Hello! Please try the attached patch. It has not been tested, yet it compiles with no LibSSH available.
Maria On 1/9/20 3:07 PM, Clemens Schrimpe wrote: > Ahoj BIRD Parents - > > I was wondering if there is a reason, why BIRD 2.0.x can't be built for RPKI > support without libssh, although RPKI-RTR would also work on an unencrypted > transport (as documented in the BIRD user documentation). > > I am asking, because I am building BIRD for a hardware router platform > (Ubiquiti's EdgeRouters) and including libssh is, although doable, a real > pain-in-the-rear, depending on the OS version and hardware architecture (4 > variants in the EdgeOS world at the moment). > > Without libssh, which drags a whole slew of other library-crap behind it 🙄, > BIRD is pretty lightweight and very easy to deploy. > > Just curious ... > > Thanks a lot (again) for this great piece of software! > > Clemens > >
diff --git a/configure.ac b/configure.ac index 40f021a1..da8546a6 100644 --- a/configure.ac +++ b/configure.ac @@ -37,7 +37,7 @@ AC_ARG_ENABLE([pthreads], ) AC_ARG_ENABLE([libssh], - [AS_HELP_STRING([--enable-libssh], [enable LibSSH support together with RPKI @<:@try@:>@])], + [AS_HELP_STRING([--enable-libssh], [enable LibSSH support in RPKI @<:@try@:>@])], [], [enable_libssh=try] ) @@ -271,7 +271,6 @@ if test "$enable_libssh" != no ; then if test "$fail" != yes ; then AC_DEFINE([HAVE_LIBSSH], [1], [Define to 1 if you have the `ssh' library (-lssh).]) DAEMON_LIBS="-lssh $DAEMON_LIBS" - proto_rpki=rpki enable_libssh=yes else if test "$enable_libssh" = yes ; then @@ -296,7 +295,7 @@ if test "$enable_mpls_kernel" != no ; then fi fi -all_protocols="$proto_bfd babel bgp mrt ospf perf pipe radv rip $proto_rpki static" +all_protocols="$proto_bfd babel bgp mrt ospf perf pipe radv rip rpki static" all_protocols=`echo $all_protocols | sed 's/ /,/g'` @@ -453,6 +452,7 @@ AC_MSG_RESULT([ System configuration: $sysdesc]) AC_MSG_RESULT([ Debugging: $enable_debug]) AC_MSG_RESULT([ POSIX threads: $enable_pthreads]) AC_MSG_RESULT([ Routing protocols: $protocols]) +AC_MSG_RESULT([ LibSSH support in RPKI: $enable_libssh]) AC_MSG_RESULT([ Kernel MPLS support: $enable_mpls_kernel]) AC_MSG_RESULT([ Client: $enable_client]) diff --git a/proto/rpki/config.Y b/proto/rpki/config.Y index 63c7105c..924066f8 100644 --- a/proto/rpki/config.Y +++ b/proto/rpki/config.Y @@ -117,9 +117,13 @@ rpki_transport_tcp_init: rpki_transport_ssh_init: { +#if HAVE_LIBSSH rpki_check_unused_transport(); RPKI_CFG->tr_config.spec = cfg_allocz(sizeof(struct rpki_tr_ssh_config)); RPKI_CFG->tr_config.type = RPKI_TR_SSH; +#else + cf_error("This build doesn't support SSH"); +#endif }; rpki_transport_ssh_opts: diff --git a/proto/rpki/rpki.c b/proto/rpki/rpki.c index 70cd0cdd..aa07f7d9 100644 --- a/proto/rpki/rpki.c +++ b/proto/rpki/rpki.c @@ -579,7 +579,9 @@ rpki_init_cache(struct rpki_proto *p, struct rpki_config *cf) switch (cf->tr_config.type) { case RPKI_TR_TCP: rpki_tr_tcp_init(cache->tr_sock); break; +#if HAVE_LIBSSH case RPKI_TR_SSH: rpki_tr_ssh_init(cache->tr_sock); break; +#endif }; CACHE_DBG(cache, "Connection object created"); @@ -683,6 +685,7 @@ rpki_reconfigure_cache(struct rpki_proto *p UNUSED, struct rpki_cache *cache, st CACHE_TRACE(D_EVENTS, cache, "Transport type changed"); return NEED_RESTART; } +#if HAVE_LIBSSH else if (new->tr_config.type == RPKI_TR_SSH) { struct rpki_tr_ssh_config *ssh_old = (void *) old->tr_config.spec; @@ -695,6 +698,7 @@ rpki_reconfigure_cache(struct rpki_proto *p UNUSED, struct rpki_cache *cache, st try_fast_reconnect = 1; } } +#endif #define TEST_INTERVAL(name, Name) \ if (cache->name##_interval != new->name##_interval || \ @@ -813,7 +817,9 @@ rpki_show_proto_info(struct proto *P) switch (cf->tr_config.type) { +#if HAVE_LIBSSH case RPKI_TR_SSH: transport_name = "SSHv2"; break; +#endif case RPKI_TR_TCP: transport_name = "Unprotected over TCP"; break; }; @@ -887,9 +893,11 @@ rpki_check_config(struct rpki_config *cf) /* Set default port numbers */ switch (cf->tr_config.type) { +#if HAVE_LIBSSH case RPKI_TR_SSH: cf->port = RPKI_SSH_PORT; break; +#endif default: cf->port = RPKI_TCP_PORT; } diff --git a/proto/rpki/ssh_transport.c b/proto/rpki/ssh_transport.c index 13e061fc..1f508c80 100644 --- a/proto/rpki/ssh_transport.c +++ b/proto/rpki/ssh_transport.c @@ -15,6 +15,8 @@ #include <string.h> #include <sys/time.h> +#if HAVE_LIBSSH + #include "rpki.h" static int @@ -71,3 +73,5 @@ rpki_tr_ssh_init(struct rpki_tr_sock *tr) tr->open_fp = &rpki_tr_ssh_open; tr->ident_fp = &rpki_tr_ssh_ident; } + +#endif diff --git a/proto/rpki/transport.h b/proto/rpki/transport.h index f90b7e42..bb8d41eb 100644 --- a/proto/rpki/transport.h +++ b/proto/rpki/transport.h @@ -51,7 +51,9 @@ const char *rpki_tr_ident(struct rpki_tr_sock *tr); /* Types of supported transports */ enum rpki_tr_type { RPKI_TR_TCP, /* Unprotected transport over TCP */ +#if HAVE_LIBSSH RPKI_TR_SSH, /* Protected transport by SSHv2 connection */ +#endif }; /* Common configure structure for transports */