- (dtucker) [kex.h key.c packet.h ssh-agent.c ssh.c] A few more ECC ifdefs

for missing headers and compiler warnings.
author: Darren Tucker <dtucker@zip.com.au> 2010-09-10 12:28:24 +1000
committer: Darren Tucker <dtucker@zip.com.au> 2010-09-10 12:28:24 +1000
commit: 8ccb7392e7ea45d2997afdfa981a450c7db85211 (patch)
tree: 5dd0769c5ec6a54fffb0e77a670bdc4e84046a6c
parent: 6af914a15c0c33e8b5bab5ca61919b8562ff1db9 (diff)
6 files changed, 31 insertions, 5 deletions
diff --git a/ChangeLog b/ChangeLog
index 742e966c5..c3c18d722 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -66,6 +66,8 @@
   [kexecdhc.c kexecdhs.c key.c key.h myproposal.h packet.c readconf.c]
   [ssh-agent.c ssh-ecdsa.c ssh-keygen.c ssh.c] Disable ECDH and ECDSA on
   platforms that don't have the requisite OpenSSL support. ok dtucker@
+ - (dtucker) [kex.h key.c packet.h ssh-agent.c ssh.c] A few more ECC ifdefs
+   for missing headers and compiler warnings.
 20100831
 - OpenBSD CVS Sync
diff --git a/kex.h b/kex.h
index 06914756a..3e312fb44 100644
--- a/kex.h
+++ b/kex.h
@@ -29,7 +29,9 @@
 #include <signal.h>
 #include <openssl/evp.h>
 #include <openssl/hmac.h>
+#ifdef OPENSSL_HAS_ECC
 #include <openssl/ec.h>
+#endif
 #define KEX_COOKIE_LEN  16
diff --git a/key.c b/key.c
index 3cda8f2cb..196092de5 100644
--- a/key.c
+++ b/key.c
@@ -261,7 +261,9 @@ cert_compare(struct KeyCert *a, struct KeyCert *b)
 int
 key_equal_public(const Key *a, const Key *b)
 {
+#ifdef OPENSSL_HAS_ECC
        BN_CTX *bnctx;
+#endif
        if (a == NULL || b == NULL ||
            key_type_plain(a->type) != key_type_plain(b->type))
@@ -656,9 +658,12 @@ key_read(Key *ret, char **cpp)
        Key *k;
        int success = -1;
        char *cp, *space;
-        int len, n, type, curve_nid = -1;
+        int len, n, type;
        u_int bits;
        u_char *blob;
+#ifdef OPENSSL_HAS_ECC
+        int curve_nid = -1;
+#endif
        cp = *cpp;
@@ -1437,11 +1442,12 @@ Key *
 key_from_blob(const u_char *blob, u_int blen)
 {
        Buffer b;
-        int rlen, type, nid = -1;
+        int rlen, type;
        char *ktype = NULL, *curve = NULL;
        Key *key = NULL;
 #ifdef OPENSSL_HAS_ECC
        EC_POINT *q = NULL;
+        int nid = -1;
 #endif
 #ifdef DEBUG_PK
diff --git a/packet.h b/packet.h
index 827561cdb..864b82855 100644
--- a/packet.h
+++ b/packet.h
@@ -19,7 +19,9 @@
 #include <termios.h>
 #include <openssl/bn.h>
+#ifdef OPENSSL_HAS_ECC
 #include <openssl/ec.h>
+#endif
 void     packet_set_connection(int, int);
 void     packet_set_timeout(int, int);
@@ -43,7 +45,9 @@ void     packet_put_int(u_int value);
 void     packet_put_int64(u_int64_t value);
 void     packet_put_bignum(BIGNUM * value);
 void     packet_put_bignum2(BIGNUM * value);
+#ifdef OPENSSL_HAS_ECC
 void     packet_put_ecpoint(const EC_GROUP *, const EC_POINT *);
+#endif
 void     packet_put_string(const void *buf, u_int len);
 void     packet_put_cstring(const char *str);
 void     packet_put_raw(const void *buf, u_int len);
@@ -61,7 +65,9 @@ u_int	 packet_get_int(void);
 u_int64_t packet_get_int64(void);
 void     packet_get_bignum(BIGNUM * value);
 void     packet_get_bignum2(BIGNUM * value);
+#ifdef OPENSSL_HAS_ECC
 void     packet_get_ecpoint(const EC_GROUP *, EC_POINT *);
+#endif
 void    *packet_get_raw(u_int *length_ptr);
 void    *packet_get_string(u_int *length_ptr);
 char    *packet_get_cstring(u_int *length_ptr);
diff --git a/ssh-agent.c b/ssh-agent.c
index 8f19fb157..45c8e37a3 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -466,11 +466,12 @@ process_add_identity(SocketEntry *e, int version)
        Idtab *tab = idtab_lookup(version);
        Identity *id;
        int type, success = 0, death = 0, confirm = 0;
-        char *type_name, *comment, *curve;
+        char *type_name, *comment;
        Key *k = NULL;
 #ifdef OPENSSL_HAS_ECC
        BIGNUM *exponent;
        EC_POINT *q;
+        int *curve;
 #endif
        u_char *cert;
        u_int len;
diff --git a/ssh.c b/ssh.c
index 3ade744b6..70c71bc00 100644
--- a/ssh.c
+++ b/ssh.c
@@ -849,10 +849,19 @@ main(int ac, char **av)
         */
        r = snprintf(buf, sizeof buf, "%s%s%s", pw->pw_dir,
            strcmp(pw->pw_dir, "/") ? "/" : "", _PATH_SSH_USER_DIR);
-        if (r > 0 && (size_t)r < sizeof(buf) && stat(buf, &st) < 0)
+        if (r > 0 && (size_t)r < sizeof(buf) && stat(buf, &st) < 0) {
+#ifdef WITH_SELINUX
+                char *scon;
+                matchpathcon(buf, 0700, &scon);
+                setfscreatecon(scon);
+#endif
                if (mkdir(buf, 0700) < 0)
                        error("Could not create directory '%.200s'.", buf);
+#ifdef WITH_SELINUX
+                setfscreatecon(NULL);
+#endif
+        }
        /* load options.identity_files */
        load_public_identity_files();
author	Darren Tucker <dtucker@zip.com.au>	2010-09-10 12:28:24 +1000
committer	Darren Tucker <dtucker@zip.com.au>	2010-09-10 12:28:24 +1000
commit	8ccb7392e7ea45d2997afdfa981a450c7db85211 (patch)
tree	5dd0769c5ec6a54fffb0e77a670bdc4e84046a6c
parent	6af914a15c0c33e8b5bab5ca61919b8562ff1db9 (diff)

diff --git a/ChangeLog b/ChangeLog index 742e966c5..c3c18d722 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -66,6 +66,8 @@
66	[kexecdhc.c kexecdhs.c key.c key.h myproposal.h packet.c readconf.c]	66	[kexecdhc.c kexecdhs.c key.c key.h myproposal.h packet.c readconf.c]
67	[ssh-agent.c ssh-ecdsa.c ssh-keygen.c ssh.c] Disable ECDH and ECDSA on	67	[ssh-agent.c ssh-ecdsa.c ssh-keygen.c ssh.c] Disable ECDH and ECDSA on
68	platforms that don't have the requisite OpenSSL support. ok dtucker@	68	platforms that don't have the requisite OpenSSL support. ok dtucker@
		69	- (dtucker) [kex.h key.c packet.h ssh-agent.c ssh.c] A few more ECC ifdefs
		70	for missing headers and compiler warnings.
69		71
70	20100831	72	20100831
71	- OpenBSD CVS Sync	73	- OpenBSD CVS Sync


diff --git a/kex.h b/kex.h index 06914756a..3e312fb44 100644 --- a/kex.h +++ b/kex.h
@@ -29,7 +29,9 @@
29	#include <signal.h>	29	#include <signal.h>
30	#include <openssl/evp.h>	30	#include <openssl/evp.h>
31	#include <openssl/hmac.h>	31	#include <openssl/hmac.h>
		32	#ifdef OPENSSL_HAS_ECC
32	#include <openssl/ec.h>	33	#include <openssl/ec.h>
		34	#endif
33		35
34	#define KEX_COOKIE_LEN 16	36	#define KEX_COOKIE_LEN 16
35		37


diff --git a/key.c b/key.c index 3cda8f2cb..196092de5 100644 --- a/key.c +++ b/key.c
@@ -261,7 +261,9 @@ cert_compare(struct KeyCert a, struct KeyCert b)
261	int	261	int
262	key_equal_public(const Key a, const Key b)	262	key_equal_public(const Key a, const Key b)
263	{	263	{
		264	#ifdef OPENSSL_HAS_ECC
264	BN_CTX *bnctx;	265	BN_CTX *bnctx;
		266	#endif
265		267
266	if (a == NULL \|\| b == NULL \|\|	268	if (a == NULL \|\| b == NULL \|\|
267	key_type_plain(a->type) != key_type_plain(b->type))	269	key_type_plain(a->type) != key_type_plain(b->type))
@@ -656,9 +658,12 @@ key_read(Key ret, char *cpp)
656	Key *k;	658	Key *k;
657	int success = -1;	659	int success = -1;
658	char cp, space;	660	char cp, space;
659	int len, n, type, curve_nid = -1;	661	int len, n, type;
660	u_int bits;	662	u_int bits;
661	u_char *blob;	663	u_char *blob;
		664	#ifdef OPENSSL_HAS_ECC
		665	int curve_nid = -1;
		666	#endif
662		667
663	cp = *cpp;	668	cp = *cpp;
664		669
@@ -1437,11 +1442,12 @@ Key *
1437	key_from_blob(const u_char *blob, u_int blen)	1442	key_from_blob(const u_char *blob, u_int blen)
1438	{	1443	{
1439	Buffer b;	1444	Buffer b;
1440	int rlen, type, nid = -1;	1445	int rlen, type;
1441	char ktype = NULL, curve = NULL;	1446	char ktype = NULL, curve = NULL;
1442	Key *key = NULL;	1447	Key *key = NULL;
1443	#ifdef OPENSSL_HAS_ECC	1448	#ifdef OPENSSL_HAS_ECC
1444	EC_POINT *q = NULL;	1449	EC_POINT *q = NULL;
		1450	int nid = -1;
1445	#endif	1451	#endif
1446		1452
1447	#ifdef DEBUG_PK	1453	#ifdef DEBUG_PK


diff --git a/packet.h b/packet.h index 827561cdb..864b82855 100644 --- a/packet.h +++ b/packet.h
@@ -19,7 +19,9 @@
19	#include <termios.h>	19	#include <termios.h>
20		20
21	#include <openssl/bn.h>	21	#include <openssl/bn.h>
		22	#ifdef OPENSSL_HAS_ECC
22	#include <openssl/ec.h>	23	#include <openssl/ec.h>
		24	#endif
23		25
24	void packet_set_connection(int, int);	26	void packet_set_connection(int, int);
25	void packet_set_timeout(int, int);	27	void packet_set_timeout(int, int);
@@ -43,7 +45,9 @@ void packet_put_int(u_int value);
43	void packet_put_int64(u_int64_t value);	45	void packet_put_int64(u_int64_t value);
44	void packet_put_bignum(BIGNUM * value);	46	void packet_put_bignum(BIGNUM * value);
45	void packet_put_bignum2(BIGNUM * value);	47	void packet_put_bignum2(BIGNUM * value);
		48	#ifdef OPENSSL_HAS_ECC
46	void packet_put_ecpoint(const EC_GROUP , const EC_POINT );	49	void packet_put_ecpoint(const EC_GROUP , const EC_POINT );
		50	#endif
47	void packet_put_string(const void *buf, u_int len);	51	void packet_put_string(const void *buf, u_int len);
48	void packet_put_cstring(const char *str);	52	void packet_put_cstring(const char *str);
49	void packet_put_raw(const void *buf, u_int len);	53	void packet_put_raw(const void *buf, u_int len);
@@ -61,7 +65,9 @@ u_int packet_get_int(void);
61	u_int64_t packet_get_int64(void);	65	u_int64_t packet_get_int64(void);
62	void packet_get_bignum(BIGNUM * value);	66	void packet_get_bignum(BIGNUM * value);
63	void packet_get_bignum2(BIGNUM * value);	67	void packet_get_bignum2(BIGNUM * value);
		68	#ifdef OPENSSL_HAS_ECC
64	void packet_get_ecpoint(const EC_GROUP , EC_POINT );	69	void packet_get_ecpoint(const EC_GROUP , EC_POINT );
		70	#endif
65	void packet_get_raw(u_int length_ptr);	71	void packet_get_raw(u_int length_ptr);
66	void packet_get_string(u_int length_ptr);	72	void packet_get_string(u_int length_ptr);
67	char packet_get_cstring(u_int length_ptr);	73	char packet_get_cstring(u_int length_ptr);


diff --git a/ssh-agent.c b/ssh-agent.c index 8f19fb157..45c8e37a3 100644 --- a/ssh-agent.c +++ b/ssh-agent.c
@@ -466,11 +466,12 @@ process_add_identity(SocketEntry *e, int version)
466	Idtab *tab = idtab_lookup(version);	466	Idtab *tab = idtab_lookup(version);
467	Identity *id;	467	Identity *id;
468	int type, success = 0, death = 0, confirm = 0;	468	int type, success = 0, death = 0, confirm = 0;
469	char type_name, comment, *curve;	469	char type_name, comment;
470	Key *k = NULL;	470	Key *k = NULL;
471	#ifdef OPENSSL_HAS_ECC	471	#ifdef OPENSSL_HAS_ECC
472	BIGNUM *exponent;	472	BIGNUM *exponent;
473	EC_POINT *q;	473	EC_POINT *q;
		474	int *curve;
474	#endif	475	#endif
475	u_char *cert;	476	u_char *cert;
476	u_int len;	477	u_int len;


diff --git a/ssh.c b/ssh.c index 3ade744b6..70c71bc00 100644 --- a/ssh.c +++ b/ssh.c
@@ -849,10 +849,19 @@ main(int ac, char **av)
849	*/	849	*/
850	r = snprintf(buf, sizeof buf, "%s%s%s", pw->pw_dir,	850	r = snprintf(buf, sizeof buf, "%s%s%s", pw->pw_dir,
851	strcmp(pw->pw_dir, "/") ? "/" : "", _PATH_SSH_USER_DIR);	851	strcmp(pw->pw_dir, "/") ? "/" : "", _PATH_SSH_USER_DIR);
852	if (r > 0 && (size_t)r < sizeof(buf) && stat(buf, &st) < 0)	852	if (r > 0 && (size_t)r < sizeof(buf) && stat(buf, &st) < 0) {
		853	#ifdef WITH_SELINUX
		854	char *scon;
		855
		856	matchpathcon(buf, 0700, &scon);
		857	setfscreatecon(scon);
		858	#endif
853	if (mkdir(buf, 0700) < 0)	859	if (mkdir(buf, 0700) < 0)
854	error("Could not create directory '%.200s'.", buf);	860	error("Could not create directory '%.200s'.", buf);
855		861	#ifdef WITH_SELINUX
		862	setfscreatecon(NULL);
		863	#endif
		864	}
856	/* load options.identity_files */	865	/* load options.identity_files */
857	load_public_identity_files();	866	load_public_identity_files();
858		867