This also fixes no-tls which is an alias for no-tls1 in 1.0.2 (it is not
possible to do no-tls1_1 or no-tls1_2 in 1.0.2).
Because it is not possible to disable TLS1.1 or TLS1.2 it no longer follows
that disabling TLS1.0 should force the disabling of tlsext.
Also a few missing ifdef guards.
GitHub Iusse#935
Reviewed-by: Rich Salz <rsalz@openssl.org>
$disabled{"tls1"} = "forced";
}
-if (defined($disabled{"tls1"}))
- {
- $disabled{"tlsext"} = "forced";
- }
-
if (defined($disabled{"ec"}) || defined($disabled{"dsa"})
|| defined($disabled{"dh"}))
{
OPENSSL_EXIT(ret);
}
+#else
+static void *dummy = &dummy;
#endif
static int do_test_cipherlist(void)
{
+#if !defined(OPENSSL_NO_SSL2) || !defined(OPENSSL_NO_SSL3) || \
+ !defined(OPENSSL_NO_TLS1)
int i = 0;
const SSL_METHOD *meth;
const SSL_CIPHER *ci, *tci = NULL;
+#endif
#ifndef OPENSSL_NO_SSL2
fprintf(stderr, "testing SSLv2 cipher list order: ");