diff options
Diffstat (limited to 'ssh-keysign.c')
| -rw-r--r-- | ssh-keysign.c | 17 |
1 files changed, 4 insertions, 13 deletions
diff --git a/ssh-keysign.c b/ssh-keysign.c index 744ecb4f9..601f6ca72 100644 --- a/ssh-keysign.c +++ b/ssh-keysign.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssh-keysign.c,v 1.55 2018/07/27 05:34:42 dtucker Exp $ */ | 1 | /* $OpenBSD: ssh-keysign.c,v 1.56 2018/11/23 05:08:07 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2002 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2002 Markus Friedl. All rights reserved. |
| 4 | * | 4 | * |
| @@ -40,6 +40,7 @@ | |||
| 40 | #include <openssl/evp.h> | 40 | #include <openssl/evp.h> |
| 41 | #include <openssl/rand.h> | 41 | #include <openssl/rand.h> |
| 42 | #include <openssl/rsa.h> | 42 | #include <openssl/rsa.h> |
| 43 | #include "openbsd-compat/openssl-compat.h" | ||
| 43 | #endif | 44 | #endif |
| 44 | 45 | ||
| 45 | #include "xmalloc.h" | 46 | #include "xmalloc.h" |
| @@ -58,8 +59,6 @@ | |||
| 58 | #include "sshkey.h" | 59 | #include "sshkey.h" |
| 59 | #include "ssherr.h" | 60 | #include "ssherr.h" |
| 60 | 61 | ||
| 61 | struct ssh *active_state = NULL; /* XXX needed for linking */ | ||
| 62 | |||
| 63 | extern char *__progname; | 62 | extern char *__progname; |
| 64 | 63 | ||
| 65 | static int | 64 | static int |
| @@ -173,9 +172,6 @@ main(int argc, char **argv) | |||
| 173 | u_char *signature, *data, rver; | 172 | u_char *signature, *data, rver; |
| 174 | char *host, *fp; | 173 | char *host, *fp; |
| 175 | size_t slen, dlen; | 174 | size_t slen, dlen; |
| 176 | #ifdef WITH_OPENSSL | ||
| 177 | u_int32_t rnd[256]; | ||
| 178 | #endif | ||
| 179 | 175 | ||
| 180 | ssh_malloc_init(); /* must be called before any mallocs */ | 176 | ssh_malloc_init(); /* must be called before any mallocs */ |
| 181 | if (pledge("stdio rpath getpw dns id", NULL) != 0) | 177 | if (pledge("stdio rpath getpw dns id", NULL) != 0) |
| @@ -210,7 +206,8 @@ main(int argc, char **argv) | |||
| 210 | 206 | ||
| 211 | /* verify that ssh-keysign is enabled by the admin */ | 207 | /* verify that ssh-keysign is enabled by the admin */ |
| 212 | initialize_options(&options); | 208 | initialize_options(&options); |
| 213 | (void)read_config_file(_PATH_HOST_CONFIG_FILE, pw, "", "", &options, 0); | 209 | (void)read_config_file(_PATH_HOST_CONFIG_FILE, pw, "", "", |
| 210 | &options, 0, NULL); | ||
| 214 | fill_default_options(&options); | 211 | fill_default_options(&options); |
| 215 | if (options.enable_ssh_keysign != 1) | 212 | if (options.enable_ssh_keysign != 1) |
| 216 | fatal("ssh-keysign not enabled in %s", | 213 | fatal("ssh-keysign not enabled in %s", |
| @@ -223,12 +220,6 @@ main(int argc, char **argv) | |||
| 223 | if (found == 0) | 220 | if (found == 0) |
| 224 | fatal("could not open any host key"); | 221 | fatal("could not open any host key"); |
| 225 | 222 | ||
| 226 | #ifdef WITH_OPENSSL | ||
| 227 | OpenSSL_add_all_algorithms(); | ||
| 228 | arc4random_buf(rnd, sizeof(rnd)); | ||
| 229 | RAND_seed(rnd, sizeof(rnd)); | ||
| 230 | #endif | ||
| 231 | |||
| 232 | found = 0; | 223 | found = 0; |
| 233 | for (i = 0; i < NUM_KEYTYPES; i++) { | 224 | for (i = 0; i < NUM_KEYTYPES; i++) { |
| 234 | keys[i] = NULL; | 225 | keys[i] = NULL; |