Add missing header guards in ssl

Reviewed-by: Tomas Mraz <tomas@openssl.foundation>
Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org>
Reviewed-by: Norbert Pocs <norbertp@openssl.org>
MergeDate: Wed May  6 11:35:49 2026
(Merged from https://github.com/openssl/openssl/pull/31001)

diff --git a/ssl/record/methods/recmethod_local.h b/ssl/record/methods/recmethod_local.h
index d2bb7b394d773a30970f40877bf491d96ab6870a..d6db9850c0fcb8f26a9e4243ffa83bee37097dfb 100644 (file)
--- a/ssl/record/methods/recmethod_local.h
+++ b/ssl/record/methods/recmethod_local.h
@@ -7,6 +7,9 @@
  * https://www.openssl.org/source/license.html
  */
 
+#if !defined(OSSL_SSL_RECORD_METHODS_RECMETHOD_LOCAL_H)
+#define OSSL_SSL_RECORD_METHODS_RECMETHOD_LOCAL_H
+
 #include <openssl/bio.h>
 #include <openssl/ssl.h>
 #include <openssl/err.h>
@@ -534,3 +537,5 @@ int tls_write_records_default(OSSL_RECORD_LAYER *rl,
 #define TLS_BUFFER_is_app_buffer(b) ((b)->app_buffer)
 
 void ossl_tls_buffer_release(TLS_BUFFER *b);
+
+#endif /* !defined(OSSL_SSL_RECORD_METHODS_RECMETHOD_LOCAL_H) */

diff --git a/ssl/record/record.h b/ssl/record/record.h
index cfb75e9c4c1ea29a573e6a47efe0c21973ae68e3..1f7ade3988e956a64e95de8dad37c0fa243dc2b8 100644 (file)
--- a/ssl/record/record.h
+++ b/ssl/record/record.h
@@ -7,6 +7,9 @@
  * https://www.openssl.org/source/license.html
  */
 
+#if !defined(OSSL_SSL_RECORD_RECORD_H)
+#define OSSL_SSL_RECORD_RECORD_H
+
 #include <openssl/core_dispatch.h>
 #include "internal/recordmethod.h"
 
@@ -189,3 +192,5 @@ OSSL_CORE_MAKE_FUNC(void, rlayer_msg_callback, (int write_p, int version, int co
 OSSL_CORE_MAKE_FUNC(int, rlayer_security, (void *cbarg, int op, int bits, int nid, void *other))
 #define OSSL_FUNC_RLAYER_PADDING 4
 OSSL_CORE_MAKE_FUNC(size_t, rlayer_padding, (void *cbarg, int type, size_t len))
+
+#endif /* !defined(OSSL_SSL_RECORD_RECORD_H) */

diff --git a/ssl/record/record_local.h b/ssl/record/record_local.h
index bd7608db53cd49285a36604b9937a8ad3b5104ca..7fa24a14b27e136f6f230ab85bf1c5313bedaf59 100644 (file)
--- a/ssl/record/record_local.h
+++ b/ssl/record/record_local.h
@@ -14,4 +14,9 @@
  *                                                                           *
  *****************************************************************************/
 
+#if !defined(OSSL_SSL_RECORD_RECORD_LOCAL_H)
+#define OSSL_SSL_RECORD_RECORD_LOCAL_H
+
 #define MAX_WARN_ALERT_COUNT 5
+
+#endif /* !defined(OSSL_SSL_RECORD_RECORD_LOCAL_H) */

diff --git a/ssl/ssl_cert_table.h b/ssl/ssl_cert_table.h
index f7fc9844c97e4b265670a1f0ea8428449afdd874..85517a749bd04e3997c131e3a77874cc9cb93897 100644 (file)
--- a/ssl/ssl_cert_table.h
+++ b/ssl/ssl_cert_table.h
@@ -10,6 +10,9 @@
 /*
  * Certificate table information. NB: table entries must match SSL_PKEY indices
  */
+#if !defined(OSSL_SSL_SSL_CERT_TABLE_H)
+#define OSSL_SSL_SSL_CERT_TABLE_H
+
 static const SSL_CERT_LOOKUP ssl_cert_info[] = {
     { EVP_PKEY_RSA, SSL_aRSA }, /* SSL_PKEY_RSA */
     { EVP_PKEY_RSA_PSS, SSL_aRSA }, /* SSL_PKEY_RSA_PSS_SIGN */
@@ -21,3 +24,5 @@ static const SSL_CERT_LOOKUP ssl_cert_info[] = {
     { EVP_PKEY_ED25519, SSL_aECDSA }, /* SSL_PKEY_ED25519 */
     { EVP_PKEY_ED448, SSL_aECDSA } /* SSL_PKEY_ED448 */
 };
+
+#endif /* !defined(OSSL_SSL_SSL_CERT_TABLE_H) */

diff --git a/ssl/statem/statem_local.h b/ssl/statem/statem_local.h
index 03e15f888c4690bcd931656e491cb37ab3ab3501..c924269a03765de5cccea712a622cf29a2315bde 100644 (file)
--- a/ssl/statem/statem_local.h
+++ b/ssl/statem/statem_local.h
@@ -17,6 +17,9 @@
 /* Max message length definitions */
 
 /* The spec allows for a longer length than this, but we limit it */
+#if !defined(OSSL_SSL_STATEM_STATEM_LOCAL_H)
+#define OSSL_SSL_STATEM_STATEM_LOCAL_H
+
 #define HELLO_VERIFY_REQUEST_MAX_LENGTH 258
 #define END_OF_EARLY_DATA_MAX_LENGTH 0
 #define HELLO_RETRY_REQUEST_MAX_LENGTH 20000
@@ -591,3 +594,5 @@ EXT_RETURN tls_construct_stoc_ech(SSL_CONNECTION *s, WPACKET *pkt,
 int tls_parse_stoc_ech(SSL_CONNECTION *s, PACKET *pkt, unsigned int context,
     X509 *x, size_t chainidx);
 #endif
+
+#endif /* !defined(OSSL_SSL_STATEM_STATEM_LOCAL_H) */