diff options
| author | Rich Salz <rsalz@openssl.org> | 2015-01-27 12:34:45 -0500 |
|---|---|---|
| committer | Rich Salz <rsalz@openssl.org> | 2015-01-27 12:34:45 -0500 |
| commit | 474e469bbd056aebcf7e7d3207ef820f2faed4ce (patch) | |
| tree | 435a3d3feb5795d101fe89055e2b86b75c94476a /ssl/t1_lib.c | |
| parent | c73ad690174171b63a53dabdb2f2d9ebfd30053a (diff) | |
| download | openssl-474e469bbd056aebcf7e7d3207ef820f2faed4ce.tar.gz | |
OPENSSL_NO_xxx cleanup: SHA
Remove support for SHA0 and DSS0 (they were broken), and remove
the ability to attempt to build without SHA (it didn't work).
For simplicity, remove the option of not building various SHA algorithms;
you could argue that SHA_224/256/384/512 should be kept, since they're
like crypto algorithms, but I decided to go the other way.
So these options are gone:
GENUINE_DSA OPENSSL_NO_SHA0
OPENSSL_NO_SHA OPENSSL_NO_SHA1
OPENSSL_NO_SHA224 OPENSSL_NO_SHA256
OPENSSL_NO_SHA384 OPENSSL_NO_SHA512
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'ssl/t1_lib.c')
| -rw-r--r-- | ssl/t1_lib.c | 22 |
1 files changed, 1 insertions, 21 deletions
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 115aab5596..6a1ed6a742 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -906,17 +906,11 @@ static int tls1_check_cert_param(SSL *s, X509 *x, int set_ee_md) tlsext_sigalg_ecdsa(md) static const unsigned char tls12_sigalgs[] = { -# ifndef OPENSSL_NO_SHA512 tlsext_sigalg(TLSEXT_hash_sha512) tlsext_sigalg(TLSEXT_hash_sha384) -# endif -# ifndef OPENSSL_NO_SHA256 tlsext_sigalg(TLSEXT_hash_sha256) tlsext_sigalg(TLSEXT_hash_sha224) -# endif -# ifndef OPENSSL_NO_SHA tlsext_sigalg(TLSEXT_hash_sha1) -# endif }; # ifndef OPENSSL_NO_ECDSA @@ -3318,7 +3312,7 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, if (memcmp(etick, tctx->tlsext_tick_key_name, 16)) return 2; HMAC_Init_ex(&hctx, tctx->tlsext_tick_hmac_key, 16, - tlsext_tick_md(), NULL); + EVP_sha256(), NULL); EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, tctx->tlsext_tick_aes_key, etick + 16); } @@ -3462,25 +3456,11 @@ static const tls12_hash_info tls12_md_info[] = { # else {NID_md5, 64, EVP_md5}, # endif -# ifdef OPENSSL_NO_SHA - {NID_sha1, 80, 0}, -# else {NID_sha1, 80, EVP_sha1}, -# endif -# ifdef OPENSSL_NO_SHA256 - {NID_sha224, 112, 0}, - {NID_sha256, 128, 0}, -# else {NID_sha224, 112, EVP_sha224}, {NID_sha256, 128, EVP_sha256}, -# endif -# ifdef OPENSSL_NO_SHA512 - {NID_sha384, 192, 0}, - {NID_sha512, 256, 0} -# else {NID_sha384, 192, EVP_sha384}, {NID_sha512, 256, EVP_sha512} -# endif }; static const tls12_hash_info *tls12_get_hash_info(unsigned char hash_alg) |