From: Norbert Pocs Date: Fri, 21 Nov 2025 13:04:20 +0000 (+0100) Subject: Remove OPENSSL_INIT_ENGINE_* definitions X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=5ef339776d835fb0d20a975448dd8d52f6cd1a36;p=thirdparty%2Fopenssl.git Remove OPENSSL_INIT_ENGINE_* definitions Keeping OPENSSL_INIT_ENGINE_ALL_BUILTIN to be defined always to zero as it might be the most used one outside of the library, meanwhile keeping the others undefined unless OPENSSL_ENGINE_STUBS is defined. Resolves: https://github.com/openssl/project/issues/1428 Signed-off-by: Norbert Pocs Reviewed-by: Saša Nedvědický Reviewed-by: Tomas Mraz Reviewed-by: Saša Nedvědický Reviewed-by: Eugene Syromiatnikov Reviewed-by: Neil Horman Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/29305) --- diff --git a/doc/man3/OPENSSL_init_crypto.pod b/doc/man3/OPENSSL_init_crypto.pod index c06e81500e5..03cda784963 100644 --- a/doc/man3/OPENSSL_init_crypto.pod +++ b/doc/man3/OPENSSL_init_crypto.pod @@ -119,55 +119,6 @@ option. With this option the library with automatically initialise the libcrypto async sub-library (see L). This is a default option. -=item OPENSSL_INIT_ENGINE_RDRAND - -With this option the library will automatically load and initialise the -RDRAND engine (if available). This not a default option and is deprecated -in OpenSSL 3.0. - -=item OPENSSL_INIT_ENGINE_DYNAMIC - -With this option the library will automatically load and initialise the -dynamic engine. This not a default option and is deprecated -in OpenSSL 3.0. - -=item OPENSSL_INIT_ENGINE_OPENSSL - -With this option the library will automatically load and initialise the -openssl engine. This not a default option and is deprecated -in OpenSSL 3.0. - -=item OPENSSL_INIT_ENGINE_CRYPTODEV - -With this option the library will automatically load and initialise the -cryptodev engine (if available). This not a default option and is deprecated -in OpenSSL 3.0. - -=item OPENSSL_INIT_ENGINE_CAPI - -With this option the library will automatically load and initialise the -CAPI engine (if available). This not a default option and is deprecated -in OpenSSL 3.0. - -=item OPENSSL_INIT_ENGINE_PADLOCK - -With this option the library will automatically load and initialise the -padlock engine (if available). This not a default option and is deprecated -in OpenSSL 3.0. - -=item OPENSSL_INIT_ENGINE_AFALG - -With this option the library will automatically load and initialise the -AFALG engine. This not a default option and is deprecated -in OpenSSL 3.0. - -=item OPENSSL_INIT_ENGINE_ALL_BUILTIN - -With this option the library will automatically load and initialise all the -built in engines listed above with the exception of the openssl and afalg -engines. This not a default option and is deprecated -in OpenSSL 3.0. - =item OPENSSL_INIT_ATFORK With this option the library will register its fork handlers. diff --git a/include/openssl/crypto.h.in b/include/openssl/crypto.h.in index c78e72b7ed0..0d9852cd9a9 100644 --- a/include/openssl/crypto.h.in +++ b/include/openssl/crypto.h.in @@ -480,13 +480,6 @@ int CRYPTO_memcmp(const void * in_a, const void * in_b, size_t len); # define OPENSSL_INIT_LOAD_CONFIG 0x00000040L # define OPENSSL_INIT_NO_LOAD_CONFIG 0x00000080L # define OPENSSL_INIT_ASYNC 0x00000100L -# define OPENSSL_INIT_ENGINE_RDRAND 0x00000200L -# define OPENSSL_INIT_ENGINE_DYNAMIC 0x00000400L -# define OPENSSL_INIT_ENGINE_OPENSSL 0x00000800L -# define OPENSSL_INIT_ENGINE_CRYPTODEV 0x00001000L -# define OPENSSL_INIT_ENGINE_CAPI 0x00002000L -# define OPENSSL_INIT_ENGINE_PADLOCK 0x00004000L -# define OPENSSL_INIT_ENGINE_AFALG 0x00008000L /* FREE: 0x00010000L */ # define OPENSSL_INIT_ATFORK 0x00020000L /* OPENSSL_INIT_BASE_ONLY 0x00040000L */ @@ -500,11 +493,18 @@ int CRYPTO_memcmp(const void * in_a, const void * in_b, size_t len); /* FREE: 0x80000000L */ /* Max OPENSSL_INIT flag value is 0x80000000 */ -/* openssl and dasync not counted as builtin */ -# define OPENSSL_INIT_ENGINE_ALL_BUILTIN \ - (OPENSSL_INIT_ENGINE_RDRAND | OPENSSL_INIT_ENGINE_DYNAMIC \ - | OPENSSL_INIT_ENGINE_CRYPTODEV | OPENSSL_INIT_ENGINE_CAPI | \ - OPENSSL_INIT_ENGINE_PADLOCK) +/* ENGINEs are no longer available */ +# define OPENSSL_INIT_ENGINE_ALL_BUILTIN 0 + +# ifdef OPENSSL_ENGINE_STUBS +# define OPENSSL_INIT_ENGINE_RDRAND 0 +# define OPENSSL_INIT_ENGINE_DYNAMIC 0 +# define OPENSSL_INIT_ENGINE_OPENSSL 0 +# define OPENSSL_INIT_ENGINE_CRYPTODEV 0 +# define OPENSSL_INIT_ENGINE_CAPI 0 +# define OPENSSL_INIT_ENGINE_PADLOCK 0 +# define OPENSSL_INIT_ENGINE_AFALG 0 +# endif /* Library initialisation functions */ void OPENSSL_cleanup(void); diff --git a/include/openssl/engine.h b/include/openssl/engine.h index 11f5ee08229..7e4c19c3ec6 100644 --- a/include/openssl/engine.h +++ b/include/openssl/engine.h @@ -417,22 +417,15 @@ ENGINE_FUNC(ENGINE *, ENGINE_by_id, (const char *id), (id), NULL) # endif # ifndef OPENSSL_NO_DEPRECATED_1_1_0 -# define ENGINE_load_openssl() \ - OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_OPENSSL, NULL) -# define ENGINE_load_dynamic() \ - OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_DYNAMIC, NULL) +ENGINE_FUNC_NOARGS(int, ENGINE_load_openssl, 0) +ENGINE_FUNC_NOARGS(int, ENGINE_load_dynamic, 0) +ENGINE_FUNC_NOARGS(int, ENGINE_load_cryptodev, 0) +ENGINE_FUNC_NOARGS(int, ENGINE_load_rdrand, 0) # ifndef OPENSSL_NO_STATIC_ENGINE -# define ENGINE_load_padlock() \ - OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_PADLOCK, NULL) -# define ENGINE_load_capi() \ - OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_CAPI, NULL) -# define ENGINE_load_afalg() \ - OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_AFALG, NULL) +ENGINE_FUNC_NOARGS(int, ENGINE_load_padlock, 0) +ENGINE_FUNC_NOARGS(int, ENGINE_load_capi, 0) +ENGINE_FUNC_NOARGS(int, ENGINE_load_afalg, 0) # endif -# define ENGINE_load_cryptodev() \ - OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_CRYPTODEV, NULL) -# define ENGINE_load_rdrand() \ - OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_RDRAND, NULL) # endif # ifndef OPENSSL_NO_DEPRECATED_3_0 /* OSSL_DEPRECATEDIN_3_0 void ENGINE_load_builtin_engines(void); */