first step of v2 final release

ssl/ssl_conf.c

@@ -11,7 +11,6 @@
 #include "ssl_locl.h"
 #include <openssl/conf.h>
 #include <openssl/objects.h>
-#include <openssl/dh.h>
 
 /*
  * structure holding name tables. This is used for permitted elements in lists
@@ -259,6 +258,7 @@ static int cmd_Protocol(SSL_CONF_CTX *cctx, const char *value)
         SSL_FLAG_TBL_INV("TLSv1.2", SSL_OP_NO_TLSv1_2),
         SSL_FLAG_TBL_INV("DTLSv1", SSL_OP_NO_DTLSv1),
         SSL_FLAG_TBL_INV("DTLSv1.2", SSL_OP_NO_DTLSv1_2)
+                                                                
     };
     cctx->tbl = ssl_protocol_list;
     cctx->ntbl = OSSL_NELEM(ssl_protocol_list);
@@ -282,6 +282,9 @@ static int protocol_from_string(const char *value)
         {"TLSv1", TLS1_VERSION},
         {"TLSv1.1", TLS1_1_VERSION},
         {"TLSv1.2", TLS1_2_VERSION},
+#ifndef OPENSSL_NO_GMTLS_VERSION
+        {"GMTLS", GMTLS_VERSION},
+#endif
         {"DTLSv1", DTLS1_VERSION},
         {"DTLSv1.2", DTLS1_2_VERSION}
     };
@@ -526,6 +529,9 @@ static const ssl_conf_cmd_tbl ssl_conf_cmds[] = {
     SSL_CONF_CMD_SWITCH("no_tls1", 0),
     SSL_CONF_CMD_SWITCH("no_tls1_1", 0),
     SSL_CONF_CMD_SWITCH("no_tls1_2", 0),
+#ifndef OPENSSL_NO_GMTLS
+    SSL_CONF_CMD_SWITCH("no_gmtls", 0),
+#endif
     SSL_CONF_CMD_SWITCH("bugs", 0),
     SSL_CONF_CMD_SWITCH("no_comp", 0),
     SSL_CONF_CMD_SWITCH("comp", 0),
@@ -583,6 +589,9 @@ static const ssl_switch_tbl ssl_cmd_switches[] = {
     {SSL_OP_NO_TLSv1, 0},       /* no_tls1 */
     {SSL_OP_NO_TLSv1_1, 0},     /* no_tls1_1 */
     {SSL_OP_NO_TLSv1_2, 0},     /* no_tls1_2 */
+#ifndef OPENSSL_NO_GMTLS_METHOD
+    {SSL_OP_NO_GMTLS, 0},       /* no_gmtls */
+#endif
     {SSL_OP_ALL, 0},            /* bugs */
     {SSL_OP_NO_COMPRESSION, 0}, /* no_comp */
     {SSL_OP_NO_COMPRESSION, SSL_TFLAG_INV}, /* comp */