From 3ea8f4ed58e075e097856437c0732e11771931d0 Mon Sep 17 00:00:00 2001
From: Ingo Franzki <ifranzki@linux.ibm.com>
Date: Wed, 19 Apr 2023 10:07:01 +0200
Subject: [PATCH] engine: Only register those algos specified with
 default_algorithms

As part of OpenSSL initialization, the engine(s) configured in the OpenSSL
config file are loaded, and its algorithms (methods) are registered according
to the default_algorithms setting.

However, later during initialization, ENGINE_register_all_complete() is called
which unconditionally registered all algorithms (methods) of the loaded engines
again, unless the engine flag ENGINE_FLAGS_NO_REGISTER_ALL is set.

Set the ENGINE_FLAGS_NO_REGISTER_ALL flag during IBMCA engine initialization
to avoid unconditional registration of all algorithms. We only want to register
algorithms specified in the default_algorithms configuration setting.

Note that if the default_algorithms setting is omitted in the OpenSSL config
file, then no algorithms will be registered.

Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
---
 src/engine/e_ibmca.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/engine/e_ibmca.c b/src/engine/e_ibmca.c
index fe21897..6cbf745 100644
--- a/src/engine/e_ibmca.c
+++ b/src/engine/e_ibmca.c
@@ -642,6 +642,9 @@ static int set_supported_meths(ENGINE *e)
         if (!ENGINE_set_pkey_meths(e, ibmca_engine_pkey_meths))
             goto out;
 
+    if (!ENGINE_set_flags(e, ENGINE_FLAGS_NO_REGISTER_ALL))
+        goto out;
+
     rc = 1;
 out:
     free(pmech_list);