Merge branch 'marka-fix-formatting-errors' into 'main'

Follow-up: Fixes to provider/engine based ECDSA key handling

See merge request isc-projects/bind9!8186

CHANGES

@@ -2,7 +2,8 @@
 			OpenSSL Provider API will now require engine to not be
 			set. [GL #8153]
 
-6222.	[func]		Fixes to provider/engine based ECDSA key handling. [GL !8152]
+6222.	[func]		Fixes to provider/engine based ECDSA key handling.
+			[GL !8152]
 
 6221.	[cleanup]	Refactor dns_rdataset internals, move rdatasetheader
 			declarations out of rbtdb.c so they can be used by other

lib/dns/dst_parse.c

@@ -233,8 +233,7 @@ check_ecdsa(const dst_private_t *priv, bool external) {
 
 	mask = (1ULL << TAG_SHIFT) - 1;
 
-	ok = have[TAG_ECDSA_LABEL & mask] ||
-	     have[TAG_ECDSA_PRIVATEKEY & mask];
+	ok = have[TAG_ECDSA_LABEL & mask] || have[TAG_ECDSA_PRIVATEKEY & mask];
 
 	return (ok ? 0 : -1);
 }
@@ -267,8 +266,7 @@ check_eddsa(const dst_private_t *priv, bool external) {
 
 	mask = (1ULL << TAG_SHIFT) - 1;
 
-	ok = have[TAG_EDDSA_LABEL & mask] ||
-	     have[TAG_EDDSA_PRIVATEKEY & mask];
+	ok = have[TAG_EDDSA_LABEL & mask] || have[TAG_EDDSA_PRIVATEKEY & mask];
 
 	return (ok ? 0 : -1);
 }

lib/dns/openssl_link.c

@@ -272,8 +272,9 @@ err:
 }
 
 static isc_result_t
-dst__openssl_fromlabel_provider(int key_base_id, const char *label, const char *pin,
-				EVP_PKEY **ppub, EVP_PKEY **ppriv) {
+dst__openssl_fromlabel_provider(int key_base_id, const char *label,
+				const char *pin, EVP_PKEY **ppub,
+				EVP_PKEY **ppriv) {
 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
 	isc_result_t ret = DST_R_OPENSSLFAILURE;
 	OSSL_STORE_CTX *ctx = NULL;
@@ -336,8 +337,8 @@ isc_result_t
 dst__openssl_fromlabel(int key_base_id, const char *engine, const char *label,
 		       const char *pin, EVP_PKEY **ppub, EVP_PKEY **ppriv) {
 	if (engine == NULL) {
-		return (dst__openssl_fromlabel_provider(key_base_id, label,
-						        pin, ppub, ppriv));
+		return (dst__openssl_fromlabel_provider(key_base_id, label, pin,
+							ppub, ppriv));
 	}
 
 	return (dst__openssl_fromlabel_engine(key_base_id, engine, label, pin,

lib/dns/opensslecdsa_link.c

@@ -119,7 +119,7 @@ BN_bn2bin_fixed(const BIGNUM *bn, unsigned char *buf, int size) {
 	return (size);
 }
 
-#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L && OPENSSL_API_LEVEL >= 30000
 
 static const char *
 opensslecdsa_key_alg_to_group_name(unsigned int key_alg) {

lib/dns/openssleddsa_link.c

@@ -527,7 +527,7 @@ openssleddsa_fromlabel(dst_key_t *key, const char *engine, const char *label,
 		goto err;
 	}
 
-	if (key->engine != NULL) {
+	if (engine != NULL) {
 		key->engine = isc_mem_strdup(key->mctx, engine);
 	}
 	key->label = isc_mem_strdup(key->mctx, label);

lib/dns/opensslrsa_link.c

@@ -1051,7 +1051,7 @@ opensslrsa_fromlabel(dst_key_t *key, const char *engine, const char *label,
 		DST_RET(ISC_R_RANGE);
 	}
 
-	if (key->engine != NULL) {
+	if (engine != NULL) {
 		key->engine = isc_mem_strdup(key->mctx, engine);
 	}
 	key->label = isc_mem_strdup(key->mctx, label);