If an engine comes up explicitely, it must also come down explicitely In apps/apps.c, one can set up an engine with setup_engine(). However, we freed the structural reference immediately, which means that for engines that don't already have a structural reference somewhere else (because it's a built in engine), we end up returning an invalid reference. Instead, the function release_engine() is added, and called at the end of the routines that call setup_engine(). Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1643)

commit: dd1abd4462e4e4fa84b8f8de2ec70375f9b0e191 [log] [tgz]
author: Richard Levitte <levitte@openssl.org> Wed Sep 28 23:39:18 2016 +0200
committer: Richard Levitte <levitte@openssl.org> Wed Oct 19 17:44:08 2016 +0200
tree: 66ed9bf5494cf999e57f754b5fa43ccd51ffc36e
parent: e972273194303e15f8dd7ce69dbcfa27cc024e9f [diff] [blame]
diff --git a/apps/apps.c b/apps/apps.c
index 68f2f27..05e1c2d 100644
--- a/apps/apps.c
+++ b/apps/apps.c

@@ -1280,14 +1280,20 @@
         }
 
         BIO_printf(bio_err, "engine \"%s\" set.\n", ENGINE_get_id(e));
-
-        /* Free our "structural" reference. */
-        ENGINE_free(e);
     }
     return e;
 }
 #endif
 
+void release_engine(ENGINE *e)
+{
+#ifndef OPENSSL_NO_ENGINE
+    if (e != NULL)
+        /* Free our "structural" reference. */
+        ENGINE_free(e);
+#endif
+}
+
 static unsigned long index_serial_hash(const OPENSSL_CSTRING *a)
 {
     const char *n;
commit	dd1abd4462e4e4fa84b8f8de2ec70375f9b0e191	[log] [tgz]
author	Richard Levitte <levitte@openssl.org>	Wed Sep 28 23:39:18 2016 +0200
committer	Richard Levitte <levitte@openssl.org>	Wed Oct 19 17:44:08 2016 +0200
tree	66ed9bf5494cf999e57f754b5fa43ccd51ffc36e
parent	e972273194303e15f8dd7ce69dbcfa27cc024e9f [diff] [blame]