Cleanup old OpenSSL 0.9.7 compatibility code

OpenSSL 0.9.7 is already not supported, so clean up the old legacy bits for that as well. Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2020-12-18 13:53:06 +01:00 · 2020-12-18 13:53:06 +01:00 · 7e99867533
--- a/include/libssh/libcrypto.h
+++ b/include/libssh/libcrypto.h
@ -60,10 +60,6 @@ typedef void *EVPCTX;

 #include <openssl/bn.h>
 #include <openssl/opensslv.h>
-#define OPENSSL_0_9_7b 0x0090702fL
-#if (OPENSSL_VERSION_NUMBER <= OPENSSL_0_9_7b)
-#define BROKEN_AES_CTR
-#endif
 typedef BIGNUM*  bignum;
 typedef const BIGNUM* const_bignum;
 typedef BN_CTX* bignum_CTX;
--- a/src/kex.c
+++ b/src/kex.c
@ -80,13 +80,8 @@
 #  else
 #   define GCM ""
 #  endif /* HAVE_OPENSSL_EVP_AES_GCM */
-#  ifdef BROKEN_AES_CTR
-#   define AES GCM
-#   define AES_CBC "aes256-cbc,aes192-cbc,aes128-cbc,"
-#  else /* BROKEN_AES_CTR */
 #  define AES GCM "aes256-ctr,aes192-ctr,aes128-ctr,"
 #  define AES_CBC "aes256-cbc,aes192-cbc,aes128-cbc,"
-#  endif /* BROKEN_AES_CTR */
 # else /* HAVE_OPENSSL_AES_H */
 #  define AES ""
 #  define AES_CBC ""
--- a/src/libcrypto.c
+++ b/src/libcrypto.c
@ -1304,10 +1304,6 @@ static struct ssh_cipher_struct ssh_ciphertab[] = {
  },
 #endif
 #ifdef HAS_AES
-#ifndef BROKEN_AES_CTR
-/* OpenSSL until 0.9.7c has a broken AES_ctr128_encrypt implementation which
- * increments the counter from 2^64 instead of 1. It's better not to use it
- */
 #ifdef HAVE_OPENSSL_EVP_AES_CTR
  {
    .name = "aes128-ctr",
@ -1377,7 +1373,6 @@ static struct ssh_cipher_struct ssh_ciphertab[] = {
    .cleanup = aes_ctr_cleanup
  },
 #endif /* HAVE_OPENSSL_EVP_AES_CTR */
-#endif /* BROKEN_AES_CTR */
  {
    .name = "aes128-cbc",
    .blocksize = AES_BLOCK_SIZE,