diff options
| author | jsing <> | 2014-05-31 10:49:28 +0000 |
|---|---|---|
| committer | jsing <> | 2014-05-31 10:49:28 +0000 |
| commit | cc0b160e462358c219bef48df27be2e816b65194 (patch) | |
| tree | 32a374445fa15f520b06510f07c011a6234df599 /src/lib/libssl/d1_clnt.c | |
| parent | 57e924c96320c9b14de6078fc75984c949b073b2 (diff) | |
| download | openbsd-cc0b160e462358c219bef48df27be2e816b65194.tar.gz openbsd-cc0b160e462358c219bef48df27be2e816b65194.tar.bz2 openbsd-cc0b160e462358c219bef48df27be2e816b65194.zip | |
TLS would not be entirely functional without extensions, so unifdef
OPENSSL_NO_TLSEXT.
ok tedu@
Diffstat (limited to 'src/lib/libssl/d1_clnt.c')
| -rw-r--r-- | src/lib/libssl/d1_clnt.c | 19 |
1 files changed, 0 insertions, 19 deletions
diff --git a/src/lib/libssl/d1_clnt.c b/src/lib/libssl/d1_clnt.c index e8b43f3268..fe5f1aa200 100644 --- a/src/lib/libssl/d1_clnt.c +++ b/src/lib/libssl/d1_clnt.c | |||
| @@ -382,7 +382,6 @@ dtls1_connect(SSL *s) | |||
| 382 | 382 | ||
| 383 | case SSL3_ST_CR_CERT_A: | 383 | case SSL3_ST_CR_CERT_A: |
| 384 | case SSL3_ST_CR_CERT_B: | 384 | case SSL3_ST_CR_CERT_B: |
| 385 | #ifndef OPENSSL_NO_TLSEXT | ||
| 386 | ret = ssl3_check_finished(s); | 385 | ret = ssl3_check_finished(s); |
| 387 | if (ret <= 0) | 386 | if (ret <= 0) |
| 388 | goto end; | 387 | goto end; |
| @@ -395,14 +394,12 @@ dtls1_connect(SSL *s) | |||
| 395 | s->init_num = 0; | 394 | s->init_num = 0; |
| 396 | break; | 395 | break; |
| 397 | } | 396 | } |
| 398 | #endif | ||
| 399 | /* Check if it is anon DH or PSK */ | 397 | /* Check if it is anon DH or PSK */ |
| 400 | if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) && | 398 | if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) && |
| 401 | !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) { | 399 | !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) { |
| 402 | ret = ssl3_get_server_certificate(s); | 400 | ret = ssl3_get_server_certificate(s); |
| 403 | if (ret <= 0) | 401 | if (ret <= 0) |
| 404 | goto end; | 402 | goto end; |
| 405 | #ifndef OPENSSL_NO_TLSEXT | ||
| 406 | if (s->tlsext_status_expected) | 403 | if (s->tlsext_status_expected) |
| 407 | s->state = SSL3_ST_CR_CERT_STATUS_A; | 404 | s->state = SSL3_ST_CR_CERT_STATUS_A; |
| 408 | else | 405 | else |
| @@ -411,12 +408,6 @@ dtls1_connect(SSL *s) | |||
| 411 | skip = 1; | 408 | skip = 1; |
| 412 | s->state = SSL3_ST_CR_KEY_EXCH_A; | 409 | s->state = SSL3_ST_CR_KEY_EXCH_A; |
| 413 | } | 410 | } |
| 414 | #else | ||
| 415 | } else | ||
| 416 | skip = 1; | ||
| 417 | |||
| 418 | s->state = SSL3_ST_CR_KEY_EXCH_A; | ||
| 419 | #endif | ||
| 420 | s->init_num = 0; | 411 | s->init_num = 0; |
| 421 | break; | 412 | break; |
| 422 | 413 | ||
| @@ -626,19 +617,16 @@ dtls1_connect(SSL *s) | |||
| 626 | BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY, 0, NULL); | 617 | BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY, 0, NULL); |
| 627 | #endif | 618 | #endif |
| 628 | 619 | ||
| 629 | #ifndef OPENSSL_NO_TLSEXT | ||
| 630 | /* Allow NewSessionTicket if ticket expected */ | 620 | /* Allow NewSessionTicket if ticket expected */ |
| 631 | if (s->tlsext_ticket_expected) | 621 | if (s->tlsext_ticket_expected) |
| 632 | s->s3->tmp.next_state = SSL3_ST_CR_SESSION_TICKET_A; | 622 | s->s3->tmp.next_state = SSL3_ST_CR_SESSION_TICKET_A; |
| 633 | else | 623 | else |
| 634 | #endif | ||
| 635 | 624 | ||
| 636 | s->s3->tmp.next_state = SSL3_ST_CR_FINISHED_A; | 625 | s->s3->tmp.next_state = SSL3_ST_CR_FINISHED_A; |
| 637 | } | 626 | } |
| 638 | s->init_num = 0; | 627 | s->init_num = 0; |
| 639 | break; | 628 | break; |
| 640 | 629 | ||
| 641 | #ifndef OPENSSL_NO_TLSEXT | ||
| 642 | case SSL3_ST_CR_SESSION_TICKET_A: | 630 | case SSL3_ST_CR_SESSION_TICKET_A: |
| 643 | case SSL3_ST_CR_SESSION_TICKET_B: | 631 | case SSL3_ST_CR_SESSION_TICKET_B: |
| 644 | ret = ssl3_get_new_session_ticket(s); | 632 | ret = ssl3_get_new_session_ticket(s); |
| @@ -656,7 +644,6 @@ dtls1_connect(SSL *s) | |||
| 656 | s->state = SSL3_ST_CR_KEY_EXCH_A; | 644 | s->state = SSL3_ST_CR_KEY_EXCH_A; |
| 657 | s->init_num = 0; | 645 | s->init_num = 0; |
| 658 | break; | 646 | break; |
| 659 | #endif | ||
| 660 | 647 | ||
| 661 | case SSL3_ST_CR_FINISHED_A: | 648 | case SSL3_ST_CR_FINISHED_A: |
| 662 | case SSL3_ST_CR_FINISHED_B: | 649 | case SSL3_ST_CR_FINISHED_B: |
| @@ -787,11 +774,7 @@ dtls1_client_hello(SSL *s) | |||
| 787 | SSL_SESSION *sess = s->session; | 774 | SSL_SESSION *sess = s->session; |
| 788 | if ((s->session == NULL) || | 775 | if ((s->session == NULL) || |
| 789 | (s->session->ssl_version != s->version) || | 776 | (s->session->ssl_version != s->version) || |
| 790 | #ifdef OPENSSL_NO_TLSEXT | ||
| 791 | !sess->session_id_length || | ||
| 792 | #else | ||
| 793 | (!sess->session_id_length && !sess->tlsext_tick) || | 777 | (!sess->session_id_length && !sess->tlsext_tick) || |
| 794 | #endif | ||
| 795 | (s->session->not_resumable)) { | 778 | (s->session->not_resumable)) { |
| 796 | if (!ssl_get_new_session(s, 0)) | 779 | if (!ssl_get_new_session(s, 0)) |
| 797 | goto err; | 780 | goto err; |
| @@ -864,12 +847,10 @@ dtls1_client_hello(SSL *s) | |||
| 864 | } | 847 | } |
| 865 | *(p++) = 0; /* Add the NULL method */ | 848 | *(p++) = 0; /* Add the NULL method */ |
| 866 | 849 | ||
| 867 | #ifndef OPENSSL_NO_TLSEXT | ||
| 868 | if ((p = ssl_add_clienthello_tlsext(s, p, buf + SSL3_RT_MAX_PLAIN_LENGTH)) == NULL) { | 850 | if ((p = ssl_add_clienthello_tlsext(s, p, buf + SSL3_RT_MAX_PLAIN_LENGTH)) == NULL) { |
| 869 | SSLerr(SSL_F_DTLS1_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); | 851 | SSLerr(SSL_F_DTLS1_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); |
| 870 | goto err; | 852 | goto err; |
| 871 | } | 853 | } |
| 872 | #endif | ||
| 873 | 854 | ||
| 874 | l = (p - d); | 855 | l = (p - d); |
| 875 | d = buf; | 856 | d = buf; |