diff options
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/s3_enc.c | 2 | ||||
-rw-r--r-- | ssl/s3_lib.c | 22 | ||||
-rw-r--r-- | ssl/ssl_ciph.c | 2 | ||||
-rw-r--r-- | ssl/t1_enc.c | 2 | ||||
-rw-r--r-- | ssl/t1_lib.c | 6 |
5 files changed, 5 insertions, 29 deletions
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index 1e297d23d5..cf4d5fe4e7 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -297,10 +297,8 @@ int ssl3_setup_key_block(SSL *s) if (s->session->cipher->algorithm_enc == SSL_eNULL) s->s3.need_empty_fragments = 0; -#ifndef OPENSSL_NO_RC4 if (s->session->cipher->algorithm_enc == SSL_RC4) s->s3.need_empty_fragments = 0; -#endif } } diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 12876add7f..ec19eeacc3 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -66,7 +66,6 @@ static SSL_CIPHER tls13_ciphers[] = { 256, 256, }, -#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) { 1, TLS1_3_RFC_CHACHA20_POLY1305_SHA256, @@ -83,7 +82,6 @@ static SSL_CIPHER tls13_ciphers[] = { 256, 256, }, -#endif { 1, TLS1_3_RFC_AES_128_CCM_SHA256, @@ -2036,7 +2034,6 @@ static SSL_CIPHER ssl3_ciphers[] = { 256, }, -#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) { 1, TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305, @@ -2149,10 +2146,7 @@ static SSL_CIPHER ssl3_ciphers[] = { 256, 256, }, -#endif /* !defined(OPENSSL_NO_CHACHA) && - * !defined(OPENSSL_NO_POLY1305) */ -#ifndef OPENSSL_NO_CAMELLIA { 1, TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256, @@ -2601,7 +2595,6 @@ static SSL_CIPHER ssl3_ciphers[] = { 256, 256, }, -#endif /* OPENSSL_NO_CAMELLIA */ #ifndef OPENSSL_NO_GOST { @@ -2718,7 +2711,6 @@ static SSL_CIPHER ssl3_ciphers[] = { }, #endif /* OPENSSL_NO_GOST */ -#ifndef OPENSSL_NO_IDEA { 1, SSL3_TXT_RSA_IDEA_128_SHA, @@ -2735,9 +2727,7 @@ static SSL_CIPHER ssl3_ciphers[] = { 128, 128, }, -#endif -#ifndef OPENSSL_NO_SEED { 1, TLS1_TXT_RSA_WITH_SEED_SHA, @@ -2802,7 +2792,6 @@ static SSL_CIPHER ssl3_ciphers[] = { 128, 128, }, -#endif /* OPENSSL_NO_SEED */ #ifndef OPENSSL_NO_WEAK_SSL_CIPHERS { @@ -2967,7 +2956,6 @@ static SSL_CIPHER ssl3_ciphers[] = { }, #endif /* OPENSSL_NO_WEAK_SSL_CIPHERS */ -#ifndef OPENSSL_NO_ARIA { 1, TLS1_TXT_RSA_WITH_ARIA_128_GCM_SHA256, @@ -3224,7 +3212,6 @@ static SSL_CIPHER ssl3_ciphers[] = { 256, 256, }, -#endif /* OPENSSL_NO_ARIA */ }; /* @@ -4120,9 +4107,7 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, STACK_OF(SSL_CIPHER) *prio, *allow; int i, ii, ok, prefer_sha256 = 0; unsigned long alg_k = 0, alg_a = 0, mask_k = 0, mask_a = 0; -#ifndef OPENSSL_NO_CHACHA STACK_OF(SSL_CIPHER) *prio_chacha = NULL; -#endif /* Let's see which ciphers we can support */ @@ -4155,7 +4140,7 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, } else if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) { prio = srvr; allow = clnt; -#ifndef OPENSSL_NO_CHACHA + /* If ChaCha20 is at the top of the client preference list, and there are ChaCha20 ciphers in the server list, then temporarily prioritize all ChaCha20 ciphers in the servers list. */ @@ -4194,7 +4179,6 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, } } } -# endif } else { prio = clnt; allow = srvr; @@ -4308,9 +4292,9 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, break; } } -#ifndef OPENSSL_NO_CHACHA + sk_SSL_CIPHER_free(prio_chacha); -#endif + return ret; } diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index 43dcf2d6fe..d517799895 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -2215,8 +2215,6 @@ const char *OSSL_default_cipher_list(void) const char *OSSL_default_ciphersuites(void) { return "TLS_AES_256_GCM_SHA384:" -#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) "TLS_CHACHA20_POLY1305_SHA256:" -#endif "TLS_AES_128_GCM_SHA256"; } diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 67d148473e..531872bfb0 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -597,10 +597,8 @@ int tls1_setup_key_block(SSL *s) if (s->session->cipher->algorithm_enc == SSL_eNULL) s->s3.need_empty_fragments = 0; -#ifndef OPENSSL_NO_RC4 if (s->session->cipher->algorithm_enc == SSL_RC4) s->s3.need_empty_fragments = 0; -#endif } } diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 5101c7a4da..a7b5a6cc3f 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -981,14 +981,14 @@ static const uint16_t tls12_sigalgs[] = { TLSEXT_SIGALG_rsa_pkcs1_sha224, TLSEXT_SIGALG_rsa_pkcs1_sha1, -#ifndef OPENSSL_NO_DSA + TLSEXT_SIGALG_dsa_sha224, TLSEXT_SIGALG_dsa_sha1, TLSEXT_SIGALG_dsa_sha256, TLSEXT_SIGALG_dsa_sha384, TLSEXT_SIGALG_dsa_sha512, -#endif + #ifndef OPENSSL_NO_GOST TLSEXT_SIGALG_gostr34102012_256_intrinsic, TLSEXT_SIGALG_gostr34102012_512_intrinsic, @@ -1059,7 +1059,6 @@ static const SIGALG_LOOKUP sigalg_lookup_tbl[] = { {"rsa_pkcs1_sha1", TLSEXT_SIGALG_rsa_pkcs1_sha1, NID_sha1, SSL_MD_SHA1_IDX, EVP_PKEY_RSA, SSL_PKEY_RSA, NID_sha1WithRSAEncryption, NID_undef, 1}, -#ifndef OPENSSL_NO_DSA {NULL, TLSEXT_SIGALG_dsa_sha256, NID_sha256, SSL_MD_SHA256_IDX, EVP_PKEY_DSA, SSL_PKEY_DSA_SIGN, NID_dsa_with_SHA256, NID_undef, 1}, @@ -1075,7 +1074,6 @@ static const SIGALG_LOOKUP sigalg_lookup_tbl[] = { {NULL, TLSEXT_SIGALG_dsa_sha1, NID_sha1, SSL_MD_SHA1_IDX, EVP_PKEY_DSA, SSL_PKEY_DSA_SIGN, NID_dsaWithSHA1, NID_undef, 1}, -#endif #ifndef OPENSSL_NO_GOST {NULL, TLSEXT_SIGALG_gostr34102012_256_intrinsic, NID_id_GostR3411_2012_256, SSL_MD_GOST12_256_IDX, |