rpms
/
openssh
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Do not check for openssl based keys if built without openssl

This commit is contained in:
Jakub Jelen 2016-01-05 12:47:04 +01:00
parent 62897e51d6
commit da62b78673
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
openssh-6.7p1-audit.patch
View File

@ -2282,13 +2282,14 @@ diff -up openssh-7.0p1/sshd.c.audit openssh-7.0p1/sshd.c
diff -up openssh-7.0p1/sshkey.c.audit openssh-7.0p1/sshkey.c
--- openssh-7.0p1/sshkey.c.audit 2015-08-11 10:57:29.000000000 +0200
+++ openssh-7.0p1/sshkey.c 2015-08-12 11:33:00.417914278 +0200
@@ -299,6 +299,31 @@ sshkey_type_is_valid_ca(int type)
@@ -299,6 +299,33 @@ sshkey_type_is_valid_ca(int type)
}
int
+sshkey_is_private(const struct sshkey *k)
+{
+ switch (k->type) {
+#ifdef WITH_OPENSSL
+ case KEY_RSA_CERT:
+ case KEY_RSA1:
+ case KEY_RSA:
@ -2300,7 +2301,8 @@ diff -up openssh-7.0p1/sshkey.c.audit openssh-7.0p1/sshkey.c
+ case KEY_ECDSA_CERT:
+ case KEY_ECDSA:
+ return EC_KEY_get0_private_key(k->ecdsa) != NULL;
+#endif
+#endif /* OPENSSL_HAS_ECC */
+#endif /* WITH_OPENSSL */
+ case KEY_ED25519_CERT:
+ case KEY_ED25519:
+ return (k->ed25519_pk != NULL);