifdef WITH_OPENSSL
+# ifdef OPENSSL_HAS_ECC
+#  include <openssl/ec.h>
+# else /* OPENSSL_HAS_ECC */
+#  define EC_KEY	void
+#  define EC_GROUP	void
+#  define EC_POINT	void
+# endif /* OPENSSL_HAS_ECC */
+#else /* WITH_OPENSSL */
+# define EC_KEY		void
+# define EC_GROUP	void
+# define EC_POINT	void
+#endif /* WITH_OPENSSL */
+
 #define KEX_COOKIE_LEN	16

 #define	KEX_DH1			"diffie-hellman-group1-sha1"
@ -204,4 +218,10 @@ derive_ssh1_session_id(BIGNUM *, BIGNUM *, u_int8_t[8], u_int8_t[16]);
 void	dump_digest(char *, u_char *, int);
 #endif

+#if !defined(WITH_OPENSSL) || !defined(OPENSSL_HAS_ECC)
+# undef EC_KEY
+# undef EC_GROUP
+# undef EC_POINT
+#endif
+
 #endif
--- a/monitor.c
+++ b/monitor.c
@ -1848,11 +1848,13 @@ monitor_apply_keystate(struct monitor *pmonitor)

 	if ((kex = ssh->kex) != 0) {
 		/* XXX set callbacks */
+#ifdef WITH_OPENSSL
 		kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
 		kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
 		kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
 		kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
 		kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
+#endif /* WITH_OPENSSL */
 		kex->kex[KEX_C25519_SHA256] = kexc25519_server;
 		kex->load_host_public_key=&get_hostkey_public_by_type;
 		kex->load_host_private_key=&get_hostkey_private_by_type;
--- a/packet.c
+++ b/packet.c
@ -788,10 +788,10 @@ ssh_packet_set_compress_hooks(struct ssh *ssh, void *ctx,
 * encrypted independently of each other.
 */

-#ifdef WITH_OPENSSL
 void
 ssh_packet_set_encryption_key(struct ssh *ssh, const u_char *key, u_int keylen, int number)
 {
+#ifdef WITH_SSH1
 	struct session_state *state = ssh->state;
 	const struct sshcipher *cipher = cipher_by_number(number);
 	int r;
@ -816,8 +816,8 @@ ssh_packet_set_encryption_key(struct ssh *ssh, const u_char *key, u_int keylen,
 		error("Warning: %s", wmsg);
 		state->cipher_warning_done = 1;
 	}
+#endif /* WITH_SSH1 */
 }
-#endif

 /*
 * Finalizes and sends the packet.  If the encryption key has been set,
@ -2727,23 +2727,29 @@ sshpkt_put_stringb(struct ssh *ssh, const struct sshbuf *v)
 	return sshbuf_put_stringb(ssh->state->outgoing_packet, v);
 }

+#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC)
 int
 sshpkt_put_ec(struct ssh *ssh, const EC_POINT *v, const EC_GROUP *g)
 {
 	return sshbuf_put_ec(ssh->state->outgoing_packet, v, g);
 }
+#endif /* WITH_OPENSSL && OPENSSL_HAS_ECC */

+#ifdef WITH_SSH1
 int
 sshpkt_put_bignum1(struct ssh *ssh, const BIGNUM *v)
 {
 	return sshbuf_put_bignum1(ssh->state->outgoing_packet, v);
 }
+#endif /* WITH_SSH1 */

+#ifdef WITH_OPENSSL
 int
 sshpkt_put_bignum2(struct ssh *ssh, const BIGNUM *v)
 {
 	return sshbuf_put_bignum2(ssh->state->outgoing_packet, v);
 }
+#endif /* WITH_OPENSSL */

 /* fetch data from the incoming packet */

@ -2789,23 +2795,29 @@ sshpkt_get_cstring(struct ssh *ssh, char **valp, size_t *lenp)
 	return sshbuf_get_cstring(ssh->state->incoming_packet, valp, lenp);
 }

+#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC)
 int
 sshpkt_get_ec(struct ssh *ssh, EC_POINT *v, const EC_GROUP *g)
 {
 	return sshbuf_get_ec(ssh->state->incoming_packet, v, g);
 }
+#endif /* WITH_OPENSSL && OPENSSL_HAS_ECC */

+#ifdef WITH_SSH1
 int
 sshpkt_get_bignum1(struct ssh *ssh, BIGNUM *v)
 {
 	return sshbuf_get_bignum1(ssh->state->incoming_packet, v);
 }
+#endif /* WITH_SSH1 */

+#ifdef WITH_OPENSSL
 int
 sshpkt_get_bignum2(struct ssh *ssh, BIGNUM *v)
 {
 	return sshbuf_get_bignum2(ssh->state->incoming_packet, v);
 }
+#endif /* WITH_OPENSSL */

 int
 sshpkt_get_end(struct ssh *ssh)
--- a/packet.h
+++ b/packet.h
@ -22,8 +22,18 @@
 # include <openssl/bn.h>
 # ifdef OPENSSL_HAS_ECC
 #  include <openssl/ec.h>
-# endif
-#endif
+# else /* OPENSSL_HAS_ECC */
+#  define EC_KEY	void
+#  define EC_GROUP	void
+#  define EC_POINT	void
+# endif /* OPENSSL_HAS_ECC */
+#else /* WITH_OPENSSL */
+# define BIGNUM		void
+# define EC_KEY		void
+# define EC_GROUP	void
+# define EC_POINT	void
+#endif /* WITH_OPENSSL */
+
 #include <sys/signal.h>
 #include <sys/queue.h>

@ -182,4 +192,15 @@ const u_char	*sshpkt_ptr(struct ssh *, size_t *lenp);
 extern struct ssh *active_state;
 #include "opacket.h"

+#if !defined(WITH_OPENSSL)
+# undef BIGNUM
+# undef EC_KEY
+# undef EC_GROUP
+# undef EC_POINT
+#elif !defined(OPENSSL_HAS_ECC)
+# undef EC_KEY
+# undef EC_GROUP
+# undef EC_POINT
+#endif
+
 #endif				/* PACKET_H */
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@ -192,6 +192,7 @@ type_bits_valid(int type, const char *name, u_int32_t *bitsp)
 		exit(1);
 	}
 	if (*bitsp == 0) {
+#ifdef WITH_OPENSSL
 		if (type == KEY_DSA)
 			*bitsp = DEFAULT_BITS_DSA;
 		else if (type == KEY_ECDSA) {
@ -200,8 +201,8 @@ type_bits_valid(int type, const char *name, u_int32_t *bitsp)
 				*bitsp = sshkey_curve_nid_to_bits(nid);
 			if (*bitsp == 0)
 				*bitsp = DEFAULT_BITS_ECDSA;
-		}
-		else
+		} else
+#endif
 			*bitsp = DEFAULT_BITS;
 	}
 #ifdef WITH_OPENSSL
--- a/ssh_api.c
+++ b/ssh_api.c
@ -81,7 +81,9 @@ ssh_init(struct ssh **sshp, int is_server, struct kex_params *kex_params)
 	int r;

 	if (!called) {
+#ifdef WITH_OPENSSL
 		OpenSSL_add_all_algorithms();
+#endif /* WITH_OPENSSL */
 		called = 1;
 	}