curl-library
[PATCH 2/2] polarssl: break compatibility with version older than 1.3.
From: Gaël PORTAY <gael.portay_at_gmail.com>
Date: Tue, 18 Mar 2014 19:18:24 +0100
Date: Tue, 18 Mar 2014 19:18:24 +0100
Remove all #ifdef/else/endif macros that ensure compatibility with polarssl
version previous than 1.3.
---
lib/urldata.h | 5 -----
lib/vtls/polarssl.c | 28 ----------------------------
2 files changed, 33 deletions(-)
diff --git a/lib/urldata.h b/lib/urldata.h
index 8e9dff4..3ab4ed9 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -296,13 +296,8 @@ struct ssl_connect_data {
ssl_connect_state connecting_state;
#endif /* USE_GNUTLS */
#ifdef USE_POLARSSL
-#if POLARSSL_VERSION_NUMBER<0x01010000
- havege_state hs;
-#else
- /* from v1.1.0, use ctr_drbg and entropy */
ctr_drbg_context ctr_drbg;
entropy_context entropy;
-#endif /* POLARSSL_VERSION_NUMBER<0x01010000 */
ssl_context ssl;
ssl_session ssn;
int server_fd;
diff --git a/lib/vtls/polarssl.c b/lib/vtls/polarssl.c
index aeef65d..e03135a 100644
--- a/lib/vtls/polarssl.c
+++ b/lib/vtls/polarssl.c
@@ -151,9 +151,6 @@ polarssl_connect_step1(struct connectdata *conn,
else if(data->set.ssl.version == CURL_SSLVERSION_SSLv3)
sni = FALSE; /* SSLv3 has no SNI */
-#if POLARSSL_VERSION_NUMBER<0x01010000
- havege_init(&connssl->hs);
-#else
#ifdef THREADING_SUPPORT
entropy_init_mutex(&entropy);
@@ -177,7 +174,6 @@ polarssl_connect_step1(struct connectdata *conn,
-ret, errorbuf);
}
#endif /* THREADING_SUPPORT */
-#endif /* POLARSSL_VERSION_NUMBER<0x01010000 */
/* Load the trusted CA */
memset(&connssl->cacert, 0, sizeof(x509_crt));
@@ -270,13 +266,8 @@ polarssl_connect_step1(struct connectdata *conn,
ssl_set_endpoint(&connssl->ssl, SSL_IS_CLIENT);
ssl_set_authmode(&connssl->ssl, SSL_VERIFY_OPTIONAL);
-#if POLARSSL_VERSION_NUMBER<0x01010000
- ssl_set_rng(&connssl->ssl, havege_rand,
- &connssl->hs);
-#else
ssl_set_rng(&connssl->ssl, ctr_drbg_random,
&connssl->ctr_drbg);
-#endif /* POLARSSL_VERSION_NUMBER<0x01010000 */
ssl_set_bio(&connssl->ssl,
net_recv, &conn->sock[sockindex],
net_send, &conn->sock[sockindex]);
@@ -287,15 +278,8 @@ polarssl_connect_step1(struct connectdata *conn,
infof(data, "PolarSSL re-using session\n");
}
-/* PolarSSL SVN revision r1316 to r1317, matching <1.2.0 is to cover Ubuntu's
- 1.1.4 version and the like */
-#if POLARSSL_VERSION_NUMBER<0x01020000
- ssl_set_session(&connssl->ssl, 1, 600,
- &connssl->ssn);
-#else
ssl_set_session(&connssl->ssl,
&connssl->ssn);
-#endif
ssl_set_ca_chain(&connssl->ssl,
&connssl->cacert,
@@ -367,13 +351,7 @@ polarssl_connect_step2(struct connectdata *conn,
}
infof(data, "PolarSSL: Handshake complete, cipher is %s\n",
-#if POLARSSL_VERSION_NUMBER<0x01000000
- ssl_get_cipher(&conn->ssl[sockindex].ssl)
-#elif POLARSSL_VERSION_NUMBER >= 0x01010000
ssl_get_ciphersuite(&conn->ssl[sockindex].ssl)
-#else
- ssl_get_ciphersuite_name(&conn->ssl[sockindex].ssl)
-#endif
);
ret = ssl_get_verify_result(&conn->ssl[sockindex].ssl);
@@ -396,13 +374,7 @@ polarssl_connect_step2(struct connectdata *conn,
return CURLE_PEER_FAILED_VERIFICATION;
}
-/* PolarSSL SVN revision r1316 to r1317, matching <1.2.0 is to cover Ubuntu's
- 1.1.4 version and the like */
-#if POLARSSL_VERSION_NUMBER<0x01020000
- if(conn->ssl[sockindex].ssl.peer_cert) {
-#else
if(ssl_get_peer_cert(&(connssl->ssl))) {
-#endif
/* If the session was resumed, there will be no peer certs */
memset(buffer, 0, sizeof(buffer));
--
1.8.3.2
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2014-03-18