diff options
| author | Damien Miller <djm@mindrot.org> | 2021-10-01 08:35:05 +0200 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2021-10-01 08:36:24 +0200 |
| commit | 872595572b6c9a584ed754165e8b7c4c9e7e1d61 (patch) | |
| tree | 4fd732f1c87d68a17393dc79619add8801b571c7 | |
| parent | enable security key support for --without-openssl (diff) | |
| download | openssh-872595572b6c9a584ed754165e8b7c4c9e7e1d61.tar.xz openssh-872595572b6c9a584ed754165e8b7c4c9e7e1d61.zip | |
fix FIDO key support for !OPENSSL_HAS_ECC case
ok dtucker
| -rw-r--r-- | sk-usbhid.c | 9 | ||||
| -rw-r--r-- | ssh-sk.c | 13 |
2 files changed, 20 insertions, 2 deletions
diff --git a/sk-usbhid.c b/sk-usbhid.c index 2fdf3d94f..01412b697 100644 --- a/sk-usbhid.c +++ b/sk-usbhid.c @@ -31,6 +31,15 @@ #include <sha2.h> #endif +/* + * Almost every use of OpenSSL in this file is for ECDSA-NISTP256. + * This is strictly a larger hammer than necessary, but it reduces changes + * with upstream. + */ +#ifndef OPENSSL_HAS_ECC +# undef WITH_OPENSSL +#endif + #ifdef WITH_OPENSSL #include <openssl/opensslv.h> #include <openssl/crypto.h> @@ -29,10 +29,10 @@ #include <string.h> #include <stdio.h> -#ifdef WITH_OPENSSL +#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) #include <openssl/objects.h> #include <openssl/ec.h> -#endif /* WITH_OPENSSL */ +#endif /* WITH_OPENSSL && OPENSSL_HAS_ECC */ #include "log.h" #include "misc.h" @@ -45,6 +45,15 @@ #include "sk-api.h" #include "crypto_api.h" +/* + * Almost every use of OpenSSL in this file is for ECDSA-NISTP256. + * This is strictly a larger hammer than necessary, but it reduces changes + * with upstream. + */ +#ifndef OPENSSL_HAS_ECC +# undef WITH_OPENSSL +#endif + struct sshsk_provider { char *path; void *dlhandle; |