Drop old OpenSSL support part 2

All OpenSSLs that we support have ALPN and SSL_get_server_tmp_key.
2025-12-08 02:58:53 +08:00 · 2023-12-23 19:07:24 +09:00
parent 51e9d0c08f
commit 41857be937
13 changed files with 3 additions and 103 deletions
--- a/doc/sources/tutorial-client.rst
+++ b/doc/sources/tutorial-client.rst
@@ -60,9 +60,7 @@ The callback is added to the SSL_CTX object using
                              SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION);
      SSL_CTX_set_next_proto_select_cb(ssl_ctx, select_next_proto_cb, NULL);

-    #if OPENSSL_VERSION_NUMBER >= 0x10002000L
      SSL_CTX_set_alpn_protos(ssl_ctx, (const unsigned char *)"\x02h2", 3);
-    #endif // OPENSSL_VERSION_NUMBER >= 0x10002000L

      return ssl_ctx;
    }
@@ -156,11 +154,9 @@ underlying network socket::
        ssl = bufferevent_openssl_get_ssl(session_data->bev);

        SSL_get0_next_proto_negotiated(ssl, &alpn, &alpnlen);
-    #if OPENSSL_VERSION_NUMBER >= 0x10002000L
        if (alpn == NULL) {
          SSL_get0_alpn_selected(ssl, &alpn, &alpnlen);
        }
-    #endif // OPENSSL_VERSION_NUMBER >= 0x10002000L

        if (alpn == NULL || alpnlen != 2 || memcmp("h2", alpn, 2) != 0) {
          fprintf(stderr, "h2 is not negotiated\n");
--- a/doc/sources/tutorial-server.rst
+++ b/doc/sources/tutorial-server.rst
@@ -49,7 +49,6 @@ them.  We provide the callback for it::
      return SSL_TLSEXT_ERR_OK;
    }

-    #if OPENSSL_VERSION_NUMBER >= 0x10002000L
    static int alpn_select_proto_cb(SSL *ssl _U_, const unsigned char **out,
                                    unsigned char *outlen, const unsigned char *in,
                                    unsigned int inlen, void *arg _U_) {
@@ -63,7 +62,6 @@ them.  We provide the callback for it::

      return SSL_TLSEXT_ERR_OK;
    }
-    #endif // OPENSSL_VERSION_NUMBER >= 0x10002000L

    static SSL_CTX *create_ssl_ctx(const char *key_file, const char *cert_file) {
      SSL_CTX *ssl_ctx;
@@ -80,9 +78,7 @@ them.  We provide the callback for it::

      SSL_CTX_set_next_protos_advertised_cb(ssl_ctx, next_proto_cb, NULL);

-    #if OPENSSL_VERSION_NUMBER >= 0x10002000L
      SSL_CTX_set_alpn_select_cb(ssl_ctx, alpn_select_proto_cb, NULL);
-    #endif // OPENSSL_VERSION_NUMBER >= 0x10002000L

      return ssl_ctx;
    }
@@ -214,11 +210,9 @@ underlying network socket::
        ssl = bufferevent_openssl_get_ssl(session_data->bev);

        SSL_get0_next_proto_negotiated(ssl, &alpn, &alpnlen);
-    #if OPENSSL_VERSION_NUMBER >= 0x10002000L
        if (alpn == NULL) {
          SSL_get0_alpn_selected(ssl, &alpn, &alpnlen);
        }
-    #endif // OPENSSL_VERSION_NUMBER >= 0x10002000L

        if (alpn == NULL || alpnlen != 2 || memcmp("h2", alpn, 2) != 0) {
          fprintf(stderr, "%s h2 is not negotiated\n", session_data->client_addr);