aboutsummaryrefslogtreecommitdiffstats
path: root/src/crypto
diff options
context:
space:
mode:
authorJouni Malinen <jouni@qca.qualcomm.com>2015-12-31 16:05:28 (GMT)
committerJouni Malinen <j@w1.fi>2015-12-31 16:05:28 (GMT)
commit9a42d859a27c10b9f5d589ebdc149143b93ca02d (patch)
treebfe7bf4fa03c081bfe2d17e049bbd9a791eac469 /src/crypto
parentde213e84e0e64472309f656b96b3fd64789f599e (diff)
downloadhostap-9a42d859a27c10b9f5d589ebdc149143b93ca02d.zip
hostap-9a42d859a27c10b9f5d589ebdc149143b93ca02d.tar.gz
hostap-9a42d859a27c10b9f5d589ebdc149143b93ca02d.tar.bz2
OpenSSL: Drop support for OpenSSL 1.0.0
The OpenSSL project will not support version 1.0.0 anymore. As there won't be even security fixes for this branch, it is not really safe to continue using 1.0.0 and we might as well drop support for it to allow cleaning up the conditional source code blocks. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Diffstat (limited to 'src/crypto')
-rw-r--r--src/crypto/tls_openssl.c12
1 files changed, 1 insertions, 11 deletions
diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index f427c9c..309c15d 100644
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -2379,9 +2379,7 @@ static int tls_parse_pkcs12(struct tls_data *data, SSL *ssl, PKCS12 *p12,
*/
res = 0;
#else /* OPENSSL_VERSION_NUMBER >= 0x10002000L */
-#if OPENSSL_VERSION_NUMBER >= 0x10001000L
SSL_CTX_clear_extra_chain_certs(data->ssl);
-#endif /* OPENSSL_VERSION_NUMBER >= 0x10001000L */
while ((cert = sk_X509_pop(certs)) != NULL) {
X509_NAME_oneline(X509_get_subject_name(cert), buf,
sizeof(buf));
@@ -3173,21 +3171,17 @@ int tls_connection_prf(void *tls_ctx, struct tls_connection *conn,
const char *label, int server_random_first,
int skip_keyblock, u8 *out, size_t out_len)
{
-#if OPENSSL_VERSION_NUMBER >= 0x10001000L
- SSL *ssl;
if (conn == NULL)
return -1;
if (server_random_first || skip_keyblock)
return openssl_tls_prf(conn, label,
server_random_first, skip_keyblock,
out, out_len);
- ssl = conn->ssl;
- if (SSL_export_keying_material(ssl, out, out_len, label,
+ if (SSL_export_keying_material(conn->ssl, out, out_len, label,
os_strlen(label), NULL, 0, 0) == 1) {
wpa_printf(MSG_DEBUG, "OpenSSL: Using internal PRF");
return 0;
}
-#endif
return openssl_tls_prf(conn, label, server_random_first,
skip_keyblock, out, out_len);
}
@@ -3448,11 +3442,7 @@ struct wpabuf * tls_connection_decrypt(void *tls_ctx,
int tls_connection_resumed(void *ssl_ctx, struct tls_connection *conn)
{
-#if OPENSSL_VERSION_NUMBER >= 0x10001000L
return conn ? SSL_cache_hit(conn->ssl) : 0;
-#else
- return conn ? conn->ssl->hit : 0;
-#endif
}