require openssl 1.1.0+

salikx · Feb 5, 2017 · 45e4625 · 45e4625
1 parent 50305ed
commit 45e4625
Show file tree

Hide file tree

Showing 5 changed files with 14 additions and 31 deletions.
diff --git a/CHANGES b/CHANGES
@@ -1,3 +1,7 @@
+master
+
+ * Require OpenSSL 1.1.0+
+
 wrk 4.0.2
 
  * Send hostname using TLS SNI.

diff --git a/Makefile b/Makefile
@@ -74,7 +74,7 @@ $(ODIR)/%.o : %.c
 LUAJIT  := $(notdir $(patsubst %.tar.gz,%,$(wildcard deps/LuaJIT*.tar.gz)))
 OPENSSL := $(notdir $(patsubst %.tar.gz,%,$(wildcard deps/openssl*.tar.gz)))
 
-OPENSSL_OPTS = no-shared no-ssl2 no-psk no-srp no-dtls no-idea --prefix=$(abspath $(ODIR))
+OPENSSL_OPTS = no-shared no-psk no-srp no-dtls no-idea --prefix=$(abspath $(ODIR))
 
 $(ODIR)/$(LUAJIT):  deps/$(LUAJIT).tar.gz  | $(ODIR)
 	@tar -C $(ODIR) -xf $<
@@ -93,7 +93,10 @@ ifeq ($(TARGET), darwin)
 else
 	@$(SHELL) -c "cd $< && ./config $(OPENSSL_OPTS)"
 endif
-	@$(MAKE) -C $< depend install
+	@$(MAKE) -C $< depend
+	@$(MAKE) -C $<
+	@$(MAKE) -C $< install_sw
+	@touch $@
 
 # ------------
 

diff --git a/deps/openssl-1.0.2g.tar.gz b/deps/openssl-1.0.2g.tar.gz
diff --git a/deps/openssl-1.1.0d.tar.gz b/deps/openssl-1.1.0d.tar.gz
diff --git a/src/ssl.c b/src/ssl.c
@@ -8,42 +8,18 @@
 
 #include "ssl.h"
 
-static pthread_mutex_t *locks;
-
-static void ssl_lock(int mode, int n, const char *file, int line) {
-    pthread_mutex_t *lock = &locks[n];
-    if (mode & CRYPTO_LOCK) {
-        pthread_mutex_lock(lock);
-    } else {
-        pthread_mutex_unlock(lock);
-    }
-}
-
-static unsigned long ssl_id() {
-    return (unsigned long) pthread_self();
-}
-
 SSL_CTX *ssl_init() {
     SSL_CTX *ctx = NULL;
 
     SSL_load_error_strings();
     SSL_library_init();
     OpenSSL_add_all_algorithms();
 
-    if ((locks = calloc(CRYPTO_num_locks(), sizeof(pthread_mutex_t)))) {
-        for (int i = 0; i < CRYPTO_num_locks(); i++) {
-            pthread_mutex_init(&locks[i], NULL);
-        }
-
-        CRYPTO_set_locking_callback(ssl_lock);
-        CRYPTO_set_id_callback(ssl_id);
-
-        if ((ctx = SSL_CTX_new(SSLv23_client_method()))) {
-            SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, NULL);
-            SSL_CTX_set_verify_depth(ctx, 0);
-            SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY);
-            SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_CLIENT);
-        }
+    if ((ctx = SSL_CTX_new(SSLv23_client_method()))) {
+        SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, NULL);
+        SSL_CTX_set_verify_depth(ctx, 0);
+        SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY);
+        SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_CLIENT);
     }
 
     return ctx;