From: Richard Levitte Date: Fri, 18 Mar 2016 19:06:29 +0000 (+0100) Subject: Implement support for no-ts X-Git-Tag: OpenSSL_1_1_0-pre5~316 X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=f38526357e1423ab5712586dee40c1c728af526d Implement support for no-ts Reviewed-by: Rich Salz --- diff --git a/apps/progs.pl b/apps/progs.pl index b601fefb1b..11bcbef8b8 100644 --- a/apps/progs.pl +++ b/apps/progs.pl @@ -75,6 +75,8 @@ foreach (@ARGV) { print "#ifndef OPENSSL_NO_OCSP\n${str}#endif\n"; } elsif (/^srp$/) { print "#ifndef OPENSSL_NO_SRP\n${str}#endif\n"; + } elsif (/^ts$/) { + print "#ifndef OPENSSL_NO_TS\n${str}#endif\n"; } else { print $str; } diff --git a/apps/ts.c b/apps/ts.c index b287e26a78..1872422468 100644 --- a/apps/ts.c +++ b/apps/ts.c @@ -56,25 +56,28 @@ * */ -#include -#include -#include -#include "apps.h" -#include -#include -#include -#include -#include -#include +#include +#ifndef OPENSSL_NO_TS + +# include +# include +# include +# include "apps.h" +# include +# include +# include +# include +# include +# include /* Request nonce length, in bits (must be a multiple of 8). */ -#define NONCE_LENGTH 64 +# define NONCE_LENGTH 64 /* Name of config entry that defines the OID file. */ -#define ENV_OID_FILE "oid_file" +# define ENV_OID_FILE "oid_file" /* Is |EXACTLY_ONE| of three pointers set? */ -#define EXACTLY_ONE(a, b, c) \ +# define EXACTLY_ONE(a, b, c) \ (( a && !b && !c) || \ ( b && !a && !c) || \ ( c && !a && !b)) @@ -159,9 +162,9 @@ OPTIONS ts_options[] = { {"CAfile", OPT_CAFILE, '<', "File with trusted CA certs"}, {"untrusted", OPT_UNTRUSTED, '<', "File with untrusted certs"}, {"", OPT_MD, '-', "Any supported digest"}, -#ifndef OPENSSL_NO_ENGINE +# ifndef OPENSSL_NO_ENGINE {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"}, -#endif +# endif {OPT_HELP_STR, 1, '-', "\nOptions specific to 'ts -verify': \n"}, OPT_V_OPTIONS, {OPT_HELP_STR, 1, '-', "\n"}, @@ -182,11 +185,11 @@ static char* opt_helplist[] = { " [-signer tsa_cert.pem] [-inkey private_key.pem]", " [-chain certs_file.pem] [-tspolicy oid]", " [-in file] [-token_in] [-out file] [-token_out]", -#ifndef OPENSSL_NO_ENGINE +# ifndef OPENSSL_NO_ENGINE " [-text]", -#else +# else " [-text] [-engine id]", -#endif +# endif " or", "ts -verify -CApath dir -CAfile file.pem -untrusted file.pem", " [-data file] [-digest hexstring]", @@ -735,10 +738,10 @@ static TS_RESP *create_response(CONF *conf, const char *section, char *engine, goto end; if (!TS_CONF_set_serial(conf, section, serial_cb, resp_ctx)) goto end; -#ifndef OPENSSL_NO_ENGINE +# ifndef OPENSSL_NO_ENGINE if (!TS_CONF_set_crypto_device(conf, section, engine)) goto end; -#endif +# endif if (!TS_CONF_set_signer_cert(conf, section, signer, resp_ctx)) goto end; if (!TS_CONF_set_certs(conf, section, chain, resp_ctx)) @@ -1026,3 +1029,4 @@ static int verify_cb(int ok, X509_STORE_CTX *ctx) { return ok; } +#endif diff --git a/crypto/err/err_all.c b/crypto/err/err_all.c index be6a30e93b..8939c085ea 100644 --- a/crypto/err/err_all.c +++ b/crypto/err/err_all.c @@ -142,7 +142,9 @@ void err_load_crypto_strings_intern(void) ERR_load_PKCS12_strings(); ERR_load_RAND_strings(); ERR_load_DSO_strings(); +# ifndef OPENSSL_NO_TS ERR_load_TS_strings(); +# endif # ifndef OPENSSL_NO_ENGINE ERR_load_ENGINE_strings(); # endif diff --git a/include/openssl/ts.h b/include/openssl/ts.h index c5bd80a2a9..ca3969f8c5 100644 --- a/include/openssl/ts.h +++ b/include/openssl/ts.h @@ -60,6 +60,7 @@ # define HEADER_TS_H # include +# ifndef OPENSSL_NO_TS # include # include # include @@ -700,3 +701,4 @@ void ERR_load_TS_strings(void); } #endif #endif +#endif diff --git a/util/mkdef.pl b/util/mkdef.pl index ec1907890f..129e6b46bd 100755 --- a/util/mkdef.pl +++ b/util/mkdef.pl @@ -117,6 +117,8 @@ my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF", "UNIT_TEST", # User Interface "UI", + # + "TS", # OCB mode "OCB", # APPLINK (win build feature?)