[openssl-commits] [openssl] master update

Dr. Stephen Henson steve at openssl.org
Sun Sep 20 13:17:28 UTC 2015


The branch master has been updated
       via  01a4e8764d756e50e8903d53fd4f863aa9646d5f (commit)
       via  37f3a3b3276bba468d26c968e5c676aaf57ffd82 (commit)
      from  8f463dbddd67eb86b4fdf49893132fdcc6d219bc (commit)


- Log -----------------------------------------------------------------
commit 01a4e8764d756e50e8903d53fd4f863aa9646d5f
Author: Dr. Stephen Henson <steve at openssl.org>
Date:   Sun Sep 20 12:48:29 2015 +0100

    remove unneeded includes
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>

commit 37f3a3b3276bba468d26c968e5c676aaf57ffd82
Author: Dr. Stephen Henson <steve at openssl.org>
Date:   Sat Sep 19 22:03:15 2015 +0100

    make no-dh work
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 apps/s_cb.c                |  3 ++-
 apps/s_server.c            | 14 ++++++++++++--
 crypto/bn/bn_dh.c          |  2 +-
 crypto/evp/pmeth_lib.c     |  7 -------
 test/recipes/80-test_cms.t |  4 +++-
 5 files changed, 18 insertions(+), 12 deletions(-)

diff --git a/apps/s_cb.c b/apps/s_cb.c
index 0c1dfc5..f4559fa 100644
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@@ -1381,13 +1381,14 @@ static int security_callback_debug(SSL *s, SSL_CTX *ctx,
         }
         break;
 #endif
-
+#ifndef OPENSSL_NO_DH
     case SSL_SECOP_OTHER_DH:
         {
             DH *dh = other;
             BIO_printf(sdb->out, "%d", BN_num_bits(dh->p));
             break;
         }
+#endif
     case SSL_SECOP_OTHER_CERT:
         {
             if (cert_md) {
diff --git a/apps/s_server.c b/apps/s_server.c
index 9e4a186..8e15f5b 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -973,7 +973,10 @@ int s_server_main(int argc, char *argv[])
     X509 *s_cert = NULL, *s_dcert = NULL;
     X509_VERIFY_PARAM *vpm = NULL;
     char *CApath = NULL, *CAfile = NULL, *chCApath = NULL, *chCAfile = NULL;
-    char *dhfile = NULL, *dpassarg = NULL, *dpass = NULL, *inrand = NULL;
+#ifndef OPENSSL_NO_DH
+    char *dhfile = NULL;
+#endif
+    char *dpassarg = NULL, *dpass = NULL, *inrand = NULL;
     char *passarg = NULL, *pass = NULL, *vfyCApath = NULL, *vfyCAfile = NULL;
     char *crl_file = NULL, *prog;
 #ifndef OPENSSL_NO_PSK
@@ -986,7 +989,10 @@ int s_server_main(int argc, char *argv[])
     int (*server_cb) (char *hostname, int s, int stype,
                       unsigned char *context);
     int vpmtouched = 0, build_chain = 0, no_cache = 0, ext_cache = 0;
-    int no_tmp_rsa = 0, no_dhe = 0, no_ecdhe = 0, nocert = 0, ret = 1;
+#ifndef OPENSSL_NO_DH
+    int no_dhe = 0;
+#endif
+    int no_tmp_rsa = 0, no_ecdhe = 0, nocert = 0, ret = 1;
     int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM;
     int s_dcert_format = FORMAT_PEM, s_dkey_format = FORMAT_PEM;
     int rev = 0, naccept = -1, sdebug = 0, socket_type = SOCK_STREAM;
@@ -1119,7 +1125,9 @@ int s_server_main(int argc, char *argv[])
             s_chain_file = opt_arg();
             break;
         case OPT_DHPARAM:
+#ifndef OPENSSL_NO_DH
             dhfile = opt_arg();
+#endif
             break;
         case OPT_DCERTFORM:
             if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &s_dcert_format))
@@ -1272,7 +1280,9 @@ int s_server_main(int argc, char *argv[])
             no_tmp_rsa = 1;
             break;
         case OPT_NO_DHE:
+#ifndef OPENSSL_NO_DH
             no_dhe = 1;
+#endif
             break;
         case OPT_NO_ECDHE:
             no_ecdhe = 1;
diff --git a/crypto/bn/bn_dh.c b/crypto/bn/bn_dh.c
index 3a7282f..34f9fb0 100644
--- a/crypto/bn/bn_dh.c
+++ b/crypto/bn/bn_dh.c
@@ -56,11 +56,11 @@
  *
  */
 
-#include <openssl/dh.h>
 #include "bn_lcl.h"
 #include "e_os.h"
 
 #ifndef OPENSSL_NO_DH
+#include <openssl/dh.h>
 /* DH parameters from RFC5114 */
 
 # if BN_BITS2 == 64
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index 72a8c1a..67ba16d 100644
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -60,13 +60,6 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include "internal/cryptlib.h"
-#include <openssl/cmac.h>
-#include <openssl/dh.h>
-#include <openssl/dsa.h>
-#include <openssl/evp.h>
-#include <openssl/hmac.h>
-#include <openssl/objects.h>
-#include <openssl/rsa.h>
 #ifndef OPENSSL_NO_ENGINE
 # include <openssl/engine.h>
 #endif
diff --git a/test/recipes/80-test_cms.t b/test/recipes/80-test_cms.t
index 079a4b2..5445311 100644
--- a/test/recipes/80-test_cms.t
+++ b/test/recipes/80-test_cms.t
@@ -13,7 +13,7 @@ setup("test_cms");
 
 my $smdir    = top_dir("test", "smime-certs");
 my $smcont   = top_file("test", "smcont.txt");
-my ($no_ec, $no_ec2m, $no_zlib) = disabled qw/ec ec2m zlib/;
+my ($no_dh, $no_ec, $no_ec2m, $no_zlib) = disabled qw/dh ec ec2m zlib/;
 
 plan tests => 4;
 
@@ -470,5 +470,7 @@ sub check_availability {
 	if ($no_ec && $tnam =~ /ECDH/);
     return "$tnam: skipped, EC2M disabled\n"
 	if ($no_ec2m && $tnam =~ /K-283/);
+    return "$tnam: skipped, DH disabled\n"
+	if ($no_dh && $tnam =~ /X9\.42/);
     return "";
 }


More information about the openssl-commits mailing list