Fix building with no-srtp
RT3638 Reviewed-by: Emilia Käsper <emilia@openssl.org> Conflicts: ssl/t1_lib.c
This commit is contained in:
Piotr Sikora
Matt Caswell
parent
bfaf796241
commit
7b0194db42
@ -375,7 +375,9 @@ static void sc_usage(void)
|
||||
# endif
|
||||
BIO_printf(bio_err," -alpn arg - enable ALPN extension, considering named protocols supported (comma-separated list)\n");
|
||||
BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n");
|
||||
#ifndef OPENSSL_NO_SRTP
|
||||
BIO_printf(bio_err," -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n");
|
||||
#endif
|
||||
BIO_printf(bio_err," -keymatexport label - Export keying material using label\n");
|
||||
BIO_printf(bio_err," -keymatexportlen len - Export len bytes of keying material (default 20)\n");
|
||||
}
|
||||
@ -515,7 +517,9 @@ static char * MS_CALLBACK ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
|
||||
}
|
||||
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_SRTP
|
||||
char *srtp_profiles = NULL;
|
||||
#endif
|
||||
|
||||
# ifndef OPENSSL_NO_NEXTPROTONEG
|
||||
/* This the context that we pass to next_proto_cb */
|
||||
@ -1087,11 +1091,13 @@ static char *jpake_secret = NULL;
|
||||
jpake_secret = *++argv;
|
||||
}
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_SRTP
|
||||
else if (strcmp(*argv,"-use_srtp") == 0)
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
srtp_profiles = *(++argv);
|
||||
}
|
||||
#endif
|
||||
else if (strcmp(*argv,"-keymatexport") == 0)
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
@ -1313,6 +1319,8 @@ bad:
|
||||
BIO_printf(bio_c_out, "PSK key given or JPAKE in use, setting client callback\n");
|
||||
SSL_CTX_set_psk_client_callback(ctx, psk_client_cb);
|
||||
}
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_SRTP
|
||||
if (srtp_profiles != NULL)
|
||||
SSL_CTX_set_tlsext_use_srtp(ctx, srtp_profiles);
|
||||
#endif
|
||||
@ -2332,6 +2340,7 @@ static void print_stuff(BIO *bio, SSL *s, int full)
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifndef OPENSSL_NO_SRTP
|
||||
{
|
||||
SRTP_PROTECTION_PROFILE *srtp_profile=SSL_get_selected_srtp_profile(s);
|
||||
|
||||
@ -2339,6 +2348,7 @@ static void print_stuff(BIO *bio, SSL *s, int full)
|
||||
BIO_printf(bio,"SRTP Extension negotiated, profile=%s\n",
|
||||
srtp_profile->name);
|
||||
}
|
||||
#endif
|
||||
|
||||
SSL_SESSION_print(bio,SSL_get_session(s));
|
||||
if (keymatexportlabel != NULL)
|
||||
|
||||
@ -583,7 +583,9 @@ static void sv_usage(void)
|
||||
# ifndef OPENSSL_NO_NEXTPROTONEG
|
||||
BIO_printf(bio_err," -nextprotoneg arg - set the advertised protocols for the NPN extension (comma-separated list)\n");
|
||||
# endif
|
||||
# ifndef OPENSSL_NO_SRTP
|
||||
BIO_printf(bio_err," -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n");
|
||||
# endif
|
||||
BIO_printf(bio_err," -alpn arg - set the advertised protocols for the ALPN extension (comma-separated list)\n");
|
||||
#endif
|
||||
BIO_printf(bio_err," -keymatexport label - Export keying material using label\n");
|
||||
@ -997,7 +999,9 @@ static char *jpake_secret = NULL;
|
||||
#ifndef OPENSSL_NO_SRP
|
||||
static srpsrvparm srp_callback_parm;
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_SRTP
|
||||
static char *srtp_profiles = NULL;
|
||||
#endif
|
||||
|
||||
int MAIN(int argc, char *argv[])
|
||||
{
|
||||
@ -1498,11 +1502,13 @@ int MAIN(int argc, char *argv[])
|
||||
jpake_secret = *(++argv);
|
||||
}
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_SRTP
|
||||
else if (strcmp(*argv,"-use_srtp") == 0)
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
srtp_profiles = *(++argv);
|
||||
}
|
||||
#endif
|
||||
else if (strcmp(*argv,"-keymatexport") == 0)
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
@ -1780,8 +1786,10 @@ bad:
|
||||
else
|
||||
SSL_CTX_sess_set_cache_size(ctx,128);
|
||||
|
||||
#ifndef OPENSSL_NO_SRTP
|
||||
if (srtp_profiles != NULL)
|
||||
SSL_CTX_set_tlsext_use_srtp(ctx, srtp_profiles);
|
||||
#endif
|
||||
|
||||
#if 0
|
||||
if (cipher == NULL) cipher=getenv("SSL_CIPHER");
|
||||
@ -2713,6 +2721,7 @@ static int init_ssl_connection(SSL *con)
|
||||
BIO_printf(bio_s_out, "\n");
|
||||
}
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_SRTP
|
||||
{
|
||||
SRTP_PROTECTION_PROFILE *srtp_profile
|
||||
= SSL_get_selected_srtp_profile(con);
|
||||
@ -2721,6 +2730,7 @@ static int init_ssl_connection(SSL *con)
|
||||
BIO_printf(bio_s_out,"SRTP Extension negotiated, profile=%s\n",
|
||||
srtp_profile->name);
|
||||
}
|
||||
#endif
|
||||
if (SSL_cache_hit(con)) BIO_printf(bio_s_out,"Reused session-id\n");
|
||||
if (SSL_ctrl(con,SSL_CTRL_GET_FLAGS,0,NULL) &
|
||||
TLS1_FLAGS_TLS_PADDING_BUG)
|
||||
|
||||
@ -641,8 +641,10 @@ void SSL_free(SSL *s)
|
||||
OPENSSL_free(s->next_proto_negotiated);
|
||||
#endif
|
||||
|
||||
#ifndef OPENSSL_NO_SRTP
|
||||
if (s->srtp_profiles)
|
||||
sk_SRTP_PROTECTION_PROFILE_free(s->srtp_profiles);
|
||||
#endif
|
||||
|
||||
OPENSSL_free(s);
|
||||
}
|
||||
@ -2139,8 +2141,10 @@ void SSL_CTX_free(SSL_CTX *a)
|
||||
a->comp_methods = NULL;
|
||||
#endif
|
||||
|
||||
#ifndef OPENSSL_NO_SRTP
|
||||
if (a->srtp_profiles)
|
||||
sk_SRTP_PROTECTION_PROFILE_free(a->srtp_profiles);
|
||||
#endif
|
||||
|
||||
#ifndef OPENSSL_NO_PSK
|
||||
if (a->psk_identity_hint)
|
||||
|
||||
@ -1552,6 +1552,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf, unsigned c
|
||||
ret += s->alpn_client_proto_list_len;
|
||||
}
|
||||
|
||||
#ifndef OPENSSL_NO_SRTP
|
||||
if(SSL_IS_DTLS(s) && SSL_get_srtp_profiles(s))
|
||||
{
|
||||
int el;
|
||||
@ -1570,6 +1571,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf, unsigned c
|
||||
}
|
||||
ret += el;
|
||||
}
|
||||
#endif
|
||||
custom_ext_init(&s->cert->cli_ext);
|
||||
/* Add custom TLS Extensions to ClientHello */
|
||||
if (!custom_ext_add(s, 0, &ret, limit, al))
|
||||
@ -1726,6 +1728,7 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf, unsigned c
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifndef OPENSSL_NO_SRTP
|
||||
if(SSL_IS_DTLS(s) && s->srtp_profile)
|
||||
{
|
||||
int el;
|
||||
@ -1744,6 +1747,7 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf, unsigned c
|
||||
}
|
||||
ret+=el;
|
||||
}
|
||||
#endif
|
||||
|
||||
if (((s->s3->tmp.new_cipher->id & 0xFFFF)==0x80 || (s->s3->tmp.new_cipher->id & 0xFFFF)==0x81)
|
||||
&& (SSL_get_options(s) & SSL_OP_CRYPTOPRO_TLSEXT_BUG))
|
||||
@ -2484,6 +2488,7 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char
|
||||
}
|
||||
|
||||
/* session ticket processed earlier */
|
||||
#ifndef OPENSSL_NO_SRTP
|
||||
else if (SSL_IS_DTLS(s) && SSL_get_srtp_profiles(s)
|
||||
&& type == TLSEXT_TYPE_use_srtp)
|
||||
{
|
||||
@ -2491,6 +2496,7 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char
|
||||
al))
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
data+=size;
|
||||
}
|
||||
@ -2854,12 +2860,14 @@ static int ssl_scan_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char
|
||||
}
|
||||
}
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_SRTP
|
||||
else if (SSL_IS_DTLS(s) && type == TLSEXT_TYPE_use_srtp)
|
||||
{
|
||||
if(ssl_parse_serverhello_use_srtp_ext(s, data, size,
|
||||
al))
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
/* If this extension type was not otherwise handled, but
|
||||
* matches a custom_cli_ext_record, then send it to the c
|
||||
* callback */
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user