Skip to content

Commit

Permalink
Don't include engine.h when OPENSSL_NO_ENGINE is defined
Browse files Browse the repository at this point in the history 
Fedora 41 and RHEL 10 are deprecating and phasing out OpenSSL ENGINE
support. Downstream has moved `openssl/engine.h` into a separate RPM
package and is recompiling packages with `-DOPENSSL_NO_ENGINE=1`. The
compiler flag disables PyCA cryptography's ENGINE support successfully.
We also like to build the downstream package without the `engine.h`
header file present.

This commit makes the include conditional. The `ENGINE` type is
defined in `openssl/types.h`.

See: https://src.fedoraproject.org/rpms/openssl/c/e67e9d9c40cd2cb9547e539c658e2b63f2736762?branch=rawhide
See: https://issues.redhat.com/browse/RHEL-33747
Signed-off-by: Christian Heimes <christian@python.org>
  • Loading branch information
@tiran
tiran committed Jul 22, 2024
1 parent ad40369 commit 656defc
Showing 1 changed file with 5 additions and 0 deletions.
5 changes: 5 additions & 0 deletions src/_cffi_src/openssl/engine.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,12 @@
from __future__ import annotations

INCLUDES = """
#ifdef OPENSSL_NO_ENGINE
// for ENGINE type
#include <openssl/types.h>
#else
#include <openssl/engine.h>
#endif
"""

TYPES = """
Expand Down

0 comments on commit 656defc

Please sign in to comment.