diff options
-rw-r--r-- | src/node_crypto.cc | 6 | ||||
-rw-r--r-- | src/node_crypto.h | 35 | ||||
-rw-r--r-- | src/node_crypto_bio.cc | 27 |
3 files changed, 7 insertions, 61 deletions
diff --git a/src/node_crypto.cc b/src/node_crypto.cc index a5710dc33b..813e1fc485 100644 --- a/src/node_crypto.cc +++ b/src/node_crypto.cc @@ -5564,12 +5564,6 @@ void DiffieHellman::SetPublicKey(const FunctionCallbackInfo<Value>& args) { } void DiffieHellman::SetPrivateKey(const FunctionCallbackInfo<Value>& args) { -#if OPENSSL_VERSION_NUMBER >= 0x10100000L && \ - OPENSSL_VERSION_NUMBER < 0x10100070L -// Older versions of OpenSSL 1.1.0 have a DH_set0_key which does not work for -// Node. See https://github.com/openssl/openssl/pull/4384. -#error "OpenSSL 1.1.0 revisions before 1.1.0g are not supported" -#endif SetKey(args, [](DH* dh, BIGNUM* num) { return DH_set0_key(dh, nullptr, num); }, "Private key"); diff --git a/src/node_crypto.h b/src/node_crypto.h index 849b80f4e0..aa29585533 100644 --- a/src/node_crypto.h +++ b/src/node_crypto.h @@ -108,20 +108,13 @@ class SecureContext : public BaseObject { static const int kTicketKeyNameIndex = 3; static const int kTicketKeyIVIndex = 4; -#if OPENSSL_VERSION_NUMBER >= 0x10100000L unsigned char ticket_key_name_[16]; unsigned char ticket_key_aes_[16]; unsigned char ticket_key_hmac_[16]; -#endif protected: -#if OPENSSL_VERSION_NUMBER < 0x10100000L - static const int64_t kExternalSize = sizeof(SSL_CTX); -#else - // OpenSSL 1.1.0 has opaque structures. This is an estimate based on the size - // as of OpenSSL 1.1.0f. - static const int64_t kExternalSize = 872; -#endif + // OpenSSL structures are opaque. This is sizeof(SSL_CTX) for OpenSSL 1.1.1b: + static const int64_t kExternalSize = 1024; static void New(const v8::FunctionCallbackInfo<v8::Value>& args); static void Init(const v8::FunctionCallbackInfo<v8::Value>& args); @@ -167,14 +160,12 @@ class SecureContext : public BaseObject { HMAC_CTX* hctx, int enc); -#if OPENSSL_VERSION_NUMBER >= 0x10100000L static int TicketCompatibilityCallback(SSL* ssl, unsigned char* name, unsigned char* iv, EVP_CIPHER_CTX* ectx, HMAC_CTX* hctx, int enc); -#endif SecureContext(Environment* env, v8::Local<v8::Object> wrap) : BaseObject(env, wrap) { @@ -229,32 +220,20 @@ class SSLWrap { protected: typedef void (*CertCb)(void* arg); -#if OPENSSL_VERSION_NUMBER < 0x10100000L - // Size allocated by OpenSSL: one for SSL structure, one for SSL3_STATE and - // some for buffers. + // OpenSSL structures are opaque. Estimate SSL memory size for OpenSSL 1.1.1b: + // SSL: 6224 + // SSL->SSL3_STATE: 1040 + // ...some buffers: 42 * 1024 // NOTE: Actually it is much more than this - static const int64_t kExternalSize = - sizeof(SSL) + sizeof(SSL3_STATE) + 42 * 1024; -#else - // OpenSSL 1.1.0 has opaque structures. This is an estimate based on the size - // as of OpenSSL 1.1.0f. - static const int64_t kExternalSize = 4448 + 1024 + 42 * 1024; -#endif + static const int64_t kExternalSize = 6224 + 1040 + 42 * 1024; static void ConfigureSecureContext(SecureContext* sc); static void AddMethods(Environment* env, v8::Local<v8::FunctionTemplate> t); -#if OPENSSL_VERSION_NUMBER < 0x10100000L - static SSL_SESSION* GetSessionCallback(SSL* s, - unsigned char* key, - int len, - int* copy); -#else static SSL_SESSION* GetSessionCallback(SSL* s, const unsigned char* key, int len, int* copy); -#endif static int NewSessionCallback(SSL* s, SSL_SESSION* sess); static void KeylogCallback(const SSL* s, const char* line); static void OnClientHello(void* arg, diff --git a/src/node_crypto_bio.cc b/src/node_crypto_bio.cc index 9f06801c3a..fc143043ba 100644 --- a/src/node_crypto_bio.cc +++ b/src/node_crypto_bio.cc @@ -30,16 +30,6 @@ namespace node { namespace crypto { -#if OPENSSL_VERSION_NUMBER < 0x10100000L -#define BIO_set_data(bio, data) bio->ptr = data -#define BIO_get_data(bio) bio->ptr -#define BIO_set_shutdown(bio, shutdown_) bio->shutdown = shutdown_ -#define BIO_get_shutdown(bio) bio->shutdown -#define BIO_set_init(bio, init_) bio->init = init_ -#define BIO_get_init(bio) bio->init -#endif - - BIOPointer NodeBIO::New(Environment* env) { BIOPointer bio(BIO_new(GetMethod())); if (bio && env != nullptr) @@ -231,22 +221,6 @@ long NodeBIO::Ctrl(BIO* bio, int cmd, long num, // NOLINT(runtime/int) const BIO_METHOD* NodeBIO::GetMethod() { -#if OPENSSL_VERSION_NUMBER < 0x10100000L - static const BIO_METHOD method = { - BIO_TYPE_MEM, - "node.js SSL buffer", - Write, - Read, - Puts, - Gets, - Ctrl, - New, - Free, - nullptr - }; - - return &method; -#else // This is called from InitCryptoOnce() to avoid race conditions during // initialization. static BIO_METHOD* method = nullptr; @@ -263,7 +237,6 @@ const BIO_METHOD* NodeBIO::GetMethod() { } return method; -#endif } |