Unifdef OPENSSL_NO_ENGINE in libcrypto

This is mechanical apart from a few manual edits to avoid doubled empty lines. ok jsing
author: tb <> 2023-11-19 15:46:10 +0000
committer: tb <> 2023-11-19 15:46:10 +0000
commit: 593d97e74cc873d99aced677883cf55625efe62d (patch)
tree: 9a8bf5329015d40f6a79820880c1ca7bb820bf58 /src/lib/libcrypto/evp
parent: cde35b41c5eb9d9d0b61fe730c39e6a5c553b840 (diff)
download: openbsd-593d97e74cc873d99aced677883cf55625efe62d.tar.gz
openbsd-593d97e74cc873d99aced677883cf55625efe62d.tar.bz2
openbsd-593d97e74cc873d99aced677883cf55625efe62d.zip
3 files changed, 3 insertions, 135 deletions
diff --git a/src/lib/libcrypto/evp/digest.c b/src/lib/libcrypto/evp/digest.c
index ca3fb219cd..9a2a304250 100644
--- a/src/lib/libcrypto/evp/digest.c
+++ b/src/lib/libcrypto/evp/digest.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: digest.c,v 1.38 2023/07/07 19:37:53 beck Exp $ */
+/* $OpenBSD: digest.c,v 1.39 2023/11/19 15:46:09 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -118,10 +118,6 @@
 #include <openssl/evp.h>
 #include <openssl/objects.h>
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
 #include "evp_local.h"
 int
@@ -136,49 +132,6 @@ EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
 {
        EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
-#ifndef OPENSSL_NO_ENGINE
-        /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
-         * so this context may already have an ENGINE! Try to avoid releasing
-         * the previous handle, re-querying for an ENGINE, and having a
-         * reinitialisation, when it may all be unnecessary. */
-        if (ctx->engine && ctx->digest && (!type ||
-            (type && (type->type == ctx->digest->type))))
-                goto skip_to_init;
-        if (type) {
-                /* Ensure an ENGINE left lying around from last time is cleared
-                 * (the previous check attempted to avoid this if the same
-                 * ENGINE and EVP_MD could be used). */
-                ENGINE_finish(ctx->engine);
-                if (impl != NULL) {
-                        if (!ENGINE_init(impl)) {
-                                EVPerror(EVP_R_INITIALIZATION_ERROR);
-                                return 0;
-                        }
-                } else
-                        /* Ask if an ENGINE is reserved for this job */
-                        impl = ENGINE_get_digest_engine(type->type);
-                if (impl != NULL) {
-                        /* There's an ENGINE for this job ... (apparently) */
-                        const EVP_MD *d = ENGINE_get_digest(impl, type->type);
-                        if (d == NULL) {
-                                /* Same comment from evp_enc.c */
-                                EVPerror(EVP_R_INITIALIZATION_ERROR);
-                                ENGINE_finish(impl);
-                                return 0;
-                        }
-                        /* We'll use the ENGINE's private digest definition */
-                        type = d;
-                        /* Store the ENGINE functional reference so we know
-                         * 'type' came from an ENGINE and we need to release
-                         * it when done. */
-                        ctx->engine = impl;
-                } else
-                        ctx->engine = NULL;
-        } else if (!ctx->digest) {
-                EVPerror(EVP_R_NO_DIGEST_SET);
-                return 0;
-        }
-#endif
        if (ctx->digest != type) {
                if (ctx->digest && ctx->digest->ctx_size && ctx->md_data &&
                    !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) {
@@ -197,9 +150,6 @@ EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
                        }
                }
        }
-#ifndef OPENSSL_NO_ENGINE
-skip_to_init:
-#endif
        if (ctx->pctx) {
                int r;
                r = EVP_PKEY_CTX_ctrl(ctx->pctx, -1, EVP_PKEY_OP_TYPE_SIG,
@@ -266,13 +216,6 @@ EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
                EVPerror(EVP_R_INPUT_NOT_INITIALIZED);
                return 0;
        }
-#ifndef OPENSSL_NO_ENGINE
-        /* Make sure it's safe to copy a digest context using an ENGINE */
-        if (in->engine && !ENGINE_init(in->engine)) {
-                EVPerror(ERR_R_ENGINE_LIB);
-                return 0;
-        }
-#endif
        if (out->digest == in->digest) {
                tmp_buf = out->md_data;
@@ -397,9 +340,6 @@ EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
         */
        if (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX))
                EVP_PKEY_CTX_free(ctx->pctx);
-#ifndef OPENSSL_NO_ENGINE
-        ENGINE_finish(ctx->engine);
-#endif
        memset(ctx, 0, sizeof(*ctx));
        return 1;
diff --git a/src/lib/libcrypto/evp/evp_enc.c b/src/lib/libcrypto/evp/evp_enc.c
index eb279b2378..172d8b4019 100644
--- a/src/lib/libcrypto/evp/evp_enc.c
+++ b/src/lib/libcrypto/evp/evp_enc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: evp_enc.c,v 1.54 2023/11/18 09:37:15 tb Exp $ */
+/* $OpenBSD: evp_enc.c,v 1.55 2023/11/19 15:46:09 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -68,10 +68,6 @@
 #include <openssl/err.h>
 #include <openssl/evp.h>
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
 #include "evp_local.h"
 int
@@ -94,15 +90,6 @@ EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
                        enc = 1;
                ctx->encrypt = enc;
        }
-#ifndef OPENSSL_NO_ENGINE
-        /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
-         * so this context may already have an ENGINE! Try to avoid releasing
-         * the previous handle, re-querying for an ENGINE, and having a
-         * reinitialisation, when it may all be unnecessary. */
-        if (ctx->engine && ctx->cipher &&
-            (!cipher || (cipher && (cipher->nid == ctx->cipher->nid))))
-                goto skip_to_init;
-#endif
        if (cipher) {
                /* Ensure a context left lying around from last time is cleared
                 * (the previous check attempted to avoid this if the same
@@ -114,32 +101,6 @@ EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
                        ctx->encrypt = enc;
                        ctx->flags = flags;
                }
-#ifndef OPENSSL_NO_ENGINE
-                if (impl) {
-                        if (!ENGINE_init(impl)) {
-                                EVPerror(EVP_R_INITIALIZATION_ERROR);
-                                return 0;
-                        }
-                } else
-                        /* Ask if an ENGINE is reserved for this job */
-                        impl = ENGINE_get_cipher_engine(cipher->nid);
-                if (impl) {
-                        /* There's an ENGINE for this job ... (apparently) */
-                        const EVP_CIPHER *c =
-                            ENGINE_get_cipher(impl, cipher->nid);
-                        if (!c) {
-                                EVPerror(EVP_R_INITIALIZATION_ERROR);
-                                return 0;
-                        }
-                        /* We'll use the ENGINE's private cipher definition */
-                        cipher = c;
-                        /* Store the ENGINE functional reference so we know
-                         * 'cipher' came from an ENGINE and we need to release
-                         * it when done. */
-                        ctx->engine = impl;
-                } else
-                        ctx->engine = NULL;
-#endif
                ctx->cipher = cipher;
                if (ctx->cipher->ctx_size) {
@@ -163,9 +124,6 @@ EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
                EVPerror(EVP_R_NO_CIPHER_SET);
                return 0;
        }
-#ifndef OPENSSL_NO_ENGINE
-skip_to_init:
-#endif
        /* we assume block size is a power of 2 in *cryptUpdate */
        if (ctx->cipher->block_size != 1 &&
            ctx->cipher->block_size != 8 &&
@@ -614,10 +572,6 @@ EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
        /* XXX - store size of cipher_data so we can always freezero(). */
        free(c->cipher_data);
-#ifndef OPENSSL_NO_ENGINE
-        ENGINE_finish(c->engine);
-#endif
        explicit_bzero(c, sizeof(EVP_CIPHER_CTX));
        return 1;
@@ -688,13 +642,6 @@ EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
                EVPerror(EVP_R_INPUT_NOT_INITIALIZED);
                return 0;
        }
-#ifndef OPENSSL_NO_ENGINE
-        /* Make sure it's safe to copy a cipher context using an ENGINE */
-        if (in->engine && !ENGINE_init(in->engine)) {
-                EVPerror(ERR_R_ENGINE_LIB);
-                return 0;
-        }
-#endif
        EVP_CIPHER_CTX_cleanup(out);
        memcpy(out, in, sizeof *out);
diff --git a/src/lib/libcrypto/evp/p_lib.c b/src/lib/libcrypto/evp/p_lib.c
index 23ec8e6031..eaeb456cbb 100644
--- a/src/lib/libcrypto/evp/p_lib.c
+++ b/src/lib/libcrypto/evp/p_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: p_lib.c,v 1.37 2023/09/10 17:32:17 tb Exp $ */
+/* $OpenBSD: p_lib.c,v 1.38 2023/11/19 15:46:10 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -77,10 +77,6 @@
 #include <openssl/rsa.h>
 #endif
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
 #include "asn1_local.h"
 #include "evp_local.h"
@@ -245,19 +241,11 @@ pkey_set_type(EVP_PKEY *pkey, ENGINE *e, int type, const char *str, int len)
                 */
                if ((type == pkey->save_type) && pkey->ameth)
                        return 1;
-#ifndef OPENSSL_NO_ENGINE
-                ENGINE_finish(pkey->engine);
-                pkey->engine = NULL;
-#endif
        }
        if (str)
                ameth = EVP_PKEY_asn1_find_str(eptr, str, len);
        else
                ameth = EVP_PKEY_asn1_find(eptr, type);
-#ifndef OPENSSL_NO_ENGINE
-        if (pkey == NULL && eptr != NULL)
-                ENGINE_finish(e);
-#endif
        if (!ameth) {
                EVPerror(EVP_R_UNSUPPORTED_ALGORITHM);
                return 0;
@@ -583,9 +571,6 @@ EVP_PKEY_type(int type)
                ret = ameth->pkey_id;
        else
                ret = NID_undef;
-#ifndef OPENSSL_NO_ENGINE
-        ENGINE_finish(e);
-#endif
        return ret;
 }
@@ -626,10 +611,6 @@ EVP_PKEY_free_it(EVP_PKEY *x)
                x->ameth->pkey_free(x);
                x->pkey.ptr = NULL;
        }
-#ifndef OPENSSL_NO_ENGINE
-        ENGINE_finish(x->engine);
-        x->engine = NULL;
-#endif
 }
 static int
author	tb <>	2023-11-19 15:46:10 +0000
committer	tb <>	2023-11-19 15:46:10 +0000
commit	593d97e74cc873d99aced677883cf55625efe62d (patch)
tree	9a8bf5329015d40f6a79820880c1ca7bb820bf58 /src/lib/libcrypto/evp
parent	cde35b41c5eb9d9d0b61fe730c39e6a5c553b840 (diff)
download	openbsd-593d97e74cc873d99aced677883cf55625efe62d.tar.gz openbsd-593d97e74cc873d99aced677883cf55625efe62d.tar.bz2 openbsd-593d97e74cc873d99aced677883cf55625efe62d.zip

diff --git a/src/lib/libcrypto/evp/digest.c b/src/lib/libcrypto/evp/digest.c index ca3fb219cd..9a2a304250 100644 --- a/src/lib/libcrypto/evp/digest.c +++ b/src/lib/libcrypto/evp/digest.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: digest.c,v 1.38 2023/07/07 19:37:53 beck Exp $ */	1	/* $OpenBSD: digest.c,v 1.39 2023/11/19 15:46:09 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -118,10 +118,6 @@
118	#include <openssl/evp.h>	118	#include <openssl/evp.h>
119	#include <openssl/objects.h>	119	#include <openssl/objects.h>
120		120
121	#ifndef OPENSSL_NO_ENGINE
122	#include <openssl/engine.h>
123	#endif
124
125	#include "evp_local.h"	121	#include "evp_local.h"
126		122
127	int	123	int
@@ -136,49 +132,6 @@ EVP_DigestInit_ex(EVP_MD_CTX ctx, const EVP_MD type, ENGINE *impl)
136	{	132	{
137	EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);	133	EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
138		134
139	#ifndef OPENSSL_NO_ENGINE
140	/* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
141	* so this context may already have an ENGINE! Try to avoid releasing
142	* the previous handle, re-querying for an ENGINE, and having a
143	* reinitialisation, when it may all be unnecessary. */
144	if (ctx->engine && ctx->digest && (!type \|\|
145	(type && (type->type == ctx->digest->type))))
146	goto skip_to_init;
147	if (type) {
148	/* Ensure an ENGINE left lying around from last time is cleared
149	* (the previous check attempted to avoid this if the same
150	* ENGINE and EVP_MD could be used). */
151	ENGINE_finish(ctx->engine);
152	if (impl != NULL) {
153	if (!ENGINE_init(impl)) {
154	EVPerror(EVP_R_INITIALIZATION_ERROR);
155	return 0;
156	}
157	} else
158	/* Ask if an ENGINE is reserved for this job */
159	impl = ENGINE_get_digest_engine(type->type);
160	if (impl != NULL) {
161	/* There's an ENGINE for this job ... (apparently) */
162	const EVP_MD *d = ENGINE_get_digest(impl, type->type);
163	if (d == NULL) {
164	/* Same comment from evp_enc.c */
165	EVPerror(EVP_R_INITIALIZATION_ERROR);
166	ENGINE_finish(impl);
167	return 0;
168	}
169	/* We'll use the ENGINE's private digest definition */
170	type = d;
171	/* Store the ENGINE functional reference so we know
172	* 'type' came from an ENGINE and we need to release
173	* it when done. */
174	ctx->engine = impl;
175	} else
176	ctx->engine = NULL;
177	} else if (!ctx->digest) {
178	EVPerror(EVP_R_NO_DIGEST_SET);
179	return 0;
180	}
181	#endif
182	if (ctx->digest != type) {	135	if (ctx->digest != type) {
183	if (ctx->digest && ctx->digest->ctx_size && ctx->md_data &&	136	if (ctx->digest && ctx->digest->ctx_size && ctx->md_data &&
184	!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) {	137	!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) {
@@ -197,9 +150,6 @@ EVP_DigestInit_ex(EVP_MD_CTX ctx, const EVP_MD type, ENGINE *impl)
197	}	150	}
198	}	151	}
199	}	152	}
200	#ifndef OPENSSL_NO_ENGINE
201	skip_to_init:
202	#endif
203	if (ctx->pctx) {	153	if (ctx->pctx) {
204	int r;	154	int r;
205	r = EVP_PKEY_CTX_ctrl(ctx->pctx, -1, EVP_PKEY_OP_TYPE_SIG,	155	r = EVP_PKEY_CTX_ctrl(ctx->pctx, -1, EVP_PKEY_OP_TYPE_SIG,
@@ -266,13 +216,6 @@ EVP_MD_CTX_copy_ex(EVP_MD_CTX out, const EVP_MD_CTX in)
266	EVPerror(EVP_R_INPUT_NOT_INITIALIZED);	216	EVPerror(EVP_R_INPUT_NOT_INITIALIZED);
267	return 0;	217	return 0;
268	}	218	}
269	#ifndef OPENSSL_NO_ENGINE
270	/* Make sure it's safe to copy a digest context using an ENGINE */
271	if (in->engine && !ENGINE_init(in->engine)) {
272	EVPerror(ERR_R_ENGINE_LIB);
273	return 0;
274	}
275	#endif
276		219
277	if (out->digest == in->digest) {	220	if (out->digest == in->digest) {
278	tmp_buf = out->md_data;	221	tmp_buf = out->md_data;
@@ -397,9 +340,6 @@ EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
397	*/	340	*/
398	if (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX))	341	if (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX))
399	EVP_PKEY_CTX_free(ctx->pctx);	342	EVP_PKEY_CTX_free(ctx->pctx);
400	#ifndef OPENSSL_NO_ENGINE
401	ENGINE_finish(ctx->engine);
402	#endif
403	memset(ctx, 0, sizeof(*ctx));	343	memset(ctx, 0, sizeof(*ctx));
404		344
405	return 1;	345	return 1;


diff --git a/src/lib/libcrypto/evp/evp_enc.c b/src/lib/libcrypto/evp/evp_enc.c index eb279b2378..172d8b4019 100644 --- a/src/lib/libcrypto/evp/evp_enc.c +++ b/src/lib/libcrypto/evp/evp_enc.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: evp_enc.c,v 1.54 2023/11/18 09:37:15 tb Exp $ */	1	/* $OpenBSD: evp_enc.c,v 1.55 2023/11/19 15:46:09 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -68,10 +68,6 @@
68	#include <openssl/err.h>	68	#include <openssl/err.h>
69	#include <openssl/evp.h>	69	#include <openssl/evp.h>
70		70
71	#ifndef OPENSSL_NO_ENGINE
72	#include <openssl/engine.h>
73	#endif
74
75	#include "evp_local.h"	71	#include "evp_local.h"
76		72
77	int	73	int
@@ -94,15 +90,6 @@ EVP_CipherInit_ex(EVP_CIPHER_CTX ctx, const EVP_CIPHER cipher, ENGINE *impl,
94	enc = 1;	90	enc = 1;
95	ctx->encrypt = enc;	91	ctx->encrypt = enc;
96	}	92	}
97	#ifndef OPENSSL_NO_ENGINE
98	/* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
99	* so this context may already have an ENGINE! Try to avoid releasing
100	* the previous handle, re-querying for an ENGINE, and having a
101	* reinitialisation, when it may all be unnecessary. */
102	if (ctx->engine && ctx->cipher &&
103	(!cipher \|\| (cipher && (cipher->nid == ctx->cipher->nid))))
104	goto skip_to_init;
105	#endif
106	if (cipher) {	93	if (cipher) {
107	/* Ensure a context left lying around from last time is cleared	94	/* Ensure a context left lying around from last time is cleared
108	* (the previous check attempted to avoid this if the same	95	* (the previous check attempted to avoid this if the same
@@ -114,32 +101,6 @@ EVP_CipherInit_ex(EVP_CIPHER_CTX ctx, const EVP_CIPHER cipher, ENGINE *impl,
114	ctx->encrypt = enc;	101	ctx->encrypt = enc;
115	ctx->flags = flags;	102	ctx->flags = flags;
116	}	103	}
117	#ifndef OPENSSL_NO_ENGINE
118	if (impl) {
119	if (!ENGINE_init(impl)) {
120	EVPerror(EVP_R_INITIALIZATION_ERROR);
121	return 0;
122	}
123	} else
124	/* Ask if an ENGINE is reserved for this job */
125	impl = ENGINE_get_cipher_engine(cipher->nid);
126	if (impl) {
127	/* There's an ENGINE for this job ... (apparently) */
128	const EVP_CIPHER *c =
129	ENGINE_get_cipher(impl, cipher->nid);
130	if (!c) {
131	EVPerror(EVP_R_INITIALIZATION_ERROR);
132	return 0;
133	}
134	/* We'll use the ENGINE's private cipher definition */
135	cipher = c;
136	/* Store the ENGINE functional reference so we know
137	* 'cipher' came from an ENGINE and we need to release
138	* it when done. */
139	ctx->engine = impl;
140	} else
141	ctx->engine = NULL;
142	#endif
143		104
144	ctx->cipher = cipher;	105	ctx->cipher = cipher;
145	if (ctx->cipher->ctx_size) {	106	if (ctx->cipher->ctx_size) {
@@ -163,9 +124,6 @@ EVP_CipherInit_ex(EVP_CIPHER_CTX ctx, const EVP_CIPHER cipher, ENGINE *impl,
163	EVPerror(EVP_R_NO_CIPHER_SET);	124	EVPerror(EVP_R_NO_CIPHER_SET);
164	return 0;	125	return 0;
165	}	126	}
166	#ifndef OPENSSL_NO_ENGINE
167	skip_to_init:
168	#endif
169	/* we assume block size is a power of 2 in cryptUpdate /	127	/* we assume block size is a power of 2 in cryptUpdate /
170	if (ctx->cipher->block_size != 1 &&	128	if (ctx->cipher->block_size != 1 &&
171	ctx->cipher->block_size != 8 &&	129	ctx->cipher->block_size != 8 &&
@@ -614,10 +572,6 @@ EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
614	/* XXX - store size of cipher_data so we can always freezero(). */	572	/* XXX - store size of cipher_data so we can always freezero(). */
615	free(c->cipher_data);	573	free(c->cipher_data);
616		574
617	#ifndef OPENSSL_NO_ENGINE
618	ENGINE_finish(c->engine);
619	#endif
620
621	explicit_bzero(c, sizeof(EVP_CIPHER_CTX));	575	explicit_bzero(c, sizeof(EVP_CIPHER_CTX));
622		576
623	return 1;	577	return 1;
@@ -688,13 +642,6 @@ EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX out, const EVP_CIPHER_CTX in)
688	EVPerror(EVP_R_INPUT_NOT_INITIALIZED);	642	EVPerror(EVP_R_INPUT_NOT_INITIALIZED);
689	return 0;	643	return 0;
690	}	644	}
691	#ifndef OPENSSL_NO_ENGINE
692	/* Make sure it's safe to copy a cipher context using an ENGINE */
693	if (in->engine && !ENGINE_init(in->engine)) {
694	EVPerror(ERR_R_ENGINE_LIB);
695	return 0;
696	}
697	#endif
698		645
699	EVP_CIPHER_CTX_cleanup(out);	646	EVP_CIPHER_CTX_cleanup(out);
700	memcpy(out, in, sizeof *out);	647	memcpy(out, in, sizeof *out);


diff --git a/src/lib/libcrypto/evp/p_lib.c b/src/lib/libcrypto/evp/p_lib.c index 23ec8e6031..eaeb456cbb 100644 --- a/src/lib/libcrypto/evp/p_lib.c +++ b/src/lib/libcrypto/evp/p_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: p_lib.c,v 1.37 2023/09/10 17:32:17 tb Exp $ */	1	/* $OpenBSD: p_lib.c,v 1.38 2023/11/19 15:46:10 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -77,10 +77,6 @@
77	#include <openssl/rsa.h>	77	#include <openssl/rsa.h>
78	#endif	78	#endif
79		79
80	#ifndef OPENSSL_NO_ENGINE
81	#include <openssl/engine.h>
82	#endif
83
84	#include "asn1_local.h"	80	#include "asn1_local.h"
85	#include "evp_local.h"	81	#include "evp_local.h"
86		82
@@ -245,19 +241,11 @@ pkey_set_type(EVP_PKEY pkey, ENGINE e, int type, const char *str, int len)
245	*/	241	*/
246	if ((type == pkey->save_type) && pkey->ameth)	242	if ((type == pkey->save_type) && pkey->ameth)
247	return 1;	243	return 1;
248	#ifndef OPENSSL_NO_ENGINE
249	ENGINE_finish(pkey->engine);
250	pkey->engine = NULL;
251	#endif
252	}	244	}
253	if (str)	245	if (str)
254	ameth = EVP_PKEY_asn1_find_str(eptr, str, len);	246	ameth = EVP_PKEY_asn1_find_str(eptr, str, len);
255	else	247	else
256	ameth = EVP_PKEY_asn1_find(eptr, type);	248	ameth = EVP_PKEY_asn1_find(eptr, type);
257	#ifndef OPENSSL_NO_ENGINE
258	if (pkey == NULL && eptr != NULL)
259	ENGINE_finish(e);
260	#endif
261	if (!ameth) {	249	if (!ameth) {
262	EVPerror(EVP_R_UNSUPPORTED_ALGORITHM);	250	EVPerror(EVP_R_UNSUPPORTED_ALGORITHM);
263	return 0;	251	return 0;
@@ -583,9 +571,6 @@ EVP_PKEY_type(int type)
583	ret = ameth->pkey_id;	571	ret = ameth->pkey_id;
584	else	572	else
585	ret = NID_undef;	573	ret = NID_undef;
586	#ifndef OPENSSL_NO_ENGINE
587	ENGINE_finish(e);
588	#endif
589	return ret;	574	return ret;
590	}	575	}
591		576
@@ -626,10 +611,6 @@ EVP_PKEY_free_it(EVP_PKEY *x)
626	x->ameth->pkey_free(x);	611	x->ameth->pkey_free(x);
627	x->pkey.ptr = NULL;	612	x->pkey.ptr = NULL;
628	}	613	}
629	#ifndef OPENSSL_NO_ENGINE
630	ENGINE_finish(x->engine);
631	x->engine = NULL;
632	#endif
633	}	614	}
634		615
635	static int	616	static int