diff options
author | Ben Laurie <ben@openssl.org> | 2012-06-03 22:00:21 +0000 |
---|---|---|
committer | Ben Laurie <ben@openssl.org> | 2012-06-03 22:00:21 +0000 |
commit | 71fa451343f97b3624374ed1359adc23fba5696e (patch) | |
tree | 87ebfb43ece32507c68e360f36a67b4a921e79c0 /ssl | |
parent | a9e1c50bb09a110d4774e6710f9322344684fa2d (diff) |
Version skew reduction: trivia (I hope).
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/Makefile | 50 | ||||
-rw-r--r-- | ssl/d1_clnt.c | 1 | ||||
-rw-r--r-- | ssl/kssl.c | 3 | ||||
-rw-r--r-- | ssl/s3_clnt.c | 1 | ||||
-rw-r--r-- | ssl/s3_srvr.c | 5 | ||||
-rw-r--r-- | ssl/ssl.h | 5 | ||||
-rw-r--r-- | ssl/ssl3.h | 3 | ||||
-rw-r--r-- | ssl/ssl_asn1.c | 1 | ||||
-rw-r--r-- | ssl/ssl_lib.c | 2 | ||||
-rw-r--r-- | ssl/ssl_locl.h | 4 | ||||
-rw-r--r-- | ssl/ssl_sess.c | 2 | ||||
-rw-r--r-- | ssl/t1_lib.c | 4 |
12 files changed, 40 insertions, 41 deletions
diff --git a/ssl/Makefile b/ssl/Makefile index 459e2221d8..63a2f96170 100644 --- a/ssl/Makefile +++ b/ssl/Makefile @@ -164,7 +164,7 @@ d1_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h d1_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h d1_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h d1_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_clnt.c -d1_clnt.o: kssl_lcl.h ssl_locl.h +d1_clnt.o: ssl_locl.h d1_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h d1_enc.o: ../include/openssl/buffer.h ../include/openssl/comp.h d1_enc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h @@ -589,8 +589,7 @@ s3_enc.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h s3_enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h s3_enc.o: ../include/openssl/tls1.h ../include/openssl/x509.h s3_enc.o: ../include/openssl/x509_vfy.h s3_enc.c ssl_locl.h -s3_lib.o: ../crypto/ec/ec_lcl.h ../e_os.h ../include/openssl/asn1.h -s3_lib.o: ../include/openssl/bio.h ../include/openssl/bn.h +s3_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h s3_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h s3_lib.o: ../include/openssl/crypto.h ../include/openssl/dh.h s3_lib.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h @@ -659,20 +658,20 @@ s3_srvr.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h s3_srvr.o: ../include/openssl/ec.h ../include/openssl/ecdh.h s3_srvr.o: ../include/openssl/ecdsa.h ../include/openssl/err.h s3_srvr.o: ../include/openssl/evp.h ../include/openssl/hmac.h -s3_srvr.o: ../include/openssl/krb5_asn.h ../include/openssl/kssl.h -s3_srvr.o: ../include/openssl/lhash.h ../include/openssl/md5.h -s3_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -s3_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -s3_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h -s3_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s3_srvr.o: ../include/openssl/pqueue.h ../include/openssl/rand.h -s3_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s3_srvr.o: ../include/openssl/sha.h ../include/openssl/srtp.h -s3_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s3_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s3_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -s3_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h -s3_srvr.o: ../include/openssl/x509_vfy.h kssl_lcl.h s3_srvr.c ssl_locl.h +s3_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s3_srvr.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h +s3_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +s3_srvr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +s3_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s3_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h +s3_srvr.o: ../include/openssl/rand.h ../include/openssl/rsa.h +s3_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s3_srvr.o: ../include/openssl/srtp.h ../include/openssl/ssl.h +s3_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +s3_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +s3_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +s3_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl_lcl.h +s3_srvr.o: s3_srvr.c ssl_locl.h ssl_algs.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h ssl_algs.o: ../include/openssl/buffer.h ../include/openssl/comp.h ssl_algs.o: ../include/openssl/crypto.h ../include/openssl/dsa.h @@ -949,14 +948,15 @@ t1_lib.o: ../include/openssl/objects.h ../include/openssl/ocsp.h t1_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h t1_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h t1_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -t1_lib.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h -t1_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h -t1_lib.o: ../include/openssl/srtp.h ../include/openssl/ssl.h -t1_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -t1_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -t1_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -t1_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -t1_lib.o: ../include/openssl/x509v3.h ssl_locl.h t1_lib.c +t1_lib.o: ../include/openssl/pqueue.h ../include/openssl/rand.h +t1_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +t1_lib.o: ../include/openssl/sha.h ../include/openssl/srtp.h +t1_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +t1_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +t1_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +t1_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h +t1_lib.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h ssl_locl.h +t1_lib.o: t1_lib.c t1_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h t1_meth.o: ../include/openssl/buffer.h ../include/openssl/comp.h t1_meth.o: ../include/openssl/crypto.h ../include/openssl/dsa.h diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c index 00cb43f09e..4af8ffda4d 100644 --- a/ssl/d1_clnt.c +++ b/ssl/d1_clnt.c @@ -114,7 +114,6 @@ */ #include <stdio.h> -#include <openssl/crypto.h> #include "ssl_locl.h" #ifndef OPENSSL_NO_KRB5 #include "kssl_lcl.h" diff --git a/ssl/kssl.c b/ssl/kssl.c index ee0e73e8ac..fd7c67bb1f 100644 --- a/ssl/kssl.c +++ b/ssl/kssl.c @@ -2093,9 +2093,12 @@ krb5_error_code kssl_check_authent( EVP_CIPHER_CTX_cleanup(&ciph_ctx); #ifdef KSSL_DEBUG + { + int padl; printf("kssl_check_authent: decrypted authenticator[%d] =\n", outl); for (padl=0; padl < outl; padl++) printf("%02x ",unenc_authent[padl]); printf("\n"); + } #endif /* KSSL_DEBUG */ if ((p = kssl_skip_confound(enctype, unenc_authent)) == NULL) diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index e8fe968e59..c51f3d0b0f 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -149,7 +149,6 @@ */ #include <stdio.h> -#include <openssl/crypto.h> #include "ssl_locl.h" #include "kssl_lcl.h" #include <openssl/buffer.h> diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index ba324848c1..fdf8052aa1 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -152,7 +152,6 @@ #define NETSCAPE_HANG_BUG #include <stdio.h> -#include <openssl/crypto.h> #include "ssl_locl.h" #include "kssl_lcl.h" #include <openssl/buffer.h> @@ -181,7 +180,7 @@ static const SSL_METHOD *ssl3_get_server_method(int ver) } #ifndef OPENSSL_NO_SRP -static int ssl_check_srp_ext_ClientHello(SSL *s,int *al) +static int ssl_check_srp_ext_ClientHello(SSL *s, int *al) { int ret = SSL_ERROR_NONE; @@ -3583,7 +3582,7 @@ int ssl3_send_cert_status(SSL *s) return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); } -# ifndef OPENSSL_NO_NPN +# ifndef OPENSSL_NO_NEXTPROTONEG /* ssl3_get_next_proto reads a Next Protocol Negotiation handshake message. It * sets the next_proto member in s if found */ int ssl3_get_next_proto(SSL *s) @@ -989,13 +989,13 @@ struct ssl_ctx_st /* Callback for disabling session caching and ticket support * on a session basis, depending on the chosen cipher. */ int (*not_resumable_session_cb)(SSL *ssl, int is_forward_secure); -#ifndef OPENSSL_NO_EC +# ifndef OPENSSL_NO_EC /* EC extension values inherited by SSL structure */ size_t tlsext_ecpointformatlist_length; unsigned char *tlsext_ecpointformatlist; size_t tlsext_ellipticcurvelist_length; unsigned char *tlsext_ellipticcurvelist; -#endif /* OPENSSL_NO_EC */ +# endif /* OPENSSL_NO_EC */ int (*tlsext_authz_server_audit_proof_cb)(SSL *s, void *arg); void *tlsext_authz_server_audit_proof_cb_arg; }; @@ -1366,6 +1366,7 @@ struct ssl_st int renegotiate;/* 1 if we are renegotiating. * 2 if we are a server and are inside a handshake * (i.e. not just sending a HelloRequest) */ + #ifndef OPENSSL_NO_SRP SRP_CTX srp_ctx; /* ctx for SRP authentication */ #endif diff --git a/ssl/ssl3.h b/ssl/ssl3.h index 84198ff501..74274771ff 100644 --- a/ssl/ssl3.h +++ b/ssl/ssl3.h @@ -536,8 +536,7 @@ typedef struct ssl3_state_st int send_connection_binding; /* TODOEKR */ #ifndef OPENSSL_NO_NEXTPROTONEG - /* Set if we saw the Next Protocol Negotiation extension from - our peer. */ + /* Set if we saw the Next Protocol Negotiation extension from our peer. */ int next_proto_neg_seen; #endif diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c index d8415b8806..38540be1e5 100644 --- a/ssl/ssl_asn1.c +++ b/ssl/ssl_asn1.c @@ -84,7 +84,6 @@ #include <stdio.h> #include <stdlib.h> -#include <openssl/crypto.h> #include "ssl_locl.h" #include <openssl/asn1_mac.h> #include <openssl/objects.h> diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index cb098b3002..dc9a8665bc 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -146,7 +146,6 @@ # include <assert.h> #endif #include <stdio.h> -#include <openssl/crypto.h> #include "ssl_locl.h" #include "kssl_lcl.h" #include <openssl/objects.h> @@ -1650,7 +1649,6 @@ void SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx, int (*cb) (SSL *s, unsigned ctx->next_proto_select_cb = cb; ctx->next_proto_select_cb_arg = arg; } - # endif #endif diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index d0167e8283..872bce6601 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -602,8 +602,8 @@ typedef struct ssl3_enc_method int (*export_keying_material)(SSL *, unsigned char *, size_t, const char *, size_t, const unsigned char *, size_t, - int use_context); - } SSL3_ENC_METHOD; + int use_context); + } SSL3_ENC_METHOD; #ifndef OPENSSL_NO_COMP /* Used for holding the relevant compression methods loaded into SSL_CTX */ diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index 093ea60ae6..6cd17679bb 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -589,12 +589,14 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len, if (ret != NULL) { SSL_SESSION_free(ret); +#ifndef OPENSSL_NO_TLSEXT if (!try_session_cache) { /* The session was from a ticket, so we should * issue a ticket for the new session */ s->tlsext_ticket_expected = 1; } +#endif } if (fatal) return -1; diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 12230e8ae1..bb4fbe6587 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -1723,7 +1723,7 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char #endif #ifndef OPENSSL_NO_NEXTPROTONEG else if (type == TLSEXT_TYPE_next_proto_neg && - s->s3->tmp.finish_md_len == 0) + s->s3->tmp.finish_md_len == 0) { /* We shouldn't accept this extension on a * renegotiation. @@ -1852,7 +1852,7 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in /* ssl_next_proto_validate validates a Next Protocol Negotiation block. No * elements of zero length are allowed and the set of elements must exactly fill * the length of the block. */ -static int ssl_next_proto_validate(unsigned char *d, unsigned len) +static char ssl_next_proto_validate(unsigned char *d, unsigned len) { unsigned int off = 0; |