unifdef OPENSSL_NO_NEXTPROTONEG

author: jsing <> 2014-12-14 14:42:06 +0000
committer: jsing <> 2014-12-14 14:42:06 +0000
commit: 45a57065d1148899826db257e083825843357376 (patch)
tree: c2cdaf5dee151708abd8cdd369d67e62c581de59 /src
parent: b303e332970ffd772a791a3a52b851697dd671bc (diff)
download: openbsd-45a57065d1148899826db257e083825843357376.tar.gz
openbsd-45a57065d1148899826db257e083825843357376.tar.bz2
openbsd-45a57065d1148899826db257e083825843357376.zip
4 files changed, 4 insertions, 41 deletions
diff --git a/src/usr.bin/openssl/apps.c b/src/usr.bin/openssl/apps.c
index a042f074f9..009f48652a 100644
--- a/src/usr.bin/openssl/apps.c
+++ b/src/usr.bin/openssl/apps.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: apps.c,v 1.13 2014/12/03 22:16:02 bcook Exp $ */
+/* $OpenBSD: apps.c,v 1.14 2014/12/14 14:42:06 jsing Exp $ */
 /*
 * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
 *
@@ -2163,7 +2163,6 @@ policies_print(BIO *out, X509_STORE_CTX *ctx)
                BIO_free(out);
 }
-#if !defined(OPENSSL_NO_NEXTPROTONEG)
 /* next_protos_parse parses a comma separated list of strings into a string
 * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
 *   outlen: (output) set to the length of the resulting buffer on success.
@@ -2202,8 +2201,6 @@ next_protos_parse(unsigned short *outlen, const char *in)
        *outlen = len + 1;
        return out;
 }
-#endif
-/* !OPENSSL_NO_NEXTPROTONEG */
 int
 app_isdir(const char *name)
diff --git a/src/usr.bin/openssl/apps.h b/src/usr.bin/openssl/apps.h
index d6b18e2a35..b2b7e85107 100644
--- a/src/usr.bin/openssl/apps.h
+++ b/src/usr.bin/openssl/apps.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: apps.h,v 1.8 2014/11/07 14:16:48 jsing Exp $ */
+/* $OpenBSD: apps.h,v 1.9 2014/12/14 14:42:06 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -245,9 +245,7 @@ int do_X509_REQ_sign(BIO *err, X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md,
 int do_X509_CRL_sign(BIO *err, X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md,
    STACK_OF(OPENSSL_STRING) *sigopts);
-#if !defined(OPENSSL_NO_NEXTPROTONEG)
 unsigned char *next_protos_parse(unsigned short *outlen, const char *in);
-#endif  /* !OPENSSL_NO_NEXTPROTONEG */
 #define FORMAT_UNDEF    0
 #define FORMAT_ASN1     1
diff --git a/src/usr.bin/openssl/s_client.c b/src/usr.bin/openssl/s_client.c
index 4476852cdb..a079c39b9e 100644
--- a/src/usr.bin/openssl/s_client.c
+++ b/src/usr.bin/openssl/s_client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s_client.c,v 1.10 2014/12/10 15:24:01 jsing Exp $ */
+/* $OpenBSD: s_client.c,v 1.11 2014/12/14 14:42:06 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -250,9 +250,7 @@ sc_usage(void)
        BIO_printf(bio_err, " -tlsextdebug      - hex dump of all TLS extensions received\n");
        BIO_printf(bio_err, " -status           - request certificate status from server\n");
        BIO_printf(bio_err, " -no_ticket        - disable use of RFC4507bis session tickets\n");
-#ifndef OPENSSL_NO_NEXTPROTONEG
        BIO_printf(bio_err, " -nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)\n");
-#endif
        BIO_printf(bio_err, " -alpn arg         - enable ALPN extension, considering named protocols supported (comma-separated list)\n");
 #ifndef OPENSSL_NO_SRTP
        BIO_printf(bio_err, " -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n");
@@ -286,7 +284,6 @@ ssl_servername_cb(SSL * s, int *ad, void *arg)
 char *srtp_profiles = NULL;
 #endif
-#ifndef OPENSSL_NO_NEXTPROTONEG
 /* This the context that we pass to next_proto_cb */
 typedef struct tlsextnextprotoctx_st {
        unsigned char *data;
@@ -316,7 +313,6 @@ next_proto_cb(SSL * s, unsigned char **out, unsigned char *outlen, const unsigne
        ctx->status = SSL_select_next_proto(out, outlen, in, inlen, ctx->data, ctx->len);
        return SSL_TLSEXT_ERR_OK;
 }
-#endif                          /* ndef OPENSSL_NO_NEXTPROTONEG */
 enum {
        PROTO_OFF = 0,
@@ -372,9 +368,7 @@ s_client_main(int argc, char **argv)
        char *servername = NULL;
        tlsextctx tlsextcbp =
        {NULL, 0};
-#ifndef OPENSSL_NO_NEXTPROTONEG
        const char *next_proto_neg_in = NULL;
-#endif
        const char *alpn_in = NULL;
        char *sess_in = NULL;
        char *sess_out = NULL;
@@ -539,13 +533,11 @@ s_client_main(int argc, char **argv)
                else if (strcmp(*argv, "-no_ticket") == 0) {
                        off |= SSL_OP_NO_TICKET;
                }
-#ifndef OPENSSL_NO_NEXTPROTONEG
                else if (strcmp(*argv, "-nextprotoneg") == 0) {
                        if (--argc < 1)
                                goto bad;
                        next_proto_neg_in = *(++argv);
                }
-#endif
                else if (strcmp(*argv, "-alpn") == 0) {
                        if (--argc < 1)
                                goto bad;
@@ -642,7 +634,6 @@ bad:
                goto end;
        }
-#if !defined(OPENSSL_NO_NEXTPROTONEG)
        next_proto.status = -1;
        if (next_proto_neg_in) {
                next_proto.data = next_protos_parse(&next_proto.len, next_proto_neg_in);
@@ -652,7 +643,6 @@ bad:
                }
        } else
                next_proto.data = NULL;
-#endif
 #ifndef OPENSSL_NO_ENGINE
        e = setup_engine(bio_err, engine_id, 1);
@@ -738,10 +728,8 @@ bad:
        if (socket_type == SOCK_DGRAM)
                SSL_CTX_set_read_ahead(ctx, 1);
-#if !defined(OPENSSL_NO_NEXTPROTONEG)
        if (next_proto.data)
                SSL_CTX_set_next_proto_select_cb(ctx, next_proto_cb, &next_proto);
-#endif
        if (alpn_in) {
                unsigned short alpn_len;
                unsigned char *alpn = next_protos_parse(&alpn_len, alpn_in);
@@ -1274,9 +1262,7 @@ end:
                        print_stuff(bio_c_out, con, 1);
                SSL_free(con);
        }
-#if !defined(OPENSSL_NO_NEXTPROTONEG)
        free(next_proto.data);
-#endif
        if (ctx != NULL)
                SSL_CTX_free(ctx);
        if (cert)
@@ -1430,7 +1416,6 @@ print_stuff(BIO * bio, SSL * s, int full)
        }
 #endif
-#if !defined(OPENSSL_NO_NEXTPROTONEG)
        if (next_proto.status != -1) {
                const unsigned char *proto;
                unsigned int proto_len;
@@ -1439,7 +1424,6 @@ print_stuff(BIO * bio, SSL * s, int full)
                BIO_write(bio, proto, proto_len);
                BIO_write(bio, "\n", 1);
        }
-#endif
        {
                const unsigned char *proto;
                unsigned int proto_len;
diff --git a/src/usr.bin/openssl/s_server.c b/src/usr.bin/openssl/s_server.c
index 35ed6d169c..fdd93977e8 100644
--- a/src/usr.bin/openssl/s_server.c
+++ b/src/usr.bin/openssl/s_server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s_server.c,v 1.8 2014/12/10 15:24:01 jsing Exp $ */
+/* $OpenBSD: s_server.c,v 1.9 2014/12/14 14:42:06 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -348,9 +348,7 @@ sv_usage(void)
        BIO_printf(bio_err, "                 not specified (default is %s)\n", TEST_CERT2);
        BIO_printf(bio_err, " -tlsextdebug  - hex dump of all TLS extensions received\n");
        BIO_printf(bio_err, " -no_ticket    - disable use of RFC4507bis session tickets\n");
-#ifndef OPENSSL_NO_NEXTPROTONEG
        BIO_printf(bio_err, " -nextprotoneg arg - set the advertised protocols for the NPN extension (comma-separated list)\n");
-#endif
        BIO_printf(bio_err," -alpn arg  - set the advertised protocols for the ALPN extension (comma-separated list)\n");
 #ifndef OPENSSL_NO_SRTP
        BIO_printf(bio_err, " -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n");
@@ -526,7 +524,6 @@ err:
        goto done;
 }
-#ifndef OPENSSL_NO_NEXTPROTONEG
 /* This is the context that we pass to next_proto_cb */
 typedef struct tlsextnextprotoctx_st {
        unsigned char *data;
@@ -543,7 +540,6 @@ next_proto_cb(SSL * s, const unsigned char **data, unsigned int *len, void *arg)
        return SSL_TLSEXT_ERR_OK;
 }
-#endif                          /* ndef OPENSSL_NO_NEXTPROTONEG */
 /* This the context that we pass to alpn_cb */
@@ -621,10 +617,8 @@ s_server_main(int argc, char *argv[])
        EVP_PKEY *s_key2 = NULL;
        X509 *s_cert2 = NULL;
        tlsextctx tlsextcbp = {NULL, NULL, SSL_TLSEXT_ERR_ALERT_WARNING};
-#ifndef OPENSSL_NO_NEXTPROTONEG
        const char *next_proto_neg_in = NULL;
        tlsextnextprotoctx next_proto = { NULL, 0 };
-#endif
        const char *alpn_in = NULL;
        tlsextalpnctx alpn_ctx = { NULL, 0 };
        meth = SSLv23_server_method();
@@ -873,13 +867,11 @@ s_server_main(int argc, char *argv[])
                                goto bad;
                        s_key_file2 = *(++argv);
                }
-#ifndef OPENSSL_NO_NEXTPROTONEG
                else if (strcmp(*argv, "-nextprotoneg") == 0) {
                        if (--argc < 1)
                                goto bad;
                        next_proto_neg_in = *(++argv);
                }
-#endif
                else if (strcmp(*argv,"-alpn") == 0) {
                        if (--argc < 1)
                                goto bad;
@@ -963,7 +955,6 @@ bad:
                        }
                }
        }
-#if !defined(OPENSSL_NO_NEXTPROTONEG)
        if (next_proto_neg_in) {
                unsigned short len;
                next_proto.data = next_protos_parse(&len, next_proto_neg_in);
@@ -973,7 +964,6 @@ bad:
        } else {
                next_proto.data = NULL;
        }
-#endif
        alpn_ctx.data = NULL;
        if (alpn_in) {
                unsigned short len;
@@ -1125,10 +1115,8 @@ bad:
                if (vpm)
                        SSL_CTX_set1_param(ctx2, vpm);
        }
-#ifndef OPENSSL_NO_NEXTPROTONEG
        if (next_proto.data)
                SSL_CTX_set_next_protos_advertised_cb(ctx, next_proto_cb, &next_proto);
-#endif
        if (alpn_ctx.data)
                SSL_CTX_set_alpn_select_cb(ctx, alpn_cb, &alpn_ctx);
@@ -1660,10 +1648,8 @@ init_ssl_connection(SSL * con)
        X509 *peer;
        long verify_error;
        char buf[BUFSIZ];
-#if !defined(OPENSSL_NO_NEXTPROTONEG)
        const unsigned char *next_proto_neg;
        unsigned next_proto_neg_len;
-#endif
        unsigned char *exportedkeymat;
        i = SSL_accept(con);
@@ -1698,14 +1684,12 @@ init_ssl_connection(SSL * con)
        str = SSL_CIPHER_get_name(SSL_get_current_cipher(con));
        BIO_printf(bio_s_out, "CIPHER is %s\n", (str != NULL) ? str : "(NONE)");
-#if !defined(OPENSSL_NO_NEXTPROTONEG)
        SSL_get0_next_proto_negotiated(con, &next_proto_neg, &next_proto_neg_len);
        if (next_proto_neg) {
                BIO_printf(bio_s_out, "NEXTPROTO is ");
                BIO_write(bio_s_out, next_proto_neg, next_proto_neg_len);
                BIO_printf(bio_s_out, "\n");
        }
-#endif
 #ifndef OPENSSL_NO_SRTP
        {
                SRTP_PROTECTION_PROFILE *srtp_profile
author	jsing <>	2014-12-14 14:42:06 +0000
committer	jsing <>	2014-12-14 14:42:06 +0000
commit	45a57065d1148899826db257e083825843357376 (patch)
tree	c2cdaf5dee151708abd8cdd369d67e62c581de59 /src
parent	b303e332970ffd772a791a3a52b851697dd671bc (diff)
download	openbsd-45a57065d1148899826db257e083825843357376.tar.gz openbsd-45a57065d1148899826db257e083825843357376.tar.bz2 openbsd-45a57065d1148899826db257e083825843357376.zip