[openssl-commits] [openssl] master update

Rich Salz rsalz at openssl.org
Tue Jan 27 20:14:55 UTC 2015


The branch master has been updated
       via  daa48704cc04c61cf8f3e74759a7a3139b6aff01 (commit)
      from  474e469bbd056aebcf7e7d3207ef820f2faed4ce (commit)


- Log -----------------------------------------------------------------
commit daa48704cc04c61cf8f3e74759a7a3139b6aff01
Author: Rich Salz <rsalz at openssl.org>
Date:   Tue Jan 27 15:14:12 2015 -0500

    OPENSSL_NO_XXX cleanup: NO_TLS, NO_TLS1
    
    TLS and TLS1 are no longer optional.
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 apps/ciphers.c  |    2 --
 apps/s_client.c |    2 --
 apps/s_server.c |    2 --
 ssl/d1_pkt.c    |    2 --
 ssl/s23_meth.c  |    2 --
 ssl/s3_pkt.c    |    2 --
 ssl/ssltest.c   |    8 --------
 7 files changed, 20 deletions(-)

diff --git a/apps/ciphers.c b/apps/ciphers.c
index f36db20..803b021 100644
--- a/apps/ciphers.c
+++ b/apps/ciphers.c
@@ -129,10 +129,8 @@ int MAIN(int argc, char **argv)
         else if (strcmp(*argv, "-ssl3") == 0)
             meth = SSLv3_client_method();
 #endif
-#ifndef OPENSSL_NO_TLS1
         else if (strcmp(*argv, "-tls1") == 0)
             meth = TLSv1_client_method();
-#endif
         else if ((strncmp(*argv, "-h", 2) == 0) || (strcmp(*argv, "-?") == 0)) {
             badops = 1;
             break;
diff --git a/apps/s_client.c b/apps/s_client.c
index 0c4e6bd..512c258 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -931,14 +931,12 @@ int MAIN(int argc, char **argv)
         else if (strcmp(*argv, "-ssl3") == 0)
             meth = SSLv3_client_method();
 #endif
-#ifndef OPENSSL_NO_TLS1
         else if (strcmp(*argv, "-tls1_2") == 0)
             meth = TLSv1_2_client_method();
         else if (strcmp(*argv, "-tls1_1") == 0)
             meth = TLSv1_1_client_method();
         else if (strcmp(*argv, "-tls1") == 0)
             meth = TLSv1_client_method();
-#endif
 #ifndef OPENSSL_NO_DTLS1
         else if (strcmp(*argv, "-dtls") == 0) {
             meth = DTLS_client_method();
diff --git a/apps/s_server.c b/apps/s_server.c
index e07df85..48ac6b3 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -1404,7 +1404,6 @@ int MAIN(int argc, char *argv[])
             meth = SSLv3_server_method();
         }
 #endif
-#ifndef OPENSSL_NO_TLS1
         else if (strcmp(*argv, "-tls1") == 0) {
             meth = TLSv1_server_method();
         } else if (strcmp(*argv, "-tls1_1") == 0) {
@@ -1412,7 +1411,6 @@ int MAIN(int argc, char *argv[])
         } else if (strcmp(*argv, "-tls1_2") == 0) {
             meth = TLSv1_2_server_method();
         }
-#endif
 #ifndef OPENSSL_NO_DTLS1
         else if (strcmp(*argv, "-dtls") == 0) {
             meth = DTLS_server_method();
diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c
index 598002b..331a50f 100644
--- a/ssl/d1_pkt.c
+++ b/ssl/d1_pkt.c
@@ -1343,13 +1343,11 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
 
     switch (rr->type) {
     default:
-#ifndef OPENSSL_NO_TLS
         /* TLS just ignores unknown message types */
         if (s->version == TLS1_VERSION) {
             rr->length = 0;
             goto start;
         }
-#endif
         al = SSL_AD_UNEXPECTED_MESSAGE;
         SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_UNEXPECTED_RECORD);
         goto f_err;
diff --git a/ssl/s23_meth.c b/ssl/s23_meth.c
index 05fb4f9..757c5a9 100644
--- a/ssl/s23_meth.c
+++ b/ssl/s23_meth.c
@@ -68,7 +68,6 @@ static const SSL_METHOD *ssl23_get_method(int ver)
         return (SSLv3_method());
     else
 #endif
-#ifndef OPENSSL_NO_TLS1
     if (ver == TLS1_VERSION)
         return (TLSv1_method());
     else if (ver == TLS1_1_VERSION)
@@ -76,7 +75,6 @@ static const SSL_METHOD *ssl23_get_method(int ver)
     else if (ver == TLS1_2_VERSION)
         return (TLSv1_2_method());
     else
-#endif
         return (NULL);
 }
 
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index 07adf0f..a8fd16c 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -1649,7 +1649,6 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
 
     switch (rr->type) {
     default:
-#ifndef OPENSSL_NO_TLS
         /*
          * TLS up to v1.1 just ignores unknown message types: TLS v1.2 give
          * an unexpected message alert.
@@ -1658,7 +1657,6 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
             rr->length = 0;
             goto start;
         }
-#endif
         al = SSL_AD_UNEXPECTED_MESSAGE;
         SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_UNEXPECTED_RECORD);
         goto f_err;
diff --git a/ssl/ssltest.c b/ssl/ssltest.c
index a49fd86..0b4df3e 100644
--- a/ssl/ssltest.c
+++ b/ssl/ssltest.c
@@ -791,9 +791,7 @@ static void sv_usage(void)
 #ifndef OPENSSL_NO_SSL3_METHOD
     fprintf(stderr, " -ssl3         - use SSLv3\n");
 #endif
-#ifndef OPENSSL_NO_TLS1
     fprintf(stderr, " -tls1         - use TLSv1\n");
-#endif
     fprintf(stderr, " -CApath arg   - PEM format directory of CA's\n");
     fprintf(stderr, " -CAfile arg   - PEM format file of CA's\n");
     fprintf(stderr, " -cert arg     - Server certificate file\n");
@@ -1160,9 +1158,7 @@ int main(int argc, char *argv[])
         }
 #endif
         else if (strcmp(*argv, "-tls1") == 0) {
-#ifdef OPENSSL_NO_TLS1
             no_protocol = 1;
-#endif
             tls1 = 1;
         } else if (strcmp(*argv, "-ssl3") == 0) {
 #ifdef OPENSSL_NO_SSL3_METHOD
@@ -1436,11 +1432,9 @@ int main(int argc, char *argv[])
         meth = SSLv3_method();
     else
 #endif
-#ifndef OPENSSL_NO_TLS1
     if (tls1)
         meth = TLSv1_method();
     else
-#endif
         meth = SSLv23_method();
 
     c_ctx = SSL_CTX_new(meth);
@@ -3204,7 +3198,6 @@ static int do_test_cipherlist(void)
     }
     fprintf(stderr, "ok\n");
 #endif
-#ifndef OPENSSL_NO_TLS1
     fprintf(stderr, "testing TLSv1 cipher list order: ");
     meth = TLSv1_method();
     tci = NULL;
@@ -3217,7 +3210,6 @@ static int do_test_cipherlist(void)
         tci = ci;
     }
     fprintf(stderr, "ok\n");
-#endif
 
     return 1;
 }


More information about the openssl-commits mailing list