There's no such things as DTLS1_AD_MISSING_HANDSHAKE_MESSAGE.

[openssl.git] / ssl / t1_enc.c

diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index cfcfedaa5d9675485c27ee91726c19f4b8a6d154..6b4884ab1f9c5c434a1a321a23a700a5a2765c75 100644 (file)
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -231,7 +231,9 @@ int tls1_change_cipher_state(SSL *s, int which)
        int client_write;
        EVP_CIPHER_CTX *dd;
        const EVP_CIPHER *c;
+#ifndef OPENSSL_NO_COMP
        const SSL_COMP *comp;
+#endif
        const EVP_MD *m;
        int is_export,n,i,j,k,exp_label_len,cl;
        int reuse_dd = 0;
@@ -239,7 +241,9 @@ int tls1_change_cipher_state(SSL *s, int which)
        is_export=SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
        c=s->s3->tmp.new_sym_enc;
        m=s->s3->tmp.new_hash;
+#ifndef OPENSSL_NO_COMP
        comp=s->s3->tmp.new_compression;
+#endif
        key_block=s->s3->tmp.key_block;
 
 #ifdef KSSL_DEBUG
@@ -265,6 +269,7 @@ int tls1_change_cipher_state(SSL *s, int which)
                        goto err;
                dd= s->enc_read_ctx;
                s->read_hash=m;
+#ifndef OPENSSL_NO_COMP
                if (s->expand != NULL)
                        {
                        COMP_CTX_free(s->expand);
@@ -284,6 +289,7 @@ int tls1_change_cipher_state(SSL *s, int which)
                        if (s->s3->rrec.comp == NULL)
                                goto err;
                        }
+#endif
                /* this is done by dtls1_reset_seq_numbers for DTLS1_VERSION */
                if (s->version != DTLS1_VERSION)
                        memset(&(s->s3->read_sequence[0]),0,8);
@@ -301,6 +307,7 @@ int tls1_change_cipher_state(SSL *s, int which)
                        goto err;
                dd= s->enc_write_ctx;
                s->write_hash=m;
+#ifndef OPENSSL_NO_COMP
                if (s->compress != NULL)
                        {
                        COMP_CTX_free(s->compress);
@@ -315,6 +322,7 @@ int tls1_change_cipher_state(SSL *s, int which)
                                goto err2;
                                }
                        }
+#endif
                /* this is done by dtls1_reset_seq_numbers for DTLS1_VERSION */
                if (s->version != DTLS1_VERSION)
                        memset(&(s->s3->write_sequence[0]),0,8);
@@ -815,8 +823,15 @@ int tls1_alert_code(int code)
        case SSL_AD_INTERNAL_ERROR:     return(TLS1_AD_INTERNAL_ERROR);
        case SSL_AD_USER_CANCELLED:     return(TLS1_AD_USER_CANCELLED);
        case SSL_AD_NO_RENEGOTIATION:   return(TLS1_AD_NO_RENEGOTIATION);
+       case SSL_AD_UNSUPPORTED_EXTENSION: return(TLS1_AD_UNSUPPORTED_EXTENSION);
+       case SSL_AD_CERTIFICATE_UNOBTAINABLE: return(TLS1_AD_CERTIFICATE_UNOBTAINABLE);
+       case SSL_AD_UNRECOGNIZED_NAME:  return(TLS1_AD_UNRECOGNIZED_NAME);
+       case SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE: return(TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE);
+       case SSL_AD_BAD_CERTIFICATE_HASH_VALUE: return(TLS1_AD_BAD_CERTIFICATE_HASH_VALUE);
+#if 0 /* not appropriate for TLS, not used for DTLS */
        case DTLS1_AD_MISSING_HANDSHAKE_MESSAGE: return 
                                          (DTLS1_AD_MISSING_HANDSHAKE_MESSAGE);
+#endif
        default:                        return(-1);
                }
        }