On Fri, Apr 30, 2021 at 10:48:21PM +0000, Andrew Beltrano wrote: > Expose tls_engine_load_dynamic_generic such that it can be used > by other code wishing to load an openssl engine dynamically. The > function is already written in way that is not specific to tls and was > moved verbatim. > diff --git a/hostapd/Android.mk b/hostapd/Android.mk > +ifndef OPENSSL_NO_ENGINE > +NEED_OPENSSL_ENGINE=y > +endif What would define that OPENSSL_NO_ENGINE for Android.mk? Isn't that defined only within the OpenSSL header files and those do not get imported here into build process. > ifdef CONFIG_DPP2 > L_CFLAGS += -DCONFIG_DPP2 > endif So this was within the CONFIG_DPP block and as such, would apply to any crypto library (even though I understand that OpenSSL is the only one currently supported for DPP). Defining NEED_OPENSSL_ENGINE=y here feels incorrect, i.e., this all should really be done within the OpenSSL specific block below: > ifdef TLS_FUNCS > +ifndef OPENSSL_NO_ENGINE > +NEED_OPENSSL_ENGINE=y > +endif I.e., here.. But the same question about defining OPENSSL_NO_ENGINE applies. > +ifdef NEED_OPENSSL_ENGINE > +OBJS += src/crypto/openssl_engine.o > +CFLAGS += -DCONFIG_OPENSSL_ENGINE > +endif This should also be within the OpenSSL specific block, i.e., somewhere next to the place where crypto_openssl.c is included. Please also note that Android.mk uses the source code file name (.c) instead of the object file. > diff --git a/hostapd/Makefile b/hostapd/Makefile > +ifndef OPENSSL_NO_ENGINE > +NEED_OPENSSL_ENGINE=y > +endif > ifdef CONFIG_DPP2 The same comments above apply to Makefile except for that last .o --> .c part. -- Jouni Malinen PGP id EFC895FA _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
