Bugzilla – Attachment 2634 Details for
Bug 2388
build fixups for --without-openssl
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
chop out moduli code and options when compiled !openssl
keygen-no-moduli.diff (text/plain), 5.68 KB, created by
Damien Miller
on 2015-05-28 14:41:27 AEST
(
hide
)
Description:
chop out moduli code and options when compiled !openssl
Filename:
MIME Type:
Creator:
Damien Miller
Created:
2015-05-28 14:41:27 AEST
Size:
5.68 KB
patch
obsolete
>diff --git a/ssh-keygen.c b/ssh-keygen.c >index c4e466c..269eb48 100644 >--- a/ssh-keygen.c >+++ b/ssh-keygen.c >@@ -174,10 +174,12 @@ extern char *__progname; > > char hostname[NI_MAXHOST]; > >+#ifdef WITH_OPENSSL > /* moduli.c */ > int gen_candidates(FILE *, u_int32_t, u_int32_t, BIGNUM *); > int prime_test(FILE *, FILE *, u_int32_t, u_int32_t, char *, unsigned long, > unsigned long); >+#endif > > static void > type_bits_valid(int type, const char *name, u_int32_t *bitsp) >@@ -2183,9 +2185,11 @@ usage(void) > " ssh-keygen -H [-f known_hosts_file]\n" > " ssh-keygen -R hostname [-f known_hosts_file]\n" > " ssh-keygen -r hostname [-f input_keyfile] [-g]\n" >+#ifdef WITH_OPENSSL > " ssh-keygen -G output_file [-v] [-b bits] [-M memory] [-S start_point]\n" > " ssh-keygen -T output_file -f input_file [-v] [-a rounds] [-J num_lines]\n" > " [-j start_line] [-K checkpt] [-W generator]\n" >+#endif > " ssh-keygen -s ca_key -I certificate_identity [-h] [-n principals]\n" > " [-O option] [-V validity_interval] [-z serial_number] file ...\n" > " ssh-keygen -L [-f input_keyfile]\n" >@@ -2203,19 +2207,22 @@ int > main(int argc, char **argv) > { > char dotsshdir[PATH_MAX], comment[1024], *passphrase1, *passphrase2; >- char *checkpoint = NULL; >- char out_file[PATH_MAX], *rr_hostname = NULL, *ep, *fp, *ra; >+ char *rr_hostname = NULL, *ep, *fp, *ra; > struct sshkey *private, *public; > struct passwd *pw; > struct stat st; > int r, opt, type, fd; >+ int gen_all_hostkeys = 0, gen_krl = 0, update_krl = 0, check_krl = 0; >+ FILE *f; >+ const char *errstr; >+#ifdef WITH_OPENSSL >+ /* Moduli generation/screening */ >+ char out_file[PATH_MAX], *checkpoint = NULL; > u_int32_t memory = 0, generator_wanted = 0; > int do_gen_candidates = 0, do_screen_candidates = 0; >- int gen_all_hostkeys = 0, gen_krl = 0, update_krl = 0, check_krl = 0; > unsigned long start_lineno = 0, lines_to_process = 0; > BIGNUM *start = NULL; >- FILE *f; >- const char *errstr; >+#endif > > extern int optind; > extern char *optarg; >@@ -2262,12 +2269,6 @@ main(int argc, char **argv) > case 'I': > cert_key_id = optarg; > break; >- case 'J': >- lines_to_process = strtoul(optarg, NULL, 10); >- break; >- case 'j': >- start_lineno = strtoul(optarg, NULL, 10); >- break; > case 'R': > delete_host = 1; > rr_hostname = optarg; >@@ -2309,8 +2310,8 @@ main(int argc, char **argv) > change_comment = 1; > break; > case 'f': >- if (strlcpy(identity_file, optarg, sizeof(identity_file)) >= >- sizeof(identity_file)) >+ if (strlcpy(identity_file, optarg, >+ sizeof(identity_file)) >= sizeof(identity_file)) > fatal("Identity filename too long"); > have_identity = 1; > break; >@@ -2382,56 +2383,66 @@ main(int argc, char **argv) > case 'r': > rr_hostname = optarg; > break; >- case 'W': >- generator_wanted = (u_int32_t)strtonum(optarg, 1, >- UINT_MAX, &errstr); >- if (errstr) >- fatal("Desired generator has bad value: %s (%s)", >- optarg, errstr); >- break; > case 'a': > rounds = (int)strtonum(optarg, 1, INT_MAX, &errstr); > if (errstr) > fatal("Invalid number: %s (%s)", > optarg, errstr); > break; >- case 'M': >- memory = (u_int32_t)strtonum(optarg, 1, UINT_MAX, &errstr); >- if (errstr) >- fatal("Memory limit is %s: %s", errstr, optarg); >+ case 'V': >+ parse_cert_times(optarg); > break; >+ case 'z': >+ errno = 0; >+ cert_serial = strtoull(optarg, &ep, 10); >+ if (*optarg < '0' || *optarg > '9' || *ep != '\0' || >+ (errno == ERANGE && cert_serial == ULLONG_MAX)) >+ fatal("Invalid serial number \"%s\"", optarg); >+ break; >+#ifdef WITH_OPENSSL >+ /* Moduli generation/screening */ > case 'G': > do_gen_candidates = 1; > if (strlcpy(out_file, optarg, sizeof(out_file)) >= > sizeof(out_file)) > fatal("Output filename too long"); > break; >- case 'T': >- do_screen_candidates = 1; >- if (strlcpy(out_file, optarg, sizeof(out_file)) >= >- sizeof(out_file)) >- fatal("Output filename too long"); >- break; >+ case 'J': >+ lines_to_process = strtoul(optarg, NULL, 10); >+ break; >+ case 'j': >+ start_lineno = strtoul(optarg, NULL, 10); >+ break; > case 'K': > if (strlen(optarg) >= PATH_MAX) > fatal("Checkpoint filename too long"); > checkpoint = xstrdup(optarg); > break; >+ case 'M': >+ memory = (u_int32_t)strtonum(optarg, 1, UINT_MAX, >+ &errstr); >+ if (errstr) >+ fatal("Memory limit is %s: %s", errstr, optarg); >+ break; >+ case 'T': >+ do_screen_candidates = 1; >+ if (strlcpy(out_file, optarg, sizeof(out_file)) >= >+ sizeof(out_file)) >+ fatal("Output filename too long"); >+ break; > case 'S': > /* XXX - also compare length against bits */ > if (BN_hex2bn(&start, optarg) == 0) > fatal("Invalid start point."); > break; >- case 'V': >- parse_cert_times(optarg); >- break; >- case 'z': >- errno = 0; >- cert_serial = strtoull(optarg, &ep, 10); >- if (*optarg < '0' || *optarg > '9' || *ep != '\0' || >- (errno == ERANGE && cert_serial == ULLONG_MAX)) >- fatal("Invalid serial number \"%s\"", optarg); >+ case 'W': >+ generator_wanted = (u_int32_t)strtonum(optarg, 1, >+ UINT_MAX, &errstr); >+ if (errstr != NULL) >+ fatal("Desired generator invalid: %s (%s)", >+ optarg, errstr); > break; >+#endif /* WITH_OPENSSL */ > case '?': > default: > usage(); >@@ -2521,6 +2532,7 @@ main(int argc, char **argv) > } > } > >+#ifdef WITH_OPENSSL > if (do_gen_candidates) { > FILE *out = fopen(out_file, "w"); > >@@ -2560,6 +2572,7 @@ main(int argc, char **argv) > fatal("modulus screening failed"); > return (0); > } >+#endif > > if (gen_all_hostkeys) { > do_gen_all_hostkeys(pw);
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=2634">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Flags:
dtucker
:
ok+
Actions:
View
|
Diff
Attachments on
bug 2388
:
2599
|
2603
|
2604
|
2605
|
2606
|
2633
| 2634