From: Rich Salz <rsalz@openssl.org>
Date: Tue, 27 Jan 2015 20:14:12 +0000 (-0500)
Subject: OPENSSL_NO_XXX cleanup: NO_TLS, NO_TLS1
X-Git-Tag: OpenSSL_1_1_0-pre1~1756
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=daa48704cc04c61cf8f3e74759a7a3139b6aff01;p=openssl

OPENSSL_NO_XXX cleanup: NO_TLS, NO_TLS1

TLS and TLS1 are no longer optional.

Reviewed-by: Richard Levitte <levitte@openssl.org>
---

diff --git a/apps/ciphers.c b/apps/ciphers.c
index f36db2096b..803b021f5c 100644
--- a/apps/ciphers.c
+++ b/apps/ciphers.c
@@ -129,10 +129,8 @@ int MAIN(int argc, char **argv)
         else if (strcmp(*argv, "-ssl3") == 0)
             meth = SSLv3_client_method();
 #endif
-#ifndef OPENSSL_NO_TLS1
         else if (strcmp(*argv, "-tls1") == 0)
             meth = TLSv1_client_method();
-#endif
         else if ((strncmp(*argv, "-h", 2) == 0) || (strcmp(*argv, "-?") == 0)) {
             badops = 1;
             break;
diff --git a/apps/s_client.c b/apps/s_client.c
index 0c4e6bdbd9..512c2583aa 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -931,14 +931,12 @@ int MAIN(int argc, char **argv)
         else if (strcmp(*argv, "-ssl3") == 0)
             meth = SSLv3_client_method();
 #endif
-#ifndef OPENSSL_NO_TLS1
         else if (strcmp(*argv, "-tls1_2") == 0)
             meth = TLSv1_2_client_method();
         else if (strcmp(*argv, "-tls1_1") == 0)
             meth = TLSv1_1_client_method();
         else if (strcmp(*argv, "-tls1") == 0)
             meth = TLSv1_client_method();
-#endif
 #ifndef OPENSSL_NO_DTLS1
         else if (strcmp(*argv, "-dtls") == 0) {
             meth = DTLS_client_method();
diff --git a/apps/s_server.c b/apps/s_server.c
index e07df85291..48ac6b3989 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -1404,7 +1404,6 @@ int MAIN(int argc, char *argv[])
             meth = SSLv3_server_method();
         }
 #endif
-#ifndef OPENSSL_NO_TLS1
         else if (strcmp(*argv, "-tls1") == 0) {
             meth = TLSv1_server_method();
         } else if (strcmp(*argv, "-tls1_1") == 0) {
@@ -1412,7 +1411,6 @@ int MAIN(int argc, char *argv[])
         } else if (strcmp(*argv, "-tls1_2") == 0) {
             meth = TLSv1_2_server_method();
         }
-#endif
 #ifndef OPENSSL_NO_DTLS1
         else if (strcmp(*argv, "-dtls") == 0) {
             meth = DTLS_server_method();
diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c
index 598002b15f..331a50f515 100644
--- a/ssl/d1_pkt.c
+++ b/ssl/d1_pkt.c
@@ -1343,13 +1343,11 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
 
     switch (rr->type) {
     default:
-#ifndef OPENSSL_NO_TLS
         /* TLS just ignores unknown message types */
         if (s->version == TLS1_VERSION) {
             rr->length = 0;
             goto start;
         }
-#endif
         al = SSL_AD_UNEXPECTED_MESSAGE;
         SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_UNEXPECTED_RECORD);
         goto f_err;
diff --git a/ssl/s23_meth.c b/ssl/s23_meth.c
index 05fb4f98b9..757c5a9dc9 100644
--- a/ssl/s23_meth.c
+++ b/ssl/s23_meth.c
@@ -68,7 +68,6 @@ static const SSL_METHOD *ssl23_get_method(int ver)
         return (SSLv3_method());
     else
 #endif
-#ifndef OPENSSL_NO_TLS1
     if (ver == TLS1_VERSION)
         return (TLSv1_method());
     else if (ver == TLS1_1_VERSION)
@@ -76,7 +75,6 @@ static const SSL_METHOD *ssl23_get_method(int ver)
     else if (ver == TLS1_2_VERSION)
         return (TLSv1_2_method());
     else
-#endif
         return (NULL);
 }
 
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index 07adf0f25a..a8fd16c096 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -1649,7 +1649,6 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
 
     switch (rr->type) {
     default:
-#ifndef OPENSSL_NO_TLS
         /*
          * TLS up to v1.1 just ignores unknown message types: TLS v1.2 give
          * an unexpected message alert.
@@ -1658,7 +1657,6 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
             rr->length = 0;
             goto start;
         }
-#endif
         al = SSL_AD_UNEXPECTED_MESSAGE;
         SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_UNEXPECTED_RECORD);
         goto f_err;
diff --git a/ssl/ssltest.c b/ssl/ssltest.c
index a49fd86d3d..0b4df3ea15 100644
--- a/ssl/ssltest.c
+++ b/ssl/ssltest.c
@@ -791,9 +791,7 @@ static void sv_usage(void)
 #ifndef OPENSSL_NO_SSL3_METHOD
     fprintf(stderr, " -ssl3         - use SSLv3\n");
 #endif
-#ifndef OPENSSL_NO_TLS1
     fprintf(stderr, " -tls1         - use TLSv1\n");
-#endif
     fprintf(stderr, " -CApath arg   - PEM format directory of CA's\n");
     fprintf(stderr, " -CAfile arg   - PEM format file of CA's\n");
     fprintf(stderr, " -cert arg     - Server certificate file\n");
@@ -1160,9 +1158,7 @@ int main(int argc, char *argv[])
         }
 #endif
         else if (strcmp(*argv, "-tls1") == 0) {
-#ifdef OPENSSL_NO_TLS1
             no_protocol = 1;
-#endif
             tls1 = 1;
         } else if (strcmp(*argv, "-ssl3") == 0) {
 #ifdef OPENSSL_NO_SSL3_METHOD
@@ -1436,11 +1432,9 @@ int main(int argc, char *argv[])
         meth = SSLv3_method();
     else
 #endif
-#ifndef OPENSSL_NO_TLS1
     if (tls1)
         meth = TLSv1_method();
     else
-#endif
         meth = SSLv23_method();
 
     c_ctx = SSL_CTX_new(meth);
@@ -3204,7 +3198,6 @@ static int do_test_cipherlist(void)
     }
     fprintf(stderr, "ok\n");
 #endif
-#ifndef OPENSSL_NO_TLS1
     fprintf(stderr, "testing TLSv1 cipher list order: ");
     meth = TLSv1_method();
     tci = NULL;
@@ -3217,7 +3210,6 @@ static int do_test_cipherlist(void)
         tci = ci;
     }
     fprintf(stderr, "ok\n");
-#endif
 
     return 1;
 }