git.apps.os.sepia.ceph.com Git

author	Kefu Chai <tchaikov@gmail.com>
	Tue, 25 Mar 2025 04:03:30 +0000 (12:03 +0800)
committer	Kefu Chai <tchaikov@gmail.com>
	Fri, 28 Mar 2025 00:54:19 +0000 (08:54 +0800)
commit	47b843c377d045cdc4db6830cac98b7365036cfa
tree	5bb898d0b15d45eea784467e458a5dae3fddd080	tree \| snapshot
parent	ec1feb7faffe4666e945d7730a03a7ba0f153a62	commit \| diff

common: disable OpenSSL engine support if it is disabled

OpenSSL 3.0 documentation recommends moving from the ENGINE API to the
Providers API. Recent distributions may compile OpenSSL without engine
support by default, necessitating more flexible configuration handling.

So, in this change:

- Add a CMake option `WITH_OPENSSL_ENGINE` to explicitly control engine support
- Respect `openssl_engine_opts` when engine support is enabled
- Provide clear error messaging when engine options are set but support is disabled

See also:
- OpenSSL 3.0 documentation:
https://wiki.openssl.org/index.php/OpenSSL_3.0#Engines_and_.22METHOD.22_APIs

Fixes: https://tracker.ceph.com/issues/68059
Signed-off-by: Kefu Chai <tchaikov@gmail.com>

cmake/modules/CephChecks.cmake		diff \| blob \| history
src/common/openssl_opts_handler.cc		diff \| blob \| history