[pkg-opensc-commit] [libp11] 26/86: OpenSSL 1.1.0-dev changes from OpenSC/engine_pkcs11#39

Sun Jul 24 21:40:19 UTC 2016

This is an automated email from the git hooks/post-receive script.

eric pushed a commit to branch master
in repository libp11.

commit eee887304fb7d0186a65469dcc9a0cd589fd81a4
Author: Michał Trojnara <Michal.Trojnara at stunnel.org>
Date:   Thu Jan 28 11:50:16 2016 +0100

    OpenSSL 1.1.0-dev changes from OpenSC/engine_pkcs11#39
---
 src/eng_front.c | 17 +++++++----------
 src/p11_load.c  |  8 ++++----
 2 files changed, 11 insertions(+), 14 deletions(-)

diff --git a/src/eng_front.c b/src/eng_front.c
index ec0eee9..95c3470 100644
--- a/src/eng_front.c
+++ b/src/eng_front.c
@@ -128,11 +128,6 @@ static const ENGINE_CMD_DEFN pkcs11_cmd_defns[] = {
 static int pkcs11_engine_destroy(ENGINE * e)
 {
 	(void)e;
-#ifndef OPENSSL_NO_EC
-#ifndef OPENSSL_NO_ECDSA
-	PKCS11_ecdsa_method_free();
-#endif
-#endif
 
 	return 1;
 }
@@ -174,14 +169,16 @@ static int bind_helper(ENGINE * e)
 #ifndef OPENSSL_NO_RSA
 			!ENGINE_set_RSA(e, PKCS11_get_rsa_method()) ||
 #endif
-#ifndef OPENSSL_NO_EC
+#if OPENSSL_VERSION_NUMBER  < 0x10100002L
 #ifndef OPENSSL_NO_ECDSA
 			!ENGINE_set_ECDSA(e, PKCS11_get_ecdsa_method()) ||
 #endif
-/* TODO add ECDH
-			!ENGINE_set_ECDH(e, PKCS11_get_ecdh_method()) ||
-*/
-#endif
+#else /* OPENSSL_VERSION_NUMBER */
+#ifndef OPENSSL_NO_EC
+			/* PKCS11_get_ec_key_method supports ECDH too */
+			!ENGINE_set_EC(e, PKCS11_get_ec_key_method()) ||
+#endif /* OPENSSL_NO_EC */
+#endif /* OPENSSL_VERSION_NUMBER */
 			!ENGINE_set_load_pubkey_function(e, pkcs11_load_public_key) ||
 			!ENGINE_set_load_privkey_function(e, pkcs11_load_private_key)) {
 		return 0;
diff --git a/src/p11_load.c b/src/p11_load.c
index ea83cf0..8217b98 100644
--- a/src/p11_load.c
+++ b/src/p11_load.c
@@ -157,11 +157,11 @@ void PKCS11_CTX_unload(PKCS11_CTX * ctx)
 void PKCS11_CTX_free(PKCS11_CTX * ctx)
 {
 	PKCS11_CTX_private *priv = PRIVCTX(ctx);
-	/* Do not remove the strings since OpenSSL strings may still be used by
-	 * the application and we can't know
 
-	ERR_free_strings();
-	ERR_remove_state(0);
+	/* TODO: move the global methods and ex_data indexes into
+	 * the ctx structure, so they can be safely deallocated here:
+	PKCS11_rsa_method_free(ctx);
+	PKCS11_ecdsa_method_free(ctx);
 	*/
 	if (priv->init_args) {
 		OPENSSL_free(priv->init_args);

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-opensc/libp11.git

