Remove support for OpenSSL < 1.1 (#524)

Signed-off-by: Tom Flynn <tom.flynn@gmail.com>

libopflex/comms/include/yajr/transport/ZeroCopyOpenSSL.hpp

@@ -77,10 +77,6 @@ struct ZeroCopyOpenSSL : public Transport::Engine {
   private:
     SSL* ssl_;
     bool ready_;
-    static uv_rwlock_t * rwlock;
-#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
-    static void lockingCallback(int, int, const char *, int);
-#endif
     static void infoCallback(SSL const *, int, int);
     ZeroCopyOpenSSL(ZeroCopyOpenSSL::Ctx * ctx, bool passive);
 };

libopflex/comms/test/comms_test.cpp

@@ -39,9 +39,7 @@ BOOST_AUTO_TEST_SUITE(asynchronous_sockets)
 struct CommsTests {
 
     CommsTests() {
-        LOG(INFO)
-            << "global setup\n"
-        ;
+        LOG(INFO) << "global setup\n";
 
         boost::unit_test::unit_test_log_t::instance()
             .set_threshold_level(::boost::unit_test::log_successful_tests);
@@ -50,31 +48,9 @@ struct CommsTests {
     }
 
     ~CommsTests() {
-        LOG(INFO)
-            << "global teardown\n"
-        ;
-
-#if (OPENSSL_VERSION_NUMBER < 0x10002000L)
-        /* this is the reason number 1232342985473894512321837423rd why OpenSSL
-         * is a giant pile of ________
-         *
-         * you fill in the blank ;-)
-         */
-        sk_SSL_COMP_pop_free(
-                SSL_COMP_get_compression_methods(),
-                free_comp_methods
-        );
-#elif (OPENSSL_VERSION_NUMBER < 0x10100000L)
-        SSL_COMP_free_compression_methods();
-#endif
+        LOG(INFO) << "global teardown\n";
     }
 
-#if (OPENSSL_VERSION_NUMBER < 0x10002000L)
-    static void free_comp_methods(SSL_COMP * p) {
-        OPENSSL_free(p);
-    }
-#endif
-
     /* potentially subject to static initialization order fiasco */
     static opflex::logging::StdOutLogHandler commsTestLogger_;
 
@@ -137,14 +113,7 @@ class CommsFixture {
         uv_close((uv_handle_t *)&timer_, down_on_close);
         uv_close((uv_handle_t *)&prepare_, down_on_close);
 
-#if (OPENSSL_VERSION_NUMBER > 0x10000000L && OPENSSL_VERSION_NUMBER < 0x10100000L)
-        ERR_remove_thread_state(NULL);
-#endif
         CONF_modules_unload(1);
-#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
-        ERR_free_strings();
-        EVP_cleanup();
-#endif
         ZeroCopyOpenSSL::finiOpenSSL();
 
         ::yajr::finiLoop(CommsFixture::current_loop);

libopflex/comms/transport/ZeroCopyOpenSSL.cpp

@@ -386,113 +386,17 @@ void Cb< ZeroCopyOpenSSL >::on_read(
     }
 }
 
-#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
-uv_rwlock_t * ZeroCopyOpenSSL::rwlock = NULL;
-
-void ZeroCopyOpenSSL::lockingCallback(
-        int mode,
-        int index,
-        const char * file,
-        int line)
-{
-
-    if (mode & CRYPTO_LOCK) {
-
-        LOG(TRACE)
-            << "Locking from "
-            << file
-            << ":"
-            << line
-        ;
-
-        if (mode & CRYPTO_WRITE) {
-            uv_rwlock_wrlock(&rwlock[index]);
-        } else {
-            uv_rwlock_rdlock(&rwlock[index]);
-        }
-
-    } else {
-
-        LOG(TRACE)
-            << "Unlocking from "
-            << file
-            << ":"
-            << line
-        ;
-
-        if (mode & CRYPTO_WRITE) {
-            uv_rwlock_wrunlock(&rwlock[index]);
-        } else {
-            uv_rwlock_rdunlock(&rwlock[index]);
-        }
-
-    }
-}
-#endif
-
 int ZeroCopyOpenSSL::initOpenSSL(bool forMultipleThreads) {
     LOG(INFO);
-#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
-    assert(!rwlock);
-    if (rwlock) {
-        LOG(ERROR) << "OpenSSL was already initialized";
-        return UV_EEXIST;
-    }
-    SSL_library_init();
-    SSL_load_error_strings();
-    ERR_load_SSL_strings();
-#else
-   OPENSSL_init_ssl(0, NULL);
-#endif
-#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
-    OpenSSL_add_all_algorithms();
-    if (forMultipleThreads) {
-        rwlock = new (std::nothrow) uv_rwlock_t[CRYPTO_num_locks()];
-        if (!rwlock) {
-            LOG(ERROR) << "Unable to allocate rwlock's for OpenSSL";
-            return UV_ENOMEM;
-        }
-
-        for (ssize_t i=0; i < CRYPTO_num_locks(); ++i) {
-            uv_rwlock_init(&rwlock[i]);
-        }
-
-        CRYPTO_set_locking_callback(lockingCallback);
-    }
-#endif
+    OPENSSL_init_ssl(0, NULL);
     return 0;
 }
 
 #include <openssl/conf.h>
 #include <openssl/engine.h>
 void ZeroCopyOpenSSL::finiOpenSSL() {
     LOG(INFO);
-#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
-    if (rwlock) {
-
-        CRYPTO_set_locking_callback(NULL);
-
-        for (ssize_t i=0; i<CRYPTO_num_locks(); ++i) {
-            uv_rwlock_destroy(&rwlock[i]);
-        }
-
-        delete [] rwlock;
-    }
-
-    CONF_modules_free();
-#endif
-#if (OPENSSL_VERSION_NUMBER > 0x10000000L && OPENSSL_VERSION_NUMBER < 0x10100000L)
-    ERR_remove_thread_state(NULL);
-#endif
-#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
-    ENGINE_cleanup();
-#endif
     CONF_modules_unload(1);
-#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
-    ERR_free_strings();
-    EVP_cleanup();
-    CRYPTO_cleanup_all_ex_data();
-#endif
 }
 
 ZeroCopyOpenSSL::ZeroCopyOpenSSL(ZeroCopyOpenSSL::Ctx * ctx, bool passive)
@@ -747,11 +651,7 @@ ZeroCopyOpenSSL::Ctx * ZeroCopyOpenSSL::Ctx::createCtx(
         char const * passphrase
    ) {
 
-#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
-    SSL_CTX * sslCtx = SSL_CTX_new(SSLv23_method());
-#else
     SSL_CTX * sslCtx = SSL_CTX_new(TLS_method());
-#endif
 
     if (!sslCtx) {
         IF_SSL_ERROR(sslErr) {

libopflex/configure.ac

@@ -165,7 +165,7 @@ AX_BOOST_FILESYSTEM
 
 dnl Package-config dependencies
 PKG_CHECK_MODULES([UV], [libuv >= 1.18.0])
-PKG_CHECK_MODULES([OPENSSL], [openssl >= 1.0.1])
+PKG_CHECK_MODULES([OPENSSL], [openssl >= 1.1])
 PKG_CHECK_MODULES([RAPIDJSON], [RapidJSON >= 1.1])
 
 dnl Older versions of autoconf don't define docdir