diff options
author | Matt Caswell <matt@openssl.org> | 2015-05-15 10:49:56 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2015-05-22 23:10:51 +0100 |
commit | e481f9b90b164fd1053015d1c4e0a0d92076d7a8 (patch) | |
tree | 2dbf5d699977893b677a18b213f31c61b59d468b /ssl/ssl_conf.c | |
parent | 552bf8ec5e64d1a169069111850ebc5d250e0499 (diff) |
Remove support for OPENSSL_NO_TLSEXT
Given the pervasive nature of TLS extensions it is inadvisable to run
OpenSSL without support for them. It also means that maintaining
the OPENSSL_NO_TLSEXT option within the code is very invasive (and probably
not well tested). Therefore it is being removed.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'ssl/ssl_conf.c')
-rw-r--r-- | ssl/ssl_conf.c | 4 |
1 files changed, 0 insertions, 4 deletions
diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c index 59516a57f2..65ff0218d7 100644 --- a/ssl/ssl_conf.c +++ b/ssl/ssl_conf.c @@ -433,9 +433,7 @@ static const ssl_conf_cmd_tbl ssl_conf_cmds[] = { SSL_CONF_CMD_SWITCH("bugs", 0), SSL_CONF_CMD_SWITCH("no_comp", 0), SSL_CONF_CMD_SWITCH("ecdh_single", SSL_CONF_FLAG_SERVER), -#ifndef OPENSSL_NO_TLSEXT SSL_CONF_CMD_SWITCH("no_ticket", 0), -#endif SSL_CONF_CMD_SWITCH("serverpref", SSL_CONF_FLAG_SERVER), SSL_CONF_CMD_SWITCH("legacy_renegotiation", 0), SSL_CONF_CMD_SWITCH("legacy_server_connect", SSL_CONF_FLAG_SERVER), @@ -477,9 +475,7 @@ static const ssl_switch_tbl ssl_cmd_switches[] = { {SSL_OP_ALL, 0}, /* bugs */ {SSL_OP_NO_COMPRESSION, 0}, /* no_comp */ {SSL_OP_SINGLE_ECDH_USE, 0}, /* ecdh_single */ -#ifndef OPENSSL_NO_TLSEXT {SSL_OP_NO_TICKET, 0}, /* no_ticket */ -#endif {SSL_OP_CIPHER_SERVER_PREFERENCE, 0}, /* serverpref */ /* legacy_renegotiation */ {SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION, 0}, |