97 lines
2.8 KiB
Diff
97 lines
2.8 KiB
Diff
From 5dd0765607135a418289bc4a20060f31eeaede73 Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Lubo=C5=A1=20Uhliarik?= <luhliari@redhat.com>
|
|
Date: Tue, 2 Jul 2024 18:29:18 +0200
|
|
Subject: [PATCH] Disable ENGINE support
|
|
|
|
---
|
|
auto/options | 3 +++
|
|
configure | 4 ++++
|
|
src/event/ngx_event_openssl.c | 7 +++----
|
|
src/event/ngx_event_openssl.h | 2 +-
|
|
4 files changed, 11 insertions(+), 5 deletions(-)
|
|
|
|
diff --git a/auto/options b/auto/options
|
|
index 6a6e990..3cc983d 100644
|
|
--- a/auto/options
|
|
+++ b/auto/options
|
|
@@ -45,6 +45,8 @@ USE_THREADS=NO
|
|
|
|
NGX_FILE_AIO=NO
|
|
|
|
+NGX_SSL_NO_ENGINE=NO
|
|
+
|
|
QUIC_BPF=NO
|
|
|
|
HTTP=YES
|
|
@@ -373,6 +375,7 @@ use the \"--with-mail_ssl_module\" option instead"
|
|
|
|
--with-openssl=*) OPENSSL="$value" ;;
|
|
--with-openssl-opt=*) OPENSSL_OPT="$value" ;;
|
|
+ --without-engine) NGX_SSL_NO_ENGINE=YES ;;
|
|
|
|
--with-md5=*)
|
|
NGX_POST_CONF_MSG="$NGX_POST_CONF_MSG
|
|
diff --git a/configure b/configure
|
|
index 5b88ebb..3a2129e 100755
|
|
--- a/configure
|
|
+++ b/configure
|
|
@@ -104,6 +104,10 @@ have=NGX_HTTP_UWSGI_TEMP_PATH value="\"$NGX_HTTP_UWSGI_TEMP_PATH\""
|
|
have=NGX_HTTP_SCGI_TEMP_PATH value="\"$NGX_HTTP_SCGI_TEMP_PATH\""
|
|
. auto/define
|
|
|
|
+if [ $NGX_SSL_NO_ENGINE = YES ]; then
|
|
+ have=NGX_SSL_NO_ENGINE . auto/have
|
|
+fi
|
|
+
|
|
. auto/make
|
|
. auto/lib/make
|
|
. auto/install
|
|
diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
|
|
index 6f7f2a2..f939706 100644
|
|
--- a/src/event/ngx_event_openssl.c
|
|
+++ b/src/event/ngx_event_openssl.c
|
|
@@ -842,7 +842,7 @@ ngx_ssl_load_certificate_key(ngx_pool_t *pool, char **err,
|
|
|
|
if (ngx_strncmp(key->data, "engine:", sizeof("engine:") - 1) == 0) {
|
|
|
|
-#ifndef OPENSSL_NO_ENGINE
|
|
+#if !defined(OPENSSL_NO_ENGINE) && !defined(NGX_SSL_NO_ENGINE)
|
|
|
|
u_char *p, *last;
|
|
ENGINE *engine;
|
|
@@ -6119,8 +6119,7 @@ ngx_openssl_create_conf(ngx_cycle_t *cycle)
|
|
static char *
|
|
ngx_openssl_engine(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
|
|
{
|
|
-#ifndef OPENSSL_NO_ENGINE
|
|
-
|
|
+#if !defined(OPENSSL_NO_ENGINE) && !defined(NGX_SSL_NO_ENGINE)
|
|
ngx_openssl_conf_t *oscf = conf;
|
|
|
|
ENGINE *engine;
|
|
@@ -6170,7 +6169,7 @@ ngx_openssl_exit(ngx_cycle_t *cycle)
|
|
#if OPENSSL_VERSION_NUMBER < 0x10100003L
|
|
|
|
EVP_cleanup();
|
|
-#ifndef OPENSSL_NO_ENGINE
|
|
+#if !defined(OPENSSL_NO_ENGINE) && !defined(NGX_SSL_NO_ENGINE)
|
|
ENGINE_cleanup();
|
|
#endif
|
|
|
|
diff --git a/src/event/ngx_event_openssl.h b/src/event/ngx_event_openssl.h
|
|
index 761f48d..c60b16d 100644
|
|
--- a/src/event/ngx_event_openssl.h
|
|
+++ b/src/event/ngx_event_openssl.h
|
|
@@ -20,7 +20,7 @@
|
|
#include <openssl/conf.h>
|
|
#include <openssl/crypto.h>
|
|
#include <openssl/dh.h>
|
|
-#ifndef OPENSSL_NO_ENGINE
|
|
+#if !defined(OPENSSL_NO_ENGINE) && !defined(NGX_SSL_NO_ENGINE)
|
|
#include <openssl/engine.h>
|
|
#endif
|
|
#include <openssl/evp.h>
|
|
--
|
|
2.44.0
|
|
|