Be explicit about OpenSSL version requriement.

https://chromium-review.googlesource.com/c/external/webrtc/+/575910 pretty much made it a mandate to have OpenSSL 1.1.0 to compile webrtc. So, let's be explicit about it and cleanup old code for older version support. Also, generate a compiler error for older OpenSSL versions. Bug: webrtc:8817 Change-Id: I28590348137b6a04503eabdcc6328297ecf5213e Reviewed-on: https://webrtc-review.googlesource.com/46502 Reviewed-by: Justin Uberti <juberti@webrtc.org> Commit-Queue: Jiawei Ou <ouj@fb.com> Cr-Commit-Position: refs/heads/master@{#21861}
2025-05-12 21:30:45 +01:00 · 2018-01-30 23:05:07 -08:00 · 2018-01-30 23:05:07 -08:00 · a9c94d5b12
commit a9c94d5b12
parent 7b581eb1ca
2 changed files with 4 additions and 22 deletions
--- a/rtc_base/openssl.h
+++ b/rtc_base/openssl.h
@ -13,8 +13,8 @@

 #include <openssl/ssl.h>

-#if (OPENSSL_VERSION_NUMBER < 0x10000000L)
-#error OpenSSL is older than 1.0.0, which is the minimum supported version.
+#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
+#error OpenSSL is older than 1.1.0, which is the minimum supported version.
 #endif

 #endif  // RTC_BASE_OPENSSL_H_
--- a/rtc_base/opensslstreamadapter.cc
+++ b/rtc_base/opensslstreamadapter.cc
@ -42,8 +42,8 @@ namespace {

 namespace rtc {

-#if (OPENSSL_VERSION_NUMBER < 0x10001000L)
-#error "webrtc requires at least OpenSSL version 1.0.1, to support DTLS-SRTP"
+#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
+#error "webrtc requires at least OpenSSL version 1.1.0, to support DTLS-SRTP"
 #endif

 // SRTP cipher suite table. |internal_name| is used to construct a
@ -969,35 +969,17 @@ SSL_CTX* OpenSSLStreamAdapter::SetupSSLContext() {
    case SSL_PROTOCOL_TLS_12:
    default:
      if (ssl_mode_ == SSL_MODE_DTLS) {
-#if (OPENSSL_VERSION_NUMBER >= 0x10002000L)
-        // DTLS 1.2 only available starting from OpenSSL 1.0.2
        if (role_ == SSL_CLIENT) {
          method = DTLS_client_method();
        } else {
          method = DTLS_server_method();
        }
-#else
-        if (role_ == SSL_CLIENT) {
-          method = DTLSv1_client_method();
-        } else {
-          method = DTLSv1_server_method();
-        }
-#endif
      } else {
-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
-        // New API only available starting from OpenSSL 1.1.0
        if (role_ == SSL_CLIENT) {
          method = TLS_client_method();
        } else {
          method = TLS_server_method();
        }
-#else
-        if (role_ == SSL_CLIENT) {
-          method = SSLv23_client_method();
-        } else {
-          method = SSLv23_server_method();
-        }
-#endif
      }
      break;
  }