OPENSSL_NO_XXX cleanup: NO_TLS, NO_TLS1
TLS and TLS1 are no longer optional. Reviewed-by: Richard Levitte <levitte@openssl.org>
This commit is contained in:
Rich Salz
@@ -129,10 +129,8 @@ int MAIN(int argc, char **argv)
|
|||||||
else if (strcmp(*argv, "-ssl3") == 0)
|
else if (strcmp(*argv, "-ssl3") == 0)
|
||||||
meth = SSLv3_client_method();
|
meth = SSLv3_client_method();
|
||||||
#endif
|
#endif
|
||||||
#ifndef OPENSSL_NO_TLS1
|
|
||||||
else if (strcmp(*argv, "-tls1") == 0)
|
else if (strcmp(*argv, "-tls1") == 0)
|
||||||
meth = TLSv1_client_method();
|
meth = TLSv1_client_method();
|
||||||
#endif
|
|
||||||
else if ((strncmp(*argv, "-h", 2) == 0) || (strcmp(*argv, "-?") == 0)) {
|
else if ((strncmp(*argv, "-h", 2) == 0) || (strcmp(*argv, "-?") == 0)) {
|
||||||
badops = 1;
|
badops = 1;
|
||||||
break;
|
break;
|
||||||
|
|||||||
@@ -931,14 +931,12 @@ int MAIN(int argc, char **argv)
|
|||||||
else if (strcmp(*argv, "-ssl3") == 0)
|
else if (strcmp(*argv, "-ssl3") == 0)
|
||||||
meth = SSLv3_client_method();
|
meth = SSLv3_client_method();
|
||||||
#endif
|
#endif
|
||||||
#ifndef OPENSSL_NO_TLS1
|
|
||||||
else if (strcmp(*argv, "-tls1_2") == 0)
|
else if (strcmp(*argv, "-tls1_2") == 0)
|
||||||
meth = TLSv1_2_client_method();
|
meth = TLSv1_2_client_method();
|
||||||
else if (strcmp(*argv, "-tls1_1") == 0)
|
else if (strcmp(*argv, "-tls1_1") == 0)
|
||||||
meth = TLSv1_1_client_method();
|
meth = TLSv1_1_client_method();
|
||||||
else if (strcmp(*argv, "-tls1") == 0)
|
else if (strcmp(*argv, "-tls1") == 0)
|
||||||
meth = TLSv1_client_method();
|
meth = TLSv1_client_method();
|
||||||
#endif
|
|
||||||
#ifndef OPENSSL_NO_DTLS1
|
#ifndef OPENSSL_NO_DTLS1
|
||||||
else if (strcmp(*argv, "-dtls") == 0) {
|
else if (strcmp(*argv, "-dtls") == 0) {
|
||||||
meth = DTLS_client_method();
|
meth = DTLS_client_method();
|
||||||
|
|||||||
@@ -1404,7 +1404,6 @@ int MAIN(int argc, char *argv[])
|
|||||||
meth = SSLv3_server_method();
|
meth = SSLv3_server_method();
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
#ifndef OPENSSL_NO_TLS1
|
|
||||||
else if (strcmp(*argv, "-tls1") == 0) {
|
else if (strcmp(*argv, "-tls1") == 0) {
|
||||||
meth = TLSv1_server_method();
|
meth = TLSv1_server_method();
|
||||||
} else if (strcmp(*argv, "-tls1_1") == 0) {
|
} else if (strcmp(*argv, "-tls1_1") == 0) {
|
||||||
@@ -1412,7 +1411,6 @@ int MAIN(int argc, char *argv[])
|
|||||||
} else if (strcmp(*argv, "-tls1_2") == 0) {
|
} else if (strcmp(*argv, "-tls1_2") == 0) {
|
||||||
meth = TLSv1_2_server_method();
|
meth = TLSv1_2_server_method();
|
||||||
}
|
}
|
||||||
#endif
|
|
||||||
#ifndef OPENSSL_NO_DTLS1
|
#ifndef OPENSSL_NO_DTLS1
|
||||||
else if (strcmp(*argv, "-dtls") == 0) {
|
else if (strcmp(*argv, "-dtls") == 0) {
|
||||||
meth = DTLS_server_method();
|
meth = DTLS_server_method();
|
||||||
|
|||||||
@@ -1343,13 +1343,11 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
|
|||||||
|
|
||||||
switch (rr->type) {
|
switch (rr->type) {
|
||||||
default:
|
default:
|
||||||
#ifndef OPENSSL_NO_TLS
|
|
||||||
/* TLS just ignores unknown message types */
|
/* TLS just ignores unknown message types */
|
||||||
if (s->version == TLS1_VERSION) {
|
if (s->version == TLS1_VERSION) {
|
||||||
rr->length = 0;
|
rr->length = 0;
|
||||||
goto start;
|
goto start;
|
||||||
}
|
}
|
||||||
#endif
|
|
||||||
al = SSL_AD_UNEXPECTED_MESSAGE;
|
al = SSL_AD_UNEXPECTED_MESSAGE;
|
||||||
SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_UNEXPECTED_RECORD);
|
SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_UNEXPECTED_RECORD);
|
||||||
goto f_err;
|
goto f_err;
|
||||||
|
|||||||
@@ -68,7 +68,6 @@ static const SSL_METHOD *ssl23_get_method(int ver)
|
|||||||
return (SSLv3_method());
|
return (SSLv3_method());
|
||||||
else
|
else
|
||||||
#endif
|
#endif
|
||||||
#ifndef OPENSSL_NO_TLS1
|
|
||||||
if (ver == TLS1_VERSION)
|
if (ver == TLS1_VERSION)
|
||||||
return (TLSv1_method());
|
return (TLSv1_method());
|
||||||
else if (ver == TLS1_1_VERSION)
|
else if (ver == TLS1_1_VERSION)
|
||||||
@@ -76,7 +75,6 @@ static const SSL_METHOD *ssl23_get_method(int ver)
|
|||||||
else if (ver == TLS1_2_VERSION)
|
else if (ver == TLS1_2_VERSION)
|
||||||
return (TLSv1_2_method());
|
return (TLSv1_2_method());
|
||||||
else
|
else
|
||||||
#endif
|
|
||||||
return (NULL);
|
return (NULL);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -1649,7 +1649,6 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
|
|||||||
|
|
||||||
switch (rr->type) {
|
switch (rr->type) {
|
||||||
default:
|
default:
|
||||||
#ifndef OPENSSL_NO_TLS
|
|
||||||
/*
|
/*
|
||||||
* TLS up to v1.1 just ignores unknown message types: TLS v1.2 give
|
* TLS up to v1.1 just ignores unknown message types: TLS v1.2 give
|
||||||
* an unexpected message alert.
|
* an unexpected message alert.
|
||||||
@@ -1658,7 +1657,6 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
|
|||||||
rr->length = 0;
|
rr->length = 0;
|
||||||
goto start;
|
goto start;
|
||||||
}
|
}
|
||||||
#endif
|
|
||||||
al = SSL_AD_UNEXPECTED_MESSAGE;
|
al = SSL_AD_UNEXPECTED_MESSAGE;
|
||||||
SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_UNEXPECTED_RECORD);
|
SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_UNEXPECTED_RECORD);
|
||||||
goto f_err;
|
goto f_err;
|
||||||
|
|||||||
@@ -791,9 +791,7 @@ static void sv_usage(void)
|
|||||||
#ifndef OPENSSL_NO_SSL3_METHOD
|
#ifndef OPENSSL_NO_SSL3_METHOD
|
||||||
fprintf(stderr, " -ssl3 - use SSLv3\n");
|
fprintf(stderr, " -ssl3 - use SSLv3\n");
|
||||||
#endif
|
#endif
|
||||||
#ifndef OPENSSL_NO_TLS1
|
|
||||||
fprintf(stderr, " -tls1 - use TLSv1\n");
|
fprintf(stderr, " -tls1 - use TLSv1\n");
|
||||||
#endif
|
|
||||||
fprintf(stderr, " -CApath arg - PEM format directory of CA's\n");
|
fprintf(stderr, " -CApath arg - PEM format directory of CA's\n");
|
||||||
fprintf(stderr, " -CAfile arg - PEM format file of CA's\n");
|
fprintf(stderr, " -CAfile arg - PEM format file of CA's\n");
|
||||||
fprintf(stderr, " -cert arg - Server certificate file\n");
|
fprintf(stderr, " -cert arg - Server certificate file\n");
|
||||||
@@ -1160,9 +1158,7 @@ int main(int argc, char *argv[])
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
else if (strcmp(*argv, "-tls1") == 0) {
|
else if (strcmp(*argv, "-tls1") == 0) {
|
||||||
#ifdef OPENSSL_NO_TLS1
|
|
||||||
no_protocol = 1;
|
no_protocol = 1;
|
||||||
#endif
|
|
||||||
tls1 = 1;
|
tls1 = 1;
|
||||||
} else if (strcmp(*argv, "-ssl3") == 0) {
|
} else if (strcmp(*argv, "-ssl3") == 0) {
|
||||||
#ifdef OPENSSL_NO_SSL3_METHOD
|
#ifdef OPENSSL_NO_SSL3_METHOD
|
||||||
@@ -1436,11 +1432,9 @@ int main(int argc, char *argv[])
|
|||||||
meth = SSLv3_method();
|
meth = SSLv3_method();
|
||||||
else
|
else
|
||||||
#endif
|
#endif
|
||||||
#ifndef OPENSSL_NO_TLS1
|
|
||||||
if (tls1)
|
if (tls1)
|
||||||
meth = TLSv1_method();
|
meth = TLSv1_method();
|
||||||
else
|
else
|
||||||
#endif
|
|
||||||
meth = SSLv23_method();
|
meth = SSLv23_method();
|
||||||
|
|
||||||
c_ctx = SSL_CTX_new(meth);
|
c_ctx = SSL_CTX_new(meth);
|
||||||
@@ -3204,7 +3198,6 @@ static int do_test_cipherlist(void)
|
|||||||
}
|
}
|
||||||
fprintf(stderr, "ok\n");
|
fprintf(stderr, "ok\n");
|
||||||
#endif
|
#endif
|
||||||
#ifndef OPENSSL_NO_TLS1
|
|
||||||
fprintf(stderr, "testing TLSv1 cipher list order: ");
|
fprintf(stderr, "testing TLSv1 cipher list order: ");
|
||||||
meth = TLSv1_method();
|
meth = TLSv1_method();
|
||||||
tci = NULL;
|
tci = NULL;
|
||||||
@@ -3217,7 +3210,6 @@ static int do_test_cipherlist(void)
|
|||||||
tci = ci;
|
tci = ci;
|
||||||
}
|
}
|
||||||
fprintf(stderr, "ok\n");
|
fprintf(stderr, "ok\n");
|
||||||
#endif
|
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user