remove a bunch of ENABLE_SK #ifdefs

The ssh-sk-helper client API gives us a nice place to disable security key support when it is wasn't enabled at compile time, so we don't need to check everywere. Also, verification of security key signatures can remain enabled all the time - it has no additional dependencies. So sshd can accept security key pubkeys in authorized_keys, etc regardless of the host's support for dlopen, etc.
author: Damien Miller <djm@mindrot.org> 2019-12-14 09:21:46 +1100
committer: Damien Miller <djm@mindrot.org> 2019-12-14 09:21:46 +1100
commit: 9244990ecdcfa36bb9371058111685b05f201c1e (patch)
tree: a068b6ce79b806f20c0159cf3306a0234ef1f387 /ssh-keygen.c
parent: a33ab1688b5c460a7e2a301418241ce1b13b2638 (diff)
1 files changed, 0 insertions, 4 deletions
diff --git a/ssh-keygen.c b/ssh-keygen.c
index e90b85ffa..24e246c0b 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -3303,9 +3303,6 @@ main(int argc, char **argv)
        switch (type) {
        case KEY_ECDSA_SK:
        case KEY_ED25519_SK:
-#ifndef ENABLE_SK
-                fatal("Security key support was disabled at compile time");
-#else /* ENABLE_SK */
                if (!quiet) {
                        printf("You may need to touch your security key "
                            "to authorize key generation.\n");
@@ -3316,7 +3313,6 @@ main(int argc, char **argv)
                    sk_flags, NULL, &private, NULL) != 0)
                        exit(1); /* error message already printed */
                break;
-#endif /* ENABLE_SK */
        default:
                if ((r = sshkey_generate(type, bits, &private)) != 0)
                        fatal("sshkey_generate failed");
author	Damien Miller <djm@mindrot.org>	2019-12-14 09:21:46 +1100
committer	Damien Miller <djm@mindrot.org>	2019-12-14 09:21:46 +1100
commit	9244990ecdcfa36bb9371058111685b05f201c1e (patch)
tree	a068b6ce79b806f20c0159cf3306a0234ef1f387 /ssh-keygen.c
parent	a33ab1688b5c460a7e2a301418241ce1b13b2638 (diff)