Remove HAVE_SSL_STATE and SIZEOF_SHA_CTX

HAVE_SSL_STATE is always "no"; SIZEOF_SHA_CTX is never used.

diff --git a/configure.ac b/configure.ac
index b34f32a2f3cb4bb8a05349d545fe0d6c4ec3979d..901561c6efcf2e10775cc93a76d01d180906797b 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -1136,15 +1136,6 @@ AC_CHECK_FUNCS([ \
                TLS_method \
               ])
 
-dnl Check if OpenSSL structures are opaque
-AC_CHECK_MEMBERS([SSL.state], , ,
-[#include <openssl/ssl.h>
-])
-
-AC_CHECK_SIZEOF(SHA_CTX, , [AC_INCLUDES_DEFAULT()
-#include <openssl/sha.h>
-])
-
 fi # enable_nss
 
 dnl We will someday make KECCAK_TINY optional, but for now we still need

diff --git a/src/test/test_tortls_openssl.c b/src/test/test_tortls_openssl.c
index eebaf5451e4e38f74504bebc3987d2e640323fc0..d33a7568af4fb810dde353a309a10c39ef09c389 100644 (file)
--- a/src/test/test_tortls_openssl.c
+++ b/src/test/test_tortls_openssl.c
@@ -46,15 +46,19 @@ ENABLE_GCC_WARNING("-Wredundant-decls")
 #include "test/log_test_helpers.h"
 #include "test/test_tortls.h"
 
-#ifndef HAVE_SSL_STATE
-#define OPENSSL_OPAQUE
-#endif
-
-#if defined(OPENSSL_OPAQUE) && !defined(LIBRESSL_VERSION_NUMBER)
 #define SSL_STATE_STR "before SSL initialization"
-#else
-#define SSL_STATE_STR "before/accept initialization"
-#endif
+
+/* Every version and fork of OpenSSL we support now qualifies as "opaque",
+ * in that it hides the members of important structures.
+ *
+ * That's a good thing, but it means we can't run a number of older tests
+ * that require the ability to poke at OpenSSL's internals.
+ *
+ * We're retaining these tests here, rather than removing them,
+ * in case anybody wants to port them to modern OpenSSL.
+ * (Some of them are probably not worth saving, though.)
+ */
+#define OPENSSL_OPAQUE
 
 #ifndef OPENSSL_OPAQUE
 static SSL_METHOD *