> #include <openssl/conf.h>
> #include <openssl/des.h>
> @@ -75,6 +76,8 @@ static bool engine_initialized = false; /* GLOBAL */
>
> static ENGINE *engine_persist = NULL; /* GLOBAL */
>
> +static void *xkey_prov;
> +
This is under HAVE_OPENSSL_ENGINE instead have HAVE_XKEY_PROVIDER
> /* Try to load an engine in a shareable library */
> static ENGINE *
> try_load_engine(const char *engine)
> @@ -161,6 +164,15 @@ crypto_init_lib(void)
> OPENSSL_config(NULL);
> #endif
> #endif /* _WIN32 */
> +
> +#ifdef HAVE_XKEY_PROVIDER
> + if (!xkey_prov)
> + {
> + OSSL_PROVIDER_add_builtin(NULL, "ovpn.xkey", xkey_provider_init);
> + xkey_prov = OSSL_PROVIDER_load(NULL, "ovpn.xkey");
> + }
> +#endif
> +
> /*
> * If you build the OpenSSL library and OpenVPN with
> * CRYPTO_MDEBUG, you will get a listing of OpenSSL
> @@ -190,6 +202,13 @@ crypto_uninit_lib(void)
> engine_initialized = false;
> }
> #endif
> +#ifdef HAVE_XKEY_PROVIDER
> + if (xkey_prov)
> + {
> + OSSL_PROVIDER_unload(xkey_prov);
> + }
> +#endif
> + xkey_prov = NULL;
> }
The xkey_prov seems to be only used with HAVE_XKEY_PROVIDER, the last
line should probably also be under it.
This is not a full review, just noting the compile errors trying to test
the whole set.
Arne
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
