TLS: Remove support for dynamic engine initialization.

This saves some atomic lookups, and avoids possible races when the
engine is not yet initialized or being torn down.

2 files changed, 45 insertions, 39 deletions

diff --git a/src/supplemental/tls/wolfssl/CMakeLists.txt b/src/supplemental/tls/wolfssl/CMakeLists.txt
index 7b129d9c..762757a3 100644
--- a/src/supplemental/tls/wolfssl/CMakeLists.txt
+++ b/src/supplemental/tls/wolfssl/CMakeLists.txt
@@ -69,8 +69,6 @@ if (NNG_TLS_ENGINE STREQUAL "wolf")
         message(STATUS "wolfSSL configured without pre-shared key (PSK) support.")
     endif()
 
-    nng_defines(NNG_TLS_ENGINE_INIT=nng_tls_engine_init_wolf)
-    nng_defines(NNG_TLS_ENGINE_FINI=nng_tls_engine_fini_wolf)
     nng_defines(NNG_SUPP_TLS)
     nng_defines(NNG_TLS_ENGINE_WOLFSSL)
 endif ()
diff --git a/src/supplemental/tls/wolfssl/wolfssl.c b/src/supplemental/tls/wolfssl/wolfssl.c
index 3eab0ada..f7f3732e 100644
--- a/src/supplemental/tls/wolfssl/wolfssl.c
+++ b/src/supplemental/tls/wolfssl/wolfssl.c
@@ -625,38 +625,6 @@ wolf_config_version(nng_tls_engine_config *cfg, nng_tls_version min_ver,
 	return (0);
 }
 
-static nng_tls_engine_config_ops wolf_config_ops = {
-	.init     = wolf_config_init,
-	.fini     = wolf_config_fini,
-	.size     = sizeof(nng_tls_engine_config),
-	.auth     = wolf_config_auth_mode,
-	.ca_chain = wolf_config_ca_chain,
-	.own_cert = wolf_config_own_cert,
-	.server   = wolf_config_server,
-	.psk      = wolf_config_psk,
-	.version  = wolf_config_version,
-};
-
-static nng_tls_engine_conn_ops wolf_conn_ops = {
-	.size      = sizeof(nng_tls_engine_conn),
-	.init      = wolf_conn_init,
-	.fini      = wolf_conn_fini,
-	.close     = wolf_conn_close,
-	.recv      = wolf_conn_recv,
-	.send      = wolf_conn_send,
-	.handshake = wolf_conn_handshake,
-	.verified  = wolf_conn_verified,
-};
-
-static nng_tls_engine wolf_engine = {
-	.version     = NNG_TLS_ENGINE_VERSION,
-	.config_ops  = &wolf_config_ops,
-	.conn_ops    = &wolf_conn_ops,
-	.name        = "wolf",
-	.description = "wolfSSL " LIBWOLFSSL_VERSION_STRING,
-	.fips_mode   = false, // commercial users only
-};
-
 static void
 wolf_logging_cb(const int level, const char *msg)
 {
@@ -679,8 +647,8 @@ wolf_logging_cb(const int level, const char *msg)
 	}
 }
 
-int
-nng_tls_engine_init_wolf(void)
+static nng_err
+tls_engine_init(void)
 {
 	switch (wolfSSL_Init()) {
 	case WOLFSSL_SUCCESS:
@@ -694,11 +662,51 @@ nng_tls_engine_init_wolf(void)
 	// Uncomment for full debug (also WolfSSL needs to be a debug build)
 	//
 	// wolfSSL_Debugging_ON();
-	return (nng_tls_engine_register(&wolf_engine));
+	return (NNG_OK);
 }
 
-void
-nng_tls_engine_fini_wolf(void)
+static void
+tls_engine_fini(void)
 {
 	(void) wolfSSL_Cleanup();
 }
+
+static bool
+fips_mode(void)
+{
+	return (false); // TODO: Support FIPS mode.
+}
+
+static nng_tls_engine_config_ops wolf_config_ops = {
+	.init     = wolf_config_init,
+	.fini     = wolf_config_fini,
+	.size     = sizeof(nng_tls_engine_config),
+	.auth     = wolf_config_auth_mode,
+	.ca_chain = wolf_config_ca_chain,
+	.own_cert = wolf_config_own_cert,
+	.server   = wolf_config_server,
+	.psk      = wolf_config_psk,
+	.version  = wolf_config_version,
+};
+
+static nng_tls_engine_conn_ops wolf_conn_ops = {
+	.size      = sizeof(nng_tls_engine_conn),
+	.init      = wolf_conn_init,
+	.fini      = wolf_conn_fini,
+	.close     = wolf_conn_close,
+	.recv      = wolf_conn_recv,
+	.send      = wolf_conn_send,
+	.handshake = wolf_conn_handshake,
+	.verified  = wolf_conn_verified,
+};
+
+nng_tls_engine nng_tls_engine_ops = {
+	.version     = NNG_TLS_ENGINE_VERSION,
+	.config_ops  = &wolf_config_ops,
+	.conn_ops    = &wolf_conn_ops,
+	.name        = "wolf",
+	.description = "wolfSSL " LIBWOLFSSL_VERSION_STRING,
+	.init        = tls_engine_init,
+	.fini        = tls_engine_fini,
+	.fips_mode   = fips_mode,
+};