From 847b77628553c26679d0c18bbb0f376a957b20e3 Mon Sep 17 00:00:00 2001
From: John Mark Bell <jmb@netsurf-browser.org>
Date: Sun, 22 Feb 2009 15:07:50 +0000
Subject: Purge NETSURF_USE_SSL and WITH_SSL

svn path=/trunk/netsurf/; revision=6599
---
 Docs/Doxyfile                 |  2 +-
 Makefile                      | 56 ++++++-------------------------------------
 Makefile.config               | 11 ---------
 amiga/gui.c                   |  2 --
 amiga/tree.c                  |  2 --
 content/content.h             |  2 --
 content/fetch.c               |  3 ---
 content/fetch.h               |  4 ----
 content/fetchcache.c          |  2 --
 content/fetchers/fetch_curl.c | 34 --------------------------
 css/css.c                     |  2 --
 desktop/browser.c             |  4 ----
 desktop/gui.h                 |  2 --
 framebuffer/fb_gui.c          |  2 --
 gtk/gtk_gui.c                 |  4 ----
 render/html.c                 |  4 ----
 riscos/dialog.c               |  2 --
 riscos/gui.h                  |  2 --
 riscos/plugin.c               |  4 ----
 riscos/sslcert.c              |  2 --
 riscos/treeview.c             |  2 --
 21 files changed, 8 insertions(+), 140 deletions(-)

diff --git a/Docs/Doxyfile b/Docs/Doxyfile
index e471703e6..c22ecfbb0 100644
--- a/Docs/Doxyfile
+++ b/Docs/Doxyfile
@@ -894,7 +894,7 @@ INCLUDE_FILE_PATTERNS  =
 # or name=definition (no spaces). If the definition and the = are
 # omitted =1 is assumed.
 
-PREDEFINED             = riscos CSS_INTERNALS WITH_ARTWORKS WITH_AUTH WITH_BMP WITH_DRAW WITH_DRAW_EXPORT WITH_GIF WITH_JPEG WITH_MMAP WITH_MNG WITH_NSSPRITE WITH_NS_SVG WITH_PLUGIN WITH_PRINT WITH_RSVG WITH_SAVE_COMPLETE WITH_SEARCH WITH_SPRITE WITH_SSL WITH_THEME_INSTALL WITH_URI WITH_URL WITH_PDF_EXPORT
+PREDEFINED             = riscos CSS_INTERNALS WITH_ARTWORKS WITH_AUTH WITH_BMP WITH_DRAW WITH_DRAW_EXPORT WITH_GIF WITH_JPEG WITH_MMAP WITH_MNG WITH_NSSPRITE WITH_NS_SVG WITH_PLUGIN WITH_PRINT WITH_RSVG WITH_SAVE_COMPLETE WITH_SEARCH WITH_SPRITE WITH_THEME_INSTALL WITH_URI WITH_URL WITH_PDF_EXPORT
 
 # If the MACRO_EXPANSION and EXPAND_ONLY_PREDEF tags are set to YES then
 # this tag can be used to specify a list of macro names that should be expanded.
diff --git a/Makefile b/Makefile
index 15f3e11cb..370e14aa2 100644
--- a/Makefile
+++ b/Makefile
@@ -241,42 +241,6 @@ $(eval $(call feature_enabled,MNG,-DWITH_MNG,-lmng,JNG/MNG/PNG support))
 $(eval $(call feature_enabled,HARU_PDF,-DWITH_PDF_EXPORT,-lhpdf -lpng,PDF export))
 $(eval $(call feature_enabled,LIBICONV_PLUG,-DLIBICONV_PLUG,,glibc internal iconv))
 
-# Check for SSL
-ifeq ($(NETSURF_USE_SSL),AUTO)
-  _CURL_HAS_SSL := $(findstring SSL,$(shell curl-config --features))
-  ifeq ($(_CURL_HAS_SSL),SSL)
-    _CURL_USES_OPENSSL := $(findstring -lssl -lcrypto,$(shell curl-config --libs))
-    ifeq ($(_CURL_USES_OPENSSL),)
-      NETSURF_USE_SSL := NO
-      ifneq ($(MAKECMDGOALS),clean)
-        $(info M.CONFIG: cURL not built against OpenSSL, disabling certificate UI)
-      endif
-    else
-      NETSURF_USE_SSL := YES
-      ifneq ($(MAKECMDGOALS),clean)
-        $(info M.CONFIG: cURL appears to be built against OpenSSL, enabling certificate UI)
-      endif
-    endif
-  else
-    NETSURF_USE_SSL := NO
-    ifneq ($(MAKECMDGOALS),clean)
-      $(info M.CONFIG: cURL not built with SSL, disabling certificate UI)
-    endif
-  endif
-endif
-
-ifeq ($(NETSURF_USE_SSL),YES)
-  ifneq ($(MAKECMDGOALS),clean)
-    $(info M.CONFIG: SSL certificate UI enabled)
-  endif
-  CFLAGS += -DWITH_SSL
-  SSL_PKGCONFIG := openssl
-else
-  ifneq ($(MAKECMDGOALS),clean)
-    $(info M.CONFIG: SSL certificate UI disabled)
-  endif
-endif
-
 # common libraries without pkg-config support
 LDFLAGS += -lz
 
@@ -290,11 +254,9 @@ CFLAGS += -DNETSURF_HOMEPAGE=\"$(NETSURF_HOMEPAGE)\"
 ifeq ($(TARGET),riscos)
   ifeq ($(HOST),riscos)
     LDFLAGS += -Xlinker -symbols=$(OBJROOT)/sym -lxml2 -lz -lm -lcurl -lcares
-    ifeq ($(NETSURF_USE_SSL),YES)
-      LDFLAGS += -lssl -lcrypto 
-    endif
+    LDFLAGS += -lssl -lcrypto 
   else
-    LDFLAGS += $(shell $(PKG_CONFIG) --libs libxml-2.0 libcurl $(SSL_PKGCONFIG))
+    LDFLAGS += $(shell $(PKG_CONFIG) --libs libxml-2.0 libcurl)
   endif
 
   $(eval $(call feature_enabled,NSSVG,-DWITH_NS_SVG,-lsvgtiny,SVG rendering))
@@ -331,9 +293,7 @@ ifeq ($(HOST),beos)
   LDFLAGS += -L/boot/common/lib
   # some people do *not* have libm...
   LDFLAGS += -lxml2 -lz -lcurl -liconv
-  ifeq ($(NETSURF_USE_SSL),YES)
-    LDFLAGS += -lssl -lcrypto
-  endif
+  LDFLAGS += -lssl -lcrypto
 endif
 
 # ----------------------------------------------------------------------------
@@ -341,7 +301,7 @@ endif
 # ----------------------------------------------------------------------------
 
 ifeq ($(TARGET),gtk)
-  LDFLAGS += $(shell $(PKG_CONFIG) --libs libxml-2.0 libcurl $(SSL_PKGCONFIG))
+  LDFLAGS += $(shell $(PKG_CONFIG) --libs libxml-2.0 libcurl)
 
   # define additional CFLAGS and LDFLAGS requirements for pkg-configed libs here
   NETSURF_FEATURE_RSVG_CFLAGS := -DWITH_RSVG
@@ -491,9 +451,7 @@ ifeq ($(TARGET),amiga)
 
   CFLAGS += -D__USE_INLINE__ -std=c99 -I . -Dnsamiga
   LDFLAGS += -lxml2 -lcurl -lpthread -lregex -lauto -lparserutils
-  ifeq ($(NETSURF_USE_SSL),YES)
-    LDFLAGS += -lssl -lcrypto
-  endif
+  LDFLAGS += -lssl -lcrypto
 
   ifeq ($(NETSURF_AMIGA_USE_CAIRO),YES)
     CFLAGS += -DNS_AMIGA_CAIRO -I SDK:local/common/include/cairo
@@ -538,7 +496,7 @@ ifeq ($(TARGET),framebuffer)
 		 -D_POSIX_C_SOURCE=200112L 
 
     LDFLAGS += -lxml2 -lz -ljpeg -lcurl -lm 
-    LDFLAGS += $(shell $(PKG_CONFIG) --libs libxml-2.0 libcurl $(SSL_PKGCONFIG))
+    LDFLAGS += $(shell $(PKG_CONFIG) --libs libxml-2.0 libcurl)
     SUBTARGET := -linux
   endif
 
@@ -628,7 +586,7 @@ ifeq ($(TARGET),debug)
 		$(WARNFLAGS) -I. -g \
 		$(shell $(PKG_CONFIG) --cflags libnsgif libnsbmp) \
 		$(shell xml2-config --cflags)
-  LDFLAGS += $(shell $(PKG_CONFIG) --libs libxml-2.0 libcurl $(SSL_PKGCONFIG))
+  LDFLAGS += $(shell $(PKG_CONFIG) --libs libxml-2.0 libcurl)
 
   $(eval $(call pkg_config_find_and_add,RSVG,librsvg-2.0,SVG rendering))
   $(eval $(call pkg_config_find_and_add,ROSPRITE,librosprite,RISC OS sprite rendering))
diff --git a/Makefile.config b/Makefile.config
index 53f971022..3cc70c789 100644
--- a/Makefile.config
+++ b/Makefile.config
@@ -41,11 +41,6 @@ NETSURF_USE_MNG := YES
 # Valid options: YES, NO
 NETSURF_USE_HARU_PDF := YES
 
-# Enable NetSurf's SSL code. This currently requires openssl and
-# libcurl-openssl to be installed on the system. The autodetection for
-# this involves running curl-config.
-NETSURF_USE_SSL := AUTO
-
 # Enable stripping the NetSurf binary
 # Valid options: YES, NO
 NETSURF_STRIP_BINARY := NO
@@ -97,9 +92,6 @@ ifeq ($(TARGET),riscos)
   # Valid options: YES, NO
   NETSURF_USE_PLUGINS := NO
 
-  # Force SSL on, because we can't autodetect it.
-  NETSURF_USE_SSL := YES
-
   # Optimisation levels
   CFLAGS += -O2 -Wuninitialized
 
@@ -175,9 +167,6 @@ ifeq ($(TARGET),amiga)
   # Valid options: YES, NO, AUTO			  (highly recommended)
   NETSURF_USE_HUBBUB := YES
 
-  # Force SSL on, because we can't autodetect it.
-  NETSURF_USE_SSL := YES
-
   # Enable NetSurf's use of libsvgtiny for displaying SVGs
   # (NB: Requires NETSURF_AMIGA_USE_CAIRO)
   # Valid options: YES, NO
diff --git a/amiga/gui.c b/amiga/gui.c
index c1da6f9fa..d39e02b30 100755
--- a/amiga/gui.c
+++ b/amiga/gui.c
@@ -2868,12 +2868,10 @@ uint32 ami_popup_hook(struct Hook *hook,Object *item,APTR reserved)
     return itemid;
 }
 
-#ifdef WITH_SSL
 void gui_cert_verify(struct browser_window *bw, struct content *c,
 		const struct ssl_cert_info *certs, unsigned long num)
 {
 }
-#endif
 
 #ifdef WITH_HUBBUB
 static void *myrealloc(void *ptr, size_t len, void *pw)
diff --git a/amiga/tree.c b/amiga/tree.c
index d499a96cc..e67624674 100755
--- a/amiga/tree.c
+++ b/amiga/tree.c
@@ -359,7 +359,6 @@ bool ami_tree_launch_node(struct tree *tree, struct node *node)
 		return true;
 	}
 
-#ifdef WITH_SSL
 /* not implemented yet
 	element = tree_find_element(node, TREE_ELEMENT_SSL);
 	if (element) {
@@ -367,7 +366,6 @@ bool ami_tree_launch_node(struct tree *tree, struct node *node)
 		return true;
 	}
 */
-#endif
 
 	return false;
 }
diff --git a/content/content.h b/content/content.h
index e387cb1d0..42cca1f74 100644
--- a/content/content.h
+++ b/content/content.h
@@ -100,9 +100,7 @@ typedef enum {
 #ifdef WITH_AUTH
 	CONTENT_MSG_AUTH,      /**< authentication required */
 #endif
-#ifdef WITH_SSL
 	CONTENT_MSG_SSL        /**< SSL cert verify failed */
-#endif
 } content_msg;
 
 /** Extra data for some content_msg messages. */
diff --git a/content/fetch.c b/content/fetch.c
index a421f621a..5ea6fba60 100644
--- a/content/fetch.c
+++ b/content/fetch.c
@@ -36,9 +36,6 @@
 #include <sys/select.h>
 #include <sys/stat.h>
 #include "utils/config.h"
-#ifdef WITH_SSL
-#include <openssl/ssl.h>
-#endif
 #include "content/fetch.h"
 #include "content/fetchers/fetch_curl.h"
 #include "content/fetchers/fetch_data.h"
diff --git a/content/fetch.h b/content/fetch.h
index a91e75662..eaae1165b 100644
--- a/content/fetch.h
+++ b/content/fetch.h
@@ -39,16 +39,13 @@ typedef enum {
 #ifdef WITH_AUTH
               FETCH_AUTH,
 #endif
-#ifdef WITH_SSL
               FETCH_CERT_ERR,
-#endif
 } fetch_msg;
 
 struct content;
 struct fetch;
 struct form_successful_control;
 
-#ifdef WITH_SSL
 struct ssl_cert_info {
 	long version;		/**< Certificate version */
 	char not_before[32];	/**< Valid from date */
@@ -59,7 +56,6 @@ struct ssl_cert_info {
 	char subject[256];	/**< Subject details */
 	int cert_type;		/**< Certificate type */
 };
-#endif
 
 extern bool fetch_active;
 
diff --git a/content/fetchcache.c b/content/fetchcache.c
index 51875e138..ddd46b4d4 100644
--- a/content/fetchcache.c
+++ b/content/fetchcache.c
@@ -514,7 +514,6 @@ void fetchcache_callback(fetch_msg msg, void *p, const void *data,
 			break;
 #endif
 
-#ifdef WITH_SSL
 		case FETCH_CERT_ERR:
 			c->fetch = 0;
 			/* set the status to ERROR so that the content is
@@ -525,7 +524,6 @@ void fetchcache_callback(fetch_msg msg, void *p, const void *data,
 			msg_data.ssl.num = size;
 			content_broadcast(c, CONTENT_MSG_SSL, msg_data);
 			break;
-#endif
 
 		default:
 			assert(0);
diff --git a/content/fetchers/fetch_curl.c b/content/fetchers/fetch_curl.c
index ca11f8258..0bd1161e6 100644
--- a/content/fetchers/fetch_curl.c
+++ b/content/fetchers/fetch_curl.c
@@ -38,9 +38,7 @@
 #include <sys/stat.h>
 #include <sys/utsname.h>
 #include "utils/config.h"
-#ifdef WITH_SSL
 #include <openssl/ssl.h>
-#endif
 #include "content/fetch.h"
 #include "content/fetchers/fetch_curl.h"
 #include "content/urldb.h"
@@ -55,13 +53,11 @@
 #include "utils/ring.h"
 #include "utils/useragent.h"
 
-#ifdef WITH_SSL
 /** SSL certificate info */
 struct cert_info {
 	X509 *cert;		/**< Pointer to certificate */
 	long err;		/**< OpenSSL error code */
 };
-#endif
 
 /** Information for a single fetch. */
 struct curl_fetch_info {
@@ -83,10 +79,8 @@ struct curl_fetch_info {
 	struct curl_httppost *post_multipart;	/**< Multipart post data, or 0. */
 	time_t last_modified;		/**< If-Modified-Since time */
 	time_t file_etag;		/**< ETag for local objects */
-#ifdef WITH_SSL
 #define MAX_CERTS 10
 	struct cert_info cert_data[MAX_CERTS];	/**< HTTPS certificate data */
-#endif
 };
 
 struct cache_handle {
@@ -102,9 +96,7 @@ CURLM *fetch_curl_multi;		/**< Global cURL multi handle. */
 static CURL *fetch_blank_curl;
 static struct cache_handle *curl_handle_ring = 0; /**< Ring of cached handles */
 static int curl_fetchers_registered = 0;
-#ifdef WITH_SSL
 static bool curl_with_openssl;
-#endif
 
 static char fetch_error_buffer[CURL_ERROR_SIZE]; /**< Error buffer for cURL. */
 static char fetch_progress_buffer[256]; /**< Progress buffer for cURL */
@@ -122,10 +114,8 @@ static bool fetch_curl_initiate_fetch(struct curl_fetch_info *fetch,
 static CURL *fetch_curl_get_handle(char *host);
 static void fetch_curl_cache_handle(CURL *handle, char *hostname);
 static CURLcode fetch_curl_set_options(struct curl_fetch_info *f);
-#ifdef WITH_SSL
 static CURLcode fetch_curl_sslctxfun(CURL *curl_handle, void *_sslctx,
 				     void *p);
-#endif
 static void fetch_curl_abort(void *vf);
 static void fetch_curl_stop(struct curl_fetch_info *f);
 static void fetch_curl_free(void *f);
@@ -145,12 +135,10 @@ static size_t fetch_curl_header(char *data, size_t size, size_t nmemb,
 static bool fetch_curl_process_headers(struct curl_fetch_info *f);
 static struct curl_httppost *fetch_curl_post_convert(
 		struct form_successful_control *control);
-#ifdef WITH_SSL
 static int fetch_curl_verify_callback(int preverify_ok,
 		X509_STORE_CTX *x509_ctx);
 static int fetch_curl_cert_verify_callback(X509_STORE_CTX *x509_ctx,
 		void *parm);
-#endif
 
 
 /**
@@ -214,7 +202,6 @@ void fetch_curl_register(void)
 	if (option_ca_path && strcmp(option_ca_path, ""))
 		SETOPT(CURLOPT_CAPATH, option_ca_path);
 
-#ifdef WITH_SSL
 	/* Detect whether the SSL CTX function API works */
 	curl_with_openssl = true;
 	code = curl_easy_setopt(fetch_blank_curl, 
@@ -224,7 +211,6 @@ void fetch_curl_register(void)
 	}
 
 	LOG(("cURL %slinked against openssl", curl_with_openssl ? "" : "not "));
-#endif
 
 	/* cURL initialised okay, register the fetchers */
 
@@ -361,9 +347,7 @@ void * fetch_curl_setup(struct fetch *parent_fetch, const char *url,
 	fetch->last_modified = 0;
 	fetch->file_etag = 0;
 	fetch->http_code = 0;
-#ifdef WITH_SSL
 	memset(fetch->cert_data, 0, sizeof(fetch->cert_data));
-#endif
 
 	if (!fetch->url ||
 	    (post_urlenc && !fetch->post_urlenc) ||
@@ -605,7 +589,6 @@ fetch_curl_set_options(struct curl_fetch_info *f)
 		}
 	}
 
-#ifdef WITH_SSL
 	if (urldb_get_cert_permissions(f->url)) {
 		/* Disable certificate verification */
 		SETOPT(CURLOPT_SSL_VERIFYPEER, 0L);
@@ -623,13 +606,11 @@ fetch_curl_set_options(struct curl_fetch_info *f)
 			SETOPT(CURLOPT_SSL_CTX_DATA, f);
 		}
 	}
-#endif
 
 	return CURLE_OK;
 }
 
 
-#ifdef WITH_SSL
 /**
  * cURL SSL setup callback
  */
@@ -643,7 +624,6 @@ fetch_curl_sslctxfun(CURL *curl_handle, void *_sslctx, void *parm)
 					 parm);
 	return CURLE_OK;
 }
-#endif
 
 
 /**
@@ -698,9 +678,7 @@ void fetch_curl_stop(struct curl_fetch_info *f)
 void fetch_curl_free(void *vf)
 {
 	struct curl_fetch_info *f = (struct curl_fetch_info *)vf;
-#ifdef WITH_SSL
 	int i;
-#endif
 
 	if (f->curl_handle)
 		curl_easy_cleanup(f->curl_handle);
@@ -715,13 +693,11 @@ void fetch_curl_free(void *vf)
 	if (f->post_multipart)
 		curl_formfree(f->post_multipart);
 
-#ifdef WITH_SSL
 	for (i = 0; i < MAX_CERTS && f->cert_data[i].cert; i++) {
 		f->cert_data[i].cert->references--;
 		if (f->cert_data[i].cert->references == 0)
 			X509_free(f->cert_data[i].cert);
 	}
-#endif
 
 	free(f);
 }
@@ -776,17 +752,13 @@ void fetch_curl_done(CURL *curl_handle, CURLcode result)
 {
 	bool finished = false;
 	bool error = false;
-#ifdef WITH_SSL
 	bool cert = false;
-#endif
 	bool abort;
 	struct curl_fetch_info *f;
 	char **_hideous_hack = (char **) (void *) &f;
 	CURLcode code;
-#ifdef WITH_SSL
 	struct cert_info certs[MAX_CERTS];
 	memset(certs, 0, sizeof(certs));
-#endif
 
 	/* find the structure associated with this fetch */
 	/* For some reason, cURL thinks CURLINFO_PRIVATE should be a string?! */
@@ -816,14 +788,12 @@ void fetch_curl_done(CURL *curl_handle, CURLcode result)
 		/* CURLE_WRITE_ERROR occurs when fetch_curl_data
 		 * returns 0, which we use to abort intentionally */
 		;
-#ifdef WITH_SSL
 	else if (result == CURLE_SSL_PEER_CERTIFICATE ||
 			result == CURLE_SSL_CACERT) {
 		memcpy(certs, f->cert_data, sizeof(certs));
 		memset(f->cert_data, 0, sizeof(f->cert_data));
 		cert = true;
 	}
-#endif
 	else {
 		LOG(("Unknown cURL response code %d", result));
 		error = true;
@@ -835,7 +805,6 @@ void fetch_curl_done(CURL *curl_handle, CURLcode result)
 		; /* fetch was aborted: no callback */
 	else if (finished)
 		fetch_send_callback(FETCH_FINISHED, f->fetch_handle, 0, 0);
-#ifdef WITH_SSL
 	else if (cert) {
 		int i;
 		BIO *mem;
@@ -917,7 +886,6 @@ void fetch_curl_done(CURL *curl_handle, CURLcode result)
 				&ssl_certs, i);
 
 	}
-#endif
 	else if (error)
 		fetch_send_callback(FETCH_ERROR, f->fetch_handle,
 				fetch_error_buffer, 0);
@@ -1317,7 +1285,6 @@ fetch_curl_post_convert(struct form_successful_control *control)
 }
 
 
-#ifdef WITH_SSL
 /**
  * OpenSSL Certificate verification callback
  * Stores certificate details in fetch struct.
@@ -1360,4 +1327,3 @@ int fetch_curl_cert_verify_callback(X509_STORE_CTX *x509_ctx, void *parm)
 
 	return ok;
 }
-#endif
diff --git a/css/css.c b/css/css.c
index e7d1200b2..b303244df 100644
--- a/css/css.c
+++ b/css/css.c
@@ -959,9 +959,7 @@ void css_atimport_callback(content_msg msg, struct content *css,
 #ifdef WITH_AUTH
 		case CONTENT_MSG_AUTH:
 #endif
-#ifdef WITH_SSL
 		case CONTENT_MSG_SSL:
-#endif
 			/* todo: handle AUTH and SSL */
 
 		case CONTENT_MSG_LAUNCH:
diff --git a/desktop/browser.c b/desktop/browser.c
index 315490a95..19f7c9de4 100644
--- a/desktop/browser.c
+++ b/desktop/browser.c
@@ -604,7 +604,6 @@ void browser_window_callback(content_msg msg, struct content *c,
 		break;
 #endif
 
-#ifdef WITH_SSL
 	case CONTENT_MSG_SSL:
 		gui_cert_verify(bw, c, data.ssl.certs, data.ssl.num);
 		if (c == bw->loading_content)
@@ -619,7 +618,6 @@ void browser_window_callback(content_msg msg, struct content *c,
 		free(bw->referer);
 		bw->referer = 0;
 		break;
-#endif
 
 	case CONTENT_MSG_REFRESH:
 		bw->refresh_interval = data.delay * 100;
@@ -1263,9 +1261,7 @@ void download_window_callback(fetch_msg msg, void *p, const void *data,
 		case FETCH_TYPE:
 		case FETCH_NOTMODIFIED:
 		case FETCH_AUTH:
-#ifdef WITH_SSL
 		case FETCH_CERT_ERR:
-#endif
 		default:
 			/* not possible */
 			assert(0);
diff --git a/desktop/gui.h b/desktop/gui.h
index de6eae3c5..6449c1edb 100644
--- a/desktop/gui.h
+++ b/desktop/gui.h
@@ -127,11 +127,9 @@ bool gui_search_term_highlighted(struct gui_window *g,
 		unsigned start_offset, unsigned end_offset,
 		unsigned *start_idx, unsigned *end_idx);
 
-#ifdef WITH_SSL
 struct ssl_cert_info;
 
 void gui_cert_verify(struct browser_window *bw, struct content *c,
 		const struct ssl_cert_info *certs, unsigned long num);
-#endif
 
 #endif
diff --git a/framebuffer/fb_gui.c b/framebuffer/fb_gui.c
index 705ccdc80..8f50d59e1 100644
--- a/framebuffer/fb_gui.c
+++ b/framebuffer/fb_gui.c
@@ -635,12 +635,10 @@ bool gui_search_term_highlighted(struct gui_window *g,
 
 
 
-#ifdef WITH_SSL
 void gui_cert_verify(struct browser_window *bw, struct content *c,
 		const struct ssl_cert_info *certs, unsigned long num)
 {
 }
-#endif
 
 /*
  * Local Variables:
diff --git a/gtk/gtk_gui.c b/gtk/gtk_gui.c
index 7d3fe19f4..4d6487b42 100644
--- a/gtk/gtk_gui.c
+++ b/gtk/gtk_gui.c
@@ -84,13 +84,11 @@ static GtkWidget *select_menu;
 static struct browser_window *select_menu_bw;
 static struct form_control *select_menu_control;
 
-#ifdef WITH_SSL
 static void nsgtk_create_ssl_verify_window(struct browser_window *bw,
 		struct content *c, const struct ssl_cert_info *certs,
 		unsigned long num);
 static void nsgtk_ssl_accept(GtkButton *w, gpointer data);
 static void nsgtk_ssl_reject(GtkButton *w, gpointer data);
-#endif
 static void nsgtk_select_menu_clicked(GtkCheckMenuItem *checkmenuitem,
 					gpointer user_data);
 #ifdef WITH_PDF_EXPORT
@@ -528,7 +526,6 @@ void hotlist_visited(struct content *content)
 {
 }
 
-#ifdef WITH_SSL
 void gui_cert_verify(struct browser_window *bw, struct content *c,
 		const struct ssl_cert_info *certs, unsigned long num)
 {
@@ -588,7 +585,6 @@ static void nsgtk_ssl_reject(GtkButton *w, gpointer data)
 	free(session[1]);
 	free(session);
 }
-#endif
 
 utf8_convert_ret utf8_to_local_encoding(const char *string, size_t len,
 		char **result)
diff --git a/render/html.c b/render/html.c
index 6887bdc80..27b3ffcda 100644
--- a/render/html.c
+++ b/render/html.c
@@ -1139,13 +1139,11 @@ void html_convert_css_callback(content_msg msg, struct content *css,
 			break;
 #endif
 
-#ifdef WITH_SSL
 		case CONTENT_MSG_SSL:
 			c->data.html.stylesheet_content[i] = 0;
 			c->active--;
 			content_add_error(c, "?", 0);
 			break;
-#endif
 
 		default:
 			assert(0);
@@ -1420,13 +1418,11 @@ void html_object_callback(content_msg msg, struct content *object,
 			break;
 #endif
 
-#ifdef WITH_SSL
 		case CONTENT_MSG_SSL:
 			c->data.html.object[i].content = 0;
 			c->active--;
 			content_add_error(c, "?", 0);
 			break;
-#endif
 
 		case CONTENT_MSG_REFRESH:
 			if (object->type == CONTENT_HTML)
diff --git a/riscos/dialog.c b/riscos/dialog.c
index d9854f09e..ecc03b1e2 100644
--- a/riscos/dialog.c
+++ b/riscos/dialog.c
@@ -110,9 +110,7 @@ void ro_gui_dialog_init(void)
 #endif
 
 	/* certificate verification window */
-#ifdef WITH_SSL
 	ro_gui_cert_init();
-#endif
 
 	/* hotlist window */
 	ro_gui_hotlist_initialise();
diff --git a/riscos/gui.h b/riscos/gui.h
index 2ea3f5968..eb6c812e6 100644
--- a/riscos/gui.h
+++ b/riscos/gui.h
@@ -139,10 +139,8 @@ void ro_gui_401login_init(void);
 #endif
 
 /* in sslcert.c */
-#ifdef WITH_SSL
 void ro_gui_cert_init(void);
 void ro_gui_cert_open(struct tree *tree, struct node *node);
-#endif
 
 /* in window.c */
 void ro_gui_window_quit(void);
diff --git a/riscos/plugin.c b/riscos/plugin.c
index 2f93b7a86..742a099b7 100644
--- a/riscos/plugin.c
+++ b/riscos/plugin.c
@@ -1718,11 +1718,9 @@ void plugin_stream_callback(content_msg msg, struct content *c,
 			/* ignore this */
 			break;
 
-#ifdef WITH_SSL
 		case CONTENT_MSG_SSL:
 			plugin_destroy_stream(p, plugin_STREAM_DESTROY_ERROR);
 			break;
-#endif
 
 		case CONTENT_MSG_READY:
 		case CONTENT_MSG_DONE:
@@ -1770,9 +1768,7 @@ void plugin_fetch_callback(fetch_msg msg, void *p, const void *data,
 		case FETCH_TYPE:
 		case FETCH_NOTMODIFIED:
 		case FETCH_AUTH:
-#ifdef WITH_SSL
 		case FETCH_CERT_ERR:
-#endif
 		default:
 			/* not possible */
 			assert(0);
diff --git a/riscos/sslcert.c b/riscos/sslcert.c
index 51069954c..e588ba239 100644
--- a/riscos/sslcert.c
+++ b/riscos/sslcert.c
@@ -21,7 +21,6 @@
  */
 
 #include "utils/config.h"
-#ifdef WITH_SSL
 
 #include <assert.h>
 #include <stdbool.h>
@@ -446,4 +445,3 @@ bool ro_gui_cert_click(wimp_pointer *pointer)
 	return true;
 }
 
-#endif
diff --git a/riscos/treeview.c b/riscos/treeview.c
index 4a4ad36cf..8eac2abf6 100644
--- a/riscos/treeview.c
+++ b/riscos/treeview.c
@@ -1584,13 +1584,11 @@ bool ro_gui_tree_launch_node(struct tree *tree, struct node *node)
 		return true;
 	}
 
-#ifdef WITH_SSL
 	element = tree_find_element(node, TREE_ELEMENT_SSL);
 	if (element) {
 		ro_gui_cert_open(tree, node);
 		return true;
 	}
-#endif
 
 	return false;
 }
-- 
cgit v1.2.3