diff --git a/examples/client.c b/examples/client.c index 5b759324..3ddeafe4 100644 --- a/examples/client.c +++ b/examples/client.c @@ -345,6 +345,7 @@ static void setup_nghttp2_callbacks(nghttp2_session_callbacks *callbacks) { callbacks, on_data_chunk_recv_callback); } +#ifndef OPENSSL_NO_NEXTPROTONEG /* * Callback function for TLS NPN. Since this program only supports * HTTP/2 protocol, if server does not offer HTTP/2 the nghttp2 @@ -365,6 +366,7 @@ static int select_next_proto_cb(SSL *ssl, unsigned char **out, } return SSL_TLSEXT_ERR_OK; } +#endif /* !OPENSSL_NO_NEXTPROTONEG */ /* * Setup SSL/TLS context. diff --git a/examples/libevent-client.c b/examples/libevent-client.c index e76d7fa0..f297df4f 100644 --- a/examples/libevent-client.c +++ b/examples/libevent-client.c @@ -308,6 +308,7 @@ static int on_stream_close_callback(nghttp2_session *session, int32_t stream_id, return 0; } +#ifndef OPENSSL_NO_NEXTPROTONEG /* NPN TLS extension client callback. We check that server advertised the HTTP/2 protocol the nghttp2 library supports. If not, exit the program. */ @@ -322,6 +323,7 @@ static int select_next_proto_cb(SSL *ssl, unsigned char **out, } return SSL_TLSEXT_ERR_OK; } +#endif /* !OPENSSL_NO_NEXTPROTONEG */ /* Create SSL_CTX. */ static SSL_CTX *create_ssl_ctx(void) { diff --git a/examples/libevent-server.c b/examples/libevent-server.c index f9e9b50e..59091c54 100644 --- a/examples/libevent-server.c +++ b/examples/libevent-server.c @@ -109,6 +109,7 @@ struct app_context { static unsigned char next_proto_list[256]; static size_t next_proto_list_len; +#ifndef OPENSSL_NO_NEXTPROTONEG static int next_proto_cb(SSL *ssl, const unsigned char **data, unsigned int *len, void *arg) { (void)ssl; @@ -118,6 +119,7 @@ static int next_proto_cb(SSL *ssl, const unsigned char **data, *len = (unsigned int)next_proto_list_len; return SSL_TLSEXT_ERR_OK; } +#endif /* !OPENSSL_NO_NEXTPROTONEG */ #if OPENSSL_VERSION_NUMBER >= 0x10002000L static int alpn_select_proto_cb(SSL *ssl, const unsigned char **out, diff --git a/src/HttpServer.cc b/src/HttpServer.cc index 4e43567c..72d61b19 100644 --- a/src/HttpServer.cc +++ b/src/HttpServer.cc @@ -1984,6 +1984,7 @@ HttpServer::HttpServer(const Config *config) : config_(config) { }; } +#ifndef OPENSSL_NO_NEXTPROTONEG namespace { int next_proto_cb(SSL *s, const unsigned char **data, unsigned int *len, void *arg) { @@ -1993,6 +1994,7 @@ int next_proto_cb(SSL *s, const unsigned char **data, unsigned int *len, return SSL_TLSEXT_ERR_OK; } } // namespace +#endif // !OPENSSL_NO_NEXTPROTONEG namespace { int verify_callback(int preverify_ok, X509_STORE_CTX *ctx) { diff --git a/src/asio_client_tls_context.cc b/src/asio_client_tls_context.cc index 3291885b..eaa9b8b3 100644 --- a/src/asio_client_tls_context.cc +++ b/src/asio_client_tls_context.cc @@ -35,6 +35,7 @@ namespace nghttp2 { namespace asio_http2 { namespace client { +#ifndef OPENSSL_NO_NEXTPROTONEG namespace { int client_select_next_proto_cb(SSL *ssl, unsigned char **out, unsigned char *outlen, const unsigned char *in, @@ -46,6 +47,7 @@ int client_select_next_proto_cb(SSL *ssl, unsigned char **out, return SSL_TLSEXT_ERR_OK; } } // namespace +#endif // !OPENSSL_NO_NEXTPROTONEG boost::system::error_code configure_tls_context(boost::system::error_code &ec, @@ -54,7 +56,9 @@ configure_tls_context(boost::system::error_code &ec, auto ctx = tls_ctx.native_handle(); +#ifndef OPENSSL_NO_NEXTPROTONEG SSL_CTX_set_next_proto_select_cb(ctx, client_select_next_proto_cb, nullptr); +#endif // !OPENSSL_NO_NEXTPROTONEG #if OPENSSL_VERSION_NUMBER >= 0x10002000L auto proto_list = util::get_default_alpn(); diff --git a/src/asio_server_tls_context.cc b/src/asio_server_tls_context.cc index aa73cc50..0e33441e 100644 --- a/src/asio_server_tls_context.cc +++ b/src/asio_server_tls_context.cc @@ -35,12 +35,14 @@ namespace nghttp2 { namespace asio_http2 { namespace server { +#ifndef OPENSSL_NO_NEXTPROTONEG namespace { std::vector &get_alpn_token() { static auto alpn_token = util::get_default_alpn(); return alpn_token; } } // namespace +#endif // !OPENSSL_NO_NEXTPROTONEG #if OPENSSL_VERSION_NUMBER >= 0x10002000L namespace { @@ -82,6 +84,7 @@ configure_tls_context_easy(boost::system::error_code &ec, } #endif /* OPENSSL_NO_EC */ +#ifndef OPENSSL_NO_NEXTPROTONEG SSL_CTX_set_next_protos_advertised_cb( ctx, [](SSL *s, const unsigned char **data, unsigned int *len, void *arg) { @@ -93,6 +96,7 @@ configure_tls_context_easy(boost::system::error_code &ec, return SSL_TLSEXT_ERR_OK; }, nullptr); +#endif // !OPENSSL_NO_NEXTPROTONEG #if OPENSSL_VERSION_NUMBER >= 0x10002000L // ALPN selection callback diff --git a/src/h2load.cc b/src/h2load.cc index 7df9c52f..253a07c8 100644 --- a/src/h2load.cc +++ b/src/h2load.cc @@ -1565,6 +1565,7 @@ std::string get_reqline(const char *uri, const http_parser_url &u) { } } // namespace +#ifndef OPENSSL_NO_NEXTPROTONEG namespace { int client_select_next_proto_cb(SSL *ssl, unsigned char **out, unsigned char *outlen, const unsigned char *in, @@ -1579,6 +1580,7 @@ int client_select_next_proto_cb(SSL *ssl, unsigned char **out, return SSL_TLSEXT_ERR_NOACK; } } // namespace +#endif // !OPENSSL_NO_NEXTPROTONEG namespace { constexpr char UNIX_PATH_PREFIX[] = "unix:"; diff --git a/src/nghttp.cc b/src/nghttp.cc index f6cc0035..bddccec3 100644 --- a/src/nghttp.cc +++ b/src/nghttp.cc @@ -2222,6 +2222,7 @@ id responseEnd requestStart process code size request path)" } } // namespace +#ifndef OPENSSL_NO_NEXTPROTONEG namespace { int client_select_next_proto_cb(SSL *ssl, unsigned char **out, unsigned char *outlen, const unsigned char *in, @@ -2245,6 +2246,7 @@ int client_select_next_proto_cb(SSL *ssl, unsigned char **out, return SSL_TLSEXT_ERR_OK; } } // namespace +#endif // !OPENSSL_NO_NEXTPROTONEG namespace { int communicate( diff --git a/src/shrpx_tls.cc b/src/shrpx_tls.cc index 6e8d808a..6dbd456c 100644 --- a/src/shrpx_tls.cc +++ b/src/shrpx_tls.cc @@ -80,6 +80,7 @@ const unsigned char *ASN1_STRING_get0_data(ASN1_STRING *x) { } // namespace #endif // !OPENSSL_1_1_API +#ifndef OPENSSL_NO_NEXTPROTONEG namespace { int next_proto_cb(SSL *s, const unsigned char **data, unsigned int *len, void *arg) { @@ -89,6 +90,7 @@ int next_proto_cb(SSL *s, const unsigned char **data, unsigned int *len, return SSL_TLSEXT_ERR_OK; } } // namespace +#endif // !OPENSSL_NO_NEXTPROTONEG namespace { int verify_callback(int preverify_ok, X509_STORE_CTX *ctx) {