diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2015-09-19 22:03:15 +0100 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2015-09-20 12:50:55 +0100 |
commit | 37f3a3b3276bba468d26c968e5c676aaf57ffd82 (patch) | |
tree | fc2f33ddce05305177622b99f2cd8882e6315f12 | |
parent | 8f463dbddd67eb86b4fdf49893132fdcc6d219bc (diff) | |
download | openssl-37f3a3b3276bba468d26c968e5c676aaf57ffd82.tar.gz |
make no-dh work
Reviewed-by: Richard Levitte <levitte@openssl.org>
-rw-r--r-- | apps/s_cb.c | 3 | ||||
-rw-r--r-- | apps/s_server.c | 14 | ||||
-rw-r--r-- | crypto/bn/bn_dh.c | 2 | ||||
-rw-r--r-- | crypto/evp/pmeth_lib.c | 1 | ||||
-rw-r--r-- | test/recipes/80-test_cms.t | 4 |
5 files changed, 18 insertions, 6 deletions
diff --git a/apps/s_cb.c b/apps/s_cb.c index 0c1dfc57d7..f4559fa70f 100644 --- a/apps/s_cb.c +++ b/apps/s_cb.c @@ -1381,13 +1381,14 @@ static int security_callback_debug(SSL *s, SSL_CTX *ctx, } break; #endif - +#ifndef OPENSSL_NO_DH case SSL_SECOP_OTHER_DH: { DH *dh = other; BIO_printf(sdb->out, "%d", BN_num_bits(dh->p)); break; } +#endif case SSL_SECOP_OTHER_CERT: { if (cert_md) { diff --git a/apps/s_server.c b/apps/s_server.c index 9e4a18636d..8e15f5b63d 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -973,7 +973,10 @@ int s_server_main(int argc, char *argv[]) X509 *s_cert = NULL, *s_dcert = NULL; X509_VERIFY_PARAM *vpm = NULL; char *CApath = NULL, *CAfile = NULL, *chCApath = NULL, *chCAfile = NULL; - char *dhfile = NULL, *dpassarg = NULL, *dpass = NULL, *inrand = NULL; +#ifndef OPENSSL_NO_DH + char *dhfile = NULL; +#endif + char *dpassarg = NULL, *dpass = NULL, *inrand = NULL; char *passarg = NULL, *pass = NULL, *vfyCApath = NULL, *vfyCAfile = NULL; char *crl_file = NULL, *prog; #ifndef OPENSSL_NO_PSK @@ -986,7 +989,10 @@ int s_server_main(int argc, char *argv[]) int (*server_cb) (char *hostname, int s, int stype, unsigned char *context); int vpmtouched = 0, build_chain = 0, no_cache = 0, ext_cache = 0; - int no_tmp_rsa = 0, no_dhe = 0, no_ecdhe = 0, nocert = 0, ret = 1; +#ifndef OPENSSL_NO_DH + int no_dhe = 0; +#endif + int no_tmp_rsa = 0, no_ecdhe = 0, nocert = 0, ret = 1; int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM; int s_dcert_format = FORMAT_PEM, s_dkey_format = FORMAT_PEM; int rev = 0, naccept = -1, sdebug = 0, socket_type = SOCK_STREAM; @@ -1119,7 +1125,9 @@ int s_server_main(int argc, char *argv[]) s_chain_file = opt_arg(); break; case OPT_DHPARAM: +#ifndef OPENSSL_NO_DH dhfile = opt_arg(); +#endif break; case OPT_DCERTFORM: if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &s_dcert_format)) @@ -1272,7 +1280,9 @@ int s_server_main(int argc, char *argv[]) no_tmp_rsa = 1; break; case OPT_NO_DHE: +#ifndef OPENSSL_NO_DH no_dhe = 1; +#endif break; case OPT_NO_ECDHE: no_ecdhe = 1; diff --git a/crypto/bn/bn_dh.c b/crypto/bn/bn_dh.c index 3a7282f740..34f9fb0af8 100644 --- a/crypto/bn/bn_dh.c +++ b/crypto/bn/bn_dh.c @@ -56,11 +56,11 @@ * */ -#include <openssl/dh.h> #include "bn_lcl.h" #include "e_os.h" #ifndef OPENSSL_NO_DH +#include <openssl/dh.h> /* DH parameters from RFC5114 */ # if BN_BITS2 == 64 diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index 72a8c1a453..ae730e5354 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -61,7 +61,6 @@ #include <stdlib.h> #include "internal/cryptlib.h" #include <openssl/cmac.h> -#include <openssl/dh.h> #include <openssl/dsa.h> #include <openssl/evp.h> #include <openssl/hmac.h> diff --git a/test/recipes/80-test_cms.t b/test/recipes/80-test_cms.t index 079a4b2e55..5445311e66 100644 --- a/test/recipes/80-test_cms.t +++ b/test/recipes/80-test_cms.t @@ -13,7 +13,7 @@ setup("test_cms"); my $smdir = top_dir("test", "smime-certs"); my $smcont = top_file("test", "smcont.txt"); -my ($no_ec, $no_ec2m, $no_zlib) = disabled qw/ec ec2m zlib/; +my ($no_dh, $no_ec, $no_ec2m, $no_zlib) = disabled qw/dh ec ec2m zlib/; plan tests => 4; @@ -470,5 +470,7 @@ sub check_availability { if ($no_ec && $tnam =~ /ECDH/); return "$tnam: skipped, EC2M disabled\n" if ($no_ec2m && $tnam =~ /K-283/); + return "$tnam: skipped, DH disabled\n" + if ($no_dh && $tnam =~ /X9\.42/); return ""; } |