From b7d752a67e58c888a6cb0373feab44c4147af678 Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Sun, 26 Oct 2025 22:06:35 +0900 Subject: [PATCH] openssl-util: drop unnecessary functions when OpenSSL support is disabled --- src/shared/openssl-util.c | 23 +++++---------------- src/shared/openssl-util.h | 43 ++++++++++++--------------------------- 2 files changed, 18 insertions(+), 48 deletions(-) diff --git a/src/shared/openssl-util.c b/src/shared/openssl-util.c index bb45cf73f66..8fb23a8f923 100644 --- a/src/shared/openssl-util.c +++ b/src/shared/openssl-util.c @@ -1644,25 +1644,20 @@ static int load_x509_certificate_from_provider(const char *provider, const char return -EOPNOTSUPP; #endif } -#endif OpenSSLAskPasswordUI* openssl_ask_password_ui_free(OpenSSLAskPasswordUI *ui) { -#if HAVE_OPENSSL && !defined(OPENSSL_NO_UI_CONSOLE) if (!ui) return NULL; +#ifndef OPENSSL_NO_UI_CONSOLE assert(UI_get_default_method() == ui->method); UI_set_default_method(UI_OpenSSL()); UI_destroy_method(ui->method); - return mfree(ui); -#else - assert(ui == NULL); - return NULL; #endif + return mfree(ui); } int x509_fingerprint(X509 *cert, uint8_t buffer[static SHA256_DIGEST_SIZE]) { -#if HAVE_OPENSSL _cleanup_free_ uint8_t *der = NULL; int dersz; @@ -1674,9 +1669,6 @@ int x509_fingerprint(X509 *cert, uint8_t buffer[static SHA256_DIGEST_SIZE]) { sha256_direct(der, dersz, buffer); return 0; -#else - return log_debug_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), "OpenSSL is not supported, cannot calculate X509 fingerprint."); -#endif } int openssl_load_x509_certificate( @@ -1684,7 +1676,7 @@ int openssl_load_x509_certificate( const char *certificate_source, const char *certificate, X509 **ret) { -#if HAVE_OPENSSL + int r; assert(certificate); @@ -1708,9 +1700,6 @@ int openssl_load_x509_certificate( certificate_source); return 0; -#else - return log_debug_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), "OpenSSL is not supported, cannot load X509 certificate."); -#endif } int openssl_load_private_key( @@ -1720,7 +1709,7 @@ int openssl_load_private_key( const AskPasswordRequest *request, EVP_PKEY **ret_private_key, OpenSSLAskPasswordUI **ret_user_interface) { -#if HAVE_OPENSSL + int r; assert(private_key); @@ -1763,10 +1752,8 @@ int openssl_load_private_key( } return 0; -#else - return log_debug_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), "OpenSSL is not supported, cannot load private key."); -#endif } +#endif int parse_openssl_certificate_source_argument( const char *argument, diff --git a/src/shared/openssl-util.h b/src/shared/openssl-util.h index 46b3b79d946..72b9cfcc902 100644 --- a/src/shared/openssl-util.h +++ b/src/shared/openssl-util.h @@ -66,10 +66,12 @@ DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EC_POINT*, EC_POINT_free, NULL); DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(ECDSA_SIG*, ECDSA_SIG_free, NULL); DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EVP_CIPHER_CTX*, EVP_CIPHER_CTX_free, NULL); DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EVP_MD_CTX*, EVP_MD_CTX_free, NULL); +DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EVP_PKEY*, EVP_PKEY_free, NULL); DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EVP_PKEY_CTX*, EVP_PKEY_CTX_free, NULL); DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(PKCS7*, PKCS7_free, NULL); DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(PKCS7_SIGNER_INFO*, PKCS7_SIGNER_INFO_free, NULL); DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(SSL*, SSL_free, NULL); +DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(X509*, X509_free, NULL); DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(X509_NAME*, X509_NAME_free, NULL); static inline STACK_OF(X509_ALGOR) *x509_algor_free_many(STACK_OF(X509_ALGOR) *attrs) { @@ -177,36 +179,6 @@ static inline int string_hashsum_sha256(const char *s, size_t len, char **ret) { return string_hashsum(s, len, "SHA256", ret); } -#else - -typedef struct X509 X509; -typedef struct EVP_PKEY EVP_PKEY; -typedef struct UI_METHOD UI_METHOD; - -static inline void* X509_free(X509 *p) { - assert(p == NULL); - return NULL; -} - -static inline void* EVP_PKEY_free(EVP_PKEY *p) { - assert(p == NULL); - return NULL; -} - -#endif - -DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(X509*, X509_free, NULL); -DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EVP_PKEY*, EVP_PKEY_free, NULL); - -struct OpenSSLAskPasswordUI { - AskPasswordRequest request; - UI_METHOD *method; -}; - -OpenSSLAskPasswordUI* openssl_ask_password_ui_free(OpenSSLAskPasswordUI *ui); - -DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(OpenSSLAskPasswordUI*, openssl_ask_password_ui_free, NULL); - int x509_fingerprint(X509 *cert, uint8_t buffer[static X509_FINGERPRINT_SIZE]); int openssl_load_x509_certificate( @@ -222,3 +194,14 @@ int openssl_load_private_key( const AskPasswordRequest *request, EVP_PKEY **ret_private_key, OpenSSLAskPasswordUI **ret_user_interface); + +struct OpenSSLAskPasswordUI { + AskPasswordRequest request; +#ifndef OPENSSL_NO_UI_CONSOLE + UI_METHOD *method; +#endif +}; + +OpenSSLAskPasswordUI* openssl_ask_password_ui_free(OpenSSLAskPasswordUI *ui); +DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(OpenSSLAskPasswordUI*, openssl_ask_password_ui_free, NULL); +#endif -- 2.47.3