Prevent calling code from doing the allocation of the ENGINE structure.

This was a bad idea in the first place, in particular it would have made it trickier to implement error-handling, particularly when shutting down third-party shared libraries etc.
2000-05-26 15:21:47 +00:00 · 2000-05-26 15:21:47 +00:00 · 0e0e569cbf
commit 0e0e569cbf
parent 71c8e9f1c3
2 changed files with 37 additions and 2 deletions
--- a/crypto/engine/engine.h
+++ b/crypto/engine/engine.h
@ -133,8 +133,17 @@ ENGINE *ENGINE_by_id(const char *id);
 * implementations of things prior to using it directly or adding
 * it to the builtin ENGINE list in OpenSSL. These are also here
 * so that the ENGINE structure doesn't have to be exposed and
- * break binary compatibility! */
+ * break binary compatibility!
+ *
+ * NB: I'm changing ENGINE_new to force the ENGINE structure to
+ * be allocated from within OpenSSL. See the comment for
+ * ENGINE_get_struct_size().
+ */
+#if 0
 ENGINE *ENGINE_new(ENGINE *e);
+#else
+ENGINE *ENGINE_new(void);
+#endif
 int ENGINE_free(ENGINE *e);
 int ENGINE_set_id(ENGINE *e, const char *id);
 int ENGINE_set_name(ENGINE *e, const char *name);
@ -164,8 +173,14 @@ BN_MOD_EXP_CRT ENGINE_get_BN_mod_exp_crt(ENGINE *e);
 * structure (for good reason). However, if the caller wishes to use
 * its own memory allocation or use a static array, the following call
 * should be used to check the amount of memory the ENGINE structure
- * will occupy. This will make the code more future-proof. */
+ * will occupy. This will make the code more future-proof.
+ *
+ * NB: I'm "#if 0"-ing this out because it's better to force the use of
+ * internally allocated memory. See similar change in ENGINE_new().
+ */
+#if 0
 int ENGINE_get_struct_size(void);
+#endif

 /* FUNCTIONAL functions. These functions deal with ENGINE structures
 * that have (or will) be initialised for use. Broadly speaking, the
--- a/crypto/engine/engine_list.c
+++ b/crypto/engine/engine_list.c
@ -335,6 +335,9 @@ ENGINE *ENGINE_by_id(const char *id)
 	return iterator;
 	}

+/* As per the comments in engine.h, it is generally better all round
+ * if the ENGINE structure is allocated within this framework. */
+#if 0
 int ENGINE_get_struct_size(void)
 	{
 	return sizeof(ENGINE);
@ -362,6 +365,23 @@ ENGINE *ENGINE_new(ENGINE *e)
 	ret->struct_ref = 1;
 	return ret;
 	}
+#else
+ENGINE *ENGINE_new(void)
+	{
+	ENGINE *ret;
+
+	ret = (ENGINE *)Malloc(sizeof(ENGINE));
+	if(ret == NULL)
+		{
+		ENGINEerr(ENGINE_F_ENGINE_NEW, ERR_R_MALLOC_FAILURE);
+		return NULL;
+		}
+	memset(ret, 0, sizeof(ENGINE));
+	ret->flags = ENGINE_FLAGS_MALLOCED;
+	ret->struct_ref = 1;
+	return ret;
+	}
+#endif

 int ENGINE_free(ENGINE *e)
 	{