polarssl: break compatibility with version older than 1.3.

Remove all #ifdef/else/endif macros that ensure compatibility with polarssl
version previous than 1.3.

diff --git a/lib/urldata.h b/lib/urldata.h
index 8e9dff47f87daa5523c029d490ccc34cc2d682ef..3ab4ed9fc761fdb511d26deedbc73cb4e9e2922c 100644 (file)
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -296,13 +296,8 @@ struct ssl_connect_data {
   ssl_connect_state connecting_state;
 #endif /* USE_GNUTLS */
 #ifdef USE_POLARSSL
-#if POLARSSL_VERSION_NUMBER<0x01010000
-  havege_state hs;
-#else
-  /* from v1.1.0, use ctr_drbg and entropy */
   ctr_drbg_context ctr_drbg;
   entropy_context entropy;
-#endif /* POLARSSL_VERSION_NUMBER<0x01010000 */
   ssl_context ssl;
   ssl_session ssn;
   int server_fd;

diff --git a/lib/vtls/polarssl.c b/lib/vtls/polarssl.c
index aeef65def4a0ac2b2393e09052ce70a94e705dcc..e03135a5bcb968396574e97ad092b71c12da4bb0 100644 (file)
--- a/lib/vtls/polarssl.c
+++ b/lib/vtls/polarssl.c
@@ -151,9 +151,6 @@ polarssl_connect_step1(struct connectdata *conn,
   else if(data->set.ssl.version == CURL_SSLVERSION_SSLv3)
     sni = FALSE; /* SSLv3 has no SNI */
 
-#if POLARSSL_VERSION_NUMBER<0x01010000
-  havege_init(&connssl->hs);
-#else
 #ifdef THREADING_SUPPORT
   entropy_init_mutex(&entropy);
 
@@ -177,7 +174,6 @@ polarssl_connect_step1(struct connectdata *conn,
                                                             -ret, errorbuf);
   }
 #endif /* THREADING_SUPPORT */
-#endif /* POLARSSL_VERSION_NUMBER<0x01010000 */
 
   /* Load the trusted CA */
   memset(&connssl->cacert, 0, sizeof(x509_crt));
@@ -270,13 +266,8 @@ polarssl_connect_step1(struct connectdata *conn,
   ssl_set_endpoint(&connssl->ssl, SSL_IS_CLIENT);
   ssl_set_authmode(&connssl->ssl, SSL_VERIFY_OPTIONAL);
 
-#if POLARSSL_VERSION_NUMBER<0x01010000
-  ssl_set_rng(&connssl->ssl, havege_rand,
-              &connssl->hs);
-#else
   ssl_set_rng(&connssl->ssl, ctr_drbg_random,
               &connssl->ctr_drbg);
-#endif /* POLARSSL_VERSION_NUMBER<0x01010000 */
   ssl_set_bio(&connssl->ssl,
               net_recv, &conn->sock[sockindex],
               net_send, &conn->sock[sockindex]);
@@ -287,15 +278,8 @@ polarssl_connect_step1(struct connectdata *conn,
     infof(data, "PolarSSL re-using session\n");
   }
 
-/* PolarSSL SVN revision r1316 to r1317, matching <1.2.0 is to cover Ubuntu's
-   1.1.4 version and the like */
-#if POLARSSL_VERSION_NUMBER<0x01020000
-  ssl_set_session(&connssl->ssl, 1, 600,
-                  &connssl->ssn);
-#else
   ssl_set_session(&connssl->ssl,
                   &connssl->ssn);
-#endif
 
   ssl_set_ca_chain(&connssl->ssl,
                    &connssl->cacert,
@@ -367,13 +351,7 @@ polarssl_connect_step2(struct connectdata *conn,
   }
 
   infof(data, "PolarSSL: Handshake complete, cipher is %s\n",
-#if POLARSSL_VERSION_NUMBER<0x01000000
-        ssl_get_cipher(&conn->ssl[sockindex].ssl)
-#elif POLARSSL_VERSION_NUMBER >= 0x01010000
         ssl_get_ciphersuite(&conn->ssl[sockindex].ssl)
-#else
-        ssl_get_ciphersuite_name(&conn->ssl[sockindex].ssl)
-#endif
     );
 
   ret = ssl_get_verify_result(&conn->ssl[sockindex].ssl);
@@ -396,13 +374,7 @@ polarssl_connect_step2(struct connectdata *conn,
     return CURLE_PEER_FAILED_VERIFICATION;
   }
 
-/* PolarSSL SVN revision r1316 to r1317, matching <1.2.0 is to cover Ubuntu's
-   1.1.4 version and the like */
-#if POLARSSL_VERSION_NUMBER<0x01020000
-  if(conn->ssl[sockindex].ssl.peer_cert) {
-#else
   if(ssl_get_peer_cert(&(connssl->ssl))) {
-#endif
     /* If the session was resumed, there will be no peer certs */
     memset(buffer, 0, sizeof(buffer));