Set OPENSSL_NO_ENGINE, remove engine code

ENGINE was special. It's horrible code even by the low standards of this library. Some ports may now try to use the stubs which will fail, but the fallout from this should be minimal. Of course there are various language bindings that expose the ENGINE API. OpenSSL 3 disabling ENGINE by default will likely help fixing this at some point. ok jsing
author: tb <> 2023-07-28 09:53:55 +0000
committer: tb <> 2023-07-28 09:53:55 +0000
commit: d4949db8e78438e8bb53c9c1297b068ac0df7827 (patch)
tree: 307457e0cf8fc786fb4c80edc29a92d5677d406e /src/lib/libcrypto/engine/eng_int.h
parent: 681b4eb7a5896143c26eac201c041f6f22357b18 (diff)
download: openbsd-d4949db8e78438e8bb53c9c1297b068ac0df7827.tar.gz
openbsd-d4949db8e78438e8bb53c9c1297b068ac0df7827.tar.bz2
openbsd-d4949db8e78438e8bb53c9c1297b068ac0df7827.zip
1 files changed, 0 insertions, 201 deletions
diff --git a/src/lib/libcrypto/engine/eng_int.h b/src/lib/libcrypto/engine/eng_int.h
deleted file mode 100644
index 2b0ba22aaf..0000000000
--- a/src/lib/libcrypto/engine/eng_int.h
+++ /dev/null
@@ -1,201 +0,0 @@
-/* $OpenBSD: eng_int.h,v 1.12 2023/07/28 09:22:26 tb Exp $ */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECDH support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-#ifndef HEADER_ENGINE_INT_H
-#define HEADER_ENGINE_INT_H
-/* Take public definitions from engine.h */
-#include <openssl/engine.h>
-__BEGIN_HIDDEN_DECLS
-/* If we compile with this symbol defined, then both reference counts in the
- * ENGINE structure will be monitored with a line of output on stderr for each
- * change. This prints the engine's pointer address (truncated to unsigned int),
- * "struct" or "funct" to indicate the reference type, the before and after
- * reference count, and the file:line-number pair. The "engine_ref_debug"
- * statements must come *after* the change. */
-#ifdef ENGINE_REF_COUNT_DEBUG
-#define engine_ref_debug(e, isfunct, diff) \
-        fprintf(stderr, "engine: %08x %s from %d to %d (%s:%d)\n", \
-                (unsigned int)(e), (isfunct ? "funct" : "struct"), \
-                ((isfunct) ? ((e)->funct_ref - (diff)) : ((e)->struct_ref - (diff))), \
-                ((isfunct) ? (e)->funct_ref : (e)->struct_ref), \
-                (__FILE__), (__LINE__));
-#else
-#define engine_ref_debug(e, isfunct, diff)
-#endif
-/* Any code that will need cleanup operations should use these functions to
- * register callbacks. ENGINE_cleanup() will call all registered callbacks in
- * order. NB: both the "add" functions assume CRYPTO_LOCK_ENGINE to already be
- * held (in "write" mode). */
-typedef void (ENGINE_CLEANUP_CB)(void);
-typedef struct st_engine_cleanup_item {
-        ENGINE_CLEANUP_CB *cb;
-} ENGINE_CLEANUP_ITEM;
-DECLARE_STACK_OF(ENGINE_CLEANUP_ITEM)
-void engine_cleanup_add_first(ENGINE_CLEANUP_CB *cb);
-void engine_cleanup_add_last(ENGINE_CLEANUP_CB *cb);
-/* We need stacks of ENGINEs for use in eng_table.c */
-DECLARE_STACK_OF(ENGINE)
-/* If this symbol is defined then engine_table_select(), the function that is
- * used by RSA, DSA (etc) code to select registered ENGINEs, cache defaults and
- * functional references (etc), will display debugging summaries to stderr. */
-/* #define ENGINE_TABLE_DEBUG */
-/* This represents an implementation table. Dependent code should instantiate it
- * as a (ENGINE_TABLE *) pointer value set initially to NULL. */
-typedef struct st_engine_table ENGINE_TABLE;
-int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup,
-    ENGINE *e, const int *nids, int num_nids, int setdefault);
-void engine_table_unregister(ENGINE_TABLE **table, ENGINE *e);
-void engine_table_cleanup(ENGINE_TABLE **table);
-#ifndef ENGINE_TABLE_DEBUG
-ENGINE *engine_table_select(ENGINE_TABLE **table, int nid);
-#else
-ENGINE *engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f,
-    int l);
-#define engine_table_select(t,n) engine_table_select_tmp(t,n,__FILE__,__LINE__)
-#endif
-typedef void (engine_table_doall_cb)(int nid, STACK_OF(ENGINE) *sk,
-    ENGINE *def, void *arg);
-void engine_table_doall(ENGINE_TABLE *table, engine_table_doall_cb *cb,
-    void *arg);
-/* Internal versions of API functions that have control over locking. These are
- * used between C files when functionality needs to be shared but the caller may
- * already be controlling of the CRYPTO_LOCK_ENGINE lock. */
-int engine_unlocked_init(ENGINE *e);
-int engine_unlocked_finish(ENGINE *e, int unlock_for_handlers);
-int engine_free_util(ENGINE *e, int locked);
-/* This function will reset all "set"able values in an ENGINE to NULL. This
- * won't touch reference counts or ex_data, but is equivalent to calling all the
- * ENGINE_set_***() functions with a NULL value. */
-void engine_set_all_null(ENGINE *e);
-/* NB: Bitwise OR-able values for the "flags" variable in ENGINE are now exposed
- * in engine.h. */
-/* Free up dynamically allocated public key methods associated with ENGINE */
-void engine_pkey_meths_free(ENGINE *e);
-void engine_pkey_asn1_meths_free(ENGINE *e);
-/* This is a structure for storing implementations of various crypto
- * algorithms and functions. */
-struct engine_st {
-        const char *id;
-        const char *name;
-        const RSA_METHOD *rsa_meth;
-        const DSA_METHOD *dsa_meth;
-        const DH_METHOD *dh_meth;
-        const EC_KEY_METHOD *ec_meth;
-        const RAND_METHOD *rand_meth;
-        const STORE_METHOD *store_meth;
-        /* Cipher handling is via this callback */
-        ENGINE_CIPHERS_PTR ciphers;
-        /* Digest handling is via this callback */
-        ENGINE_DIGESTS_PTR digests;
-        /* Public key handling via this callback */
-        ENGINE_PKEY_METHS_PTR pkey_meths;
-        /* ASN1 public key handling via this callback */
-        ENGINE_PKEY_ASN1_METHS_PTR pkey_asn1_meths;
-        ENGINE_GEN_INT_FUNC_PTR destroy;
-        ENGINE_GEN_INT_FUNC_PTR init;
-        ENGINE_GEN_INT_FUNC_PTR finish;
-        ENGINE_CTRL_FUNC_PTR ctrl;
-        ENGINE_LOAD_KEY_PTR load_privkey;
-        ENGINE_LOAD_KEY_PTR load_pubkey;
-        ENGINE_SSL_CLIENT_CERT_PTR load_ssl_client_cert;
-        const ENGINE_CMD_DEFN *cmd_defns;
-        int flags;
-        /* reference count on the structure itself */
-        int struct_ref;
-        /* reference count on usability of the engine type. NB: This
-         * controls the loading and initialisation of any functionlity
-         * required by this engine, whereas the previous count is
-         * simply to cope with (de)allocation of this structure. Hence,
-         * running_ref <= struct_ref at all times. */
-        int funct_ref;
-        /* A place to store per-ENGINE data */
-        CRYPTO_EX_DATA ex_data;
-        /* Used to maintain the linked-list of engines. */
-        struct engine_st *prev;
-        struct engine_st *next;
-};
-__END_HIDDEN_DECLS
-#endif /* HEADER_ENGINE_INT_H */
author	tb <>	2023-07-28 09:53:55 +0000
committer	tb <>	2023-07-28 09:53:55 +0000
commit	d4949db8e78438e8bb53c9c1297b068ac0df7827 (patch)
tree	307457e0cf8fc786fb4c80edc29a92d5677d406e /src/lib/libcrypto/engine/eng_int.h
parent	681b4eb7a5896143c26eac201c041f6f22357b18 (diff)
download	openbsd-d4949db8e78438e8bb53c9c1297b068ac0df7827.tar.gz openbsd-d4949db8e78438e8bb53c9c1297b068ac0df7827.tar.bz2 openbsd-d4949db8e78438e8bb53c9c1297b068ac0df7827.zip

diff --git a/src/lib/libcrypto/engine/eng_int.h b/src/lib/libcrypto/engine/eng_int.h deleted file mode 100644 index 2b0ba22aaf..0000000000 --- a/src/lib/libcrypto/engine/eng_int.h +++ /dev/null
@@ -1,201 +0,0 @@
1	/* $OpenBSD: eng_int.h,v 1.12 2023/07/28 09:22:26 tb Exp $ */
2	/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
3	* project 2000.
4	*/
5	/* ====================================================================
6	* Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
7	*
8	* Redistribution and use in source and binary forms, with or without
9	* modification, are permitted provided that the following conditions
10	* are met:
11	*
12	* 1. Redistributions of source code must retain the above copyright
13	* notice, this list of conditions and the following disclaimer.
14	*
15	* 2. Redistributions in binary form must reproduce the above copyright
16	* notice, this list of conditions and the following disclaimer in
17	* the documentation and/or other materials provided with the
18	* distribution.
19	*
20	* 3. All advertising materials mentioning features or use of this
21	* software must display the following acknowledgment:
22	* "This product includes software developed by the OpenSSL Project
23	* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24	*
25	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26	* endorse or promote products derived from this software without
27	* prior written permission. For written permission, please contact
28	* licensing@OpenSSL.org.
29	*
30	* 5. Products derived from this software may not be called "OpenSSL"
31	* nor may "OpenSSL" appear in their names without prior written
32	* permission of the OpenSSL Project.
33	*
34	* 6. Redistributions of any form whatsoever must retain the following
35	* acknowledgment:
36	* "This product includes software developed by the OpenSSL Project
37	* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38	*
39	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50	* OF THE POSSIBILITY OF SUCH DAMAGE.
51	* ====================================================================
52	*
53	* This product includes cryptographic software written by Eric Young
54	* (eay@cryptsoft.com). This product includes software written by Tim
55	* Hudson (tjh@cryptsoft.com).
56	*
57	*/
58	/* ====================================================================
59	* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
60	* ECDH support in OpenSSL originally developed by
61	* SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
62	*/
63
64	#ifndef HEADER_ENGINE_INT_H
65	#define HEADER_ENGINE_INT_H
66
67	/* Take public definitions from engine.h */
68	#include <openssl/engine.h>
69
70	__BEGIN_HIDDEN_DECLS
71
72	/* If we compile with this symbol defined, then both reference counts in the
73	* ENGINE structure will be monitored with a line of output on stderr for each
74	* change. This prints the engine's pointer address (truncated to unsigned int),
75	* "struct" or "funct" to indicate the reference type, the before and after
76	* reference count, and the file:line-number pair. The "engine_ref_debug"
77	* statements must come after the change. */
78	#ifdef ENGINE_REF_COUNT_DEBUG
79
80	#define engine_ref_debug(e, isfunct, diff) \
81	fprintf(stderr, "engine: %08x %s from %d to %d (%s:%d)\n", \
82	(unsigned int)(e), (isfunct ? "funct" : "struct"), \
83	((isfunct) ? ((e)->funct_ref - (diff)) : ((e)->struct_ref - (diff))), \
84	((isfunct) ? (e)->funct_ref : (e)->struct_ref), \
85	(__FILE__), (__LINE__));
86
87	#else
88
89	#define engine_ref_debug(e, isfunct, diff)
90
91	#endif
92
93	/* Any code that will need cleanup operations should use these functions to
94	* register callbacks. ENGINE_cleanup() will call all registered callbacks in
95	* order. NB: both the "add" functions assume CRYPTO_LOCK_ENGINE to already be
96	* held (in "write" mode). */
97	typedef void (ENGINE_CLEANUP_CB)(void);
98	typedef struct st_engine_cleanup_item {
99	ENGINE_CLEANUP_CB *cb;
100	} ENGINE_CLEANUP_ITEM;
101	DECLARE_STACK_OF(ENGINE_CLEANUP_ITEM)
102	void engine_cleanup_add_first(ENGINE_CLEANUP_CB *cb);
103	void engine_cleanup_add_last(ENGINE_CLEANUP_CB *cb);
104
105	/* We need stacks of ENGINEs for use in eng_table.c */
106	DECLARE_STACK_OF(ENGINE)
107
108	/* If this symbol is defined then engine_table_select(), the function that is
109	* used by RSA, DSA (etc) code to select registered ENGINEs, cache defaults and
110	* functional references (etc), will display debugging summaries to stderr. */
111	/* #define ENGINE_TABLE_DEBUG */
112
113	/* This represents an implementation table. Dependent code should instantiate it
114	* as a (ENGINE_TABLE ) pointer value set initially to NULL. /
115	typedef struct st_engine_table ENGINE_TABLE;
116	int engine_table_register(ENGINE_TABLE *table, ENGINE_CLEANUP_CB cleanup,
117	ENGINE e, const int nids, int num_nids, int setdefault);
118	void engine_table_unregister(ENGINE_TABLE *table, ENGINE e);
119	void engine_table_cleanup(ENGINE_TABLE **table);
120	#ifndef ENGINE_TABLE_DEBUG
121	ENGINE engine_table_select(ENGINE_TABLE *table, int nid);
122	#else
123	ENGINE engine_table_select_tmp(ENGINE_TABLE table, int nid, const char f,
124	int l);
125	#define engine_table_select(t,n) engine_table_select_tmp(t,n,__FILE__,__LINE__)
126	#endif
127	typedef void (engine_table_doall_cb)(int nid, STACK_OF(ENGINE) *sk,
128	ENGINE def, void arg);
129	void engine_table_doall(ENGINE_TABLE table, engine_table_doall_cb cb,
130	void *arg);
131
132	/* Internal versions of API functions that have control over locking. These are
133	* used between C files when functionality needs to be shared but the caller may
134	* already be controlling of the CRYPTO_LOCK_ENGINE lock. */
135	int engine_unlocked_init(ENGINE *e);
136	int engine_unlocked_finish(ENGINE *e, int unlock_for_handlers);
137	int engine_free_util(ENGINE *e, int locked);
138
139	/* This function will reset all "set"able values in an ENGINE to NULL. This
140	* won't touch reference counts or ex_data, but is equivalent to calling all the
141	* ENGINE_set_**() functions with a NULL value. /
142	void engine_set_all_null(ENGINE *e);
143
144	/* NB: Bitwise OR-able values for the "flags" variable in ENGINE are now exposed
145	* in engine.h. */
146
147	/* Free up dynamically allocated public key methods associated with ENGINE */
148
149	void engine_pkey_meths_free(ENGINE *e);
150	void engine_pkey_asn1_meths_free(ENGINE *e);
151
152	/* This is a structure for storing implementations of various crypto
153	* algorithms and functions. */
154	struct engine_st {
155	const char *id;
156	const char *name;
157	const RSA_METHOD *rsa_meth;
158	const DSA_METHOD *dsa_meth;
159	const DH_METHOD *dh_meth;
160	const EC_KEY_METHOD *ec_meth;
161	const RAND_METHOD *rand_meth;
162	const STORE_METHOD *store_meth;
163	/* Cipher handling is via this callback */
164	ENGINE_CIPHERS_PTR ciphers;
165	/* Digest handling is via this callback */
166	ENGINE_DIGESTS_PTR digests;
167	/* Public key handling via this callback */
168	ENGINE_PKEY_METHS_PTR pkey_meths;
169	/* ASN1 public key handling via this callback */
170	ENGINE_PKEY_ASN1_METHS_PTR pkey_asn1_meths;
171
172	ENGINE_GEN_INT_FUNC_PTR destroy;
173
174	ENGINE_GEN_INT_FUNC_PTR init;
175	ENGINE_GEN_INT_FUNC_PTR finish;
176	ENGINE_CTRL_FUNC_PTR ctrl;
177	ENGINE_LOAD_KEY_PTR load_privkey;
178	ENGINE_LOAD_KEY_PTR load_pubkey;
179
180	ENGINE_SSL_CLIENT_CERT_PTR load_ssl_client_cert;
181
182	const ENGINE_CMD_DEFN *cmd_defns;
183	int flags;
184	/* reference count on the structure itself */
185	int struct_ref;
186	/* reference count on usability of the engine type. NB: This
187	* controls the loading and initialisation of any functionlity
188	* required by this engine, whereas the previous count is
189	* simply to cope with (de)allocation of this structure. Hence,
190	* running_ref <= struct_ref at all times. */
191	int funct_ref;
192	/* A place to store per-ENGINE data */
193	CRYPTO_EX_DATA ex_data;
194	/* Used to maintain the linked-list of engines. */
195	struct engine_st *prev;
196	struct engine_st *next;
197	};
198
199	__END_HIDDEN_DECLS
200
201	#endif /* HEADER_ENGINE_INT_H */