support --without-openssl at configure time

Disables and removes dependency on OpenSSL. Many features don't work and the set of crypto options is greatly restricted. This will only work on system with native arc4random or /dev/urandom. Considered highly experimental for now.
author: Damien Miller <djm@mindrot.org> 2015-01-15 02:21:31 +1100
committer: Damien Miller <djm@mindrot.org> 2015-01-15 02:28:36 +1100
commit: 72ef7c148c42db7d5632a29f137f8b87b579f2d9 (patch)
tree: 47954a387f4260cc8b1e0ff33bbbaf22fd6f11fc /ssh-keysign.c
parent: 4f38c61c68ae7e3f9ee4b3c38bc86cd39f65ece9 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/ssh-keysign.c b/ssh-keysign.c
index d59f115fc..821939997 100644
--- a/ssh-keysign.c
+++ b/ssh-keysign.c
@@ -35,9 +35,11 @@
 #include <string.h>
 #include <unistd.h>
+#ifdef WITH_OPENSSL
 #include <openssl/evp.h>
 #include <openssl/rand.h>
 #include <openssl/rsa.h>
+#endif
 #include "xmalloc.h"
 #include "log.h"
@@ -161,7 +163,9 @@ main(int argc, char **argv)
        u_char *signature, *data;
        char *host, *fp;
        u_int slen, dlen;
+#ifdef WITH_OPENSSL
        u_int32_t rnd[256];
+#endif
        /* Ensure that stdin and stdout are connected */
        if ((fd = open(_PATH_DEVNULL, O_RDWR)) < 2)
@@ -204,9 +208,11 @@ main(int argc, char **argv)
        if (found == 0)
                fatal("could not open any host key");
+#ifdef WITH_OPENSSL
        OpenSSL_add_all_algorithms();
        arc4random_buf(rnd, sizeof(rnd));
        RAND_seed(rnd, sizeof(rnd));
+#endif
        found = 0;
        for (i = 0; i < NUM_KEYTYPES; i++) {
author	Damien Miller <djm@mindrot.org>	2015-01-15 02:21:31 +1100
committer	Damien Miller <djm@mindrot.org>	2015-01-15 02:28:36 +1100
commit	72ef7c148c42db7d5632a29f137f8b87b579f2d9 (patch)
tree	47954a387f4260cc8b1e0ff33bbbaf22fd6f11fc /ssh-keysign.c
parent	4f38c61c68ae7e3f9ee4b3c38bc86cd39f65ece9 (diff)