generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix compilation with no-nextprotoneg.

Browse Source 
PR#3106
This commit is contained in:
Piotr Sikora 2013-11-13 15:40:01 -08:00 committed by Dr. Stephen Henson
parent ff0bdbed85
commit edc687ba0f
8 changed files with 19 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
apps/apps.c
View File

@ -2890,7 +2890,7 @@ void jpake_server_auth(BIO *out, BIO *conn, const char *secret)
#endif #endif
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) #ifndef OPENSSL_NO_TLSEXT
/* next_protos_parse parses a comma separated list of strings into a string /* next_protos_parse parses a comma separated list of strings into a string
* in a format suitable for passing to SSL_CTX_set_next_protos_advertised. * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
* outlen: (output) set to the length of the resulting buffer on success. * outlen: (output) set to the length of the resulting buffer on success.
@ -2932,7 +2932,7 @@ unsigned char *next_protos_parse(unsigned short *outlen, const char *in)
*outlen = len + 1; *outlen = len + 1;
return out; return out;
} }
#endif /* !OPENSSL_NO_TLSEXT && !OPENSSL_NO_NEXTPROTONEG */ #endif /* ndef OPENSSL_NO_TLSEXT */
void print_cert_checks(BIO *bio, X509 *x, void print_cert_checks(BIO *bio, X509 *x,
const unsigned char *checkhost, const unsigned char *checkhost,

4
apps/apps.h
View File

@ -337,9 +337,9 @@ void jpake_client_auth(BIO *out, BIO *conn, const char *secret);
void jpake_server_auth(BIO *out, BIO *conn, const char *secret); void jpake_server_auth(BIO *out, BIO *conn, const char *secret);
#endif #endif
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) #ifndef OPENSSL_NO_TLSEXT
unsigned char *next_protos_parse(unsigned short *outlen, const char *in); unsigned char *next_protos_parse(unsigned short *outlen, const char *in);
#endif /* !OPENSSL_NO_TLSEXT && !OPENSSL_NO_NEXTPROTONEG */ #endif /* ndef OPENSSL_NO_TLSEXT */
void print_cert_checks(BIO *bio, X509 *x, void print_cert_checks(BIO *bio, X509 *x,
const unsigned char *checkhost, const unsigned char *checkhost,

8
apps/s_client.c
View File

@ -368,8 +368,8 @@ static void sc_usage(void)
BIO_printf(bio_err," -proof_debug - request an audit proof and print its hex dump\n"); BIO_printf(bio_err," -proof_debug - request an audit proof and print its hex dump\n");
# ifndef OPENSSL_NO_NEXTPROTONEG # ifndef OPENSSL_NO_NEXTPROTONEG
BIO_printf(bio_err," -nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)\n"); BIO_printf(bio_err," -nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)\n");
BIO_printf(bio_err," -alpn arg - enable ALPN extension, considering named protocols supported (comma-separated list)\n");
# endif # endif
BIO_printf(bio_err," -alpn arg - enable ALPN extension, considering named protocols supported (comma-separated list)\n");
#ifndef OPENSSL_NO_TLSEXT #ifndef OPENSSL_NO_TLSEXT
BIO_printf(bio_err," -serverinfo types - send empty ClientHello extensions (comma-separated numbers)\n"); BIO_printf(bio_err," -serverinfo types - send empty ClientHello extensions (comma-separated numbers)\n");
#endif #endif
@ -642,8 +642,8 @@ int MAIN(int argc, char **argv)
{NULL,0}; {NULL,0};
# ifndef OPENSSL_NO_NEXTPROTONEG # ifndef OPENSSL_NO_NEXTPROTONEG
const char *next_proto_neg_in = NULL; const char *next_proto_neg_in = NULL;
const char *alpn_in = NULL;
# endif # endif
const char *alpn_in = NULL;
# define MAX_SI_TYPES 100 # define MAX_SI_TYPES 100
unsigned short serverinfo_types[MAX_SI_TYPES]; unsigned short serverinfo_types[MAX_SI_TYPES];
int serverinfo_types_count = 0; int serverinfo_types_count = 0;
@ -1001,12 +1001,12 @@ static char *jpake_secret = NULL;
if (--argc < 1) goto bad; if (--argc < 1) goto bad;
next_proto_neg_in = *(++argv); next_proto_neg_in = *(++argv);
} }
# endif
else if (strcmp(*argv,"-alpn") == 0) else if (strcmp(*argv,"-alpn") == 0)
{ {
if (--argc < 1) goto bad; if (--argc < 1) goto bad;
alpn_in = *(++argv); alpn_in = *(++argv);
} }
# endif
else if (strcmp(*argv,"-serverinfo") == 0) else if (strcmp(*argv,"-serverinfo") == 0)
{ {
char *c; char *c;
@ -2305,6 +2305,7 @@ static void print_stuff(BIO *bio, SSL *s, int full)
BIO_write(bio, proto, proto_len); BIO_write(bio, proto, proto_len);
BIO_write(bio, "\n", 1); BIO_write(bio, "\n", 1);
} }
# endif
{ {
const unsigned char *proto; const unsigned char *proto;
unsigned int proto_len; unsigned int proto_len;
@ -2318,7 +2319,6 @@ static void print_stuff(BIO *bio, SSL *s, int full)
else else
BIO_printf(bio, "No ALPN negotiated\n"); BIO_printf(bio, "No ALPN negotiated\n");
} }
# endif
#endif #endif
{ {

6
apps/s_server.c
View File

@ -1025,10 +1025,10 @@ int MAIN(int argc, char *argv[])
# ifndef OPENSSL_NO_NEXTPROTONEG # ifndef OPENSSL_NO_NEXTPROTONEG
const char *next_proto_neg_in = NULL; const char *next_proto_neg_in = NULL;
tlsextnextprotoctx next_proto = { NULL, 0}; tlsextnextprotoctx next_proto = { NULL, 0};
# endif
const char *alpn_in = NULL; const char *alpn_in = NULL;
tlsextalpnctx alpn_ctx = { NULL, 0}; tlsextalpnctx alpn_ctx = { NULL, 0};
#endif #endif
#endif
#ifndef OPENSSL_NO_PSK #ifndef OPENSSL_NO_PSK
/* by default do not send a PSK identity hint */ /* by default do not send a PSK identity hint */
static char *psk_identity_hint=NULL; static char *psk_identity_hint=NULL;
@ -1477,13 +1477,13 @@ int MAIN(int argc, char *argv[])
if (--argc < 1) goto bad; if (--argc < 1) goto bad;
next_proto_neg_in = *(++argv); next_proto_neg_in = *(++argv);
} }
# endif
else if (strcmp(*argv,"-alpn") == 0) else if (strcmp(*argv,"-alpn") == 0)
{ {
if (--argc < 1) goto bad; if (--argc < 1) goto bad;
alpn_in = *(++argv); alpn_in = *(++argv);
} }
#endif #endif
#endif
#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK) #if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
else if (strcmp(*argv,"-jpake") == 0) else if (strcmp(*argv,"-jpake") == 0)
{ {
@ -2101,8 +2101,10 @@ end:
BIO_free(authz_in); BIO_free(authz_in);
if (serverinfo_in != NULL) if (serverinfo_in != NULL)
BIO_free(serverinfo_in); BIO_free(serverinfo_in);
# ifndef OPENSSL_NO_NEXTPROTONEG
if (next_proto.data) if (next_proto.data)
OPENSSL_free(next_proto.data); OPENSSL_free(next_proto.data);
# endif
if (alpn_ctx.data) if (alpn_ctx.data)
OPENSSL_free(alpn_ctx.data); OPENSSL_free(alpn_ctx.data);
#endif #endif

6
ssl/ssl.h
View File

@ -1223,17 +1223,17 @@ void SSL_CTX_set_next_proto_select_cb(SSL_CTX *s,
const unsigned char *in, const unsigned char *in,
unsigned int inlen, void *arg), unsigned int inlen, void *arg),
void *arg); void *arg);
void SSL_get0_next_proto_negotiated(const SSL *s,
const unsigned char **data, unsigned *len);
#endif
int SSL_select_next_proto(unsigned char **out, unsigned char *outlen, int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
const unsigned char *in, unsigned int inlen, const unsigned char *in, unsigned int inlen,
const unsigned char *client, unsigned int client_len); const unsigned char *client, unsigned int client_len);
void SSL_get0_next_proto_negotiated(const SSL *s,
const unsigned char **data, unsigned *len);
#define OPENSSL_NPN_UNSUPPORTED 0 #define OPENSSL_NPN_UNSUPPORTED 0
#define OPENSSL_NPN_NEGOTIATED 1 #define OPENSSL_NPN_NEGOTIATED 1
#define OPENSSL_NPN_NO_OVERLAP 2 #define OPENSSL_NPN_NO_OVERLAP 2
#endif
int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char* protos, int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char* protos,
unsigned protos_len); unsigned protos_len);

2
ssl/ssl_lib.c
View File

@ -1608,7 +1608,6 @@ int SSL_get_servername_type(const SSL *s)
return -1; return -1;
} }
# ifndef OPENSSL_NO_NEXTPROTONEG
/* SSL_select_next_proto implements the standard protocol selection. It is /* SSL_select_next_proto implements the standard protocol selection. It is
* expected that this function is called from the callback set by * expected that this function is called from the callback set by
* SSL_CTX_set_next_proto_select_cb. * SSL_CTX_set_next_proto_select_cb.
@ -1675,6 +1674,7 @@ int SSL_select_next_proto(unsigned char **out, unsigned char *outlen, const unsi
return status; return status;
} }
# ifndef OPENSSL_NO_NEXTPROTONEG
/* SSL_get0_next_proto_negotiated sets *data and *len to point to the client's /* SSL_get0_next_proto_negotiated sets *data and *len to point to the client's
* requested protocol for this connection and returns 0. If the client didn't * requested protocol for this connection and returns 0. If the client didn't
* request any protocol, then *data is set to NULL. * request any protocol, then *data is set to NULL.

2
ssl/t1_lib.c
View File

@ -2503,8 +2503,10 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char
{ {
if (tls1_alpn_handle_client_hello(s, data, size, al) != 0) if (tls1_alpn_handle_client_hello(s, data, size, al) != 0)
return 0; return 0;
#ifndef OPENSSL_NO_NEXTPROTONEG
/* ALPN takes precedence over NPN. */ /* ALPN takes precedence over NPN. */
s->s3->next_proto_neg_seen = 0; s->s3->next_proto_neg_seen = 0;
#endif
} }
/* session ticket processed earlier */ /* session ticket processed earlier */

2
util/ssleay.num
View File

@ -315,7 +315,7 @@ SSL_CTX_set_next_protos_adv_cb 355 EXIST:VMS:FUNCTION:NEXTPROTONEG
SSL_get0_next_proto_negotiated 356 EXIST::FUNCTION:NEXTPROTONEG SSL_get0_next_proto_negotiated 356 EXIST::FUNCTION:NEXTPROTONEG
SSL_get_selected_srtp_profile 357 EXIST::FUNCTION: SSL_get_selected_srtp_profile 357 EXIST::FUNCTION:
SSL_CTX_set_tlsext_use_srtp 358 EXIST::FUNCTION: SSL_CTX_set_tlsext_use_srtp 358 EXIST::FUNCTION:
SSL_select_next_proto 359 EXIST::FUNCTION:NEXTPROTONEG SSL_select_next_proto 359 EXIST::FUNCTION:TLSEXT
SSL_get_srtp_profiles 360 EXIST::FUNCTION: SSL_get_srtp_profiles 360 EXIST::FUNCTION:
SSL_CTX_set_next_proto_select_cb 361 EXIST:!VMS:FUNCTION:NEXTPROTONEG SSL_CTX_set_next_proto_select_cb 361 EXIST:!VMS:FUNCTION:NEXTPROTONEG
SSL_CTX_set_next_proto_sel_cb 361 EXIST:VMS:FUNCTION:NEXTPROTONEG SSL_CTX_set_next_proto_sel_cb 361 EXIST:VMS:FUNCTION:NEXTPROTONEG