From: John Baldwin <jhb@FreeBSD.org>
Date: Sat, 21 Nov 2020 01:07:35 +0000 (-0800)
Subject: Use CRIOGET to fetch a crypto descriptor when present.
X-Git-Tag: openssl-3.0.0-alpha10~5
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b39c215decf6e68c28cb64dcfaf5ae5a7e8d35b4;p=thirdparty%2Fopenssl.git

Use CRIOGET to fetch a crypto descriptor when present.

FreeBSD's current /dev/crypto implementation requires that consumers
clone a separate file descriptor via the CRIOGET ioctl that can then
be used with other ioctls such as CIOCGSESSION.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/13468)
---

diff --git a/engines/e_devcrypto.c b/engines/e_devcrypto.c
index d54ca3bbc11..6715ef408e3 100644
--- a/engines/e_devcrypto.c
+++ b/engines/e_devcrypto.c
@@ -1172,10 +1172,12 @@ static int devcrypto_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
  */
 static int open_devcrypto(void)
 {
+    int fd;
+
     if (cfd >= 0)
         return 1;
 
-    if ((cfd = open("/dev/crypto", O_RDWR, 0)) < 0) {
+    if ((fd = open("/dev/crypto", O_RDWR, 0)) < 0) {
 #ifndef ENGINE_DEVCRYPTO_DEBUG
         if (errno != ENOENT)
 #endif
@@ -1183,6 +1185,16 @@ static int open_devcrypto(void)
         return 0;
     }
 
+#ifdef CRIOGET
+    if (ioctl(fd, CRIOGET, &cfd) < 0) {
+        fprintf(stderr, "Could not create crypto fd: %s\n", strerror(errno));
+        cfd = -1;
+        return 0;
+    }
+#else
+    cfd = fd;
+#endif
+
     return 1;
 }