SSL: removed OpenSSL 0.9.7 compatibility.

2024-11-24 04:49:01 +08:00 · 2016-04-11 15:46:36 +03:00 · 2016-04-11 15:46:36 +03:00 · c17bc31d41
commit c17bc31d41
parent 2015a54821
4 changed files with 6 additions and 56 deletions
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
@ -164,7 +164,6 @@ ngx_ssl_init(ngx_log_t *log)

 #endif

-#if OPENSSL_VERSION_NUMBER >= 0x0090800fL
 #ifndef SSL_OP_NO_COMPRESSION
    {
    /*
@ -181,7 +180,6 @@ ngx_ssl_init(ngx_log_t *log)
        (void) sk_SSL_COMP_pop(ssl_comp_methods);
    }
    }
-#endif
 #endif

    ngx_ssl_connection_index = SSL_get_ex_new_index(0, NULL, NULL, NULL, NULL);
@ -904,13 +902,6 @@ ngx_ssl_client_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *cert,
        return NGX_ERROR;
    }

-    /*
-     * before 0.9.7h and 0.9.8 SSL_load_client_CA_file()
-     * always leaved an error in the error queue
-     */
-
-    ERR_clear_error();
-
    SSL_CTX_set_client_CA_list(ssl->ctx, list);

    return NGX_OK;
@ -1076,8 +1067,8 @@ ngx_ssl_info_callback(const ngx_ssl_conn_t *ssl_conn, int where, int ret)
             * added to wbio, and set buffer size.
             */

-            rbio = SSL_get_rbio((ngx_ssl_conn_t *) ssl_conn);
-            wbio = SSL_get_wbio((ngx_ssl_conn_t *) ssl_conn);
+            rbio = SSL_get_rbio(ssl_conn);
+            wbio = SSL_get_wbio(ssl_conn);

            if (rbio != wbio) {
                (void) BIO_set_write_buffer_size(wbio, NGX_SSL_BUFSIZE);
@ -1360,7 +1351,6 @@ ngx_ssl_dhparam(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *file)
 ngx_int_t
 ngx_ssl_ecdh_curve(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *name)
 {
-#if OPENSSL_VERSION_NUMBER >= 0x0090800fL
 #ifndef OPENSSL_NO_ECDH

    /*
@ -1434,7 +1424,6 @@ ngx_ssl_ecdh_curve(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *name)

    EC_KEY_free(ecdh);
 #endif
-#endif
 #endif

    return NGX_OK;
@ -3364,17 +3353,8 @@ ngx_ssl_new_session(ngx_ssl_conn_t *ssl_conn, ngx_ssl_session_t *sess)
        }
    }

-#if OPENSSL_VERSION_NUMBER >= 0x0090800fL
-
    session_id = (u_char *) SSL_SESSION_get_id(sess, &session_id_length);

-#else
-
-    session_id = sess->session_id;
-    session_id_length = sess->session_id_length;
-
-#endif
-
 #if (NGX_PTR_SIZE == 8)

    id = sess_id->sess_id;
@ -3450,13 +3430,10 @@ ngx_ssl_get_cached_session(ngx_ssl_conn_t *ssl_conn,
 #endif
    u_char *id, int len, int *copy)
 {
-#if OPENSSL_VERSION_NUMBER >= 0x0090707fL
-    const
-#endif
-    u_char                   *p;
    size_t                    slen;
    uint32_t                  hash;
    ngx_int_t                 rc;
+    const u_char             *p;
    ngx_shm_zone_t           *shm_zone;
    ngx_slab_pool_t          *shpool;
    ngx_rbtree_node_t        *node, *sentinel;
@ -3578,17 +3555,8 @@ ngx_ssl_remove_session(SSL_CTX *ssl, ngx_ssl_session_t *sess)

    cache = shm_zone->data;

-#if OPENSSL_VERSION_NUMBER >= 0x0090800fL
-
    id = (u_char *) SSL_SESSION_get_id(sess, &len);

-#else
-
-    id = sess->session_id;
-    len = sess->session_id_length;
-
-#endif
-
    hash = ngx_crc32_short(id, len);

    ngx_log_debug2(NGX_LOG_DEBUG_EVENT, ngx_cycle->log, 0,
@ -4387,17 +4355,8 @@ ngx_ssl_get_session_id(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s)
        return NGX_OK;
    }

-#if OPENSSL_VERSION_NUMBER >= 0x0090800fL
-
    buf = (u_char *) SSL_SESSION_get_id(sess, &len);

-#else
-
-    buf = sess->session_id;
-    len = sess->session_id_length;
-
-#endif
-
    s->len = 2 * len;
    s->data = ngx_pnalloc(pool, 2 * len);
    if (s->data == NULL) {
--- a/src/event/ngx_event_openssl_stapling.c
+++ b/src/event/ngx_event_openssl_stapling.c
@ -589,15 +589,12 @@ ngx_ssl_stapling_update(ngx_ssl_stapling_t *staple)
 static void
 ngx_ssl_stapling_ocsp_handler(ngx_ssl_ocsp_ctx_t *ctx)
 {
-#if OPENSSL_VERSION_NUMBER >= 0x0090707fL
-    const
-#endif
-    u_char                *p;
    int                    n;
    size_t                 len;
    time_t                 now, valid;
    ngx_str_t              response;
    X509_STORE            *store;
+    const u_char          *p;
    STACK_OF(X509)        *chain;
    OCSP_CERTID           *id;
    OCSP_RESPONSE         *ocsp;
--- a/src/http/ngx_http_upstream_round_robin.c
+++ b/src/http/ngx_http_upstream_round_robin.c
@ -669,10 +669,7 @@ ngx_http_upstream_set_round_robin_peer_session(ngx_peer_connection_t *pc,
    ngx_http_upstream_rr_peer_t   *peer;
 #if (NGX_HTTP_UPSTREAM_ZONE)
    int                            len;
-#if OPENSSL_VERSION_NUMBER >= 0x0090707fL
-    const
-#endif
-    u_char                        *p;
+    const u_char                  *p;
    ngx_http_upstream_rr_peers_t  *peers;
    u_char                         buf[NGX_SSL_MAX_SESSION_SIZE];
 #endif
--- a/src/stream/ngx_stream_upstream_round_robin.c
+++ b/src/stream/ngx_stream_upstream_round_robin.c
@ -701,10 +701,7 @@ ngx_stream_upstream_set_round_robin_peer_session(ngx_peer_connection_t *pc,
    ngx_stream_upstream_rr_peer_t   *peer;
 #if (NGX_STREAM_UPSTREAM_ZONE)
    int                              len;
-#if OPENSSL_VERSION_NUMBER >= 0x0090707fL
-    const
-#endif
-    u_char                          *p;
+    const u_char                    *p;
    ngx_stream_upstream_rr_peers_t  *peers;
    u_char                           buf[NGX_SSL_MAX_SESSION_SIZE];
 #endif