Skip to content

Commit 8984b73

Browse files
sam-githubBridgeAR
authored andcommitted
src: remove TLS code for unsupported OpenSSLs
Versions of OpenSSL lower than 1.1.1 are no longer supported, so remove ifdefs for previous versions. PR-URL: #28085 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Anatoli Papirovski <apapirovski@mac.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net>
1 parent 0716944 commit 8984b73

File tree

3 files changed

+7
-61
lines changed

3 files changed

+7
-61
lines changed

src/node_crypto.cc

Lines changed: 0 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -5564,12 +5564,6 @@ void DiffieHellman::SetPublicKey(const FunctionCallbackInfo<Value>& args) {
55645564
}
55655565

55665566
void DiffieHellman::SetPrivateKey(const FunctionCallbackInfo<Value>& args) {
5567-
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && \
5568-
OPENSSL_VERSION_NUMBER < 0x10100070L
5569-
// Older versions of OpenSSL 1.1.0 have a DH_set0_key which does not work for
5570-
// Node. See https://github.com/openssl/openssl/pull/4384.
5571-
#error "OpenSSL 1.1.0 revisions before 1.1.0g are not supported"
5572-
#endif
55735567
SetKey(args,
55745568
[](DH* dh, BIGNUM* num) { return DH_set0_key(dh, nullptr, num); },
55755569
"Private key");

src/node_crypto.h

Lines changed: 7 additions & 28 deletions
Original file line numberDiff line numberDiff line change
@@ -108,20 +108,13 @@ class SecureContext : public BaseObject {
108108
static const int kTicketKeyNameIndex = 3;
109109
static const int kTicketKeyIVIndex = 4;
110110

111-
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
112111
unsigned char ticket_key_name_[16];
113112
unsigned char ticket_key_aes_[16];
114113
unsigned char ticket_key_hmac_[16];
115-
#endif
116114

117115
protected:
118-
#if OPENSSL_VERSION_NUMBER < 0x10100000L
119-
static const int64_t kExternalSize = sizeof(SSL_CTX);
120-
#else
121-
// OpenSSL 1.1.0 has opaque structures. This is an estimate based on the size
122-
// as of OpenSSL 1.1.0f.
123-
static const int64_t kExternalSize = 872;
124-
#endif
116+
// OpenSSL structures are opaque. This is sizeof(SSL_CTX) for OpenSSL 1.1.1b:
117+
static const int64_t kExternalSize = 1024;
125118

126119
static void New(const v8::FunctionCallbackInfo<v8::Value>& args);
127120
static void Init(const v8::FunctionCallbackInfo<v8::Value>& args);
@@ -167,14 +160,12 @@ class SecureContext : public BaseObject {
167160
HMAC_CTX* hctx,
168161
int enc);
169162

170-
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
171163
static int TicketCompatibilityCallback(SSL* ssl,
172164
unsigned char* name,
173165
unsigned char* iv,
174166
EVP_CIPHER_CTX* ectx,
175167
HMAC_CTX* hctx,
176168
int enc);
177-
#endif
178169

179170
SecureContext(Environment* env, v8::Local<v8::Object> wrap)
180171
: BaseObject(env, wrap) {
@@ -229,32 +220,20 @@ class SSLWrap {
229220
protected:
230221
typedef void (*CertCb)(void* arg);
231222

232-
#if OPENSSL_VERSION_NUMBER < 0x10100000L
233-
// Size allocated by OpenSSL: one for SSL structure, one for SSL3_STATE and
234-
// some for buffers.
223+
// OpenSSL structures are opaque. Estimate SSL memory size for OpenSSL 1.1.1b:
224+
// SSL: 6224
225+
// SSL->SSL3_STATE: 1040
226+
// ...some buffers: 42 * 1024
235227
// NOTE: Actually it is much more than this
236-
static const int64_t kExternalSize =
237-
sizeof(SSL) + sizeof(SSL3_STATE) + 42 * 1024;
238-
#else
239-
// OpenSSL 1.1.0 has opaque structures. This is an estimate based on the size
240-
// as of OpenSSL 1.1.0f.
241-
static const int64_t kExternalSize = 4448 + 1024 + 42 * 1024;
242-
#endif
228+
static const int64_t kExternalSize = 6224 + 1040 + 42 * 1024;
243229

244230
static void ConfigureSecureContext(SecureContext* sc);
245231
static void AddMethods(Environment* env, v8::Local<v8::FunctionTemplate> t);
246232

247-
#if OPENSSL_VERSION_NUMBER < 0x10100000L
248-
static SSL_SESSION* GetSessionCallback(SSL* s,
249-
unsigned char* key,
250-
int len,
251-
int* copy);
252-
#else
253233
static SSL_SESSION* GetSessionCallback(SSL* s,
254234
const unsigned char* key,
255235
int len,
256236
int* copy);
257-
#endif
258237
static int NewSessionCallback(SSL* s, SSL_SESSION* sess);
259238
static void KeylogCallback(const SSL* s, const char* line);
260239
static void OnClientHello(void* arg,

src/node_crypto_bio.cc

Lines changed: 0 additions & 27 deletions
Original file line numberDiff line numberDiff line change
@@ -30,16 +30,6 @@
3030
namespace node {
3131
namespace crypto {
3232

33-
#if OPENSSL_VERSION_NUMBER < 0x10100000L
34-
#define BIO_set_data(bio, data) bio->ptr = data
35-
#define BIO_get_data(bio) bio->ptr
36-
#define BIO_set_shutdown(bio, shutdown_) bio->shutdown = shutdown_
37-
#define BIO_get_shutdown(bio) bio->shutdown
38-
#define BIO_set_init(bio, init_) bio->init = init_
39-
#define BIO_get_init(bio) bio->init
40-
#endif
41-
42-
4333
BIOPointer NodeBIO::New(Environment* env) {
4434
BIOPointer bio(BIO_new(GetMethod()));
4535
if (bio && env != nullptr)
@@ -231,22 +221,6 @@ long NodeBIO::Ctrl(BIO* bio, int cmd, long num, // NOLINT(runtime/int)
231221

232222

233223
const BIO_METHOD* NodeBIO::GetMethod() {
234-
#if OPENSSL_VERSION_NUMBER < 0x10100000L
235-
static const BIO_METHOD method = {
236-
BIO_TYPE_MEM,
237-
"node.js SSL buffer",
238-
Write,
239-
Read,
240-
Puts,
241-
Gets,
242-
Ctrl,
243-
New,
244-
Free,
245-
nullptr
246-
};
247-
248-
return &method;
249-
#else
250224
// This is called from InitCryptoOnce() to avoid race conditions during
251225
// initialization.
252226
static BIO_METHOD* method = nullptr;
@@ -263,7 +237,6 @@ const BIO_METHOD* NodeBIO::GetMethod() {
263237
}
264238

265239
return method;
266-
#endif
267240
}
268241

269242

0 commit comments

Comments
 (0)