From 89faab9e9e9123f39e8c0c6f8da1f67de423254a Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat, 14 May 2016 10:28:49 +0200
Subject: Allow for conditional compilation of SSL 3.0 protocol

This allows to completely remove SSL 3.0 support by calling configure
with the '--disable-ssl3' option.

Resolves #93
---
 lib/kx.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'lib/kx.c')

diff --git a/lib/kx.c b/lib/kx.c
index 2c9197a4fc..328fab645b 100644
--- a/lib/kx.c
+++ b/lib/kx.c
@@ -126,6 +126,7 @@ generate_normal_master(gnutls_session_t session,
 		       session->security_parameters.server_random,
 		       GNUTLS_RANDOM_SIZE);
 
+#ifdef ENABLE_SSL3
 		if (get_num_version(session) == GNUTLS_SSL3) {
 			ret =
 			    _gnutls_ssl3_generate_random(premaster->data,
@@ -134,7 +135,8 @@ generate_normal_master(gnutls_session_t session,
 							 GNUTLS_MASTER_SIZE,
 							 session->security_parameters.
 							 master_secret);
-		} else {
+		} else
+#endif
 			ret =
 			    _gnutls_PRF(session, premaster->data, premaster->size,
 					MASTER_SECRET, MASTER_SECRET_SIZE,
@@ -142,7 +144,6 @@ generate_normal_master(gnutls_session_t session,
 					GNUTLS_MASTER_SIZE,
 					session->security_parameters.
 					master_secret);
-		}
 	} else {
 		gnutls_datum_t shash = {NULL, 0};
 
-- 
cgit v1.2.1