unifdef a bunch of OPENSSL_NO_* ifdefs.

Get all this stuff out of the way. - OPENSSL_NO_MD5 - OPENSSL_NO_SHA - OPENSSL_NO_EC - OPENSSL_NO_ECDSA - OPENSSL_NO_ECDH - OPENSSL_NO_NEXTPROTONEG - OPENSSL_NO_DH - OPENSSL_NO_SSL3 - OPENSSL_NO_RC4 - OPENSSL_NO_RSA Also manually removed a couple instances of OPENSSL_NO_DSA that seemed to be confused anyway. Did some minor manual cleanup. (Removed a few now-pointless 'if (0)'s.) Change-Id: Id540ba97ee22ff2309ab20ceb24c7eabe766d4c4 Reviewed-on: https://boringssl-review.googlesource.com/1662 Reviewed-by: Adam Langley <agl@google.com>
author: David Benjamin <davidben@chromium.org> 2014-08-27 22:35:09 +0400
committer: Adam Langley <agl@google.com> 2014-08-28 04:41:34 +0400
commit: 457112e1973251a721ae419128d7108844d3c1a3 (patch)
tree: ccd7d5d5d2bd10345a78f7a789a674388ac96a97 /ssl/ssl_lib.c
parent: 1f3591d4c75fc4039dbd120ff1c459b311e976e2 (diff)
1 files changed, 1 insertions, 45 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index fafe5281..d6f6bdc2 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -344,7 +344,6 @@ SSL *SSL_new(SSL_CTX *ctx)
 	s->tlsext_ocsp_resplen = -1;
 	CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX);
 	s->initial_ctx=ctx;
-#ifndef OPENSSL_NO_EC
 	if (ctx->tlsext_ecpointformatlist)
 		{
 		s->tlsext_ecpointformatlist =
@@ -365,10 +364,7 @@ SSL *SSL_new(SSL_CTX *ctx)
 		s->tlsext_ellipticcurvelist_length = 
 					ctx->tlsext_ellipticcurvelist_length;
 		}
-#endif
-# ifndef OPENSSL_NO_NEXTPROTONEG
 	s->next_proto_negotiated = NULL;
-# endif
 
 	if (s->ctx->alpn_client_proto_list)
 		{
@@ -672,10 +668,8 @@ void SSL_free(SSL *s)
 	if (s->tlsext_hostname)
 		OPENSSL_free(s->tlsext_hostname);
 	if (s->initial_ctx) SSL_CTX_free(s->initial_ctx);
-#ifndef OPENSSL_NO_EC
 	if (s->tlsext_ecpointformatlist) OPENSSL_free(s->tlsext_ecpointformatlist);
 	if (s->tlsext_ellipticcurvelist) OPENSSL_free(s->tlsext_ellipticcurvelist);
-#endif /* OPENSSL_NO_EC */
 	if (s->tlsext_ocsp_exts)
 		sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts,
 						X509_EXTENSION_free);
@@ -701,10 +695,8 @@ void SSL_free(SSL *s)
 
 	if (s->ctx) SSL_CTX_free(s->ctx);
 
-#if !defined(OPENSSL_NO_NEXTPROTONEG)
 	if (s->next_proto_negotiated)
 		OPENSSL_free(s->next_proto_negotiated);
-#endif
 
         if (s->srtp_profiles)
             sk_SRTP_PROTECTION_PROFILE_free(s->srtp_profiles);
@@ -1773,7 +1765,6 @@ int SSL_select_next_proto(unsigned char **out, unsigned char *outlen, const unsi
 	return status;
 	}
 
-# ifndef OPENSSL_NO_NEXTPROTONEG
 /* SSL_get0_next_proto_negotiated sets *data and *len to point to the client's
  * requested protocol for this connection and returns 0. If the client didn't
  * request any protocol, then *data is set to NULL.
@@ -1822,7 +1813,6 @@ void SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx, int (*cb) (SSL *s, unsigned
 	ctx->next_proto_select_cb = cb;
 	ctx->next_proto_select_cb_arg = arg;
 	}
-# endif
 
 /* SSL_CTX_set_alpn_protos sets the ALPN protocol list on |ctx| to |protos|.
  * |protos| must be in wire-format (i.e. a series of non-empty, 8-bit
@@ -2035,10 +2025,8 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
 	ret->tlsext_status_cb = 0;
 	ret->tlsext_status_arg = NULL;
 
-# ifndef OPENSSL_NO_NEXTPROTONEG
 	ret->next_protos_advertised_cb = 0;
 	ret->next_proto_select_cb = 0;
-# endif
 	ret->psk_identity_hint=NULL;
 	ret->psk_client_callback=NULL;
 	ret->psk_server_callback=NULL;
@@ -2117,12 +2105,10 @@ void SSL_CTX_free(SSL_CTX *a)
 	if (a->psk_identity_hint)
 		OPENSSL_free(a->psk_identity_hint);
 
-# ifndef OPENSSL_NO_EC
 	if (a->tlsext_ecpointformatlist)
 		OPENSSL_free(a->tlsext_ecpointformatlist);
 	if (a->tlsext_ellipticcurvelist)
 		OPENSSL_free(a->tlsext_ellipticcurvelist);
-# endif /* OPENSSL_NO_EC */
 	if (a->alpn_client_proto_list != NULL)
 		OPENSSL_free(a->alpn_client_proto_list);
 
@@ -2174,34 +2160,20 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
 	CERT_PKEY *cpk;
 	int rsa_enc,rsa_sign,dh_tmp;
 	unsigned long mask_k,mask_a;
-#ifndef OPENSSL_NO_ECDSA
 	int have_ecc_cert, ecdsa_ok;
-#endif
-#ifndef OPENSSL_NO_ECDH
 	int have_ecdh_tmp;
-#endif
-#ifndef OPENSSL_NO_EC
 	X509 *x = NULL;
-#endif
 	if (c == NULL) return;
 
-#ifndef OPENSSL_NO_DH
 	dh_tmp=(c->dh_tmp != NULL || c->dh_tmp_cb != NULL);
-#else
-	dh_tmp=0;
-#endif
 
-#ifndef OPENSSL_NO_ECDH
 	have_ecdh_tmp=(c->ecdh_tmp || c->ecdh_tmp_cb || c->ecdh_tmp_auto);
-#endif
 	cpk= &(c->pkeys[SSL_PKEY_RSA_ENC]);
 	rsa_enc= cpk->valid_flags & CERT_PKEY_VALID;
 	cpk= &(c->pkeys[SSL_PKEY_RSA_SIGN]);
 	rsa_sign= cpk->valid_flags & CERT_PKEY_SIGN;
 	cpk= &(c->pkeys[SSL_PKEY_ECC]);
-#ifndef OPENSSL_NO_EC
 	have_ecc_cert= cpk->valid_flags & CERT_PKEY_VALID;
-#endif
 	mask_k=0;
 	mask_a=0;
 
@@ -2226,7 +2198,6 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
 
 	/* An ECC certificate may be usable for ECDSA cipher suites depending on
          * the key usage extension. */
-#ifndef OPENSSL_NO_EC
 	if (have_ecc_cert)
 		{
 		cpk = &c->pkeys[SSL_PKEY_ECC];
@@ -2237,21 +2208,16 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
 		    (x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE) : 1;
 		if (!(cpk->valid_flags & CERT_PKEY_SIGN))
 			ecdsa_ok = 0;
-#ifndef OPENSSL_NO_ECDSA
 		if (ecdsa_ok)
 			{
 			mask_a|=SSL_aECDSA;
 			}
-#endif
 		}
-#endif
 
-#ifndef OPENSSL_NO_ECDH
 	if (have_ecdh_tmp)
 		{
 		mask_k|=SSL_kEECDH;
 		}
-#endif
 
 	mask_k |= SSL_kPSK;
 	mask_a |= SSL_aPSK;
@@ -2265,7 +2231,6 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
 #define ku_reject(x, usage) \
 	(((x)->ex_flags & EXFLAG_KUSAGE) && !((x)->ex_kusage & (usage)))
 
-#ifndef OPENSSL_NO_EC
 
 int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
 	{
@@ -2295,7 +2260,6 @@ int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
 	return 1;  /* all checks are ok */
 	}
 
-#endif
 
 static int ssl_get_server_cert_index(const SSL *s)
 	{
@@ -2964,7 +2928,6 @@ RSA *cb(SSL *ssl,int is_export,int keylength)
  * \param dh the callback
  */
 
-#ifndef OPENSSL_NO_DH
 void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,DH *(*dh)(SSL *ssl,int is_export,
                                                         int keylength))
 	{
@@ -2976,9 +2939,7 @@ void SSL_set_tmp_dh_callback(SSL *ssl,DH *(*dh)(SSL *ssl,int is_export,
 	{
 	SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_DH_CB,(void (*)(void))dh);
 	}
-#endif
 
-#ifndef OPENSSL_NO_ECDH
 void SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx,EC_KEY *(*ecdh)(SSL *ssl,int is_export,
                                                                 int keylength))
 	{
@@ -2990,7 +2951,6 @@ void SSL_set_tmp_ecdh_callback(SSL *ssl,EC_KEY *(*ecdh)(SSL *ssl,int is_export,
 	{
 	SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH_CB,(void (*)(void))ecdh);
 	}
-#endif
 
 int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint)
 	{
@@ -3144,11 +3104,7 @@ int ssl3_can_cutthrough(const SSL *s)
 		return 0;
 
 	/* require ALPN or NPN extension */
-	if (!s->s3->alpn_selected
-#ifndef OPENSSL_NO_NEXTPROTONEG
-		&& !s->s3->next_proto_neg_seen
-#endif
-	)
+	if (!s->s3->alpn_selected && !s->s3->next_proto_neg_seen)
 		{
 		return 0;
 		}
author	David Benjamin <davidben@chromium.org>	2014-08-27 22:35:09 +0400
committer	Adam Langley <agl@google.com>	2014-08-28 04:41:34 +0400
commit	457112e1973251a721ae419128d7108844d3c1a3 (patch)
tree	ccd7d5d5d2bd10345a78f7a789a674388ac96a97 /ssl/ssl_lib.c
parent	1f3591d4c75fc4039dbd120ff1c459b311e976e2 (diff)