Fix the no-nextprotoneg option
authorMatt Caswell <matt@openssl.org>
Mon, 11 Apr 2016 10:41:19 +0000 (11:41 +0100)
committerMatt Caswell <matt@openssl.org>
Mon, 11 Apr 2016 13:22:43 +0000 (14:22 +0100)
Misc fixes to get no-nextprotoneg config option working again.

Reviewed-by: Rich Salz <rsalz@openssl.org>
apps/s_client.c
ssl/t1_ext.c
test/recipes/80-test_ssl_old.t
test/ssltest_old.c

index b2f10c8..d658e04 100644 (file)
@@ -1362,7 +1362,9 @@ int s_client_main(int argc, char **argv)
             }
             break;
         case OPT_NEXTPROTONEG:
+#ifndef OPENSSL_NO_NEXTPROTONEG
             next_proto_neg_in = opt_arg();
+#endif
             break;
         case OPT_ALPN:
             alpn_in = opt_arg();
index e993397..3bbe1fd 100644 (file)
@@ -293,7 +293,9 @@ int SSL_extension_supported(unsigned int ext_type)
     case TLSEXT_TYPE_ec_point_formats:
     case TLSEXT_TYPE_elliptic_curves:
     case TLSEXT_TYPE_heartbeat:
+#ifndef OPENSSL_NO_NEXTPROTONEG
     case TLSEXT_TYPE_next_proto_neg:
+#endif
     case TLSEXT_TYPE_padding:
     case TLSEXT_TYPE_renegotiate:
     case TLSEXT_TYPE_server_name:
index 13fcfbe..67564e7 100644 (file)
@@ -568,6 +568,8 @@ sub testssl {
       SKIP: {
          skip "TLSv1.0 is not supported by this OpenSSL build", 7
              if $no_tls1;
+         skip "Next Protocol Negotiation is not supported by this OpenSSL build", 7
+             if disabled("nextprotoneg");
 
          ok(run(test([@ssltest, "-bio_pair", "-tls1", "-npn_client"])));
          ok(run(test([@ssltest, "-bio_pair", "-tls1", "-npn_server"])));
index 2cc25db..0dae90f 100644 (file)
@@ -2348,7 +2348,9 @@ int doit_localhost(SSL *s_ssl, SSL *c_ssl, int family, long count,
         goto err;
     }
 
+# ifndef OPENSSL_NO_NEXTPROTONEG
  end:
+# endif
     ret = 0;
 
  err:
@@ -2729,7 +2731,9 @@ int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
         goto err;
     }
 
+#ifndef OPENSSL_NO_NEXTPROTONEG
  end:
+#endif
     ret = 0;
 
  err: