Version skew reduction: trivia (I hope).
diff --git a/ssl/Makefile b/ssl/Makefile
index 459e222..63a2f96 100644
--- a/ssl/Makefile
+++ b/ssl/Makefile
@@ -164,7 +164,7 @@
d1_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
d1_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
d1_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_clnt.c
-d1_clnt.o: kssl_lcl.h ssl_locl.h
+d1_clnt.o: ssl_locl.h
d1_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
d1_enc.o: ../include/openssl/buffer.h ../include/openssl/comp.h
d1_enc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
@@ -589,8 +589,7 @@
s3_enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
s3_enc.o: ../include/openssl/tls1.h ../include/openssl/x509.h
s3_enc.o: ../include/openssl/x509_vfy.h s3_enc.c ssl_locl.h
-s3_lib.o: ../crypto/ec/ec_lcl.h ../e_os.h ../include/openssl/asn1.h
-s3_lib.o: ../include/openssl/bio.h ../include/openssl/bn.h
+s3_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
s3_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h
s3_lib.o: ../include/openssl/crypto.h ../include/openssl/dh.h
s3_lib.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
@@ -659,20 +658,20 @@
s3_srvr.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
s3_srvr.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
s3_srvr.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-s3_srvr.o: ../include/openssl/krb5_asn.h ../include/openssl/kssl.h
-s3_srvr.o: ../include/openssl/lhash.h ../include/openssl/md5.h
-s3_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s3_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s3_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s3_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s3_srvr.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
-s3_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s3_srvr.o: ../include/openssl/sha.h ../include/openssl/srtp.h
-s3_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s3_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s3_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s3_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s3_srvr.o: ../include/openssl/x509_vfy.h kssl_lcl.h s3_srvr.c ssl_locl.h
+s3_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s3_srvr.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
+s3_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+s3_srvr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s3_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s3_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+s3_srvr.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+s3_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s3_srvr.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s3_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s3_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s3_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s3_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl_lcl.h
+s3_srvr.o: s3_srvr.c ssl_locl.h
ssl_algs.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
ssl_algs.o: ../include/openssl/buffer.h ../include/openssl/comp.h
ssl_algs.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
@@ -949,14 +948,15 @@
t1_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
t1_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
t1_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-t1_lib.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
-t1_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-t1_lib.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-t1_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-t1_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-t1_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-t1_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-t1_lib.o: ../include/openssl/x509v3.h ssl_locl.h t1_lib.c
+t1_lib.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+t1_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+t1_lib.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+t1_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+t1_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+t1_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+t1_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+t1_lib.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h ssl_locl.h
+t1_lib.o: t1_lib.c
t1_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
t1_meth.o: ../include/openssl/buffer.h ../include/openssl/comp.h
t1_meth.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c
index 00cb43f..4af8ffd 100644
--- a/ssl/d1_clnt.c
+++ b/ssl/d1_clnt.c
@@ -114,7 +114,6 @@
*/
#include <stdio.h>
-#include <openssl/crypto.h>
#include "ssl_locl.h"
#ifndef OPENSSL_NO_KRB5
#include "kssl_lcl.h"
diff --git a/ssl/kssl.c b/ssl/kssl.c
index ee0e73e..fd7c67b 100644
--- a/ssl/kssl.c
+++ b/ssl/kssl.c
@@ -2093,9 +2093,12 @@
EVP_CIPHER_CTX_cleanup(&ciph_ctx);
#ifdef KSSL_DEBUG
+ {
+ int padl;
printf("kssl_check_authent: decrypted authenticator[%d] =\n", outl);
for (padl=0; padl < outl; padl++) printf("%02x ",unenc_authent[padl]);
printf("\n");
+ }
#endif /* KSSL_DEBUG */
if ((p = kssl_skip_confound(enctype, unenc_authent)) == NULL)
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index e8fe968..c51f3d0 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -149,7 +149,6 @@
*/
#include <stdio.h>
-#include <openssl/crypto.h>
#include "ssl_locl.h"
#include "kssl_lcl.h"
#include <openssl/buffer.h>
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index ba32484..fdf8052 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -152,7 +152,6 @@
#define NETSCAPE_HANG_BUG
#include <stdio.h>
-#include <openssl/crypto.h>
#include "ssl_locl.h"
#include "kssl_lcl.h"
#include <openssl/buffer.h>
@@ -181,7 +180,7 @@
}
#ifndef OPENSSL_NO_SRP
-static int ssl_check_srp_ext_ClientHello(SSL *s,int *al)
+static int ssl_check_srp_ext_ClientHello(SSL *s, int *al)
{
int ret = SSL_ERROR_NONE;
@@ -3583,7 +3582,7 @@
return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
}
-# ifndef OPENSSL_NO_NPN
+# ifndef OPENSSL_NO_NEXTPROTONEG
/* ssl3_get_next_proto reads a Next Protocol Negotiation handshake message. It
* sets the next_proto member in s if found */
int ssl3_get_next_proto(SSL *s)
diff --git a/ssl/ssl.h b/ssl/ssl.h
index 31eccf9..4a9fa89 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -989,13 +989,13 @@
/* Callback for disabling session caching and ticket support
* on a session basis, depending on the chosen cipher. */
int (*not_resumable_session_cb)(SSL *ssl, int is_forward_secure);
-#ifndef OPENSSL_NO_EC
+# ifndef OPENSSL_NO_EC
/* EC extension values inherited by SSL structure */
size_t tlsext_ecpointformatlist_length;
unsigned char *tlsext_ecpointformatlist;
size_t tlsext_ellipticcurvelist_length;
unsigned char *tlsext_ellipticcurvelist;
-#endif /* OPENSSL_NO_EC */
+# endif /* OPENSSL_NO_EC */
int (*tlsext_authz_server_audit_proof_cb)(SSL *s, void *arg);
void *tlsext_authz_server_audit_proof_cb_arg;
};
@@ -1366,6 +1366,7 @@
int renegotiate;/* 1 if we are renegotiating.
* 2 if we are a server and are inside a handshake
* (i.e. not just sending a HelloRequest) */
+
#ifndef OPENSSL_NO_SRP
SRP_CTX srp_ctx; /* ctx for SRP authentication */
#endif
diff --git a/ssl/ssl3.h b/ssl/ssl3.h
index 84198ff..7427477 100644
--- a/ssl/ssl3.h
+++ b/ssl/ssl3.h
@@ -536,8 +536,7 @@
int send_connection_binding; /* TODOEKR */
#ifndef OPENSSL_NO_NEXTPROTONEG
- /* Set if we saw the Next Protocol Negotiation extension from
- our peer. */
+ /* Set if we saw the Next Protocol Negotiation extension from our peer. */
int next_proto_neg_seen;
#endif
diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c
index d8415b8..38540be 100644
--- a/ssl/ssl_asn1.c
+++ b/ssl/ssl_asn1.c
@@ -84,7 +84,6 @@
#include <stdio.h>
#include <stdlib.h>
-#include <openssl/crypto.h>
#include "ssl_locl.h"
#include <openssl/asn1_mac.h>
#include <openssl/objects.h>
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index cb098b3..dc9a866 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -146,7 +146,6 @@
# include <assert.h>
#endif
#include <stdio.h>
-#include <openssl/crypto.h>
#include "ssl_locl.h"
#include "kssl_lcl.h"
#include <openssl/objects.h>
@@ -1650,7 +1649,6 @@
ctx->next_proto_select_cb = cb;
ctx->next_proto_select_cb_arg = arg;
}
-
# endif
#endif
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index d0167e8..872bce6 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -602,8 +602,8 @@
int (*export_keying_material)(SSL *, unsigned char *, size_t,
const char *, size_t,
const unsigned char *, size_t,
- int use_context);
- } SSL3_ENC_METHOD;
+ int use_context);
+ } SSL3_ENC_METHOD;
#ifndef OPENSSL_NO_COMP
/* Used for holding the relevant compression methods loaded into SSL_CTX */
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index 093ea60..6cd1767 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -589,12 +589,14 @@
if (ret != NULL)
{
SSL_SESSION_free(ret);
+#ifndef OPENSSL_NO_TLSEXT
if (!try_session_cache)
{
/* The session was from a ticket, so we should
* issue a ticket for the new session */
s->tlsext_ticket_expected = 1;
}
+#endif
}
if (fatal)
return -1;
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 12230e8..bb4fbe6 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -1723,7 +1723,7 @@
#endif
#ifndef OPENSSL_NO_NEXTPROTONEG
else if (type == TLSEXT_TYPE_next_proto_neg &&
- s->s3->tmp.finish_md_len == 0)
+ s->s3->tmp.finish_md_len == 0)
{
/* We shouldn't accept this extension on a
* renegotiation.
@@ -1852,7 +1852,7 @@
/* ssl_next_proto_validate validates a Next Protocol Negotiation block. No
* elements of zero length are allowed and the set of elements must exactly fill
* the length of the block. */
-static int ssl_next_proto_validate(unsigned char *d, unsigned len)
+static char ssl_next_proto_validate(unsigned char *d, unsigned len)
{
unsigned int off = 0;
