fix compilation with OPENSSL=no; ok dtucker@

diff --git a/usr.bin/ssh/monitor.c b/usr.bin/ssh/monitor.c
index 2fc0109..3d1c7e6 100644 (file)
--- a/usr.bin/ssh/monitor.c
+++ b/usr.bin/ssh/monitor.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.146 2015/04/17 04:32:31 djm Exp $ */
+/* $OpenBSD: monitor.c,v 1.147 2015/04/27 01:52:30 djm Exp $ */
 /*
  * Copyright 2002 Niels Provos <provos@citi.umich.edu>
  * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -1518,11 +1518,13 @@ monitor_apply_keystate(struct monitor *pmonitor)
 
        if ((kex = ssh->kex) != 0) {
                /* XXX set callbacks */
+#ifdef WITH_OPENSSL
                kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
                kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
                kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
                kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
                kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
+#endif
                kex->kex[KEX_C25519_SHA256] = kexc25519_server;
                kex->load_host_public_key=&get_hostkey_public_by_type;
                kex->load_host_private_key=&get_hostkey_private_by_type;

diff --git a/usr.bin/ssh/packet.c b/usr.bin/ssh/packet.c
index 6d5e2a7..1f79240 100644 (file)
--- a/usr.bin/ssh/packet.c
+++ b/usr.bin/ssh/packet.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.c,v 1.210 2015/03/24 20:10:08 markus Exp $ */
+/* $OpenBSD: packet.c,v 1.211 2015/04/27 01:52:30 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -778,10 +778,12 @@ ssh_packet_set_compress_hooks(struct ssh *ssh, void *ctx,
  * encrypted independently of each other.
  */
 
-#ifdef WITH_OPENSSL
 void
 ssh_packet_set_encryption_key(struct ssh *ssh, const u_char *key, u_int keylen, int number)
 {
+#ifndef WITH_SSH1
+       fatal("no SSH protocol 1 support");
+#else /* WITH_SSH1 */
        struct session_state *state = ssh->state;
        const struct sshcipher *cipher = cipher_by_number(number);
        int r;
@@ -806,8 +808,8 @@ ssh_packet_set_encryption_key(struct ssh *ssh, const u_char *key, u_int keylen,
                error("Warning: %s", wmsg);
                state->cipher_warning_done = 1;
        }
+#endif /* WITH_SSH1 */
 }
-#endif
 
 /*
  * Finalizes and sends the packet.  If the encryption key has been set,
@@ -2713,23 +2715,27 @@ sshpkt_put_stringb(struct ssh *ssh, const struct sshbuf *v)
        return sshbuf_put_stringb(ssh->state->outgoing_packet, v);
 }
 
+#ifdef WITH_OPENSSL
 int
 sshpkt_put_ec(struct ssh *ssh, const EC_POINT *v, const EC_GROUP *g)
 {
        return sshbuf_put_ec(ssh->state->outgoing_packet, v, g);
 }
 
+#ifdef WITH_SSH1
 int
 sshpkt_put_bignum1(struct ssh *ssh, const BIGNUM *v)
 {
        return sshbuf_put_bignum1(ssh->state->outgoing_packet, v);
 }
+#endif /* WITH_SSH1 */
 
 int
 sshpkt_put_bignum2(struct ssh *ssh, const BIGNUM *v)
 {
        return sshbuf_put_bignum2(ssh->state->outgoing_packet, v);
 }
+#endif /* WITH_OPENSSL */
 
 /* fetch data from the incoming packet */
 
@@ -2775,23 +2781,27 @@ sshpkt_get_cstring(struct ssh *ssh, char **valp, size_t *lenp)
        return sshbuf_get_cstring(ssh->state->incoming_packet, valp, lenp);
 }
 
+#ifdef WITH_OPENSSL
 int
 sshpkt_get_ec(struct ssh *ssh, EC_POINT *v, const EC_GROUP *g)
 {
        return sshbuf_get_ec(ssh->state->incoming_packet, v, g);
 }
 
+#ifdef WITH_SSH1
 int
 sshpkt_get_bignum1(struct ssh *ssh, BIGNUM *v)
 {
        return sshbuf_get_bignum1(ssh->state->incoming_packet, v);
 }
+#endif /* WITH_SSH1 */
 
 int
 sshpkt_get_bignum2(struct ssh *ssh, BIGNUM *v)
 {
        return sshbuf_get_bignum2(ssh->state->incoming_packet, v);
 }
+#endif /* WITH_OPENSSL */
 
 int
 sshpkt_get_end(struct ssh *ssh)

diff --git a/usr.bin/ssh/ssh-keygen.c b/usr.bin/ssh/ssh-keygen.c
index a45e501..90c6ab3 100644 (file)
--- a/usr.bin/ssh/ssh-keygen.c
+++ b/usr.bin/ssh/ssh-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.270 2015/04/24 01:36:01 deraadt Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.271 2015/04/27 01:52:30 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -176,11 +176,14 @@ int prime_test(FILE *, FILE *, u_int32_t, u_int32_t, char *, unsigned long,
 static void
 type_bits_valid(int type, const char *name, u_int32_t *bitsp)
 {
+#ifdef WITH_OPENSSL
        u_int maxbits, nid;
+#endif
 
        if (type == KEY_UNSPEC)
                fatal("unknown key type %s", key_type_name);
        if (*bitsp == 0) {
+#ifdef WITH_OPENSSL
                if (type == KEY_DSA)
                        *bitsp = DEFAULT_BITS_DSA;
                else if (type == KEY_ECDSA) {
@@ -191,13 +194,14 @@ type_bits_valid(int type, const char *name, u_int32_t *bitsp)
                                *bitsp = DEFAULT_BITS_ECDSA;
                }
                else
+#endif
                        *bitsp = DEFAULT_BITS;
        }
+#ifdef WITH_OPENSSL
        maxbits = (type == KEY_DSA) ?
            OPENSSL_DSA_MAX_MODULUS_BITS : OPENSSL_RSA_MAX_MODULUS_BITS;
        if (*bitsp > maxbits)
                fatal("key bits exceeds maximum %d", maxbits);
-#ifdef WITH_OPENSSL
        if (type == KEY_DSA && *bitsp != 1024)
                fatal("DSA keys must be 1024 bits");
        else if (type != KEY_ECDSA && type != KEY_ED25519 && *bitsp < 768)