change system file

hc

2024-10-09 244b2c5ca8b14627e4a17755e5922221e121c771

 kernel/scripts/extract-cert.c
..
..
@@ -23,6 +23,13 @@
23
23
 #include <openssl/err.h>
24
24
 #include <openssl/engine.h>
25
25
 
26
+/*
27
+ * OpenSSL 3.0 deprecates the OpenSSL's ENGINE API.
28
+ *
29
+ * Remove this if/when that API is no longer used
30
+ */
31
+#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
32
+
26
33
 #define PKEY_ID_PKCS7 2
27
34
 
28
35
 static __attribute__((noreturn))
..
..
@@ -49,6 +56,7 @@
49
56
 	}
50
57
 }
51
58
 
59
+#ifndef OPENSSL_IS_BORINGSSL
52
60
 static void drain_openssl_errors(void)
53
61
 {
54
62
 	const char *file;
..
..
@@ -58,6 +66,7 @@
58
66
 		return;
59
67
 	while (ERR_get_error_line(&file, &line)) {}
60
68
 }
69
+#endif
61
70
 
62
71
 #define ERR(cond, fmt, ...)				\
63
72
 	do {						\
..
..
@@ -71,7 +80,7 @@
71
80
 static const char *key_pass;
72
81
 static BIO *wb;
73
82
 static char *cert_dst;
74
-int kbuild_verbose;
83
+static int kbuild_verbose;
75
84
 
76
85
 static void write_cert(X509 *x509)
77
86
 {
..
..
@@ -112,6 +121,10 @@
112
121
 		fclose(f);
113
122
 		exit(0);
114
123
 	} else if (!strncmp(cert_src, "pkcs11:", 7)) {
124
+#ifdef OPENSSL_IS_BORINGSSL
125
+		ERR(1, "BoringSSL does not support extracting from PKCS#11");
126
+		exit(1);
127
+#else
115
128
 		ENGINE *e;
116
129
 		struct {
117
130
 			const char *cert_id;
..
..
@@ -134,6 +147,7 @@
134
147
 		ENGINE_ctrl_cmd(e, "LOAD_CERT_CTRL", 0, &parms, NULL, 1);
135
148
 		ERR(!parms.cert, "Get X.509 from PKCS#11");
136
149
 		write_cert(parms.cert);
150
+#endif
137
151
 	} else {
138
152
 		BIO *b;
139
153
 		X509 *x509;