From 40e0de03955e218f45a7979cb46fba193f4e7fc2 Mon Sep 17 00:00:00 2001
From: Andy Polyakov <appro@openssl.org>
Date: Fri, 1 Feb 2013 10:10:32 +0100
Subject: [PATCH] s3/s3_cbc.c: allow for compilations with NO_SHA256|512.
 (cherry picked from commit d5371324d978e4096bf99b9d0fe71b2cb65d9dc8)

---
 ssl/s3_cbc.c | 19 ++++++++++++++++++-
 1 file changed, 18 insertions(+), 1 deletion(-)

diff --git a/ssl/s3_cbc.c b/ssl/s3_cbc.c
index aa0ffc259b..2ab7bfb60a 100644
--- a/ssl/s3_cbc.c
+++ b/ssl/s3_cbc.c
@@ -338,7 +338,9 @@ static void tls1_sha1_final_raw(void* ctx, unsigned char *md_out)
 	l2n(sha1->h3, md_out);
 	l2n(sha1->h4, md_out);
 	}
+#define LARGEST_DIGEST_CTX SHA_CTX
 
+#ifndef OPENSSL_NO_SHA256
 static void tls1_sha256_final_raw(void* ctx, unsigned char *md_out)
 	{
 	SHA256_CTX *sha256 = ctx;
@@ -349,7 +351,11 @@ static void tls1_sha256_final_raw(void* ctx, unsigned char *md_out)
 		l2n(sha256->h[i], md_out);
 		}
 	}
+#undef  LARGEST_DIGEST_CTX
+#define LARGEST_DIGEST_CTX SHA256_CTX
+#endif
 
+#ifndef OPENSSL_NO_SHA512
 static void tls1_sha512_final_raw(void* ctx, unsigned char *md_out)
 	{
 	SHA512_CTX *sha512 = ctx;
@@ -360,6 +366,9 @@ static void tls1_sha512_final_raw(void* ctx, unsigned char *md_out)
 		l2n8(sha512->h[i], md_out);
 		}
 	}
+#undef  LARGEST_DIGEST_CTX
+#define LARGEST_DIGEST_CTX SHA512_CTX
+#endif
 
 /* ssl3_cbc_record_digest_supported returns 1 iff |ctx| uses a hash function
  * which ssl3_cbc_digest_record supports. */
@@ -373,10 +382,14 @@ char ssl3_cbc_record_digest_supported(const EVP_MD *digest)
 		{
 		case NID_md5:
 		case NID_sha1:
+#ifndef OPENSSL_NO_SHA256
 		case NID_sha224:
 		case NID_sha256:
+#endif
+#ifndef OPENSSL_NO_SHA512
 		case NID_sha384:
 		case NID_sha512:
+#endif
 			return 1;
 		default:
 			return 0;
@@ -415,7 +428,7 @@ void ssl3_cbc_digest_record(
 	char is_sslv3)
 	{
 	union {	double align;
-		unsigned char c[sizeof(SHA512_CTX)]; } md_state;
+		unsigned char c[sizeof(LARGEST_DIGEST_CTX)]; } md_state;
 	void (*md_final_raw)(void *ctx, unsigned char *md_out);
 	void (*md_transform)(void *ctx, const unsigned char *block);
 	unsigned md_size, md_block_size = 64;
@@ -453,6 +466,7 @@ void ssl3_cbc_digest_record(
 			md_transform = (void(*)(void *ctx, const unsigned char *block)) SHA1_Transform;
 			md_size = 20;
 			break;
+#ifndef OPENSSL_NO_SHA256
 		case NID_sha224:
 			SHA224_Init((SHA256_CTX*)md_state.c);
 			md_final_raw = tls1_sha256_final_raw;
@@ -465,6 +479,8 @@ void ssl3_cbc_digest_record(
 			md_transform = (void(*)(void *ctx, const unsigned char *block)) SHA256_Transform;
 			md_size = 32;
 			break;
+#endif
+#ifndef OPENSSL_NO_SHA512
 		case NID_sha384:
 			SHA384_Init((SHA512_CTX*)md_state.c);
 			md_final_raw = tls1_sha512_final_raw;
@@ -481,6 +497,7 @@ void ssl3_cbc_digest_record(
 			md_block_size = 128;
 			md_length_size = 16;
 			break;
+#endif
 		default:
 			/* ssl3_cbc_record_digest_supported should have been
 			 * called first to check that the hash function is
-- 
2.34.1