tyler.durden/openssh-portable
1
0
Fork 0
mirror of https://github.com/PowerShell/openssh-portable.git synced 2025-07-25 14:54:45 +02:00
Code Issues Packages Projects Releases Wiki Activity

- (dtucker) [configure.ac moduli.c openbsd-compat/openssl-compat.{c,h}] Add

Browse Source 
shims for the new, non-deprecated OpenSSL key generation functions for
   platforms that don't have the new interfaces.
This commit is contained in:
Darren Tucker 2010-12-04 23:20:50 +11:00
parent d89745b9e7
commit ebdef76b5d
5 changed files with 86 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ChangeLog
View File

@ -1,6 +1,9 @@
20101204 20101204
- (djm) [openbsd-compat/bindresvport.c] Use arc4random_uniform(range) - (djm) [openbsd-compat/bindresvport.c] Use arc4random_uniform(range)
instead of (arc4random() % range) instead of (arc4random() % range)
- (dtucker) [configure.ac moduli.c openbsd-compat/openssl-compat.{c,h}] Add
shims for the new, non-deprecated OpenSSL key generation functions for
platforms that don't have the new interfaces.
20101201 20101201
- OpenBSD CVS Sync - OpenBSD CVS Sync

6
configure.ac
View File

@ -1,4 +1,4 @@
# $Id: configure.ac,v 1.458 2010/11/08 22:26:23 tim Exp $ # $Id: configure.ac,v 1.459 2010/12/04 12:20:50 dtucker Exp $
# #
# Copyright (c) 1999-2004 Damien Miller # Copyright (c) 1999-2004 Damien Miller
# #
@ -15,7 +15,7 @@
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org) AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
AC_REVISION($Revision: 1.458 $) AC_REVISION($Revision: 1.459 $)
AC_CONFIG_SRCDIR([ssh.c]) AC_CONFIG_SRCDIR([ssh.c])
AC_CONFIG_HEADER(config.h) AC_CONFIG_HEADER(config.h)
@ -2136,6 +2136,8 @@ int main(void) { SSLeay_add_all_algorithms(); }
] ]
) )
AC_CHECK_FUNCS(RSA_generate_key_ex DSA_generate_parameters_ex BN_is_prime_ex)
AC_ARG_WITH(ssl-engine, AC_ARG_WITH(ssl-engine,
[ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ], [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
[ if test "x$withval" != "xno" ; then [ if test "x$withval" != "xno" ; then

2
moduli.c
View File

@ -54,6 +54,8 @@
#include "dh.h" #include "dh.h"
#include "log.h" #include "log.h"
#include "openbsd-compat/openssl-compat.h"
/* /*
* File output defines * File output defines
*/ */

64
openbsd-compat/openssl-compat.c
View File

@ -1,4 +1,4 @@
/* $Id: openssl-compat.c,v 1.10 2010/11/22 06:59:00 dtucker Exp $ */ /* $Id: openssl-compat.c,v 1.11 2010/12/04 12:20:50 dtucker Exp $ */
/* /*
* Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au> * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
@ -18,11 +18,16 @@
#include "includes.h" #include "includes.h"
#include <stdarg.h>
#include <string.h>
#ifdef USE_OPENSSL_ENGINE #ifdef USE_OPENSSL_ENGINE
# include <openssl/engine.h> # include <openssl/engine.h>
# include <openssl/conf.h> # include <openssl/conf.h>
#endif #endif
#include "log.h"
#define SSH_DONT_OVERLOAD_OPENSSL_FUNCS #define SSH_DONT_OVERLOAD_OPENSSL_FUNCS
#include "openssl-compat.h" #include "openssl-compat.h"
@ -59,6 +64,63 @@ ssh_EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt)
} }
#endif #endif
#ifndef HAVE_BN_IS_PRIME_EX
int
BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, void *cb)
{
if (cb != NULL)
fatal("%s: callback args not supported", __func__);
return BN_is_prime(p, nchecks, NULL, ctx, NULL);
}
#endif
#ifndef HAVE_RSA_GENERATE_KEY_EX
int
RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *bn_e, void *cb)
{
RSA *new_rsa, tmp_rsa;
unsigned long e;
sleep(1);
if (cb != NULL)
fatal("%s: callback args not supported", __func__);
e = BN_get_word(bn_e);
if (e == 0xffffffffL)
fatal("%s: value of e too large", __func__);
new_rsa = RSA_generate_key(bits, e, NULL, NULL);
if (new_rsa == NULL)
return 0;
/* swap rsa/new_rsa then free new_rsa */
tmp_rsa = *rsa;
*rsa = *new_rsa;
*new_rsa = tmp_rsa;
RSA_free(new_rsa);
return 1;
}
#endif
#ifndef HAVE_DSA_GENERATE_PARAMETERS_EX
int
DSA_generate_parameters_ex(DSA *dsa, int bits, const unsigned char *seed,
int seed_len, int *counter_ret, unsigned long *h_ret, void *cb)
{
DSA *new_dsa, tmp_dsa;
if (cb != NULL)
fatal("%s: callback args not supported", __func__);
new_dsa = DSA_generate_parameters(bits, (unsigned char *)seed, seed_len,
counter_ret, h_ret, NULL, NULL);
if (new_dsa == NULL)
return 0;
/* swap dsa/new_dsa then free new_dsa */
tmp_dsa = *dsa;
*dsa = *new_dsa;
*new_dsa = tmp_dsa;
DSA_free(new_dsa);
return 1;
}
#endif
#ifdef USE_OPENSSL_ENGINE #ifdef USE_OPENSSL_ENGINE
void void
ssh_SSLeay_add_all_algorithms(void) ssh_SSLeay_add_all_algorithms(void)

15
openbsd-compat/openssl-compat.h
View File

@ -1,4 +1,4 @@
/* $Id: openssl-compat.h,v 1.16 2010/10/07 11:06:44 djm Exp $ */ /* $Id: openssl-compat.h,v 1.17 2010/12/04 12:20:50 dtucker Exp $ */
/* /*
* Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au> * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
@ -108,6 +108,19 @@ extern const EVP_CIPHER *evp_acss(void);
# define SSLeay_add_all_algorithms() ssh_SSLeay_add_all_algorithms() # define SSLeay_add_all_algorithms() ssh_SSLeay_add_all_algorithms()
# endif # endif
# ifndef HAVE_BN_IS_PRIME_EX
int BN_is_prime_ex(const BIGNUM *, int, BN_CTX *, void *);
# endif
# ifndef HAVE_DSA_GENERATE_PARAMETERS_EX
int DSA_generate_parameters_ex(DSA *, int, const unsigned char *, int, int *,
unsigned long *, void *);
# endif
# ifndef HAVE_RSA_GENERATE_KEY_EX
int RSA_generate_key_ex(RSA *, int, BIGNUM *, void *);
# endif
int ssh_EVP_CipherInit(EVP_CIPHER_CTX *, const EVP_CIPHER *, unsigned char *, int ssh_EVP_CipherInit(EVP_CIPHER_CTX *, const EVP_CIPHER *, unsigned char *,
unsigned char *, int); unsigned char *, int);
int ssh_EVP_Cipher(EVP_CIPHER_CTX *, char *, char *, int); int ssh_EVP_Cipher(EVP_CIPHER_CTX *, char *, char *, int);