1 /* crypto/engine/eng_dyn.c */
2 /*
3 * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
4 * 2001.
5 */
6 /* ====================================================================
7 * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 *
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 *
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in
18 * the documentation and/or other materials provided with the
19 * distribution.
20 *
21 * 3. All advertising materials mentioning features or use of this
22 * software must display the following acknowledgment:
23 * "This product includes software developed by the OpenSSL Project
24 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
25 *
26 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
27 * endorse or promote products derived from this software without
28 * prior written permission. For written permission, please contact
29 * licensing@OpenSSL.org.
30 *
31 * 5. Products derived from this software may not be called "OpenSSL"
32 * nor may "OpenSSL" appear in their names without prior written
33 * permission of the OpenSSL Project.
34 *
35 * 6. Redistributions of any form whatsoever must retain the following
36 * acknowledgment:
37 * "This product includes software developed by the OpenSSL Project
38 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
39 *
40 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
41 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
43 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
44 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
45 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
46 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
47 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
49 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
50 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51 * OF THE POSSIBILITY OF SUCH DAMAGE.
52 * ====================================================================
53 *
54 * This product includes cryptographic software written by Eric Young
55 * (eay@cryptsoft.com). This product includes software written by Tim
56 * Hudson (tjh@cryptsoft.com).
57 *
58 */
59
60 #include "eng_int.h"
61 #include <openssl/dso.h>
62
63 /*
64 * Shared libraries implementing ENGINEs for use by the "dynamic" ENGINE
65 * loader should implement the hook-up functions with the following
66 * prototypes.
67 */
68
69 /* Our ENGINE handlers */
70 static int dynamic_init(ENGINE *e);
71 static int dynamic_finish(ENGINE *e);
72 static int dynamic_ctrl(ENGINE *e, int cmd, long i, void *p,
73 void (*f) (void));
74 /* Predeclare our context type */
75 typedef struct st_dynamic_data_ctx dynamic_data_ctx;
76 /* The implementation for the important control command */
77 static int dynamic_load(ENGINE *e, dynamic_data_ctx *ctx);
78
79 #define DYNAMIC_CMD_SO_PATH ENGINE_CMD_BASE
80 #define DYNAMIC_CMD_NO_VCHECK (ENGINE_CMD_BASE + 1)
81 #define DYNAMIC_CMD_ID (ENGINE_CMD_BASE + 2)
82 #define DYNAMIC_CMD_LIST_ADD (ENGINE_CMD_BASE + 3)
83 #define DYNAMIC_CMD_DIR_LOAD (ENGINE_CMD_BASE + 4)
84 #define DYNAMIC_CMD_DIR_ADD (ENGINE_CMD_BASE + 5)
85 #define DYNAMIC_CMD_LOAD (ENGINE_CMD_BASE + 6)
86
87 /* The constants used when creating the ENGINE */
88 static const char *engine_dynamic_id = "dynamic";
89 static const char *engine_dynamic_name = "Dynamic engine loading support";
90 static const ENGINE_CMD_DEFN dynamic_cmd_defns[] = {
91 {DYNAMIC_CMD_SO_PATH,
92 "SO_PATH",
93 "Specifies the path to the new ENGINE shared library",
94 ENGINE_CMD_FLAG_STRING},
95 {DYNAMIC_CMD_NO_VCHECK,
96 "NO_VCHECK",
97 "Specifies to continue even if version checking fails (boolean)",
98 ENGINE_CMD_FLAG_NUMERIC},
99 {DYNAMIC_CMD_ID,
100 "ID",
101 "Specifies an ENGINE id name for loading",
102 ENGINE_CMD_FLAG_STRING},
103 {DYNAMIC_CMD_LIST_ADD,
104 "LIST_ADD",
105 "Whether to add a loaded ENGINE to the internal list (0=no,1=yes,2=mandatory)",
106 ENGINE_CMD_FLAG_NUMERIC},
107 {DYNAMIC_CMD_DIR_LOAD,
108 "DIR_LOAD",
109 "Specifies whether to load from 'DIR_ADD' directories (0=no,1=yes,2=mandatory)",
110 ENGINE_CMD_FLAG_NUMERIC},
111 {DYNAMIC_CMD_DIR_ADD,
112 "DIR_ADD",
113 "Adds a directory from which ENGINEs can be loaded",
114 ENGINE_CMD_FLAG_STRING},
115 {DYNAMIC_CMD_LOAD,
116 "LOAD",
117 "Load up the ENGINE specified by other settings",
118 ENGINE_CMD_FLAG_NO_INPUT},
119 {0, NULL, NULL, 0}
120 };
121
122 static const ENGINE_CMD_DEFN dynamic_cmd_defns_empty[] = {
123 {0, NULL, NULL, 0}
124 };
125
126 /*
127 * Loading code stores state inside the ENGINE structure via the "ex_data"
128 * element. We load all our state into a single structure and use that as a
129 * single context in the "ex_data" stack.
130 */
131 struct st_dynamic_data_ctx {
132 /* The DSO object we load that supplies the ENGINE code */
133 DSO *dynamic_dso;
134 /*
135 * The function pointer to the version checking shared library function
136 */
137 dynamic_v_check_fn v_check;
138 /*
139 * The function pointer to the engine-binding shared library function
140 */
141 dynamic_bind_engine bind_engine;
142 /* The default name/path for loading the shared library */
143 const char *DYNAMIC_LIBNAME;
144 /* Whether to continue loading on a version check failure */
145 int no_vcheck;
146 /* If non-NULL, stipulates the 'id' of the ENGINE to be loaded */
147 const char *engine_id;
148 /*
149 * If non-zero, a successfully loaded ENGINE should be added to the
150 * internal ENGINE list. If 2, the add must succeed or the entire load
151 * should fail.
152 */
153 int list_add_value;
154 /* The symbol name for the version checking function */
155 const char *DYNAMIC_F1;
156 /* The symbol name for the "initialise ENGINE structure" function */
157 const char *DYNAMIC_F2;
158 /*
159 * Whether to never use 'dirs', use 'dirs' as a fallback, or only use
160 * 'dirs' for loading. Default is to use 'dirs' as a fallback.
161 */
162 int dir_load;
163 /* A stack of directories from which ENGINEs could be loaded */
164 STACK *dirs;
165 };
166
167 /*
168 * This is the "ex_data" index we obtain and reserve for use with our context
169 * structure.
170 */
171 static int dynamic_ex_data_idx = -1;
172
int_free_str(void * s)173 static void int_free_str(void *s)
174 {
175 OPENSSL_free(s);
176 }
177
178 /*
179 * Because our ex_data element may or may not get allocated depending on
180 * whether a "first-use" occurs before the ENGINE is freed, we have a memory
181 * leak problem to solve. We can't declare a "new" handler for the ex_data as
182 * we don't want a dynamic_data_ctx in *all* ENGINE structures of all types
183 * (this is a bug in the design of CRYPTO_EX_DATA). As such, we just declare
184 * a "free" handler and that will get called if an ENGINE is being destroyed
185 * and there was an ex_data element corresponding to our context type.
186 */
dynamic_data_ctx_free_func(void * parent,void * ptr,CRYPTO_EX_DATA * ad,int idx,long argl,void * argp)187 static void dynamic_data_ctx_free_func(void *parent, void *ptr,
188 CRYPTO_EX_DATA *ad, int idx, long argl,
189 void *argp)
190 {
191 if (ptr) {
192 dynamic_data_ctx *ctx = (dynamic_data_ctx *)ptr;
193 if (ctx->dynamic_dso)
194 DSO_free(ctx->dynamic_dso);
195 if (ctx->DYNAMIC_LIBNAME)
196 OPENSSL_free((void *)ctx->DYNAMIC_LIBNAME);
197 if (ctx->engine_id)
198 OPENSSL_free((void *)ctx->engine_id);
199 if (ctx->dirs)
200 sk_pop_free(ctx->dirs, int_free_str);
201 OPENSSL_free(ctx);
202 }
203 }
204
205 /*
206 * Construct the per-ENGINE context. We create it blindly and then use a lock
207 * to check for a race - if so, all but one of the threads "racing" will have
208 * wasted their time. The alternative involves creating everything inside the
209 * lock which is far worse.
210 */
dynamic_set_data_ctx(ENGINE * e,dynamic_data_ctx ** ctx)211 static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx)
212 {
213 dynamic_data_ctx *c;
214 c = OPENSSL_malloc(sizeof(dynamic_data_ctx));
215 if (!c) {
216 ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX, ERR_R_MALLOC_FAILURE);
217 return 0;
218 }
219 memset(c, 0, sizeof(dynamic_data_ctx));
220 c->dynamic_dso = NULL;
221 c->v_check = NULL;
222 c->bind_engine = NULL;
223 c->DYNAMIC_LIBNAME = NULL;
224 c->no_vcheck = 0;
225 c->engine_id = NULL;
226 c->list_add_value = 0;
227 c->DYNAMIC_F1 = "v_check";
228 c->DYNAMIC_F2 = "bind_engine";
229 c->dir_load = 1;
230 c->dirs = sk_new_null();
231 if (!c->dirs) {
232 ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX, ERR_R_MALLOC_FAILURE);
233 OPENSSL_free(c);
234 return 0;
235 }
236 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
237 if ((*ctx = (dynamic_data_ctx *)ENGINE_get_ex_data(e,
238 dynamic_ex_data_idx))
239 == NULL) {
240 /* Good, we're the first */
241 ENGINE_set_ex_data(e, dynamic_ex_data_idx, c);
242 *ctx = c;
243 c = NULL;
244 }
245 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
246 /*
247 * If we lost the race to set the context, c is non-NULL and *ctx is the
248 * context of the thread that won.
249 */
250 if (c)
251 OPENSSL_free(c);
252 return 1;
253 }
254
255 /*
256 * This function retrieves the context structure from an ENGINE's "ex_data",
257 * or if it doesn't exist yet, sets it up.
258 */
dynamic_get_data_ctx(ENGINE * e)259 static dynamic_data_ctx *dynamic_get_data_ctx(ENGINE *e)
260 {
261 dynamic_data_ctx *ctx;
262 if (dynamic_ex_data_idx < 0) {
263 /*
264 * Create and register the ENGINE ex_data, and associate our "free"
265 * function with it to ensure any allocated contexts get freed when
266 * an ENGINE goes underground.
267 */
268 int new_idx = ENGINE_get_ex_new_index(0, NULL, NULL, NULL,
269 dynamic_data_ctx_free_func);
270 if (new_idx == -1) {
271 ENGINEerr(ENGINE_F_DYNAMIC_GET_DATA_CTX, ENGINE_R_NO_INDEX);
272 return NULL;
273 }
274 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
275 /* Avoid a race by checking again inside this lock */
276 if (dynamic_ex_data_idx < 0) {
277 /* Good, someone didn't beat us to it */
278 dynamic_ex_data_idx = new_idx;
279 new_idx = -1;
280 }
281 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
282 /*
283 * In theory we could "give back" the index here if (new_idx>-1), but
284 * it's not possible and wouldn't gain us much if it were.
285 */
286 }
287 ctx = (dynamic_data_ctx *)ENGINE_get_ex_data(e, dynamic_ex_data_idx);
288 /* Check if the context needs to be created */
289 if ((ctx == NULL) && !dynamic_set_data_ctx(e, &ctx))
290 /* "set_data" will set errors if necessary */
291 return NULL;
292 return ctx;
293 }
294
engine_dynamic(void)295 static ENGINE *engine_dynamic(void)
296 {
297 ENGINE *ret = ENGINE_new();
298 if (!ret)
299 return NULL;
300 if (!ENGINE_set_id(ret, engine_dynamic_id) ||
301 !ENGINE_set_name(ret, engine_dynamic_name) ||
302 !ENGINE_set_init_function(ret, dynamic_init) ||
303 !ENGINE_set_finish_function(ret, dynamic_finish) ||
304 !ENGINE_set_ctrl_function(ret, dynamic_ctrl) ||
305 !ENGINE_set_flags(ret, ENGINE_FLAGS_BY_ID_COPY) ||
306 !ENGINE_set_cmd_defns(ret, dynamic_cmd_defns)) {
307 ENGINE_free(ret);
308 return NULL;
309 }
310 return ret;
311 }
312
ENGINE_load_dynamic(void)313 void ENGINE_load_dynamic(void)
314 {
315 ENGINE *toadd = engine_dynamic();
316 if (!toadd)
317 return;
318 ENGINE_add(toadd);
319 /*
320 * If the "add" worked, it gets a structural reference. So either way, we
321 * release our just-created reference.
322 */
323 ENGINE_free(toadd);
324 /*
325 * If the "add" didn't work, it was probably a conflict because it was
326 * already added (eg. someone calling ENGINE_load_blah then calling
327 * ENGINE_load_builtin_engines() perhaps).
328 */
329 ERR_clear_error();
330 }
331
dynamic_init(ENGINE * e)332 static int dynamic_init(ENGINE *e)
333 {
334 /*
335 * We always return failure - the "dyanamic" engine itself can't be used
336 * for anything.
337 */
338 return 0;
339 }
340
dynamic_finish(ENGINE * e)341 static int dynamic_finish(ENGINE *e)
342 {
343 /*
344 * This should never be called on account of "dynamic_init" always
345 * failing.
346 */
347 return 0;
348 }
349
dynamic_ctrl(ENGINE * e,int cmd,long i,void * p,void (* f)(void))350 static int dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
351 {
352 dynamic_data_ctx *ctx = dynamic_get_data_ctx(e);
353 int initialised;
354
355 if (!ctx) {
356 ENGINEerr(ENGINE_F_DYNAMIC_CTRL, ENGINE_R_NOT_LOADED);
357 return 0;
358 }
359 initialised = ((ctx->dynamic_dso == NULL) ? 0 : 1);
360 /* All our control commands require the ENGINE to be uninitialised */
361 if (initialised) {
362 ENGINEerr(ENGINE_F_DYNAMIC_CTRL, ENGINE_R_ALREADY_LOADED);
363 return 0;
364 }
365 switch (cmd) {
366 case DYNAMIC_CMD_SO_PATH:
367 /* a NULL 'p' or a string of zero-length is the same thing */
368 if (p && (strlen((const char *)p) < 1))
369 p = NULL;
370 if (ctx->DYNAMIC_LIBNAME)
371 OPENSSL_free((void *)ctx->DYNAMIC_LIBNAME);
372 if (p)
373 ctx->DYNAMIC_LIBNAME = BUF_strdup(p);
374 else
375 ctx->DYNAMIC_LIBNAME = NULL;
376 return (ctx->DYNAMIC_LIBNAME ? 1 : 0);
377 case DYNAMIC_CMD_NO_VCHECK:
378 ctx->no_vcheck = ((i == 0) ? 0 : 1);
379 return 1;
380 case DYNAMIC_CMD_ID:
381 /* a NULL 'p' or a string of zero-length is the same thing */
382 if (p && (strlen((const char *)p) < 1))
383 p = NULL;
384 if (ctx->engine_id)
385 OPENSSL_free((void *)ctx->engine_id);
386 if (p)
387 ctx->engine_id = BUF_strdup(p);
388 else
389 ctx->engine_id = NULL;
390 return (ctx->engine_id ? 1 : 0);
391 case DYNAMIC_CMD_LIST_ADD:
392 if ((i < 0) || (i > 2)) {
393 ENGINEerr(ENGINE_F_DYNAMIC_CTRL, ENGINE_R_INVALID_ARGUMENT);
394 return 0;
395 }
396 ctx->list_add_value = (int)i;
397 return 1;
398 case DYNAMIC_CMD_LOAD:
399 return dynamic_load(e, ctx);
400 case DYNAMIC_CMD_DIR_LOAD:
401 if ((i < 0) || (i > 2)) {
402 ENGINEerr(ENGINE_F_DYNAMIC_CTRL, ENGINE_R_INVALID_ARGUMENT);
403 return 0;
404 }
405 ctx->dir_load = (int)i;
406 return 1;
407 case DYNAMIC_CMD_DIR_ADD:
408 /* a NULL 'p' or a string of zero-length is the same thing */
409 if (!p || (strlen((const char *)p) < 1)) {
410 ENGINEerr(ENGINE_F_DYNAMIC_CTRL, ENGINE_R_INVALID_ARGUMENT);
411 return 0;
412 }
413 {
414 char *tmp_str = BUF_strdup(p);
415 if (!tmp_str) {
416 ENGINEerr(ENGINE_F_DYNAMIC_CTRL, ERR_R_MALLOC_FAILURE);
417 return 0;
418 }
419 sk_insert(ctx->dirs, tmp_str, -1);
420 }
421 return 1;
422 default:
423 break;
424 }
425 ENGINEerr(ENGINE_F_DYNAMIC_CTRL, ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED);
426 return 0;
427 }
428
int_load(dynamic_data_ctx * ctx)429 static int int_load(dynamic_data_ctx *ctx)
430 {
431 int num, loop;
432 /* Unless told not to, try a direct load */
433 if ((ctx->dir_load != 2) && (DSO_load(ctx->dynamic_dso,
434 ctx->DYNAMIC_LIBNAME, NULL,
435 0)) != NULL)
436 return 1;
437 /* If we're not allowed to use 'dirs' or we have none, fail */
438 if (!ctx->dir_load || ((num = sk_num(ctx->dirs)) < 1))
439 return 0;
440 for (loop = 0; loop < num; loop++) {
441 const char *s = sk_value(ctx->dirs, loop);
442 char *merge = DSO_merge(ctx->dynamic_dso, ctx->DYNAMIC_LIBNAME, s);
443 if (!merge)
444 return 0;
445 if (DSO_load(ctx->dynamic_dso, merge, NULL, 0)) {
446 /* Found what we're looking for */
447 OPENSSL_free(merge);
448 return 1;
449 }
450 OPENSSL_free(merge);
451 }
452 return 0;
453 }
454
dynamic_load(ENGINE * e,dynamic_data_ctx * ctx)455 static int dynamic_load(ENGINE *e, dynamic_data_ctx *ctx)
456 {
457 ENGINE cpy;
458 dynamic_fns fns;
459
460 if (!ctx->dynamic_dso)
461 ctx->dynamic_dso = DSO_new();
462 if (!ctx->DYNAMIC_LIBNAME) {
463 if (!ctx->engine_id)
464 return 0;
465 ctx->DYNAMIC_LIBNAME =
466 DSO_convert_filename(ctx->dynamic_dso, ctx->engine_id);
467 }
468 if (!int_load(ctx)) {
469 ENGINEerr(ENGINE_F_DYNAMIC_LOAD, ENGINE_R_DSO_NOT_FOUND);
470 DSO_free(ctx->dynamic_dso);
471 ctx->dynamic_dso = NULL;
472 return 0;
473 }
474 /* We have to find a bind function otherwise it'll always end badly */
475 if (!
476 (ctx->bind_engine =
477 (dynamic_bind_engine) DSO_bind_func(ctx->dynamic_dso,
478 ctx->DYNAMIC_F2))) {
479 ctx->bind_engine = NULL;
480 DSO_free(ctx->dynamic_dso);
481 ctx->dynamic_dso = NULL;
482 ENGINEerr(ENGINE_F_DYNAMIC_LOAD, ENGINE_R_DSO_FAILURE);
483 return 0;
484 }
485 /* Do we perform version checking? */
486 if (!ctx->no_vcheck) {
487 unsigned long vcheck_res = 0;
488 /*
489 * Now we try to find a version checking function and decide how to
490 * cope with failure if/when it fails.
491 */
492 ctx->v_check =
493 (dynamic_v_check_fn) DSO_bind_func(ctx->dynamic_dso,
494 ctx->DYNAMIC_F1);
495 if (ctx->v_check)
496 vcheck_res = ctx->v_check(OSSL_DYNAMIC_VERSION);
497 /*
498 * We fail if the version checker veto'd the load *or* if it is
499 * deferring to us (by returning its version) and we think it is too
500 * old.
501 */
502 if (vcheck_res < OSSL_DYNAMIC_OLDEST) {
503 /* Fail */
504 ctx->bind_engine = NULL;
505 ctx->v_check = NULL;
506 DSO_free(ctx->dynamic_dso);
507 ctx->dynamic_dso = NULL;
508 ENGINEerr(ENGINE_F_DYNAMIC_LOAD,
509 ENGINE_R_VERSION_INCOMPATIBILITY);
510 return 0;
511 }
512 }
513 /*
514 * First binary copy the ENGINE structure so that we can roll back if the
515 * hand-over fails
516 */
517 memcpy(&cpy, e, sizeof(ENGINE));
518 /*
519 * Provide the ERR, "ex_data", memory, and locking callbacks so the
520 * loaded library uses our state rather than its own. FIXME: As noted in
521 * engine.h, much of this would be simplified if each area of code
522 * provided its own "summary" structure of all related callbacks. It
523 * would also increase opaqueness.
524 */
525 fns.static_state = ENGINE_get_static_state();
526 fns.err_fns = ERR_get_implementation();
527 fns.ex_data_fns = CRYPTO_get_ex_data_implementation();
528 CRYPTO_get_mem_functions(&fns.mem_fns.malloc_cb,
529 &fns.mem_fns.realloc_cb, &fns.mem_fns.free_cb);
530 fns.lock_fns.lock_locking_cb = CRYPTO_get_locking_callback();
531 fns.lock_fns.lock_add_lock_cb = CRYPTO_get_add_lock_callback();
532 fns.lock_fns.dynlock_create_cb = CRYPTO_get_dynlock_create_callback();
533 fns.lock_fns.dynlock_lock_cb = CRYPTO_get_dynlock_lock_callback();
534 fns.lock_fns.dynlock_destroy_cb = CRYPTO_get_dynlock_destroy_callback();
535 /*
536 * Now that we've loaded the dynamic engine, make sure no "dynamic"
537 * ENGINE elements will show through.
538 */
539 engine_set_all_null(e);
540
541 /* Try to bind the ENGINE onto our own ENGINE structure */
542 if (!ctx->bind_engine(e, ctx->engine_id, &fns)) {
543 ctx->bind_engine = NULL;
544 ctx->v_check = NULL;
545 DSO_free(ctx->dynamic_dso);
546 ctx->dynamic_dso = NULL;
547 ENGINEerr(ENGINE_F_DYNAMIC_LOAD, ENGINE_R_INIT_FAILED);
548 /* Copy the original ENGINE structure back */
549 memcpy(e, &cpy, sizeof(ENGINE));
550 return 0;
551 }
552 /* Do we try to add this ENGINE to the internal list too? */
553 if (ctx->list_add_value > 0) {
554 if (!ENGINE_add(e)) {
555 /* Do we tolerate this or fail? */
556 if (ctx->list_add_value > 1) {
557 /*
558 * Fail - NB: By this time, it's too late to rollback, and
559 * trying to do so allows the bind_engine() code to have
560 * created leaks. We just have to fail where we are, after
561 * the ENGINE has changed.
562 */
563 ENGINEerr(ENGINE_F_DYNAMIC_LOAD,
564 ENGINE_R_CONFLICTING_ENGINE_ID);
565 return 0;
566 }
567 /* Tolerate */
568 ERR_clear_error();
569 }
570 }
571 return 1;
572 }
573