[PATCH v2 1/2] Make tls_engine_load_dynamic_generic externally accessible.
Jouni Malinen
j at w1.fi
Mon Nov 8 10:43:26 PST 2021
On Fri, Apr 30, 2021 at 10:48:21PM +0000, Andrew Beltrano wrote:
> Expose tls_engine_load_dynamic_generic such that it can be used
> by other code wishing to load an openssl engine dynamically. The
> function is already written in way that is not specific to tls and was
> moved verbatim.
> diff --git a/hostapd/Android.mk b/hostapd/Android.mk
> +ifndef OPENSSL_NO_ENGINE
> +NEED_OPENSSL_ENGINE=y
> +endif
What would define that OPENSSL_NO_ENGINE for Android.mk? Isn't that
defined only within the OpenSSL header files and those do not get
imported here into build process.
> ifdef CONFIG_DPP2
> L_CFLAGS += -DCONFIG_DPP2
> endif
So this was within the CONFIG_DPP block and as such, would apply to any
crypto library (even though I understand that OpenSSL is the only one
currently supported for DPP). Defining NEED_OPENSSL_ENGINE=y here feels
incorrect, i.e., this all should really be done within the OpenSSL
specific block below:
> ifdef TLS_FUNCS
> +ifndef OPENSSL_NO_ENGINE
> +NEED_OPENSSL_ENGINE=y
> +endif
I.e., here.. But the same question about defining OPENSSL_NO_ENGINE
applies.
> +ifdef NEED_OPENSSL_ENGINE
> +OBJS += src/crypto/openssl_engine.o
> +CFLAGS += -DCONFIG_OPENSSL_ENGINE
> +endif
This should also be within the OpenSSL specific block, i.e., somewhere
next to the place where crypto_openssl.c is included. Please also note
that Android.mk uses the source code file name (.c) instead of the
object file.
> diff --git a/hostapd/Makefile b/hostapd/Makefile
> +ifndef OPENSSL_NO_ENGINE
> +NEED_OPENSSL_ENGINE=y
> +endif
> ifdef CONFIG_DPP2
The same comments above apply to Makefile except for that last .o --> .c
part.
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list