Drop 1.0.0 (#3312)

* delete the 1.0.0 support

* drop the version check

* drop the AES-CTR stuff

* Update the example

* openssl truncates for us now

* delete unused test

* unused imports

* Remove a bunch of conditional bindings for NPN

* no more 1.0.0 builders

* libressl fix

* update the docs

* remove dead branches

* oops

* this is a word, damnit

* spelling

* try removing this

* this test is not needed

* unused import

6 files changed, 4 insertions, 110 deletions

diff --git a/src/_cffi_src/openssl/aes.py b/src/_cffi_src/openssl/aes.py
index c54b636a..d035fa8e 100644
--- a/src/_cffi_src/openssl/aes.py
+++ b/src/_cffi_src/openssl/aes.py
@@ -10,7 +10,6 @@ INCLUDES = """
 
 TYPES = """
 static const int Cryptography_HAS_AES_WRAP;
-static const int Cryptography_HAS_AES_CTR128_ENCRYPT;
 
 struct aes_key_st {
     ...;
@@ -29,22 +28,8 @@ int AES_unwrap_key(AES_KEY *, const unsigned char *, unsigned char *,
 """
 
 MACROS = """
-/* The ctr128_encrypt function is only useful in 1.0.0. We can use EVP for
-   this in 1.0.1+. */
-void AES_ctr128_encrypt(const unsigned char *, unsigned char *,
-                        size_t, const AES_KEY *, unsigned char[],
-                        unsigned char[], unsigned int *);
 """
 
 CUSTOMIZATIONS = """
 static const long Cryptography_HAS_AES_WRAP = 1;
-#if CRYPTOGRAPHY_OPENSSL_110_OR_GREATER && !defined(LIBRESSL_VERSION_NUMBER)
-static const int Cryptography_HAS_AES_CTR128_ENCRYPT = 0;
-void (*AES_ctr128_encrypt)(const unsigned char *, unsigned char *,
-                           size_t, const AES_KEY *,
-                           unsigned char[], unsigned char[],
-                           unsigned int *) = NULL;
-#else
-static const int Cryptography_HAS_AES_CTR128_ENCRYPT = 1;
-#endif
 """
diff --git a/src/_cffi_src/openssl/cmac.py b/src/_cffi_src/openssl/cmac.py
index 67abc858..09987455 100644
--- a/src/_cffi_src/openssl/cmac.py
+++ b/src/_cffi_src/openssl/cmac.py
@@ -5,7 +5,7 @@
 from __future__ import absolute_import, division, print_function
 
 INCLUDES = """
-#if !defined(OPENSSL_NO_CMAC) && CRYPTOGRAPHY_OPENSSL_101_OR_GREATER
+#if !defined(OPENSSL_NO_CMAC)
 #include <openssl/cmac.h>
 #endif
 """
@@ -28,7 +28,7 @@ void CMAC_CTX_free(CMAC_CTX *);
 """
 
 CUSTOMIZATIONS = """
-#if !defined(OPENSSL_NO_CMAC) && CRYPTOGRAPHY_OPENSSL_101_OR_GREATER
+#if !defined(OPENSSL_NO_CMAC)
 static const long Cryptography_HAS_CMAC = 1;
 #else
 static const long Cryptography_HAS_CMAC = 0;
diff --git a/src/_cffi_src/openssl/cryptography.py b/src/_cffi_src/openssl/cryptography.py
index 373f830e..1ce9d0f4 100644
--- a/src/_cffi_src/openssl/cryptography.py
+++ b/src/_cffi_src/openssl/cryptography.py
@@ -17,8 +17,6 @@ INCLUDES = """
 #include <windows.h>
 #endif
 
-#define CRYPTOGRAPHY_OPENSSL_101_OR_GREATER \
-    (OPENSSL_VERSION_NUMBER >= 0x10001000)
 #define CRYPTOGRAPHY_OPENSSL_102_OR_GREATER \
     (OPENSSL_VERSION_NUMBER >= 0x10002000)
 #define CRYPTOGRAPHY_OPENSSL_102BETA2_OR_GREATER \
@@ -26,8 +24,6 @@ INCLUDES = """
 #define CRYPTOGRAPHY_OPENSSL_110_OR_GREATER \
     (OPENSSL_VERSION_NUMBER >= 0x10100000)
 
-#define CRYPTOGRAPHY_OPENSSL_LESS_THAN_101 \
-    (OPENSSL_VERSION_NUMBER < 0x10001000)
 #define CRYPTOGRAPHY_OPENSSL_LESS_THAN_102 \
     (OPENSSL_VERSION_NUMBER < 0x10002000)
 #define CRYPTOGRAPHY_OPENSSL_LESS_THAN_102BETA3 \
@@ -51,12 +47,8 @@ INCLUDES = """
 """
 
 TYPES = """
-static const int CRYPTOGRAPHY_OPENSSL_101_OR_GREATER;
-
 static const int CRYPTOGRAPHY_OPENSSL_110_OR_GREATER;
 
-static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_101;
-
 static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_102I;
 
 static const int CRYPTOGRAPHY_IS_LIBRESSL;
diff --git a/src/_cffi_src/openssl/ec.py b/src/_cffi_src/openssl/ec.py
index 0853a723..d1745054 100644
--- a/src/_cffi_src/openssl/ec.py
+++ b/src/_cffi_src/openssl/ec.py
@@ -14,7 +14,6 @@ INCLUDES = """
 
 TYPES = """
 static const int Cryptography_HAS_EC;
-static const int Cryptography_HAS_EC_1_0_1;
 static const int Cryptography_HAS_EC2M;
 static const int Cryptography_HAS_EC_1_0_2;
 
@@ -327,13 +326,6 @@ const EC_METHOD *(*EC_GFp_nist_method)() = NULL;
 
 int (*EC_METHOD_get_field_type)(const EC_METHOD *) = NULL;
 
-#else
-static const long Cryptography_HAS_EC = 1;
-#endif
-
-#if defined(OPENSSL_NO_EC) || CRYPTOGRAPHY_OPENSSL_LESS_THAN_101
-static const long Cryptography_HAS_EC_1_0_1 = 0;
-
 int (*EC_KEY_get_flags)(const EC_KEY *) = NULL;
 void (*EC_KEY_set_flags)(EC_KEY *, int) = NULL;
 void (*EC_KEY_clear_flags)(EC_KEY *, int) = NULL;
@@ -341,10 +333,9 @@ void (*EC_KEY_clear_flags)(EC_KEY *, int) = NULL;
 int (*EC_KEY_set_public_key_affine_coordinates)(
     EC_KEY *, BIGNUM *, BIGNUM *) = NULL;
 #else
-static const long Cryptography_HAS_EC_1_0_1 = 1;
+static const long Cryptography_HAS_EC = 1;
 #endif
 
-
 #if defined(OPENSSL_NO_EC) || defined(OPENSSL_NO_EC2M)
 static const long Cryptography_HAS_EC2M = 0;
 
diff --git a/src/_cffi_src/openssl/rsa.py b/src/_cffi_src/openssl/rsa.py
index e920cf2d..e9074905 100644
--- a/src/_cffi_src/openssl/rsa.py
+++ b/src/_cffi_src/openssl/rsa.py
@@ -20,7 +20,6 @@ static const int RSA_PKCS1_PSS_PADDING;
 static const int RSA_F4;
 
 static const int Cryptography_HAS_PSS_PADDING;
-static const int Cryptography_HAS_MGF1_MD;
 static const int Cryptography_HAS_RSA_OAEP_MD;
 """
 
@@ -73,12 +72,6 @@ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *, EVP_MD *);
 CUSTOMIZATIONS = """
 static const long Cryptography_HAS_PSS_PADDING = 1;
 
-#if CRYPTOGRAPHY_OPENSSL_101_OR_GREATER
-static const long Cryptography_HAS_MGF1_MD = 1;
-#else
-static const long Cryptography_HAS_MGF1_MD = 0;
-int (*EVP_PKEY_CTX_set_rsa_mgf1_md)(EVP_PKEY_CTX *, EVP_MD *) = NULL;
-#endif
 #if defined(EVP_PKEY_CTX_set_rsa_oaep_md)
 static const long Cryptography_HAS_RSA_OAEP_MD = 1;
 #else
diff --git a/src/_cffi_src/openssl/ssl.py b/src/_cffi_src/openssl/ssl.py
index 28c14ca9..12af346c 100644
--- a/src/_cffi_src/openssl/ssl.py
+++ b/src/_cffi_src/openssl/ssl.py
@@ -25,7 +25,6 @@ static const long Cryptography_HAS_TLSEXT_STATUS_REQ_TYPE;
 static const long Cryptography_HAS_GET_SERVER_TMP_KEY;
 static const long Cryptography_HAS_SSL_CTX_SET_CLIENT_CERT_ENGINE;
 static const long Cryptography_HAS_SSL_CTX_CLEAR_OPTIONS;
-static const long Cryptography_HAS_NPN_NEGOTIATED;
 
 /* Internally invented symbol to tell us if SNI is supported */
 static const long Cryptography_HAS_TLSEXT_HOSTNAME;
@@ -44,7 +43,6 @@ static const long Cryptography_HAS_SSL_OP_MSIE_SSLV2_RSA_PADDING;
 static const long Cryptography_HAS_SSL_SET_SSL_CTX;
 static const long Cryptography_HAS_SSL_OP_NO_TICKET;
 static const long Cryptography_HAS_NETBSD_D1_METH;
-static const long Cryptography_HAS_NEXTPROTONEG;
 static const long Cryptography_HAS_ALPN;
 static const long Cryptography_HAS_SET_CERT_CB;
 
@@ -363,9 +361,6 @@ long SSL_CTX_set_tlsext_status_arg(SSL_CTX *, void *);
 
 long SSL_session_reused(SSL *);
 
-/* NPN APIs were introduced in OpenSSL 1.0.1.  To continue to support earlier
- * versions some special handling of these is necessary.
- */
 void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *,
                                            int (*)(SSL *,
                                                    const unsigned char **,
@@ -414,7 +409,7 @@ void SSL_set_cert_cb(SSL *, int (*)(SSL *, void *), void *);
 
 /* Added in 1.0.2 */
 const SSL_METHOD *SSL_CTX_get_ssl_method(SSL_CTX *);
-/* Added in 1.0.1 */
+
 int SSL_SESSION_set1_id_context(SSL_SESSION *, const unsigned char *,
                                 unsigned int);
 /* Added in 1.1.0 for the great opaquing of structs */
@@ -438,28 +433,6 @@ long SSL_CTX_sess_cache_full(SSL_CTX *);
 """
 
 CUSTOMIZATIONS = """
-/* Added in 1.0.1 but we need it in all versions now due to the great
-   opaquing. */
-#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_101
-/* from ssl.h */
-#define SSL_F_SSL_SESSION_SET1_ID_CONTEXT 312
-#define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG 273
-/* from ssl/ssl_sess.c */
-int SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
-                                unsigned int sid_ctx_len)
-{
-    if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
-        SSLerr(SSL_F_SSL_SESSION_SET1_ID_CONTEXT,
-               SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
-        return 0;
-    }
-    s->sid_ctx_length = sid_ctx_len;
-    memcpy(s->sid_ctx, sid_ctx, sid_ctx_len);
-
-    return 1;
-}
-#endif
-
 /* Added in 1.0.2 but we need it in all versions now due to the great
    opaquing. */
 #if CRYPTOGRAPHY_OPENSSL_LESS_THAN_102 || defined(LIBRESSL_VERSION_NUMBER)
@@ -605,37 +578,6 @@ static const long Cryptography_HAS_NETBSD_D1_METH = 1;
 static const long Cryptography_HAS_NETBSD_D1_METH = 1;
 #endif
 
-/* Because OPENSSL defines macros that claim lack of support for things, rather
- * than macros that claim support for things, we need to do a version check in
- * addition to a definition check. NPN was added in 1.0.1: for any version
- * before that, there is no compatibility.
- */
-#if defined(OPENSSL_NO_NEXTPROTONEG) || CRYPTOGRAPHY_OPENSSL_LESS_THAN_101
-static const long Cryptography_HAS_NEXTPROTONEG = 0;
-void (*SSL_CTX_set_next_protos_advertised_cb)(SSL_CTX *,
-                                              int (*)(SSL *,
-                                                      const unsigned char **,
-                                                      unsigned int *,
-                                                      void *),
-                                              void *) = NULL;
-void (*SSL_CTX_set_next_proto_select_cb)(SSL_CTX *,
-                                         int (*)(SSL *,
-                                                 unsigned char **,
-                                                 unsigned char *,
-                                                 const unsigned char *,
-                                                 unsigned int,
-                                                 void *),
-                                         void *) = NULL;
-int (*SSL_select_next_proto)(unsigned char **, unsigned char *,
-                             const unsigned char *, unsigned int,
-                             const unsigned char *, unsigned int) = NULL;
-void (*SSL_get0_next_proto_negotiated)(const SSL *,
-                                       const unsigned char **,
-                                       unsigned *) = NULL;
-#else
-static const long Cryptography_HAS_NEXTPROTONEG = 1;
-#endif
-
 /* ALPN was added in OpenSSL 1.0.2. */
 #if CRYPTOGRAPHY_OPENSSL_LESS_THAN_102 && !defined(LIBRESSL_VERSION_NUMBER)
 int (*SSL_CTX_set_alpn_protos)(SSL_CTX *,
@@ -707,13 +649,4 @@ static const long Cryptography_HAS_TLS_ST = 0;
 static const long TLS_ST_BEFORE = 0;
 static const long TLS_ST_OK = 0;
 #endif
-
-/* This define is available in 1.0.1+ so we can remove this when we drop
-   support for 1.0.0 */
-#ifdef OPENSSL_NPN_NEGOTIATED
-static const long Cryptography_HAS_NPN_NEGOTIATED = 1;
-#else
-static const long OPENSSL_NPN_NEGOTIATED = -1;
-static const long Cryptography_HAS_NPN_NEGOTIATED = 0;
-#endif
 """