diff options
| author | jsing <> | 2014-05-31 10:49:28 +0000 |
|---|---|---|
| committer | jsing <> | 2014-05-31 10:49:28 +0000 |
| commit | cc0b160e462358c219bef48df27be2e816b65194 (patch) | |
| tree | 32a374445fa15f520b06510f07c011a6234df599 /src/lib/libssl/s3_srvr.c | |
| parent | 57e924c96320c9b14de6078fc75984c949b073b2 (diff) | |
| download | openbsd-cc0b160e462358c219bef48df27be2e816b65194.tar.gz openbsd-cc0b160e462358c219bef48df27be2e816b65194.tar.bz2 openbsd-cc0b160e462358c219bef48df27be2e816b65194.zip | |
TLS would not be entirely functional without extensions, so unifdef
OPENSSL_NO_TLSEXT.
ok tedu@
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libssl/s3_srvr.c | 27 |
1 files changed, 0 insertions, 27 deletions
diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c index 120f92a9d3..4a6c3cb1e8 100644 --- a/src/lib/libssl/s3_srvr.c +++ b/src/lib/libssl/s3_srvr.c | |||
| @@ -357,17 +357,12 @@ ssl3_accept(SSL *s) | |||
| 357 | ret = ssl3_send_server_hello(s); | 357 | ret = ssl3_send_server_hello(s); |
| 358 | if (ret <= 0) | 358 | if (ret <= 0) |
| 359 | goto end; | 359 | goto end; |
| 360 | #ifndef OPENSSL_NO_TLSEXT | ||
| 361 | if (s->hit) { | 360 | if (s->hit) { |
| 362 | if (s->tlsext_ticket_expected) | 361 | if (s->tlsext_ticket_expected) |
| 363 | s->state = SSL3_ST_SW_SESSION_TICKET_A; | 362 | s->state = SSL3_ST_SW_SESSION_TICKET_A; |
| 364 | else | 363 | else |
| 365 | s->state = SSL3_ST_SW_CHANGE_A; | 364 | s->state = SSL3_ST_SW_CHANGE_A; |
| 366 | } | 365 | } |
| 367 | #else | ||
| 368 | if (s->hit) | ||
| 369 | s->state = SSL3_ST_SW_CHANGE_A; | ||
| 370 | #endif | ||
| 371 | else | 366 | else |
| 372 | s->state = SSL3_ST_SW_CERT_A; | 367 | s->state = SSL3_ST_SW_CERT_A; |
| 373 | s->init_num = 0; | 368 | s->init_num = 0; |
| @@ -385,7 +380,6 @@ ssl3_accept(SSL *s) | |||
| 385 | ret = ssl3_send_server_certificate(s); | 380 | ret = ssl3_send_server_certificate(s); |
| 386 | if (ret <= 0) | 381 | if (ret <= 0) |
| 387 | goto end; | 382 | goto end; |
| 388 | #ifndef OPENSSL_NO_TLSEXT | ||
| 389 | if (s->tlsext_status_expected) | 383 | if (s->tlsext_status_expected) |
| 390 | s->state = SSL3_ST_SW_CERT_STATUS_A; | 384 | s->state = SSL3_ST_SW_CERT_STATUS_A; |
| 391 | else | 385 | else |
| @@ -394,12 +388,6 @@ ssl3_accept(SSL *s) | |||
| 394 | skip = 1; | 388 | skip = 1; |
| 395 | s->state = SSL3_ST_SW_KEY_EXCH_A; | 389 | s->state = SSL3_ST_SW_KEY_EXCH_A; |
| 396 | } | 390 | } |
| 397 | #else | ||
| 398 | } else | ||
| 399 | skip = 1; | ||
| 400 | |||
| 401 | s->state = SSL3_ST_SW_KEY_EXCH_A; | ||
| 402 | #endif | ||
| 403 | s->init_num = 0; | 391 | s->init_num = 0; |
| 404 | break; | 392 | break; |
| 405 | 393 | ||
| @@ -683,16 +671,13 @@ ssl3_accept(SSL *s) | |||
| 683 | goto end; | 671 | goto end; |
| 684 | if (s->hit) | 672 | if (s->hit) |
| 685 | s->state = SSL_ST_OK; | 673 | s->state = SSL_ST_OK; |
| 686 | #ifndef OPENSSL_NO_TLSEXT | ||
| 687 | else if (s->tlsext_ticket_expected) | 674 | else if (s->tlsext_ticket_expected) |
| 688 | s->state = SSL3_ST_SW_SESSION_TICKET_A; | 675 | s->state = SSL3_ST_SW_SESSION_TICKET_A; |
| 689 | #endif | ||
| 690 | else | 676 | else |
| 691 | s->state = SSL3_ST_SW_CHANGE_A; | 677 | s->state = SSL3_ST_SW_CHANGE_A; |
| 692 | s->init_num = 0; | 678 | s->init_num = 0; |
| 693 | break; | 679 | break; |
| 694 | 680 | ||
| 695 | #ifndef OPENSSL_NO_TLSEXT | ||
| 696 | case SSL3_ST_SW_SESSION_TICKET_A: | 681 | case SSL3_ST_SW_SESSION_TICKET_A: |
| 697 | case SSL3_ST_SW_SESSION_TICKET_B: | 682 | case SSL3_ST_SW_SESSION_TICKET_B: |
| 698 | ret = ssl3_send_newsession_ticket(s); | 683 | ret = ssl3_send_newsession_ticket(s); |
| @@ -711,7 +696,6 @@ ssl3_accept(SSL *s) | |||
| 711 | s->init_num = 0; | 696 | s->init_num = 0; |
| 712 | break; | 697 | break; |
| 713 | 698 | ||
| 714 | #endif | ||
| 715 | 699 | ||
| 716 | case SSL3_ST_SW_CHANGE_A: | 700 | case SSL3_ST_SW_CHANGE_A: |
| 717 | case SSL3_ST_SW_CHANGE_B: | 701 | case SSL3_ST_SW_CHANGE_B: |
| @@ -1123,7 +1107,6 @@ ssl3_get_client_hello(SSL *s) | |||
| 1123 | goto f_err; | 1107 | goto f_err; |
| 1124 | } | 1108 | } |
| 1125 | 1109 | ||
| 1126 | #ifndef OPENSSL_NO_TLSEXT | ||
| 1127 | /* TLS extensions*/ | 1110 | /* TLS extensions*/ |
| 1128 | if (s->version >= SSL3_VERSION) { | 1111 | if (s->version >= SSL3_VERSION) { |
| 1129 | if (!ssl_parse_clienthello_tlsext(s, &p, d, n, &al)) { | 1112 | if (!ssl_parse_clienthello_tlsext(s, &p, d, n, &al)) { |
| @@ -1191,7 +1174,6 @@ ssl3_get_client_hello(SSL *s) | |||
| 1191 | sk_SSL_CIPHER_dup(s->session->ciphers); | 1174 | sk_SSL_CIPHER_dup(s->session->ciphers); |
| 1192 | } | 1175 | } |
| 1193 | } | 1176 | } |
| 1194 | #endif | ||
| 1195 | 1177 | ||
| 1196 | /* | 1178 | /* |
| 1197 | * Worst case, we will use the NULL compression, but if we have other | 1179 | * Worst case, we will use the NULL compression, but if we have other |
| @@ -1381,11 +1363,6 @@ ssl3_send_server_hello(SSL *s) | |||
| 1381 | 1363 | ||
| 1382 | if (s->state == SSL3_ST_SW_SRVR_HELLO_A) { | 1364 | if (s->state == SSL3_ST_SW_SRVR_HELLO_A) { |
| 1383 | buf = (unsigned char *)s->init_buf->data; | 1365 | buf = (unsigned char *)s->init_buf->data; |
| 1384 | #ifdef OPENSSL_NO_TLSEXT | ||
| 1385 | p = s->s3->server_random; | ||
| 1386 | if (ssl_fill_hello_random(s, 1, p, SSL3_RANDOM_SIZE) <= 0) | ||
| 1387 | return (-1); | ||
| 1388 | #endif | ||
| 1389 | /* Do the message type and length last */ | 1366 | /* Do the message type and length last */ |
| 1390 | d = p= &(buf[4]); | 1367 | d = p= &(buf[4]); |
| 1391 | 1368 | ||
| @@ -1441,7 +1418,6 @@ ssl3_send_server_hello(SSL *s) | |||
| 1441 | else | 1418 | else |
| 1442 | *(p++) = s->s3->tmp.new_compression->id; | 1419 | *(p++) = s->s3->tmp.new_compression->id; |
| 1443 | #endif | 1420 | #endif |
| 1444 | #ifndef OPENSSL_NO_TLSEXT | ||
| 1445 | if (ssl_prepare_serverhello_tlsext(s) <= 0) { | 1421 | if (ssl_prepare_serverhello_tlsext(s) <= 0) { |
| 1446 | SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, | 1422 | SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, |
| 1447 | SSL_R_SERVERHELLO_TLSEXT); | 1423 | SSL_R_SERVERHELLO_TLSEXT); |
| @@ -1453,7 +1429,6 @@ ssl3_send_server_hello(SSL *s) | |||
| 1453 | ERR_R_INTERNAL_ERROR); | 1429 | ERR_R_INTERNAL_ERROR); |
| 1454 | return (-1); | 1430 | return (-1); |
| 1455 | } | 1431 | } |
| 1456 | #endif | ||
| 1457 | /* do the header */ | 1432 | /* do the header */ |
| 1458 | l = (p - d); | 1433 | l = (p - d); |
| 1459 | d = buf; | 1434 | d = buf; |
| @@ -2928,7 +2903,6 @@ ssl3_send_server_certificate(SSL *s) | |||
| 2928 | return (ssl3_do_write(s, SSL3_RT_HANDSHAKE)); | 2903 | return (ssl3_do_write(s, SSL3_RT_HANDSHAKE)); |
| 2929 | } | 2904 | } |
| 2930 | 2905 | ||
| 2931 | #ifndef OPENSSL_NO_TLSEXT | ||
| 2932 | /* send a new session ticket (not necessarily for a new session) */ | 2906 | /* send a new session ticket (not necessarily for a new session) */ |
| 2933 | int | 2907 | int |
| 2934 | ssl3_send_newsession_ticket(SSL *s) | 2908 | ssl3_send_newsession_ticket(SSL *s) |
| @@ -3180,4 +3154,3 @@ ssl3_get_next_proto(SSL *s) | |||
| 3180 | return (1); | 3154 | return (1); |
| 3181 | } | 3155 | } |
| 3182 | # endif | 3156 | # endif |
| 3183 | #endif | ||