expose isc__crypto_md in isc/ossl_wrap.h

This is a bit of a namespace convention violation but it fits the spirit of
this header since it is exposing OpenSSL-isms to others.

Further work is needed to make sure the exposed EVP_MD isn't needed
anymore.

diff --git a/lib/dns/opensslecdsa_link.c b/lib/dns/opensslecdsa_link.c
index 7b89b3f25ad1bf141ff9d22dfa2512ab78181f60..2b7518c5760a701f46715178bc510da527bfe482 100644 (file)
--- a/lib/dns/opensslecdsa_link.c
+++ b/lib/dns/opensslecdsa_link.c
@@ -23,6 +23,7 @@
 #include <isc/crypto.h>
 #include <isc/md.h>
 #include <isc/mem.h>
+#include <isc/ossl_wrap.h>
 #include <isc/result.h>
 #include <isc/safe.h>
 #include <isc/string.h>
@@ -35,9 +36,6 @@
 #include "dst_parse.h"
 #include "openssl_shim.h"
 
-/* TODO(aydin): remove this crap */
-extern EVP_MD *isc__crypto_md[];
-
 #ifndef NID_X9_62_prime256v1
 #error "P-256 group is not known (NID_X9_62_prime256v1)"
 #endif /* ifndef NID_X9_62_prime256v1 */

diff --git a/lib/dns/opensslrsa_link.c b/lib/dns/opensslrsa_link.c
index ec24bf202da729cec36c1e162b70be39de5f29ca..6b322ff3b395c0c47a9733742e8a7250f4863dac 100644 (file)
--- a/lib/dns/opensslrsa_link.c
+++ b/lib/dns/opensslrsa_link.c
@@ -35,9 +35,6 @@
 
 #define OPENSSLRSA_MAX_MODULUS_BITS 4096
 
-/* TODO(aydin): remove this crap */
-extern EVP_MD *isc__crypto_md[];
-
 /* length byte + 1.2.840.113549.1.1.11 BER encoded RFC 4055 */
 static unsigned char oid_rsasha256[] = { 0x0b, 0x06, 0x09, 0x2a, 0x86, 0x48,
                                         0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b };

diff --git a/lib/isc/crypto/crypto_p.h b/lib/isc/crypto/crypto_p.h
deleted file mode 100644 (file)
index 899d9a2..0000000
--- a/lib/isc/crypto/crypto_p.h
+++ /dev/null
@@ -1,18 +0,0 @@
-/*
- * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
- *
- * SPDX-License-Identifier: MPL-2.0
- *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, you can obtain one at https://mozilla.org/MPL/2.0/.
- *
- * See the COPYRIGHT file distributed with this work for additional
- * information regarding copyright ownership.
- */
-
-#pragma once
-
-#include <openssl/evp.h>
-
-extern EVP_MD *isc__crypto_md[];

diff --git a/lib/isc/crypto/ossl1_1.c b/lib/isc/crypto/ossl1_1.c
index 6ecbac47bcb37b8e04beaea69d91bad6a6c91196..f67205709501cd7fdf883fd190c0aff8a8a84310 100644 (file)
--- a/lib/isc/crypto/ossl1_1.c
+++ b/lib/isc/crypto/ossl1_1.c
@@ -30,8 +30,6 @@
 #include <isc/safe.h>
 #include <isc/util.h>
 
-#include "crypto_p.h"
-
 #define HMAC_KEY_MAGIC ISC_MAGIC('H', 'M', 'A', 'C')
 
 struct isc_hmac_key {

diff --git a/lib/isc/crypto/ossl3.c b/lib/isc/crypto/ossl3.c
index dc3388a35a42be7969f40bc7bd4cdf6740efcdac..1c2f3cab9da7a6ff89093ca3962104820acabc60 100644 (file)
--- a/lib/isc/crypto/ossl3.c
+++ b/lib/isc/crypto/ossl3.c
@@ -34,8 +34,6 @@
 #include <isc/safe.h>
 #include <isc/util.h>
 
-#include "crypto_p.h"
-
 struct isc_hmac_key {
        uint32_t magic;
        uint32_t len;

diff --git a/lib/isc/crypto/ossl_common.c b/lib/isc/crypto/ossl_common.c
index 41bd2841027f75d474be10363ddb1d4a3b83dfc6..8b5d56925b4c62f7df2f69cb281ce29b8238fa3f 100644 (file)
--- a/lib/isc/crypto/ossl_common.c
+++ b/lib/isc/crypto/ossl_common.c
@@ -16,8 +16,7 @@
 
 #include <isc/crypto.h>
 #include <isc/md.h>
-
-#include "crypto_p.h"
+#include <isc/ossl_wrap.h>
 
 EVP_MD *isc__crypto_md[] = {
        [ISC_MD_UNKNOWN] = NULL, [ISC_MD_MD5] = NULL,    [ISC_MD_SHA1] = NULL,

diff --git a/lib/isc/include/isc/ossl_wrap.h b/lib/isc/include/isc/ossl_wrap.h
index 96f282a13b0bfb7ce2bccedaedaad9e1af074e7d..4831fab405c78333b335127a492b70622a8160e0 100644 (file)
--- a/lib/isc/include/isc/ossl_wrap.h
+++ b/lib/isc/include/isc/ossl_wrap.h
@@ -278,3 +278,10 @@ isc__ossl_wrap_logged_toresult(isc_logcategory_t category,
                               isc_logmodule_t module, const char *funcname,
                               isc_result_t fallback, const char *file,
                               int line);
+
+/*
+ * This is a bit of a namespace convention violation but it fits the spirit of
+ * this header since it is exposing OpenSSL-isms to others.
+ */
+
+extern EVP_MD *isc__crypto_md[];

diff --git a/lib/isc/iterated_hash.c b/lib/isc/iterated_hash.c
index fae098090739b6ec62e6af7661720167fb802fc2..7d8c68a39683ab04f79b93121f63ce7511ddb2a3 100644 (file)
--- a/lib/isc/iterated_hash.c
+++ b/lib/isc/iterated_hash.c
@@ -19,11 +19,10 @@
 
 #include <isc/iterated_hash.h>
 #include <isc/md.h>
+#include <isc/ossl_wrap.h>
 #include <isc/thread.h>
 #include <isc/util.h>
 
-#include "crypto/crypto_p.h"
-
 #if OPENSSL_VERSION_NUMBER < 0x30000000L
 
 #include <openssl/sha.h>

diff --git a/lib/isc/md.c b/lib/isc/md.c
index 87a167984c5c0a5c31fa400ed25dc8f87135ad0a..0c6688f48ea69580b3c1736c183182a2d1327b5a 100644 (file)
--- a/lib/isc/md.c
+++ b/lib/isc/md.c
@@ -18,9 +18,9 @@
 #include <openssl/opensslv.h>
 
 #include <isc/md.h>
+#include <isc/ossl_wrap.h>
 #include <isc/util.h>
 
-#include "crypto/crypto_p.h"
 #include "openssl_shim.h"
 
 isc_md_t *

diff --git a/lib/isc/tls.c b/lib/isc/tls.c
index c4a3fd5ee9b33dbee6e62a9c190dad732c90d73a..68c9b495d5592bf60aae29d7e8fa30b9f4338912 100644 (file)
--- a/lib/isc/tls.c
+++ b/lib/isc/tls.c
@@ -42,6 +42,7 @@
 #include <isc/mem.h>
 #include <isc/mutex.h>
 #include <isc/once.h>
+#include <isc/ossl_wrap.h>
 #include <isc/random.h>
 #include <isc/refcount.h>
 #include <isc/rwlock.h>
@@ -52,9 +53,6 @@
 
 #include "openssl_shim.h"
 
-/* TODO(aydin): remove this crap */
-extern EVP_MD *isc__crypto_md[];
-
 #define COMMON_SSL_OPTIONS \
        (SSL_OP_NO_COMPRESSION | SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION)