diff options
author | Rich Salz <rsalz@openssl.org> | 2015-01-27 10:06:22 -0500 |
---|---|---|
committer | Rich Salz <rsalz@openssl.org> | 2015-01-27 10:06:22 -0500 |
commit | a00ae6c46e0d7907a7c9f9e85334e968aa5fd338 (patch) | |
tree | 79a0e748842c1a3ed15b3b4a1ab08ce29bab5280 /ssl | |
parent | 109f1031a8d03a7c0a7c53c82314505ec5b7b207 (diff) | |
download | openssl-a00ae6c46e0d7907a7c9f9e85334e968aa5fd338.zip openssl-a00ae6c46e0d7907a7c9f9e85334e968aa5fd338.tar.gz openssl-a00ae6c46e0d7907a7c9f9e85334e968aa5fd338.tar.bz2 |
OPENSSL_NO_xxx cleanup: many removals
The following compile options (#ifdef's) are removed:
OPENSSL_NO_BIO OPENSSL_NO_BUFFER OPENSSL_NO_CHAIN_VERIFY
OPENSSL_NO_EVP OPENSSL_NO_FIPS_ERR OPENSSL_NO_HASH_COMP
OPENSSL_NO_LHASH OPENSSL_NO_OBJECT OPENSSL_NO_SPEED OPENSSL_NO_STACK
OPENSSL_NO_X509 OPENSSL_NO_X509_VERIFY
This diff is big because of updating the indents on preprocessor lines.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/ssl.h | 24 | ||||
-rw-r--r-- | ssl/ssl_cert.c | 6 | ||||
-rw-r--r-- | ssl/ssltest.c | 2 |
3 files changed, 3 insertions, 29 deletions
@@ -148,13 +148,9 @@ # ifndef OPENSSL_NO_COMP # include <openssl/comp.h> # endif -# ifndef OPENSSL_NO_BIO -# include <openssl/bio.h> -# endif +# include <openssl/bio.h> # ifdef OPENSSL_USE_DEPRECATED -# ifndef OPENSSL_NO_X509 -# include <openssl/x509.h> -# endif +# include <openssl/x509.h> # include <openssl/crypto.h> # include <openssl/lhash.h> # include <openssl/buffer.h> @@ -1417,20 +1413,12 @@ struct ssl_st { * There are 2 BIO's even though they are normally both the same. This * is so data can be read and written to different handlers */ -# ifndef OPENSSL_NO_BIO /* used by SSL_read */ BIO *rbio; /* used by SSL_write */ BIO *wbio; /* used during session-id reuse to concatenate messages */ BIO *bbio; -# else - /* used by SSL_read */ - char *rbio; - /* used by SSL_write */ - char *wbio; - char *bbio; -# endif /* * This holds a variable that indicates what we were doing when a 0 or -1 * is returned. This is needed for non-blocking IO so we know what @@ -2108,7 +2096,7 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) SSL_ctrl(s,SSL_CTRL_GET_RAW_CIPHERLIST,0,plst) # define SSL_get0_ec_point_formats(s, plst) \ SSL_ctrl(s,SSL_CTRL_GET_EC_POINT_FORMATS,0,plst) -# ifndef OPENSSL_NO_BIO + BIO_METHOD *BIO_f_ssl(void); BIO *BIO_new_ssl(SSL_CTX *ctx, int client); BIO *BIO_new_ssl_connect(SSL_CTX *ctx); @@ -2116,8 +2104,6 @@ BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx); int BIO_ssl_copy_session_id(BIO *to, BIO *from); void BIO_ssl_shutdown(BIO *ssl_bio); -# endif - int SSL_CTX_set_cipher_list(SSL_CTX *, const char *str); SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth); void SSL_CTX_free(SSL_CTX *); @@ -2148,11 +2134,9 @@ int SSL_set_fd(SSL *s, int fd); int SSL_set_rfd(SSL *s, int fd); int SSL_set_wfd(SSL *s, int fd); # endif -# ifndef OPENSSL_NO_BIO void SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio); BIO *SSL_get_rbio(const SSL *s); BIO *SSL_get_wbio(const SSL *s); -# endif int SSL_set_cipher_list(SSL *s, const char *str); void SSL_set_read_ahead(SSL *s, int yes); int SSL_get_verify_mode(const SSL *s); @@ -2222,10 +2206,8 @@ unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *s); # ifndef OPENSSL_NO_STDIO int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *ses); # endif -# ifndef OPENSSL_NO_BIO int SSL_SESSION_print(BIO *fp, const SSL_SESSION *ses); int SSL_SESSION_print_keylog(BIO *bp, const SSL_SESSION *x); -# endif void SSL_SESSION_free(SSL_SESSION *ses); int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp); int SSL_set_session(SSL *to, SSL_SESSION *session); diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index bfaf69a..f2de54b 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -740,7 +740,6 @@ int ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk) i = s->ctx->app_verify_callback(&ctx); /* should pass app_verify_arg */ #endif else { -#ifndef OPENSSL_NO_X509_VERIFY i = X509_verify_cert(&ctx); # if 0 /* Dummy error calls so mkerr generates them */ @@ -750,11 +749,6 @@ int ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk) # endif if (i > 0) i = ssl_security_cert_chain(s, ctx.chain, NULL, 1); -#else - i = 0; - ctx.error = X509_V_ERR_APPLICATION_VERIFICATION; - SSLerr(SSL_F_SSL_VERIFY_CERT_CHAIN, SSL_R_NO_VERIFY_CALLBACK); -#endif } s->verify_result = ctx.error; diff --git a/ssl/ssltest.c b/ssl/ssltest.c index d217efa..a49fd86 100644 --- a/ssl/ssltest.c +++ b/ssl/ssltest.c @@ -2909,9 +2909,7 @@ static int app_verify_callback(X509_STORE_CTX *ctx, void *arg) if (cb_arg->allow_proxy_certs) { X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS); } -#ifndef OPENSSL_NO_X509_VERIFY ok = X509_verify_cert(ctx); -#endif if (cb_arg->proxy_auth) { if (ok > 0) { |