Commit 39c803cb authored by David Benjamin's avatar David Benjamin Committed by Daniel Stenberg
Browse files

openssl: remove most BoringSSL #ifdefs. 

As of https://boringssl-review.googlesource.com/#/c/6980/, almost all of
BoringSSL #ifdefs in cURL should be unnecessary:

- BoringSSL provides no-op stubs for compatibility which replaces most
  #ifdefs.

- DES_set_odd_parity has been in BoringSSL for nearly a year now. Remove
  the compatibility codepath.

- With a small tweak to an extend_key_56_to_64 call, the NTLM code
  builds fine.

- Switch OCSP-related #ifdefs to the more generally useful
  OPENSSL_NO_OCSP.

The only #ifdefs which remain are Curl_ossl_version and the #undefs to
work around OpenSSL and wincrypt.h name conflicts. (BoringSSL leaves
that to the consumer. The in-header workaround makes things sensitive to
include order.)

This change errs on the side of removing conditionals despite many of
the restored codepaths being no-ops. (BoringSSL generally adds no-op
compatibility stubs when possible. OPENSSL_VERSION_NUMBER #ifdefs are
bad enough!)

Closes #640
parent 674b57e7

configure.ac

+1 −4
Original line number Diff line number Diff line
@@ -1631,8 +1631,6 @@ if test "$curl_ssl_msg" = "$init_ssl_msg" && test X"$OPT_SSL" != Xno; then 
    dnl Older versions of Cyassl (some time before 2.9.4) don't have

    dnl SSL_get_shutdown (but this check won't actually detect it there

    dnl as it's a macro that needs the header files be included)

    dnl BoringSSL didn't have DES_set_odd_parity for a while but now it is

    dnl back again.



    AC_CHECK_FUNCS( RAND_status \

                    RAND_screen \
@@ -1640,8 +1638,7 @@ if test "$curl_ssl_msg" = "$init_ssl_msg" && test X"$OPT_SSL" != Xno; then 
                    ENGINE_cleanup \

                    CRYPTO_cleanup_all_ex_data \

                    SSL_get_shutdown \

                    SSLv2_client_method \

                    DES_set_odd_parity )

                    SSLv2_client_method )



    AC_MSG_CHECKING([for BoringSSL])

    AC_COMPILE_IFELSE([

docs/THANKS

+1 −0
Original line number Diff line number Diff line
@@ -457,6 +457,7 @@ Glen A Johnson Jr. 
Glen Nakamura

Glen Scott

Glenn Sheridan

Google Inc.

Gordon Marler

Gorilla Maguila

Grant Erickson

lib/config-win32.h

+0 −6
Original line number Diff line number Diff line
@@ -228,12 +228,6 @@ 
   This is present in OpenSSL versions after 0.9.6b */

#define HAVE_CRYPTO_CLEANUP_ALL_EX_DATA 1



/* Define if you have the 'DES_set_odd_parity' function when using OpenSSL/

   BoringSSL */

#if defined(USE_OPENSSL) || defined(HAVE_BORINGSSL)

#define HAVE_DES_SET_ODD_PARITY 1

#endif



/* Define if you have the select function. */

#define HAVE_SELECT 1

lib/curl_des.c

+2 −2
Original line number Diff line number Diff line
@@ -22,7 +22,7 @@ 


#include "curl_setup.h"



#if defined(USE_NTLM) && !defined(HAVE_DES_SET_ODD_PARITY)

#if defined(USE_NTLM) && !defined(USE_OPENSSL)



#include "curl_des.h"
@@ -60,4 +60,4 @@ void Curl_des_set_odd_parity(unsigned char *bytes, size_t len) 
  }

}



#endif /* USE_NTLM && !HAVE_DES_SET_ODD_PARITY */
 
#endif /* USE_NTLM && !USE_OPENSSL */

lib/curl_des.h

+2 −2
Original line number Diff line number Diff line
@@ -24,11 +24,11 @@ 


#include "curl_setup.h"



#if defined(USE_NTLM) && !defined(HAVE_DES_SET_ODD_PARITY)

#if defined(USE_NTLM) && !defined(USE_OPENSSL)



/* Applies odd parity to the given byte array */

void Curl_des_set_odd_parity(unsigned char *bytes, size_t length);



#endif /* USE_NTLM && !HAVE_DES_SET_ODD_PARITY */

#endif /* USE_NTLM && !USE_OPENSSL */



#endif /* HEADER_CURL_DES_H */