diff options
| author | Damien Miller <djm@mindrot.org> | 2015-01-13 19:38:18 +1100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2015-01-13 19:38:18 +1100 |
| commit | 76c0480a85675f03a1376167cb686abed01a3583 (patch) | |
| tree | 25f6fa4adfa0e608a178c5d0189c63b745bc026b | |
| parent | 1f729f0614d1376c3332fa1edb6a5e5cec7e9e03 (diff) | |
add --without-ssh1 option to configure
Allows disabling support for SSH protocol 1.
| -rw-r--r-- | auth-rh-rsa.c | 4 | ||||
| -rw-r--r-- | auth-rsa.c | 4 | ||||
| -rw-r--r-- | auth1.c | 4 | ||||
| -rw-r--r-- | configure.ac | 19 | ||||
| -rw-r--r-- | sshconnect1.c | 4 |
5 files changed, 33 insertions, 2 deletions
diff --git a/auth-rh-rsa.c b/auth-rh-rsa.c index b7fd064e..2e20396e 100644 --- a/auth-rh-rsa.c +++ b/auth-rh-rsa.c @@ -15,6 +15,8 @@ #include "includes.h" +#ifdef WITH_SSH1 + #include <sys/types.h> #include <pwd.h> @@ -102,3 +104,5 @@ auth_rhosts_rsa(Authctxt *authctxt, char *cuser, Key *client_host_key) packet_send_debug("Rhosts with RSA host authentication accepted."); return 1; } + +#endif /* WITH_SSH1 */ @@ -16,6 +16,8 @@ #include "includes.h" +#ifdef WITH_SSH1 + #include <sys/types.h> #include <sys/stat.h> @@ -342,3 +344,5 @@ auth_rsa(Authctxt *authctxt, BIGNUM *client_n) packet_send_debug("RSA authentication accepted."); return (1); } + +#endif /* WITH_SSH1 */ @@ -12,6 +12,8 @@ #include "includes.h" +#ifdef WITH_SSH1 + #include <sys/types.h> #include <stdarg.h> @@ -438,3 +440,5 @@ do_authentication(Authctxt *authctxt) packet_send(); packet_write_wait(); } + +#endif /* WITH_SSH1 */ diff --git a/configure.ac b/configure.ac index 5f5905b3..13e25e98 100644 --- a/configure.ac +++ b/configure.ac @@ -121,6 +121,22 @@ AC_CHECK_DECL([PR_SET_NO_NEW_PRIVS], [have_linux_no_new_privs=1], , [ #include <linux/prctl.h> ]) +ssh1=yes +AC_ARG_WITH([ssh1], + [ --without-ssh1 Disable support for SSH protocol 1], + [ if test "x$withval" = "xno" ; then + ssh1=no + fi + ] +) +AC_MSG_CHECKING([whether SSH protocol 1 support is enabled]) +if test "x$ssh1" = "xyes" ; then + AC_MSG_RESULT([yes]) + AC_DEFINE_UNQUOTED([WITH_SSH1], [1], [include SSH protocol version 1 support]) +else + AC_MSG_RESULT([no]) +fi + use_stack_protector=1 use_toolchain_hardening=1 AC_ARG_WITH([stackprotect], @@ -1523,7 +1539,7 @@ AC_ARG_WITH([audit], ) AC_ARG_WITH([pie], - [ --with-pie Build Position Independent Executables if possible], [ + [ --with-pie Build Position Independent Executables if possible], [ if test "x$withval" = "xno"; then use_pie=no fi @@ -2314,7 +2330,6 @@ AC_RUN_IFELSE( # XXX make --without-openssl work AC_DEFINE_UNQUOTED([WITH_OPENSSL], [1], [use libcrypto for cryptography]) -AC_DEFINE_UNQUOTED([WITH_SSH1], [1], [include SSH protocol version 1 support]) AC_ARG_WITH([openssl-header-check], [ --without-openssl-header-check Disable OpenSSL version consistency check], diff --git a/sshconnect1.c b/sshconnect1.c index dd12a3af..08589f5e 100644 --- a/sshconnect1.c +++ b/sshconnect1.c @@ -15,6 +15,8 @@ #include "includes.h" +#ifdef WITH_SSH1 + #include <sys/types.h> #include <sys/socket.h> @@ -755,3 +757,5 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host, success: return; /* need statement after label */ } + +#endif /* WITH_SSH1 */ |