OpenSSL: Drop legacy 1.1.1 support in the source files

Following the package base of majority of maintained LTS Linux distros, 1.1.1 is retired
cmangos · Jul 14, 2024 · b142e31 · b142e31 · Shauren · Jul 14, 2024
1 parent c9d92dc
commit b142e31
Show file tree

Hide file tree

Showing 5 changed files with 3 additions and 42 deletions.
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -260,10 +260,10 @@ if(UNIX AND (BUILD_GAME_SERVER OR BUILD_LOGIN_SERVER OR BUILD_EXTRACTORS))
   find_package(OpenSSL REQUIRED)
 
   message(STATUS "Found OpenSSL libraries: ${OPENSSL_LIBRARIES}")
-  if(OPENSSL_VERSION VERSION_LESS 1.1)
-    message(SEND_ERROR "OpenSSL: This project requires OpenSSL version 1.1.0 or higher")
+  if(OPENSSL_VERSION VERSION_LESS 3.0)
+    message(SEND_ERROR "OpenSSL: This project requires OpenSSL version 3.0 or higher")
   endif()
-  if(OPENSSL_VERSION VERSION_LESS 1.1.1 OR (OPENSSL_VERSION VERSION_GREATER 3.0 AND OPENSSL_VERSION VERSION_LESS 3.0.7))
+  if(OPENSSL_VERSION VERSION_GREATER 3.0 AND OPENSSL_VERSION VERSION_LESS 3.0.14)
     message(WARNING "OpenSSL: Your OpenSSL version is critically vulnerable or no longer being maintained, consider upgrading")
   endif()
 endif()

diff --git a/src/mangosd/Main.cpp b/src/mangosd/Main.cpp
@@ -33,9 +33,7 @@
 
 #include <openssl/opensslv.h>
 #include <openssl/crypto.h>
-#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3)
 #include <openssl/provider.h>
-#endif
 
 #include <boost/program_options.hpp>
 #include <boost/version.hpp>
@@ -180,7 +178,6 @@ int main(int argc, char* argv[])
     sLog.outString("Using configuration file %s.", configFile.c_str());
 
     DETAIL_LOG("%s (Library: %s)", OPENSSL_VERSION_TEXT, OpenSSL_version(OPENSSL_VERSION));
-#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3)
     // Load OpenSSL 3.0+ providers
     OSSL_PROVIDER* openssl_legacy = OSSL_PROVIDER_load(nullptr, "legacy");
     if (!openssl_legacy)
@@ -195,7 +192,6 @@ int main(int argc, char* argv[])
         OSSL_PROVIDER_unload(openssl_legacy);
         return 1;
     }
-#endif
 
     DETAIL_LOG("Using Boost: %s", BOOST_LIB_VERSION);
 

diff --git a/src/realmd/Main.cpp b/src/realmd/Main.cpp
@@ -35,9 +35,7 @@
 
 #include <openssl/opensslv.h>
 #include <openssl/crypto.h>
-#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3)
 #include <openssl/provider.h>
-#endif
 
 #include <boost/program_options.hpp>
 #include <boost/version.hpp>
@@ -177,7 +175,6 @@ int main(int argc, char* argv[])
     }
 
     DETAIL_LOG("%s (Library: %s)", OPENSSL_VERSION_TEXT, OpenSSL_version(OPENSSL_VERSION));
-#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3)
     // Load OpenSSL 3.0+ providers
     OSSL_PROVIDER* openssl_legacy = OSSL_PROVIDER_load(nullptr, "legacy");
     if (!openssl_legacy)
@@ -192,7 +189,6 @@ int main(int argc, char* argv[])
         OSSL_PROVIDER_unload(openssl_legacy);
         return 1;
     }
-#endif
 
     sLog.outString();
     sLog.outString("<Ctrl-C> to stop.");

diff --git a/src/shared/Auth/HMACSHA1.cpp b/src/shared/Auth/HMACSHA1.cpp
@@ -22,7 +22,6 @@
 HMACSHA1::HMACSHA1(uint32 len, uint8 const* seed)
 {
     memcpy(&m_key, seed, len);
-#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3)
     m_mac = EVP_MAC_fetch(nullptr, "HMAC", nullptr);
     m_ctx = EVP_MAC_CTX_new(m_mac);
 
@@ -31,15 +30,10 @@ HMACSHA1::HMACSHA1(uint32 len, uint8 const* seed)
     params[1] = OSSL_PARAM_construct_end();
 
     EVP_MAC_init(m_ctx, m_key, len, params);
-#else
-    m_ctx = HMAC_CTX_new();
-    HMAC_Init_ex(m_ctx, &m_key, len, EVP_sha1(), nullptr);
-#endif
 }
 
 HMACSHA1::HMACSHA1(uint32 len, uint8 const* seed, bool) // to get over the default constructor
 {
-#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3)
     m_mac = EVP_MAC_fetch(nullptr, "HMAC", nullptr);
     m_ctx = EVP_MAC_CTX_new(m_mac);
 
@@ -48,21 +42,13 @@ HMACSHA1::HMACSHA1(uint32 len, uint8 const* seed, bool) // to get over the defau
     params[1] = OSSL_PARAM_construct_end();
 
     EVP_MAC_init(m_ctx, seed, len, params);
-#else
-    m_ctx = HMAC_CTX_new();
-    HMAC_Init_ex(m_ctx, seed, len, EVP_sha1(), nullptr);
-#endif
 }
 
 HMACSHA1::~HMACSHA1()
 {
     memset(&m_key, 0x00, SEED_KEY_SIZE);
-#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3)
     EVP_MAC_CTX_free(m_ctx);
     EVP_MAC_free(m_mac);
-#else
-    HMAC_CTX_free(m_ctx);
-#endif
 }
 
 void HMACSHA1::UpdateBigNumber(BigNumber* bn)
@@ -72,11 +58,7 @@ void HMACSHA1::UpdateBigNumber(BigNumber* bn)
 
 void HMACSHA1::UpdateData(const uint8* data, int length)
 {
-#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3)
     EVP_MAC_update(m_ctx, data, length);
-#else
-    HMAC_Update(m_ctx, data, length);
-#endif
 }
 
 void HMACSHA1::UpdateData(const std::string& str)
@@ -86,26 +68,17 @@ void HMACSHA1::UpdateData(const std::string& str)
 
 void HMACSHA1::Initialize()
 {
-#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3)
     OSSL_PARAM params[2];
     params[0] = OSSL_PARAM_construct_utf8_string("digest", const_cast<char*>("SHA1"), 0);
     params[1] = OSSL_PARAM_construct_end();
 
     EVP_MAC_init(m_ctx, m_key, SEED_KEY_SIZE, params);
-#else
-    HMAC_Init_ex(m_ctx, &m_key, SEED_KEY_SIZE, EVP_sha1(), NULL);
-#endif
 }
 
 void HMACSHA1::Finalize()
 {
-#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3)
     size_t length = 0;
     EVP_MAC_final(m_ctx, m_digest, &length, sizeof(m_digest));
-#else
-    uint32 length = 0;
-    HMAC_Final(m_ctx, (uint8*)m_digest, &length);
-#endif
     MANGOS_ASSERT(length == SHA_DIGEST_LENGTH);
 }
 

diff --git a/src/shared/Auth/HMACSHA1.h b/src/shared/Auth/HMACSHA1.h
@@ -42,12 +42,8 @@ class HMACSHA1
         uint8* GetDigest() { return m_digest; }
         static int GetLength() { return SHA_DIGEST_LENGTH; }
     private:
-#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3)
         EVP_MAC* m_mac;
         EVP_MAC_CTX* m_ctx;
-#else
-        HMAC_CTX* m_ctx;
-#endif
         uint8 m_key[SEED_KEY_SIZE];
         uint8 m_digest[SHA_DIGEST_LENGTH];
 };