Hello!
Please try the attached patch. It has not been tested, yet it compiles
with no LibSSH available.
Maria
On 1/9/20 3:07 PM, Clemens Schrimpe wrote:
> Ahoj BIRD Parents -
>
> I was wondering if there is a reason, why BIRD 2.0.x can't be built for RPKI
> support without libssh, although RPKI-RTR would also work on an unencrypted
> transport (as documented in the BIRD user documentation).
>
> I am asking, because I am building BIRD for a hardware router platform
> (Ubiquiti's EdgeRouters) and including libssh is, although doable, a real
> pain-in-the-rear, depending on the OS version and hardware architecture (4
> variants in the EdgeOS world at the moment).
>
> Without libssh, which drags a whole slew of other library-crap behind it 🙄,
> BIRD is pretty lightweight and very easy to deploy.
>
> Just curious ...
>
> Thanks a lot (again) for this great piece of software!
>
> Clemens
>
>
diff --git a/configure.ac b/configure.ac
index 40f021a1..da8546a6 100644
--- a/configure.ac
+++ b/configure.ac
@@ -37,7 +37,7 @@ AC_ARG_ENABLE([pthreads],
)
AC_ARG_ENABLE([libssh],
- [AS_HELP_STRING([--enable-libssh], [enable LibSSH support together with RPKI @<:@try@:>@])],
+ [AS_HELP_STRING([--enable-libssh], [enable LibSSH support in RPKI @<:@try@:>@])],
[],
[enable_libssh=try]
)
@@ -271,7 +271,6 @@ if test "$enable_libssh" != no ; then
if test "$fail" != yes ; then
AC_DEFINE([HAVE_LIBSSH], [1], [Define to 1 if you have the `ssh' library (-lssh).])
DAEMON_LIBS="-lssh $DAEMON_LIBS"
- proto_rpki=rpki
enable_libssh=yes
else
if test "$enable_libssh" = yes ; then
@@ -296,7 +295,7 @@ if test "$enable_mpls_kernel" != no ; then
fi
fi
-all_protocols="$proto_bfd babel bgp mrt ospf perf pipe radv rip $proto_rpki static"
+all_protocols="$proto_bfd babel bgp mrt ospf perf pipe radv rip rpki static"
all_protocols=`echo $all_protocols | sed 's/ /,/g'`
@@ -453,6 +452,7 @@ AC_MSG_RESULT([ System configuration: $sysdesc])
AC_MSG_RESULT([ Debugging: $enable_debug])
AC_MSG_RESULT([ POSIX threads: $enable_pthreads])
AC_MSG_RESULT([ Routing protocols: $protocols])
+AC_MSG_RESULT([ LibSSH support in RPKI: $enable_libssh])
AC_MSG_RESULT([ Kernel MPLS support: $enable_mpls_kernel])
AC_MSG_RESULT([ Client: $enable_client])
diff --git a/proto/rpki/config.Y b/proto/rpki/config.Y
index 63c7105c..924066f8 100644
--- a/proto/rpki/config.Y
+++ b/proto/rpki/config.Y
@@ -117,9 +117,13 @@ rpki_transport_tcp_init:
rpki_transport_ssh_init:
{
+#if HAVE_LIBSSH
rpki_check_unused_transport();
RPKI_CFG->tr_config.spec = cfg_allocz(sizeof(struct rpki_tr_ssh_config));
RPKI_CFG->tr_config.type = RPKI_TR_SSH;
+#else
+ cf_error("This build doesn't support SSH");
+#endif
};
rpki_transport_ssh_opts:
diff --git a/proto/rpki/rpki.c b/proto/rpki/rpki.c
index 70cd0cdd..aa07f7d9 100644
--- a/proto/rpki/rpki.c
+++ b/proto/rpki/rpki.c
@@ -579,7 +579,9 @@ rpki_init_cache(struct rpki_proto *p, struct rpki_config *cf)
switch (cf->tr_config.type)
{
case RPKI_TR_TCP: rpki_tr_tcp_init(cache->tr_sock); break;
+#if HAVE_LIBSSH
case RPKI_TR_SSH: rpki_tr_ssh_init(cache->tr_sock); break;
+#endif
};
CACHE_DBG(cache, "Connection object created");
@@ -683,6 +685,7 @@ rpki_reconfigure_cache(struct rpki_proto *p UNUSED, struct rpki_cache *cache, st
CACHE_TRACE(D_EVENTS, cache, "Transport type changed");
return NEED_RESTART;
}
+#if HAVE_LIBSSH
else if (new->tr_config.type == RPKI_TR_SSH)
{
struct rpki_tr_ssh_config *ssh_old = (void *) old->tr_config.spec;
@@ -695,6 +698,7 @@ rpki_reconfigure_cache(struct rpki_proto *p UNUSED, struct rpki_cache *cache, st
try_fast_reconnect = 1;
}
}
+#endif
#define TEST_INTERVAL(name, Name) \
if (cache->name##_interval != new->name##_interval || \
@@ -813,7 +817,9 @@ rpki_show_proto_info(struct proto *P)
switch (cf->tr_config.type)
{
+#if HAVE_LIBSSH
case RPKI_TR_SSH: transport_name = "SSHv2"; break;
+#endif
case RPKI_TR_TCP: transport_name = "Unprotected over TCP"; break;
};
@@ -887,9 +893,11 @@ rpki_check_config(struct rpki_config *cf)
/* Set default port numbers */
switch (cf->tr_config.type)
{
+#if HAVE_LIBSSH
case RPKI_TR_SSH:
cf->port = RPKI_SSH_PORT;
break;
+#endif
default:
cf->port = RPKI_TCP_PORT;
}
diff --git a/proto/rpki/ssh_transport.c b/proto/rpki/ssh_transport.c
index 13e061fc..1f508c80 100644
--- a/proto/rpki/ssh_transport.c
+++ b/proto/rpki/ssh_transport.c
@@ -15,6 +15,8 @@
#include <string.h>
#include <sys/time.h>
+#if HAVE_LIBSSH
+
#include "rpki.h"
static int
@@ -71,3 +73,5 @@ rpki_tr_ssh_init(struct rpki_tr_sock *tr)
tr->open_fp = &rpki_tr_ssh_open;
tr->ident_fp = &rpki_tr_ssh_ident;
}
+
+#endif
diff --git a/proto/rpki/transport.h b/proto/rpki/transport.h
index f90b7e42..bb8d41eb 100644
--- a/proto/rpki/transport.h
+++ b/proto/rpki/transport.h
@@ -51,7 +51,9 @@ const char *rpki_tr_ident(struct rpki_tr_sock *tr);
/* Types of supported transports */
enum rpki_tr_type {
RPKI_TR_TCP, /* Unprotected transport over TCP */
+#if HAVE_LIBSSH
RPKI_TR_SSH, /* Protected transport by SSHv2 connection */
+#endif
};
/* Common configure structure for transports */
