# HG changeset patch # User Sergey Kandaurov # Date 1460378796 -10800 # Node ID b99cbafd51da690633a758625bd57df49b5a5ddf # Parent c30a20e06c21f368930e5fde9a23846ae5f829be SSL: removed OpenSSL 0.9.7 compatibility. diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c --- a/src/event/ngx_event_openssl.c +++ b/src/event/ngx_event_openssl.c @@ -164,7 +164,6 @@ ngx_ssl_init(ngx_log_t *log) #endif -#if OPENSSL_VERSION_NUMBER >= 0x0090800fL #ifndef SSL_OP_NO_COMPRESSION { /* @@ -182,7 +181,6 @@ ngx_ssl_init(ngx_log_t *log) } } #endif -#endif ngx_ssl_connection_index = SSL_get_ex_new_index(0, NULL, NULL, NULL, NULL); @@ -904,13 +902,6 @@ ngx_ssl_client_certificate(ngx_conf_t *c return NGX_ERROR; } - /* - * before 0.9.7h and 0.9.8 SSL_load_client_CA_file() - * always leaved an error in the error queue - */ - - ERR_clear_error(); - SSL_CTX_set_client_CA_list(ssl->ctx, list); return NGX_OK; @@ -1076,8 +1067,8 @@ ngx_ssl_info_callback(const ngx_ssl_conn * added to wbio, and set buffer size. */ - rbio = SSL_get_rbio((ngx_ssl_conn_t *) ssl_conn); - wbio = SSL_get_wbio((ngx_ssl_conn_t *) ssl_conn); + rbio = SSL_get_rbio(ssl_conn); + wbio = SSL_get_wbio(ssl_conn); if (rbio != wbio) { (void) BIO_set_write_buffer_size(wbio, NGX_SSL_BUFSIZE); @@ -1360,7 +1351,6 @@ ngx_ssl_dhparam(ngx_conf_t *cf, ngx_ssl_ ngx_int_t ngx_ssl_ecdh_curve(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *name) { -#if OPENSSL_VERSION_NUMBER >= 0x0090800fL #ifndef OPENSSL_NO_ECDH /* @@ -1435,7 +1425,6 @@ ngx_ssl_ecdh_curve(ngx_conf_t *cf, ngx_s EC_KEY_free(ecdh); #endif #endif -#endif return NGX_OK; } @@ -3364,17 +3353,8 @@ ngx_ssl_new_session(ngx_ssl_conn_t *ssl_ } } -#if OPENSSL_VERSION_NUMBER >= 0x0090800fL - session_id = (u_char *) SSL_SESSION_get_id(sess, &session_id_length); -#else - - session_id = sess->session_id; - session_id_length = sess->session_id_length; - -#endif - #if (NGX_PTR_SIZE == 8) id = sess_id->sess_id; @@ -3450,13 +3430,10 @@ ngx_ssl_get_cached_session(ngx_ssl_conn_ #endif u_char *id, int len, int *copy) { -#if OPENSSL_VERSION_NUMBER >= 0x0090707fL - const -#endif - u_char *p; size_t slen; uint32_t hash; ngx_int_t rc; + const u_char *p; ngx_shm_zone_t *shm_zone; ngx_slab_pool_t *shpool; ngx_rbtree_node_t *node, *sentinel; @@ -3578,17 +3555,8 @@ ngx_ssl_remove_session(SSL_CTX *ssl, ngx cache = shm_zone->data; -#if OPENSSL_VERSION_NUMBER >= 0x0090800fL - id = (u_char *) SSL_SESSION_get_id(sess, &len); -#else - - id = sess->session_id; - len = sess->session_id_length; - -#endif - hash = ngx_crc32_short(id, len); ngx_log_debug2(NGX_LOG_DEBUG_EVENT, ngx_cycle->log, 0, @@ -4387,17 +4355,8 @@ ngx_ssl_get_session_id(ngx_connection_t return NGX_OK; } -#if OPENSSL_VERSION_NUMBER >= 0x0090800fL - buf = (u_char *) SSL_SESSION_get_id(sess, &len); -#else - - buf = sess->session_id; - len = sess->session_id_length; - -#endif - s->len = 2 * len; s->data = ngx_pnalloc(pool, 2 * len); if (s->data == NULL) { diff --git a/src/event/ngx_event_openssl_stapling.c b/src/event/ngx_event_openssl_stapling.c --- a/src/event/ngx_event_openssl_stapling.c +++ b/src/event/ngx_event_openssl_stapling.c @@ -589,15 +589,12 @@ ngx_ssl_stapling_update(ngx_ssl_stapling static void ngx_ssl_stapling_ocsp_handler(ngx_ssl_ocsp_ctx_t *ctx) { -#if OPENSSL_VERSION_NUMBER >= 0x0090707fL - const -#endif - u_char *p; int n; size_t len; time_t now, valid; ngx_str_t response; X509_STORE *store; + const u_char *p; STACK_OF(X509) *chain; OCSP_CERTID *id; OCSP_RESPONSE *ocsp; diff --git a/src/http/ngx_http_upstream_round_robin.c b/src/http/ngx_http_upstream_round_robin.c --- a/src/http/ngx_http_upstream_round_robin.c +++ b/src/http/ngx_http_upstream_round_robin.c @@ -669,10 +669,7 @@ ngx_http_upstream_set_round_robin_peer_s ngx_http_upstream_rr_peer_t *peer; #if (NGX_HTTP_UPSTREAM_ZONE) int len; -#if OPENSSL_VERSION_NUMBER >= 0x0090707fL - const -#endif - u_char *p; + const u_char *p; ngx_http_upstream_rr_peers_t *peers; u_char buf[NGX_SSL_MAX_SESSION_SIZE]; #endif diff --git a/src/stream/ngx_stream_upstream_round_robin.c b/src/stream/ngx_stream_upstream_round_robin.c --- a/src/stream/ngx_stream_upstream_round_robin.c +++ b/src/stream/ngx_stream_upstream_round_robin.c @@ -701,10 +701,7 @@ ngx_stream_upstream_set_round_robin_peer ngx_stream_upstream_rr_peer_t *peer; #if (NGX_STREAM_UPSTREAM_ZONE) int len; -#if OPENSSL_VERSION_NUMBER >= 0x0090707fL - const -#endif - u_char *p; + const u_char *p; ngx_stream_upstream_rr_peers_t *peers; u_char buf[NGX_SSL_MAX_SESSION_SIZE]; #endif