From 1fc7d6664a3d118f9d5de217c9ffd154ed9ddb6f Mon Sep 17 00:00:00 2001
From: Kurt Roeckx <kurt@roeckx.be>
Date: Tue, 2 Feb 2016 23:16:20 +0100
Subject: [PATCH] Fix usage of OPENSSL_NO_*_METHOD

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

MR: #1824
---
 doc/ssl/SSL_CTX_new.pod | 10 ++++++++++
 include/openssl/ssl.h   | 10 ++++++++++
 test/clienthellotest.c  |  3 ++-
 test/ssltest.c          |  6 +++---
 4 files changed, 25 insertions(+), 4 deletions(-)

diff --git a/doc/ssl/SSL_CTX_new.pod b/doc/ssl/SSL_CTX_new.pod
index 53c79ae6eb..6590711015 100644
--- a/doc/ssl/SSL_CTX_new.pod
+++ b/doc/ssl/SSL_CTX_new.pod
@@ -33,29 +33,39 @@ functions
  const SSL_METHOD *SSLv3_client_method(void);
  #endif
 
+ #ifndef OPENSSL_NO_TLS1_METHOD
  const SSL_METHOD *TLSv1_method(void);
  const SSL_METHOD *TLSv1_server_method(void);
  const SSL_METHOD *TLSv1_client_method(void);
+ #endif
 
+ #ifndef OPENSSL_NO_TLS1_1_METHOD
  const SSL_METHOD *TLSv1_1_method(void);
  const SSL_METHOD *TLSv1_1_server_method(void);
  const SSL_METHOD *TLSv1_1_client_method(void);
+ #endif
 
+ #ifndef OPENSSL_NO_TLS1_2_METHOD
  const SSL_METHOD *TLSv1_2_method(void);
  const SSL_METHOD *TLSv1_2_server_method(void);
  const SSL_METHOD *TLSv1_2_client_method(void);
+ #endif
 
  const SSL_METHOD *DTLS_method(void);
  const SSL_METHOD *DTLS_server_method(void);
  const SSL_METHOD *DTLS_client_method(void);
 
+ #ifndef OPENSSL_NO_DTLS1_METHOD
  const SSL_METHOD *DTLSv1_method(void);
  const SSL_METHOD *DTLSv1_server_method(void);
  const SSL_METHOD *DTLSv1_client_method(void);
+ #endif
 
+ #ifndef OPENSSL_NO_DTLS1_2_METHOD
  const SSL_METHOD *DTLSv1_2_method(void);
  const SSL_METHOD *DTLSv1_2_server_method(void);
  const SSL_METHOD *DTLSv1_2_client_method(void);
+ #endif
 
 =head1 DESCRIPTION
 
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index cc2a47f42a..1b7c4af3fb 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -1656,25 +1656,35 @@ __owur const SSL_METHOD *TLS_method(void);
 __owur const SSL_METHOD *TLS_server_method(void);
 __owur const SSL_METHOD *TLS_client_method(void);
 
+# ifndef OPENSSL_NO_TLS1_METHOD
 __owur const SSL_METHOD *TLSv1_method(void); /* TLSv1.0 */
 __owur const SSL_METHOD *TLSv1_server_method(void); /* TLSv1.0 */
 __owur const SSL_METHOD *TLSv1_client_method(void); /* TLSv1.0 */
+# endif
 
+# ifndef OPENSSL_NO_TLS1_1_METHOD
 __owur const SSL_METHOD *TLSv1_1_method(void); /* TLSv1.1 */
 __owur const SSL_METHOD *TLSv1_1_server_method(void); /* TLSv1.1 */
 __owur const SSL_METHOD *TLSv1_1_client_method(void); /* TLSv1.1 */
+# endif
 
+# ifndef OPENSSL_NO_TLS1_2_METHOD
 __owur const SSL_METHOD *TLSv1_2_method(void); /* TLSv1.2 */
 __owur const SSL_METHOD *TLSv1_2_server_method(void); /* TLSv1.2 */
 __owur const SSL_METHOD *TLSv1_2_client_method(void); /* TLSv1.2 */
+# endif
 
+# ifndef OPENSSL_NO_DTLS1_METHOD
 __owur const SSL_METHOD *DTLSv1_method(void); /* DTLSv1.0 */
 __owur const SSL_METHOD *DTLSv1_server_method(void); /* DTLSv1.0 */
 __owur const SSL_METHOD *DTLSv1_client_method(void); /* DTLSv1.0 */
+# endif
 
+# ifndef OPENSSL_NO_DTLS1_2_METHOD
 __owur const SSL_METHOD *DTLSv1_2_method(void); /* DTLSv1.2 */
 __owur const SSL_METHOD *DTLSv1_2_server_method(void); /* DTLSv1.2 */
 __owur const SSL_METHOD *DTLSv1_2_client_method(void); /* DTLSv1.2 */
+#endif
 
 __owur const SSL_METHOD *DTLS_method(void); /* DTLS 1.0 and 1.2 */
 __owur const SSL_METHOD *DTLS_server_method(void); /* DTLS 1.0 and 1.2 */
diff --git a/test/clienthellotest.c b/test/clienthellotest.c
index 877566131a..14fa4c0a12 100644
--- a/test/clienthellotest.c
+++ b/test/clienthellotest.c
@@ -115,9 +115,10 @@ int main(int argc, char *argv[])
     for (; currtest < TOTAL_NUM_TESTS; currtest++) {
         testresult = 0;
         if (currtest == TEST_SET_SESSION_TICK_DATA_TLS_1_2) {
-#ifndef OPENSSL_NO_TLS1_2
+#ifndef OPENSSL_NO_TLS1_2_METHOD
             ctx = SSL_CTX_new(TLSv1_2_method());
 #else
+            testresult = 1;
             continue;
 #endif
         } else {
diff --git a/test/ssltest.c b/test/ssltest.c
index 64bf071188..e5f86155c2 100644
--- a/test/ssltest.c
+++ b/test/ssltest.c
@@ -3557,7 +3557,7 @@ static unsigned int psk_server_callback(SSL *ssl, const char *identity,
 
 static int do_test_cipherlist(void)
 {
-#if !defined(OPENSSL_NO_SSL3) || !defined(OPENSSL_NO_TLS1)
+#if !defined(OPENSSL_NO_SSL3_METHOD) || !defined(OPENSSL_NO_TLS1_METHOD)
     int i = 0;
     const SSL_METHOD *meth;
     const SSL_CIPHER *ci, *tci = NULL;
@@ -3569,7 +3569,7 @@ static int do_test_cipherlist(void)
     OPENSSL_init_crypto(0, NULL);
 #endif
 
-#ifndef OPENSSL_NO_SSL3
+#ifndef OPENSSL_NO_SSL3_METHOD
     meth = SSLv3_method();
     tci = NULL;
     while ((ci = meth->get_cipher(i++)) != NULL) {
@@ -3582,7 +3582,7 @@ static int do_test_cipherlist(void)
         tci = ci;
     }
 #endif
-#ifndef OPENSSL_NO_TLS1
+#ifndef OPENSSL_NO_TLS1_METHOD
     meth = TLSv1_method();
     tci = NULL;
     while ((ci = meth->get_cipher(i++)) != NULL) {
-- 
GitLab