From 3eeaab4bed46e3320947d0f609b82007b65b5a46 Mon Sep 17 00:00:00 2001 From: Nils Larsch Date: Sat, 16 Jul 2005 12:37:36 +0000 Subject: [PATCH] make ./configure no-deprecated [no-dsa] [no-dh] [no-ec] [no-rsa] make depend all test work again PR: 1159 --- apps/apps.c | 2 ++ apps/dh.c | 1 + apps/dhparam.c | 1 + apps/dsa.c | 1 + apps/dsaparam.c | 1 + apps/gendh.c | 1 + apps/gendsa.c | 1 + apps/genrsa.c | 1 + apps/prime.c | 2 +- apps/req.c | 9 +++++++++ apps/rsa.c | 1 + apps/rsautl.c | 1 + apps/s_server.c | 8 ++++++++ apps/speed.c | 16 +++++++++++++++- apps/x509.c | 4 ++++ crypto/asn1/t_pkey.c | 4 ++++ crypto/asn1/t_req.c | 4 ++++ crypto/asn1/t_spki.c | 4 ++++ crypto/asn1/x_pubkey.c | 4 ++++ crypto/dsa/dsa_lib.c | 2 ++ crypto/dsa/dsatest.c | 1 + crypto/ecdh/ecdhtest.c | 3 ++- crypto/ecdsa/ecdsatest.c | 7 +------ crypto/engine/Makefile | 3 ++- crypto/engine/eng_openssl.c | 6 ++++++ crypto/engine/eng_padlock.c | 1 + crypto/engine/engine.h | 17 ----------------- crypto/evp/evp_pkey.c | 4 ++++ crypto/evp/m_dss.c | 3 +++ crypto/evp/m_dss1.c | 2 ++ crypto/evp/m_md2.c | 2 ++ crypto/evp/m_md4.c | 2 ++ crypto/evp/m_md5.c | 2 ++ crypto/evp/m_ripemd.c | 2 ++ crypto/evp/m_sha.c | 2 ++ crypto/evp/m_sha1.c | 2 ++ crypto/evp/p_lib.c | 6 ++++++ crypto/pem/pem_all.c | 6 ++++++ crypto/pem/pem_info.c | 4 ++++ crypto/pem/pem_seal.c | 1 + crypto/x509/x_all.c | 4 ++++ engines/e_4758cca.c | 19 ++++++++++++++++++- engines/e_aep.c | 14 ++++++++++++++ engines/e_atalla.c | 10 +++++++++- engines/e_chil.c | 15 +++++++++++++-- engines/e_cswift.c | 18 ++++++++++++++++-- engines/e_nuron.c | 8 ++++++++ engines/e_sureware.c | 8 ++++++++ engines/e_ubsec.c | 6 ++++++ ssl/Makefile | 10 ++++++---- ssl/d1_clnt.c | 4 ++++ ssl/d1_srvr.c | 4 ++++ ssl/s3_clnt.c | 8 ++++++-- ssl/s3_lib.c | 2 ++ ssl/s3_srvr.c | 6 +++++- ssl/ssl_cert.c | 2 ++ ssl/ssl_lib.c | 7 ++++++- ssl/ssl_locl.h | 4 ++++ ssl/ssltest.c | 8 ++++++++ test/Makefile | 15 +++++---------- test/treq | 2 +- 61 files changed, 266 insertions(+), 52 deletions(-) diff --git a/apps/apps.c b/apps/apps.c index 248c65adb3..613c3ba495 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -125,7 +125,9 @@ #ifndef OPENSSL_NO_ENGINE #include #endif +#ifndef OPENSSL_NO_RSA #include +#endif #include #define NON_MAIN diff --git a/apps/dh.c b/apps/dh.c index cd01fed139..c4d891e125 100644 --- a/apps/dh.c +++ b/apps/dh.c @@ -57,6 +57,7 @@ * [including the GNU Public Licence.] */ +#include /* for OPENSSL_NO_DH */ #ifndef OPENSSL_NO_DH #include #include diff --git a/apps/dhparam.c b/apps/dhparam.c index e3cabcfcdc..04bd57c6e8 100644 --- a/apps/dhparam.c +++ b/apps/dhparam.c @@ -109,6 +109,7 @@ * */ +#include /* for OPENSSL_NO_DH */ #ifndef OPENSSL_NO_DH #include #include diff --git a/apps/dsa.c b/apps/dsa.c index b6f0ed3d02..a5ec5d7e6c 100644 --- a/apps/dsa.c +++ b/apps/dsa.c @@ -56,6 +56,7 @@ * [including the GNU Public Licence.] */ +#include /* for OPENSSL_NO_DSA */ #ifndef OPENSSL_NO_DSA #include #include diff --git a/apps/dsaparam.c b/apps/dsaparam.c index 14e79f9a21..c301e81af1 100644 --- a/apps/dsaparam.c +++ b/apps/dsaparam.c @@ -56,6 +56,7 @@ * [including the GNU Public Licence.] */ +#include /* for OPENSSL_NO_DSA */ /* Until the key-gen callbacks are modified to use newer prototypes, we allow * deprecated functions for openssl-internal code */ #ifdef OPENSSL_NO_DEPRECATED diff --git a/apps/gendh.c b/apps/gendh.c index 69baa50b01..47497864b0 100644 --- a/apps/gendh.c +++ b/apps/gendh.c @@ -57,6 +57,7 @@ * [including the GNU Public Licence.] */ +#include /* Until the key-gen callbacks are modified to use newer prototypes, we allow * deprecated functions for openssl-internal code */ #ifdef OPENSSL_NO_DEPRECATED diff --git a/apps/gendsa.c b/apps/gendsa.c index 6d2ed06c81..828e27f1c0 100644 --- a/apps/gendsa.c +++ b/apps/gendsa.c @@ -56,6 +56,7 @@ * [including the GNU Public Licence.] */ +#include /* for OPENSSL_NO_DSA */ #ifndef OPENSSL_NO_DSA #include #include diff --git a/apps/genrsa.c b/apps/genrsa.c index f0bb30c56b..4f62cfd04f 100644 --- a/apps/genrsa.c +++ b/apps/genrsa.c @@ -56,6 +56,7 @@ * [including the GNU Public Licence.] */ +#include /* Until the key-gen callbacks are modified to use newer prototypes, we allow * deprecated functions for openssl-internal code */ #ifdef OPENSSL_NO_DEPRECATED diff --git a/apps/prime.c b/apps/prime.c index 36bbe0841c..af2fed15af 100644 --- a/apps/prime.c +++ b/apps/prime.c @@ -115,7 +115,7 @@ int MAIN(int argc, char **argv) BN_print(bio_out,bn); BIO_printf(bio_out," is %sprime\n", - BN_is_prime(bn,checks,NULL,NULL,NULL) ? "" : "not "); + BN_is_prime_ex(bn,checks,NULL,NULL) ? "" : "not "); BN_free(bn); BIO_free_all(bio_out); diff --git a/apps/req.c b/apps/req.c index 511be7de74..f58e65ec85 100644 --- a/apps/req.c +++ b/apps/req.c @@ -79,6 +79,13 @@ #include #include #include +#include +#ifndef OPENSSL_NO_RSA +#include +#endif +#ifndef OPENSSL_NO_DSA +#include +#endif #define SECTION "req" @@ -724,7 +731,9 @@ bad: if (newreq && (pkey == NULL)) { +#ifndef OPENSSL_NO_RSA BN_GENCB cb; +#endif char *randfile = NCONF_get_string(req_conf,SECTION,"RANDFILE"); if (randfile == NULL) ERR_clear_error(); diff --git a/apps/rsa.c b/apps/rsa.c index ee65720530..d5cb7b7212 100644 --- a/apps/rsa.c +++ b/apps/rsa.c @@ -56,6 +56,7 @@ * [including the GNU Public Licence.] */ +#include #ifndef OPENSSL_NO_RSA #include #include diff --git a/apps/rsautl.c b/apps/rsautl.c index a629ff50ac..463890950e 100644 --- a/apps/rsautl.c +++ b/apps/rsautl.c @@ -56,6 +56,7 @@ * */ +#include #ifndef OPENSSL_NO_RSA #include "apps.h" diff --git a/apps/s_server.c b/apps/s_server.c index afc27e15c9..f83dd82343 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -153,6 +153,12 @@ typedef unsigned int u_int; #include #include #include +#ifndef OPENSSL_NO_DH +#include +#endif +#ifndef OPENSSL_NO_RSA +#include +#endif #include "s_apps.h" #include "timeouts.h" @@ -530,7 +536,9 @@ int MAIN(int argc, char *argv[]) char *CApath=NULL,*CAfile=NULL; unsigned char *context = NULL; char *dhfile = NULL; +#ifndef OPENSSL_NO_ECDH char *named_curve = NULL; +#endif int badop=0,bugs=0; int ret=1; int off=0; diff --git a/apps/speed.c b/apps/speed.c index 8f2aac5ccb..474f20c5a4 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -286,9 +286,17 @@ static double results[ALGOR_NUM][SIZE_NUM]; static int lengths[SIZE_NUM]={16,64,256,1024,8*1024}; static double rsa_results[RSA_NUM][2]; static double dsa_results[DSA_NUM][2]; +#ifndef OPENSSL_NO_ECDSA static double ecdsa_results[EC_NUM][2]; +#endif +#ifndef OPENSSL_NO_ECDH static double ecdh_results[EC_NUM][1]; +#endif +#if defined(OPENSSL_NO_DSA) && !(defined(OPENSSL_NO_ECDSA) && defined(OPENSSL_NO_ECDH)) +static const char rnd_seed[] = "string to make the random number generator think it has entropy"; +static int rnd_fake = 0; +#endif #ifdef SIGALRM #if defined(__STDC__) || defined(sgi) || defined(_AIX) @@ -448,6 +456,7 @@ static double Time_F(int s) #endif /* if defined(OPENSSL_SYS_NETWARE) */ +#ifndef OPENSSL_NO_ECDH static const int KDF1_SHA1_len = 20; static void *KDF1_SHA1(const void *in, size_t inlen, void *out, size_t *outlen) { @@ -459,8 +468,9 @@ static void *KDF1_SHA1(const void *in, size_t inlen, void *out, size_t *outlen) return SHA1(in, inlen, out); #else return NULL; -#endif +#endif /* OPENSSL_NO_SHA */ } +#endif /* OPENSSL_NO_ECDH */ int MAIN(int, char **); @@ -695,8 +705,12 @@ int MAIN(int argc, char **argv) int rsa_doit[RSA_NUM]; int dsa_doit[DSA_NUM]; +#ifndef OPENSSL_NO_ECDSA int ecdsa_doit[EC_NUM]; +#endif +#ifndef OPENSSL_NO_ECDH int ecdh_doit[EC_NUM]; +#endif int doit[ALGOR_NUM]; int pr_header=0; const EVP_CIPHER *evp_cipher=NULL; diff --git a/apps/x509.c b/apps/x509.c index 393d0d1f47..5f61eb5c46 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -73,8 +73,12 @@ #include #include #include +#ifndef OPENSSL_NO_RSA #include +#endif +#ifndef OPENSSL_NO_DSA #include +#endif #undef PROG #define PROG x509_main diff --git a/crypto/asn1/t_pkey.c b/crypto/asn1/t_pkey.c index 7dd4ae3787..939979f77d 100644 --- a/crypto/asn1/t_pkey.c +++ b/crypto/asn1/t_pkey.c @@ -81,8 +81,10 @@ static int print(BIO *fp,const char *str, const BIGNUM *num, unsigned char *buf,int off); +#ifndef OPENSSL_NO_EC static int print_bin(BIO *fp, const char *str, const unsigned char *num, size_t len, int off); +#endif #ifndef OPENSSL_NO_RSA #ifndef OPENSSL_NO_FP_API int RSA_print_fp(FILE *fp, const RSA *x, int off) @@ -601,6 +603,7 @@ static int print(BIO *bp, const char *number, const BIGNUM *num, unsigned char * return(1); } +#ifndef OPENSSL_NO_EC static int print_bin(BIO *fp, const char *name, const unsigned char *buf, size_t len, int off) { @@ -638,6 +641,7 @@ static int print_bin(BIO *fp, const char *name, const unsigned char *buf, return 1; } +#endif #ifndef OPENSSL_NO_DH #ifndef OPENSSL_NO_FP_API diff --git a/crypto/asn1/t_req.c b/crypto/asn1/t_req.c index 204ca105e3..c779a9bb18 100644 --- a/crypto/asn1/t_req.c +++ b/crypto/asn1/t_req.c @@ -63,8 +63,12 @@ #include #include #include +#ifndef OPENSSL_NO_RSA #include +#endif +#ifndef OPENSSL_NO_DSA #include +#endif #ifndef OPENSSL_NO_FP_API int X509_REQ_print_fp(FILE *fp, X509_REQ *x) diff --git a/crypto/asn1/t_spki.c b/crypto/asn1/t_spki.c index 23ab3b94e0..c2a5797dd8 100644 --- a/crypto/asn1/t_spki.c +++ b/crypto/asn1/t_spki.c @@ -60,8 +60,12 @@ #include "cryptlib.h" #include #include +#ifndef OPENSSL_NO_RSA #include +#endif +#ifndef OPENSSL_NO_DSA #include +#endif #include /* Print out an SPKI */ diff --git a/crypto/asn1/x_pubkey.c b/crypto/asn1/x_pubkey.c index 50faa4af20..91c2756116 100644 --- a/crypto/asn1/x_pubkey.c +++ b/crypto/asn1/x_pubkey.c @@ -60,8 +60,12 @@ #include "cryptlib.h" #include #include +#ifndef OPENSSL_NO_RSA #include +#endif +#ifndef OPENSSL_NO_DSA #include +#endif /* Minor tweak to operation: free up EVP_PKEY */ static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c index 3a78082c01..b9825791ba 100644 --- a/crypto/dsa/dsa_lib.c +++ b/crypto/dsa/dsa_lib.c @@ -66,7 +66,9 @@ #ifndef OPENSSL_NO_ENGINE #include #endif +#ifndef OPENSSL_NO_DH #include +#endif const char *DSA_version="DSA" OPENSSL_VERSION_PTEXT; diff --git a/crypto/dsa/dsatest.c b/crypto/dsa/dsatest.c index 66ff417398..912317bb44 100644 --- a/crypto/dsa/dsatest.c +++ b/crypto/dsa/dsatest.c @@ -74,6 +74,7 @@ #include #include #include +#include #ifdef OPENSSL_NO_DSA int main(int argc, char *argv[]) diff --git a/crypto/ecdh/ecdhtest.c b/crypto/ecdh/ecdhtest.c index c0414b92d3..01baa5f494 100644 --- a/crypto/ecdh/ecdhtest.c +++ b/crypto/ecdh/ecdhtest.c @@ -73,10 +73,10 @@ #include "../e_os.h" +#include /* for OPENSSL_NO_ECDH */ #include #include #include -#include #include #include #include @@ -89,6 +89,7 @@ int main(int argc, char *argv[]) return(0); } #else +#include #include #ifdef OPENSSL_SYS_WIN16 diff --git a/crypto/ecdsa/ecdsatest.c b/crypto/ecdsa/ecdsatest.c index a481575417..f7fba3b42d 100644 --- a/crypto/ecdsa/ecdsatest.c +++ b/crypto/ecdsa/ecdsatest.c @@ -69,12 +69,6 @@ * */ -/* Until the key-gen callbacks are modified to use newer prototypes, we allow - * deprecated functions for openssl-internal code */ -#ifdef OPENSSL_NO_DEPRECATED -#undef OPENSSL_NO_DEPRECATED -#endif - #include #include #include @@ -92,6 +86,7 @@ int main(int argc, char * argv[]) #include #include #include +#include #include #ifndef OPENSSL_NO_ENGINE #include diff --git a/crypto/engine/Makefile b/crypto/engine/Makefile index 7684406eb8..13f211a0ae 100644 --- a/crypto/engine/Makefile +++ b/crypto/engine/Makefile @@ -185,7 +185,8 @@ eng_openssl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_openssl.c eng_padlock.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h eng_padlock.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h eng_padlock.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -eng_padlock.o: ../../include/openssl/engine.h ../../include/openssl/evp.h +eng_padlock.o: ../../include/openssl/engine.h ../../include/openssl/err.h +eng_padlock.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h eng_padlock.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h eng_padlock.o: ../../include/openssl/opensslconf.h eng_padlock.o: ../../include/openssl/opensslv.h diff --git a/crypto/engine/eng_openssl.c b/crypto/engine/eng_openssl.c index dd16d3bc6a..5341daaf4e 100644 --- a/crypto/engine/eng_openssl.c +++ b/crypto/engine/eng_openssl.c @@ -70,9 +70,15 @@ #include #include #include +#ifndef OPENSSL_NO_RSA #include +#endif +#ifndef OPENSSL_NO_DSA #include +#endif +#ifndef OPENSSL_NO_DH #include +#endif /* This testing gunk is implemented (and explained) lower down. It also assumes * the application explicitly calls "ENGINE_load_openssl()" because this is no diff --git a/crypto/engine/eng_padlock.c b/crypto/engine/eng_padlock.c index cc9f9dc41e..4e1eae3172 100644 --- a/crypto/engine/eng_padlock.c +++ b/crypto/engine/eng_padlock.c @@ -75,6 +75,7 @@ #include #endif #include +#include #ifndef OPENSSL_NO_HW #ifndef OPENSSL_NO_HW_PADLOCK diff --git a/crypto/engine/engine.h b/crypto/engine/engine.h index 4ce8f4ce7b..c94fb28659 100644 --- a/crypto/engine/engine.h +++ b/crypto/engine/engine.h @@ -100,23 +100,6 @@ extern "C" { #endif -/* Fixups for missing algorithms */ -#ifdef OPENSSL_NO_RSA -typedef void RSA_METHOD; -#endif -#ifdef OPENSSL_NO_DSA -typedef void DSA_METHOD; -#endif -#ifdef OPENSSL_NO_DH -typedef void DH_METHOD; -#endif -#ifdef OPENSSL_NO_ECDH -typedef void ECDH_METHOD; -#endif -#ifdef OPENSSL_NO_ECDSA -typedef void ECDSA_METHOD; -#endif - /* These flags are used to control combinations of algorithm (methods) * by bitwise "OR"ing. */ #define ENGINE_METHOD_RSA (unsigned int)0x0001 diff --git a/crypto/evp/evp_pkey.c b/crypto/evp/evp_pkey.c index b71555e712..0147f3e02a 100644 --- a/crypto/evp/evp_pkey.c +++ b/crypto/evp/evp_pkey.c @@ -61,8 +61,12 @@ #include "cryptlib.h" #include #include +#ifndef OPENSSL_NO_RSA #include +#endif +#ifndef OPENSSL_NO_DSA #include +#endif #include #ifndef OPENSSL_NO_DSA diff --git a/crypto/evp/m_dss.c b/crypto/evp/m_dss.c index 020f19c44b..a948c77fa4 100644 --- a/crypto/evp/m_dss.c +++ b/crypto/evp/m_dss.c @@ -61,9 +61,12 @@ #include #include #include +#ifndef OPENSSL_NO_DSA #include +#endif #ifndef OPENSSL_NO_SHA + static int init(EVP_MD_CTX *ctx) { return SHA1_Init(ctx->md_data); } diff --git a/crypto/evp/m_dss1.c b/crypto/evp/m_dss1.c index a20056f04b..c12e13972b 100644 --- a/crypto/evp/m_dss1.c +++ b/crypto/evp/m_dss1.c @@ -64,7 +64,9 @@ #include #include #include +#ifndef OPENSSL_NO_DSA #include +#endif static int init(EVP_MD_CTX *ctx) { return SHA1_Init(ctx->md_data); } diff --git a/crypto/evp/m_md2.c b/crypto/evp/m_md2.c index 1eae4ed38c..5ce849f161 100644 --- a/crypto/evp/m_md2.c +++ b/crypto/evp/m_md2.c @@ -65,7 +65,9 @@ #include #include #include +#ifndef OPENSSL_NO_RSA #include +#endif static int init(EVP_MD_CTX *ctx) { return MD2_Init(ctx->md_data); } diff --git a/crypto/evp/m_md4.c b/crypto/evp/m_md4.c index 0fb84b6d1e..1e0b7c5b42 100644 --- a/crypto/evp/m_md4.c +++ b/crypto/evp/m_md4.c @@ -65,7 +65,9 @@ #include #include #include +#ifndef OPENSSL_NO_RSA #include +#endif static int init(EVP_MD_CTX *ctx) { return MD4_Init(ctx->md_data); } diff --git a/crypto/evp/m_md5.c b/crypto/evp/m_md5.c index 21288ee636..63c142119e 100644 --- a/crypto/evp/m_md5.c +++ b/crypto/evp/m_md5.c @@ -65,7 +65,9 @@ #include #include #include +#ifndef OPENSSL_NO_RSA #include +#endif static int init(EVP_MD_CTX *ctx) { return MD5_Init(ctx->md_data); } diff --git a/crypto/evp/m_ripemd.c b/crypto/evp/m_ripemd.c index 087ad2d30a..a1d60ee78d 100644 --- a/crypto/evp/m_ripemd.c +++ b/crypto/evp/m_ripemd.c @@ -65,7 +65,9 @@ #include #include #include +#ifndef OPENSSL_NO_RSA #include +#endif static int init(EVP_MD_CTX *ctx) { return RIPEMD160_Init(ctx->md_data); } diff --git a/crypto/evp/m_sha.c b/crypto/evp/m_sha.c index e995c122e4..acccc8f92d 100644 --- a/crypto/evp/m_sha.c +++ b/crypto/evp/m_sha.c @@ -64,7 +64,9 @@ #include #include #include +#ifndef OPENSSL_NO_RSA #include +#endif static int init(EVP_MD_CTX *ctx) { return SHA_Init(ctx->md_data); } diff --git a/crypto/evp/m_sha1.c b/crypto/evp/m_sha1.c index daf6db6ebe..4679b1c463 100644 --- a/crypto/evp/m_sha1.c +++ b/crypto/evp/m_sha1.c @@ -64,7 +64,9 @@ #include #include #include +#ifndef OPENSSL_NO_RSA #include +#endif static int init(EVP_MD_CTX *ctx) { return SHA1_Init(ctx->md_data); } diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index 04b57e8251..22155ecf62 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -64,9 +64,15 @@ #include #include #include +#ifndef OPENSSL_NO_RSA #include +#endif +#ifndef OPENSSL_NO_DSA #include +#endif +#ifndef OPENSSL_NO_DH #include +#endif static void EVP_PKEY_free_it(EVP_PKEY *x); diff --git a/crypto/pem/pem_all.c b/crypto/pem/pem_all.c index a9ac52de02..66cbc7eb82 100644 --- a/crypto/pem/pem_all.c +++ b/crypto/pem/pem_all.c @@ -117,9 +117,15 @@ #include #include #include +#ifndef OPENSSL_NO_RSA #include +#endif +#ifndef OPENSSL_NO_DSA #include +#endif +#ifndef OPENSSL_NO_DH #include +#endif #ifndef OPENSSL_NO_RSA static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa); diff --git a/crypto/pem/pem_info.c b/crypto/pem/pem_info.c index 489e71a892..1644dfcaac 100644 --- a/crypto/pem/pem_info.c +++ b/crypto/pem/pem_info.c @@ -63,8 +63,12 @@ #include #include #include +#ifndef OPENSSL_NO_RSA #include +#endif +#ifndef OPENSSL_NO_DSA #include +#endif #ifndef OPENSSL_NO_FP_API STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u) diff --git a/crypto/pem/pem_seal.c b/crypto/pem/pem_seal.c index 0458093353..4e554e5481 100644 --- a/crypto/pem/pem_seal.c +++ b/crypto/pem/pem_seal.c @@ -56,6 +56,7 @@ * [including the GNU Public Licence.] */ +#include /* for OPENSSL_NO_RSA */ #ifndef OPENSSL_NO_RSA #include #include "cryptlib.h" diff --git a/crypto/x509/x_all.c b/crypto/x509/x_all.c index 84ec5d5098..9039caad60 100644 --- a/crypto/x509/x_all.c +++ b/crypto/x509/x_all.c @@ -64,8 +64,12 @@ #include #include #include +#ifndef OPENSSL_NO_RSA #include +#endif +#ifndef OPENSSL_NO_DSA #include +#endif int X509_verify(X509 *a, EVP_PKEY *r) { diff --git a/engines/e_4758cca.c b/engines/e_4758cca.c index 7d850a854b..0f1dae7567 100644 --- a/engines/e_4758cca.c +++ b/engines/e_4758cca.c @@ -61,7 +61,9 @@ #include #include #include +#ifndef OPENSSL_NO_RSA #include +#endif #include #ifndef OPENSSL_NO_HW @@ -109,8 +111,10 @@ static int getModulusAndExponent(const unsigned char *token, long *exponentLengt static int cca_get_random_bytes(unsigned char*, int ); static int cca_random_status(void); +#ifndef OPENSSL_NO_RSA static void cca_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, int idx,long argl, void *argp); +#endif /* Function pointers for CCA verbs */ /*---------------------------------*/ @@ -154,7 +158,9 @@ static const char* n_pkaDecrypt = CSNDPKD; #endif static const char* n_randomNumberGenerate = CSNBRNG; +#ifndef OPENSSL_NO_RSA static int hndidx = -1; +#endif static DSO *dso = NULL; /* openssl engine initialization structures */ @@ -221,8 +227,10 @@ static int bind_helper(ENGINE *e) !ENGINE_set_init_function(e, ibm_4758_cca_init) || !ENGINE_set_finish_function(e, ibm_4758_cca_finish) || !ENGINE_set_ctrl_function(e, ibm_4758_cca_ctrl) || +#ifndef OPENSSL_NO_RSA !ENGINE_set_load_privkey_function(e, ibm_4758_load_privkey) || !ENGINE_set_load_pubkey_function(e, ibm_4758_load_pubkey) || +#endif !ENGINE_set_cmd_defns(e, cca4758_cmd_defns)) return 0; /* Ensure the error handling is set up */ @@ -304,8 +312,10 @@ static int ibm_4758_cca_init(ENGINE *e) } #endif +#ifndef OPENSSL_NO_RSA hndidx = RSA_get_ex_new_index(0, "IBM 4758 CCA RSA key handle", NULL, NULL, cca_ex_free); +#endif return 1; err: @@ -313,13 +323,15 @@ err: DSO_free(dso); dso = NULL; +#ifndef OPENSSL_NO_RSA keyRecordRead = (F_KEYRECORDREAD)0; - randomNumberGenerate = (F_RANDOMNUMBERGENERATE)0; digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE)0; digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY)0; publicKeyExtract = (F_PUBLICKEYEXTRACT)0; pkaEncrypt = (F_PKAENCRYPT)0; pkaDecrypt = (F_PKADECRYPT)0; +#endif + randomNumberGenerate = (F_RANDOMNUMBERGENERATE)0; return 0; } @@ -339,6 +351,7 @@ static int ibm_4758_cca_finish(ENGINE *e) return 0; } dso = NULL; +#ifndef OPENSSL_NO_RSA keyRecordRead = (F_KEYRECORDREAD)0; randomNumberGenerate = (F_RANDOMNUMBERGENERATE)0; digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE)0; @@ -346,6 +359,8 @@ static int ibm_4758_cca_finish(ENGINE *e) publicKeyExtract = (F_PUBLICKEYEXTRACT)0; pkaEncrypt = (F_PKAENCRYPT)0; pkaDecrypt = (F_PKADECRYPT)0; +#endif + randomNumberGenerate = (F_RANDOMNUMBERGENERATE)0; return 1; } @@ -951,12 +966,14 @@ static int cca_get_random_bytes(unsigned char* buf, int num) return 1; } +#ifndef OPENSSL_NO_RSA static void cca_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, int idx, long argl, void *argp) { if (item) OPENSSL_free(item); } +#endif /* Goo to handle building as a dynamic engine */ #ifndef OPENSSL_NO_DYNAMIC_ENGINE diff --git a/engines/e_aep.c b/engines/e_aep.c index c175a186e9..7307ddfafb 100644 --- a/engines/e_aep.c +++ b/engines/e_aep.c @@ -69,9 +69,15 @@ typedef int pid_t; #include #include #include +#ifndef OPENSSL_NO_RSA #include +#endif +#ifndef OPENSSL_NO_DSA #include +#endif +#ifndef OPENSSL_NO_DH #include +#endif #include #ifndef OPENSSL_NO_HW @@ -98,12 +104,14 @@ static AEP_RV aep_close_connection(AEP_CONNECTION_HNDL hConnection); static AEP_RV aep_close_all_connections(int use_engine_lock, int *in_use); /* BIGNUM stuff */ +#ifndef OPENSSL_NO_RSA static int aep_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx); static AEP_RV aep_mod_exp_crt(BIGNUM *r,const BIGNUM *a, const BIGNUM *p, const BIGNUM *q, const BIGNUM *dmp1,const BIGNUM *dmq1, const BIGNUM *iqmp, BN_CTX *ctx); +#endif /* RSA stuff */ #ifndef OPENSSL_NO_RSA @@ -111,8 +119,10 @@ static int aep_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx); #endif /* This function is aliased to mod_exp (with the mont stuff dropped). */ +#ifndef OPENSSL_NO_RSA static int aep_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); +#endif /* DSA stuff */ #ifndef OPENSSL_NO_DSA @@ -630,6 +640,7 @@ static int aep_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, return to_return; } +#ifndef OPENSSL_NO_RSA static AEP_RV aep_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1,const BIGNUM *iqmp, BN_CTX *ctx) @@ -666,6 +677,7 @@ static AEP_RV aep_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, err: return rv; } +#endif #ifdef AEPRAND @@ -821,12 +833,14 @@ static int aep_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, } #endif +#ifndef OPENSSL_NO_RSA /* This function is aliased to mod_exp (with the mont stuff dropped). */ static int aep_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { return aep_mod_exp(r, a, p, m, ctx); } +#endif #ifndef OPENSSL_NO_DH /* This function is aliased to mod_exp (with the dh and mont dropped). */ diff --git a/engines/e_atalla.c b/engines/e_atalla.c index 8e11048d05..fabaa86a52 100644 --- a/engines/e_atalla.c +++ b/engines/e_atalla.c @@ -62,9 +62,15 @@ #include #include #include +#ifndef OPENSSL_NO_RSA #include +#endif +#ifndef OPENSSL_NO_DSA #include +#endif +#ifndef OPENSSL_NO_DH #include +#endif #include #ifndef OPENSSL_NO_HW @@ -91,10 +97,10 @@ static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, #ifndef OPENSSL_NO_RSA /* RSA stuff */ static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx); -#endif /* This function is aliased to mod_exp (with the mont stuff dropped). */ static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); +#endif #ifndef OPENSSL_NO_DSA /* DSA stuff */ @@ -563,12 +569,14 @@ static int atalla_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, } #endif +#ifndef OPENSSL_NO_RSA /* This function is aliased to mod_exp (with the mont stuff dropped). */ static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { return atalla_mod_exp(r, a, p, m, ctx); } +#endif #ifndef OPENSSL_NO_DH /* This function is aliased to mod_exp (with the dh and mont dropped). */ diff --git a/engines/e_chil.c b/engines/e_chil.c index 4c22bc9cd1..3d75681396 100644 --- a/engines/e_chil.c +++ b/engines/e_chil.c @@ -65,8 +65,12 @@ #include #include #include +#ifndef OPENSSL_NO_RSA #include +#endif +#ifndef OPENSSL_NO_DH #include +#endif #include #ifndef OPENSSL_NO_HW @@ -108,9 +112,11 @@ static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, /* RSA stuff */ static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa, BN_CTX *ctx); #endif +#ifndef OPENSSL_NO_RSA /* This function is aliased to mod_exp (with the mont stuff dropped). */ static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); +#endif #ifndef OPENSSL_NO_DH /* DH stuff */ @@ -129,8 +135,10 @@ static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id, UI_METHOD *ui_method, void *callback_data); static EVP_PKEY *hwcrhk_load_pubkey(ENGINE *eng, const char *key_id, UI_METHOD *ui_method, void *callback_data); +#ifndef OPENSSL_NO_RSA static void hwcrhk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, int ind,long argl, void *argp); +#endif /* Interaction stuff */ static int hwcrhk_insert_card(const char *prompt_info, @@ -762,8 +770,8 @@ static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id, #if !defined(OPENSSL_NO_RSA) char tempbuf[1024]; HWCryptoHook_ErrMsgBuf rmsg; -#endif HWCryptoHook_PassphraseContext ppctx; +#endif #if !defined(OPENSSL_NO_RSA) rmsg.buf = tempbuf; @@ -1071,12 +1079,14 @@ err: } #endif +#ifndef OPENSSL_NO_RSA /* This function is aliased to mod_exp (with the mont stuff dropped). */ static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { return hwcrhk_mod_exp(r, a, p, m, ctx); } +#endif #ifndef OPENSSL_NO_DH /* This function is aliased to mod_exp (with the dh and mont dropped). */ @@ -1135,7 +1145,7 @@ static int hwcrhk_rand_status(void) } /* This cleans up an RSA KM key, called when ex_data is freed */ - +#ifndef OPENSSL_NO_RSA static void hwcrhk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, int ind,long argl, void *argp) { @@ -1160,6 +1170,7 @@ static void hwcrhk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, } #endif } +#endif /* Mutex calls: since the HWCryptoHook model closely follows the POSIX model * these just wrap the POSIX functions and add some logging. diff --git a/engines/e_cswift.c b/engines/e_cswift.c index 56a1967496..2017e48c0e 100644 --- a/engines/e_cswift.c +++ b/engines/e_cswift.c @@ -62,9 +62,15 @@ #include #include #include +#ifndef OPENSSL_NO_RSA #include +#endif +#ifndef OPENSSL_NO_DSA #include +#endif +#ifndef OPENSSL_NO_DH #include +#endif #include #include @@ -98,22 +104,26 @@ static int cswift_destroy(ENGINE *e); static int cswift_init(ENGINE *e); static int cswift_finish(ENGINE *e); static int cswift_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)); +#ifndef OPENSSL_NO_RSA static int cswift_bn_32copy(SW_LARGENUMBER * out, const BIGNUM * in); +#endif /* BIGNUM stuff */ static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx); +#ifndef OPENSSL_NO_RSA static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1, const BIGNUM *iqmp, BN_CTX *ctx); +#endif #ifndef OPENSSL_NO_RSA /* RSA stuff */ static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx); -#endif /* This function is aliased to mod_exp (with the mont stuff dropped). */ static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); +#endif #ifndef OPENSSL_NO_DSA /* DSA stuff */ @@ -570,6 +580,7 @@ err: } +#ifndef OPENSSL_NO_RSA int cswift_bn_32copy(SW_LARGENUMBER * out, const BIGNUM * in) { int mod; @@ -591,7 +602,9 @@ int cswift_bn_32copy(SW_LARGENUMBER * out, const BIGNUM * in) return 1; } +#endif +#ifndef OPENSSL_NO_RSA /* Un petit mod_exp chinois */ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *q, const BIGNUM *dmp1, @@ -723,6 +736,7 @@ err: release_context(hac); return to_return; } +#endif #ifndef OPENSSL_NO_RSA static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) @@ -760,7 +774,6 @@ static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx err: return to_return; } -#endif /* This function is aliased to mod_exp (with the mont stuff dropped). */ static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, @@ -788,6 +801,7 @@ static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, return cswift_mod_exp(r, a, p, m, ctx); } +#endif /* OPENSSL_NO_RSA */ #ifndef OPENSSL_NO_DSA static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa) diff --git a/engines/e_nuron.c b/engines/e_nuron.c index f6875d1fa8..4c2537cbc3 100644 --- a/engines/e_nuron.c +++ b/engines/e_nuron.c @@ -62,9 +62,15 @@ #include #include #include +#ifndef OPENSSL_NO_RSA #include +#endif +#ifndef OPENSSL_NO_DSA #include +#endif +#ifndef OPENSSL_NO_DH #include +#endif #include #ifndef OPENSSL_NO_HW @@ -242,11 +248,13 @@ static int nuron_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, #endif /* This function is aliased to mod_exp (with the mont stuff dropped). */ +#ifndef OPENSSL_NO_RSA static int nuron_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { return nuron_mod_exp(r, a, p, m, ctx); } +#endif #ifndef OPENSSL_NO_DH /* This function is aliased to mod_exp (with the dh and mont dropped). */ diff --git a/engines/e_sureware.c b/engines/e_sureware.c index 66ffaf24bb..424b82fd98 100644 --- a/engines/e_sureware.c +++ b/engines/e_sureware.c @@ -57,9 +57,15 @@ #include #include #include +#ifndef OPENSSL_NO_RSA #include +#endif +#ifndef OPENSSL_NO_DSA #include +#endif +#ifndef OPENSSL_NO_DH #include +#endif #include #ifndef OPENSSL_NO_HW @@ -82,10 +88,12 @@ static int surewarehk_modexp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx); /* RSA stuff */ +#ifndef OPENSSL_NO_RSA static int surewarehk_rsa_priv_dec(int flen,const unsigned char *from,unsigned char *to, RSA *rsa,int padding); static int surewarehk_rsa_sign(int flen,const unsigned char *from,unsigned char *to, RSA *rsa,int padding); +#endif /* RAND stuff */ static int surewarehk_rand_bytes(unsigned char *buf, int num); diff --git a/engines/e_ubsec.c b/engines/e_ubsec.c index f0e4f736ad..8b6c98bafa 100644 --- a/engines/e_ubsec.c +++ b/engines/e_ubsec.c @@ -64,9 +64,15 @@ #include #include #include +#ifndef OPENSSL_NO_RSA #include +#endif +#ifndef OPENSSL_NO_DSA #include +#endif +#ifndef OPENSSL_NO_DH #include +#endif #include #ifndef OPENSSL_NO_HW diff --git a/ssl/Makefile b/ssl/Makefile index 49b7ca4807..f4a34a5898 100644 --- a/ssl/Makefile +++ b/ssl/Makefile @@ -142,8 +142,9 @@ d1_both.o: ../include/openssl/stack.h ../include/openssl/symhacks.h d1_both.o: ../include/openssl/tls1.h ../include/openssl/x509.h d1_both.o: ../include/openssl/x509_vfy.h d1_both.c ssl_locl.h d1_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -d1_clnt.o: ../include/openssl/buffer.h ../include/openssl/comp.h -d1_clnt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h +d1_clnt.o: ../include/openssl/bn.h ../include/openssl/buffer.h +d1_clnt.o: ../include/openssl/comp.h ../include/openssl/crypto.h +d1_clnt.o: ../include/openssl/dh.h ../include/openssl/dsa.h d1_clnt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h d1_clnt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h d1_clnt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h @@ -239,8 +240,9 @@ d1_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h d1_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_pkt.c d1_pkt.o: ssl_locl.h d1_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -d1_srvr.o: ../include/openssl/buffer.h ../include/openssl/comp.h -d1_srvr.o: ../include/openssl/crypto.h ../include/openssl/dsa.h +d1_srvr.o: ../include/openssl/bn.h ../include/openssl/buffer.h +d1_srvr.o: ../include/openssl/comp.h ../include/openssl/crypto.h +d1_srvr.o: ../include/openssl/dh.h ../include/openssl/dsa.h d1_srvr.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h d1_srvr.o: ../include/openssl/ec.h ../include/openssl/ecdh.h d1_srvr.o: ../include/openssl/ecdsa.h ../include/openssl/err.h diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c index bcf5ebbd3e..c0247faa98 100644 --- a/ssl/d1_clnt.c +++ b/ssl/d1_clnt.c @@ -120,6 +120,10 @@ #include #include #include +#include +#ifndef OPENSSL_NO_DH +#include +#endif static SSL_METHOD *dtls1_get_client_method(int ver); static int dtls1_get_hello_verify(SSL *s); diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c index 6d07dd4792..2d41b38ca6 100644 --- a/ssl/d1_srvr.c +++ b/ssl/d1_srvr.c @@ -121,6 +121,10 @@ #include #include #include +#include +#ifndef OPENSSL_NO_DH +#include +#endif static SSL_METHOD *dtls1_get_server_method(int ver); static int dtls1_send_hello_verify_request(SSL *s); diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index d4f7cec712..4f67cda042 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -130,7 +130,9 @@ #include #include #include +#ifndef OPENSSL_NO_DH #include +#endif #include static SSL_METHOD *ssl3_get_client_method(int ver); @@ -1608,6 +1610,7 @@ int ssl3_get_server_done(SSL *s) } +#ifndef OPENSSL_NO_ECDH static const int KDF1_SHA1_len = 20; static void *KDF1_SHA1(const void *in, size_t inlen, void *out, size_t *outlen) { @@ -1619,8 +1622,9 @@ static void *KDF1_SHA1(const void *in, size_t inlen, void *out, size_t *outlen) return SHA1(in, inlen, out); #else return NULL; -#endif +#endif /* OPENSSL_NO_SHA */ } +#endif /* OPENSSL_NO_ECDH */ int ssl3_send_client_key_exchange(SSL *s) { @@ -2132,7 +2136,7 @@ int ssl3_send_client_verify(SSL *s) unsigned u=0; #endif unsigned long n; -#ifndef OPENSSL_NO_DSA +#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA) int j; #endif diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 3f2c004791..d9d6ddbbe3 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -127,7 +127,9 @@ #include "ssl_locl.h" #include "kssl_lcl.h" #include +#ifndef OPENSSL_NO_DH #include +#endif const char *ssl3_version_str="SSLv3" OPENSSL_VERSION_PTEXT; diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index 4b1931a71f..cd10334b90 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -133,7 +133,9 @@ #include #include #include +#ifndef OPENSSL_NO_DH #include +#endif #include #ifndef OPENSSL_NO_KRB5 #include @@ -1642,6 +1644,7 @@ err: } +#ifndef OPENSSL_NO_ECDH static const int KDF1_SHA1_len = 20; static void *KDF1_SHA1(const void *in, size_t inlen, void *out, size_t *outlen) { @@ -1653,8 +1656,9 @@ static void *KDF1_SHA1(const void *in, size_t inlen, void *out, size_t *outlen) return SHA1(in, inlen, out); #else return NULL; -#endif +#endif /* OPENSSL_NO_SHA */ } +#endif /* OPENSSL_NO_ECDH */ int ssl3_get_client_key_exchange(SSL *s) { diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index 0c9bd07378..997528e97d 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -121,7 +121,9 @@ #include #include #include +#ifndef OPENSSL_NO_DH #include +#endif #include #include "ssl_locl.h" diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 383ba33298..f8c8e1d8ac 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -125,7 +125,9 @@ #include #include #include +#ifndef OPENSSL_NO_DH #include +#endif const char *SSL_version_str=OPENSSL_VERSION_TEXT; @@ -1551,7 +1553,10 @@ void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher) int rsa_enc_export,dh_rsa_export,dh_dsa_export; int rsa_tmp_export,dh_tmp_export,kl; unsigned long mask,emask; - int have_ecc_cert, have_ecdh_tmp, ecdh_ok, ecdsa_ok, ecc_pkey_size; + int have_ecc_cert, ecdh_ok, ecdsa_ok, ecc_pkey_size; +#ifndef OPENSSL_NO_ECDH + int have_ecdh_tmp; +#endif X509 *x = NULL; EVP_PKEY *ecc_pkey = NULL; int signature_nid = 0; diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index 8cbe26c01e..f61b1cd7e5 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -127,8 +127,12 @@ #include #include #include +#ifndef OPENSSL_NO_RSA #include +#endif +#ifndef OPENSSL_NO_DSA #include +#endif #include #include #include diff --git a/ssl/ssltest.c b/ssl/ssltest.c index ef09a699b7..6949f9696b 100644 --- a/ssl/ssltest.c +++ b/ssl/ssltest.c @@ -143,9 +143,15 @@ #endif #include #include +#ifndef OPENSSL_NO_RSA #include +#endif +#ifndef OPENSSL_NO_DSA #include +#endif +#ifndef OPENSSL_NO_DH #include +#endif #include #define _XOPEN_SOURCE_EXTENDED 1 /* Or gethostname won't be declared properly @@ -390,7 +396,9 @@ int main(int argc, char *argv[]) char *server_key=NULL; char *client_cert=TEST_CLIENT_CERT; char *client_key=NULL; +#ifndef OPENSSL_NO_ECDH char *named_curve = NULL; +#endif SSL_CTX *s_ctx=NULL; SSL_CTX *c_ctx=NULL; SSL_METHOD *meth=NULL; diff --git a/test/Makefile b/test/Makefile index 09f3787064..756f59d7c9 100644 --- a/test/Makefile +++ b/test/Makefile @@ -471,21 +471,16 @@ ecdhtest.o: ../include/openssl/rand.h ../include/openssl/safestack.h ecdhtest.o: ../include/openssl/sha.h ../include/openssl/stack.h ecdhtest.o: ../include/openssl/symhacks.h ecdhtest.c ecdsatest.o: ../include/openssl/asn1.h ../include/openssl/bio.h -ecdsatest.o: ../include/openssl/bn.h ../include/openssl/buffer.h -ecdsatest.o: ../include/openssl/crypto.h ../include/openssl/dh.h -ecdsatest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h -ecdsatest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +ecdsatest.o: ../include/openssl/bn.h ../include/openssl/crypto.h +ecdsatest.o: ../include/openssl/e_os2.h ../include/openssl/ec.h ecdsatest.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h ecdsatest.o: ../include/openssl/err.h ../include/openssl/evp.h ecdsatest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h ecdsatest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h ecdsatest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -ecdsatest.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -ecdsatest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -ecdsatest.o: ../include/openssl/sha.h ../include/openssl/stack.h -ecdsatest.o: ../include/openssl/store.h ../include/openssl/symhacks.h -ecdsatest.o: ../include/openssl/ui.h ../include/openssl/x509.h -ecdsatest.o: ../include/openssl/x509_vfy.h ecdsatest.c +ecdsatest.o: ../include/openssl/rand.h ../include/openssl/safestack.h +ecdsatest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +ecdsatest.o: ecdsatest.c ectest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h ectest.o: ../include/openssl/bn.h ../include/openssl/crypto.h ectest.o: ../include/openssl/e_os2.h ../include/openssl/ec.h diff --git a/test/treq b/test/treq index 2f20e640cf..77f37dcf3a 100644 --- a/test/treq +++ b/test/treq @@ -8,7 +8,7 @@ else t=testreq.pem fi -if $cmd -in $t -inform p -noout -text | fgrep 'Unknown Public Key'; then +if $cmd -in $t -inform p -noout -text 2>&1 | fgrep -i 'Unknown Public Key'; then echo "skipping req conversion test for $t" exit 0 fi -- 2.25.1