From: William A. Rowe Jr Date: Fri, 30 May 2003 18:41:53 +0000 (+0000) Subject: Based on list discussion between myself and Geoff, it seems prudent X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5b98c3f440d778a84313a9013eb6d014d45f92f5;p=thirdparty%2Fapache%2Fhttpd.git Based on list discussion between myself and Geoff, it seems prudent to check for both the existence of the openssl/engine.h header file and some 'expected function' such as ENGINE_init() (better suggestions are welcome.) Also clear up some confusion; so long as we have ENGINE_load_builtin_engines() we should attempt to preload those. This patch protects all ENGINE-based code within the tests for the engine header and function, and changes a version test into a function test. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@100104 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/ssl_engine_config.c b/ssl_engine_config.c index 9a55d17b26e..a2ee3d4d671 100644 --- a/ssl_engine_config.c +++ b/ssl_engine_config.c @@ -510,7 +510,7 @@ const char *ssl_cmd_SSLPassPhraseDialog(cmd_parms *cmd, return NULL; } -#ifdef HAVE_ENGINE_INIT +#if defined(HAVE_OPENSSL_ENGINE_H) && defined(HAVE_ENGINE_INIT) const char *ssl_cmd_SSLCryptoDevice(cmd_parms *cmd, void *dcfg, const char *arg) @@ -518,7 +518,7 @@ const char *ssl_cmd_SSLCryptoDevice(cmd_parms *cmd, SSLModConfigRec *mc = myModConfig(cmd->server); const char *err; ENGINE *e; -#if SSL_LIBRARY_VERSION >= 0x00907000 +#ifdef HAVE_ENGINE_LOAD_BUILTIN_ENGINES static int loaded_engines = FALSE; /* early loading to make sure the engines are already diff --git a/ssl_engine_init.c b/ssl_engine_init.c index e2f49095939..f4e758b9e41 100644 --- a/ssl_engine_init.c +++ b/ssl_engine_init.c @@ -270,7 +270,7 @@ int ssl_init_Module(apr_pool_t *p, apr_pool_t *plog, /* * SSL external crypto device ("engine") support */ -#ifdef HAVE_ENGINE_INIT +#if defined(HAVE_OPENSSL_ENGINE_H) && defined(HAVE_ENGINE_INIT) ssl_init_Engine(base_server, p); #endif @@ -351,7 +351,7 @@ int ssl_init_Module(apr_pool_t *p, apr_pool_t *plog, * Support for external a Crypto Device ("engine"), usually * a hardware accellerator card for crypto operations. */ -#ifdef HAVE_ENGINE_INIT +#if defined(HAVE_OPENSSL_ENGINE_H) && defined(HAVE_ENGINE_INIT) void ssl_init_Engine(server_rec *s, apr_pool_t *p) { SSLModConfigRec *mc = myModConfig(s); diff --git a/ssl_toolkit_compat.h b/ssl_toolkit_compat.h index cba8de88d36..9691ed26dc3 100644 --- a/ssl_toolkit_compat.h +++ b/ssl_toolkit_compat.h @@ -66,7 +66,10 @@ #include #include #include -#ifdef HAVE_ENGINE_INIT +/* Avoid tripping over an engine build installed globally and detected + * when the user points at an explicit non-engine flavor of OpenSSL + */ +#if defined(HAVE_OPENSSL_ENGINE_H) && defined(HAVE_ENGINE_INIT) #include #endif