support --without-openssl at configure time

Disables and removes dependency on OpenSSL. Many features don't
work and the set of crypto options is greatly restricted. This
will only work on system with native arc4random or /dev/urandom.

Considered highly experimental for now.

9 files changed, 91 insertions, 21 deletions

diff --git a/openbsd-compat/Makefile.in b/openbsd-compat/Makefile.in
index 7be3f72aa..3c5e3b7f7 100644
--- a/openbsd-compat/Makefile.in
+++ b/openbsd-compat/Makefile.in
@@ -16,7 +16,7 @@ RANLIB=@RANLIB@
 INSTALL=@INSTALL@
 LDFLAGS=-L. @LDFLAGS@
 
-OPENBSD=base64.o basename.o bcrypt_pbkdf.o bindresvport.o blowfish.o daemon.o dirname.o fmt_scaled.o getcwd.o getgrouplist.o getopt_long.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o pwcache.o readpassphrase.o reallocarray.o realpath.o rresvport.o setenv.o setproctitle.o sha2.o sigact.o strlcat.o strlcpy.o strmode.o strnlen.o strptime.o strsep.o strtonum.o strtoll.o strtoul.o strtoull.o timingsafe_bcmp.o vis.o blowfish.o bcrypt_pbkdf.o explicit_bzero.o
+OPENBSD=base64.o basename.o bcrypt_pbkdf.o bindresvport.o blowfish.o daemon.o dirname.o fmt_scaled.o getcwd.o getgrouplist.o getopt_long.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o pwcache.o readpassphrase.o reallocarray.o realpath.o rresvport.o setenv.o setproctitle.o sha1.o sha2.o rmd160.o md5.o sigact.o strlcat.o strlcpy.o strmode.o strnlen.o strptime.o strsep.o strtonum.o strtoll.o strtoul.o strtoull.o timingsafe_bcmp.o vis.o blowfish.o bcrypt_pbkdf.o explicit_bzero.o
 
 COMPAT=arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o getrrsetbyname-ldns.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-poll.o bsd-setres_id.o bsd-snprintf.o bsd-statvfs.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xmmap.o xcrypt.o kludge-fd_set.o
 
diff --git a/openbsd-compat/arc4random.c b/openbsd-compat/arc4random.c
index 09dbfda16..046f57e61 100644
--- a/openbsd-compat/arc4random.c
+++ b/openbsd-compat/arc4random.c
@@ -26,15 +26,19 @@
 
 #include "includes.h"
 
+#include <sys/types.h>
+
+#include <fcntl.h>
 #include <stdlib.h>
 #include <string.h>
 #include <unistd.h>
-#include <sys/types.h>
 
 #ifndef HAVE_ARC4RANDOM
 
+#ifdef WITH_OPENSSL
 #include <openssl/rand.h>
 #include <openssl/err.h>
+#endif
 
 #include "log.h"
 
@@ -73,14 +77,44 @@ _rs_init(u_char *buf, size_t n)
         chacha_ivsetup(&rs, buf + KEYSZ);
 }
 
+#ifndef WITH_OPENSSL
+#define SSH_RANDOM_DEV "/dev/urandom"
+/* XXX use getrandom() if supported on Linux */
+static void
+getrnd(u_char *s, size_t len)
+{
+        int fd;
+        ssize_t r;
+        size_t o = 0;
+
+        if ((fd = open(SSH_RANDOM_DEV, O_RDONLY)) == -1)
+                fatal("Couldn't open %s: %s", SSH_RANDOM_DEV, strerror(errno));
+        while (o < len) {
+                r = read(fd, s + o, len - o);
+                if (r < 0) {
+                        if (errno == EAGAIN || errno == EINTR ||
+                            errno == EWOULDBLOCK)
+                                continue;
+                        fatal("read %s: %s", SSH_RANDOM_DEV, strerror(errno));
+                }
+                o += r;
+        }
+        close(fd);
+}
+#endif
+
 static void
 _rs_stir(void)
 {
         u_char rnd[KEYSZ + IVSZ];
 
+#ifdef WITH_OPENSSL
         if (RAND_bytes(rnd, sizeof(rnd)) <= 0)
                 fatal("Couldn't obtain random bytes (error %ld)",
                     ERR_get_error());
+#else
+        getrnd(rnd, sizeof(rnd));
+#endif
 
         if (!rs_initialized) {
                 rs_initialized = 1;
diff --git a/openbsd-compat/bcrypt_pbkdf.c b/openbsd-compat/bcrypt_pbkdf.c
index 5ed1cc531..16912575a 100644
--- a/openbsd-compat/bcrypt_pbkdf.c
+++ b/openbsd-compat/bcrypt_pbkdf.c
@@ -32,6 +32,9 @@
 #endif
 
 #include "crypto_api.h"
+#ifdef SHA512_DIGEST_LENGTH
+# undef SHA512_DIGEST_LENGTH
+#endif
 #define SHA512_DIGEST_LENGTH crypto_hash_sha512_BYTES
 
 /*
diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h
index 94718babd..1cffefe06 100644
--- a/openbsd-compat/openbsd-compat.h
+++ b/openbsd-compat/openbsd-compat.h
@@ -43,7 +43,10 @@
 #include "readpassphrase.h"
 #include "vis.h"
 #include "getrrsetbyname.h"
+#include "sha1.h"
 #include "sha2.h"
+#include "rmd160.h"
+#include "md5.h"
 #include "blf.h"
 
 #ifndef HAVE_BASENAME
diff --git a/openbsd-compat/openssl-compat.c b/openbsd-compat/openssl-compat.c
index 36570e4ad..63a660c7a 100644
--- a/openbsd-compat/openssl-compat.c
+++ b/openbsd-compat/openssl-compat.c
@@ -19,6 +19,8 @@
 #define SSH_DONT_OVERLOAD_OPENSSL_FUNCS
 #include "includes.h"
 
+#ifdef WITH_OPENSSL
+
 #include <stdarg.h>
 #include <string.h>
 
@@ -78,3 +80,5 @@ ssh_OpenSSL_add_all_algorithms(void)
         OPENSSL_config(NULL);
 }
 #endif
+
+#endif /* WITH_OPENSSL */
diff --git a/openbsd-compat/openssl-compat.h b/openbsd-compat/openssl-compat.h
index 3695d412b..8917551d3 100644
--- a/openbsd-compat/openssl-compat.h
+++ b/openbsd-compat/openssl-compat.h
@@ -20,6 +20,8 @@
 #define _OPENSSL_COMPAT_H
 
 #include "includes.h"
+#ifdef WITH_OPENSSL
+
 #include <openssl/opensslv.h>
 #include <openssl/evp.h>
 #include <openssl/rsa.h>
@@ -90,4 +92,5 @@ void ssh_OpenSSL_add_all_algorithms(void);
 
 #endif  /* SSH_DONT_OVERLOAD_OPENSSL_FUNCS */
 
+#endif /* WITH_OPENSSL */
 #endif /* _OPENSSL_COMPAT_H */
diff --git a/openbsd-compat/sha2.c b/openbsd-compat/sha2.c
index f5bf74d1f..737935d46 100644
--- a/openbsd-compat/sha2.c
+++ b/openbsd-compat/sha2.c
@@ -38,13 +38,18 @@
 
 #include "includes.h"
 
-#include <openssl/opensslv.h>
+#ifdef WITH_OPENSSL
+# include <openssl/opensslv.h>
+# if !defined(HAVE_EVP_SHA256) && (OPENSSL_VERSION_NUMBER >= 0x00907000L)
+#  define _NEED_SHA2 1
+# endif
+#else
+# define _NEED_SHA2 1
+#endif
+
+#if defined(_NEED_SHA2) && !defined(HAVE_SHA256_UPDATE)
 
-#if !defined(HAVE_EVP_SHA256) && !defined(HAVE_SHA256_UPDATE) && \
-    (OPENSSL_VERSION_NUMBER >= 0x00907000L)
-#include <sys/types.h>
 #include <string.h>
-#include "sha2.h"
 
 /*
  * UNROLLED TRANSFORM LOOP NOTE:
@@ -838,7 +843,6 @@ SHA512_Final(u_int8_t digest[SHA512_DIGEST_LENGTH], SHA512_CTX *context)
 }
 
 
-#if 0
 /*** SHA-384: *********************************************************/
 void
 SHA384_Init(SHA384_CTX *context)
@@ -851,9 +855,29 @@ SHA384_Init(SHA384_CTX *context)
         context->bitcount[0] = context->bitcount[1] = 0;
 }
 
+#if 0
 __weak_alias(SHA384_Transform, SHA512_Transform);
 __weak_alias(SHA384_Update, SHA512_Update);
 __weak_alias(SHA384_Pad, SHA512_Pad);
+#endif
+
+void
+SHA384_Transform(u_int64_t state[8], const u_int8_t data[SHA512_BLOCK_LENGTH])
+{
+        return SHA512_Transform(state, data);
+}
+
+void
+SHA384_Update(SHA512_CTX *context, const u_int8_t *data, size_t len)
+{
+        SHA512_Update(context, data, len);
+}
+
+void
+SHA384_Pad(SHA512_CTX *context)
+{
+        SHA512_Pad(context);
+}
 
 void
 SHA384_Final(u_int8_t digest[SHA384_DIGEST_LENGTH], SHA384_CTX *context)
@@ -876,7 +900,5 @@ SHA384_Final(u_int8_t digest[SHA384_DIGEST_LENGTH], SHA384_CTX *context)
         /* Zero out state data */
         memset(context, 0, sizeof(*context));
 }
-#endif
 
-#endif /* !defined(HAVE_EVP_SHA256) && !defined(HAVE_SHA256_UPDATE) && \
-    (OPENSSL_VERSION_NUMBER >= 0x00907000L) */
+#endif /* defined(_NEED_SHA2) && !defined(HAVE_SHA256_UPDATE) */
diff --git a/openbsd-compat/sha2.h b/openbsd-compat/sha2.h
index 73e94f150..c8bfc3cd1 100644
--- a/openbsd-compat/sha2.h
+++ b/openbsd-compat/sha2.h
@@ -41,10 +41,16 @@
 
 #include "includes.h"
 
-#include <openssl/opensslv.h>
+#ifdef WITH_OPENSSL
+# include <openssl/opensslv.h>
+# if !defined(HAVE_EVP_SHA256) && (OPENSSL_VERSION_NUMBER >= 0x00907000L)
+#  define _NEED_SHA2 1
+# endif
+#else
+# define _NEED_SHA2 1
+#endif
 
-#if !defined(HAVE_EVP_SHA256) && !defined(HAVE_SHA256_UPDATE) && \
-    (OPENSSL_VERSION_NUMBER >= 0x00907000L)
+#if defined(_NEED_SHA2) && !defined(HAVE_SHA256_UPDATE)
 
 /*** SHA-256/384/512 Various Length Definitions ***********************/
 #define SHA256_BLOCK_LENGTH             64
@@ -70,9 +76,7 @@ typedef struct _SHA512_CTX {
         u_int8_t        buffer[SHA512_BLOCK_LENGTH];
 } SHA512_CTX;
 
-#if 0
 typedef SHA512_CTX SHA384_CTX;
-#endif
 
 void SHA256_Init(SHA256_CTX *);
 void SHA256_Transform(u_int32_t state[8], const u_int8_t [SHA256_BLOCK_LENGTH]);
@@ -91,7 +95,6 @@ char *SHA256_Data(const u_int8_t *, size_t, char *)
         __attribute__((__bounded__(__string__,1,2)))
         __attribute__((__bounded__(__minbytes__,3,SHA256_DIGEST_STRING_LENGTH)));
 
-#if 0
 void SHA384_Init(SHA384_CTX *);
 void SHA384_Transform(u_int64_t state[8], const u_int8_t [SHA384_BLOCK_LENGTH]);
 void SHA384_Update(SHA384_CTX *, const u_int8_t *, size_t)
@@ -108,7 +111,6 @@ char *SHA384_FileChunk(const char *, char *, off_t, off_t)
 char *SHA384_Data(const u_int8_t *, size_t, char *)
         __attribute__((__bounded__(__string__,1,2)))
         __attribute__((__bounded__(__minbytes__,3,SHA384_DIGEST_STRING_LENGTH)));
-#endif /* 0 */
 
 void SHA512_Init(SHA512_CTX *);
 void SHA512_Transform(u_int64_t state[8], const u_int8_t [SHA512_BLOCK_LENGTH]);
@@ -127,7 +129,6 @@ char *SHA512_Data(const u_int8_t *, size_t, char *)
         __attribute__((__bounded__(__string__,1,2)))
         __attribute__((__bounded__(__minbytes__,3,SHA512_DIGEST_STRING_LENGTH)));
 
-#endif /* !defined(HAVE_EVP_SHA256) && !defined(HAVE_SHA256_UPDATE) && \
-    (OPENSSL_VERSION_NUMBER >= 0x00907000L) */
+#endif /* defined(_NEED_SHA2) && !defined(HAVE_SHA256_UPDATE) */
 
 #endif /* _SSHSHA2_H */
diff --git a/openbsd-compat/xcrypt.c b/openbsd-compat/xcrypt.c
index c8aea461d..8577cbd8a 100644
--- a/openbsd-compat/xcrypt.c
+++ b/openbsd-compat/xcrypt.c
@@ -57,7 +57,7 @@
 #  include "md5crypt.h"
 # endif
 
-# if !defined(HAVE_CRYPT) && defined(HAVE_DES_CRYPT)
+# if defined(WITH_OPENSSL) && !defined(HAVE_CRYPT) && defined(HAVE_DES_CRYPT)
 #  include <openssl/des.h>
 #  define crypt DES_crypt
 # endif