On Tue, Sep 13, 2022 at 10:29:52PM -0400, Mimi Zohar wrote:
> If either OPENSSL_NO_DYNAMIC_ENGINE or OPENSSL_NO_ENGINE is defined,
> ima-evm-utils cannot be built with OpenSSL engine support. Disable
> engine support.
>
> Suggested-by: Vitaly Chikunov <vt@xxxxxxxxxxxx>
> Fixes: 9e08e4495f24 ("Disable use of OpenSSL "engine" support")
> Signed-off-by: Mimi Zohar <zohar@xxxxxxxxxxxxx>
> ---
> src/imaevm.h | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/src/imaevm.h b/src/imaevm.h
> index ebe8c20d566a..8114bd051514 100644
> --- a/src/imaevm.h
> +++ b/src/imaevm.h
> @@ -52,6 +52,10 @@
> #include <openssl/engine.h>
> #endif
>
> +#if defined(OPENSSL_NO_ENGINE) || defined(OPENSSL_NO_DYNAMIC_ENGINE)
> +#undef CONFIG_ENGINE
> +#endif
Thanks.
Only better it would be to make it prefixed with something like
IMA_EVN_, since CONFIG_ENGINE looks too generic (and we cannot move it
outside of imaevm.h). And perhaps merge this patch with "Disable use of
OpenSSL "engine" support"?
Vitaly,
> +
> #ifdef USE_FPRINTF
> #define do_log(level, fmt, args...) \
> ({ if (level <= imaevm_params.verbose) fprintf(stderr, fmt, ##args); })
> --
> 2.31.1
