Unifdef OPENSSL_NO_ENGINE in libssl

As usual, a few manual fixes to avoid duplicate lines. ok jsing
author: tb <> 2023-11-19 15:51:49 +0000
committer: tb <> 2023-11-19 15:51:49 +0000
commit: aeabb2194b33a83bfaeb9720b483321f7244a982 (patch)
tree: 4d4566481f9384da75d08186ae99eaccd2b1b02d /src/lib/libssl/ssl_lib.c
parent: 0822368d2c2280cffb45de621306b0a04716bb24 (diff)
download: openbsd-aeabb2194b33a83bfaeb9720b483321f7244a982.tar.gz
openbsd-aeabb2194b33a83bfaeb9720b483321f7244a982.tar.bz2
openbsd-aeabb2194b33a83bfaeb9720b483321f7244a982.zip
1 files changed, 1 insertions, 29 deletions
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index 0ac393f73c..9e65095c6c 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.314 2023/09/19 01:22:31 tb Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.315 2023/11/19 15:51:49 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -154,10 +154,6 @@
 #include <openssl/opensslconf.h>
 #include <openssl/x509v3.h>
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
 #include "bytestring.h"
 #include "dtls_local.h"
 #include "ssl_local.h"
@@ -2164,26 +2160,6 @@ SSL_CTX_new(const SSL_METHOD *meth)
        ret->tlsext_status_cb = 0;
        ret->tlsext_status_arg = NULL;
-#ifndef OPENSSL_NO_ENGINE
-        ret->client_cert_engine = NULL;
-#ifdef OPENSSL_SSL_CLIENT_ENGINE_AUTO
-#define eng_strx(x)     #x
-#define eng_str(x)      eng_strx(x)
-        /* Use specific client engine automatically... ignore errors */
-        {
-                ENGINE *eng;
-                eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
-                if (!eng) {
-                        ERR_clear_error();
-                        ENGINE_load_builtin_engines();
-                        eng = ENGINE_by_id(eng_str(
-                            OPENSSL_SSL_CLIENT_ENGINE_AUTO));
-                }
-                if (!eng || !SSL_CTX_set_client_cert_engine(ret, eng))
-                        ERR_clear_error();
-        }
-#endif
-#endif
        /*
         * Default is to connect to non-RI servers. When RI is more widely
         * deployed might change this.
@@ -2241,10 +2217,6 @@ SSL_CTX_free(SSL_CTX *ctx)
                sk_SRTP_PROTECTION_PROFILE_free(ctx->srtp_profiles);
 #endif
-#ifndef OPENSSL_NO_ENGINE
-        ENGINE_finish(ctx->client_cert_engine);
-#endif
        free(ctx->tlsext_ecpointformatlist);
        free(ctx->tlsext_supportedgroups);
author	tb <>	2023-11-19 15:51:49 +0000
committer	tb <>	2023-11-19 15:51:49 +0000
commit	aeabb2194b33a83bfaeb9720b483321f7244a982 (patch)
tree	4d4566481f9384da75d08186ae99eaccd2b1b02d /src/lib/libssl/ssl_lib.c
parent	0822368d2c2280cffb45de621306b0a04716bb24 (diff)
download	openbsd-aeabb2194b33a83bfaeb9720b483321f7244a982.tar.gz openbsd-aeabb2194b33a83bfaeb9720b483321f7244a982.tar.bz2 openbsd-aeabb2194b33a83bfaeb9720b483321f7244a982.zip

diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c index 0ac393f73c..9e65095c6c 100644 --- a/src/lib/libssl/ssl_lib.c +++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_lib.c,v 1.314 2023/09/19 01:22:31 tb Exp $ */	1	/* $OpenBSD: ssl_lib.c,v 1.315 2023/11/19 15:51:49 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -154,10 +154,6 @@
154	#include <openssl/opensslconf.h>	154	#include <openssl/opensslconf.h>
155	#include <openssl/x509v3.h>	155	#include <openssl/x509v3.h>
156		156
157	#ifndef OPENSSL_NO_ENGINE
158	#include <openssl/engine.h>
159	#endif
160
161	#include "bytestring.h"	157	#include "bytestring.h"
162	#include "dtls_local.h"	158	#include "dtls_local.h"
163	#include "ssl_local.h"	159	#include "ssl_local.h"
@@ -2164,26 +2160,6 @@ SSL_CTX_new(const SSL_METHOD *meth)
2164	ret->tlsext_status_cb = 0;	2160	ret->tlsext_status_cb = 0;
2165	ret->tlsext_status_arg = NULL;	2161	ret->tlsext_status_arg = NULL;
2166		2162
2167	#ifndef OPENSSL_NO_ENGINE
2168	ret->client_cert_engine = NULL;
2169	#ifdef OPENSSL_SSL_CLIENT_ENGINE_AUTO
2170	#define eng_strx(x) #x
2171	#define eng_str(x) eng_strx(x)
2172	/* Use specific client engine automatically... ignore errors */
2173	{
2174	ENGINE *eng;
2175	eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
2176	if (!eng) {
2177	ERR_clear_error();
2178	ENGINE_load_builtin_engines();
2179	eng = ENGINE_by_id(eng_str(
2180	OPENSSL_SSL_CLIENT_ENGINE_AUTO));
2181	}
2182	if (!eng \|\| !SSL_CTX_set_client_cert_engine(ret, eng))
2183	ERR_clear_error();
2184	}
2185	#endif
2186	#endif
2187	/*	2163	/*
2188	* Default is to connect to non-RI servers. When RI is more widely	2164	* Default is to connect to non-RI servers. When RI is more widely
2189	* deployed might change this.	2165	* deployed might change this.
@@ -2241,10 +2217,6 @@ SSL_CTX_free(SSL_CTX *ctx)
2241	sk_SRTP_PROTECTION_PROFILE_free(ctx->srtp_profiles);	2217	sk_SRTP_PROTECTION_PROFILE_free(ctx->srtp_profiles);
2242	#endif	2218	#endif
2243		2219
2244	#ifndef OPENSSL_NO_ENGINE
2245	ENGINE_finish(ctx->client_cert_engine);
2246	#endif
2247
2248	free(ctx->tlsext_ecpointformatlist);	2220	free(ctx->tlsext_ecpointformatlist);
2249	free(ctx->tlsext_supportedgroups);	2221	free(ctx->tlsext_supportedgroups);
2250		2222