- (dtucker) [kex.h key.c packet.h ssh-agent.c ssh.c] A few more ECC ifdefs

for missing headers and compiler warnings.
This commit is contained in:
Darren Tucker 2010-09-10 12:28:24 +10:00
parent 6af914a15c
commit 8ccb7392e7
6 changed files with 31 additions and 5 deletions

View File

@ -66,6 +66,8 @@
[kexecdhc.c kexecdhs.c key.c key.h myproposal.h packet.c readconf.c] [kexecdhc.c kexecdhs.c key.c key.h myproposal.h packet.c readconf.c]
[ssh-agent.c ssh-ecdsa.c ssh-keygen.c ssh.c] Disable ECDH and ECDSA on [ssh-agent.c ssh-ecdsa.c ssh-keygen.c ssh.c] Disable ECDH and ECDSA on
platforms that don't have the requisite OpenSSL support. ok dtucker@ platforms that don't have the requisite OpenSSL support. ok dtucker@
- (dtucker) [kex.h key.c packet.h ssh-agent.c ssh.c] A few more ECC ifdefs
for missing headers and compiler warnings.
20100831 20100831
- OpenBSD CVS Sync - OpenBSD CVS Sync

2
kex.h
View File

@ -29,7 +29,9 @@
#include <signal.h> #include <signal.h>
#include <openssl/evp.h> #include <openssl/evp.h>
#include <openssl/hmac.h> #include <openssl/hmac.h>
#ifdef OPENSSL_HAS_ECC
#include <openssl/ec.h> #include <openssl/ec.h>
#endif
#define KEX_COOKIE_LEN 16 #define KEX_COOKIE_LEN 16

10
key.c
View File

@ -261,7 +261,9 @@ cert_compare(struct KeyCert *a, struct KeyCert *b)
int int
key_equal_public(const Key *a, const Key *b) key_equal_public(const Key *a, const Key *b)
{ {
#ifdef OPENSSL_HAS_ECC
BN_CTX *bnctx; BN_CTX *bnctx;
#endif
if (a == NULL || b == NULL || if (a == NULL || b == NULL ||
key_type_plain(a->type) != key_type_plain(b->type)) key_type_plain(a->type) != key_type_plain(b->type))
@ -656,9 +658,12 @@ key_read(Key *ret, char **cpp)
Key *k; Key *k;
int success = -1; int success = -1;
char *cp, *space; char *cp, *space;
int len, n, type, curve_nid = -1; int len, n, type;
u_int bits; u_int bits;
u_char *blob; u_char *blob;
#ifdef OPENSSL_HAS_ECC
int curve_nid = -1;
#endif
cp = *cpp; cp = *cpp;
@ -1437,11 +1442,12 @@ Key *
key_from_blob(const u_char *blob, u_int blen) key_from_blob(const u_char *blob, u_int blen)
{ {
Buffer b; Buffer b;
int rlen, type, nid = -1; int rlen, type;
char *ktype = NULL, *curve = NULL; char *ktype = NULL, *curve = NULL;
Key *key = NULL; Key *key = NULL;
#ifdef OPENSSL_HAS_ECC #ifdef OPENSSL_HAS_ECC
EC_POINT *q = NULL; EC_POINT *q = NULL;
int nid = -1;
#endif #endif
#ifdef DEBUG_PK #ifdef DEBUG_PK

View File

@ -19,7 +19,9 @@
#include <termios.h> #include <termios.h>
#include <openssl/bn.h> #include <openssl/bn.h>
#ifdef OPENSSL_HAS_ECC
#include <openssl/ec.h> #include <openssl/ec.h>
#endif
void packet_set_connection(int, int); void packet_set_connection(int, int);
void packet_set_timeout(int, int); void packet_set_timeout(int, int);
@ -43,7 +45,9 @@ void packet_put_int(u_int value);
void packet_put_int64(u_int64_t value); void packet_put_int64(u_int64_t value);
void packet_put_bignum(BIGNUM * value); void packet_put_bignum(BIGNUM * value);
void packet_put_bignum2(BIGNUM * value); void packet_put_bignum2(BIGNUM * value);
#ifdef OPENSSL_HAS_ECC
void packet_put_ecpoint(const EC_GROUP *, const EC_POINT *); void packet_put_ecpoint(const EC_GROUP *, const EC_POINT *);
#endif
void packet_put_string(const void *buf, u_int len); void packet_put_string(const void *buf, u_int len);
void packet_put_cstring(const char *str); void packet_put_cstring(const char *str);
void packet_put_raw(const void *buf, u_int len); void packet_put_raw(const void *buf, u_int len);
@ -61,7 +65,9 @@ u_int packet_get_int(void);
u_int64_t packet_get_int64(void); u_int64_t packet_get_int64(void);
void packet_get_bignum(BIGNUM * value); void packet_get_bignum(BIGNUM * value);
void packet_get_bignum2(BIGNUM * value); void packet_get_bignum2(BIGNUM * value);
#ifdef OPENSSL_HAS_ECC
void packet_get_ecpoint(const EC_GROUP *, EC_POINT *); void packet_get_ecpoint(const EC_GROUP *, EC_POINT *);
#endif
void *packet_get_raw(u_int *length_ptr); void *packet_get_raw(u_int *length_ptr);
void *packet_get_string(u_int *length_ptr); void *packet_get_string(u_int *length_ptr);
char *packet_get_cstring(u_int *length_ptr); char *packet_get_cstring(u_int *length_ptr);

View File

@ -466,11 +466,12 @@ process_add_identity(SocketEntry *e, int version)
Idtab *tab = idtab_lookup(version); Idtab *tab = idtab_lookup(version);
Identity *id; Identity *id;
int type, success = 0, death = 0, confirm = 0; int type, success = 0, death = 0, confirm = 0;
char *type_name, *comment, *curve; char *type_name, *comment;
Key *k = NULL; Key *k = NULL;
#ifdef OPENSSL_HAS_ECC #ifdef OPENSSL_HAS_ECC
BIGNUM *exponent; BIGNUM *exponent;
EC_POINT *q; EC_POINT *q;
int *curve;
#endif #endif
u_char *cert; u_char *cert;
u_int len; u_int len;

13
ssh.c
View File

@ -849,10 +849,19 @@ main(int ac, char **av)
*/ */
r = snprintf(buf, sizeof buf, "%s%s%s", pw->pw_dir, r = snprintf(buf, sizeof buf, "%s%s%s", pw->pw_dir,
strcmp(pw->pw_dir, "/") ? "/" : "", _PATH_SSH_USER_DIR); strcmp(pw->pw_dir, "/") ? "/" : "", _PATH_SSH_USER_DIR);
if (r > 0 && (size_t)r < sizeof(buf) && stat(buf, &st) < 0) if (r > 0 && (size_t)r < sizeof(buf) && stat(buf, &st) < 0) {
#ifdef WITH_SELINUX
char *scon;
matchpathcon(buf, 0700, &scon);
setfscreatecon(scon);
#endif
if (mkdir(buf, 0700) < 0) if (mkdir(buf, 0700) < 0)
error("Could not create directory '%.200s'.", buf); error("Could not create directory '%.200s'.", buf);
#ifdef WITH_SELINUX
setfscreatecon(NULL);
#endif
}
/* load options.identity_files */ /* load options.identity_files */
load_public_identity_files(); load_public_identity_files();