I've written code that under certain circumstances might load X509_STORE into SSL_CTX, and since I don't know if it happens I free the store at the end of the program.
I call X509_STORE_up_ref after loading the store into the context to avoid a reference count error, since SSL_CTX_free also frees the store in case it was loaded into the given context.
However, I noticed that X509_STORE_up_ref is a newer command and my program fails to compile on older systems. I'd like in that case to wrap the call to that function with an #ifdef for OpenSSL's version.
#ifdef?You can check the OpenSSL version number by looking at the OPENSSL_VERSION_NUMBER macro. The opensslv.h file contains the following comments regarding its value:
/*-
* Numeric release version identifier:
* MNNFFPPS: major minor fix patch status
* The status nibble has one of the values 0 for development, 1 to e for betas
* 1 to 14, and f for release. The patch level is exactly that.
* For example:
* 0.9.3-dev 0x00903000
* 0.9.3-beta1 0x00903001
* 0.9.3-beta2-dev 0x00903002
* 0.9.3-beta2 0x00903002 (same as ...beta2-dev)
* 0.9.3 0x0090300f
* 0.9.3a 0x0090301f
* 0.9.4 0x0090400f
* 1.2.3z 0x102031af
So if for example you had a certain feature that required OpenSSL 1.1.0 or higher you would do this:
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
// code for version 1.1.0 or greater
#else
// code for 1.0.x or lower
#endif