Support INSTALL_PREFIX for packagers.

[openssl.git] / ssl / s3_clnt.c

diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index c2d33fef056e8c680bb901dd2d763824510f2f21..e0871c47ef0e186334cc55695e6923f034c4f2f5 100644 (file)
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -60,20 +60,11 @@
 #include <openssl/buffer.h>
 #include <openssl/rand.h>
 #include <openssl/objects.h>
+#include <openssl/md5.h>
+#include <openssl/sha.h>
 #include <openssl/evp.h>
 #include "ssl_locl.h"
 
-#define BREAK break
-/* SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,ERR_R_MALLOC_FAILURE);
- * SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_MALLOC_FAILURE);
- * SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,ERR_R_MALLOC_FAILURE);
- * SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE);
- * SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_MALLOC_FAILURE);
- * SSLerr(SSL_F_SSL3_GET_SERVER_DONE,ERR_R_MALLOC_FAILURE);
-SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_SHORT);
- */
-
-#ifndef NOPROTO
 static SSL_METHOD *ssl3_get_client_method(int ver);
 static int ssl3_client_hello(SSL *s);
 static int ssl3_get_server_hello(SSL *s);
@@ -86,21 +77,6 @@ static int ssl3_send_client_key_exchange(SSL *s);
 static int ssl3_get_key_exchange(SSL *s);
 static int ssl3_get_server_certificate(SSL *s);
 static int ssl3_check_cert_and_algorithm(SSL *s);
-#else
-static SSL_METHOD *ssl3_get_client_method();
-static int ssl3_client_hello();
-static int ssl3_get_server_hello();
-static int ssl3_get_certificate_request();
-static int ca_dn_cmp();
-static int ssl3_get_server_done();
-static int ssl3_send_client_verify();
-static int ssl3_send_client_certificate();
-static int ssl3_send_client_key_exchange();
-static int ssl3_get_key_exchange();
-static int ssl3_get_server_certificate();
-static int ssl3_check_cert_and_algorithm();
-#endif
-
 static SSL_METHOD *ssl3_get_client_method(int ver)
        {
        if (ver == SSL3_VERSION)
@@ -854,7 +830,9 @@ static int ssl3_get_key_exchange(SSL *s)
        int al,i,j,param_len,ok;
        long n,alg;
        EVP_PKEY *pkey=NULL;
+#ifndef NO_RSA
        RSA *rsa=NULL;
+#endif
 #ifndef NO_DH
        DH *dh=NULL;
 #endif
@@ -1313,10 +1291,13 @@ static int ssl3_get_server_done(SSL *s)
 
 static int ssl3_send_client_key_exchange(SSL *s)
        {
-       unsigned char *p,*q,*d;
+       unsigned char *p,*d;
        int n;
        unsigned long l;
+#ifndef NO_RSA
+       unsigned char *q;
        EVP_PKEY *pkey=NULL;
+#endif
 
        if (s->state == SSL3_ST_CW_KEY_EXCH_A)
                {
@@ -1466,7 +1447,9 @@ static int ssl3_send_client_verify(SSL *s)
        unsigned char *p,*d;
        unsigned char data[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
        EVP_PKEY *pkey;
+#ifndef NO_RSA
        int i=0;
+#endif
        unsigned long n;
 #ifndef NO_DSA
        int j;
@@ -1616,8 +1599,12 @@ static int ssl3_check_cert_and_algorithm(SSL *s)
        long algs;
        EVP_PKEY *pkey=NULL;
        CERT *c;
+#ifndef NO_RSA
        RSA *rsa;
+#endif
+#ifndef NO_DH
        DH *dh;
+#endif
 
        c=s->session->cert;
 
@@ -1633,8 +1620,12 @@ static int ssl3_check_cert_and_algorithm(SSL *s)
        if (algs & (SSL_aDH|SSL_aNULL))
                return(1);
 
+#ifndef NO_RSA
        rsa=s->session->cert->rsa_tmp;
+#endif
+#ifndef NO_DH
        dh=s->session->cert->dh_tmp;
+#endif
 
        /* This is the passed certificate */
 
@@ -1657,15 +1648,16 @@ static int ssl3_check_cert_and_algorithm(SSL *s)
                goto f_err;
                }
 #endif
-
+#ifndef NO_RSA
        if ((algs & SSL_kRSA) &&
                !(has_bits(i,EVP_PK_RSA|EVP_PKT_ENC) || (rsa != NULL)))
                {
                SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_RSA_ENCRYPTING_CERT);
                goto f_err;
                }
+#endif
 #ifndef NO_DH
-       else if ((algs & SSL_kEDH) &&
+       if ((algs & SSL_kEDH) &&
                !(has_bits(i,EVP_PK_DH|EVP_PKT_EXCH) || (dh != NULL)))
                {
                SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_KEY);