[PATCH v2 1/2] Make tls_engine_load_dynamic_generic externally accessible.

Jouni Malinen j at w1.fi
Mon Nov 8 10:43:26 PST 2021

On Fri, Apr 30, 2021 at 10:48:21PM +0000, Andrew Beltrano wrote:
> Expose tls_engine_load_dynamic_generic such that it can be used
> by other code wishing to load an openssl engine dynamically. The
> function is already written in way that is not specific to tls and was
> moved verbatim.

> diff --git a/hostapd/Android.mk b/hostapd/Android.mk
> +endif

What would define that OPENSSL_NO_ENGINE for Android.mk? Isn't that
defined only within the OpenSSL header files and those do not get
imported here into build process.

>  ifdef CONFIG_DPP2
>  endif

So this was within the CONFIG_DPP block and as such, would apply to any
crypto library (even though I understand that OpenSSL is the only one
currently supported for DPP). Defining NEED_OPENSSL_ENGINE=y here feels
incorrect, i.e., this all should really be done within the OpenSSL
specific block below:

>  ifdef TLS_FUNCS
> +endif

I.e., here.. But the same question about defining OPENSSL_NO_ENGINE

> +OBJS += src/crypto/openssl_engine.o
> +endif

This should also be within the OpenSSL specific block, i.e., somewhere
next to the place where crypto_openssl.c is included. Please also note
that Android.mk uses the source code file name (.c) instead of the
object file.

> diff --git a/hostapd/Makefile b/hostapd/Makefile
> +endif
>  ifdef CONFIG_DPP2

The same comments above apply to Makefile except for that last .o --> .c

Jouni Malinen                                            PGP id EFC895FA

More information about the Hostap mailing list