Backwards-compatibility subject to OPENSSL_API_COMPAT

Provide backwards-compatiblity for functions, macros and include files if OPENSSL_API_COMPAT is either not defined or defined less than the version number of the release in which the feature was deprecated. Reviewed-by: Richard Levitte <levitte@openssl.org>
author: Viktor Dukhovni <openssl-users@dukhovni.org> 2016-01-04 23:00:33 -0500
committer: Viktor Dukhovni <openssl-users@dukhovni.org> 2016-01-07 20:53:18 -0500
commit: 98186eb4e4aef6262ed6b0f499348defa2c26893 (patch)
tree: 38ddc0aea1be4b31a4a48d74dc307ad30288af47 /crypto
parent: cddd424a5bda94e238e4ff06c0efc80cff3b07d1 (diff)
13 files changed, 65 insertions, 28 deletions
diff --git a/crypto/bn/bn_blind.c b/crypto/bn/bn_blind.c
index 7ca13bb31e..bc2918e99b 100644
--- a/crypto/bn/bn_blind.c
+++ b/crypto/bn/bn_blind.c
@@ -109,6 +109,7 @@
  * [including the GNU Public Licence.]
  */
 
+#include <openssl/opensslconf.h>
 #include "internal/cryptlib.h"
 #include "bn_lcl.h"
 
@@ -119,7 +120,7 @@ struct bn_blinding_st {
     BIGNUM *Ai;
     BIGNUM *e;
     BIGNUM *mod;                /* just a reference */
-#ifndef OPENSSL_NO_DEPRECATED
+#if OPENSSL_API_COMPAT < 0x10000000L
     unsigned long thread_id;    /* added in OpenSSL 0.9.6j and 0.9.7b; used
                                  * only by crypto/rsa/rsa_eay.c, rsa_lib.c */
 #endif
@@ -271,7 +272,7 @@ int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
     return (ret);
 }
 
-#ifndef OPENSSL_NO_DEPRECATED
+#if OPENSSL_API_COMPAT < 0x10000000L
 unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *b)
 {
     return b->thread_id;
diff --git a/crypto/bn/bn_depr.c b/crypto/bn/bn_depr.c
index c4a5c820d0..b64aa5fb29 100644
--- a/crypto/bn/bn_depr.c
+++ b/crypto/bn/bn_depr.c
@@ -62,11 +62,12 @@
 #include <time.h>
 #include "internal/cryptlib.h"
 #include "bn_lcl.h"
+#include <openssl/opensslconf.h>
 #include <openssl/rand.h>
 
 static void *dummy = &dummy;
 
-#ifndef OPENSSL_NO_DEPRECATED
+#if OPENSSL_API_COMPAT < 0x00908000L
 BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe,
                           const BIGNUM *add, const BIGNUM *rem,
                           void (*callback) (int, int, void *), void *cb_arg)
diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c
index b9e96b553e..6393a34f8a 100644
--- a/crypto/bn/bn_lib.c
+++ b/crypto/bn/bn_lib.c
@@ -65,9 +65,10 @@
 #include <limits.h>
 #include "internal/cryptlib.h"
 #include "bn_lcl.h"
+#include <openssl/opensslconf.h>
 
 /* This stuff appears to be completely unused, so is deprecated */
-#ifndef OPENSSL_NO_DEPRECATED
+#if OPENSSL_API_COMPAT < 0x00908000L
 /*-
  * For a 32 bit machine
  * 2 -   4 ==  128
@@ -258,7 +259,7 @@ void BN_free(BIGNUM *a)
     if (a->flags & BN_FLG_MALLOCED)
         OPENSSL_free(a);
     else {
-#ifndef OPENSSL_NO_DEPRECATED
+#if OPENSSL_API_COMPAT < 0x00908000L
         a->flags |= BN_FLG_FREE;
 #endif
         a->d = NULL;
diff --git a/crypto/dh/dh_depr.c b/crypto/dh/dh_depr.c
index de93472189..78875fbc6b 100644
--- a/crypto/dh/dh_depr.c
+++ b/crypto/dh/dh_depr.c
@@ -59,10 +59,11 @@
 #include "internal/cryptlib.h"
 #include <openssl/bn.h>
 #include <openssl/dh.h>
+#include <openssl/opensslconf.h>
 
 static void *dummy = &dummy;
 
-#ifndef OPENSSL_NO_DEPRECATED
+#if OPENSSL_API_COMPAT < 0x00908000L
 DH *DH_generate_parameters(int prime_len, int generator,
                            void (*callback) (int, int, void *), void *cb_arg)
 {
diff --git a/crypto/dsa/dsa_depr.c b/crypto/dsa/dsa_depr.c
index 0b18776845..90dbd8d18e 100644
--- a/crypto/dsa/dsa_depr.c
+++ b/crypto/dsa/dsa_depr.c
@@ -75,8 +75,9 @@ static void *dummy = &dummy;
 #include <openssl/dsa.h>
 #include <openssl/rand.h>
 #include <openssl/sha.h>
+#include <openssl/opensslconf.h>
 
-#ifndef OPENSSL_NO_DEPRECATED
+#if OPENSSL_API_COMPAT < 0x00908000L
 DSA *DSA_generate_parameters(int bits,
                              unsigned char *seed_in, int seed_len,
                              int *counter_ret, unsigned long *h_ret,
diff --git a/crypto/err/err.c b/crypto/err/err.c
index 9f81768ecc..77e8223de4 100644
--- a/crypto/err/err.c
+++ b/crypto/err/err.c
@@ -118,6 +118,7 @@
 #include <openssl/buffer.h>
 #include <openssl/bio.h>
 #include <openssl/err.h>
+#include <openssl/opensslconf.h>
 
 DECLARE_LHASH_OF(ERR_STRING_DATA);
 DECLARE_LHASH_OF(ERR_STATE);
@@ -861,7 +862,7 @@ void ERR_remove_thread_state(const CRYPTO_THREADID *id)
     int_thread_del_item(&tmp);
 }
 
-#ifndef OPENSSL_NO_DEPRECATED
+#if OPENSSL_API_COMPAT < 0x10000000L
 void ERR_remove_state(unsigned long pid)
 {
     ERR_remove_thread_state(NULL);
diff --git a/crypto/evp/e_old.c b/crypto/evp/e_old.c
index a23d143b7f..d5c4b4e09d 100644
--- a/crypto/evp/e_old.c
+++ b/crypto/evp/e_old.c
@@ -57,7 +57,9 @@
  *
  */
 
-#ifdef OPENSSL_NO_DEPRECATED
+#include <openssl/opensslconf.h>
+
+#if OPENSSL_API_COMPAT >= 0x00908000L
 static void *dummy = &dummy;
 #else
 
diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
index 3bc93a8841..72daed13dd 100644
--- a/crypto/hmac/hmac.c
+++ b/crypto/hmac/hmac.c
@@ -61,6 +61,7 @@
 #include <string.h>
 #include "internal/cryptlib.h"
 #include <openssl/hmac.h>
+#include <openssl/opensslconf.h>
 #include "hmac_lcl.h"
 
 int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
@@ -127,7 +128,7 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
     return 0;
 }
 
-#ifndef OPENSSL_NO_DEPRECATED
+#if OPENSSL_API_COMPAT < 0x10100000L
 int HMAC_Init(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md)
 {
     if (key && md)
diff --git a/crypto/opensslconf.h.in b/crypto/opensslconf.h.in
index f12117963f..20a420fa7b 100644
--- a/crypto/opensslconf.h.in
+++ b/crypto/opensslconf.h.in
@@ -1,20 +1,44 @@
 /* crypto/opensslconf.h.in */
 
 /*
- * Applications should use -DOPENSSL_USE_DEPRECATED to enable access to
- * deprecated functions. But if the library has been built to disable
- * deprecated functions then this will not work
+ * Applications should use -DOPENSSL_API_COMPAT=<version> to suppress the
+ * declarations of functions deprecated in or before <version>. Otherwise, they
+ * still won't see them if the library has been built to disable deprecated
+ * functions.
  */
-#if defined(OPENSSL_NO_DEPRECATED) && defined(OPENSSL_USE_DEPRECATED)
-#error "OPENSSL_USE_DEPRECATED has been defined, but OpenSSL has been built without support for deprecated functions"
+#if defined(OPENSSL_NO_DEPRECATED)
+# define DECLARE_DEPRECATED(f)
+#elif __GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ > 0)
+# define DECLARE_DEPRECATED(f)    f __attribute__ ((deprecated));
+#else
+# define DECLARE_DEPRECATED(f)   f;
+#endif
+
+#ifndef OPENSSL_MIN_API
+#define OPENSSL_MIN_API 0
+#endif
+
+#if !defined(OPENSSL_API_COMPAT) || OPENSSL_API_COMPAT < OPENSSL_MIN_API
+#undef OPENSSL_API_COMPAT
+#define OPENSSL_API_COMPAT OPENSSL_MIN_API
+#endif
+
+#if OPENSSL_API_COMPAT < 0x10100000L
+# define DEPRECATEDIN_1_1_0(f)   DECLARE_DEPRECATED(f)
+#else
+# define DEPRECATEDIN_1_1_0(f)
+#endif
+
+#if OPENSSL_API_COMPAT < 0x10000000L
+# define DEPRECATEDIN_1_0_0(f)   DECLARE_DEPRECATED(f)
+#else
+# define DEPRECATEDIN_1_0_0(f)
 #endif
 
-/* Test for support for deprecated attribute */
-#if __GNUC__ > 3 || \
-  (__GNUC__ == 3 && __GNUC_MINOR__ > 0)
-#define DECLARE_DEPRECATED(f)    f __attribute__ ((deprecated))
+#if OPENSSL_API_COMPAT < 0x00908000L
+# define DEPRECATEDIN_0_9_8(f)   DECLARE_DEPRECATED(f)
 #else
-#define DECLARE_DEPRECATED(f)    f
+# define DEPRECATEDIN_0_9_8(f)
 #endif
 
 /* Generate 80386 code? */
diff --git a/crypto/rand/md_rand.c b/crypto/rand/md_rand.c
index c2dfce419a..13ad774d8a 100644
--- a/crypto/rand/md_rand.c
+++ b/crypto/rand/md_rand.c
@@ -128,6 +128,7 @@
 # include <time.h>
 #endif
 
+#include <openssl/opensslconf.h>
 #include <openssl/crypto.h>
 #include <openssl/rand.h>
 #include <openssl/async.h>
@@ -172,7 +173,7 @@ static int rand_seed(const void *buf, int num);
 static int rand_add(const void *buf, int num, double add_entropy);
 static int rand_bytes(unsigned char *buf, int num, int pseudo);
 static int rand_nopseudo_bytes(unsigned char *buf, int num);
-#ifndef OPENSSL_NO_DEPRECATED
+#if OPENSSL_API_COMPAT < 0x10100000L
 static int rand_pseudo_bytes(unsigned char *buf, int num);
 #endif
 static int rand_status(void);
@@ -182,7 +183,7 @@ static RAND_METHOD rand_meth = {
     rand_nopseudo_bytes,
     rand_cleanup,
     rand_add,
-#ifndef OPENSSL_NO_DEPRECATED
+#if OPENSSL_API_COMPAT < 0x10100000L
     rand_pseudo_bytes,
 #else
     NULL,
@@ -627,7 +628,7 @@ static int rand_nopseudo_bytes(unsigned char *buf, int num)
     return rand_bytes(buf, num, 0);
 }
 
-#ifndef OPENSSL_NO_DEPRECATED
+#if OPENSSL_API_COMPAT < 0x10100000L
 /*
  * pseudo-random bytes that are guaranteed to be unique but not unpredictable
  */
diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c
index 308b9e2c30..4a425d7e58 100644
--- a/crypto/rand/rand_lib.c
+++ b/crypto/rand/rand_lib.c
@@ -59,6 +59,7 @@
 #include <stdio.h>
 #include <time.h>
 #include "internal/cryptlib.h"
+#include <openssl/opensslconf.h>
 #include <openssl/rand.h>
 
 #ifndef OPENSSL_NO_ENGINE
@@ -159,7 +160,7 @@ int RAND_bytes(unsigned char *buf, int num)
     return (-1);
 }
 
-#ifndef OPENSSL_NO_DEPRECATED
+#if OPENSSL_API_COMPAT < 0x10100000L
 int RAND_pseudo_bytes(unsigned char *buf, int num)
 {
     const RAND_METHOD *meth = RAND_get_rand_method();
diff --git a/crypto/rsa/rsa_depr.c b/crypto/rsa/rsa_depr.c
index 5bd0275856..59e1e7b38e 100644
--- a/crypto/rsa/rsa_depr.c
+++ b/crypto/rsa/rsa_depr.c
@@ -61,10 +61,11 @@
 #include <stdio.h>
 #include <time.h>
 #include "internal/cryptlib.h"
+#include <openssl/opensslconf.h>
 #include <openssl/bn.h>
 #include <openssl/rsa.h>
 
-#ifdef OPENSSL_NO_DEPRECATED
+#if OPENSSL_API_COMPAT >= 0x00908000L
 
 static void *dummy = &dummy;
 
diff --git a/crypto/thr_id.c b/crypto/thr_id.c
index 51088e4fb5..73711d89e3 100644
--- a/crypto/thr_id.c
+++ b/crypto/thr_id.c
@@ -115,8 +115,9 @@
  */
 
 #include "internal/cryptlib.h"
+#include <openssl/opensslconf.h>
 
-#ifndef OPENSSL_NO_DEPRECATED
+#if OPENSSL_API_COMPAT < 0x10000000L
 static unsigned long (*id_callback) (void) = 0;
 #endif
 static void (*threadid_callback) (CRYPTO_THREADID *) = 0;
@@ -189,7 +190,7 @@ void CRYPTO_THREADID_current(CRYPTO_THREADID *id)
         threadid_callback(id);
         return;
     }
-#ifndef OPENSSL_NO_DEPRECATED
+#if OPENSSL_API_COMPAT < 0x10000000L
     /* If the deprecated callback was set, fall back to that */
     if (id_callback) {
         CRYPTO_THREADID_set_numeric(id, id_callback());
@@ -220,7 +221,7 @@ unsigned long CRYPTO_THREADID_hash(const CRYPTO_THREADID *id)
     return id->val;
 }
 
-#ifndef OPENSSL_NO_DEPRECATED
+#if OPENSSL_API_COMPAT < 0x10000000L
 unsigned long (*CRYPTO_get_id_callback(void)) (void) {
     return (id_callback);
 }
author	Viktor Dukhovni <openssl-users@dukhovni.org>	2016-01-04 23:00:33 -0500
committer	Viktor Dukhovni <openssl-users@dukhovni.org>	2016-01-07 20:53:18 -0500
commit	98186eb4e4aef6262ed6b0f499348defa2c26893 (patch)
tree	38ddc0aea1be4b31a4a48d74dc307ad30288af47 /crypto
parent	cddd424a5bda94e238e4ff06c0efc80cff3b07d1 (diff)