Update symbols after OPENSSL_NO_ENGINE clearup

Signed-off-by: Norbert Pocs <norbertp@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29305)

diff --git a/doc/man3/EVP_PKEY_set1_RSA.pod b/doc/man3/EVP_PKEY_set1_RSA.pod
index 6489b1189403b40acf38523a8b74051db0ee54d4..0a3c83447f6eb9e0136316aadc00c228f54c0086 100644 (file)
--- a/doc/man3/EVP_PKEY_set1_RSA.pod
+++ b/doc/man3/EVP_PKEY_set1_RSA.pod
@@ -9,7 +9,6 @@ EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH,
 EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_POLY1305, EVP_PKEY_assign_SIPHASH,
 EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305, EVP_PKEY_get0_siphash,
 EVP_PKEY_get0, EVP_PKEY_type, EVP_PKEY_get_id, EVP_PKEY_get_base_id,
-EVP_PKEY_set1_engine, EVP_PKEY_get0_engine,
 EVP_PKEY_id, EVP_PKEY_base_id -
 EVP_PKEY assignment functions
 
@@ -54,9 +53,6 @@ see L<openssl_user_macros(7)>:
  int EVP_PKEY_assign_POLY1305(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
  int EVP_PKEY_assign_SIPHASH(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
 
- ENGINE *EVP_PKEY_get0_engine(const EVP_PKEY *pkey);
- int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *engine);
-
 =head1 DESCRIPTION
 
 EVP_PKEY_get_base_id() returns the type of I<pkey>. For example
@@ -126,16 +122,6 @@ the provider's key. Subsequent calls to EVP_PKEY_get1_RSA(),
 EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() will always
 return the cached copy returned by the first call.
 
-EVP_PKEY_get0_engine() returns a reference to the ENGINE handling I<pkey>. This
-function is deprecated. Applications should use providers instead of engines
-(see L<provider(7)> for details).
-
-EVP_PKEY_set1_engine() sets the ENGINE handling I<pkey> to I<engine>. It
-must be called after the key algorithm and components are set up.
-If I<engine> does not include an B<EVP_PKEY_METHOD> for I<pkey> an
-error occurs. This function is deprecated. Applications should use providers
-instead of engines (see L<provider(7)> for details).
-
 =head1 WARNINGS
 
 The following functions are only reliable with B<EVP_PKEY>s that have
@@ -181,9 +167,6 @@ Previous versions of this document suggested using EVP_PKEY_type(pkey->type)
 to determine the type of a key. Since B<EVP_PKEY> is now opaque this
 is no longer possible: the equivalent is EVP_PKEY_get_base_id(pkey).
 
-EVP_PKEY_set1_engine() is typically used by an ENGINE returning an HSM
-key as part of its routine to load a private key.
-
 =head1 RETURN VALUES
 
 EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and
@@ -200,8 +183,6 @@ and EVP_PKEY_assign_SIPHASH() return 1 for success and 0 for failure.
 EVP_PKEY_get_base_id(), EVP_PKEY_get_id() and EVP_PKEY_type() return a key
 type or B<NID_undef> (equivalently B<EVP_PKEY_NONE>) on error.
 
-EVP_PKEY_set1_engine() returns 1 for success and 0 for failure.
-
 =head1 SEE ALSO
 
 L<EVP_PKEY_new(3)>, L<SM2(7)>
@@ -217,8 +198,8 @@ EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY,
 EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY,
 EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH,
 EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_POLY1305, EVP_PKEY_assign_SIPHASH,
-EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305, EVP_PKEY_get0_siphash,
-EVP_PKEY_set1_engine and EVP_PKEY_get0_engine were deprecated in OpenSSL 3.0.
+EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305 and EVP_PKEY_get0_siphash
+were deprecated in OpenSSL 3.0.
 
 The return value from EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH,
 EVP_PKEY_get0_EC_KEY were made const in OpenSSL 3.0.

diff --git a/include/openssl/sslerr_legacy.h b/include/openssl/sslerr_legacy.h
index 4c353671c7e88469b23a178fa86b44824a654105..55d643df9384d20b341b2948632fe211ddab25dd 100644 (file)
--- a/include/openssl/sslerr_legacy.h
+++ b/include/openssl/sslerr_legacy.h
@@ -171,7 +171,6 @@ OSSL_DEPRECATEDIN_3_0 int ERR_load_SSL_strings(void);
 #  define SSL_F_SSL_CTX_NEW                                0
 #  define SSL_F_SSL_CTX_SET_ALPN_PROTOS                    0
 #  define SSL_F_SSL_CTX_SET_CIPHER_LIST                    0
-#  define SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE             0
 #  define SSL_F_SSL_CTX_SET_CT_VALIDATION_CALLBACK         0
 #  define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT             0
 #  define SSL_F_SSL_CTX_SET_SSL_VERSION                    0

diff --git a/util/libcrypto.num b/util/libcrypto.num
index bbdf9af66e05f9b5f57ddd795df1a20ae6d999ed..874c22177eecbc729a5da7ca6f4dcef20cc2e7e4 100644 (file)
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -316,7 +316,6 @@ ERR_load_CT_strings                     ?   4_0_0   EXIST::FUNCTION:CT,DEPRECATEDIN_
 ERR_load_DH_strings                     ?      4_0_0   EXIST::FUNCTION:DEPRECATEDIN_3_0,DH
 ERR_load_DSA_strings                    ?      4_0_0   EXIST::FUNCTION:DEPRECATEDIN_3_0,DSA
 ERR_load_EC_strings                     ?      4_0_0   EXIST::FUNCTION:DEPRECATEDIN_3_0,EC
-ERR_load_ENGINE_strings                 ?      4_0_0   EXIST::FUNCTION:DEPRECATEDIN_3_0,ENGINE
 ERR_load_ERR_strings                    ?      4_0_0   EXIST::FUNCTION:DEPRECATEDIN_3_0
 ERR_load_EVP_strings                    ?      4_0_0   EXIST::FUNCTION:DEPRECATEDIN_3_0
 ERR_load_KDF_strings                    ?      4_0_0   EXIST::FUNCTION:DEPRECATEDIN_3_0
@@ -1425,8 +1424,6 @@ EVP_PKEY_can_sign                       ? 4_0_0   EXIST::FUNCTION:
 EVP_PKEY_set_type                       ?      4_0_0   EXIST::FUNCTION:
 EVP_PKEY_set_type_str                   ?      4_0_0   EXIST::FUNCTION:
 EVP_PKEY_set_type_by_keymgmt            ?      4_0_0   EXIST::FUNCTION:
-EVP_PKEY_set1_engine                    ?      4_0_0   EXIST::FUNCTION:DEPRECATEDIN_3_0,ENGINE
-EVP_PKEY_get0_engine                    ?      4_0_0   EXIST::FUNCTION:DEPRECATEDIN_3_0,ENGINE
 EVP_PKEY_assign                         ?      4_0_0   EXIST::FUNCTION:DEPRECATEDIN_3_0
 EVP_PKEY_get0                           ?      4_0_0   EXIST::FUNCTION:DEPRECATEDIN_3_0
 EVP_PKEY_get0_hmac                      ?      4_0_0   EXIST::FUNCTION:DEPRECATEDIN_3_0
@@ -2242,7 +2239,6 @@ OSSL_PROVIDER_add_builtin               ? 4_0_0   EXIST::FUNCTION:
 OSSL_PROVIDER_get0_name                 ?      4_0_0   EXIST::FUNCTION:
 RAND_set_rand_method                    ?      4_0_0   EXIST::FUNCTION:DEPRECATEDIN_3_0
 RAND_get_rand_method                    ?      4_0_0   EXIST::FUNCTION:DEPRECATEDIN_3_0
-RAND_set_rand_engine                    ?      4_0_0   EXIST::FUNCTION:DEPRECATEDIN_3_0,ENGINE
 RAND_OpenSSL                            ?      4_0_0   EXIST::FUNCTION:DEPRECATEDIN_3_0
 RAND_bytes                              ?      4_0_0   EXIST::FUNCTION:
 RAND_priv_bytes                         ?      4_0_0   EXIST::FUNCTION:
@@ -2767,8 +2763,6 @@ TS_CONF_load_certs                      ? 4_0_0   EXIST::FUNCTION:TS
 TS_CONF_load_key                        ?      4_0_0   EXIST::FUNCTION:TS
 TS_CONF_get_tsa_section                 ?      4_0_0   EXIST::FUNCTION:TS
 TS_CONF_set_serial                      ?      4_0_0   EXIST::FUNCTION:TS
-TS_CONF_set_crypto_device               ?      4_0_0   EXIST::FUNCTION:ENGINE,TS
-TS_CONF_set_default_engine              ?      4_0_0   EXIST::FUNCTION:ENGINE,TS
 TS_CONF_set_signer_cert                 ?      4_0_0   EXIST::FUNCTION:TS
 TS_CONF_set_certs                       ?      4_0_0   EXIST::FUNCTION:TS
 TS_CONF_set_signer_key                  ?      4_0_0   EXIST::FUNCTION:TS

diff --git a/util/libssl.num b/util/libssl.num
index 54e03438a12a281b61039c62886e4d42a667bfec..5962e18431bc6b590c72c2deb2f01e56ad694ba7 100644 (file)
--- a/util/libssl.num
+++ b/util/libssl.num
@@ -44,7 +44,6 @@ SSL_CTX_set_info_callback               ?     4_0_0   EXIST::FUNCTION:
 SSL_CTX_get_info_callback               ?      4_0_0   EXIST::FUNCTION:
 SSL_CTX_set_client_cert_cb              ?      4_0_0   EXIST::FUNCTION:
 SSL_CTX_get_client_cert_cb              ?      4_0_0   EXIST::FUNCTION:
-SSL_CTX_set_client_cert_engine          ?      4_0_0   EXIST::FUNCTION:ENGINE
 SSL_CTX_set_cookie_generate_cb          ?      4_0_0   EXIST::FUNCTION:
 SSL_CTX_set_cookie_verify_cb            ?      4_0_0   EXIST::FUNCTION:
 SSL_CTX_set_stateless_cookie_generate_cb ?     4_0_0   EXIST::FUNCTION: