diff options
| author | Kazuki Yamaguchi <k@rhe.jp> | 2021-04-15 00:51:58 +0900 |
|---|---|---|
| committer | Kazuki Yamaguchi <k@rhe.jp> | 2021-12-20 19:07:03 +0900 |
| commit | 69a27d8de4bd291cb4eb21a4d715b197e7da5a06 (patch) | |
| tree | 9f50f100009a68505158cbef33d8af888aa00aff | |
| parent | 46995816392a79d037df5550b2fb226652c06f42 (diff) | |
| download | ruby-openssl-69a27d8de4bd291cb4eb21a4d715b197e7da5a06.tar.gz | |
engine: disable OpenSSL::Engine on OpenSSL 3.0
The entire ENGINE API is deprecated in OpenSSL 3.0 in favor of the new
"Provider" concept.
OpenSSL::Engine will not be defined when compiled with OpenSSL 3.0.
We would need a way to interact with providers from Ruby programs, but
since the concept is completely different from the ENGINE API, it will
not be through the current OpenSSL::Engine interface.
| -rw-r--r-- | ext/openssl/openssl_missing.c | 3 | ||||
| -rw-r--r-- | ext/openssl/ossl.h | 8 | ||||
| -rw-r--r-- | ext/openssl/ossl_engine.c | 3 | ||||
| -rw-r--r-- | ext/openssl/ossl_pkey.c | 4 |
4 files changed, 11 insertions, 7 deletions
diff --git a/ext/openssl/openssl_missing.c b/ext/openssl/openssl_missing.c index 8b93cba6..4415703d 100644 --- a/ext/openssl/openssl_missing.c +++ b/ext/openssl/openssl_missing.c @@ -10,9 +10,6 @@ #include RUBY_EXTCONF_H #include <string.h> /* memcpy() */ -#if !defined(OPENSSL_NO_ENGINE) -# include <openssl/engine.h> -#endif #include <openssl/x509_vfy.h> #include "openssl_missing.h" diff --git a/ext/openssl/ossl.h b/ext/openssl/ossl.h index 3a0ab1e5..4b512689 100644 --- a/ext/openssl/ossl.h +++ b/ext/openssl/ossl.h @@ -18,6 +18,7 @@ #include <ruby/io.h> #include <ruby/thread.h> #include <openssl/opensslv.h> + #include <openssl/err.h> #include <openssl/asn1.h> #include <openssl/x509v3.h> @@ -30,9 +31,6 @@ #include <openssl/ts.h> #endif #include <openssl/crypto.h> -#if !defined(OPENSSL_NO_ENGINE) -# include <openssl/engine.h> -#endif #if !defined(OPENSSL_NO_OCSP) # include <openssl/ocsp.h> #endif @@ -54,6 +52,10 @@ (LIBRESSL_VERSION_NUMBER >= (maj << 28) | (min << 20) | (pat << 12)) #endif +#if !defined(OPENSSL_NO_ENGINE) && !OSSL_OPENSSL_PREREQ(3, 0, 0) +# define OSSL_USE_ENGINE +#endif + /* * Common Module */ diff --git a/ext/openssl/ossl_engine.c b/ext/openssl/ossl_engine.c index 661a1368..1abde7f7 100644 --- a/ext/openssl/ossl_engine.c +++ b/ext/openssl/ossl_engine.c @@ -9,7 +9,8 @@ */ #include "ossl.h" -#if !defined(OPENSSL_NO_ENGINE) +#ifdef OSSL_USE_ENGINE +# include <openssl/engine.h> #define NewEngine(klass) \ TypedData_Wrap_Struct((klass), &ossl_engine_type, 0) diff --git a/ext/openssl/ossl_pkey.c b/ext/openssl/ossl_pkey.c index 7030be3c..94760d32 100644 --- a/ext/openssl/ossl_pkey.c +++ b/ext/openssl/ossl_pkey.c @@ -9,6 +9,10 @@ */ #include "ossl.h" +#ifdef OSSL_USE_ENGINE +# include <openssl/engine.h> +#endif + /* * Classes */ |