diff options
| author | Damien Miller <djm@mindrot.org> | 2015-01-13 19:38:18 +1100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2015-01-13 19:38:18 +1100 |
| commit | 76c0480a85675f03a1376167cb686abed01a3583 (patch) | |
| tree | 25f6fa4adfa0e608a178c5d0189c63b745bc026b | |
| parent | 1f729f0614d1376c3332fa1edb6a5e5cec7e9e03 (diff) | |
add --without-ssh1 option to configure
Allows disabling support for SSH protocol 1.
| -rw-r--r-- | auth-rh-rsa.c | 4 | ||||
| -rw-r--r-- | auth-rsa.c | 4 | ||||
| -rw-r--r-- | auth1.c | 4 | ||||
| -rw-r--r-- | configure.ac | 19 | ||||
| -rw-r--r-- | sshconnect1.c | 4 |
5 files changed, 33 insertions, 2 deletions
diff --git a/auth-rh-rsa.c b/auth-rh-rsa.c index b7fd064e7..2e20396ea 100644 --- a/auth-rh-rsa.c +++ b/auth-rh-rsa.c | |||
| @@ -15,6 +15,8 @@ | |||
| 15 | 15 | ||
| 16 | #include "includes.h" | 16 | #include "includes.h" |
| 17 | 17 | ||
| 18 | #ifdef WITH_SSH1 | ||
| 19 | |||
| 18 | #include <sys/types.h> | 20 | #include <sys/types.h> |
| 19 | 21 | ||
| 20 | #include <pwd.h> | 22 | #include <pwd.h> |
| @@ -102,3 +104,5 @@ auth_rhosts_rsa(Authctxt *authctxt, char *cuser, Key *client_host_key) | |||
| 102 | packet_send_debug("Rhosts with RSA host authentication accepted."); | 104 | packet_send_debug("Rhosts with RSA host authentication accepted."); |
| 103 | return 1; | 105 | return 1; |
| 104 | } | 106 | } |
| 107 | |||
| 108 | #endif /* WITH_SSH1 */ | ||
diff --git a/auth-rsa.c b/auth-rsa.c index ff7a13221..422c196cf 100644 --- a/auth-rsa.c +++ b/auth-rsa.c | |||
| @@ -16,6 +16,8 @@ | |||
| 16 | 16 | ||
| 17 | #include "includes.h" | 17 | #include "includes.h" |
| 18 | 18 | ||
| 19 | #ifdef WITH_SSH1 | ||
| 20 | |||
| 19 | #include <sys/types.h> | 21 | #include <sys/types.h> |
| 20 | #include <sys/stat.h> | 22 | #include <sys/stat.h> |
| 21 | 23 | ||
| @@ -342,3 +344,5 @@ auth_rsa(Authctxt *authctxt, BIGNUM *client_n) | |||
| 342 | packet_send_debug("RSA authentication accepted."); | 344 | packet_send_debug("RSA authentication accepted."); |
| 343 | return (1); | 345 | return (1); |
| 344 | } | 346 | } |
| 347 | |||
| 348 | #endif /* WITH_SSH1 */ | ||
| @@ -12,6 +12,8 @@ | |||
| 12 | 12 | ||
| 13 | #include "includes.h" | 13 | #include "includes.h" |
| 14 | 14 | ||
| 15 | #ifdef WITH_SSH1 | ||
| 16 | |||
| 15 | #include <sys/types.h> | 17 | #include <sys/types.h> |
| 16 | 18 | ||
| 17 | #include <stdarg.h> | 19 | #include <stdarg.h> |
| @@ -438,3 +440,5 @@ do_authentication(Authctxt *authctxt) | |||
| 438 | packet_send(); | 440 | packet_send(); |
| 439 | packet_write_wait(); | 441 | packet_write_wait(); |
| 440 | } | 442 | } |
| 443 | |||
| 444 | #endif /* WITH_SSH1 */ | ||
diff --git a/configure.ac b/configure.ac index 5f5905b36..13e25e98f 100644 --- a/configure.ac +++ b/configure.ac | |||
| @@ -121,6 +121,22 @@ AC_CHECK_DECL([PR_SET_NO_NEW_PRIVS], [have_linux_no_new_privs=1], , [ | |||
| 121 | #include <linux/prctl.h> | 121 | #include <linux/prctl.h> |
| 122 | ]) | 122 | ]) |
| 123 | 123 | ||
| 124 | ssh1=yes | ||
| 125 | AC_ARG_WITH([ssh1], | ||
| 126 | [ --without-ssh1 Disable support for SSH protocol 1], | ||
| 127 | [ if test "x$withval" = "xno" ; then | ||
| 128 | ssh1=no | ||
| 129 | fi | ||
| 130 | ] | ||
| 131 | ) | ||
| 132 | AC_MSG_CHECKING([whether SSH protocol 1 support is enabled]) | ||
| 133 | if test "x$ssh1" = "xyes" ; then | ||
| 134 | AC_MSG_RESULT([yes]) | ||
| 135 | AC_DEFINE_UNQUOTED([WITH_SSH1], [1], [include SSH protocol version 1 support]) | ||
| 136 | else | ||
| 137 | AC_MSG_RESULT([no]) | ||
| 138 | fi | ||
| 139 | |||
| 124 | use_stack_protector=1 | 140 | use_stack_protector=1 |
| 125 | use_toolchain_hardening=1 | 141 | use_toolchain_hardening=1 |
| 126 | AC_ARG_WITH([stackprotect], | 142 | AC_ARG_WITH([stackprotect], |
| @@ -1523,7 +1539,7 @@ AC_ARG_WITH([audit], | |||
| 1523 | ) | 1539 | ) |
| 1524 | 1540 | ||
| 1525 | AC_ARG_WITH([pie], | 1541 | AC_ARG_WITH([pie], |
| 1526 | [ --with-pie Build Position Independent Executables if possible], [ | 1542 | [ --with-pie Build Position Independent Executables if possible], [ |
| 1527 | if test "x$withval" = "xno"; then | 1543 | if test "x$withval" = "xno"; then |
| 1528 | use_pie=no | 1544 | use_pie=no |
| 1529 | fi | 1545 | fi |
| @@ -2314,7 +2330,6 @@ AC_RUN_IFELSE( | |||
| 2314 | 2330 | ||
| 2315 | # XXX make --without-openssl work | 2331 | # XXX make --without-openssl work |
| 2316 | AC_DEFINE_UNQUOTED([WITH_OPENSSL], [1], [use libcrypto for cryptography]) | 2332 | AC_DEFINE_UNQUOTED([WITH_OPENSSL], [1], [use libcrypto for cryptography]) |
| 2317 | AC_DEFINE_UNQUOTED([WITH_SSH1], [1], [include SSH protocol version 1 support]) | ||
| 2318 | 2333 | ||
| 2319 | AC_ARG_WITH([openssl-header-check], | 2334 | AC_ARG_WITH([openssl-header-check], |
| 2320 | [ --without-openssl-header-check Disable OpenSSL version consistency check], | 2335 | [ --without-openssl-header-check Disable OpenSSL version consistency check], |
diff --git a/sshconnect1.c b/sshconnect1.c index dd12a3af2..08589f5ee 100644 --- a/sshconnect1.c +++ b/sshconnect1.c | |||
| @@ -15,6 +15,8 @@ | |||
| 15 | 15 | ||
| 16 | #include "includes.h" | 16 | #include "includes.h" |
| 17 | 17 | ||
| 18 | #ifdef WITH_SSH1 | ||
| 19 | |||
| 18 | #include <sys/types.h> | 20 | #include <sys/types.h> |
| 19 | #include <sys/socket.h> | 21 | #include <sys/socket.h> |
| 20 | 22 | ||
| @@ -755,3 +757,5 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host, | |||
| 755 | success: | 757 | success: |
| 756 | return; /* need statement after label */ | 758 | return; /* need statement after label */ |
| 757 | } | 759 | } |
| 760 | |||
| 761 | #endif /* WITH_SSH1 */ | ||