Drop useless checks for DH and RSA

If DH or RSA was disabled, the build would fail already as
it's used already elsewhere without checking the OPENSSL_NO_DH
or OPENSSL_NO_RSA defines.

diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
index 3bad71708878510c0eabbcb537f0e1abc28b03ae..075be20d81fb20f20ba32777106cb92785cb77cc 100644 (file)
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@@ -3910,7 +3910,6 @@ static int php_openssl_is_private_key(EVP_PKEY* pkey)
        assert(pkey != NULL);
 
        switch (EVP_PKEY_id(pkey)) {
-#ifndef NO_RSA
                case EVP_PKEY_RSA:
                case EVP_PKEY_RSA2:
                        {
@@ -3925,8 +3924,6 @@ static int php_openssl_is_private_key(EVP_PKEY* pkey)
                                }
                        }
                        break;
-#endif
-#ifndef NO_DSA
                case EVP_PKEY_DSA:
                case EVP_PKEY_DSA1:
                case EVP_PKEY_DSA2:
@@ -3949,8 +3946,6 @@ static int php_openssl_is_private_key(EVP_PKEY* pkey)
                                }
                        }
                        break;
-#endif
-#ifndef NO_DH
                case EVP_PKEY_DH:
                        {
                                DH *dh = EVP_PKEY_get0_DH(pkey);
@@ -3969,7 +3964,6 @@ static int php_openssl_is_private_key(EVP_PKEY* pkey)
                                }
                        }
                        break;
-#endif
 #ifdef HAVE_EVP_PKEY_EC
                case EVP_PKEY_EC:
                        {

diff --git a/ext/openssl/xp_ssl.c b/ext/openssl/xp_ssl.c
index 5b39a0d79efc628d5edea68646d4e871bd86d109..a7a622f6d55d1668fa9e3d59a9e8b86f7cb91d93 100644 (file)
--- a/ext/openssl/xp_ssl.c
+++ b/ext/openssl/xp_ssl.c
@@ -91,7 +91,7 @@
 /* Used for peer verification in windows */
 #define PHP_X509_NAME_ENTRY_TO_UTF8(ne, i, out) ASN1_STRING_to_UTF8(&out, X509_NAME_ENTRY_get_data(X509_NAME_get_entry(ne, i)))
 
-#if !defined(OPENSSL_NO_RSA) && OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 static RSA *tmp_rsa_cb(SSL *s, int is_export, int keylength);
 #endif
 
@@ -1123,7 +1123,7 @@ static void init_server_reneg_limit(php_stream *stream, php_openssl_netstream_da
 }
 /* }}} */
 
-#if !defined(OPENSSL_NO_RSA) && OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 static RSA *tmp_rsa_cb(SSL *s, int is_export, int keylength)
 {
        BIGNUM *bn = NULL;
@@ -1147,7 +1147,6 @@ static RSA *tmp_rsa_cb(SSL *s, int is_export, int keylength)
 }
 #endif
 
-#ifndef OPENSSL_NO_DH
 static int set_server_dh_param(php_stream * stream, SSL_CTX *ctx) /* {{{ */
 {
        DH *dh;
@@ -1192,7 +1191,6 @@ static int set_server_dh_param(php_stream * stream, SSL_CTX *ctx) /* {{{ */
        return SUCCESS;
 }
 /* }}} */
-#endif
 
 #if defined(HAVE_ECDH) && OPENSSL_VERSION_NUMBER < 0x10100000L
 static int set_server_ecdh_curve(php_stream *stream, SSL_CTX *ctx) /* {{{ */
@@ -1243,7 +1241,7 @@ static int set_server_specific_opts(php_stream *stream, SSL_CTX *ctx) /* {{{ */
        }
 #endif
 
-#if !defined(OPENSSL_NO_RSA) && OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
        SSL_CTX_set_tmp_rsa_callback(ctx, tmp_rsa_cb);
 #endif
        /* We now use tmp_rsa_cb to generate a key of appropriate size whenever necessary */
@@ -1251,13 +1249,11 @@ static int set_server_specific_opts(php_stream *stream, SSL_CTX *ctx) /* {{{ */
                php_error_docref(NULL, E_WARNING, "rsa_key_size context option has been removed");
        }
 
-#ifndef OPENSSL_NO_DH
        set_server_dh_param(stream, ctx);
        zv = php_stream_context_get_option(PHP_STREAM_CONTEXT(stream), "ssl", "single_dh_use");
        if (zv != NULL && zend_is_true(zv)) {
                ssl_ctx_options |= SSL_OP_SINGLE_DH_USE;
        }
-#endif
 
        zv = php_stream_context_get_option(PHP_STREAM_CONTEXT(stream), "ssl", "honor_cipher_order");
        if (zv != NULL && zend_is_true(zv)) {