diff options
Diffstat (limited to 'src/lib/libssl/s3_clnt.c')
| -rw-r--r-- | src/lib/libssl/s3_clnt.c | 29 |
1 files changed, 0 insertions, 29 deletions
diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c index bda14069c1..66a7ec0d38 100644 --- a/src/lib/libssl/s3_clnt.c +++ b/src/lib/libssl/s3_clnt.c | |||
| @@ -316,12 +316,10 @@ ssl3_connect(SSL *s) | |||
| 316 | 316 | ||
| 317 | if (s->hit) { | 317 | if (s->hit) { |
| 318 | s->state = SSL3_ST_CR_FINISHED_A; | 318 | s->state = SSL3_ST_CR_FINISHED_A; |
| 319 | #ifndef OPENSSL_NO_TLSEXT | ||
| 320 | if (s->tlsext_ticket_expected) { | 319 | if (s->tlsext_ticket_expected) { |
| 321 | /* receive renewed session ticket */ | 320 | /* receive renewed session ticket */ |
| 322 | s->state = SSL3_ST_CR_SESSION_TICKET_A; | 321 | s->state = SSL3_ST_CR_SESSION_TICKET_A; |
| 323 | } | 322 | } |
| 324 | #endif | ||
| 325 | } else | 323 | } else |
| 326 | s->state = SSL3_ST_CR_CERT_A; | 324 | s->state = SSL3_ST_CR_CERT_A; |
| 327 | s->init_num = 0; | 325 | s->init_num = 0; |
| @@ -329,7 +327,6 @@ ssl3_connect(SSL *s) | |||
| 329 | 327 | ||
| 330 | case SSL3_ST_CR_CERT_A: | 328 | case SSL3_ST_CR_CERT_A: |
| 331 | case SSL3_ST_CR_CERT_B: | 329 | case SSL3_ST_CR_CERT_B: |
| 332 | #ifndef OPENSSL_NO_TLSEXT | ||
| 333 | ret = ssl3_check_finished(s); | 330 | ret = ssl3_check_finished(s); |
| 334 | if (ret <= 0) | 331 | if (ret <= 0) |
| 335 | goto end; | 332 | goto end; |
| @@ -342,7 +339,6 @@ ssl3_connect(SSL *s) | |||
| 342 | s->init_num = 0; | 339 | s->init_num = 0; |
| 343 | break; | 340 | break; |
| 344 | } | 341 | } |
| 345 | #endif | ||
| 346 | /* Check if it is anon DH/ECDH or PSK */ | 342 | /* Check if it is anon DH/ECDH or PSK */ |
| 347 | if (!(s->s3->tmp.new_cipher->algorithm_auth & | 343 | if (!(s->s3->tmp.new_cipher->algorithm_auth & |
| 348 | SSL_aNULL) && | 344 | SSL_aNULL) && |
| @@ -351,7 +347,6 @@ ssl3_connect(SSL *s) | |||
| 351 | ret = ssl3_get_server_certificate(s); | 347 | ret = ssl3_get_server_certificate(s); |
| 352 | if (ret <= 0) | 348 | if (ret <= 0) |
| 353 | goto end; | 349 | goto end; |
| 354 | #ifndef OPENSSL_NO_TLSEXT | ||
| 355 | if (s->tlsext_status_expected) | 350 | if (s->tlsext_status_expected) |
| 356 | s->state = SSL3_ST_CR_CERT_STATUS_A; | 351 | s->state = SSL3_ST_CR_CERT_STATUS_A; |
| 357 | else | 352 | else |
| @@ -360,12 +355,6 @@ ssl3_connect(SSL *s) | |||
| 360 | skip = 1; | 355 | skip = 1; |
| 361 | s->state = SSL3_ST_CR_KEY_EXCH_A; | 356 | s->state = SSL3_ST_CR_KEY_EXCH_A; |
| 362 | } | 357 | } |
| 363 | #else | ||
| 364 | } else | ||
| 365 | skip = 1; | ||
| 366 | |||
| 367 | s->state = SSL3_ST_CR_KEY_EXCH_A; | ||
| 368 | #endif | ||
| 369 | s->init_num = 0; | 358 | s->init_num = 0; |
| 370 | break; | 359 | break; |
| 371 | 360 | ||
| @@ -536,20 +525,17 @@ ssl3_connect(SSL *s) | |||
| 536 | s->s3->delay_buf_pop_ret = 0; | 525 | s->s3->delay_buf_pop_ret = 0; |
| 537 | } | 526 | } |
| 538 | } else { | 527 | } else { |
| 539 | #ifndef OPENSSL_NO_TLSEXT | ||
| 540 | /* Allow NewSessionTicket if ticket expected */ | 528 | /* Allow NewSessionTicket if ticket expected */ |
| 541 | if (s->tlsext_ticket_expected) | 529 | if (s->tlsext_ticket_expected) |
| 542 | s->s3->tmp.next_state = | 530 | s->s3->tmp.next_state = |
| 543 | SSL3_ST_CR_SESSION_TICKET_A; | 531 | SSL3_ST_CR_SESSION_TICKET_A; |
| 544 | else | 532 | else |
| 545 | #endif | ||
| 546 | 533 | ||
| 547 | s->s3->tmp.next_state = SSL3_ST_CR_FINISHED_A; | 534 | s->s3->tmp.next_state = SSL3_ST_CR_FINISHED_A; |
| 548 | } | 535 | } |
| 549 | s->init_num = 0; | 536 | s->init_num = 0; |
| 550 | break; | 537 | break; |
| 551 | 538 | ||
| 552 | #ifndef OPENSSL_NO_TLSEXT | ||
| 553 | case SSL3_ST_CR_SESSION_TICKET_A: | 539 | case SSL3_ST_CR_SESSION_TICKET_A: |
| 554 | case SSL3_ST_CR_SESSION_TICKET_B: | 540 | case SSL3_ST_CR_SESSION_TICKET_B: |
| 555 | ret = ssl3_get_new_session_ticket(s); | 541 | ret = ssl3_get_new_session_ticket(s); |
| @@ -567,7 +553,6 @@ ssl3_connect(SSL *s) | |||
| 567 | s->state = SSL3_ST_CR_KEY_EXCH_A; | 553 | s->state = SSL3_ST_CR_KEY_EXCH_A; |
| 568 | s->init_num = 0; | 554 | s->init_num = 0; |
| 569 | break; | 555 | break; |
| 570 | #endif | ||
| 571 | 556 | ||
| 572 | case SSL3_ST_CR_FINISHED_A: | 557 | case SSL3_ST_CR_FINISHED_A: |
| 573 | case SSL3_ST_CR_FINISHED_B: | 558 | case SSL3_ST_CR_FINISHED_B: |
| @@ -681,11 +666,7 @@ ssl3_client_hello(SSL *s) | |||
| 681 | SSL_SESSION *sess = s->session; | 666 | SSL_SESSION *sess = s->session; |
| 682 | if ((sess == NULL) || | 667 | if ((sess == NULL) || |
| 683 | (sess->ssl_version != s->version) || | 668 | (sess->ssl_version != s->version) || |
| 684 | #ifdef OPENSSL_NO_TLSEXT | ||
| 685 | !sess->session_id_length || | ||
| 686 | #else | ||
| 687 | (!sess->session_id_length && !sess->tlsext_tick) || | 669 | (!sess->session_id_length && !sess->tlsext_tick) || |
| 688 | #endif | ||
| 689 | (sess->not_resumable)) { | 670 | (sess->not_resumable)) { |
| 690 | if (!ssl_get_new_session(s, 0)) | 671 | if (!ssl_get_new_session(s, 0)) |
| 691 | goto err; | 672 | goto err; |
| @@ -791,7 +772,6 @@ ssl3_client_hello(SSL *s) | |||
| 791 | #endif | 772 | #endif |
| 792 | *(p++) = 0; /* Add the NULL method */ | 773 | *(p++) = 0; /* Add the NULL method */ |
| 793 | 774 | ||
| 794 | #ifndef OPENSSL_NO_TLSEXT | ||
| 795 | /* TLS extensions*/ | 775 | /* TLS extensions*/ |
| 796 | if (ssl_prepare_clienthello_tlsext(s) <= 0) { | 776 | if (ssl_prepare_clienthello_tlsext(s) <= 0) { |
| 797 | SSLerr(SSL_F_SSL3_CLIENT_HELLO, | 777 | SSLerr(SSL_F_SSL3_CLIENT_HELLO, |
| @@ -804,7 +784,6 @@ ssl3_client_hello(SSL *s) | |||
| 804 | ERR_R_INTERNAL_ERROR); | 784 | ERR_R_INTERNAL_ERROR); |
| 805 | goto err; | 785 | goto err; |
| 806 | } | 786 | } |
| 807 | #endif | ||
| 808 | 787 | ||
| 809 | l = (p - d); | 788 | l = (p - d); |
| 810 | d = buf; | 789 | d = buf; |
| @@ -892,7 +871,6 @@ ssl3_get_server_hello(SSL *s) | |||
| 892 | goto f_err; | 871 | goto f_err; |
| 893 | } | 872 | } |
| 894 | 873 | ||
| 895 | #ifndef OPENSSL_NO_TLSEXT | ||
| 896 | /* | 874 | /* |
| 897 | * Check if we want to resume the session based on external | 875 | * Check if we want to resume the session based on external |
| 898 | * pre-shared secret | 876 | * pre-shared secret |
| @@ -907,7 +885,6 @@ ssl3_get_server_hello(SSL *s) | |||
| 907 | pref_cipher : ssl_get_cipher_by_char(s, p + j); | 885 | pref_cipher : ssl_get_cipher_by_char(s, p + j); |
| 908 | } | 886 | } |
| 909 | } | 887 | } |
| 910 | #endif /* OPENSSL_NO_TLSEXT */ | ||
| 911 | 888 | ||
| 912 | if (j != 0 && j == s->session->session_id_length && | 889 | if (j != 0 && j == s->session->session_id_length && |
| 913 | memcmp(p, s->session->session_id, j) == 0) { | 890 | memcmp(p, s->session->session_id, j) == 0) { |
| @@ -1033,7 +1010,6 @@ ssl3_get_server_hello(SSL *s) | |||
| 1033 | } | 1010 | } |
| 1034 | #endif | 1011 | #endif |
| 1035 | 1012 | ||
| 1036 | #ifndef OPENSSL_NO_TLSEXT | ||
| 1037 | /* TLS extensions*/ | 1013 | /* TLS extensions*/ |
| 1038 | if (s->version >= SSL3_VERSION) { | 1014 | if (s->version >= SSL3_VERSION) { |
| 1039 | if (!ssl_parse_serverhello_tlsext(s, &p, d, n, &al)) { | 1015 | if (!ssl_parse_serverhello_tlsext(s, &p, d, n, &al)) { |
| @@ -1049,7 +1025,6 @@ ssl3_get_server_hello(SSL *s) | |||
| 1049 | goto err; | 1025 | goto err; |
| 1050 | } | 1026 | } |
| 1051 | } | 1027 | } |
| 1052 | #endif | ||
| 1053 | 1028 | ||
| 1054 | if (p != (d + n)) { | 1029 | if (p != (d + n)) { |
| 1055 | /* wrong packet length */ | 1030 | /* wrong packet length */ |
| @@ -1876,7 +1851,6 @@ ca_dn_cmp(const X509_NAME * const *a, const X509_NAME * const *b) | |||
| 1876 | return (X509_NAME_cmp(*a, *b)); | 1851 | return (X509_NAME_cmp(*a, *b)); |
| 1877 | } | 1852 | } |
| 1878 | 1853 | ||
| 1879 | #ifndef OPENSSL_NO_TLSEXT | ||
| 1880 | int | 1854 | int |
| 1881 | ssl3_get_new_session_ticket(SSL *s) | 1855 | ssl3_get_new_session_ticket(SSL *s) |
| 1882 | { | 1856 | { |
| @@ -2018,7 +1992,6 @@ f_err: | |||
| 2018 | ssl3_send_alert(s, SSL3_AL_FATAL, al); | 1992 | ssl3_send_alert(s, SSL3_AL_FATAL, al); |
| 2019 | return (-1); | 1993 | return (-1); |
| 2020 | } | 1994 | } |
| 2021 | #endif | ||
| 2022 | 1995 | ||
| 2023 | int | 1996 | int |
| 2024 | ssl3_get_server_done(SSL *s) | 1997 | ssl3_get_server_done(SSL *s) |
| @@ -2930,7 +2903,6 @@ ssl3_send_next_proto(SSL *s) | |||
| 2930 | * session tickets we have to check the next message to be sure. | 2903 | * session tickets we have to check the next message to be sure. |
| 2931 | */ | 2904 | */ |
| 2932 | 2905 | ||
| 2933 | #ifndef OPENSSL_NO_TLSEXT | ||
| 2934 | int | 2906 | int |
| 2935 | ssl3_check_finished(SSL *s) | 2907 | ssl3_check_finished(SSL *s) |
| 2936 | { | 2908 | { |
| @@ -2953,7 +2925,6 @@ ssl3_check_finished(SSL *s) | |||
| 2953 | 2925 | ||
| 2954 | return (1); | 2926 | return (1); |
| 2955 | } | 2927 | } |
| 2956 | #endif | ||
| 2957 | 2928 | ||
| 2958 | int | 2929 | int |
| 2959 | ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey) | 2930 | ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey) |