diff options
author | Damien Miller <djm@mindrot.org> | 2019-12-14 09:21:46 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2019-12-14 09:21:46 +1100 |
commit | 9244990ecdcfa36bb9371058111685b05f201c1e (patch) | |
tree | a068b6ce79b806f20c0159cf3306a0234ef1f387 /ssh-keygen.c | |
parent | a33ab1688b5c460a7e2a301418241ce1b13b2638 (diff) |
remove a bunch of ENABLE_SK #ifdefs
The ssh-sk-helper client API gives us a nice place to disable
security key support when it is wasn't enabled at compile time,
so we don't need to check everywere.
Also, verification of security key signatures can remain enabled
all the time - it has no additional dependencies. So sshd can
accept security key pubkeys in authorized_keys, etc regardless of
the host's support for dlopen, etc.
Diffstat (limited to 'ssh-keygen.c')
-rw-r--r-- | ssh-keygen.c | 4 |
1 files changed, 0 insertions, 4 deletions
diff --git a/ssh-keygen.c b/ssh-keygen.c index e90b85ffa..24e246c0b 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c | |||
@@ -3303,9 +3303,6 @@ main(int argc, char **argv) | |||
3303 | switch (type) { | 3303 | switch (type) { |
3304 | case KEY_ECDSA_SK: | 3304 | case KEY_ECDSA_SK: |
3305 | case KEY_ED25519_SK: | 3305 | case KEY_ED25519_SK: |
3306 | #ifndef ENABLE_SK | ||
3307 | fatal("Security key support was disabled at compile time"); | ||
3308 | #else /* ENABLE_SK */ | ||
3309 | if (!quiet) { | 3306 | if (!quiet) { |
3310 | printf("You may need to touch your security key " | 3307 | printf("You may need to touch your security key " |
3311 | "to authorize key generation.\n"); | 3308 | "to authorize key generation.\n"); |
@@ -3316,7 +3313,6 @@ main(int argc, char **argv) | |||
3316 | sk_flags, NULL, &private, NULL) != 0) | 3313 | sk_flags, NULL, &private, NULL) != 0) |
3317 | exit(1); /* error message already printed */ | 3314 | exit(1); /* error message already printed */ |
3318 | break; | 3315 | break; |
3319 | #endif /* ENABLE_SK */ | ||
3320 | default: | 3316 | default: |
3321 | if ((r = sshkey_generate(type, bits, &private)) != 0) | 3317 | if ((r = sshkey_generate(type, bits, &private)) != 0) |
3322 | fatal("sshkey_generate failed"); | 3318 | fatal("sshkey_generate failed"); |