From: Norbert Pocs Date: Thu, 13 Nov 2025 14:53:28 +0000 (+0100) Subject: apps: Remove opt_legacy_okay function X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=4e96426a8d857a13e09a213d72c1f59cf46ee813;p=thirdparty%2Fopenssl.git apps: Remove opt_legacy_okay function The function used to check for ENGINEs to determine if a legacy code path is available, but it makes no sense to keep it after the ENGINE removal, as the legacy path will always fail. Signed-off-by: Norbert Pocs Reviewed-by: Eugene Syromiatnikov Reviewed-by: Tomas Mraz Reviewed-by: Saša Nedvědický Reviewed-by: Saša Nedvědický Reviewed-by: Neil Horman Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/29305) --- diff --git a/apps/include/opt.h b/apps/include/opt.h index 2c4681b2b96..d4fd4f115f2 100644 --- a/apps/include/opt.h +++ b/apps/include/opt.h @@ -433,8 +433,5 @@ char **opt_rest(void); int opt_num_rest(void); int opt_check_rest_arg(const char *expected); -/* Returns non-zero if legacy paths are still available */ -int opt_legacy_okay(void); - #endif /* OSSL_APPS_OPT_H */ diff --git a/apps/lib/apps.c b/apps/lib/apps.c index e043829a103..765832a0b2b 100644 --- a/apps/lib/apps.c +++ b/apps/lib/apps.c @@ -3495,25 +3495,6 @@ EVP_PKEY *app_paramgen(EVP_PKEY_CTX *ctx, const char *alg) return res; } -/* - * Return non-zero if the legacy path is still an option. - * This decision is based on the global command line operations and the - * behaviour thus far. - */ -int opt_legacy_okay(void) -{ - int provider_options = opt_provider_option_given(); - int libctx = app_get0_libctx() != NULL || app_get0_propq() != NULL; - - /* - * Having a provider option specified or a custom library context or - * property query, is a sure sign we're not using legacy. - */ - if (provider_options || libctx) - return 0; - return 1; -} - #define MAX_KEY_SIZE 2048 /* Hope nobody needs mac key longer than 2048 bytes */ /* diff --git a/apps/lib/opt.c b/apps/lib/opt.c index 2d25d563e60..b978120ff48 100644 --- a/apps/lib/opt.c +++ b/apps/lib/opt.c @@ -386,9 +386,7 @@ int opt_cipher_silent(const char *name, EVP_CIPHER **cipherp) ERR_set_mark(); if ((c = EVP_CIPHER_fetch(app_get0_libctx(), name, - app_get0_propq())) != NULL - || (opt_legacy_okay() - && (c = (EVP_CIPHER *)EVP_get_cipherbyname(name)) != NULL)) { + app_get0_propq())) != NULL) { ERR_pop_to_mark(); if (cipherp != NULL) { EVP_CIPHER_free(*cipherp); @@ -447,9 +445,7 @@ int opt_md_silent(const char *name, EVP_MD **mdp) EVP_MD *md; ERR_set_mark(); - if ((md = EVP_MD_fetch(app_get0_libctx(), name, app_get0_propq())) != NULL - || (opt_legacy_okay() - && (md = (EVP_MD *)EVP_get_digestbyname(name)) != NULL)) { + if ((md = EVP_MD_fetch(app_get0_libctx(), name, app_get0_propq())) != NULL) { ERR_pop_to_mark(); if (mdp != NULL) { EVP_MD_free(*mdp); diff --git a/doc/internal/man3/OPTIONS.pod b/doc/internal/man3/OPTIONS.pod index acd7a44038d..bad0bd92ad8 100644 --- a/doc/internal/man3/OPTIONS.pod +++ b/doc/internal/man3/OPTIONS.pod @@ -8,7 +8,7 @@ opt_begin, opt_next, opt_flag, opt_arg, opt_unknown, opt_cipher, opt_cipher_any, opt_cipher_silent, opt_md, opt_int, opt_int_arg, opt_long, opt_ulong, opt_intmax, opt_uintmax, opt_format, opt_isdir, opt_string, opt_pair, -opt_num_rest, opt_rest, opt_legacy_okay +opt_num_rest, opt_rest - Option parsing for commands and tests =head1 SYNOPSIS @@ -53,8 +53,6 @@ opt_num_rest, opt_rest, opt_legacy_okay int opt_num_rest(void); char **opt_rest(void); - int opt_legacy_okay(void); - =head1 DESCRIPTION The functions on this page provide a common set of option-parsing for @@ -292,12 +290,6 @@ The opt_rest() function returns a pointer to the first non-option. If there were no parameters, it will point to the NULL that is at the end of the standard I array. -The opt_legacy_okay() function returns true if no options have been -specified that would preclude using legacy code paths. Currently, -the various provider options preclude legacy operation. This means, -for example, that specifying both B<-provider> and B<-engine> in the -same command line will not work as expected. - =head2 Common Options There are a few groups of options that are common to many OpenSSL programs. diff --git a/test/testutil/apps_shims.c b/test/testutil/apps_shims.c index e4466ea4dc3..f102188f88a 100644 --- a/test/testutil/apps_shims.c +++ b/test/testutil/apps_shims.c @@ -44,13 +44,6 @@ void *app_malloc_array(size_t n, size_t sz, const char *what) return vp; } -/* shim to prevent sucking in too much from apps */ - -int opt_legacy_okay(void) -{ - return 1; -} - /* * These three functions are defined here so that they don't need to come from * the apps source code and pull in a lot of additional things.