Nmap Development mailing list archives

[PATCH] Don't compile non-OPENSSL code when using OPENSSL and vice versa

From: "Kris Katterjohn" <kjak () ispwest com>
Date: Mon, 27 Feb 2006 14:14:50 -0800

This prevents some non-OpenSSL code from being compiled when using OpenSSL and
vice versa.

Thanks,
Kris Katterjohn


--- service_scan.cc.orig        2006-02-27 15:52:56.000000000 -0600
+++ service_scan.cc     2006-02-27 15:52:59.000000000 -0600
@@ -1785,10 +1785,7 @@ static int scanThroughTunnel(nsock_pool 
     return 0;
   }
 
-#ifndef HAVE_OPENSSL
-  return 0;
-#endif
-
+#ifdef HAVE_OPENSSL
   if (svc->tunnel != SERVICE_TUNNEL_NONE) {
     // Another tunnel type has already been tried.  Let's not go recursive.
     return 0;
@@ -1808,6 +1805,9 @@ static int scanThroughTunnel(nsock_pool 
    svc->resetProbes(true);
   startNextProbe(nsp, nsi, SG, svc, true);
   return 1;
+#else
+  return 0;
+#endif
 }
 
 /* Prints completion estimates and the like when appropriate */


--- nbase/nbase_rnd.c.orig      2006-02-27 15:15:36.000000000 -0600
+++ nbase/nbase_rnd.c   2006-02-27 15:37:54.000000000 -0600
@@ -117,9 +117,10 @@ int get_random_bytes(void *buf, int numb
   static int bytesleft = 0;
 #if HAVE_OPENSSL
   static int prng_seeded = 0;
+#else
+  int tmp;
 #endif
   int res;
-  int tmp;
   struct timeval tv;
   FILE *fp = NULL;
   unsigned int i;
@@ -127,10 +128,10 @@ int get_random_bytes(void *buf, int numb
   
   if (numbytes < 0 || numbytes > 0xFFFF) return -1;
   
+#if HAVE_OPENSSL
  /* If we have OpenSSL, then let's use it's internal PRNG for random
     numbers, rather than opening /dev/urandom and friends.  The PRNG,
     once seeded, should never empty. */
-#if HAVE_OPENSSL
   if ( prng_seeded ) {
     if ( RAND_bytes((unsigned char*) buf, numbytes) ) {
       return(0);
@@ -175,10 +176,10 @@ int get_random_bytes(void *buf, int numb
     } else fclose(fp);
   }
   
+#if HAVE_OPENSSL
   /* If we have OpenSSL, use these bytes to seed the PRNG.  If it's satisfied
      (RAND_status) then set prng_seeded and re-run ourselves to actually fill
      the buffer with random data. */
-#if HAVE_OPENSSL
   RAND_seed( bytebuf, sizeof(bytebuf) );
   if ( RAND_status() ) {
     prng_seeded=1;
@@ -186,8 +187,7 @@ int get_random_bytes(void *buf, int numb
     prng_seeded=0;
   }
   return get_random_bytes((char *)buf, numbytes);
-#endif
-
+#else
   /* We're not OpenSSL, do things the 'old fashioned way' */
   if (numbytes <= bytesleft) { /* we can cover it */
     memcpy(buf, bytebuf + (sizeof(bytebuf) - bytesleft), numbytes);
@@ -200,6 +200,7 @@ int get_random_bytes(void *buf, int numb
   tmp = bytesleft;
   bytesleft = 0;
   return get_random_bytes((char *)buf + tmp, numbytes - tmp);
+#endif
 }
 
 int get_random_int() {





_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev

Current thread:

[PATCH] Don't compile non-OPENSSL code when using OPENSSL and vice versa Kris Katterjohn (Feb 27)
- Re: [PATCH] Don't compile non-OPENSSL code when using OPENSSL and vice versa Fyodor (Feb 27)
- Re: [PATCH] Don't compile non-OPENSSL code when using OPENSSL and vice versa Andreas Ericsson (Feb 28)
- Re: [PATCH] Don't compile non-OPENSSL code when using OPENSSL and vice versa Fyodor (Mar 02)