diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2021-04-15 00:51:58 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2021-12-20 23:42:03 +0900 |
commit | b2fb503dabaf421997f20fa96cbf4e11e5d5206d (patch) | |
tree | 831bb1abc34e05488c9d12d4d757c38a5ef56c63 /ext/openssl | |
parent | 79a6f4349d0aebc7ee2141df43d35f17642fc096 (diff) |
[ruby/openssl] engine: disable OpenSSL::Engine on OpenSSL 3.0
The entire ENGINE API is deprecated in OpenSSL 3.0 in favor of the new
"Provider" concept.
OpenSSL::Engine will not be defined when compiled with OpenSSL 3.0.
We would need a way to interact with providers from Ruby programs, but
since the concept is completely different from the ENGINE API, it will
not be through the current OpenSSL::Engine interface.
https://github.com/ruby/openssl/commit/69a27d8de4
Diffstat (limited to 'ext/openssl')
-rw-r--r-- | ext/openssl/openssl_missing.c | 3 | ||||
-rw-r--r-- | ext/openssl/ossl.h | 8 | ||||
-rw-r--r-- | ext/openssl/ossl_engine.c | 3 | ||||
-rw-r--r-- | ext/openssl/ossl_pkey.c | 4 |
4 files changed, 11 insertions, 7 deletions
diff --git a/ext/openssl/openssl_missing.c b/ext/openssl/openssl_missing.c index 8b93cba6d4..4415703db4 100644 --- a/ext/openssl/openssl_missing.c +++ b/ext/openssl/openssl_missing.c @@ -10,9 +10,6 @@ #include RUBY_EXTCONF_H #include <string.h> /* memcpy() */ -#if !defined(OPENSSL_NO_ENGINE) -# include <openssl/engine.h> -#endif #include <openssl/x509_vfy.h> #include "openssl_missing.h" diff --git a/ext/openssl/ossl.h b/ext/openssl/ossl.h index 3a0ab1e593..4b5126893b 100644 --- a/ext/openssl/ossl.h +++ b/ext/openssl/ossl.h @@ -18,6 +18,7 @@ #include <ruby/io.h> #include <ruby/thread.h> #include <openssl/opensslv.h> + #include <openssl/err.h> #include <openssl/asn1.h> #include <openssl/x509v3.h> @@ -30,9 +31,6 @@ #include <openssl/ts.h> #endif #include <openssl/crypto.h> -#if !defined(OPENSSL_NO_ENGINE) -# include <openssl/engine.h> -#endif #if !defined(OPENSSL_NO_OCSP) # include <openssl/ocsp.h> #endif @@ -54,6 +52,10 @@ (LIBRESSL_VERSION_NUMBER >= (maj << 28) | (min << 20) | (pat << 12)) #endif +#if !defined(OPENSSL_NO_ENGINE) && !OSSL_OPENSSL_PREREQ(3, 0, 0) +# define OSSL_USE_ENGINE +#endif + /* * Common Module */ diff --git a/ext/openssl/ossl_engine.c b/ext/openssl/ossl_engine.c index 661a1368e2..1abde7f766 100644 --- a/ext/openssl/ossl_engine.c +++ b/ext/openssl/ossl_engine.c @@ -9,7 +9,8 @@ */ #include "ossl.h" -#if !defined(OPENSSL_NO_ENGINE) +#ifdef OSSL_USE_ENGINE +# include <openssl/engine.h> #define NewEngine(klass) \ TypedData_Wrap_Struct((klass), &ossl_engine_type, 0) diff --git a/ext/openssl/ossl_pkey.c b/ext/openssl/ossl_pkey.c index 7030be3c8e..94760d32f4 100644 --- a/ext/openssl/ossl_pkey.c +++ b/ext/openssl/ossl_pkey.c @@ -9,6 +9,10 @@ */ #include "ossl.h" +#ifdef OSSL_USE_ENGINE +# include <openssl/engine.h> +#endif + /* * Classes */ |