Fix compilation with no-nextprotoneg.
PR#3106
This commit is contained in:
Piotr Sikora
Dr. Stephen Henson
parent
ff0bdbed85
commit
edc687ba0f
@ -2890,7 +2890,7 @@ void jpake_server_auth(BIO *out, BIO *conn, const char *secret)
|
||||
|
||||
#endif
|
||||
|
||||
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
|
||||
#ifndef OPENSSL_NO_TLSEXT
|
||||
/* next_protos_parse parses a comma separated list of strings into a string
|
||||
* in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
|
||||
* outlen: (output) set to the length of the resulting buffer on success.
|
||||
@ -2932,7 +2932,7 @@ unsigned char *next_protos_parse(unsigned short *outlen, const char *in)
|
||||
*outlen = len + 1;
|
||||
return out;
|
||||
}
|
||||
#endif /* !OPENSSL_NO_TLSEXT && !OPENSSL_NO_NEXTPROTONEG */
|
||||
#endif /* ndef OPENSSL_NO_TLSEXT */
|
||||
|
||||
void print_cert_checks(BIO *bio, X509 *x,
|
||||
const unsigned char *checkhost,
|
||||
|
||||
@ -337,9 +337,9 @@ void jpake_client_auth(BIO *out, BIO *conn, const char *secret);
|
||||
void jpake_server_auth(BIO *out, BIO *conn, const char *secret);
|
||||
#endif
|
||||
|
||||
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
|
||||
#ifndef OPENSSL_NO_TLSEXT
|
||||
unsigned char *next_protos_parse(unsigned short *outlen, const char *in);
|
||||
#endif /* !OPENSSL_NO_TLSEXT && !OPENSSL_NO_NEXTPROTONEG */
|
||||
#endif /* ndef OPENSSL_NO_TLSEXT */
|
||||
|
||||
void print_cert_checks(BIO *bio, X509 *x,
|
||||
const unsigned char *checkhost,
|
||||
|
||||
@ -368,8 +368,8 @@ static void sc_usage(void)
|
||||
BIO_printf(bio_err," -proof_debug - request an audit proof and print its hex dump\n");
|
||||
# ifndef OPENSSL_NO_NEXTPROTONEG
|
||||
BIO_printf(bio_err," -nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)\n");
|
||||
BIO_printf(bio_err," -alpn arg - enable ALPN extension, considering named protocols supported (comma-separated list)\n");
|
||||
# endif
|
||||
BIO_printf(bio_err," -alpn arg - enable ALPN extension, considering named protocols supported (comma-separated list)\n");
|
||||
#ifndef OPENSSL_NO_TLSEXT
|
||||
BIO_printf(bio_err," -serverinfo types - send empty ClientHello extensions (comma-separated numbers)\n");
|
||||
#endif
|
||||
@ -642,8 +642,8 @@ int MAIN(int argc, char **argv)
|
||||
{NULL,0};
|
||||
# ifndef OPENSSL_NO_NEXTPROTONEG
|
||||
const char *next_proto_neg_in = NULL;
|
||||
const char *alpn_in = NULL;
|
||||
# endif
|
||||
const char *alpn_in = NULL;
|
||||
# define MAX_SI_TYPES 100
|
||||
unsigned short serverinfo_types[MAX_SI_TYPES];
|
||||
int serverinfo_types_count = 0;
|
||||
@ -1001,12 +1001,12 @@ static char *jpake_secret = NULL;
|
||||
if (--argc < 1) goto bad;
|
||||
next_proto_neg_in = *(++argv);
|
||||
}
|
||||
# endif
|
||||
else if (strcmp(*argv,"-alpn") == 0)
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
alpn_in = *(++argv);
|
||||
}
|
||||
# endif
|
||||
else if (strcmp(*argv,"-serverinfo") == 0)
|
||||
{
|
||||
char *c;
|
||||
@ -2305,6 +2305,7 @@ static void print_stuff(BIO *bio, SSL *s, int full)
|
||||
BIO_write(bio, proto, proto_len);
|
||||
BIO_write(bio, "\n", 1);
|
||||
}
|
||||
# endif
|
||||
{
|
||||
const unsigned char *proto;
|
||||
unsigned int proto_len;
|
||||
@ -2318,7 +2319,6 @@ static void print_stuff(BIO *bio, SSL *s, int full)
|
||||
else
|
||||
BIO_printf(bio, "No ALPN negotiated\n");
|
||||
}
|
||||
# endif
|
||||
#endif
|
||||
|
||||
{
|
||||
|
||||
@ -1025,9 +1025,9 @@ int MAIN(int argc, char *argv[])
|
||||
# ifndef OPENSSL_NO_NEXTPROTONEG
|
||||
const char *next_proto_neg_in = NULL;
|
||||
tlsextnextprotoctx next_proto = { NULL, 0};
|
||||
# endif
|
||||
const char *alpn_in = NULL;
|
||||
tlsextalpnctx alpn_ctx = { NULL, 0};
|
||||
# endif
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_PSK
|
||||
/* by default do not send a PSK identity hint */
|
||||
@ -1477,12 +1477,12 @@ int MAIN(int argc, char *argv[])
|
||||
if (--argc < 1) goto bad;
|
||||
next_proto_neg_in = *(++argv);
|
||||
}
|
||||
# endif
|
||||
else if (strcmp(*argv,"-alpn") == 0)
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
alpn_in = *(++argv);
|
||||
}
|
||||
# endif
|
||||
#endif
|
||||
#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
|
||||
else if (strcmp(*argv,"-jpake") == 0)
|
||||
@ -2101,8 +2101,10 @@ end:
|
||||
BIO_free(authz_in);
|
||||
if (serverinfo_in != NULL)
|
||||
BIO_free(serverinfo_in);
|
||||
# ifndef OPENSSL_NO_NEXTPROTONEG
|
||||
if (next_proto.data)
|
||||
OPENSSL_free(next_proto.data);
|
||||
# endif
|
||||
if (alpn_ctx.data)
|
||||
OPENSSL_free(alpn_ctx.data);
|
||||
#endif
|
||||
|
||||
@ -1223,17 +1223,17 @@ void SSL_CTX_set_next_proto_select_cb(SSL_CTX *s,
|
||||
const unsigned char *in,
|
||||
unsigned int inlen, void *arg),
|
||||
void *arg);
|
||||
void SSL_get0_next_proto_negotiated(const SSL *s,
|
||||
const unsigned char **data, unsigned *len);
|
||||
#endif
|
||||
|
||||
int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
|
||||
const unsigned char *in, unsigned int inlen,
|
||||
const unsigned char *client, unsigned int client_len);
|
||||
void SSL_get0_next_proto_negotiated(const SSL *s,
|
||||
const unsigned char **data, unsigned *len);
|
||||
|
||||
#define OPENSSL_NPN_UNSUPPORTED 0
|
||||
#define OPENSSL_NPN_NEGOTIATED 1
|
||||
#define OPENSSL_NPN_NO_OVERLAP 2
|
||||
#endif
|
||||
|
||||
int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char* protos,
|
||||
unsigned protos_len);
|
||||
|
||||
@ -1608,7 +1608,6 @@ int SSL_get_servername_type(const SSL *s)
|
||||
return -1;
|
||||
}
|
||||
|
||||
# ifndef OPENSSL_NO_NEXTPROTONEG
|
||||
/* SSL_select_next_proto implements the standard protocol selection. It is
|
||||
* expected that this function is called from the callback set by
|
||||
* SSL_CTX_set_next_proto_select_cb.
|
||||
@ -1675,6 +1674,7 @@ int SSL_select_next_proto(unsigned char **out, unsigned char *outlen, const unsi
|
||||
return status;
|
||||
}
|
||||
|
||||
# ifndef OPENSSL_NO_NEXTPROTONEG
|
||||
/* SSL_get0_next_proto_negotiated sets *data and *len to point to the client's
|
||||
* requested protocol for this connection and returns 0. If the client didn't
|
||||
* request any protocol, then *data is set to NULL.
|
||||
|
||||
@ -2503,8 +2503,10 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char
|
||||
{
|
||||
if (tls1_alpn_handle_client_hello(s, data, size, al) != 0)
|
||||
return 0;
|
||||
#ifndef OPENSSL_NO_NEXTPROTONEG
|
||||
/* ALPN takes precedence over NPN. */
|
||||
s->s3->next_proto_neg_seen = 0;
|
||||
#endif
|
||||
}
|
||||
|
||||
/* session ticket processed earlier */
|
||||
|
||||
@ -315,7 +315,7 @@ SSL_CTX_set_next_protos_adv_cb 355 EXIST:VMS:FUNCTION:NEXTPROTONEG
|
||||
SSL_get0_next_proto_negotiated 356 EXIST::FUNCTION:NEXTPROTONEG
|
||||
SSL_get_selected_srtp_profile 357 EXIST::FUNCTION:
|
||||
SSL_CTX_set_tlsext_use_srtp 358 EXIST::FUNCTION:
|
||||
SSL_select_next_proto 359 EXIST::FUNCTION:NEXTPROTONEG
|
||||
SSL_select_next_proto 359 EXIST::FUNCTION:TLSEXT
|
||||
SSL_get_srtp_profiles 360 EXIST::FUNCTION:
|
||||
SSL_CTX_set_next_proto_select_cb 361 EXIST:!VMS:FUNCTION:NEXTPROTONEG
|
||||
SSL_CTX_set_next_proto_sel_cb 361 EXIST:VMS:FUNCTION:NEXTPROTONEG
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user