rsyslog/SOURCES/disable-openssl-engine.patch

diff -up rsyslog-8.2408.0/runtime/net_ossl.c.orig rsyslog-8.2408.0/runtime/net_ossl.c
--- rsyslog-8.2408.0/runtime/net_ossl.c.orig	2024-08-21 12:20:02.634846602 +0200
+++ rsyslog-8.2408.0/runtime/net_ossl.c	2024-08-21 12:23:59.487229756 +0200
@@ -223,6 +223,7 @@ osslGlblInit(void)
 PRAGMA_DIAGNOSTIC_PUSH
 PRAGMA_IGNORE_Wdeprecated_declarations
 
+#ifdef ENABLE_OPENSSL_ENGINES_DOWNSTREAM
 	// Initialize OpenSSL engine library
 	ENGINE_load_builtin_engines();
 	/* Register all of them for every algorithm they collectively implement */
@@ -243,6 +244,7 @@ PRAGMA_IGNORE_Wdeprecated_declarations
 	}
 	// Free the engine reference when done
 	ENGINE_free(osslEngine);
+#endif
 PRAGMA_DIAGNOSTIC_POP
 }
 
@@ -251,7 +253,10 @@ void
 osslGlblExit(void)
 {
 	DBGPRINTF("openssl: entering osslGlblExit\n");
+
+#ifdef ENABLE_OPENSSL_ENGINES_DOWNSTREAM
 	ENGINE_cleanup();
+#endif
 	ERR_free_strings();
 	EVP_cleanup();
 	CRYPTO_cleanup_all_ex_data();
@@ -638,7 +643,7 @@ net_ossl_chkonepeername(net_ossl_t *pThi
 #endif
 	char *x509name = NULL;
 	DEFiRet;
-	
+
 	if (certpeer == NULL) {
 		ABORT_FINALIZE(RS_RET_TLS_NO_CERT);
 	}
@@ -1151,6 +1156,8 @@ net_ossl_init_engine(__attribute__((unus
 
 PRAGMA_DIAGNOSTIC_PUSH
 PRAGMA_IGNORE_Wdeprecated_declarations
+#ifdef ENABLE_OPENSSL_ENGINES_DOWNSTREAM
+
 	// Get the default RSA engine
 	ENGINE *default_engine = ENGINE_get_default_RSA();
 	if (default_engine) {
@@ -1188,6 +1195,7 @@ PRAGMA_IGNORE_Wdeprecated_declarations
 	} else {
 		DBGPRINTF("net_ossl_init_engine: use openssl default Engine");
 	}
+#endif
 PRAGMA_DIAGNOSTIC_POP
 
 	RETiRet;
diff -up rsyslog-8.2408.0/runtime/net_ossl.h.orig rsyslog-8.2408.0/runtime/net_ossl.h
--- rsyslog-8.2408.0/runtime/net_ossl.h.orig	2024-08-21 12:19:42.902648065 +0200
+++ rsyslog-8.2408.0/runtime/net_ossl.h	2024-08-21 12:23:14.053772607 +0200
@@ -31,7 +31,11 @@
 #if OPENSSL_VERSION_NUMBER >= 0x30000000L && !defined(LIBRESSL_VERSION_NUMBER)
 #	include <openssl/bioerr.h>
 #endif
-#include <openssl/engine.h>
+
+#ifdef ENABLE_OPENSSL_ENGINES_DOWNSTREAM
+#	include <openssl/engine.h>
+#endif
+
 #include <openssl/rand.h>
 #include <openssl/evp.h>
import rsyslog-8.2408.0-1.el10 4 months ago			`diff -up rsyslog-8.2408.0/runtime/net_ossl.c.orig rsyslog-8.2408.0/runtime/net_ossl.c`
			`--- rsyslog-8.2408.0/runtime/net_ossl.c.orig 2024-08-21 12:20:02.634846602 +0200`
			`+++ rsyslog-8.2408.0/runtime/net_ossl.c 2024-08-21 12:23:59.487229756 +0200`
			`@@ -223,6 +223,7 @@ osslGlblInit(void)`
			`PRAGMA_DIAGNOSTIC_PUSH`
			`PRAGMA_IGNORE_Wdeprecated_declarations`

			`+#ifdef ENABLE_OPENSSL_ENGINES_DOWNSTREAM`
			`// Initialize OpenSSL engine library`
			`ENGINE_load_builtin_engines();`
			`/* Register all of them for every algorithm they collectively implement */`
			`@@ -243,6 +244,7 @@ PRAGMA_IGNORE_Wdeprecated_declarations`
			`}`
			`// Free the engine reference when done`
			`ENGINE_free(osslEngine);`
			`+#endif`
			`PRAGMA_DIAGNOSTIC_POP`
			`}`

			`@@ -251,7 +253,10 @@ void`
			`osslGlblExit(void)`
			`{`
			`DBGPRINTF("openssl: entering osslGlblExit\n");`
			`+`
			`+#ifdef ENABLE_OPENSSL_ENGINES_DOWNSTREAM`
			`ENGINE_cleanup();`
			`+#endif`
			`ERR_free_strings();`
			`EVP_cleanup();`
			`CRYPTO_cleanup_all_ex_data();`
			`@@ -638,7 +643,7 @@ net_ossl_chkonepeername(net_ossl_t *pThi`
			`#endif`
			`char *x509name = NULL;`
			`DEFiRet;`
			`-`
			`+`
			`if (certpeer == NULL) {`
			`ABORT_FINALIZE(RS_RET_TLS_NO_CERT);`
			`}`
			`@@ -1151,6 +1156,8 @@ net_ossl_init_engine(__attribute__((unus`

			`PRAGMA_DIAGNOSTIC_PUSH`
			`PRAGMA_IGNORE_Wdeprecated_declarations`
			`+#ifdef ENABLE_OPENSSL_ENGINES_DOWNSTREAM`
			`+`
			`// Get the default RSA engine`
			`ENGINE *default_engine = ENGINE_get_default_RSA();`
			`if (default_engine) {`
			`@@ -1188,6 +1195,7 @@ PRAGMA_IGNORE_Wdeprecated_declarations`
			`} else {`
			`DBGPRINTF("net_ossl_init_engine: use openssl default Engine");`
			`}`
			`+#endif`
			`PRAGMA_DIAGNOSTIC_POP`

			`RETiRet;`
			`diff -up rsyslog-8.2408.0/runtime/net_ossl.h.orig rsyslog-8.2408.0/runtime/net_ossl.h`
			`--- rsyslog-8.2408.0/runtime/net_ossl.h.orig 2024-08-21 12:19:42.902648065 +0200`
			`+++ rsyslog-8.2408.0/runtime/net_ossl.h 2024-08-21 12:23:14.053772607 +0200`
			`@@ -31,7 +31,11 @@`
			`#if OPENSSL_VERSION_NUMBER >= 0x30000000L && !defined(LIBRESSL_VERSION_NUMBER)`
			`# include <openssl/bioerr.h>`
			`#endif`
			`-#include <openssl/engine.h>`
			`+`
			`+#ifdef ENABLE_OPENSSL_ENGINES_DOWNSTREAM`
			`+# include <openssl/engine.h>`
			`+#endif`
			`+`
			`#include <openssl/rand.h>`
			`#include <openssl/evp.h>`