bugzilla-daemon at mindrot.org
2015-Apr-23 03:48 UTC
[Bug 2388] New: build fixups for --without-openssl
https://bugzilla.mindrot.org/show_bug.cgi?id=2388
Bug ID: 2388
Summary: build fixups for --without-openssl
Product: Portable OpenSSH
Version: 6.8p1
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: Build system
Assignee: unassigned-bugs at mindrot.org
Reporter: reubenhwk at gmail.com
Created attachment 2599
--> https://bugzilla.mindrot.org/attachment.cgi?id=2599&action=edit
git format-patch origin/master
Summary:
* Fix KEX_SERVER_ENCRYPT macro in myproposal.h
* Fix unresolved symbols in ssh-keygen.c
* Isolate openssl code and extend WITH_OPENSSL wrappers around it
* Make ed25519 default key type in ssh-keygen when configured
--without-openssl
The attached patches apply to master (commit id 70860b6)
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2015-Apr-23 03:48 UTC
[Bug 2388] build fixups for --without-openssl
https://bugzilla.mindrot.org/show_bug.cgi?id=2388
Reuben Hawkins <reubenhwk at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |reubenhwk at gmail.com
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2015-Apr-23 03:49 UTC
[Bug 2388] build fixups for --without-openssl
https://bugzilla.mindrot.org/show_bug.cgi?id=2388
Reuben Hawkins <reubenhwk at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Version|6.8p1 |-current
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2015-Apr-24 22:11 UTC
[Bug 2388] build fixups for --without-openssl
https://bugzilla.mindrot.org/show_bug.cgi?id=2388 --- Comment #1 from Reuben Hawkins <reubenhwk at gmail.com> --- Created attachment 2603 --> https://bugzilla.mindrot.org/attachment.cgi?id=2603&action=edit someone left off a '\' character in KEX_SERVER_ENCRYPT It appears that someone left off a '\' character. KEX_SERVER_ENCRYPT should be defined as... #define KEX_SERVER_ENCRYPT "chacha20-poly1305 at openssh.com,""aes128-ctr,aes192-ctr,aes256-ctr" ...but for formatting the string is split up on separate lines which need to be connected with the '\' characters. -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2015-Apr-24 22:12 UTC
[Bug 2388] build fixups for --without-openssl
https://bugzilla.mindrot.org/show_bug.cgi?id=2388 --- Comment #2 from Reuben Hawkins <reubenhwk at gmail.com> --- Created attachment 2604 --> https://bugzilla.mindrot.org/attachment.cgi?id=2604&action=edit unresolved gen_candidates and prime_test symbols ssh-keygen was failing to link on unresolved gen_candidates and prime_test symbols. These functions are only available when ssh links to ssl. -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2015-Apr-24 22:13 UTC
[Bug 2388] build fixups for --without-openssl
https://bugzilla.mindrot.org/show_bug.cgi?id=2388 --- Comment #3 from Reuben Hawkins <reubenhwk at gmail.com> --- Created attachment 2605 --> https://bugzilla.mindrot.org/attachment.cgi?id=2605&action=edit isolate and wrap WITH_OPENSSH options There are a number of ssh-keygen options which only apply in a with-openssl build. These options were already partially guarded in WITH_OPENSSL macros. This change isolates and wraps the rest of those options producing a clean, warning free build with openssl disabled. -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2015-Apr-24 22:15 UTC
[Bug 2388] build fixups for --without-openssl
https://bugzilla.mindrot.org/show_bug.cgi?id=2388
Reuben Hawkins <reubenhwk at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #2599|0 |1
is obsolete| |
--- Comment #4 from Reuben Hawkins <reubenhwk at gmail.com> ---
Created attachment 2606
--> https://bugzilla.mindrot.org/attachment.cgi?id=2606&action=edit
make ed25519 default ssh-keygen type when no SSL
The default key type was hardcoded to rsa, which isn't available in
without-openssl builds. This change makes the default ed25519 when
openssl is disabled.
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2015-Apr-27 00:15 UTC
[Bug 2388] build fixups for --without-openssl
https://bugzilla.mindrot.org/show_bug.cgi?id=2388 --- Comment #5 from Darren Tucker <dtucker at zip.com.au> --- Comment on attachment 2603 --> https://bugzilla.mindrot.org/attachment.cgi?id=2603 someone left off a '\' character in KEX_SERVER_ENCRYPT>Subject: [PATCH 1/4] myproposal.h: fix newline in KEX_SERVER_ENCRYPTThis one has already been fixed in the OpenBSD tree but hasn't been pulled into Portable yet. http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/myproposal.h.diff?r1=1.42&r2=1.43 -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2015-Apr-27 00:15 UTC
[Bug 2388] build fixups for --without-openssl
https://bugzilla.mindrot.org/show_bug.cgi?id=2388
Darren Tucker <dtucker at zip.com.au> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |dtucker at zip.com.au
Attachment #2603|0 |1
is obsolete| |
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2015-Apr-27 00:17 UTC
[Bug 2388] build fixups for --without-openssl
https://bugzilla.mindrot.org/show_bug.cgi?id=2388
Darren Tucker <dtucker at zip.com.au> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |ASSIGNED
Blocks| |2360
--- Comment #6 from Darren Tucker <dtucker at zip.com.au> ---
Put the rest on the list for 6.9
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2015-Apr-27 00:18 UTC
[Bug 2388] build fixups for --without-openssl
https://bugzilla.mindrot.org/show_bug.cgi?id=2388
Darren Tucker <dtucker at zip.com.au> changed:
What |Removed |Added
----------------------------------------------------------------------------
Assignee|unassigned-bugs at mindrot.org |dtucker at zip.com.au
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2015-May-28 04:01 UTC
[Bug 2388] build fixups for --without-openssl
https://bugzilla.mindrot.org/show_bug.cgi?id=2388
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #2606|0 |1
is obsolete| |
CC| |djm at mindrot.org
Attachment #2633| |ok?(dtucker at zip.com.au)
Flags| |
--- Comment #7 from Damien Miller <djm at mindrot.org> ---
Created attachment 2633
--> https://bugzilla.mindrot.org/attachment.cgi?id=2633&action=edit
make ed25519 default ssh-keygen type when no SSL
tweaked diff
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2015-May-28 04:17 UTC
[Bug 2388] build fixups for --without-openssl
https://bugzilla.mindrot.org/show_bug.cgi?id=2388
Darren Tucker <dtucker at zip.com.au> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #2633|ok?(dtucker at zip.com.au) |ok+
Flags| |
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2015-May-28 04:41 UTC
[Bug 2388] build fixups for --without-openssl
https://bugzilla.mindrot.org/show_bug.cgi?id=2388
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #2604|0 |1
is obsolete| |
Attachment #2605|0 |1
is obsolete| |
Assignee|dtucker at zip.com.au |djm at mindrot.org
Attachment #2634| |ok?(dtucker at zip.com.au)
Flags| |
--- Comment #8 from Damien Miller <djm at mindrot.org> ---
Created attachment 2634
--> https://bugzilla.mindrot.org/attachment.cgi?id=2634&action=edit
chop out moduli code and options when compiled !openssl
rework the other two patches
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2015-May-28 05:19 UTC
[Bug 2388] build fixups for --without-openssl
https://bugzilla.mindrot.org/show_bug.cgi?id=2388
Darren Tucker <dtucker at zip.com.au> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #2634|ok?(dtucker at zip.com.au) |ok+
Flags| |
--- Comment #9 from Darren Tucker <dtucker at zip.com.au> ---
Comment on attachment 2634
--> https://bugzilla.mindrot.org/attachment.cgi?id=2634
chop out moduli code and options when compiled !openssl
>+ case 'T':
>+ do_screen_candidates = 1;
>+ if (strlcpy(out_file, optarg, sizeof(out_file)) >>+
sizeof(out_file))
>+ fatal("Output filename too long");
>+ break;
> case 'S':
> /* XXX - also compare length against bits */
> if (BN_hex2bn(&start, optarg) == 0)
> fatal("Invalid start point.");
> break;
if this is supposed to be in alphabetical order then 'T' goes after
'S'.
otherwise, ok.
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2015-May-28 07:37 UTC
[Bug 2388] build fixups for --without-openssl
https://bugzilla.mindrot.org/show_bug.cgi?id=2388
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |FIXED
Status|ASSIGNED |RESOLVED
--- Comment #10 from Damien Miller <djm at mindrot.org> ---
both revised diffs applied and will be in OpenSSH 6.9 - thanks!
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2016-Aug-02 00:41 UTC
[Bug 2388] build fixups for --without-openssl
https://bugzilla.mindrot.org/show_bug.cgi?id=2388
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
--- Comment #11 from Damien Miller <djm at mindrot.org> ---
Close all resolved bugs after 7.3p1 release
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.