We no longer need to detect openssl without RAND_poll()

We require openssl 0.9.7 or later, and RAND_poll() was first added in
openssl 0.9.6.

diff --git a/changes/readable_ssl_versions b/changes/readable_ssl_versions
index 8c8e06c9e78e9d4ab8a2660e4d92b92b8d771b61..f34998c08fd187b7f2c5a43a8d3918dcbcd2d9fd 100644 (file)
--- a/changes/readable_ssl_versions
+++ b/changes/readable_ssl_versions
@@ -1,4 +1,6 @@
   o Code simplification and refactoring:
     - Use macros to indicate OpenSSL versions, so we don't need to worry
       about accidental hexadecimal bit shifts.
+    - Remove some workaround code for OpenSSL 0.9.6, which is no longer
+      supported.
 

diff --git a/src/common/crypto.c b/src/common/crypto.c
index aa8ceed9387113ccb3b14487224cac71038daf41..35d6dfadcc2f99f2fadcf001cb07467994f7dfbb 100644 (file)
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -2360,12 +2360,6 @@ crypto_dh_free(crypto_dh_env_t *dh)
  * work for us too. */
 #define ADD_ENTROPY 32
 
-/** True iff we should use OpenSSL's RAND_poll function to add entropy to its
- * pool.
- *
- * Use RAND_poll if OpenSSL is 0.9.6 release or later. */
-#define HAVE_RAND_POLL (OPENSSL_VERSION_NUMBER >= OPENSSL_V_NOPATCH(0,9,6))
-
 /** True iff it's safe to use RAND_poll after setup.
  *
  * Versions of OpenSSL prior to 0.9.7k and 0.9.8c had a bug where RAND_poll
@@ -2409,8 +2403,7 @@ crypto_seed_rng(int startup)
   size_t n;
 #endif
 
-#if HAVE_RAND_POLL
-  /* OpenSSL 0.9.6 adds a RAND_poll function that knows about more kinds of
+  /* OpenSSL has a RAND_poll function that knows about more kinds of
    * entropy than we do.  We'll try calling that, *and* calling our own entropy
    * functions.  If one succeeds, we'll accept the RNG as seeded. */
   if (startup || RAND_POLL_IS_SAFE) {
@@ -2418,7 +2411,6 @@ crypto_seed_rng(int startup)
     if (rand_poll_status == 0)
       log_warn(LD_CRYPTO, "RAND_poll() failed.");
   }
-#endif
 
 #ifdef MS_WINDOWS
   if (!provider_set) {