[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
Richard Levitte
levitte at openssl.org
Fri Apr 27 04:00:18 UTC 2018
The branch OpenSSL_1_0_2-stable has been updated
via b10794b5309a42bd3ea30d824ce1068e5189e66f (commit)
via 60ced074c48fa265b3eccf91a89dec374b4c7e49 (commit)
via 76b8b6932d17414b460f72e15ba8050d609ce768 (commit)
from aadcf069828431819970421749da64b24b559490 (commit)
- Log -----------------------------------------------------------------
commit b10794b5309a42bd3ea30d824ce1068e5189e66f
Author: Cristian Stoica <cristian.stoica at nxp.com>
Date: Wed Jun 29 17:45:59 2016 +0300
s_server: fix warnings unused-but-set-variable (no-dh)
This patch fixes the following two warnings when OpenSSL is built with no-dh option:
s_server.c: In function 's_server_main':
s_server.c:1105:25: warning: variable 'no_dhe' set but not used [-Wunused-but-set-variable]
int no_tmp_rsa = 0, no_dhe = 0, no_ecdhe = 0, nocert = 0;
^
s_server.c:1101:11: warning: variable 'dhfile' set but not used [-Wunused-but-set-variable]
char *dhfile = NULL;
^
CLA: trivial
Signed-off-by: Cristian Stoica <cristian.stoica at nxp.com>
Reviewed-by: Rich Salz <rsalz at openssl.org>
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6087)
commit 60ced074c48fa265b3eccf91a89dec374b4c7e49
Author: Cristian Stoica <cristian.stoica at nxp.com>
Date: Wed Jun 29 18:34:33 2016 +0300
fix warning unused-but-set-variable 'alg_k' (no-dh and no-ec)
This patch fixes the following warning when OpenSSL is configured with
no-dh and no-ec:
./Configure no-ec no-dh linux-x86_64
...
s3_lib.c: In function 'ssl3_get_req_cert_type':
s3_lib.c:4234:19: warning: variable 'alg_k' set but not used [-Wunused-but-set-variable]
unsigned long alg_k;
CLA: trivial
Signed-off-by: Cristian Stoica <cristian.stoica at nxp.com>
Reviewed-by: Rich Salz <rsalz at openssl.org>
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6087)
commit 76b8b6932d17414b460f72e15ba8050d609ce768
Author: Cristian Stoica <cristian.stoica at nxp.com>
Date: Wed Jun 29 18:30:58 2016 +0300
fix warning unused-but-set-variable 'nostrict' (no-dh and no-ec)
This patch fixes the following warning when OpenSSL is configured with
no-dh and no-ec:
./Configure no-ec no-dh linux-x86_64
...
s3_lib.c:4231:9: warning: variable 'nostrict' set but not used [-Wunused-but-set-variable]
int nostrict = 1;
^
CLA: trivial
Signed-off-by: Cristian Stoica <cristian.stoica at nxp.com>
Reviewed-by: Rich Salz <rsalz at openssl.org>
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6087)
-----------------------------------------------------------------------
Summary of changes:
apps/s_server.c | 21 ++++++++++++++++-----
ssl/s3_lib.c | 10 ++++++++++
2 files changed, 26 insertions(+), 5 deletions(-)
diff --git a/apps/s_server.c b/apps/s_server.c
index f1ab691..9570f07 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -1087,11 +1087,14 @@ int MAIN(int argc, char *argv[])
char *chCApath = NULL, *chCAfile = NULL;
char *vfyCApath = NULL, *vfyCAfile = NULL;
unsigned char *context = NULL;
+#ifndef OPENSSL_NO_DH
char *dhfile = NULL;
+ int no_dhe = 0;
+#endif
int badop = 0;
int ret = 1;
int build_chain = 0;
- int no_tmp_rsa = 0, no_dhe = 0, no_ecdhe = 0, nocert = 0;
+ int no_tmp_rsa = 0, no_ecdhe = 0, nocert = 0;
int state = 0;
const SSL_METHOD *meth = NULL;
int socket_type = SOCK_STREAM;
@@ -1239,11 +1242,15 @@ int MAIN(int argc, char *argv[])
if (--argc < 1)
goto bad;
s_chain_file = *(++argv);
- } else if (strcmp(*argv, "-dhparam") == 0) {
+ }
+#ifndef OPENSSL_NO_DH
+ else if (strcmp(*argv, "-dhparam") == 0) {
if (--argc < 1)
goto bad;
dhfile = *(++argv);
- } else if (strcmp(*argv, "-dcertform") == 0) {
+ }
+#endif
+ else if (strcmp(*argv, "-dcertform") == 0) {
if (--argc < 1)
goto bad;
s_dcert_format = str2fmt(*(++argv));
@@ -1390,9 +1397,13 @@ int MAIN(int argc, char *argv[])
verify_quiet = 1;
} else if (strcmp(*argv, "-no_tmp_rsa") == 0) {
no_tmp_rsa = 1;
- } else if (strcmp(*argv, "-no_dhe") == 0) {
+ }
+#ifndef OPENSSL_NO_DH
+ else if (strcmp(*argv, "-no_dhe") == 0) {
no_dhe = 1;
- } else if (strcmp(*argv, "-no_ecdhe") == 0) {
+ }
+#endif
+ else if (strcmp(*argv, "-no_ecdhe") == 0) {
no_ecdhe = 1;
} else if (strcmp(*argv, "-no_resume_ephemeral") == 0) {
no_resume_ephemeral = 1;
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 7e27dae..633c954 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -4228,8 +4228,13 @@ int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
#ifndef OPENSSL_NO_ECDSA
int have_ecdsa_sign = 0;
#endif
+#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_ECDH)
int nostrict = 1;
+#endif
+#if !defined(OPENSSL_NO_GOST) || !defined(OPENSSL_NO_DH) || \
+ !defined(OPENSSL_NO_ECDH)
unsigned long alg_k;
+#endif
/* If we have custom certificate types set, use them */
if (s->cert->ctypes) {
@@ -4238,8 +4243,10 @@ int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
}
/* get configured sigalgs */
siglen = tls12_get_psigalgs(s, 1, &sig);
+#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_ECDH)
if (s->cert->cert_flags & SSL_CERT_FLAGS_CHECK_TLS_STRICT)
nostrict = 0;
+#endif
for (i = 0; i < siglen; i += 2, sig += 2) {
switch (sig[1]) {
case TLSEXT_signature_rsa:
@@ -4257,7 +4264,10 @@ int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
}
}
+#if !defined(OPENSSL_NO_GOST) || !defined(OPENSSL_NO_DH) || \
+ !defined(OPENSSL_NO_ECDH)
alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
+#endif
#ifndef OPENSSL_NO_GOST
if (s->version >= TLS1_VERSION) {
More information about the openssl-commits
mailing list