Commit 230e4cbc3f for openssl.org
commit 230e4cbc3f09846b7f89cd536014a8244bd7aecf
Author: Bob Beck <beck@openssl.org>
Date: Mon Apr 27 12:53:22 2026 -0600
Add missing header guards in ssl
Reviewed-by: Tomas Mraz <tomas@openssl.foundation>
Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org>
Reviewed-by: Norbert Pocs <norbertp@openssl.org>
MergeDate: Wed May 6 11:35:49 2026
(Merged from https://github.com/openssl/openssl/pull/31001)
diff --git a/ssl/record/methods/recmethod_local.h b/ssl/record/methods/recmethod_local.h
index d2bb7b394d..d6db9850c0 100644
--- a/ssl/record/methods/recmethod_local.h
+++ b/ssl/record/methods/recmethod_local.h
@@ -7,6 +7,9 @@
* https://www.openssl.org/source/license.html
*/
+#if !defined(OSSL_SSL_RECORD_METHODS_RECMETHOD_LOCAL_H)
+#define OSSL_SSL_RECORD_METHODS_RECMETHOD_LOCAL_H
+
#include <openssl/bio.h>
#include <openssl/ssl.h>
#include <openssl/err.h>
@@ -534,3 +537,5 @@ int tls_write_records_default(OSSL_RECORD_LAYER *rl,
#define TLS_BUFFER_is_app_buffer(b) ((b)->app_buffer)
void ossl_tls_buffer_release(TLS_BUFFER *b);
+
+#endif /* !defined(OSSL_SSL_RECORD_METHODS_RECMETHOD_LOCAL_H) */
diff --git a/ssl/record/record.h b/ssl/record/record.h
index cfb75e9c4c..1f7ade3988 100644
--- a/ssl/record/record.h
+++ b/ssl/record/record.h
@@ -7,6 +7,9 @@
* https://www.openssl.org/source/license.html
*/
+#if !defined(OSSL_SSL_RECORD_RECORD_H)
+#define OSSL_SSL_RECORD_RECORD_H
+
#include <openssl/core_dispatch.h>
#include "internal/recordmethod.h"
@@ -189,3 +192,5 @@ OSSL_CORE_MAKE_FUNC(void, rlayer_msg_callback, (int write_p, int version, int co
OSSL_CORE_MAKE_FUNC(int, rlayer_security, (void *cbarg, int op, int bits, int nid, void *other))
#define OSSL_FUNC_RLAYER_PADDING 4
OSSL_CORE_MAKE_FUNC(size_t, rlayer_padding, (void *cbarg, int type, size_t len))
+
+#endif /* !defined(OSSL_SSL_RECORD_RECORD_H) */
diff --git a/ssl/record/record_local.h b/ssl/record/record_local.h
index bd7608db53..7fa24a14b2 100644
--- a/ssl/record/record_local.h
+++ b/ssl/record/record_local.h
@@ -14,4 +14,9 @@
* *
*****************************************************************************/
+#if !defined(OSSL_SSL_RECORD_RECORD_LOCAL_H)
+#define OSSL_SSL_RECORD_RECORD_LOCAL_H
+
#define MAX_WARN_ALERT_COUNT 5
+
+#endif /* !defined(OSSL_SSL_RECORD_RECORD_LOCAL_H) */
diff --git a/ssl/ssl_cert_table.h b/ssl/ssl_cert_table.h
index f7fc9844c9..85517a749b 100644
--- a/ssl/ssl_cert_table.h
+++ b/ssl/ssl_cert_table.h
@@ -10,6 +10,9 @@
/*
* Certificate table information. NB: table entries must match SSL_PKEY indices
*/
+#if !defined(OSSL_SSL_SSL_CERT_TABLE_H)
+#define OSSL_SSL_SSL_CERT_TABLE_H
+
static const SSL_CERT_LOOKUP ssl_cert_info[] = {
{ EVP_PKEY_RSA, SSL_aRSA }, /* SSL_PKEY_RSA */
{ EVP_PKEY_RSA_PSS, SSL_aRSA }, /* SSL_PKEY_RSA_PSS_SIGN */
@@ -21,3 +24,5 @@ static const SSL_CERT_LOOKUP ssl_cert_info[] = {
{ EVP_PKEY_ED25519, SSL_aECDSA }, /* SSL_PKEY_ED25519 */
{ EVP_PKEY_ED448, SSL_aECDSA } /* SSL_PKEY_ED448 */
};
+
+#endif /* !defined(OSSL_SSL_SSL_CERT_TABLE_H) */
diff --git a/ssl/statem/statem_local.h b/ssl/statem/statem_local.h
index 03e15f888c..c924269a03 100644
--- a/ssl/statem/statem_local.h
+++ b/ssl/statem/statem_local.h
@@ -17,6 +17,9 @@
/* Max message length definitions */
/* The spec allows for a longer length than this, but we limit it */
+#if !defined(OSSL_SSL_STATEM_STATEM_LOCAL_H)
+#define OSSL_SSL_STATEM_STATEM_LOCAL_H
+
#define HELLO_VERIFY_REQUEST_MAX_LENGTH 258
#define END_OF_EARLY_DATA_MAX_LENGTH 0
#define HELLO_RETRY_REQUEST_MAX_LENGTH 20000
@@ -591,3 +594,5 @@ EXT_RETURN tls_construct_stoc_ech(SSL_CONNECTION *s, WPACKET *pkt,
int tls_parse_stoc_ech(SSL_CONNECTION *s, PACKET *pkt, unsigned int context,
X509 *x, size_t chainidx);
#endif
+
+#endif /* !defined(OSSL_SSL_STATEM_STATEM_LOCAL_H) */