summaryrefslogtreecommitdiff
path: root/src/lib
diff options
context:
space:
mode:
authorjsing <>2014-05-31 13:55:45 +0000
committerjsing <>2014-05-31 13:55:45 +0000
commit271202bd3e03fb36da38b089fe9b5a4dfd261b6e (patch)
tree9e335d18bc84509db285ef8ce9a9d91ec4667073 /src/lib
parentf8714d1bf6f2bcedbbda341cf98326ef80874d62 (diff)
downloadopenbsd-271202bd3e03fb36da38b089fe9b5a4dfd261b6e.tar.gz
openbsd-271202bd3e03fb36da38b089fe9b5a4dfd261b6e.tar.bz2
openbsd-271202bd3e03fb36da38b089fe9b5a4dfd261b6e.zip
More manual OPENSSL_NO_EC and OPENSSL_NO_TLSEXT cleanup.
Diffstat (limited to 'src/lib')
-rw-r--r--src/lib/libssl/s3_clnt.c8
-rw-r--r--src/lib/libssl/s3_lib.c6
-rw-r--r--src/lib/libssl/s3_srvr.c8
-rw-r--r--src/lib/libssl/src/ssl/s3_clnt.c8
-rw-r--r--src/lib/libssl/src/ssl/s3_lib.c6
-rw-r--r--src/lib/libssl/src/ssl/s3_srvr.c8
-rw-r--r--src/lib/libssl/src/ssl/ssl_lib.c2
-rw-r--r--src/lib/libssl/ssl_lib.c2
8 files changed, 20 insertions, 28 deletions
diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c
index 66a7ec0d38..052d23bbf4 100644
--- a/src/lib/libssl/s3_clnt.c
+++ b/src/lib/libssl/s3_clnt.c
@@ -461,7 +461,7 @@ ssl3_connect(SSL *s)
461 if (ret <= 0) 461 if (ret <= 0)
462 goto end; 462 goto end;
463 463
464#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG) 464#ifdef OPENSSL_NO_NEXTPROTONEG
465 s->state = SSL3_ST_CW_FINISHED_A; 465 s->state = SSL3_ST_CW_FINISHED_A;
466#else 466#else
467 if (s->s3->next_proto_neg_seen) 467 if (s->s3->next_proto_neg_seen)
@@ -494,7 +494,7 @@ ssl3_connect(SSL *s)
494 494
495 break; 495 break;
496 496
497#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 497#ifndef OPENSSL_NO_NEXTPROTONEG
498 case SSL3_ST_CW_NEXT_PROTO_A: 498 case SSL3_ST_CW_NEXT_PROTO_A:
499 case SSL3_ST_CW_NEXT_PROTO_B: 499 case SSL3_ST_CW_NEXT_PROTO_B:
500 ret = ssl3_send_next_proto(s); 500 ret = ssl3_send_next_proto(s);
@@ -2871,7 +2871,7 @@ err:
2871 return (0); 2871 return (0);
2872} 2872}
2873 2873
2874#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 2874#ifndef OPENSSL_NO_NEXTPROTONEG
2875int 2875int
2876ssl3_send_next_proto(SSL *s) 2876ssl3_send_next_proto(SSL *s)
2877{ 2877{
@@ -2895,7 +2895,7 @@ ssl3_send_next_proto(SSL *s)
2895 2895
2896 return (ssl3_do_write(s, SSL3_RT_HANDSHAKE)); 2896 return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
2897} 2897}
2898#endif /* !OPENSSL_NO_TLSEXT && !OPENSSL_NO_NEXTPROTONEG */ 2898#endif /* !OPENSSL_NO_NEXTPROTONEG */
2899 2899
2900/* 2900/*
2901 * Check to see if handshake is full or resumed. Usually this is just a 2901 * Check to see if handshake is full or resumed. Usually this is just a
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
index 9aa72a9c4e..3b6eefd99b 100644
--- a/src/lib/libssl/s3_lib.c
+++ b/src/lib/libssl/s3_lib.c
@@ -2409,7 +2409,7 @@ ssl3_clear(SSL *s)
2409 s->s3->in_read_app_data = 0; 2409 s->s3->in_read_app_data = 0;
2410 s->version = SSL3_VERSION; 2410 s->version = SSL3_VERSION;
2411 2411
2412#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 2412#ifndef OPENSSL_NO_NEXTPROTONEG
2413 free(s->next_proto_negotiated); 2413 free(s->next_proto_negotiated);
2414 s->next_proto_negotiated = NULL; 2414 s->next_proto_negotiated = NULL;
2415 s->next_proto_negotiated_len = 0; 2415 s->next_proto_negotiated_len = 0;
@@ -2972,11 +2972,9 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
2972 SSL_CIPHER *c, *ret = NULL; 2972 SSL_CIPHER *c, *ret = NULL;
2973 STACK_OF(SSL_CIPHER) *prio, *allow; 2973 STACK_OF(SSL_CIPHER) *prio, *allow;
2974 int i, ii, ok; 2974 int i, ii, ok;
2975#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_EC)
2976 unsigned int j; 2975 unsigned int j;
2977 int ec_ok, ec_nid; 2976 int ec_ok, ec_nid;
2978 unsigned char ec_search1 = 0, ec_search2 = 0; 2977 unsigned char ec_search1 = 0, ec_search2 = 0;
2979#endif
2980 CERT *cert; 2978 CERT *cert;
2981 unsigned long alg_k, alg_a, mask_k, mask_a, emask_k, emask_a; 2979 unsigned long alg_k, alg_a, mask_k, mask_a, emask_k, emask_a;
2982 2980
@@ -3167,14 +3165,12 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
3167 continue; 3165 continue;
3168 ii = sk_SSL_CIPHER_find(allow, c); 3166 ii = sk_SSL_CIPHER_find(allow, c);
3169 if (ii >= 0) { 3167 if (ii >= 0) {
3170#if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_TLSEXT)
3171 if ((alg_k & SSL_kEECDH) && 3168 if ((alg_k & SSL_kEECDH) &&
3172 (alg_a & SSL_aECDSA) && s->s3->is_probably_safari) { 3169 (alg_a & SSL_aECDSA) && s->s3->is_probably_safari) {
3173 if (!ret) 3170 if (!ret)
3174 ret = sk_SSL_CIPHER_value(allow, ii); 3171 ret = sk_SSL_CIPHER_value(allow, ii);
3175 continue; 3172 continue;
3176 } 3173 }
3177#endif
3178 ret = sk_SSL_CIPHER_value(allow, ii); 3174 ret = sk_SSL_CIPHER_value(allow, ii);
3179 break; 3175 break;
3180 } 3176 }
diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c
index 4a6c3cb1e8..f12b680e99 100644
--- a/src/lib/libssl/s3_srvr.c
+++ b/src/lib/libssl/s3_srvr.c
@@ -570,7 +570,7 @@ ssl3_accept(SSL *s)
570 * the client uses its key from the certificate 570 * the client uses its key from the certificate
571 * for key exchange. 571 * for key exchange.
572 */ 572 */
573#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG) 573#ifdef OPENSSL_NO_NEXTPROTONEG
574 s->state = SSL3_ST_SR_FINISHED_A; 574 s->state = SSL3_ST_SR_FINISHED_A;
575#else 575#else
576 if (s->s3->next_proto_neg_seen) 576 if (s->s3->next_proto_neg_seen)
@@ -641,7 +641,7 @@ ssl3_accept(SSL *s)
641 if (ret <= 0) 641 if (ret <= 0)
642 goto end; 642 goto end;
643 643
644#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG) 644#ifdef OPENSSL_NO_NEXTPROTONEG
645 s->state = SSL3_ST_SR_FINISHED_A; 645 s->state = SSL3_ST_SR_FINISHED_A;
646#else 646#else
647 if (s->s3->next_proto_neg_seen) 647 if (s->s3->next_proto_neg_seen)
@@ -652,7 +652,7 @@ ssl3_accept(SSL *s)
652 s->init_num = 0; 652 s->init_num = 0;
653 break; 653 break;
654 654
655#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 655#ifndef OPENSSL_NO_NEXTPROTONEG
656 case SSL3_ST_SR_NEXT_PROTO_A: 656 case SSL3_ST_SR_NEXT_PROTO_A:
657 case SSL3_ST_SR_NEXT_PROTO_B: 657 case SSL3_ST_SR_NEXT_PROTO_B:
658 ret = ssl3_get_next_proto(s); 658 ret = ssl3_get_next_proto(s);
@@ -732,7 +732,7 @@ ssl3_accept(SSL *s)
732 goto end; 732 goto end;
733 s->state = SSL3_ST_SW_FLUSH; 733 s->state = SSL3_ST_SW_FLUSH;
734 if (s->hit) { 734 if (s->hit) {
735#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG) 735#ifdef OPENSSL_NO_NEXTPROTONEG
736 s->s3->tmp.next_state = SSL3_ST_SR_FINISHED_A; 736 s->s3->tmp.next_state = SSL3_ST_SR_FINISHED_A;
737#else 737#else
738 if (s->s3->next_proto_neg_seen) 738 if (s->s3->next_proto_neg_seen)
diff --git a/src/lib/libssl/src/ssl/s3_clnt.c b/src/lib/libssl/src/ssl/s3_clnt.c
index 66a7ec0d38..052d23bbf4 100644
--- a/src/lib/libssl/src/ssl/s3_clnt.c
+++ b/src/lib/libssl/src/ssl/s3_clnt.c
@@ -461,7 +461,7 @@ ssl3_connect(SSL *s)
461 if (ret <= 0) 461 if (ret <= 0)
462 goto end; 462 goto end;
463 463
464#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG) 464#ifdef OPENSSL_NO_NEXTPROTONEG
465 s->state = SSL3_ST_CW_FINISHED_A; 465 s->state = SSL3_ST_CW_FINISHED_A;
466#else 466#else
467 if (s->s3->next_proto_neg_seen) 467 if (s->s3->next_proto_neg_seen)
@@ -494,7 +494,7 @@ ssl3_connect(SSL *s)
494 494
495 break; 495 break;
496 496
497#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 497#ifndef OPENSSL_NO_NEXTPROTONEG
498 case SSL3_ST_CW_NEXT_PROTO_A: 498 case SSL3_ST_CW_NEXT_PROTO_A:
499 case SSL3_ST_CW_NEXT_PROTO_B: 499 case SSL3_ST_CW_NEXT_PROTO_B:
500 ret = ssl3_send_next_proto(s); 500 ret = ssl3_send_next_proto(s);
@@ -2871,7 +2871,7 @@ err:
2871 return (0); 2871 return (0);
2872} 2872}
2873 2873
2874#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 2874#ifndef OPENSSL_NO_NEXTPROTONEG
2875int 2875int
2876ssl3_send_next_proto(SSL *s) 2876ssl3_send_next_proto(SSL *s)
2877{ 2877{
@@ -2895,7 +2895,7 @@ ssl3_send_next_proto(SSL *s)
2895 2895
2896 return (ssl3_do_write(s, SSL3_RT_HANDSHAKE)); 2896 return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
2897} 2897}
2898#endif /* !OPENSSL_NO_TLSEXT && !OPENSSL_NO_NEXTPROTONEG */ 2898#endif /* !OPENSSL_NO_NEXTPROTONEG */
2899 2899
2900/* 2900/*
2901 * Check to see if handshake is full or resumed. Usually this is just a 2901 * Check to see if handshake is full or resumed. Usually this is just a
diff --git a/src/lib/libssl/src/ssl/s3_lib.c b/src/lib/libssl/src/ssl/s3_lib.c
index 9aa72a9c4e..3b6eefd99b 100644
--- a/src/lib/libssl/src/ssl/s3_lib.c
+++ b/src/lib/libssl/src/ssl/s3_lib.c
@@ -2409,7 +2409,7 @@ ssl3_clear(SSL *s)
2409 s->s3->in_read_app_data = 0; 2409 s->s3->in_read_app_data = 0;
2410 s->version = SSL3_VERSION; 2410 s->version = SSL3_VERSION;
2411 2411
2412#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 2412#ifndef OPENSSL_NO_NEXTPROTONEG
2413 free(s->next_proto_negotiated); 2413 free(s->next_proto_negotiated);
2414 s->next_proto_negotiated = NULL; 2414 s->next_proto_negotiated = NULL;
2415 s->next_proto_negotiated_len = 0; 2415 s->next_proto_negotiated_len = 0;
@@ -2972,11 +2972,9 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
2972 SSL_CIPHER *c, *ret = NULL; 2972 SSL_CIPHER *c, *ret = NULL;
2973 STACK_OF(SSL_CIPHER) *prio, *allow; 2973 STACK_OF(SSL_CIPHER) *prio, *allow;
2974 int i, ii, ok; 2974 int i, ii, ok;
2975#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_EC)
2976 unsigned int j; 2975 unsigned int j;
2977 int ec_ok, ec_nid; 2976 int ec_ok, ec_nid;
2978 unsigned char ec_search1 = 0, ec_search2 = 0; 2977 unsigned char ec_search1 = 0, ec_search2 = 0;
2979#endif
2980 CERT *cert; 2978 CERT *cert;
2981 unsigned long alg_k, alg_a, mask_k, mask_a, emask_k, emask_a; 2979 unsigned long alg_k, alg_a, mask_k, mask_a, emask_k, emask_a;
2982 2980
@@ -3167,14 +3165,12 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
3167 continue; 3165 continue;
3168 ii = sk_SSL_CIPHER_find(allow, c); 3166 ii = sk_SSL_CIPHER_find(allow, c);
3169 if (ii >= 0) { 3167 if (ii >= 0) {
3170#if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_TLSEXT)
3171 if ((alg_k & SSL_kEECDH) && 3168 if ((alg_k & SSL_kEECDH) &&
3172 (alg_a & SSL_aECDSA) && s->s3->is_probably_safari) { 3169 (alg_a & SSL_aECDSA) && s->s3->is_probably_safari) {
3173 if (!ret) 3170 if (!ret)
3174 ret = sk_SSL_CIPHER_value(allow, ii); 3171 ret = sk_SSL_CIPHER_value(allow, ii);
3175 continue; 3172 continue;
3176 } 3173 }
3177#endif
3178 ret = sk_SSL_CIPHER_value(allow, ii); 3174 ret = sk_SSL_CIPHER_value(allow, ii);
3179 break; 3175 break;
3180 } 3176 }
diff --git a/src/lib/libssl/src/ssl/s3_srvr.c b/src/lib/libssl/src/ssl/s3_srvr.c
index 4a6c3cb1e8..f12b680e99 100644
--- a/src/lib/libssl/src/ssl/s3_srvr.c
+++ b/src/lib/libssl/src/ssl/s3_srvr.c
@@ -570,7 +570,7 @@ ssl3_accept(SSL *s)
570 * the client uses its key from the certificate 570 * the client uses its key from the certificate
571 * for key exchange. 571 * for key exchange.
572 */ 572 */
573#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG) 573#ifdef OPENSSL_NO_NEXTPROTONEG
574 s->state = SSL3_ST_SR_FINISHED_A; 574 s->state = SSL3_ST_SR_FINISHED_A;
575#else 575#else
576 if (s->s3->next_proto_neg_seen) 576 if (s->s3->next_proto_neg_seen)
@@ -641,7 +641,7 @@ ssl3_accept(SSL *s)
641 if (ret <= 0) 641 if (ret <= 0)
642 goto end; 642 goto end;
643 643
644#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG) 644#ifdef OPENSSL_NO_NEXTPROTONEG
645 s->state = SSL3_ST_SR_FINISHED_A; 645 s->state = SSL3_ST_SR_FINISHED_A;
646#else 646#else
647 if (s->s3->next_proto_neg_seen) 647 if (s->s3->next_proto_neg_seen)
@@ -652,7 +652,7 @@ ssl3_accept(SSL *s)
652 s->init_num = 0; 652 s->init_num = 0;
653 break; 653 break;
654 654
655#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 655#ifndef OPENSSL_NO_NEXTPROTONEG
656 case SSL3_ST_SR_NEXT_PROTO_A: 656 case SSL3_ST_SR_NEXT_PROTO_A:
657 case SSL3_ST_SR_NEXT_PROTO_B: 657 case SSL3_ST_SR_NEXT_PROTO_B:
658 ret = ssl3_get_next_proto(s); 658 ret = ssl3_get_next_proto(s);
@@ -732,7 +732,7 @@ ssl3_accept(SSL *s)
732 goto end; 732 goto end;
733 s->state = SSL3_ST_SW_FLUSH; 733 s->state = SSL3_ST_SW_FLUSH;
734 if (s->hit) { 734 if (s->hit) {
735#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG) 735#ifdef OPENSSL_NO_NEXTPROTONEG
736 s->s3->tmp.next_state = SSL3_ST_SR_FINISHED_A; 736 s->s3->tmp.next_state = SSL3_ST_SR_FINISHED_A;
737#else 737#else
738 if (s->s3->next_proto_neg_seen) 738 if (s->s3->next_proto_neg_seen)
diff --git a/src/lib/libssl/src/ssl/ssl_lib.c b/src/lib/libssl/src/ssl/ssl_lib.c
index 55c6b4493a..293292f1c3 100644
--- a/src/lib/libssl/src/ssl/ssl_lib.c
+++ b/src/lib/libssl/src/ssl/ssl_lib.c
@@ -553,7 +553,7 @@ SSL_free(SSL *s)
553 SSL_CTX_free(s->ctx); 553 SSL_CTX_free(s->ctx);
554 554
555 555
556#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 556#ifndef OPENSSL_NO_NEXTPROTONEG
557 free(s->next_proto_negotiated); 557 free(s->next_proto_negotiated);
558#endif 558#endif
559 559
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index 55c6b4493a..293292f1c3 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -553,7 +553,7 @@ SSL_free(SSL *s)
553 SSL_CTX_free(s->ctx); 553 SSL_CTX_free(s->ctx);
554 554
555 555
556#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 556#ifndef OPENSSL_NO_NEXTPROTONEG
557 free(s->next_proto_negotiated); 557 free(s->next_proto_negotiated);
558#endif 558#endif
559 559
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-24 08:08:41 +0000