From: Norbert Pocs Date: Tue, 2 Sep 2025 06:10:11 +0000 (+0200) Subject: Update symbols after OPENSSL_NO_ENGINE clearup X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=255a169aeb9eb23d551db6af4a68d9314f846a2a;p=thirdparty%2Fopenssl.git Update symbols after OPENSSL_NO_ENGINE clearup Signed-off-by: Norbert Pocs Reviewed-by: Matt Caswell Reviewed-by: Saša Nedvědický Reviewed-by: Neil Horman Reviewed-by: Dmitry Belyavskiy Reviewed-by: Saša Nedvědický Reviewed-by: Eugene Syromiatnikov (Merged from https://github.com/openssl/openssl/pull/29305) --- diff --git a/doc/man3/EVP_PKEY_set1_RSA.pod b/doc/man3/EVP_PKEY_set1_RSA.pod index 6489b118940..0a3c83447f6 100644 --- a/doc/man3/EVP_PKEY_set1_RSA.pod +++ b/doc/man3/EVP_PKEY_set1_RSA.pod @@ -9,7 +9,6 @@ EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH, EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_POLY1305, EVP_PKEY_assign_SIPHASH, EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305, EVP_PKEY_get0_siphash, EVP_PKEY_get0, EVP_PKEY_type, EVP_PKEY_get_id, EVP_PKEY_get_base_id, -EVP_PKEY_set1_engine, EVP_PKEY_get0_engine, EVP_PKEY_id, EVP_PKEY_base_id - EVP_PKEY assignment functions @@ -54,9 +53,6 @@ see L: int EVP_PKEY_assign_POLY1305(EVP_PKEY *pkey, ASN1_OCTET_STRING *key); int EVP_PKEY_assign_SIPHASH(EVP_PKEY *pkey, ASN1_OCTET_STRING *key); - ENGINE *EVP_PKEY_get0_engine(const EVP_PKEY *pkey); - int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *engine); - =head1 DESCRIPTION EVP_PKEY_get_base_id() returns the type of I. For example @@ -126,16 +122,6 @@ the provider's key. Subsequent calls to EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() will always return the cached copy returned by the first call. -EVP_PKEY_get0_engine() returns a reference to the ENGINE handling I. This -function is deprecated. Applications should use providers instead of engines -(see L for details). - -EVP_PKEY_set1_engine() sets the ENGINE handling I to I. It -must be called after the key algorithm and components are set up. -If I does not include an B for I an -error occurs. This function is deprecated. Applications should use providers -instead of engines (see L for details). - =head1 WARNINGS The following functions are only reliable with Bs that have @@ -181,9 +167,6 @@ Previous versions of this document suggested using EVP_PKEY_type(pkey->type) to determine the type of a key. Since B is now opaque this is no longer possible: the equivalent is EVP_PKEY_get_base_id(pkey). -EVP_PKEY_set1_engine() is typically used by an ENGINE returning an HSM -key as part of its routine to load a private key. - =head1 RETURN VALUES EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and @@ -200,8 +183,6 @@ and EVP_PKEY_assign_SIPHASH() return 1 for success and 0 for failure. EVP_PKEY_get_base_id(), EVP_PKEY_get_id() and EVP_PKEY_type() return a key type or B (equivalently B) on error. -EVP_PKEY_set1_engine() returns 1 for success and 0 for failure. - =head1 SEE ALSO L, L @@ -217,8 +198,8 @@ EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY, EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY, EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH, EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_POLY1305, EVP_PKEY_assign_SIPHASH, -EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305, EVP_PKEY_get0_siphash, -EVP_PKEY_set1_engine and EVP_PKEY_get0_engine were deprecated in OpenSSL 3.0. +EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305 and EVP_PKEY_get0_siphash +were deprecated in OpenSSL 3.0. The return value from EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY were made const in OpenSSL 3.0. diff --git a/include/openssl/sslerr_legacy.h b/include/openssl/sslerr_legacy.h index 4c353671c7e..55d643df938 100644 --- a/include/openssl/sslerr_legacy.h +++ b/include/openssl/sslerr_legacy.h @@ -171,7 +171,6 @@ OSSL_DEPRECATEDIN_3_0 int ERR_load_SSL_strings(void); # define SSL_F_SSL_CTX_NEW 0 # define SSL_F_SSL_CTX_SET_ALPN_PROTOS 0 # define SSL_F_SSL_CTX_SET_CIPHER_LIST 0 -# define SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE 0 # define SSL_F_SSL_CTX_SET_CT_VALIDATION_CALLBACK 0 # define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT 0 # define SSL_F_SSL_CTX_SET_SSL_VERSION 0 diff --git a/util/libcrypto.num b/util/libcrypto.num index bbdf9af66e0..874c22177ee 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -316,7 +316,6 @@ ERR_load_CT_strings ? 4_0_0 EXIST::FUNCTION:CT,DEPRECATEDIN_ ERR_load_DH_strings ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DH ERR_load_DSA_strings ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DSA ERR_load_EC_strings ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,EC -ERR_load_ENGINE_strings ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,ENGINE ERR_load_ERR_strings ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 ERR_load_EVP_strings ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 ERR_load_KDF_strings ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 @@ -1425,8 +1424,6 @@ EVP_PKEY_can_sign ? 4_0_0 EXIST::FUNCTION: EVP_PKEY_set_type ? 4_0_0 EXIST::FUNCTION: EVP_PKEY_set_type_str ? 4_0_0 EXIST::FUNCTION: EVP_PKEY_set_type_by_keymgmt ? 4_0_0 EXIST::FUNCTION: -EVP_PKEY_set1_engine ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,ENGINE -EVP_PKEY_get0_engine ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,ENGINE EVP_PKEY_assign ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 EVP_PKEY_get0 ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 EVP_PKEY_get0_hmac ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 @@ -2242,7 +2239,6 @@ OSSL_PROVIDER_add_builtin ? 4_0_0 EXIST::FUNCTION: OSSL_PROVIDER_get0_name ? 4_0_0 EXIST::FUNCTION: RAND_set_rand_method ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 RAND_get_rand_method ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 -RAND_set_rand_engine ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,ENGINE RAND_OpenSSL ? 4_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 RAND_bytes ? 4_0_0 EXIST::FUNCTION: RAND_priv_bytes ? 4_0_0 EXIST::FUNCTION: @@ -2767,8 +2763,6 @@ TS_CONF_load_certs ? 4_0_0 EXIST::FUNCTION:TS TS_CONF_load_key ? 4_0_0 EXIST::FUNCTION:TS TS_CONF_get_tsa_section ? 4_0_0 EXIST::FUNCTION:TS TS_CONF_set_serial ? 4_0_0 EXIST::FUNCTION:TS -TS_CONF_set_crypto_device ? 4_0_0 EXIST::FUNCTION:ENGINE,TS -TS_CONF_set_default_engine ? 4_0_0 EXIST::FUNCTION:ENGINE,TS TS_CONF_set_signer_cert ? 4_0_0 EXIST::FUNCTION:TS TS_CONF_set_certs ? 4_0_0 EXIST::FUNCTION:TS TS_CONF_set_signer_key ? 4_0_0 EXIST::FUNCTION:TS diff --git a/util/libssl.num b/util/libssl.num index 54e03438a12..5962e18431b 100644 --- a/util/libssl.num +++ b/util/libssl.num @@ -44,7 +44,6 @@ SSL_CTX_set_info_callback ? 4_0_0 EXIST::FUNCTION: SSL_CTX_get_info_callback ? 4_0_0 EXIST::FUNCTION: SSL_CTX_set_client_cert_cb ? 4_0_0 EXIST::FUNCTION: SSL_CTX_get_client_cert_cb ? 4_0_0 EXIST::FUNCTION: -SSL_CTX_set_client_cert_engine ? 4_0_0 EXIST::FUNCTION:ENGINE SSL_CTX_set_cookie_generate_cb ? 4_0_0 EXIST::FUNCTION: SSL_CTX_set_cookie_verify_cb ? 4_0_0 EXIST::FUNCTION: SSL_CTX_set_stateless_cookie_generate_cb ? 4_0_0 EXIST::FUNCTION: