From: Norbert Pocs <norbertp@openssl.org>
Date: Thu, 20 Nov 2025 16:59:16 +0000 (+0100)
Subject: Clear util dir from engines
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=9626fb450977cc9bf57c7a13d2fce2ac1f5b7ec0;p=thirdparty%2Fopenssl.git

Clear util dir from engines

Signed-off-by: Norbert Pocs <norbertp@openssl.org>

Reviewed-by: Paul Yang <paulyang.inf@gmail.com>
Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29305)
---

diff --git a/test/evp_kdf_test.c b/test/evp_kdf_test.c
index 7a07168bc66..6a2010b665c 100644
--- a/test/evp_kdf_test.c
+++ b/test/evp_kdf_test.c
@@ -2199,9 +2199,7 @@ static int test_kdf_hmac_drbg_settables(void)
          * the digest is also set
          */
         if (OPENSSL_strcasecmp(settableparams[i].key,
-                               OSSL_KDF_PARAM_PROPERTIES) != 0
-                && OPENSSL_strcasecmp(settableparams[i].key,
-                               OSSL_ALG_PARAM_ENGINE) != 0) {
+                               OSSL_KDF_PARAM_PROPERTIES) != 0) {
             TEST_note("Testing set int into %s fails", settableparams[i].key);
             params[0] = OSSL_PARAM_construct_int(settableparams[i].key, &j);
             if (!TEST_int_le(EVP_KDF_CTX_set_params(kctx, params), 0))
diff --git a/util/err-to-raise b/util/err-to-raise
index 174686d3ab1..4eb9159536b 100755
--- a/util/err-to-raise
+++ b/util/err-to-raise
@@ -13,9 +13,6 @@
 # Consider running util/merge-err-lines first, to catch most (all?) of the
 # cases where the XXXerr() call is split into two lines.
 
-# Do not use this in engines/, they have their own error reporting functions,
-# which do call ERR_raise().
-
 use strict;
 use warnings;
 
diff --git a/util/fix-includes.sed b/util/fix-includes.sed
index 5b9a834b862..16c723bf73d 100644
--- a/util/fix-includes.sed
+++ b/util/fix-includes.sed
@@ -1,5 +1,5 @@
 s|internal/([a-z0-9_]+)_int\.h|crypto/\1.h|g ;
-s@internal/(aria.h|asn1_dsa.h|async.h|bn_dh.h|bn_srp.h|chacha.h|(aes|des|cmll)_platform.h|ctype.h|__DECC_INCLUDE_EPILOGUE.H|__DECC_INCLUDE_PROLOGUE.H|dso_conf.h|dso_conf.h|engine.h|lhash.h|md32_common.h|objects.h|poly1305.h|sha.h|siphash.h|sm2err.h|sm2.h|sm4.h|sparse_array.h|store.h|foobar)@crypto/\1@g ;
+s@internal/(aria.h|asn1_dsa.h|async.h|bn_dh.h|bn_srp.h|chacha.h|(aes|des|cmll)_platform.h|ctype.h|__DECC_INCLUDE_EPILOGUE.H|__DECC_INCLUDE_PROLOGUE.H|dso_conf.h|dso_conf.h|lhash.h|md32_common.h|objects.h|poly1305.h|sha.h|siphash.h|sm2err.h|sm2.h|sm4.h|sparse_array.h|store.h|foobar)@crypto/\1@g ;
 s/constant_time_locl/constant_time/g ;
 s/_lo?cl\.h/_local.h/g ;
 s/_int\.h/_local.h/g ;
diff --git a/util/indent.pro b/util/indent.pro
index 1937cfa476f..6fabf305da9 100644
--- a/util/indent.pro
+++ b/util/indent.pro
@@ -207,22 +207,6 @@
 -T EC_PRIVATEKEY
 -T EC_builtin_curve
 -T EDIPARTYNAME
--T ENGINE
--T ENGINE_CIPHERS_PTR
--T ENGINE_CLEANUP_CB
--T ENGINE_CLEANUP_ITEM
--T ENGINE_CMD_DEFN
--T ENGINE_CTRL_FUNC_PTR
--T ENGINE_DIGESTS_PTR
--T ENGINE_GEN_FUNC_PTR
--T ENGINE_GEN_INT_FUNC_PTR
--T ENGINE_LOAD_KEY_PTR
--T ENGINE_PILE
--T ENGINE_PILE_DOALL
--T ENGINE_PKEY_ASN1_METHS_PTR
--T ENGINE_PKEY_METHS_PTR
--T ENGINE_SSL_CLIENT_CERT_PTR
--T ENGINE_TABLE
 -T ENUMERATED_NAMES
 -T ERR_STATE
 -T ERR_STRING_DATA
@@ -528,8 +512,6 @@
 -T STACK_OF_CONF_VALUE_
 -T STACK_OF_CRYPTO_dynlock_
 -T STACK_OF_DIST_POINT_
--T STACK_OF_ENGINE_
--T STACK_OF_ENGINE_CLEANUP_ITEM_
 -T STACK_OF_ESS_CERT_ID_
 -T STACK_OF_ESS_CERT_ID_V2_
 -T STACK_OF_EVP_PBE_CTL_
@@ -590,7 +572,6 @@
 -T STACK_OF_void_
 -T LHASH_OF_ADDED_OBJ_
 -T LHASH_OF_CONF_VALUE_
--T LHASH_OF_ENGINE_PILE_
 -T LHASH_OF_ERR_STATE_
 -T LHASH_OF_ERR_STRING_DATA_
 -T LHASH_OF_FUNCTION_
diff --git a/util/opensslwrap.sh b/util/opensslwrap.sh
index 7a388302703..3a58bfd71b4 100755
--- a/util/opensslwrap.sh
+++ b/util/opensslwrap.sh
@@ -3,9 +3,6 @@
 HERE="`echo $0 | sed -e 's|[^/]*$||'`"
 OPENSSL="${HERE}../apps/openssl"
 
-if [ -d "${HERE}../engines" -a "x$OPENSSL_ENGINES" = "x" ]; then
-	OPENSSL_ENGINES="${HERE}../engines"; export OPENSSL_ENGINES
-fi
 if [ -d "${HERE}../providers" -a "x$OPENSSL_MODULES" = "x" ]; then
 	OPENSSL_MODULES="${HERE}../providers"; export OPENSSL_MODULES
 fi
diff --git a/util/perl/OpenSSL/paramnames.pm b/util/perl/OpenSSL/paramnames.pm
index eed78467df3..b73863b9855 100644
--- a/util/perl/OpenSSL/paramnames.pm
+++ b/util/perl/OpenSSL/paramnames.pm
@@ -84,14 +84,13 @@ my %params = (
     'OSSL_OBJECT_PARAM_INPUT_TYPE' =>        "input-type", # UTF8_STRING
 
 # Algorithm parameters
-# If "engine",or "properties",are specified, they should always be paired
+# If "properties" is specified, they should always be paired
 # with the algorithm type.
 # Note these are common names that are shared by many types (such as kdf, mac,
 # and pkey) e.g: see MAC_PARAM_DIGEST below.
 
     'OSSL_ALG_PARAM_DIGEST' =>       "digest",       # utf8_string
     'OSSL_ALG_PARAM_CIPHER' =>       "cipher",       # utf8_string
-    'OSSL_ALG_PARAM_ENGINE' =>       "engine",       # utf8_string
     'OSSL_ALG_PARAM_MAC' =>          "mac",          # utf8_string
     'OSSL_ALG_PARAM_PROPERTIES' =>   "properties",   # utf8_string
     'OSSL_ALG_PARAM_FIPS_APPROVED_INDICATOR' => 'fips-indicator',   # int, -1, 0 or 1
@@ -185,7 +184,7 @@ my %params = (
     'OSSL_MAC_PARAM_C_ROUNDS' =>       "c-rounds",      # unsigned int
     'OSSL_MAC_PARAM_D_ROUNDS' =>       "d-rounds",      # unsigned int
 
-# If "engine",or "properties",are specified, they should always be paired
+# If "properties" is specified, they should always be paired
 # with "cipher",or "digest".
 
     'OSSL_MAC_PARAM_CIPHER' =>           '*OSSL_ALG_PARAM_CIPHER',        # utf8 string
@@ -295,7 +294,6 @@ my %params = (
     'OSSL_PKEY_PARAM_SECURITY_CATEGORY' =>   '*OSSL_ALG_PARAM_SECURITY_CATEGORY',
     'OSSL_PKEY_PARAM_DIGEST' =>              '*OSSL_ALG_PARAM_DIGEST',
     'OSSL_PKEY_PARAM_CIPHER' =>              '*OSSL_ALG_PARAM_CIPHER', # utf8 string
-    'OSSL_PKEY_PARAM_ENGINE' =>              '*OSSL_ALG_PARAM_ENGINE', # utf8 string
     'OSSL_PKEY_PARAM_PROPERTIES' =>          '*OSSL_ALG_PARAM_PROPERTIES',
     'OSSL_PKEY_PARAM_DEFAULT_DIGEST' =>      "default-digest",# utf8 string
     'OSSL_PKEY_PARAM_MANDATORY_DIGEST' =>    "mandatory-digest",# utf8 string
@@ -503,7 +501,6 @@ my %params = (
 # Asym cipher parameters
     'OSSL_ASYM_CIPHER_PARAM_DIGEST' =>                   '*OSSL_PKEY_PARAM_DIGEST',
     'OSSL_ASYM_CIPHER_PARAM_PROPERTIES' =>               '*OSSL_PKEY_PARAM_PROPERTIES',
-    'OSSL_ASYM_CIPHER_PARAM_ENGINE' =>                   '*OSSL_PKEY_PARAM_ENGINE',
     'OSSL_ASYM_CIPHER_PARAM_PAD_MODE' =>                 '*OSSL_PKEY_PARAM_PAD_MODE',
     'OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST' =>              '*OSSL_PKEY_PARAM_MGF1_DIGEST',
     'OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST_PROPS' =>        '*OSSL_PKEY_PARAM_MGF1_PROPERTIES',
diff --git a/util/perl/TLSProxy/Proxy.pm b/util/perl/TLSProxy/Proxy.pm
index 91793481e02..aa6c9ff9a8f 100644
--- a/util/perl/TLSProxy/Proxy.pm
+++ b/util/perl/TLSProxy/Proxy.pm
@@ -330,7 +330,7 @@ sub start
     my $execcmd = $self->execute
         ." s_server -no_comp -provider=p_ossltest -provider=default -propquery ?provider=p_ossltest -state"
         #In TLSv1.3 we issue two session tickets. The default session id
-        #callback gets confused because the ossltest engine causes the same
+        #callback gets confused because the ossltest provider causes the same
         #session id to be created twice due to the changed random number
         #generation. Using "-ext_cache" replaces the default callback with a
         #different one that doesn't get confused.
diff --git a/util/wrap.pl.in b/util/wrap.pl.in
index 2c9cb29fec0..221da07b949 100644
--- a/util/wrap.pl.in
+++ b/util/wrap.pl.in
@@ -51,7 +51,6 @@ sub quote_arg_win32 {
 }
 
 my $there = canonpath(catdir(dirname($0), updir()));
-my $std_engines = catdir($there, 'engines');
 my $std_providers = catdir($there, 'providers');
 my $std_openssl_conf = catdir($there, 'apps/openssl.cnf');
 my $unix_shlib_wrap = catfile($there, 'util/shlib_wrap.sh');
@@ -84,8 +83,6 @@ local $ENV{OPENSSL_CONF_INCLUDE} = $std_openssl_conf_include
     if defined $std_openssl_conf_include
        &&($ENV{OPENSSL_CONF_INCLUDE} // '') eq ''
        && -d $std_openssl_conf_include;
-local $ENV{OPENSSL_ENGINES} = $std_engines
-    if ($ENV{OPENSSL_ENGINES} // '') eq '' && -d $std_engines;
 local $ENV{OPENSSL_MODULES} = $std_providers
     if ($ENV{OPENSSL_MODULES} // '') eq '' && -d $std_providers;
 local $ENV{OPENSSL_CONF} = $std_openssl_conf