[PATCH v2 1/2] Make tls_engine_load_dynamic_generic externally accessible.

[Jouni Malinen]

On Fri, Apr 30, 2021 at 10:48:21PM +0000, Andrew Beltrano wrote:
> Expose tls_engine_load_dynamic_generic such that it can be used
> by other code wishing to load an openssl engine dynamically. The
> function is already written in way that is not specific to tls and was
> moved verbatim.

> diff --git a/hostapd/Android.mk b/hostapd/Android.mk
> +ifndef OPENSSL_NO_ENGINE
> +NEED_OPENSSL_ENGINE=y
> +endif

What would define that OPENSSL_NO_ENGINE for Android.mk? Isn't that
defined only within the OpenSSL header files and those do not get
imported here into build process.

>  ifdef CONFIG_DPP2
>  L_CFLAGS += -DCONFIG_DPP2
>  endif

So this was within the CONFIG_DPP block and as such, would apply to any
crypto library (even though I understand that OpenSSL is the only one
currently supported for DPP). Defining NEED_OPENSSL_ENGINE=y here feels
incorrect, i.e., this all should really be done within the OpenSSL
specific block below:

>  ifdef TLS_FUNCS
> +ifndef OPENSSL_NO_ENGINE
> +NEED_OPENSSL_ENGINE=y
> +endif

I.e., here.. But the same question about defining OPENSSL_NO_ENGINE
applies.

> +ifdef NEED_OPENSSL_ENGINE
> +OBJS += src/crypto/openssl_engine.o
> +CFLAGS += -DCONFIG_OPENSSL_ENGINE
> +endif

This should also be within the OpenSSL specific block, i.e., somewhere
next to the place where crypto_openssl.c is included. Please also note
that Android.mk uses the source code file name (.c) instead of the
object file.

> diff --git a/hostapd/Makefile b/hostapd/Makefile
> +ifndef OPENSSL_NO_ENGINE
> +NEED_OPENSSL_ENGINE=y
> +endif
>  ifdef CONFIG_DPP2

The same comments above apply to Makefile except for that last .o --> .c
part.

-- 
Jouni Malinen                                            PGP id EFC895FA