Use standard OPENSSL_NO_ENGINE instead of custom USE_ENGINE define

(cherry picked from commit 8d648e7a8a)

lib/dns/dst_openssl.h

@@ -23,13 +23,6 @@
 #include <openssl/crypto.h>
 #include <openssl/bn.h>
 
-#if !defined(OPENSSL_NO_ENGINE) && \
-    ((defined(CRYPTO_LOCK_ENGINE) && \
-      (OPENSSL_VERSION_NUMBER >= 0x0090707f)) || \
-     (OPENSSL_VERSION_NUMBER >= 0x10100000L))
-#define USE_ENGINE 1
-#endif
-
 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
 /*
  * These are new in OpenSSL 1.1.0.  BN_GENCB _cb needs to be declared in
@@ -65,7 +58,7 @@ isc_result_t
 dst__openssl_toresult3(isc_logcategory_t *category,
 		       const char *funcname, isc_result_t fallback);
 
-#ifdef USE_ENGINE
+#if !defined(OPENSSL_NO_ENGINE)
 ENGINE *
 dst__openssl_getengine(const char *engine);
 #else

lib/dns/openssl_link.c

@@ -46,7 +46,7 @@
 #include "dst_internal.h"
 #include "dst_openssl.h"
 
-#ifdef USE_ENGINE
+#if !defined(OPENSSL_NO_ENGINE)
 #include <openssl/engine.h>
 #endif
 
@@ -55,7 +55,7 @@ static isc_mutex_t *locks = NULL;
 static int nlocks;
 #endif
 
-#ifdef USE_ENGINE
+#if !defined(OPENSSL_NO_ENGINE)
 static ENGINE *e = NULL;
 #endif
 
@@ -241,7 +241,7 @@ dst__openssl_init(const char *engine) {
 	rm->status = entropy_status;
 #endif
 
-#ifdef USE_ENGINE
+#if !defined(OPENSSL_NO_ENGINE)
 #if !defined(CONF_MFLAGS_DEFAULT_SECTION)
 	OPENSSL_config(NULL);
 #else
@@ -291,7 +291,7 @@ dst__openssl_init(const char *engine) {
 #ifndef ISC_PLATFORM_CRYPTORANDOM
 	RAND_set_rand_method(rm);
 #endif
-#endif /* USE_ENGINE */
+#endif /* !defined(OPENSSL_NO_ENGINE) */
 
 #ifdef ISC_PLATFORM_CRYPTORANDOM
 	/* Protect ourselves against unseeded PRNG */
@@ -305,7 +305,7 @@ dst__openssl_init(const char *engine) {
 
 	return (ISC_R_SUCCESS);
 
-#ifdef USE_ENGINE
+#if !defined(OPENSSL_NO_ENGINE)
  cleanup_rm:
 	if (e != NULL)
 		ENGINE_free(e);
@@ -356,11 +356,11 @@ dst__openssl_destroy(void) {
 #endif
 	OBJ_cleanup();
 	EVP_cleanup();
-#if defined(USE_ENGINE)
+#if !defined(OPENSSL_NO_ENGINE)
 	if (e != NULL)
 		ENGINE_free(e);
 	e = NULL;
-#if defined(USE_ENGINE) && OPENSSL_VERSION_NUMBER >= 0x00907000L
+#if !defined(OPENSSL_NO_ENGINE) && OPENSSL_VERSION_NUMBER >= 0x00907000L
 	ENGINE_cleanup();
 #endif
 #endif
@@ -472,7 +472,7 @@ dst__openssl_toresult3(isc_logcategory_t *category,
 	return (result);
 }
 
-#if defined(USE_ENGINE)
+#if !defined(OPENSSL_NO_ENGINE)
 ENGINE *
 dst__openssl_getengine(const char *engine) {
 

lib/dns/opensslrsa_link.c

@@ -47,7 +47,7 @@
 #if OPENSSL_VERSION_NUMBER > 0x00908000L
 #include <openssl/bn.h>
 #endif
-#ifdef USE_ENGINE
+#if !defined(OPENSSL_NO_ENGINE)
 #include <openssl/engine.h>
 #endif
 
@@ -1482,13 +1482,13 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
 	isc_result_t ret;
 	int i;
 	RSA *rsa = NULL, *pubrsa = NULL;
-#ifdef USE_ENGINE
+#if !defined(OPENSSL_NO_ENGINE)
 	ENGINE *ep = NULL;
 	const BIGNUM *ex = NULL;
 #endif
 	isc_mem_t *mctx = key->mctx;
 	const char *engine = NULL, *label = NULL;
-#if defined(USE_ENGINE) || USE_EVP
+#if !defined(OPENSSL_NO_ENGINE) || USE_EVP
 	EVP_PKEY *pkey = NULL;
 #endif
 	BIGNUM *n = NULL, *e = NULL, *d = NULL;
@@ -1541,7 +1541,7 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
 	 * See if we can fetch it.
 	 */
 	if (label != NULL) {
-#ifdef USE_ENGINE
+#if !defined(OPENSSL_NO_ENGINE)
 		if (engine == NULL)
 			DST_RET(DST_R_NOENGINE);
 		ep = dst__openssl_getengine(engine);
@@ -1690,7 +1690,7 @@ static isc_result_t
 opensslrsa_fromlabel(dst_key_t *key, const char *engine, const char *label,
 		     const char *pin)
 {
-#ifdef USE_ENGINE
+#if !defined(OPENSSL_NO_ENGINE)
 	ENGINE *e = NULL;
 	isc_result_t ret;
 	EVP_PKEY *pkey = NULL;