summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authortb <>2018-04-14 07:09:21 +0000
committertb <>2018-04-14 07:09:21 +0000
commita32b35170819e9b07e0183d19aee21b9a246943b (patch)
tree83fef660683163befc47beedefbc0b11b71b2756
parent7eaeb0d1b3ae143b8adb8634c48219a657764be9 (diff)
downloadopenbsd-a32b35170819e9b07e0183d19aee21b9a246943b.tar.gz
openbsd-a32b35170819e9b07e0183d19aee21b9a246943b.tar.bz2
openbsd-a32b35170819e9b07e0183d19aee21b9a246943b.zip
make ENGINE_finish() succeed on NULL and simplify callers as in
OpenSSL commit 7c96dbcdab9 by Rich Salz. This cleans up the caller side quite a bit and reduces the number of lines enclosed in #ifndef OPENSSL_NO_ENGINE. codesearch.debian.net shows that almost nothing checks the return value of ENGINE_finish(). While there, replace a few nearby 'if (!ptr)' with 'if (ptr == NULL)'. ok jsing, tested by & ok inoguchi
Diffstat
-rw-r--r--src/lib/libcrypto/asn1/d2i_pr.c8
-rw-r--r--src/lib/libcrypto/dh/dh_lib.c16
-rw-r--r--src/lib/libcrypto/dsa/dsa_lib.c16
-rw-r--r--src/lib/libcrypto/ecdh/ech_lib.c13
-rw-r--r--src/lib/libcrypto/ecdsa/ecs_lib.c13
-rw-r--r--src/lib/libcrypto/engine/eng_init.c8
-rw-r--r--src/lib/libcrypto/evp/digest.c16
-rw-r--r--src/lib/libcrypto/evp/evp_enc.c7
-rw-r--r--src/lib/libcrypto/evp/p_lib.c20
-rw-r--r--src/lib/libcrypto/evp/pmeth_lib.c12
-rw-r--r--src/lib/libcrypto/pem/pem_lib.c5
-rw-r--r--src/lib/libcrypto/rsa/rsa_lib.c19
-rw-r--r--src/lib/libssl/ssl_lib.c5
13 files changed, 58 insertions, 100 deletions
diff --git a/src/lib/libcrypto/asn1/d2i_pr.c b/src/lib/libcrypto/asn1/d2i_pr.c
index 7a5880a8cd..a657a1f3cd 100644
--- a/src/lib/libcrypto/asn1/d2i_pr.c
+++ b/src/lib/libcrypto/asn1/d2i_pr.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: d2i_pr.c,v 1.15 2017/01/29 17:49:22 beck Exp $ */ 1/* $OpenBSD: d2i_pr.c,v 1.16 2018/04/14 07:09:21 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -86,10 +86,8 @@ d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp, long length)
86 } else { 86 } else {
87 ret = *a; 87 ret = *a;
88#ifndef OPENSSL_NO_ENGINE 88#ifndef OPENSSL_NO_ENGINE
89 if (ret->engine) { 89 ENGINE_finish(ret->engine);
90 ENGINE_finish(ret->engine); 90 ret->engine = NULL;
91 ret->engine = NULL;
92 }
93#endif 91#endif
94 } 92 }
95 93
diff --git a/src/lib/libcrypto/dh/dh_lib.c b/src/lib/libcrypto/dh/dh_lib.c
index e02ce7455a..8a7f9386c7 100644
--- a/src/lib/libcrypto/dh/dh_lib.c
+++ b/src/lib/libcrypto/dh/dh_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dh_lib.c,v 1.30 2018/02/22 16:41:04 jsing Exp $ */ 1/* $OpenBSD: dh_lib.c,v 1.31 2018/04/14 07:09:21 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -98,10 +98,8 @@ DH_set_method(DH *dh, const DH_METHOD *meth)
98 if (mtmp->finish) 98 if (mtmp->finish)
99 mtmp->finish(dh); 99 mtmp->finish(dh);
100#ifndef OPENSSL_NO_ENGINE 100#ifndef OPENSSL_NO_ENGINE
101 if (dh->engine) { 101 ENGINE_finish(dh->engine);
102 ENGINE_finish(dh->engine); 102 dh->engine = NULL;
103 dh->engine = NULL;
104 }
105#endif 103#endif
106 dh->meth = meth; 104 dh->meth = meth;
107 if (meth->init) 105 if (meth->init)
@@ -139,7 +137,7 @@ DH_new_method(ENGINE *engine)
139 ret->engine = ENGINE_get_default_DH(); 137 ret->engine = ENGINE_get_default_DH();
140 if(ret->engine) { 138 if(ret->engine) {
141 ret->meth = ENGINE_get_DH(ret->engine); 139 ret->meth = ENGINE_get_DH(ret->engine);
142 if (!ret->meth) { 140 if (ret->meth == NULL) {
143 DHerror(ERR_R_ENGINE_LIB); 141 DHerror(ERR_R_ENGINE_LIB);
144 ENGINE_finish(ret->engine); 142 ENGINE_finish(ret->engine);
145 free(ret); 143 free(ret);
@@ -166,8 +164,7 @@ DH_new_method(ENGINE *engine)
166 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data); 164 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
167 if (ret->meth->init != NULL && !ret->meth->init(ret)) { 165 if (ret->meth->init != NULL && !ret->meth->init(ret)) {
168#ifndef OPENSSL_NO_ENGINE 166#ifndef OPENSSL_NO_ENGINE
169 if (ret->engine) 167 ENGINE_finish(ret->engine);
170 ENGINE_finish(ret->engine);
171#endif 168#endif
172 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data); 169 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
173 free(ret); 170 free(ret);
@@ -190,8 +187,7 @@ DH_free(DH *r)
190 if (r->meth->finish) 187 if (r->meth->finish)
191 r->meth->finish(r); 188 r->meth->finish(r);
192#ifndef OPENSSL_NO_ENGINE 189#ifndef OPENSSL_NO_ENGINE
193 if (r->engine) 190 ENGINE_finish(r->engine);
194 ENGINE_finish(r->engine);
195#endif 191#endif
196 192
197 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, r, &r->ex_data); 193 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, r, &r->ex_data);
diff --git a/src/lib/libcrypto/dsa/dsa_lib.c b/src/lib/libcrypto/dsa/dsa_lib.c
index 8190d07348..d5fdd6e78e 100644
--- a/src/lib/libcrypto/dsa/dsa_lib.c
+++ b/src/lib/libcrypto/dsa/dsa_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dsa_lib.c,v 1.28 2018/02/20 17:52:27 tb Exp $ */ 1/* $OpenBSD: dsa_lib.c,v 1.29 2018/04/14 07:09:21 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -108,10 +108,8 @@ DSA_set_method(DSA *dsa, const DSA_METHOD *meth)
108 if (mtmp->finish) 108 if (mtmp->finish)
109 mtmp->finish(dsa); 109 mtmp->finish(dsa);
110#ifndef OPENSSL_NO_ENGINE 110#ifndef OPENSSL_NO_ENGINE
111 if (dsa->engine) { 111 ENGINE_finish(dsa->engine);
112 ENGINE_finish(dsa->engine); 112 dsa->engine = NULL;
113 dsa->engine = NULL;
114 }
115#endif 113#endif
116 dsa->meth = meth; 114 dsa->meth = meth;
117 if (meth->init) 115 if (meth->init)
@@ -142,7 +140,7 @@ DSA_new_method(ENGINE *engine)
142 ret->engine = ENGINE_get_default_DSA(); 140 ret->engine = ENGINE_get_default_DSA();
143 if (ret->engine) { 141 if (ret->engine) {
144 ret->meth = ENGINE_get_DSA(ret->engine); 142 ret->meth = ENGINE_get_DSA(ret->engine);
145 if (!ret->meth) { 143 if (ret->meth == NULL) {
146 DSAerror(ERR_R_ENGINE_LIB); 144 DSAerror(ERR_R_ENGINE_LIB);
147 ENGINE_finish(ret->engine); 145 ENGINE_finish(ret->engine);
148 free(ret); 146 free(ret);
@@ -170,8 +168,7 @@ DSA_new_method(ENGINE *engine)
170 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data); 168 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
171 if (ret->meth->init != NULL && !ret->meth->init(ret)) { 169 if (ret->meth->init != NULL && !ret->meth->init(ret)) {
172#ifndef OPENSSL_NO_ENGINE 170#ifndef OPENSSL_NO_ENGINE
173 if (ret->engine) 171 ENGINE_finish(ret->engine);
174 ENGINE_finish(ret->engine);
175#endif 172#endif
176 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data); 173 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
177 free(ret); 174 free(ret);
@@ -196,8 +193,7 @@ DSA_free(DSA *r)
196 if (r->meth->finish) 193 if (r->meth->finish)
197 r->meth->finish(r); 194 r->meth->finish(r);
198#ifndef OPENSSL_NO_ENGINE 195#ifndef OPENSSL_NO_ENGINE
199 if (r->engine) 196 ENGINE_finish(r->engine);
200 ENGINE_finish(r->engine);
201#endif 197#endif
202 198
203 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, r, &r->ex_data); 199 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, r, &r->ex_data);
diff --git a/src/lib/libcrypto/ecdh/ech_lib.c b/src/lib/libcrypto/ecdh/ech_lib.c
index 2846a88612..cc8edafa07 100644
--- a/src/lib/libcrypto/ecdh/ech_lib.c
+++ b/src/lib/libcrypto/ecdh/ech_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ech_lib.c,v 1.13 2017/05/02 03:59:44 deraadt Exp $ */ 1/* $OpenBSD: ech_lib.c,v 1.14 2018/04/14 07:09:21 tb Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
4 * 4 *
@@ -109,10 +109,8 @@ ECDH_set_method(EC_KEY *eckey, const ECDH_METHOD *meth)
109 return 0; 109 return 0;
110 110
111#ifndef OPENSSL_NO_ENGINE 111#ifndef OPENSSL_NO_ENGINE
112 if (ecdh->engine) { 112 ENGINE_finish(ecdh->engine);
113 ENGINE_finish(ecdh->engine); 113 ecdh->engine = NULL;
114 ecdh->engine = NULL;
115 }
116#endif 114#endif
117 ecdh->meth = meth; 115 ecdh->meth = meth;
118 return 1; 116 return 1;
@@ -138,7 +136,7 @@ ECDH_DATA_new_method(ENGINE *engine)
138 ret->engine = ENGINE_get_default_ECDH(); 136 ret->engine = ENGINE_get_default_ECDH();
139 if (ret->engine) { 137 if (ret->engine) {
140 ret->meth = ENGINE_get_ECDH(ret->engine); 138 ret->meth = ENGINE_get_ECDH(ret->engine);
141 if (!ret->meth) { 139 if (ret->meth == NULL) {
142 ECDHerror(ERR_R_ENGINE_LIB); 140 ECDHerror(ERR_R_ENGINE_LIB);
143 ENGINE_finish(ret->engine); 141 ENGINE_finish(ret->engine);
144 free(ret); 142 free(ret);
@@ -176,8 +174,7 @@ ecdh_data_free(void *data)
176 ECDH_DATA *r = (ECDH_DATA *)data; 174 ECDH_DATA *r = (ECDH_DATA *)data;
177 175
178#ifndef OPENSSL_NO_ENGINE 176#ifndef OPENSSL_NO_ENGINE
179 if (r->engine) 177 ENGINE_finish(r->engine);
180 ENGINE_finish(r->engine);
181#endif 178#endif
182 179
183 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDH, r, &r->ex_data); 180 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDH, r, &r->ex_data);
diff --git a/src/lib/libcrypto/ecdsa/ecs_lib.c b/src/lib/libcrypto/ecdsa/ecs_lib.c
index 4fbe1e060b..c688a95f3b 100644
--- a/src/lib/libcrypto/ecdsa/ecs_lib.c
+++ b/src/lib/libcrypto/ecdsa/ecs_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ecs_lib.c,v 1.12 2017/05/02 03:59:44 deraadt Exp $ */ 1/* $OpenBSD: ecs_lib.c,v 1.13 2018/04/14 07:09:21 tb Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -96,10 +96,8 @@ ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth)
96 return 0; 96 return 0;
97 97
98#ifndef OPENSSL_NO_ENGINE 98#ifndef OPENSSL_NO_ENGINE
99 if (ecdsa->engine) { 99 ENGINE_finish(ecdsa->engine);
100 ENGINE_finish(ecdsa->engine); 100 ecdsa->engine = NULL;
101 ecdsa->engine = NULL;
102 }
103#endif 101#endif
104 ecdsa->meth = meth; 102 ecdsa->meth = meth;
105 103
@@ -126,7 +124,7 @@ ECDSA_DATA_new_method(ENGINE *engine)
126 ret->engine = ENGINE_get_default_ECDSA(); 124 ret->engine = ENGINE_get_default_ECDSA();
127 if (ret->engine) { 125 if (ret->engine) {
128 ret->meth = ENGINE_get_ECDSA(ret->engine); 126 ret->meth = ENGINE_get_ECDSA(ret->engine);
129 if (!ret->meth) { 127 if (ret->meth == NULL) {
130 ECDSAerror(ERR_R_ENGINE_LIB); 128 ECDSAerror(ERR_R_ENGINE_LIB);
131 ENGINE_finish(ret->engine); 129 ENGINE_finish(ret->engine);
132 free(ret); 130 free(ret);
@@ -164,8 +162,7 @@ ecdsa_data_free(void *data)
164 ECDSA_DATA *r = (ECDSA_DATA *)data; 162 ECDSA_DATA *r = (ECDSA_DATA *)data;
165 163
166#ifndef OPENSSL_NO_ENGINE 164#ifndef OPENSSL_NO_ENGINE
167 if (r->engine) 165 ENGINE_finish(r->engine);
168 ENGINE_finish(r->engine);
169#endif 166#endif
170 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDSA, r, &r->ex_data); 167 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDSA, r, &r->ex_data);
171 168
diff --git a/src/lib/libcrypto/engine/eng_init.c b/src/lib/libcrypto/engine/eng_init.c
index 75d6698c70..793adba8be 100644
--- a/src/lib/libcrypto/engine/eng_init.c
+++ b/src/lib/libcrypto/engine/eng_init.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: eng_init.c,v 1.8 2017/01/29 17:49:23 beck Exp $ */ 1/* $OpenBSD: eng_init.c,v 1.9 2018/04/14 07:09:21 tb Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -134,10 +134,8 @@ ENGINE_finish(ENGINE *e)
134{ 134{
135 int to_return = 1; 135 int to_return = 1;
136 136
137 if (e == NULL) { 137 if (e == NULL)
138 ENGINEerror(ERR_R_PASSED_NULL_PARAMETER); 138 return 1;
139 return 0;
140 }
141 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); 139 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
142 to_return = engine_unlocked_finish(e, 1); 140 to_return = engine_unlocked_finish(e, 1);
143 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); 141 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
diff --git a/src/lib/libcrypto/evp/digest.c b/src/lib/libcrypto/evp/digest.c
index b69a928ab8..6a7d86d702 100644
--- a/src/lib/libcrypto/evp/digest.c
+++ b/src/lib/libcrypto/evp/digest.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: digest.c,v 1.29 2018/02/17 14:55:31 jsing Exp $ */ 1/* $OpenBSD: digest.c,v 1.30 2018/04/14 07:09:21 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -146,9 +146,8 @@ EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
146 /* Ensure an ENGINE left lying around from last time is cleared 146 /* Ensure an ENGINE left lying around from last time is cleared
147 * (the previous check attempted to avoid this if the same 147 * (the previous check attempted to avoid this if the same
148 * ENGINE and EVP_MD could be used). */ 148 * ENGINE and EVP_MD could be used). */
149 if (ctx->engine) 149 ENGINE_finish(ctx->engine);
150 ENGINE_finish(ctx->engine); 150 if (impl != NULL) {
151 if (impl) {
152 if (!ENGINE_init(impl)) { 151 if (!ENGINE_init(impl)) {
153 EVPerror(EVP_R_INITIALIZATION_ERROR); 152 EVPerror(EVP_R_INITIALIZATION_ERROR);
154 return 0; 153 return 0;
@@ -156,10 +155,10 @@ EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
156 } else 155 } else
157 /* Ask if an ENGINE is reserved for this job */ 156 /* Ask if an ENGINE is reserved for this job */
158 impl = ENGINE_get_digest_engine(type->type); 157 impl = ENGINE_get_digest_engine(type->type);
159 if (impl) { 158 if (impl != NULL) {
160 /* There's an ENGINE for this job ... (apparently) */ 159 /* There's an ENGINE for this job ... (apparently) */
161 const EVP_MD *d = ENGINE_get_digest(impl, type->type); 160 const EVP_MD *d = ENGINE_get_digest(impl, type->type);
162 if (!d) { 161 if (d == NULL) {
163 /* Same comment from evp_enc.c */ 162 /* Same comment from evp_enc.c */
164 EVPerror(EVP_R_INITIALIZATION_ERROR); 163 EVPerror(EVP_R_INITIALIZATION_ERROR);
165 ENGINE_finish(impl); 164 ENGINE_finish(impl);
@@ -384,10 +383,7 @@ EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
384 freezero(ctx->md_data, ctx->digest->ctx_size); 383 freezero(ctx->md_data, ctx->digest->ctx_size);
385 EVP_PKEY_CTX_free(ctx->pctx); 384 EVP_PKEY_CTX_free(ctx->pctx);
386#ifndef OPENSSL_NO_ENGINE 385#ifndef OPENSSL_NO_ENGINE
387 if (ctx->engine) 386 ENGINE_finish(ctx->engine);
388 /* The EVP_MD we used belongs to an ENGINE, release the
389 * functional reference we held for this reason. */
390 ENGINE_finish(ctx->engine);
391#endif 387#endif
392 memset(ctx, 0, sizeof(*ctx)); 388 memset(ctx, 0, sizeof(*ctx));
393 389
diff --git a/src/lib/libcrypto/evp/evp_enc.c b/src/lib/libcrypto/evp/evp_enc.c
index de7c690ca7..db2deb6905 100644
--- a/src/lib/libcrypto/evp/evp_enc.c
+++ b/src/lib/libcrypto/evp/evp_enc.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: evp_enc.c,v 1.38 2018/02/17 16:54:08 jsing Exp $ */ 1/* $OpenBSD: evp_enc.c,v 1.39 2018/04/14 07:09:21 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -577,10 +577,7 @@ EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
577 } 577 }
578 free(c->cipher_data); 578 free(c->cipher_data);
579#ifndef OPENSSL_NO_ENGINE 579#ifndef OPENSSL_NO_ENGINE
580 if (c->engine) 580 ENGINE_finish(c->engine);
581 /* The EVP_CIPHER we used belongs to an ENGINE, release the
582 * functional reference we held for this reason. */
583 ENGINE_finish(c->engine);
584#endif 581#endif
585 explicit_bzero(c, sizeof(EVP_CIPHER_CTX)); 582 explicit_bzero(c, sizeof(EVP_CIPHER_CTX));
586 return 1; 583 return 1;
diff --git a/src/lib/libcrypto/evp/p_lib.c b/src/lib/libcrypto/evp/p_lib.c
index 811fe0c86d..b14c95f14d 100644
--- a/src/lib/libcrypto/evp/p_lib.c
+++ b/src/lib/libcrypto/evp/p_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: p_lib.c,v 1.20 2018/02/20 18:05:28 tb Exp $ */ 1/* $OpenBSD: p_lib.c,v 1.21 2018/04/14 07:09:21 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -229,11 +229,8 @@ pkey_set_type(EVP_PKEY *pkey, int type, const char *str, int len)
229 if ((type == pkey->save_type) && pkey->ameth) 229 if ((type == pkey->save_type) && pkey->ameth)
230 return 1; 230 return 1;
231#ifndef OPENSSL_NO_ENGINE 231#ifndef OPENSSL_NO_ENGINE
232 /* If we have an ENGINE release it */ 232 ENGINE_finish(pkey->engine);
233 if (pkey->engine) { 233 pkey->engine = NULL;
234 ENGINE_finish(pkey->engine);
235 pkey->engine = NULL;
236 }
237#endif 234#endif
238 } 235 }
239 if (str) 236 if (str)
@@ -241,7 +238,7 @@ pkey_set_type(EVP_PKEY *pkey, int type, const char *str, int len)
241 else 238 else
242 ameth = EVP_PKEY_asn1_find(&e, type); 239 ameth = EVP_PKEY_asn1_find(&e, type);
243#ifndef OPENSSL_NO_ENGINE 240#ifndef OPENSSL_NO_ENGINE
244 if (!pkey && e) 241 if (pkey == NULL)
245 ENGINE_finish(e); 242 ENGINE_finish(e);
246#endif 243#endif
247 if (!ameth) { 244 if (!ameth) {
@@ -426,8 +423,7 @@ EVP_PKEY_type(int type)
426 else 423 else
427 ret = NID_undef; 424 ret = NID_undef;
428#ifndef OPENSSL_NO_ENGINE 425#ifndef OPENSSL_NO_ENGINE
429 if (e) 426 ENGINE_finish(e);
430 ENGINE_finish(e);
431#endif 427#endif
432 return ret; 428 return ret;
433} 429}
@@ -470,10 +466,8 @@ EVP_PKEY_free_it(EVP_PKEY *x)
470 x->pkey.ptr = NULL; 466 x->pkey.ptr = NULL;
471 } 467 }
472#ifndef OPENSSL_NO_ENGINE 468#ifndef OPENSSL_NO_ENGINE
473 if (x->engine) { 469 ENGINE_finish(x->engine);
474 ENGINE_finish(x->engine); 470 x->engine = NULL;
475 x->engine = NULL;
476 }
477#endif 471#endif
478} 472}
479 473
diff --git a/src/lib/libcrypto/evp/pmeth_lib.c b/src/lib/libcrypto/evp/pmeth_lib.c
index fc5f4ef91e..6b86a0ecfb 100644
--- a/src/lib/libcrypto/evp/pmeth_lib.c
+++ b/src/lib/libcrypto/evp/pmeth_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pmeth_lib.c,v 1.13 2017/01/29 17:49:23 beck Exp $ */ 1/* $OpenBSD: pmeth_lib.c,v 1.14 2018/04/14 07:09:21 tb Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006. 3 * project 2006.
4 */ 4 */
@@ -188,10 +188,9 @@ int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id)
188 } 188 }
189 189
190 ret = malloc(sizeof(EVP_PKEY_CTX)); 190 ret = malloc(sizeof(EVP_PKEY_CTX));
191 if (!ret) { 191 if (ret == NULL) {
192#ifndef OPENSSL_NO_ENGINE 192#ifndef OPENSSL_NO_ENGINE
193 if (e) 193 ENGINE_finish(e);
194 ENGINE_finish(e);
195#endif 194#endif
196 EVPerror(ERR_R_MALLOC_FAILURE); 195 EVPerror(ERR_R_MALLOC_FAILURE);
197 return NULL; 196 return NULL;
@@ -394,10 +393,7 @@ EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx)
394 EVP_PKEY_free(ctx->pkey); 393 EVP_PKEY_free(ctx->pkey);
395 EVP_PKEY_free(ctx->peerkey); 394 EVP_PKEY_free(ctx->peerkey);
396#ifndef OPENSSL_NO_ENGINE 395#ifndef OPENSSL_NO_ENGINE
397 if (ctx->engine) 396 ENGINE_finish(ctx->engine);
398 /* The EVP_PKEY_CTX we used belongs to an ENGINE, release the
399 * functional reference we held for this reason. */
400 ENGINE_finish(ctx->engine);
401#endif 397#endif
402 free(ctx); 398 free(ctx);
403} 399}
diff --git a/src/lib/libcrypto/pem/pem_lib.c b/src/lib/libcrypto/pem/pem_lib.c
index 0f7c36d21c..89e9e9a7ec 100644
--- a/src/lib/libcrypto/pem/pem_lib.c
+++ b/src/lib/libcrypto/pem/pem_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pem_lib.c,v 1.45 2017/05/02 03:59:44 deraadt Exp $ */ 1/* $OpenBSD: pem_lib.c,v 1.46 2018/04/14 07:09:21 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -227,8 +227,7 @@ check_pem(const char *nm, const char *name)
227 else 227 else
228 r = 0; 228 r = 0;
229#ifndef OPENSSL_NO_ENGINE 229#ifndef OPENSSL_NO_ENGINE
230 if (e) 230 ENGINE_finish(e);
231 ENGINE_finish(e);
232#endif 231#endif
233 return r; 232 return r;
234 } 233 }
diff --git a/src/lib/libcrypto/rsa/rsa_lib.c b/src/lib/libcrypto/rsa/rsa_lib.c
index 544846f825..84e1dc7eaf 100644
--- a/src/lib/libcrypto/rsa/rsa_lib.c
+++ b/src/lib/libcrypto/rsa/rsa_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: rsa_lib.c,v 1.36 2018/02/20 17:42:32 tb Exp $ */ 1/* $OpenBSD: rsa_lib.c,v 1.37 2018/04/14 07:09:21 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -114,10 +114,8 @@ RSA_set_method(RSA *rsa, const RSA_METHOD *meth)
114 if (mtmp->finish) 114 if (mtmp->finish)
115 mtmp->finish(rsa); 115 mtmp->finish(rsa);
116#ifndef OPENSSL_NO_ENGINE 116#ifndef OPENSSL_NO_ENGINE
117 if (rsa->engine) { 117 ENGINE_finish(rsa->engine);
118 ENGINE_finish(rsa->engine); 118 rsa->engine = NULL;
119 rsa->engine = NULL;
120 }
121#endif 119#endif
122 rsa->meth = meth; 120 rsa->meth = meth;
123 if (meth->init) 121 if (meth->init)
@@ -149,7 +147,7 @@ RSA_new_method(ENGINE *engine)
149 ret->engine = ENGINE_get_default_RSA(); 147 ret->engine = ENGINE_get_default_RSA();
150 if (ret->engine) { 148 if (ret->engine) {
151 ret->meth = ENGINE_get_RSA(ret->engine); 149 ret->meth = ENGINE_get_RSA(ret->engine);
152 if (!ret->meth) { 150 if (ret->meth == NULL) {
153 RSAerror(ERR_R_ENGINE_LIB); 151 RSAerror(ERR_R_ENGINE_LIB);
154 ENGINE_finish(ret->engine); 152 ENGINE_finish(ret->engine);
155 free(ret); 153 free(ret);
@@ -177,8 +175,7 @@ RSA_new_method(ENGINE *engine)
177 ret->flags = ret->meth->flags & ~RSA_FLAG_NON_FIPS_ALLOW; 175 ret->flags = ret->meth->flags & ~RSA_FLAG_NON_FIPS_ALLOW;
178 if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data)) { 176 if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data)) {
179#ifndef OPENSSL_NO_ENGINE 177#ifndef OPENSSL_NO_ENGINE
180 if (ret->engine) 178 ENGINE_finish(ret->engine);
181 ENGINE_finish(ret->engine);
182#endif 179#endif
183 free(ret); 180 free(ret);
184 return NULL; 181 return NULL;
@@ -186,8 +183,7 @@ RSA_new_method(ENGINE *engine)
186 183
187 if (ret->meth->init != NULL && !ret->meth->init(ret)) { 184 if (ret->meth->init != NULL && !ret->meth->init(ret)) {
188#ifndef OPENSSL_NO_ENGINE 185#ifndef OPENSSL_NO_ENGINE
189 if (ret->engine) 186 ENGINE_finish(ret->engine);
190 ENGINE_finish(ret->engine);
191#endif 187#endif
192 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data); 188 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data);
193 free(ret); 189 free(ret);
@@ -211,8 +207,7 @@ RSA_free(RSA *r)
211 if (r->meth->finish) 207 if (r->meth->finish)
212 r->meth->finish(r); 208 r->meth->finish(r);
213#ifndef OPENSSL_NO_ENGINE 209#ifndef OPENSSL_NO_ENGINE
214 if (r->engine) 210 ENGINE_finish(r->engine);
215 ENGINE_finish(r->engine);
216#endif 211#endif
217 212
218 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, r, &r->ex_data); 213 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, r, &r->ex_data);
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index 30aea263f6..5cae53041d 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_lib.c,v 1.183 2018/04/07 17:02:34 jsing Exp $ */ 1/* $OpenBSD: ssl_lib.c,v 1.184 2018/04/14 07:09:21 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1976,8 +1976,7 @@ SSL_CTX_free(SSL_CTX *ctx)
1976#endif 1976#endif
1977 1977
1978#ifndef OPENSSL_NO_ENGINE 1978#ifndef OPENSSL_NO_ENGINE
1979 if (ctx->internal->client_cert_engine) 1979 ENGINE_finish(ctx->internal->client_cert_engine);
1980 ENGINE_finish(ctx->internal->client_cert_engine);
1981#endif 1980#endif
1982 1981
1983 free(ctx->internal->tlsext_ecpointformatlist); 1982 free(ctx->internal->tlsext_ecpointformatlist);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 14:42:20 +0000