Drop old OpenSSL support part 2

All OpenSSLs that we support have ALPN and SSL_get_server_tmp_key.
2025-12-06 10:08:52 +08:00 · 2023-12-23 19:07:24 +09:00
parent 51e9d0c08f
commit 41857be937
13 changed files with 3 additions and 103 deletions
--- a/examples/client.c
+++ b/examples/client.c
@@ -381,9 +381,7 @@ static void init_ssl_ctx(SSL_CTX *ssl_ctx) {
  SSL_CTX_set_next_proto_select_cb(ssl_ctx, select_next_proto_cb, NULL);
 #endif /* !OPENSSL_NO_NEXTPROTONEG */

-#if OPENSSL_VERSION_NUMBER >= 0x10002000L
  SSL_CTX_set_alpn_protos(ssl_ctx, (const unsigned char *)"\x02h2", 3);
-#endif /* OPENSSL_VERSION_NUMBER >= 0x10002000L */
 }

 static void ssl_handshake(SSL *ssl, int fd) {
@@ -719,19 +717,6 @@ int main(int argc, char **argv) {
  act.sa_handler = SIG_IGN;
  sigaction(SIGPIPE, &act, 0);

-#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
-  /* No explicit initialization is required. */
-#elif defined(OPENSSL_IS_BORINGSSL) || defined(OPENSSL_IS_AWSLC)
-  CRYPTO_library_init();
-#else  /* !(OPENSSL_VERSION_NUMBER >= 0x1010000fL) &&                          \
-          !defined(OPENSSL_IS_BORINGSSL) && !defined(OPENSSL_IS_AWSLC) */
-  OPENSSL_config(NULL);
-  SSL_load_error_strings();
-  SSL_library_init();
-  OpenSSL_add_all_algorithms();
-#endif /* !(OPENSSL_VERSION_NUMBER >= 0x1010000fL) &&                          \
-          !defined(OPENSSL_IS_BORINGSSL) && !defined(OPENSSL_IS_AWSLC) */
-
  rv = parse_uri(&uri, argv[1]);
  if (rv != 0) {
    die("parse_uri failed");
--- a/examples/libevent-client.c
+++ b/examples/libevent-client.c
@@ -341,9 +341,7 @@ static SSL_CTX *create_ssl_ctx(void) {
  SSL_CTX_set_next_proto_select_cb(ssl_ctx, select_next_proto_cb, NULL);
 #endif /* !OPENSSL_NO_NEXTPROTONEG */

-#if OPENSSL_VERSION_NUMBER >= 0x10002000L
  SSL_CTX_set_alpn_protos(ssl_ctx, (const unsigned char *)"\x02h2", 3);
-#endif /* OPENSSL_VERSION_NUMBER >= 0x10002000L */

  return ssl_ctx;
 }
@@ -511,11 +509,9 @@ static void eventcb(struct bufferevent *bev, short events, void *ptr) {
 #ifndef OPENSSL_NO_NEXTPROTONEG
    SSL_get0_next_proto_negotiated(ssl, &alpn, &alpnlen);
 #endif /* !OPENSSL_NO_NEXTPROTONEG */
-#if OPENSSL_VERSION_NUMBER >= 0x10002000L
    if (alpn == NULL) {
      SSL_get0_alpn_selected(ssl, &alpn, &alpnlen);
    }
-#endif /* OPENSSL_VERSION_NUMBER >= 0x10002000L */

    if (alpn == NULL || alpnlen != 2 || memcmp("h2", alpn, 2) != 0) {
      fprintf(stderr, "h2 is not negotiated\n");
@@ -617,19 +613,6 @@ int main(int argc, char **argv) {
  act.sa_handler = SIG_IGN;
  sigaction(SIGPIPE, &act, NULL);

-#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
-  /* No explicit initialization is required. */
-#elif defined(OPENSSL_IS_BORINGSSL) || defined(OPENSSL_IS_AWSLC)
-  CRYPTO_library_init();
-#else  /* !(OPENSSL_VERSION_NUMBER >= 0x1010000fL) &&                          \
-          !defined(OPENSSL_IS_BORINGSSL) && !defined(OPENSSL_IS_AWSLC) */
-  OPENSSL_config(NULL);
-  SSL_load_error_strings();
-  SSL_library_init();
-  OpenSSL_add_all_algorithms();
-#endif /* !(OPENSSL_VERSION_NUMBER >= 0x1010000fL) &&                          \
-          !defined(OPENSSL_IS_BORINGSSL) && !defined(OPENSSL_IS_AWSLC) */
-
  run(argv[1]);
  return 0;
 }
--- a/examples/libevent-server.c
+++ b/examples/libevent-server.c
@@ -121,7 +121,6 @@ static int next_proto_cb(SSL *ssl, const unsigned char **data,
 }
 #endif /* !OPENSSL_NO_NEXTPROTONEG */

-#if OPENSSL_VERSION_NUMBER >= 0x10002000L
 static int alpn_select_proto_cb(SSL *ssl, const unsigned char **out,
                                unsigned char *outlen, const unsigned char *in,
                                unsigned int inlen, void *arg) {
@@ -137,7 +136,6 @@ static int alpn_select_proto_cb(SSL *ssl, const unsigned char **out,

  return SSL_TLSEXT_ERR_OK;
 }
-#endif /* OPENSSL_VERSION_NUMBER >= 0x10002000L */

 /* Create SSL_CTX. */
 static SSL_CTX *create_ssl_ctx(const char *key_file, const char *cert_file) {
@@ -186,9 +184,7 @@ static SSL_CTX *create_ssl_ctx(const char *key_file, const char *cert_file) {
  SSL_CTX_set_next_protos_advertised_cb(ssl_ctx, next_proto_cb, NULL);
 #endif /* !OPENSSL_NO_NEXTPROTONEG */

-#if OPENSSL_VERSION_NUMBER >= 0x10002000L
  SSL_CTX_set_alpn_select_cb(ssl_ctx, alpn_select_proto_cb, NULL);
-#endif /* OPENSSL_VERSION_NUMBER >= 0x10002000L */

  return ssl_ctx;
 }
@@ -705,11 +701,9 @@ static void eventcb(struct bufferevent *bev, short events, void *ptr) {
 #ifndef OPENSSL_NO_NEXTPROTONEG
    SSL_get0_next_proto_negotiated(ssl, &alpn, &alpnlen);
 #endif /* !OPENSSL_NO_NEXTPROTONEG */
-#if OPENSSL_VERSION_NUMBER >= 0x10002000L
    if (alpn == NULL) {
      SSL_get0_alpn_selected(ssl, &alpn, &alpnlen);
    }
-#endif /* OPENSSL_VERSION_NUMBER >= 0x10002000L */

    if (alpn == NULL || alpnlen != 2 || memcmp("h2", alpn, 2) != 0) {
      fprintf(stderr, "%s h2 is not negotiated\n", session_data->client_addr);
@@ -817,19 +811,6 @@ int main(int argc, char **argv) {
  act.sa_handler = SIG_IGN;
  sigaction(SIGPIPE, &act, NULL);

-#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
-  /* No explicit initialization is required. */
-#elif defined(OPENSSL_IS_BORINGSSL) || defined(OPENSSL_IS_AWSLC)
-  CRYPTO_library_init();
-#else  /* !(OPENSSL_VERSION_NUMBER >= 0x1010000fL) &&                          \
-          !defined(OPENSSL_IS_BORINGSSL) && !defined(OPENSSL_IS_AWSLC) */
-  OPENSSL_config(NULL);
-  SSL_load_error_strings();
-  SSL_library_init();
-  OpenSSL_add_all_algorithms();
-#endif /* !(OPENSSL_VERSION_NUMBER >= 0x1010000fL) &&                          \
-          !defined(OPENSSL_IS_BORINGSSL) && !defined(OPENSSL_IS_AWSLC) */
-
  run(argv[1], argv[2], argv[3]);
  return 0;
 }