diff options
| author | Tim Rice <tim@multitalents.net> | 2011-01-12 22:35:43 -0800 |
|---|---|---|
| committer | Tim Rice <tim@multitalents.net> | 2011-01-12 22:35:43 -0800 |
| commit | 9b87a5ce3ca693c257c6097fb4c6906910b1900b (patch) | |
| tree | f44f6a65a6661ef7be852b6e00ca0610f37a1030 | |
| parent | cce927c25f93596a62b6d45c61a9d7fddf3d35c2 (diff) | |
- (tim) [Makefile.in configure.ac opensshd.init.in] Add support for generating
ecdsa keys. ok djm.
| -rw-r--r-- | ChangeLog | 2 | ||||
| -rw-r--r-- | Makefile.in | 28 | ||||
| -rw-r--r-- | configure.ac | 7 | ||||
| -rwxr-xr-x | opensshd.init.in | 4 |
4 files changed, 29 insertions, 12 deletions
| @@ -1,6 +1,8 @@ | |||
| 1 | 20110213 | 1 | 20110213 |
| 2 | - (djm) [misc.c] include time.h for nanosleep() prototype | 2 | - (djm) [misc.c] include time.h for nanosleep() prototype |
| 3 | - (tim) [Makefile.in] test the ECC bits if we have the capability. ok djm | 3 | - (tim) [Makefile.in] test the ECC bits if we have the capability. ok djm |
| 4 | - (tim) [Makefile.in configure.ac opensshd.init.in] Add support for generating | ||
| 5 | ecdsa keys. ok djm. | ||
| 4 | 6 | ||
| 5 | 20110212 | 7 | 20110212 |
| 6 | - OpenBSD CVS Sync | 8 | - OpenBSD CVS Sync |
diff --git a/Makefile.in b/Makefile.in index 13b6dedea..ea6fadc4a 100644 --- a/Makefile.in +++ b/Makefile.in | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | # $Id: Makefile.in,v 1.316 2011/01/13 03:06:38 tim Exp $ | 1 | # $Id: Makefile.in,v 1.317 2011/01/13 06:35:46 tim Exp $ |
| 2 | 2 | ||
| 3 | # uncomment if you run a non bourne compatable shell. Ie. csh | 3 | # uncomment if you run a non bourne compatable shell. Ie. csh |
| 4 | #SHELL = @SH@ | 4 | #SHELL = @SH@ |
| @@ -326,20 +326,27 @@ install-sysconf: | |||
| 326 | 326 | ||
| 327 | host-key: ssh-keygen$(EXEEXT) | 327 | host-key: ssh-keygen$(EXEEXT) |
| 328 | @if [ -z "$(DESTDIR)" ] ; then \ | 328 | @if [ -z "$(DESTDIR)" ] ; then \ |
| 329 | if [ -f "$(DESTDIR)$(sysconfdir)/ssh_host_key" ] ; then \ | 329 | if [ -f "$(sysconfdir)/ssh_host_key" ] ; then \ |
| 330 | echo "$(DESTDIR)$(sysconfdir)/ssh_host_key already exists, skipping." ; \ | 330 | echo "$(sysconfdir)/ssh_host_key already exists, skipping." ; \ |
| 331 | else \ | 331 | else \ |
| 332 | ./ssh-keygen -t rsa1 -f $(DESTDIR)$(sysconfdir)/ssh_host_key -N "" ; \ | 332 | ./ssh-keygen -t rsa1 -f $(sysconfdir)/ssh_host_key -N "" ; \ |
| 333 | fi ; \ | 333 | fi ; \ |
| 334 | if [ -f $(DESTDIR)$(sysconfdir)/ssh_host_dsa_key ] ; then \ | 334 | if [ -f $(sysconfdir)/ssh_host_dsa_key ] ; then \ |
| 335 | echo "$(DESTDIR)$(sysconfdir)/ssh_host_dsa_key already exists, skipping." ; \ | 335 | echo "$(sysconfdir)/ssh_host_dsa_key already exists, skipping." ; \ |
| 336 | else \ | 336 | else \ |
| 337 | ./ssh-keygen -t dsa -f $(DESTDIR)$(sysconfdir)/ssh_host_dsa_key -N "" ; \ | 337 | ./ssh-keygen -t dsa -f $(sysconfdir)/ssh_host_dsa_key -N "" ; \ |
| 338 | fi ; \ | 338 | fi ; \ |
| 339 | if [ -f $(DESTDIR)$(sysconfdir)/ssh_host_rsa_key ] ; then \ | 339 | if [ -f $(sysconfdir)/ssh_host_rsa_key ] ; then \ |
| 340 | echo "$(DESTDIR)$(sysconfdir)/ssh_host_rsa_key already exists, skipping." ; \ | 340 | echo "$(sysconfdir)/ssh_host_rsa_key already exists, skipping." ; \ |
| 341 | else \ | 341 | else \ |
| 342 | ./ssh-keygen -t rsa -f $(DESTDIR)$(sysconfdir)/ssh_host_rsa_key -N "" ; \ | 342 | ./ssh-keygen -t rsa -f $(sysconfdir)/ssh_host_rsa_key -N "" ; \ |
| 343 | fi ; \ | ||
| 344 | if [ -z "@COMMENT_OUT_ECC@" ] ; then \ | ||
| 345 | if [ -f $(sysconfdir)/ssh_host_ecdsa_key ] ; then \ | ||
| 346 | echo "$(sysconfdir)/ssh_host_ecdsa_key already exists, skipping." ; \ | ||
| 347 | else \ | ||
| 348 | ./ssh-keygen -t ecdsa -f $(sysconfdir)/ssh_host_ecdsa_key -N "" ; \ | ||
| 349 | fi ; \ | ||
| 343 | fi ; \ | 350 | fi ; \ |
| 344 | fi ; | 351 | fi ; |
| 345 | 352 | ||
| @@ -347,6 +354,7 @@ host-key-force: ssh-keygen$(EXEEXT) | |||
| 347 | ./ssh-keygen -t rsa1 -f $(DESTDIR)$(sysconfdir)/ssh_host_key -N "" | 354 | ./ssh-keygen -t rsa1 -f $(DESTDIR)$(sysconfdir)/ssh_host_key -N "" |
| 348 | ./ssh-keygen -t dsa -f $(DESTDIR)$(sysconfdir)/ssh_host_dsa_key -N "" | 355 | ./ssh-keygen -t dsa -f $(DESTDIR)$(sysconfdir)/ssh_host_dsa_key -N "" |
| 349 | ./ssh-keygen -t rsa -f $(DESTDIR)$(sysconfdir)/ssh_host_rsa_key -N "" | 356 | ./ssh-keygen -t rsa -f $(DESTDIR)$(sysconfdir)/ssh_host_rsa_key -N "" |
| 357 | @COMMENT_OUT_ECC@ ./ssh-keygen -t ecdsa -f $(DESTDIR)$(sysconfdir)/ssh_host_ecdsa_key -N "" | ||
| 350 | 358 | ||
| 351 | uninstallall: uninstall | 359 | uninstallall: uninstall |
| 352 | -rm -f $(DESTDIR)$(sysconfdir)/ssh_config | 360 | -rm -f $(DESTDIR)$(sysconfdir)/ssh_config |
diff --git a/configure.ac b/configure.ac index 93dd22174..3d4d11c92 100644 --- a/configure.ac +++ b/configure.ac | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | # $Id: configure.ac,v 1.463 2011/01/12 05:00:39 djm Exp $ | 1 | # $Id: configure.ac,v 1.464 2011/01/13 06:35:46 tim Exp $ |
| 2 | # | 2 | # |
| 3 | # Copyright (c) 1999-2004 Damien Miller | 3 | # Copyright (c) 1999-2004 Damien Miller |
| 4 | # | 4 | # |
| @@ -15,7 +15,7 @@ | |||
| 15 | # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | 15 | # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
| 16 | 16 | ||
| 17 | AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org) | 17 | AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org) |
| 18 | AC_REVISION($Revision: 1.463 $) | 18 | AC_REVISION($Revision: 1.464 $) |
| 19 | AC_CONFIG_SRCDIR([ssh.c]) | 19 | AC_CONFIG_SRCDIR([ssh.c]) |
| 20 | 20 | ||
| 21 | # local macros | 21 | # local macros |
| @@ -2258,13 +2258,16 @@ int main(void) { | |||
| 2258 | AC_DEFINE(OPENSSL_HAS_ECC, 1, | 2258 | AC_DEFINE(OPENSSL_HAS_ECC, 1, |
| 2259 | [libcrypto includes complete ECC support]) | 2259 | [libcrypto includes complete ECC support]) |
| 2260 | TEST_SSH_ECC=yes | 2260 | TEST_SSH_ECC=yes |
| 2261 | COMMENT_OUT_ECC="" | ||
| 2261 | ], | 2262 | ], |
| 2262 | [ | 2263 | [ |
| 2263 | AC_MSG_RESULT(no) | 2264 | AC_MSG_RESULT(no) |
| 2264 | TEST_SSH_ECC=no | 2265 | TEST_SSH_ECC=no |
| 2266 | COMMENT_OUT_ECC="#no ecc#" | ||
| 2265 | ] | 2267 | ] |
| 2266 | ) | 2268 | ) |
| 2267 | AC_SUBST(TEST_SSH_ECC) | 2269 | AC_SUBST(TEST_SSH_ECC) |
| 2270 | AC_SUBST(COMMENT_OUT_ECC) | ||
| 2268 | 2271 | ||
| 2269 | saved_LIBS="$LIBS" | 2272 | saved_LIBS="$LIBS" |
| 2270 | AC_CHECK_LIB(iaf, ia_openinfo, [ | 2273 | AC_CHECK_LIB(iaf, ia_openinfo, [ |
diff --git a/opensshd.init.in b/opensshd.init.in index d0aff7794..0db60caa7 100755 --- a/opensshd.init.in +++ b/opensshd.init.in | |||
| @@ -20,6 +20,7 @@ SSH_KEYGEN=$prefix/bin/ssh-keygen | |||
| 20 | HOST_KEY_RSA1=$sysconfdir/ssh_host_key | 20 | HOST_KEY_RSA1=$sysconfdir/ssh_host_key |
| 21 | HOST_KEY_DSA=$sysconfdir/ssh_host_dsa_key | 21 | HOST_KEY_DSA=$sysconfdir/ssh_host_dsa_key |
| 22 | HOST_KEY_RSA=$sysconfdir/ssh_host_rsa_key | 22 | HOST_KEY_RSA=$sysconfdir/ssh_host_rsa_key |
| 23 | @COMMENT_OUT_ECC@HOST_KEY_ECDSA=$sysconfdir/ssh_host_ecdsa_key | ||
| 23 | 24 | ||
| 24 | 25 | ||
| 25 | checkkeys() { | 26 | checkkeys() { |
| @@ -32,6 +33,9 @@ checkkeys() { | |||
| 32 | if [ ! -f $HOST_KEY_RSA ]; then | 33 | if [ ! -f $HOST_KEY_RSA ]; then |
| 33 | ${SSH_KEYGEN} -t rsa -f ${HOST_KEY_RSA} -N "" | 34 | ${SSH_KEYGEN} -t rsa -f ${HOST_KEY_RSA} -N "" |
| 34 | fi | 35 | fi |
| 36 | @COMMENT_OUT_ECC@ if [ ! -f $HOST_KEY_ECDSA ]; then | ||
| 37 | @COMMENT_OUT_ECC@ ${SSH_KEYGEN} -t ecdsa -f ${HOST_KEY_ECDSA} -N "" | ||
| 38 | @COMMENT_OUT_ECC@ fi | ||
| 35 | } | 39 | } |
| 36 | 40 | ||
| 37 | stop_service() { | 41 | stop_service() { |