Move the ability to load the dasync engine into ssltestlib.c

The sslapitest has a helper function to load the dasync engine which is useful for testing pipelining. We would like to have the same facility from sslbuffertest, so we move the function to the common location ssltestlib.c Follow on from CVE-2024-4741 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24395)
2025-04-12 20:30:52 +08:00 · 2024-04-26 11:05:52 +01:00 · 2024-04-26 11:05:52 +01:00 · 05752478df
commit 05752478df
parent 566f306916
3 changed files with 35 additions and 21 deletions
--- a/test/helpers/ssltestlib.c
+++ b/test/helpers/ssltestlib.c
@ -7,8 +7,17 @@
 * https://www.openssl.org/source/license.html
 */

+/*
+ * We need access to the deprecated low level ENGINE APIs for legacy purposes
+ * when the deprecated calls are not hidden
+ */
+#ifndef OPENSSL_NO_DEPRECATED_3_0
+# define OPENSSL_SUPPRESS_DEPRECATED
+#endif
+
 #include <string.h>

+#include <openssl/engine.h>
 #include "internal/e_os.h"
 #include "internal/nelem.h"
 #include "ssltestlib.h"
@ -1451,3 +1460,27 @@ int ssl_ctx_add_large_cert_chain(OSSL_LIB_CTX *libctx, SSL_CTX *sctx,
    X509_free(chaincert);
    return ret;
 }
+
+ENGINE *load_dasync(void)
+{
+#if !defined(OPENSSL_NO_TLS1_2) && !defined(OPENSSL_NO_DYNAMIC_ENGINE)
+    ENGINE *e;
+
+    if (!TEST_ptr(e = ENGINE_by_id("dasync")))
+        return NULL;
+
+    if (!TEST_true(ENGINE_init(e))) {
+        ENGINE_free(e);
+        return NULL;
+    }
+
+    if (!TEST_true(ENGINE_register_ciphers(e))) {
+        ENGINE_free(e);
+        return NULL;
+    }
+
+    return e;
+#else
+    return NULL;
+#endif
+}
--- a/test/helpers/ssltestlib.h
+++ b/test/helpers/ssltestlib.h
@ -83,4 +83,6 @@ SSL_SESSION *create_a_psk(SSL *ssl, size_t mdsize);
 int ssl_ctx_add_large_cert_chain(OSSL_LIB_CTX *libctx, SSL_CTX *sctx,
                                 const char *cert_file);

+ENGINE *load_dasync(void);
+
 #endif /* OSSL_TEST_SSLTESTLIB_H */
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@ -11193,27 +11193,6 @@ end:
 #endif /* OSSL_NO_USABLE_TLS1_3 */

 #if !defined(OPENSSL_NO_TLS1_2) && !defined(OPENSSL_NO_DYNAMIC_ENGINE)
-
-static ENGINE *load_dasync(void)
-{
-    ENGINE *e;
-
-    if (!TEST_ptr(e = ENGINE_by_id("dasync")))
-        return NULL;
-
-    if (!TEST_true(ENGINE_init(e))) {
-        ENGINE_free(e);
-        return NULL;
-    }
-
-    if (!TEST_true(ENGINE_register_ciphers(e))) {
-        ENGINE_free(e);
-        return NULL;
-    }
-
-    return e;
-}
-
 /*
 * Test TLSv1.2 with a pipeline capable cipher. TLSv1.3 and DTLS do not
 * support this yet. The only pipeline capable cipher that we have is in the