diff options
| author | Rich Salz <rsalz@openssl.org> | 2015-01-27 12:34:45 -0500 |
|---|---|---|
| committer | Rich Salz <rsalz@openssl.org> | 2015-01-27 12:34:45 -0500 |
| commit | 474e469bbd056aebcf7e7d3207ef820f2faed4ce (patch) | |
| tree | 435a3d3feb5795d101fe89055e2b86b75c94476a /ssl/ssl_algs.c | |
| parent | c73ad690174171b63a53dabdb2f2d9ebfd30053a (diff) | |
OPENSSL_NO_xxx cleanup: SHA
Remove support for SHA0 and DSS0 (they were broken), and remove
the ability to attempt to build without SHA (it didn't work).
For simplicity, remove the option of not building various SHA algorithms;
you could argue that SHA_224/256/384/512 should be kept, since they're
like crypto algorithms, but I decided to go the other way.
So these options are gone:
GENUINE_DSA OPENSSL_NO_SHA0
OPENSSL_NO_SHA OPENSSL_NO_SHA1
OPENSSL_NO_SHA224 OPENSSL_NO_SHA256
OPENSSL_NO_SHA384 OPENSSL_NO_SHA512
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'ssl/ssl_algs.c')
| -rw-r--r-- | ssl/ssl_algs.c | 17 |
1 files changed, 1 insertions, 16 deletions
diff --git a/ssl/ssl_algs.c b/ssl/ssl_algs.c index fdf1481444..3843aefe8d 100644 --- a/ssl/ssl_algs.c +++ b/ssl/ssl_algs.c @@ -91,14 +91,10 @@ int SSL_library_init(void) EVP_add_cipher(EVP_aes_256_cbc()); EVP_add_cipher(EVP_aes_128_gcm()); EVP_add_cipher(EVP_aes_256_gcm()); -# if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1) EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1()); EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1()); -# endif -# if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA256) EVP_add_cipher(EVP_aes_128_cbc_hmac_sha256()); EVP_add_cipher(EVP_aes_256_cbc_hmac_sha256()); -# endif #endif #ifndef OPENSSL_NO_CAMELLIA EVP_add_cipher(EVP_camellia_128_cbc()); @@ -113,20 +109,14 @@ int SSL_library_init(void) EVP_add_digest(EVP_md5()); EVP_add_digest_alias(SN_md5, "ssl3-md5"); #endif -#ifndef OPENSSL_NO_SHA EVP_add_digest(EVP_sha1()); /* RSA with sha1 */ EVP_add_digest_alias(SN_sha1, "ssl3-sha1"); EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA); -#endif -#ifndef OPENSSL_NO_SHA256 EVP_add_digest(EVP_sha224()); EVP_add_digest(EVP_sha256()); -#endif -#ifndef OPENSSL_NO_SHA512 EVP_add_digest(EVP_sha384()); EVP_add_digest(EVP_sha512()); -#endif -#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_DSA) +#if !defined(OPENSSL_NO_DSA) EVP_add_digest(EVP_dss1()); /* DSA with sha1 */ EVP_add_digest_alias(SN_dsaWithSHA1, SN_dsaWithSHA1_2); EVP_add_digest_alias(SN_dsaWithSHA1, "DSS1"); @@ -135,11 +125,6 @@ int SSL_library_init(void) #ifndef OPENSSL_NO_ECDSA EVP_add_digest(EVP_ecdsa()); #endif - /* If you want support for phased out ciphers, add the following */ -#if 0 - EVP_add_digest(EVP_sha()); - EVP_add_digest(EVP_dss()); -#endif #ifndef OPENSSL_NO_COMP /* * This will initialise the built-in compression algorithms. The value |