OpenSSL: Drop support for OpenSSL 0.9.8
The OpenSSL project will not support version 0.9.8 anymore. As there won't be even security fixes for this branch, it is not really safe to continue using 0.9.8 and we might as well drop support for it to allow cleaning up the conditional source code blocks. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
parent
9353f07f3b
commit
de213e84e0
2 changed files with 0 additions and 31 deletions
|
@ -772,14 +772,10 @@ struct crypto_hash * crypto_hash_init(enum crypto_hash_alg alg, const u8 *key,
|
||||||
#else
|
#else
|
||||||
HMAC_CTX_init(&ctx->ctx);
|
HMAC_CTX_init(&ctx->ctx);
|
||||||
|
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x00909000
|
|
||||||
HMAC_Init_ex(&ctx->ctx, key, key_len, md, NULL);
|
|
||||||
#else /* openssl < 0.9.9 */
|
|
||||||
if (HMAC_Init_ex(&ctx->ctx, key, key_len, md, NULL) != 1) {
|
if (HMAC_Init_ex(&ctx->ctx, key, key_len, md, NULL) != 1) {
|
||||||
bin_clear_free(ctx, sizeof(*ctx));
|
bin_clear_free(ctx, sizeof(*ctx));
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
#endif /* openssl < 0.9.9 */
|
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
return ctx;
|
return ctx;
|
||||||
|
@ -819,12 +815,7 @@ int crypto_hash_finish(struct crypto_hash *ctx, u8 *mac, size_t *len)
|
||||||
res = HMAC_Final(ctx->ctx, mac, &mdlen);
|
res = HMAC_Final(ctx->ctx, mac, &mdlen);
|
||||||
HMAC_CTX_free(ctx->ctx);
|
HMAC_CTX_free(ctx->ctx);
|
||||||
#else
|
#else
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x00909000
|
|
||||||
HMAC_Final(&ctx->ctx, mac, &mdlen);
|
|
||||||
res = 1;
|
|
||||||
#else /* openssl < 0.9.9 */
|
|
||||||
res = HMAC_Final(&ctx->ctx, mac, &mdlen);
|
res = HMAC_Final(&ctx->ctx, mac, &mdlen);
|
||||||
#endif /* openssl < 0.9.9 */
|
|
||||||
HMAC_CTX_cleanup(&ctx->ctx);
|
HMAC_CTX_cleanup(&ctx->ctx);
|
||||||
#endif
|
#endif
|
||||||
bin_clear_free(ctx, sizeof(*ctx));
|
bin_clear_free(ctx, sizeof(*ctx));
|
||||||
|
@ -875,22 +866,13 @@ done:
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
HMAC_CTX_init(&ctx);
|
HMAC_CTX_init(&ctx);
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x00909000
|
|
||||||
HMAC_Init_ex(&ctx, key, key_len, type, NULL);
|
|
||||||
#else /* openssl < 0.9.9 */
|
|
||||||
if (HMAC_Init_ex(&ctx, key, key_len, type, NULL) != 1)
|
if (HMAC_Init_ex(&ctx, key, key_len, type, NULL) != 1)
|
||||||
return -1;
|
return -1;
|
||||||
#endif /* openssl < 0.9.9 */
|
|
||||||
|
|
||||||
for (i = 0; i < num_elem; i++)
|
for (i = 0; i < num_elem; i++)
|
||||||
HMAC_Update(&ctx, addr[i], len[i]);
|
HMAC_Update(&ctx, addr[i], len[i]);
|
||||||
|
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x00909000
|
|
||||||
HMAC_Final(&ctx, mac, &mdlen);
|
|
||||||
res = 1;
|
|
||||||
#else /* openssl < 0.9.9 */
|
|
||||||
res = HMAC_Final(&ctx, mac, &mdlen);
|
res = HMAC_Final(&ctx, mac, &mdlen);
|
||||||
#endif /* openssl < 0.9.9 */
|
|
||||||
HMAC_CTX_cleanup(&ctx);
|
HMAC_CTX_cleanup(&ctx);
|
||||||
|
|
||||||
return res == 1 ? 0 : -1;
|
return res == 1 ? 0 : -1;
|
||||||
|
|
|
@ -37,13 +37,6 @@
|
||||||
#include "tls.h"
|
#include "tls.h"
|
||||||
#include "tls_openssl.h"
|
#include "tls_openssl.h"
|
||||||
|
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10000000L
|
|
||||||
/* ERR_remove_thread_state replaces ERR_remove_state and the latter is
|
|
||||||
* deprecated. However, OpenSSL 0.9.8 doesn't include
|
|
||||||
* ERR_remove_thread_state. */
|
|
||||||
#define ERR_remove_thread_state(tid) ERR_remove_state(0)
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#if defined(OPENSSL_IS_BORINGSSL)
|
#if defined(OPENSSL_IS_BORINGSSL)
|
||||||
/* stack_index_t is the return type of OpenSSL's sk_XXX_num() functions. */
|
/* stack_index_t is the return type of OpenSSL's sk_XXX_num() functions. */
|
||||||
typedef size_t stack_index_t;
|
typedef size_t stack_index_t;
|
||||||
|
@ -2972,17 +2965,11 @@ static int openssl_get_keyblock_size(SSL *ssl)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
c = ssl->enc_read_ctx->cipher;
|
c = ssl->enc_read_ctx->cipher;
|
||||||
#if OPENSSL_VERSION_NUMBER >= 0x00909000L
|
|
||||||
h = EVP_MD_CTX_md(ssl->read_hash);
|
h = EVP_MD_CTX_md(ssl->read_hash);
|
||||||
#else
|
|
||||||
h = ssl->read_hash;
|
|
||||||
#endif
|
|
||||||
if (h)
|
if (h)
|
||||||
md_size = EVP_MD_size(h);
|
md_size = EVP_MD_size(h);
|
||||||
#if OPENSSL_VERSION_NUMBER >= 0x10000000L
|
|
||||||
else if (ssl->s3)
|
else if (ssl->s3)
|
||||||
md_size = ssl->s3->tmp.new_mac_secret_size;
|
md_size = ssl->s3->tmp.new_mac_secret_size;
|
||||||
#endif
|
|
||||||
else
|
else
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue