summaryrefslogtreecommitdiffstats
path: root/ssl
diff options
context:
space:
mode:
Diffstat (limited to 'ssl')
-rw-r--r--ssl/s3_enc.c2
-rw-r--r--ssl/s3_lib.c22
-rw-r--r--ssl/ssl_ciph.c2
-rw-r--r--ssl/t1_enc.c2
-rw-r--r--ssl/t1_lib.c6
5 files changed, 5 insertions, 29 deletions
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
index 1e297d23d5..cf4d5fe4e7 100644
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -297,10 +297,8 @@ int ssl3_setup_key_block(SSL *s)
if (s->session->cipher->algorithm_enc == SSL_eNULL)
s->s3.need_empty_fragments = 0;
-#ifndef OPENSSL_NO_RC4
if (s->session->cipher->algorithm_enc == SSL_RC4)
s->s3.need_empty_fragments = 0;
-#endif
}
}
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 12876add7f..ec19eeacc3 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -66,7 +66,6 @@ static SSL_CIPHER tls13_ciphers[] = {
256,
256,
},
-#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
{
1,
TLS1_3_RFC_CHACHA20_POLY1305_SHA256,
@@ -83,7 +82,6 @@ static SSL_CIPHER tls13_ciphers[] = {
256,
256,
},
-#endif
{
1,
TLS1_3_RFC_AES_128_CCM_SHA256,
@@ -2036,7 +2034,6 @@ static SSL_CIPHER ssl3_ciphers[] = {
256,
},
-#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
{
1,
TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305,
@@ -2149,10 +2146,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
256,
256,
},
-#endif /* !defined(OPENSSL_NO_CHACHA) &&
- * !defined(OPENSSL_NO_POLY1305) */
-#ifndef OPENSSL_NO_CAMELLIA
{
1,
TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256,
@@ -2601,7 +2595,6 @@ static SSL_CIPHER ssl3_ciphers[] = {
256,
256,
},
-#endif /* OPENSSL_NO_CAMELLIA */
#ifndef OPENSSL_NO_GOST
{
@@ -2718,7 +2711,6 @@ static SSL_CIPHER ssl3_ciphers[] = {
},
#endif /* OPENSSL_NO_GOST */
-#ifndef OPENSSL_NO_IDEA
{
1,
SSL3_TXT_RSA_IDEA_128_SHA,
@@ -2735,9 +2727,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
128,
128,
},
-#endif
-#ifndef OPENSSL_NO_SEED
{
1,
TLS1_TXT_RSA_WITH_SEED_SHA,
@@ -2802,7 +2792,6 @@ static SSL_CIPHER ssl3_ciphers[] = {
128,
128,
},
-#endif /* OPENSSL_NO_SEED */
#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
{
@@ -2967,7 +2956,6 @@ static SSL_CIPHER ssl3_ciphers[] = {
},
#endif /* OPENSSL_NO_WEAK_SSL_CIPHERS */
-#ifndef OPENSSL_NO_ARIA
{
1,
TLS1_TXT_RSA_WITH_ARIA_128_GCM_SHA256,
@@ -3224,7 +3212,6 @@ static SSL_CIPHER ssl3_ciphers[] = {
256,
256,
},
-#endif /* OPENSSL_NO_ARIA */
};
/*
@@ -4120,9 +4107,7 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
STACK_OF(SSL_CIPHER) *prio, *allow;
int i, ii, ok, prefer_sha256 = 0;
unsigned long alg_k = 0, alg_a = 0, mask_k = 0, mask_a = 0;
-#ifndef OPENSSL_NO_CHACHA
STACK_OF(SSL_CIPHER) *prio_chacha = NULL;
-#endif
/* Let's see which ciphers we can support */
@@ -4155,7 +4140,7 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
} else if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
prio = srvr;
allow = clnt;
-#ifndef OPENSSL_NO_CHACHA
+
/* If ChaCha20 is at the top of the client preference list,
and there are ChaCha20 ciphers in the server list, then
temporarily prioritize all ChaCha20 ciphers in the servers list. */
@@ -4194,7 +4179,6 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
}
}
}
-# endif
} else {
prio = clnt;
allow = srvr;
@@ -4308,9 +4292,9 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
break;
}
}
-#ifndef OPENSSL_NO_CHACHA
+
sk_SSL_CIPHER_free(prio_chacha);
-#endif
+
return ret;
}
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index 43dcf2d6fe..d517799895 100644
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -2215,8 +2215,6 @@ const char *OSSL_default_cipher_list(void)
const char *OSSL_default_ciphersuites(void)
{
return "TLS_AES_256_GCM_SHA384:"
-#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
"TLS_CHACHA20_POLY1305_SHA256:"
-#endif
"TLS_AES_128_GCM_SHA256";
}
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index 67d148473e..531872bfb0 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -597,10 +597,8 @@ int tls1_setup_key_block(SSL *s)
if (s->session->cipher->algorithm_enc == SSL_eNULL)
s->s3.need_empty_fragments = 0;
-#ifndef OPENSSL_NO_RC4
if (s->session->cipher->algorithm_enc == SSL_RC4)
s->s3.need_empty_fragments = 0;
-#endif
}
}
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 5101c7a4da..a7b5a6cc3f 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -981,14 +981,14 @@ static const uint16_t tls12_sigalgs[] = {
TLSEXT_SIGALG_rsa_pkcs1_sha224,
TLSEXT_SIGALG_rsa_pkcs1_sha1,
-#ifndef OPENSSL_NO_DSA
+
TLSEXT_SIGALG_dsa_sha224,
TLSEXT_SIGALG_dsa_sha1,
TLSEXT_SIGALG_dsa_sha256,
TLSEXT_SIGALG_dsa_sha384,
TLSEXT_SIGALG_dsa_sha512,
-#endif
+
#ifndef OPENSSL_NO_GOST
TLSEXT_SIGALG_gostr34102012_256_intrinsic,
TLSEXT_SIGALG_gostr34102012_512_intrinsic,
@@ -1059,7 +1059,6 @@ static const SIGALG_LOOKUP sigalg_lookup_tbl[] = {
{"rsa_pkcs1_sha1", TLSEXT_SIGALG_rsa_pkcs1_sha1,
NID_sha1, SSL_MD_SHA1_IDX, EVP_PKEY_RSA, SSL_PKEY_RSA,
NID_sha1WithRSAEncryption, NID_undef, 1},
-#ifndef OPENSSL_NO_DSA
{NULL, TLSEXT_SIGALG_dsa_sha256,
NID_sha256, SSL_MD_SHA256_IDX, EVP_PKEY_DSA, SSL_PKEY_DSA_SIGN,
NID_dsa_with_SHA256, NID_undef, 1},
@@ -1075,7 +1074,6 @@ static const SIGALG_LOOKUP sigalg_lookup_tbl[] = {
{NULL, TLSEXT_SIGALG_dsa_sha1,
NID_sha1, SSL_MD_SHA1_IDX, EVP_PKEY_DSA, SSL_PKEY_DSA_SIGN,
NID_dsaWithSHA1, NID_undef, 1},
-#endif
#ifndef OPENSSL_NO_GOST
{NULL, TLSEXT_SIGALG_gostr34102012_256_intrinsic,
NID_id_GostR3411_2012_256, SSL_MD_GOST12_256_IDX,
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-06 14:33:44 +0000