From: tedu Date: Thu, 17 Apr 2014 21:15:37 +0000 (+0000) Subject: SHA and AES (and sadly MD5) can't be considered optional. ok beck miod X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=ad5fa25f757422b36eab82e6ab07d487c68f9d28;p=openbsd SHA and AES (and sadly MD5) can't be considered optional. ok beck miod --- diff --git a/lib/libssl/src/ssl/ssl_algs.c b/lib/libssl/src/ssl/ssl_algs.c index 92973866d25..463bf8ad66e 100644 --- a/lib/libssl/src/ssl/ssl_algs.c +++ b/lib/libssl/src/ssl/ssl_algs.c @@ -85,18 +85,13 @@ SSL_library_init(void) */ EVP_add_cipher(EVP_rc2_40_cbc()); #endif -#ifndef OPENSSL_NO_AES EVP_add_cipher(EVP_aes_128_cbc()); EVP_add_cipher(EVP_aes_192_cbc()); EVP_add_cipher(EVP_aes_256_cbc()); EVP_add_cipher(EVP_aes_128_gcm()); EVP_add_cipher(EVP_aes_256_gcm()); -#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1) EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1()); EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1()); -#endif - -#endif #ifndef OPENSSL_NO_CAMELLIA EVP_add_cipher(EVP_camellia_128_cbc()); EVP_add_cipher(EVP_camellia_256_cbc()); @@ -106,16 +101,12 @@ SSL_library_init(void) EVP_add_cipher(EVP_seed_cbc()); #endif -#ifndef OPENSSL_NO_MD5 EVP_add_digest(EVP_md5()); EVP_add_digest_alias(SN_md5, "ssl2-md5"); EVP_add_digest_alias(SN_md5, "ssl3-md5"); -#endif -#ifndef OPENSSL_NO_SHA EVP_add_digest(EVP_sha1()); /* RSA with sha1 */ EVP_add_digest_alias(SN_sha1, "ssl3-sha1"); EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA); -#endif EVP_add_digest(EVP_sha224()); EVP_add_digest(EVP_sha256()); EVP_add_digest(EVP_sha384()); diff --git a/lib/libssl/src/ssl/t1_lib.c b/lib/libssl/src/ssl/t1_lib.c index b88b3561e05..304140d7f6d 100644 --- a/lib/libssl/src/ssl/t1_lib.c +++ b/lib/libssl/src/ssl/t1_lib.c @@ -338,9 +338,7 @@ static unsigned char tls12_sigalgs[] = { tlsext_sigalg(TLSEXT_hash_sha384) tlsext_sigalg(TLSEXT_hash_sha256) tlsext_sigalg(TLSEXT_hash_sha224) -#ifndef OPENSSL_NO_SHA tlsext_sigalg(TLSEXT_hash_sha1) -#endif }; int @@ -2195,12 +2193,8 @@ typedef struct { } tls12_lookup; static tls12_lookup tls12_md[] = { -#ifndef OPENSSL_NO_MD5 {NID_md5, TLSEXT_hash_md5}, -#endif -#ifndef OPENSSL_NO_SHA {NID_sha1, TLSEXT_hash_sha1}, -#endif {NID_sha224, TLSEXT_hash_sha224}, {NID_sha256, TLSEXT_hash_sha256}, {NID_sha384, TLSEXT_hash_sha384}, @@ -2271,10 +2265,8 @@ const EVP_MD *tls12_get_hash(unsigned char hash_alg) { switch (hash_alg) { -#ifndef OPENSSL_NO_SHA case TLSEXT_hash_sha1: return EVP_sha1(); -#endif case TLSEXT_hash_sha224: return EVP_sha224(); diff --git a/lib/libssl/ssl_algs.c b/lib/libssl/ssl_algs.c index 92973866d25..463bf8ad66e 100644 --- a/lib/libssl/ssl_algs.c +++ b/lib/libssl/ssl_algs.c @@ -85,18 +85,13 @@ SSL_library_init(void) */ EVP_add_cipher(EVP_rc2_40_cbc()); #endif -#ifndef OPENSSL_NO_AES EVP_add_cipher(EVP_aes_128_cbc()); EVP_add_cipher(EVP_aes_192_cbc()); EVP_add_cipher(EVP_aes_256_cbc()); EVP_add_cipher(EVP_aes_128_gcm()); EVP_add_cipher(EVP_aes_256_gcm()); -#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1) EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1()); EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1()); -#endif - -#endif #ifndef OPENSSL_NO_CAMELLIA EVP_add_cipher(EVP_camellia_128_cbc()); EVP_add_cipher(EVP_camellia_256_cbc()); @@ -106,16 +101,12 @@ SSL_library_init(void) EVP_add_cipher(EVP_seed_cbc()); #endif -#ifndef OPENSSL_NO_MD5 EVP_add_digest(EVP_md5()); EVP_add_digest_alias(SN_md5, "ssl2-md5"); EVP_add_digest_alias(SN_md5, "ssl3-md5"); -#endif -#ifndef OPENSSL_NO_SHA EVP_add_digest(EVP_sha1()); /* RSA with sha1 */ EVP_add_digest_alias(SN_sha1, "ssl3-sha1"); EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA); -#endif EVP_add_digest(EVP_sha224()); EVP_add_digest(EVP_sha256()); EVP_add_digest(EVP_sha384()); diff --git a/lib/libssl/t1_lib.c b/lib/libssl/t1_lib.c index b88b3561e05..304140d7f6d 100644 --- a/lib/libssl/t1_lib.c +++ b/lib/libssl/t1_lib.c @@ -338,9 +338,7 @@ static unsigned char tls12_sigalgs[] = { tlsext_sigalg(TLSEXT_hash_sha384) tlsext_sigalg(TLSEXT_hash_sha256) tlsext_sigalg(TLSEXT_hash_sha224) -#ifndef OPENSSL_NO_SHA tlsext_sigalg(TLSEXT_hash_sha1) -#endif }; int @@ -2195,12 +2193,8 @@ typedef struct { } tls12_lookup; static tls12_lookup tls12_md[] = { -#ifndef OPENSSL_NO_MD5 {NID_md5, TLSEXT_hash_md5}, -#endif -#ifndef OPENSSL_NO_SHA {NID_sha1, TLSEXT_hash_sha1}, -#endif {NID_sha224, TLSEXT_hash_sha224}, {NID_sha256, TLSEXT_hash_sha256}, {NID_sha384, TLSEXT_hash_sha384}, @@ -2271,10 +2265,8 @@ const EVP_MD *tls12_get_hash(unsigned char hash_alg) { switch (hash_alg) { -#ifndef OPENSSL_NO_SHA case TLSEXT_hash_sha1: return EVP_sha1(); -#endif case TLSEXT_hash_sha224: return EVP_sha224();