From: Jakub Zelenka Date: Sun, 23 Oct 2016 18:37:07 +0000 (+0100) Subject: Drop useless checks for DH and RSA X-Git-Tag: php-7.1.0RC5~9 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=930ae4034e9e6f66180c3a017e323d934f09e367;p=php Drop useless checks for DH and RSA If DH or RSA was disabled, the build would fail already as it's used already elsewhere without checking the OPENSSL_NO_DH or OPENSSL_NO_RSA defines. --- diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c index 3bad717088..075be20d81 100644 --- a/ext/openssl/openssl.c +++ b/ext/openssl/openssl.c @@ -3910,7 +3910,6 @@ static int php_openssl_is_private_key(EVP_PKEY* pkey) assert(pkey != NULL); switch (EVP_PKEY_id(pkey)) { -#ifndef NO_RSA case EVP_PKEY_RSA: case EVP_PKEY_RSA2: { @@ -3925,8 +3924,6 @@ static int php_openssl_is_private_key(EVP_PKEY* pkey) } } break; -#endif -#ifndef NO_DSA case EVP_PKEY_DSA: case EVP_PKEY_DSA1: case EVP_PKEY_DSA2: @@ -3949,8 +3946,6 @@ static int php_openssl_is_private_key(EVP_PKEY* pkey) } } break; -#endif -#ifndef NO_DH case EVP_PKEY_DH: { DH *dh = EVP_PKEY_get0_DH(pkey); @@ -3969,7 +3964,6 @@ static int php_openssl_is_private_key(EVP_PKEY* pkey) } } break; -#endif #ifdef HAVE_EVP_PKEY_EC case EVP_PKEY_EC: { diff --git a/ext/openssl/xp_ssl.c b/ext/openssl/xp_ssl.c index 5b39a0d79e..a7a622f6d5 100644 --- a/ext/openssl/xp_ssl.c +++ b/ext/openssl/xp_ssl.c @@ -91,7 +91,7 @@ /* Used for peer verification in windows */ #define PHP_X509_NAME_ENTRY_TO_UTF8(ne, i, out) ASN1_STRING_to_UTF8(&out, X509_NAME_ENTRY_get_data(X509_NAME_get_entry(ne, i))) -#if !defined(OPENSSL_NO_RSA) && OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L static RSA *tmp_rsa_cb(SSL *s, int is_export, int keylength); #endif @@ -1123,7 +1123,7 @@ static void init_server_reneg_limit(php_stream *stream, php_openssl_netstream_da } /* }}} */ -#if !defined(OPENSSL_NO_RSA) && OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L static RSA *tmp_rsa_cb(SSL *s, int is_export, int keylength) { BIGNUM *bn = NULL; @@ -1147,7 +1147,6 @@ static RSA *tmp_rsa_cb(SSL *s, int is_export, int keylength) } #endif -#ifndef OPENSSL_NO_DH static int set_server_dh_param(php_stream * stream, SSL_CTX *ctx) /* {{{ */ { DH *dh; @@ -1192,7 +1191,6 @@ static int set_server_dh_param(php_stream * stream, SSL_CTX *ctx) /* {{{ */ return SUCCESS; } /* }}} */ -#endif #if defined(HAVE_ECDH) && OPENSSL_VERSION_NUMBER < 0x10100000L static int set_server_ecdh_curve(php_stream *stream, SSL_CTX *ctx) /* {{{ */ @@ -1243,7 +1241,7 @@ static int set_server_specific_opts(php_stream *stream, SSL_CTX *ctx) /* {{{ */ } #endif -#if !defined(OPENSSL_NO_RSA) && OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L SSL_CTX_set_tmp_rsa_callback(ctx, tmp_rsa_cb); #endif /* We now use tmp_rsa_cb to generate a key of appropriate size whenever necessary */ @@ -1251,13 +1249,11 @@ static int set_server_specific_opts(php_stream *stream, SSL_CTX *ctx) /* {{{ */ php_error_docref(NULL, E_WARNING, "rsa_key_size context option has been removed"); } -#ifndef OPENSSL_NO_DH set_server_dh_param(stream, ctx); zv = php_stream_context_get_option(PHP_STREAM_CONTEXT(stream), "ssl", "single_dh_use"); if (zv != NULL && zend_is_true(zv)) { ssl_ctx_options |= SSL_OP_SINGLE_DH_USE; } -#endif zv = php_stream_context_get_option(PHP_STREAM_CONTEXT(stream), "ssl", "honor_cipher_order"); if (zv != NULL && zend_is_true(zv)) {