Commit dfcc4c1a authored by William A. Rowe Jr's avatar William A. Rowe Jr
Browse files 

  Based on list discussion between myself and Geoff, it seems prudent
  to check for both the existence of the openssl/engine.h header file
  and some 'expected function' such as ENGINE_init() (better suggestions
  are welcome.)  Also clear up some confusion; so long as we have
  ENGINE_load_builtin_engines() we should attempt to preload those.

  This patch protects all ENGINE-based code within the tests for the
  engine header and function, and changes a version test into a
  function test.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@100104 13f79535-47bb-0310-9956-ffa450edef68
parent 2138c9b3

ssl_engine_config.c

+2 −2
Original line number Diff line number Diff line
@@ -510,7 +510,7 @@ const char *ssl_cmd_SSLPassPhraseDialog(cmd_parms *cmd, 
    return NULL;

}



#ifdef HAVE_ENGINE_INIT

#if defined(HAVE_OPENSSL_ENGINE_H) && defined(HAVE_ENGINE_INIT)

const char *ssl_cmd_SSLCryptoDevice(cmd_parms *cmd,

                                    void *dcfg,

                                    const char *arg)
@@ -518,7 +518,7 @@ const char *ssl_cmd_SSLCryptoDevice(cmd_parms *cmd, 
    SSLModConfigRec *mc = myModConfig(cmd->server);

    const char *err;

    ENGINE *e;

#if SSL_LIBRARY_VERSION >= 0x00907000

#ifdef HAVE_ENGINE_LOAD_BUILTIN_ENGINES

    static int loaded_engines = FALSE;



    /* early loading to make sure the engines are already

ssl_engine_init.c

+2 −2
Original line number Diff line number Diff line
@@ -270,7 +270,7 @@ int ssl_init_Module(apr_pool_t *p, apr_pool_t *plog, 
    /*

     * SSL external crypto device ("engine") support

     */

#ifdef HAVE_ENGINE_INIT

#if defined(HAVE_OPENSSL_ENGINE_H) && defined(HAVE_ENGINE_INIT)

    ssl_init_Engine(base_server, p);

#endif
@@ -351,7 +351,7 @@ int ssl_init_Module(apr_pool_t *p, apr_pool_t *plog, 
 * Support for external a Crypto Device ("engine"), usually

 * a hardware accellerator card for crypto operations.

 */

#ifdef HAVE_ENGINE_INIT

#if defined(HAVE_OPENSSL_ENGINE_H) && defined(HAVE_ENGINE_INIT)

void ssl_init_Engine(server_rec *s, apr_pool_t *p)

{

    SSLModConfigRec *mc = myModConfig(s);

ssl_toolkit_compat.h

+4 −1
Original line number Diff line number Diff line
@@ -66,7 +66,10 @@ 
#include <openssl/evp.h>

#include <openssl/rand.h>

#include <openssl/x509v3.h>

#ifdef HAVE_ENGINE_INIT

/* Avoid tripping over an engine build installed globally and detected

 * when the user points at an explicit non-engine flavor of OpenSSL

 */

#if defined(HAVE_OPENSSL_ENGINE_H) && defined(HAVE_ENGINE_INIT)

#include <openssl/engine.h>

#endif