summaryrefslogtreecommitdiff
path: root/src/lib/libssl/s3_clnt.c
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/lib/libssl/s3_clnt.c29
1 files changed, 0 insertions, 29 deletions
diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c
index bda14069c1..66a7ec0d38 100644
--- a/src/lib/libssl/s3_clnt.c
+++ b/src/lib/libssl/s3_clnt.c
@@ -316,12 +316,10 @@ ssl3_connect(SSL *s)
316 316
317 if (s->hit) { 317 if (s->hit) {
318 s->state = SSL3_ST_CR_FINISHED_A; 318 s->state = SSL3_ST_CR_FINISHED_A;
319#ifndef OPENSSL_NO_TLSEXT
320 if (s->tlsext_ticket_expected) { 319 if (s->tlsext_ticket_expected) {
321 /* receive renewed session ticket */ 320 /* receive renewed session ticket */
322 s->state = SSL3_ST_CR_SESSION_TICKET_A; 321 s->state = SSL3_ST_CR_SESSION_TICKET_A;
323 } 322 }
324#endif
325 } else 323 } else
326 s->state = SSL3_ST_CR_CERT_A; 324 s->state = SSL3_ST_CR_CERT_A;
327 s->init_num = 0; 325 s->init_num = 0;
@@ -329,7 +327,6 @@ ssl3_connect(SSL *s)
329 327
330 case SSL3_ST_CR_CERT_A: 328 case SSL3_ST_CR_CERT_A:
331 case SSL3_ST_CR_CERT_B: 329 case SSL3_ST_CR_CERT_B:
332#ifndef OPENSSL_NO_TLSEXT
333 ret = ssl3_check_finished(s); 330 ret = ssl3_check_finished(s);
334 if (ret <= 0) 331 if (ret <= 0)
335 goto end; 332 goto end;
@@ -342,7 +339,6 @@ ssl3_connect(SSL *s)
342 s->init_num = 0; 339 s->init_num = 0;
343 break; 340 break;
344 } 341 }
345#endif
346 /* Check if it is anon DH/ECDH or PSK */ 342 /* Check if it is anon DH/ECDH or PSK */
347 if (!(s->s3->tmp.new_cipher->algorithm_auth & 343 if (!(s->s3->tmp.new_cipher->algorithm_auth &
348 SSL_aNULL) && 344 SSL_aNULL) &&
@@ -351,7 +347,6 @@ ssl3_connect(SSL *s)
351 ret = ssl3_get_server_certificate(s); 347 ret = ssl3_get_server_certificate(s);
352 if (ret <= 0) 348 if (ret <= 0)
353 goto end; 349 goto end;
354#ifndef OPENSSL_NO_TLSEXT
355 if (s->tlsext_status_expected) 350 if (s->tlsext_status_expected)
356 s->state = SSL3_ST_CR_CERT_STATUS_A; 351 s->state = SSL3_ST_CR_CERT_STATUS_A;
357 else 352 else
@@ -360,12 +355,6 @@ ssl3_connect(SSL *s)
360 skip = 1; 355 skip = 1;
361 s->state = SSL3_ST_CR_KEY_EXCH_A; 356 s->state = SSL3_ST_CR_KEY_EXCH_A;
362 } 357 }
363#else
364 } else
365 skip = 1;
366
367 s->state = SSL3_ST_CR_KEY_EXCH_A;
368#endif
369 s->init_num = 0; 358 s->init_num = 0;
370 break; 359 break;
371 360
@@ -536,20 +525,17 @@ ssl3_connect(SSL *s)
536 s->s3->delay_buf_pop_ret = 0; 525 s->s3->delay_buf_pop_ret = 0;
537 } 526 }
538 } else { 527 } else {
539#ifndef OPENSSL_NO_TLSEXT
540 /* Allow NewSessionTicket if ticket expected */ 528 /* Allow NewSessionTicket if ticket expected */
541 if (s->tlsext_ticket_expected) 529 if (s->tlsext_ticket_expected)
542 s->s3->tmp.next_state = 530 s->s3->tmp.next_state =
543 SSL3_ST_CR_SESSION_TICKET_A; 531 SSL3_ST_CR_SESSION_TICKET_A;
544 else 532 else
545#endif
546 533
547 s->s3->tmp.next_state = SSL3_ST_CR_FINISHED_A; 534 s->s3->tmp.next_state = SSL3_ST_CR_FINISHED_A;
548 } 535 }
549 s->init_num = 0; 536 s->init_num = 0;
550 break; 537 break;
551 538
552#ifndef OPENSSL_NO_TLSEXT
553 case SSL3_ST_CR_SESSION_TICKET_A: 539 case SSL3_ST_CR_SESSION_TICKET_A:
554 case SSL3_ST_CR_SESSION_TICKET_B: 540 case SSL3_ST_CR_SESSION_TICKET_B:
555 ret = ssl3_get_new_session_ticket(s); 541 ret = ssl3_get_new_session_ticket(s);
@@ -567,7 +553,6 @@ ssl3_connect(SSL *s)
567 s->state = SSL3_ST_CR_KEY_EXCH_A; 553 s->state = SSL3_ST_CR_KEY_EXCH_A;
568 s->init_num = 0; 554 s->init_num = 0;
569 break; 555 break;
570#endif
571 556
572 case SSL3_ST_CR_FINISHED_A: 557 case SSL3_ST_CR_FINISHED_A:
573 case SSL3_ST_CR_FINISHED_B: 558 case SSL3_ST_CR_FINISHED_B:
@@ -681,11 +666,7 @@ ssl3_client_hello(SSL *s)
681 SSL_SESSION *sess = s->session; 666 SSL_SESSION *sess = s->session;
682 if ((sess == NULL) || 667 if ((sess == NULL) ||
683 (sess->ssl_version != s->version) || 668 (sess->ssl_version != s->version) ||
684#ifdef OPENSSL_NO_TLSEXT
685 !sess->session_id_length ||
686#else
687 (!sess->session_id_length && !sess->tlsext_tick) || 669 (!sess->session_id_length && !sess->tlsext_tick) ||
688#endif
689 (sess->not_resumable)) { 670 (sess->not_resumable)) {
690 if (!ssl_get_new_session(s, 0)) 671 if (!ssl_get_new_session(s, 0))
691 goto err; 672 goto err;
@@ -791,7 +772,6 @@ ssl3_client_hello(SSL *s)
791#endif 772#endif
792 *(p++) = 0; /* Add the NULL method */ 773 *(p++) = 0; /* Add the NULL method */
793 774
794#ifndef OPENSSL_NO_TLSEXT
795 /* TLS extensions*/ 775 /* TLS extensions*/
796 if (ssl_prepare_clienthello_tlsext(s) <= 0) { 776 if (ssl_prepare_clienthello_tlsext(s) <= 0) {
797 SSLerr(SSL_F_SSL3_CLIENT_HELLO, 777 SSLerr(SSL_F_SSL3_CLIENT_HELLO,
@@ -804,7 +784,6 @@ ssl3_client_hello(SSL *s)
804 ERR_R_INTERNAL_ERROR); 784 ERR_R_INTERNAL_ERROR);
805 goto err; 785 goto err;
806 } 786 }
807#endif
808 787
809 l = (p - d); 788 l = (p - d);
810 d = buf; 789 d = buf;
@@ -892,7 +871,6 @@ ssl3_get_server_hello(SSL *s)
892 goto f_err; 871 goto f_err;
893 } 872 }
894 873
895#ifndef OPENSSL_NO_TLSEXT
896 /* 874 /*
897 * Check if we want to resume the session based on external 875 * Check if we want to resume the session based on external
898 * pre-shared secret 876 * pre-shared secret
@@ -907,7 +885,6 @@ ssl3_get_server_hello(SSL *s)
907 pref_cipher : ssl_get_cipher_by_char(s, p + j); 885 pref_cipher : ssl_get_cipher_by_char(s, p + j);
908 } 886 }
909 } 887 }
910#endif /* OPENSSL_NO_TLSEXT */
911 888
912 if (j != 0 && j == s->session->session_id_length && 889 if (j != 0 && j == s->session->session_id_length &&
913 memcmp(p, s->session->session_id, j) == 0) { 890 memcmp(p, s->session->session_id, j) == 0) {
@@ -1033,7 +1010,6 @@ ssl3_get_server_hello(SSL *s)
1033 } 1010 }
1034#endif 1011#endif
1035 1012
1036#ifndef OPENSSL_NO_TLSEXT
1037 /* TLS extensions*/ 1013 /* TLS extensions*/
1038 if (s->version >= SSL3_VERSION) { 1014 if (s->version >= SSL3_VERSION) {
1039 if (!ssl_parse_serverhello_tlsext(s, &p, d, n, &al)) { 1015 if (!ssl_parse_serverhello_tlsext(s, &p, d, n, &al)) {
@@ -1049,7 +1025,6 @@ ssl3_get_server_hello(SSL *s)
1049 goto err; 1025 goto err;
1050 } 1026 }
1051 } 1027 }
1052#endif
1053 1028
1054 if (p != (d + n)) { 1029 if (p != (d + n)) {
1055 /* wrong packet length */ 1030 /* wrong packet length */
@@ -1876,7 +1851,6 @@ ca_dn_cmp(const X509_NAME * const *a, const X509_NAME * const *b)
1876 return (X509_NAME_cmp(*a, *b)); 1851 return (X509_NAME_cmp(*a, *b));
1877} 1852}
1878 1853
1879#ifndef OPENSSL_NO_TLSEXT
1880int 1854int
1881ssl3_get_new_session_ticket(SSL *s) 1855ssl3_get_new_session_ticket(SSL *s)
1882{ 1856{
@@ -2018,7 +1992,6 @@ f_err:
2018 ssl3_send_alert(s, SSL3_AL_FATAL, al); 1992 ssl3_send_alert(s, SSL3_AL_FATAL, al);
2019 return (-1); 1993 return (-1);
2020} 1994}
2021#endif
2022 1995
2023int 1996int
2024ssl3_get_server_done(SSL *s) 1997ssl3_get_server_done(SSL *s)
@@ -2930,7 +2903,6 @@ ssl3_send_next_proto(SSL *s)
2930 * session tickets we have to check the next message to be sure. 2903 * session tickets we have to check the next message to be sure.
2931 */ 2904 */
2932 2905
2933#ifndef OPENSSL_NO_TLSEXT
2934int 2906int
2935ssl3_check_finished(SSL *s) 2907ssl3_check_finished(SSL *s)
2936{ 2908{
@@ -2953,7 +2925,6 @@ ssl3_check_finished(SSL *s)
2953 2925
2954 return (1); 2926 return (1);
2955} 2927}
2956#endif
2957 2928
2958int 2929int
2959ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey) 2930ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey)
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-11-03 16:12:41 +0000