From 311fbf3f5b67fcb366bb55d50901acb4b257e088 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= Date: Wed, 4 Apr 2018 21:50:16 +0200 Subject: [PATCH] Use standard OPENSSL_NO_ENGINE instead of custom USE_ENGINE define (cherry picked from commit 8d648e7a8a9b49f3b474868d01baaedb752edb4a) --- lib/dns/dst_openssl.h | 9 +-------- lib/dns/openssl_link.c | 16 ++++++++-------- lib/dns/opensslrsa_link.c | 10 +++++----- 3 files changed, 14 insertions(+), 21 deletions(-) diff --git a/lib/dns/dst_openssl.h b/lib/dns/dst_openssl.h index c9cb939dd6..e085f1132b 100644 --- a/lib/dns/dst_openssl.h +++ b/lib/dns/dst_openssl.h @@ -23,13 +23,6 @@ #include #include -#if !defined(OPENSSL_NO_ENGINE) && \ - ((defined(CRYPTO_LOCK_ENGINE) && \ - (OPENSSL_VERSION_NUMBER >= 0x0090707f)) || \ - (OPENSSL_VERSION_NUMBER >= 0x10100000L)) -#define USE_ENGINE 1 -#endif - #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) /* * These are new in OpenSSL 1.1.0. BN_GENCB _cb needs to be declared in @@ -65,7 +58,7 @@ isc_result_t dst__openssl_toresult3(isc_logcategory_t *category, const char *funcname, isc_result_t fallback); -#ifdef USE_ENGINE +#if !defined(OPENSSL_NO_ENGINE) ENGINE * dst__openssl_getengine(const char *engine); #else diff --git a/lib/dns/openssl_link.c b/lib/dns/openssl_link.c index 0f3a679f03..8b805cf266 100644 --- a/lib/dns/openssl_link.c +++ b/lib/dns/openssl_link.c @@ -46,7 +46,7 @@ #include "dst_internal.h" #include "dst_openssl.h" -#ifdef USE_ENGINE +#if !defined(OPENSSL_NO_ENGINE) #include #endif @@ -55,7 +55,7 @@ static isc_mutex_t *locks = NULL; static int nlocks; #endif -#ifdef USE_ENGINE +#if !defined(OPENSSL_NO_ENGINE) static ENGINE *e = NULL; #endif @@ -241,7 +241,7 @@ dst__openssl_init(const char *engine) { rm->status = entropy_status; #endif -#ifdef USE_ENGINE +#if !defined(OPENSSL_NO_ENGINE) #if !defined(CONF_MFLAGS_DEFAULT_SECTION) OPENSSL_config(NULL); #else @@ -291,7 +291,7 @@ dst__openssl_init(const char *engine) { #ifndef ISC_PLATFORM_CRYPTORANDOM RAND_set_rand_method(rm); #endif -#endif /* USE_ENGINE */ +#endif /* !defined(OPENSSL_NO_ENGINE) */ #ifdef ISC_PLATFORM_CRYPTORANDOM /* Protect ourselves against unseeded PRNG */ @@ -305,7 +305,7 @@ dst__openssl_init(const char *engine) { return (ISC_R_SUCCESS); -#ifdef USE_ENGINE +#if !defined(OPENSSL_NO_ENGINE) cleanup_rm: if (e != NULL) ENGINE_free(e); @@ -356,11 +356,11 @@ dst__openssl_destroy(void) { #endif OBJ_cleanup(); EVP_cleanup(); -#if defined(USE_ENGINE) +#if !defined(OPENSSL_NO_ENGINE) if (e != NULL) ENGINE_free(e); e = NULL; -#if defined(USE_ENGINE) && OPENSSL_VERSION_NUMBER >= 0x00907000L +#if !defined(OPENSSL_NO_ENGINE) && OPENSSL_VERSION_NUMBER >= 0x00907000L ENGINE_cleanup(); #endif #endif @@ -472,7 +472,7 @@ dst__openssl_toresult3(isc_logcategory_t *category, return (result); } -#if defined(USE_ENGINE) +#if !defined(OPENSSL_NO_ENGINE) ENGINE * dst__openssl_getengine(const char *engine) { diff --git a/lib/dns/opensslrsa_link.c b/lib/dns/opensslrsa_link.c index 43f6d317bc..17c48679db 100644 --- a/lib/dns/opensslrsa_link.c +++ b/lib/dns/opensslrsa_link.c @@ -47,7 +47,7 @@ #if OPENSSL_VERSION_NUMBER > 0x00908000L #include #endif -#ifdef USE_ENGINE +#if !defined(OPENSSL_NO_ENGINE) #include #endif @@ -1482,13 +1482,13 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { isc_result_t ret; int i; RSA *rsa = NULL, *pubrsa = NULL; -#ifdef USE_ENGINE +#if !defined(OPENSSL_NO_ENGINE) ENGINE *ep = NULL; const BIGNUM *ex = NULL; #endif isc_mem_t *mctx = key->mctx; const char *engine = NULL, *label = NULL; -#if defined(USE_ENGINE) || USE_EVP +#if !defined(OPENSSL_NO_ENGINE) || USE_EVP EVP_PKEY *pkey = NULL; #endif BIGNUM *n = NULL, *e = NULL, *d = NULL; @@ -1541,7 +1541,7 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { * See if we can fetch it. */ if (label != NULL) { -#ifdef USE_ENGINE +#if !defined(OPENSSL_NO_ENGINE) if (engine == NULL) DST_RET(DST_R_NOENGINE); ep = dst__openssl_getengine(engine); @@ -1690,7 +1690,7 @@ static isc_result_t opensslrsa_fromlabel(dst_key_t *key, const char *engine, const char *label, const char *pin) { -#ifdef USE_ENGINE +#if !defined(OPENSSL_NO_ENGINE) ENGINE *e = NULL; isc_result_t ret; EVP_PKEY *pkey = NULL;