clean up if 0/if 1 code. we don't care anymore.

author: tedu <> 2014-07-09 20:59:41 +0000
committer: tedu <> 2014-07-09 20:59:41 +0000
commit: c754d242334164abfaf99184420a18b9d36e8d1b (patch)
tree: c3135d547233140911b6aae4756f140a9a880041 /src/lib
parent: 54f4c0ea8f51b3f400a74b0292e5c2e8adcfbeef (diff)
download: openbsd-c754d242334164abfaf99184420a18b9d36e8d1b.tar.gz
openbsd-c754d242334164abfaf99184420a18b9d36e8d1b.tar.bz2
openbsd-c754d242334164abfaf99184420a18b9d36e8d1b.zip
2 files changed, 3 insertions, 119 deletions
diff --git a/src/lib/libssl/src/apps/s_client.c b/src/lib/libssl/src/apps/s_client.c
index 7c96443a11..b0225c9324 100644
--- a/src/lib/libssl/src/apps/s_client.c
+++ b/src/lib/libssl/src/apps/s_client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s_client.c,v 1.62 2014/06/28 04:39:41 deraadt Exp $ */
+/* $OpenBSD: s_client.c,v 1.63 2014/07/09 20:59:41 tedu Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -865,10 +865,6 @@ bad:
                        ERR_print_errors(bio_err);
                        goto end;
                }
-#if 0
-                else
-                        SSL_CTX_set_cipher_list(ctx, getenv("SSL_CIPHER"));
-#endif
        SSL_CTX_set_verify(ctx, verify, verify_callback);
        if (!set_cert_key_stuff(ctx, cert, key))
@@ -998,17 +994,6 @@ re_start:
                SSL_set_tlsext_status_type(con, TLSEXT_STATUSTYPE_ocsp);
                SSL_CTX_set_tlsext_status_cb(ctx, ocsp_resp_cb);
                SSL_CTX_set_tlsext_status_arg(ctx, bio_c_out);
-#if 0
-                {
-                        STACK_OF(OCSP_RESPID) * ids = sk_OCSP_RESPID_new_null();
-                        OCSP_RESPID *id = OCSP_RESPID_new();
-                        id->value.byKey = ASN1_OCTET_STRING_new();
-                        id->type = V_OCSP_RESPID_KEY;
-                        ASN1_STRING_set(id->value.byKey, "Hello World", -1);
-                        sk_OCSP_RESPID_push(ids, id);
-                        SSL_set_tlsext_status_ids(con, ids);
-                }
-#endif
        }
 #endif
@@ -1149,15 +1134,6 @@ re_start:
                        tty_on = 1;
                        if (in_init) {
                                in_init = 0;
-#if 0
-                                /* This test doesn't really work as intended
-                                 * (needs to be fixed) */
-#ifndef OPENSSL_NO_TLSEXT
-                                if (servername != NULL && !SSL_session_reused(con)) {
-                                        BIO_printf(bio_c_out, "Server did %sacknowledge servername extension.\n", tlsextcbp.ack ? "" : "not ");
-                                }
-#endif
-#endif
                                if (sess_out) {
                                        BIO *stmp = BIO_new_file(sess_out, "w");
                                        if (stmp) {
@@ -1299,16 +1275,7 @@ re_start:
                                }
                        }
 #endif
-#if 1
                        k = SSL_read(con, sbuf, 1024 /* BUFSIZZ */ );
-#else
-/* Demo for pending and peek :-) */
-                        k = SSL_read(con, sbuf, 16);
-                        {
-                                char zbuf[10240];
-                                printf("read=%d pending=%d peek=%d\n", k, SSL_pending(con), SSL_peek(con, zbuf, 10240));
-                        }
-#endif
                        switch (SSL_get_error(con, k)) {
                        case SSL_ERROR_NONE:
diff --git a/src/lib/libssl/src/apps/s_server.c b/src/lib/libssl/src/apps/s_server.c
index 61eb667c38..1f80a8f7d9 100644
--- a/src/lib/libssl/src/apps/s_server.c
+++ b/src/lib/libssl/src/apps/s_server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s_server.c,v 1.54 2014/06/28 04:39:41 deraadt Exp $ */
+/* $OpenBSD: s_server.c,v 1.55 2014/07/09 20:59:41 tedu Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -554,11 +554,7 @@ cert_status_cb(SSL * s, void *arg)
        STACK_OF(X509_EXTENSION) * exts;
        int ret = SSL_TLSEXT_ERR_NOACK;
        int i;
-#if 0
-        STACK_OF(OCSP_RESPID) * ids;
-        SSL_get_tlsext_status_ids(s, &ids);
-        BIO_printf(err, "cert_status: received %d ids\n", sk_OCSP_RESPID_num(ids));
-#endif
        if (srctx->verbose)
                BIO_puts(err, "cert_status: callback called\n");
        /* Build up OCSP query from server certificate */
@@ -1184,17 +1180,6 @@ bad:
                SSL_CTX_set_tlsext_use_srtp(ctx, srtp_profiles);
 #endif
-#if 0
-        if (cipher == NULL)
-                cipher = getenv("SSL_CIPHER");
-#endif
-#if 0
-        if (s_cert_file == NULL) {
-                BIO_printf(bio_err, "You must specify a certificate file for the server to use\n");
-                goto end;
-        }
-#endif
        if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) ||
            (!SSL_CTX_set_default_verify_paths(ctx))) {
@@ -1352,7 +1337,6 @@ bad:
                        goto end;
        }
 #ifndef OPENSSL_NO_RSA
-#if 1
        if (!no_tmp_rsa) {
                SSL_CTX_set_tmp_rsa_callback(ctx, tmp_rsa_cb);
 #ifndef OPENSSL_NO_TLSEXT
@@ -1360,31 +1344,6 @@ bad:
                        SSL_CTX_set_tmp_rsa_callback(ctx2, tmp_rsa_cb);
 #endif
        }
-#else
-        if (!no_tmp_rsa && SSL_CTX_need_tmp_RSA(ctx)) {
-                RSA *rsa;
-                BIO_printf(bio_s_out, "Generating temp (512 bit) RSA key...");
-                BIO_flush(bio_s_out);
-                rsa = RSA_generate_key(512, RSA_F4, NULL);
-                if (!SSL_CTX_set_tmp_rsa(ctx, rsa)) {
-                        ERR_print_errors(bio_err);
-                        goto end;
-                }
-#ifndef OPENSSL_NO_TLSEXT
-                if (ctx2) {
-                        if (!SSL_CTX_set_tmp_rsa(ctx2, rsa)) {
-                                ERR_print_errors(bio_err);
-                                goto end;
-                        }
-                }
-#endif
-                RSA_free(rsa);
-                BIO_printf(bio_s_out, "\n");
-        }
-#endif
 #endif
 #ifndef OPENSSL_NO_PSK
@@ -1795,11 +1754,7 @@ sv_body(char *hostname, int s, unsigned char *context)
 err:
        if (con != NULL) {
                BIO_printf(bio_s_out, "shutting down SSL\n");
-#if 1
                SSL_set_shutdown(con, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
-#else
-                SSL_shutdown(con);
-#endif
                SSL_free(con);
        }
        BIO_printf(bio_s_out, "CONNECTION CLOSED\n");
@@ -1938,28 +1893,6 @@ err:
 }
 #endif
-#if 0
-static int 
-load_CA(SSL_CTX * ctx, char *file)
-{
-        FILE *in;
-        X509 *x = NULL;
-        if ((in = fopen(file, "r")) == NULL)
-                return (0);
-        for (;;) {
-                if (PEM_read_X509(in, &x, NULL) == NULL)
-                        break;
-                SSL_CTX_add_client_CA(ctx, x);
-        }
-        if (x != NULL)
-                X509_free(x);
-        fclose(in);
-        return (1);
-}
-#endif
 static int 
 www_body(char *hostname, int s, unsigned char *context)
 {
@@ -2188,21 +2121,11 @@ www_body(char *hostname, int s, unsigned char *context)
                                BIO_printf(io, "'%s' is an invalid path\r\n", p);
                                break;
                        }
-#if 0
-                        /* append if a directory lookup */
-                        if (e[-1] == '/')
-                                strcat(p, "index.html");
-#endif
                        /* if a directory, do the index thang */
                        if (app_isdir(p) > 0) {
-#if 0                           /* must check buffer size */
-                                strcat(p, "/index.html");
-#else
                                BIO_puts(io, text);
                                BIO_printf(io, "'%s' is a directory\r\n", p);
                                break;
-#endif
                        }
                        if ((file = BIO_new_file(p, "r")) == NULL) {
                                BIO_puts(io, text);
@@ -2274,14 +2197,8 @@ www_body(char *hostname, int s, unsigned char *context)
                        break;
        }
 end:
-#if 1
        /* make sure we re-use sessions */
        SSL_set_shutdown(con, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
-#else
-        /* This kills performance */
-/*      SSL_shutdown(con); A shutdown gets sent in the
- *      BIO_free_all(io) procession */
-#endif
 err:
author	tedu <>	2014-07-09 20:59:41 +0000
committer	tedu <>	2014-07-09 20:59:41 +0000
commit	c754d242334164abfaf99184420a18b9d36e8d1b (patch)
tree	c3135d547233140911b6aae4756f140a9a880041 /src/lib
parent	54f4c0ea8f51b3f400a74b0292e5c2e8adcfbeef (diff)
download	openbsd-c754d242334164abfaf99184420a18b9d36e8d1b.tar.gz openbsd-c754d242334164abfaf99184420a18b9d36e8d1b.tar.bz2 openbsd-c754d242334164abfaf99184420a18b9d36e8d1b.zip

diff --git a/src/lib/libssl/src/apps/s_client.c b/src/lib/libssl/src/apps/s_client.c index 7c96443a11..b0225c9324 100644 --- a/src/lib/libssl/src/apps/s_client.c +++ b/src/lib/libssl/src/apps/s_client.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s_client.c,v 1.62 2014/06/28 04:39:41 deraadt Exp $ */	1	/* $OpenBSD: s_client.c,v 1.63 2014/07/09 20:59:41 tedu Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -865,10 +865,6 @@ bad:
865	ERR_print_errors(bio_err);	865	ERR_print_errors(bio_err);
866	goto end;	866	goto end;
867	}	867	}
868	#if 0
869	else
870	SSL_CTX_set_cipher_list(ctx, getenv("SSL_CIPHER"));
871	#endif
872		868
873	SSL_CTX_set_verify(ctx, verify, verify_callback);	869	SSL_CTX_set_verify(ctx, verify, verify_callback);
874	if (!set_cert_key_stuff(ctx, cert, key))	870	if (!set_cert_key_stuff(ctx, cert, key))
@@ -998,17 +994,6 @@ re_start:
998	SSL_set_tlsext_status_type(con, TLSEXT_STATUSTYPE_ocsp);	994	SSL_set_tlsext_status_type(con, TLSEXT_STATUSTYPE_ocsp);
999	SSL_CTX_set_tlsext_status_cb(ctx, ocsp_resp_cb);	995	SSL_CTX_set_tlsext_status_cb(ctx, ocsp_resp_cb);
1000	SSL_CTX_set_tlsext_status_arg(ctx, bio_c_out);	996	SSL_CTX_set_tlsext_status_arg(ctx, bio_c_out);
1001	#if 0
1002	{
1003	STACK_OF(OCSP_RESPID) * ids = sk_OCSP_RESPID_new_null();
1004	OCSP_RESPID *id = OCSP_RESPID_new();
1005	id->value.byKey = ASN1_OCTET_STRING_new();
1006	id->type = V_OCSP_RESPID_KEY;
1007	ASN1_STRING_set(id->value.byKey, "Hello World", -1);
1008	sk_OCSP_RESPID_push(ids, id);
1009	SSL_set_tlsext_status_ids(con, ids);
1010	}
1011	#endif
1012	}	997	}
1013	#endif	998	#endif
1014		999
@@ -1149,15 +1134,6 @@ re_start:
1149	tty_on = 1;	1134	tty_on = 1;
1150	if (in_init) {	1135	if (in_init) {
1151	in_init = 0;	1136	in_init = 0;
1152	#if 0
1153	/* This test doesn't really work as intended
1154	* (needs to be fixed) */
1155	#ifndef OPENSSL_NO_TLSEXT
1156	if (servername != NULL && !SSL_session_reused(con)) {
1157	BIO_printf(bio_c_out, "Server did %sacknowledge servername extension.\n", tlsextcbp.ack ? "" : "not ");
1158	}
1159	#endif
1160	#endif
1161	if (sess_out) {	1137	if (sess_out) {
1162	BIO *stmp = BIO_new_file(sess_out, "w");	1138	BIO *stmp = BIO_new_file(sess_out, "w");
1163	if (stmp) {	1139	if (stmp) {
@@ -1299,16 +1275,7 @@ re_start:
1299	}	1275	}
1300	}	1276	}
1301	#endif	1277	#endif
1302	#if 1
1303	k = SSL_read(con, sbuf, 1024 /* BUFSIZZ */ );	1278	k = SSL_read(con, sbuf, 1024 /* BUFSIZZ */ );
1304	#else
1305	/* Demo for pending and peek :-) */
1306	k = SSL_read(con, sbuf, 16);
1307	{
1308	char zbuf[10240];
1309	printf("read=%d pending=%d peek=%d\n", k, SSL_pending(con), SSL_peek(con, zbuf, 10240));
1310	}
1311	#endif
1312		1279
1313	switch (SSL_get_error(con, k)) {	1280	switch (SSL_get_error(con, k)) {
1314	case SSL_ERROR_NONE:	1281	case SSL_ERROR_NONE:


diff --git a/src/lib/libssl/src/apps/s_server.c b/src/lib/libssl/src/apps/s_server.c index 61eb667c38..1f80a8f7d9 100644 --- a/src/lib/libssl/src/apps/s_server.c +++ b/src/lib/libssl/src/apps/s_server.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s_server.c,v 1.54 2014/06/28 04:39:41 deraadt Exp $ */	1	/* $OpenBSD: s_server.c,v 1.55 2014/07/09 20:59:41 tedu Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -554,11 +554,7 @@ cert_status_cb(SSL * s, void *arg)
554	STACK_OF(X509_EXTENSION) * exts;	554	STACK_OF(X509_EXTENSION) * exts;
555	int ret = SSL_TLSEXT_ERR_NOACK;	555	int ret = SSL_TLSEXT_ERR_NOACK;
556	int i;	556	int i;
557	#if 0	557
558	STACK_OF(OCSP_RESPID) * ids;
559	SSL_get_tlsext_status_ids(s, &ids);
560	BIO_printf(err, "cert_status: received %d ids\n", sk_OCSP_RESPID_num(ids));
561	#endif
562	if (srctx->verbose)	558	if (srctx->verbose)
563	BIO_puts(err, "cert_status: callback called\n");	559	BIO_puts(err, "cert_status: callback called\n");
564	/* Build up OCSP query from server certificate */	560	/* Build up OCSP query from server certificate */
@@ -1184,17 +1180,6 @@ bad:
1184	SSL_CTX_set_tlsext_use_srtp(ctx, srtp_profiles);	1180	SSL_CTX_set_tlsext_use_srtp(ctx, srtp_profiles);
1185	#endif	1181	#endif
1186		1182
1187	#if 0
1188	if (cipher == NULL)
1189	cipher = getenv("SSL_CIPHER");
1190	#endif
1191
1192	#if 0
1193	if (s_cert_file == NULL) {
1194	BIO_printf(bio_err, "You must specify a certificate file for the server to use\n");
1195	goto end;
1196	}
1197	#endif
1198		1183
1199	if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) \|\|	1184	if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) \|\|
1200	(!SSL_CTX_set_default_verify_paths(ctx))) {	1185	(!SSL_CTX_set_default_verify_paths(ctx))) {
@@ -1352,7 +1337,6 @@ bad:
1352	goto end;	1337	goto end;
1353	}	1338	}
1354	#ifndef OPENSSL_NO_RSA	1339	#ifndef OPENSSL_NO_RSA
1355	#if 1
1356	if (!no_tmp_rsa) {	1340	if (!no_tmp_rsa) {
1357	SSL_CTX_set_tmp_rsa_callback(ctx, tmp_rsa_cb);	1341	SSL_CTX_set_tmp_rsa_callback(ctx, tmp_rsa_cb);
1358	#ifndef OPENSSL_NO_TLSEXT	1342	#ifndef OPENSSL_NO_TLSEXT
@@ -1360,31 +1344,6 @@ bad:
1360	SSL_CTX_set_tmp_rsa_callback(ctx2, tmp_rsa_cb);	1344	SSL_CTX_set_tmp_rsa_callback(ctx2, tmp_rsa_cb);
1361	#endif	1345	#endif
1362	}	1346	}
1363	#else
1364	if (!no_tmp_rsa && SSL_CTX_need_tmp_RSA(ctx)) {
1365	RSA *rsa;
1366
1367	BIO_printf(bio_s_out, "Generating temp (512 bit) RSA key...");
1368	BIO_flush(bio_s_out);
1369
1370	rsa = RSA_generate_key(512, RSA_F4, NULL);
1371
1372	if (!SSL_CTX_set_tmp_rsa(ctx, rsa)) {
1373	ERR_print_errors(bio_err);
1374	goto end;
1375	}
1376	#ifndef OPENSSL_NO_TLSEXT
1377	if (ctx2) {
1378	if (!SSL_CTX_set_tmp_rsa(ctx2, rsa)) {
1379	ERR_print_errors(bio_err);
1380	goto end;
1381	}
1382	}
1383	#endif
1384	RSA_free(rsa);
1385	BIO_printf(bio_s_out, "\n");
1386	}
1387	#endif
1388	#endif	1347	#endif
1389		1348
1390	#ifndef OPENSSL_NO_PSK	1349	#ifndef OPENSSL_NO_PSK
@@ -1795,11 +1754,7 @@ sv_body(char hostname, int s, unsigned char context)
1795	err:	1754	err:
1796	if (con != NULL) {	1755	if (con != NULL) {
1797	BIO_printf(bio_s_out, "shutting down SSL\n");	1756	BIO_printf(bio_s_out, "shutting down SSL\n");
1798	#if 1
1799	SSL_set_shutdown(con, SSL_SENT_SHUTDOWN \| SSL_RECEIVED_SHUTDOWN);	1757	SSL_set_shutdown(con, SSL_SENT_SHUTDOWN \| SSL_RECEIVED_SHUTDOWN);
1800	#else
1801	SSL_shutdown(con);
1802	#endif
1803	SSL_free(con);	1758	SSL_free(con);
1804	}	1759	}
1805	BIO_printf(bio_s_out, "CONNECTION CLOSED\n");	1760	BIO_printf(bio_s_out, "CONNECTION CLOSED\n");
@@ -1938,28 +1893,6 @@ err:
1938	}	1893	}
1939	#endif	1894	#endif
1940		1895
1941	#if 0
1942	static int
1943	load_CA(SSL_CTX * ctx, char *file)
1944	{
1945	FILE *in;
1946	X509 *x = NULL;
1947
1948	if ((in = fopen(file, "r")) == NULL)
1949	return (0);
1950
1951	for (;;) {
1952	if (PEM_read_X509(in, &x, NULL) == NULL)
1953	break;
1954	SSL_CTX_add_client_CA(ctx, x);
1955	}
1956	if (x != NULL)
1957	X509_free(x);
1958	fclose(in);
1959	return (1);
1960	}
1961	#endif
1962
1963	static int	1896	static int
1964	www_body(char hostname, int s, unsigned char context)	1897	www_body(char hostname, int s, unsigned char context)
1965	{	1898	{
@@ -2188,21 +2121,11 @@ www_body(char hostname, int s, unsigned char context)
2188	BIO_printf(io, "'%s' is an invalid path\r\n", p);	2121	BIO_printf(io, "'%s' is an invalid path\r\n", p);
2189	break;	2122	break;
2190	}	2123	}
2191	#if 0
2192	/* append if a directory lookup */
2193	if (e[-1] == '/')
2194	strcat(p, "index.html");
2195	#endif
2196
2197	/* if a directory, do the index thang */	2124	/* if a directory, do the index thang */
2198	if (app_isdir(p) > 0) {	2125	if (app_isdir(p) > 0) {
2199	#if 0 /* must check buffer size */
2200	strcat(p, "/index.html");
2201	#else
2202	BIO_puts(io, text);	2126	BIO_puts(io, text);
2203	BIO_printf(io, "'%s' is a directory\r\n", p);	2127	BIO_printf(io, "'%s' is a directory\r\n", p);
2204	break;	2128	break;
2205	#endif
2206	}	2129	}
2207	if ((file = BIO_new_file(p, "r")) == NULL) {	2130	if ((file = BIO_new_file(p, "r")) == NULL) {
2208	BIO_puts(io, text);	2131	BIO_puts(io, text);
@@ -2274,14 +2197,8 @@ www_body(char hostname, int s, unsigned char context)
2274	break;	2197	break;
2275	}	2198	}
2276	end:	2199	end:
2277	#if 1
2278	/* make sure we re-use sessions */	2200	/* make sure we re-use sessions */
2279	SSL_set_shutdown(con, SSL_SENT_SHUTDOWN \| SSL_RECEIVED_SHUTDOWN);	2201	SSL_set_shutdown(con, SSL_SENT_SHUTDOWN \| SSL_RECEIVED_SHUTDOWN);
2280	#else
2281	/* This kills performance */
2282	/* SSL_shutdown(con); A shutdown gets sent in the
2283	* BIO_free_all(io) procession */
2284	#endif
2285		2202
2286	err:	2203	err:
2287		2204