Revert "Use OpenSSL 3.1"

This reverts commit aec72e7b6b13a2f76d18145aecfebc83398549ce.

.github/workflows/build-openssl.yml

@@ -24,13 +24,13 @@ jobs:
     steps:
     - uses: actions/checkout@v2
     - name: install packages
-      run: HOMEBREW_NO_INSTALL_CLEANUP=1 brew reinstall openssl@3.1
+      run: HOMEBREW_NO_INSTALL_CLEANUP=1 brew reinstall openssl@1.1
     - name: submodules
       run: git submodule update --init --recursive --depth 1
     - name: cmake
       run: cmake -B build -DUSE_GNUTLS=0 -WARNINGS_AS_ERRORS=1 -DENABLE_LOCAL_ADDRESS_TRANSLATION=1
       env:
-        OPENSSL_ROOT_DIR: /usr/local/opt/openssl@3.1
+        OPENSSL_ROOT_DIR: /usr/local/opt/openssl@1.1
     - name: make
       run: (cd build; make -j2)
     - name: test

CMakeLists.txt

@@ -378,10 +378,6 @@ else()
 		endif()
 	endif()
 	find_package(OpenSSL REQUIRED)
-	if(OPENSSL_VERSION GREATER_EQUAL 3.0)
-		message(STATUS "OpenSSL version high enough. Activate SSL LOAD VERFIY")
-		add_definitions(-DUSE_SSL_LOAD_VERIFY)
-	endif()
 	target_compile_definitions(datachannel PRIVATE USE_GNUTLS=0)
 	target_compile_definitions(datachannel-static PRIVATE USE_GNUTLS=0)
 	target_link_libraries(datachannel PRIVATE OpenSSL::SSL)

src/impl/verifiedtlstransport.cpp

@@ -45,7 +45,6 @@ VerifiedTlsTransport::VerifiedTlsTransport(
 		throw;
 	}
 #else
-	#ifdef USE_SSL_LOAD_VERIFY
 	if (cacert) {
 		if (cacert->find(PemBeginCertificateTag) == string::npos) {
 			// *cacert is a file path
@@ -55,7 +54,6 @@ VerifiedTlsTransport::VerifiedTlsTransport(
 			PLOG_WARNING << "CA certificate as PEM is not supported for OpenSSL";
 		}
 	}
-	#endif
 	SSL_set_verify(mSsl, SSL_VERIFY_PEER, NULL);
 	SSL_set_verify_depth(mSsl, 4);
 #endif