From: Tobias Brunner Date: Fri, 4 Mar 2022 09:57:20 +0000 (+0100) Subject: openssl: Remove checks and legacy compatibility code for OpenSSL < 1.0.2 X-Git-Tag: 5.9.6rc1~1^2~4 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=f26639de2caecebe7afeefaedd270ba4504d2f1a;p=thirdparty%2Fstrongswan.git openssl: Remove checks and legacy compatibility code for OpenSSL < 1.0.2 More of this code was already removed with previous commits. While versions < 1.1.1 are not officially supported anymore, 1.0.2 might still be in use because before 3.x that was the latest version with official FIPS support (OpenSSL apparently also provides extended commercial support for it). --- diff --git a/src/libstrongswan/plugins/openssl/openssl_aead.c b/src/libstrongswan/plugins/openssl/openssl_aead.c index 9262cfb230..4d1aa7cd41 100644 --- a/src/libstrongswan/plugins/openssl/openssl_aead.c +++ b/src/libstrongswan/plugins/openssl/openssl_aead.c @@ -15,8 +15,6 @@ #include -#if OPENSSL_VERSION_NUMBER >= 0x1000100fL - #include "openssl_aead.h" #include @@ -363,5 +361,3 @@ aead_t *openssl_aead_create(encryption_algorithm_t algo, return &this->public; } - -#endif /* OPENSSL_VERSION_NUMBER */ diff --git a/src/libstrongswan/plugins/openssl/openssl_plugin.c b/src/libstrongswan/plugins/openssl/openssl_plugin.c index 7ea53b858b..3446dd0d49 100644 --- a/src/libstrongswan/plugins/openssl/openssl_plugin.c +++ b/src/libstrongswan/plugins/openssl/openssl_plugin.c @@ -160,41 +160,26 @@ static thread_value_t *cleanup; */ static void cleanup_thread(void *arg) { -#if OPENSSL_VERSION_NUMBER >= 0x1000000fL CRYPTO_THREADID tid; CRYPTO_THREADID_set_numeric(&tid, (u_long)(uintptr_t)arg); ERR_remove_thread_state(&tid); -#else - ERR_remove_state((u_long)(uintptr_t)arg); -#endif } /** - * Thread-ID callback function + * Callback for thread ID */ -static u_long id_function(void) +static void threadid_function(CRYPTO_THREADID *threadid) { u_long id; /* ensure the thread ID is never zero, otherwise OpenSSL might try to * acquire locks recursively */ id = 1 + (u_long)thread_current_id(); - /* cleanup a thread's state later if OpenSSL interacted with it */ cleanup->set(cleanup, (void*)(uintptr_t)id); - return id; -} - -#if OPENSSL_VERSION_NUMBER >= 0x1000000fL -/** - * Callback for thread ID - */ -static void threadid_function(CRYPTO_THREADID *threadid) -{ - CRYPTO_THREADID_set_numeric(threadid, id_function()); + CRYPTO_THREADID_set_numeric(threadid, id); } -#endif /* OPENSSL_VERSION_NUMBER */ /** * initialize OpenSSL for multi-threaded use @@ -205,14 +190,9 @@ static void threading_init() cleanup = thread_value_create(cleanup_thread); -#if OPENSSL_VERSION_NUMBER >= 0x1000000fL CRYPTO_THREADID_set_callback(threadid_function); -#else - CRYPTO_set_id_callback(id_function); -#endif CRYPTO_set_locking_callback(locking_function); - CRYPTO_set_dynlock_create_callback(create_function); CRYPTO_set_dynlock_lock_callback(lock_function); CRYPTO_set_dynlock_destroy_callback(destroy_function); @@ -663,7 +643,7 @@ METHOD(plugin_t, get_features, int, PLUGIN_PROVIDE(KDF, KDF_PRF_PLUS), #endif #endif /* OPENSSL_NO_HMAC */ -#if (OPENSSL_VERSION_NUMBER >= 0x1000100fL && !defined(OPENSSL_NO_AES)) || \ +#if (!defined(OPENSSL_NO_AES)) || \ (OPENSSL_VERSION_NUMBER >= 0x1010000fL && !defined(OPENSSL_NO_CHACHA)) /* AEAD (AES GCM since 1.0.1, ChaCha20-Poly1305 since 1.1.0) */ PLUGIN_REGISTER(AEAD, openssl_aead_create),