From ece9578d479151e025ea7f89974ea3f37e0bf5ae Mon Sep 17 00:00:00 2001 From: dtucker Date: Fri, 10 Sep 2010 02:28:24 +0000 Subject: [PATCH] - (dtucker) [kex.h key.c packet.h ssh-agent.c ssh.c] A few more ECC ifdefs for missing headers and compiler warnings. --- ChangeLog | 2 ++ kex.h | 2 ++ key.c | 10 ++++++++-- packet.h | 6 ++++++ ssh-agent.c | 3 ++- ssh.c | 13 +++++++++++-- 6 files changed, 31 insertions(+), 5 deletions(-) diff --git a/ChangeLog b/ChangeLog index 742e966c..c3c18d72 100644 --- a/ChangeLog +++ b/ChangeLog @@ -66,6 +66,8 @@ [kexecdhc.c kexecdhs.c key.c key.h myproposal.h packet.c readconf.c] [ssh-agent.c ssh-ecdsa.c ssh-keygen.c ssh.c] Disable ECDH and ECDSA on platforms that don't have the requisite OpenSSL support. ok dtucker@ + - (dtucker) [kex.h key.c packet.h ssh-agent.c ssh.c] A few more ECC ifdefs + for missing headers and compiler warnings. 20100831 - OpenBSD CVS Sync diff --git a/kex.h b/kex.h index 06914756..3e312fb4 100644 --- a/kex.h +++ b/kex.h @@ -29,7 +29,9 @@ #include #include #include +#ifdef OPENSSL_HAS_ECC #include +#endif #define KEX_COOKIE_LEN 16 diff --git a/key.c b/key.c index 3cda8f2c..196092de 100644 --- a/key.c +++ b/key.c @@ -261,7 +261,9 @@ cert_compare(struct KeyCert *a, struct KeyCert *b) int key_equal_public(const Key *a, const Key *b) { +#ifdef OPENSSL_HAS_ECC BN_CTX *bnctx; +#endif if (a == NULL || b == NULL || key_type_plain(a->type) != key_type_plain(b->type)) @@ -656,9 +658,12 @@ key_read(Key *ret, char **cpp) Key *k; int success = -1; char *cp, *space; - int len, n, type, curve_nid = -1; + int len, n, type; u_int bits; u_char *blob; +#ifdef OPENSSL_HAS_ECC + int curve_nid = -1; +#endif cp = *cpp; @@ -1437,11 +1442,12 @@ Key * key_from_blob(const u_char *blob, u_int blen) { Buffer b; - int rlen, type, nid = -1; + int rlen, type; char *ktype = NULL, *curve = NULL; Key *key = NULL; #ifdef OPENSSL_HAS_ECC EC_POINT *q = NULL; + int nid = -1; #endif #ifdef DEBUG_PK diff --git a/packet.h b/packet.h index 827561cd..864b8285 100644 --- a/packet.h +++ b/packet.h @@ -19,7 +19,9 @@ #include #include +#ifdef OPENSSL_HAS_ECC #include +#endif void packet_set_connection(int, int); void packet_set_timeout(int, int); @@ -43,7 +45,9 @@ void packet_put_int(u_int value); void packet_put_int64(u_int64_t value); void packet_put_bignum(BIGNUM * value); void packet_put_bignum2(BIGNUM * value); +#ifdef OPENSSL_HAS_ECC void packet_put_ecpoint(const EC_GROUP *, const EC_POINT *); +#endif void packet_put_string(const void *buf, u_int len); void packet_put_cstring(const char *str); void packet_put_raw(const void *buf, u_int len); @@ -61,7 +65,9 @@ u_int packet_get_int(void); u_int64_t packet_get_int64(void); void packet_get_bignum(BIGNUM * value); void packet_get_bignum2(BIGNUM * value); +#ifdef OPENSSL_HAS_ECC void packet_get_ecpoint(const EC_GROUP *, EC_POINT *); +#endif void *packet_get_raw(u_int *length_ptr); void *packet_get_string(u_int *length_ptr); char *packet_get_cstring(u_int *length_ptr); diff --git a/ssh-agent.c b/ssh-agent.c index 8f19fb15..45c8e37a 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -466,11 +466,12 @@ process_add_identity(SocketEntry *e, int version) Idtab *tab = idtab_lookup(version); Identity *id; int type, success = 0, death = 0, confirm = 0; - char *type_name, *comment, *curve; + char *type_name, *comment; Key *k = NULL; #ifdef OPENSSL_HAS_ECC BIGNUM *exponent; EC_POINT *q; + int *curve; #endif u_char *cert; u_int len; diff --git a/ssh.c b/ssh.c index 3ade744b..70c71bc0 100644 --- a/ssh.c +++ b/ssh.c @@ -849,10 +849,19 @@ main(int ac, char **av) */ r = snprintf(buf, sizeof buf, "%s%s%s", pw->pw_dir, strcmp(pw->pw_dir, "/") ? "/" : "", _PATH_SSH_USER_DIR); - if (r > 0 && (size_t)r < sizeof(buf) && stat(buf, &st) < 0) + if (r > 0 && (size_t)r < sizeof(buf) && stat(buf, &st) < 0) { +#ifdef WITH_SELINUX + char *scon; + + matchpathcon(buf, 0700, &scon); + setfscreatecon(scon); +#endif if (mkdir(buf, 0700) < 0) error("Could not create directory '%.200s'.", buf); - +#ifdef WITH_SELINUX + setfscreatecon(NULL); +#endif + } /* load options.identity_files */ load_public_identity_files(); -- 2.11.4.GIT