From branch OpenSSL_0_9_8-stable: Allow soft-loading engines.

Also, fix CHANGES (consistency with stable branch).

3 files changed, 34 insertions, 15 deletions

diff --git a/CHANGES b/CHANGES
index 208ff318e5..e8d45736c6 100644
--- a/CHANGES
+++ b/CHANGES
@@ -703,13 +703,7 @@
   *) Change 'Configure' script to enable Camellia by default.
      [NTT]
 
-  *) Fix bug in X509_ATTRIBUTE creation: dont set attribute using
-     ASN1_TYPE_set1 if MBSTRING flag set. This bug would crash certain
-     attribute creation routines such as certifcate requests and PKCS#12
-     files.
-     [Steve Henson]
-
- Changes between 0.9.8h and 0.9.8i  [xx XXX xxxx]
+ Changes between 0.9.8h and 0.9.8i  [15 Sep 2008]
 
   *) Fix a state transitition in s3_srvr.c and d1_srvr.c
      (was using SSL3_ST_CW_CLNT_HELLO_B, should be ..._ST_SW_SRVR_...).
@@ -741,6 +735,10 @@
 
      [Neel Mehta, Bodo Moeller]
 
+  *) Allow engines to be "soft loaded" - i.e. optionally don't die if
+     the load fails. Useful for distros.
+     [Ben Laurie and the FreeBSD team]
+
   *) Add support for Local Machine Keyset attribute in PKCS#12 files.
      [Steve Henson]
 
@@ -759,11 +757,11 @@
      This work was sponsored by Logica.
      [Steve Henson]
 
->>> Note: this change doesn't apply to the 0.9.9-dev branch (yet).
-  *) Allow engines to be "soft loaded" - i.e. optionally don't die if
-     the load fails. Useful for distros.
-     [Ben Laurie and the FreeBSD team]
-<<<
+  *) Fix bug in X509_ATTRIBUTE creation: dont set attribute using
+     ASN1_TYPE_set1 if MBSTRING flag set. This bug would crash certain
+     attribute creation routines such as certifcate requests and PKCS#12
+     files.
+     [Steve Henson]
 
  Changes between 0.9.8g and 0.9.8h  [28 May 2008]
 
diff --git a/apps/openssl.c b/apps/openssl.c
index 8323b59659..5d61d171ca 100644
--- a/apps/openssl.c
+++ b/apps/openssl.c
@@ -272,9 +272,21 @@ int main(int Argc, char *Argv[])
 	i=NCONF_load(config,p,&errline);
 	if (i == 0)
 		{
-		NCONF_free(config);
-		config = NULL;
-		ERR_clear_error();
+		if (ERR_GET_REASON(ERR_peek_last_error())
+		    == CONF_R_NO_SUCH_FILE)
+			{
+			BIO_printf(bio_err,
+				   "WARNING: can't open config file: %s\n",p);
+			ERR_clear_error();
+			NCONF_free(config);
+			config = NULL;
+			}
+		else
+			{
+			ERR_print_errors(bio_err);
+			NCONF_free(config);
+			exit(1);
+			}
 		}
 
 	prog=prog_init();
diff --git a/crypto/engine/eng_cnf.c b/crypto/engine/eng_cnf.c
index a97e01e619..afd6b6f8c7 100644
--- a/crypto/engine/eng_cnf.c
+++ b/crypto/engine/eng_cnf.c
@@ -98,6 +98,8 @@ static int int_engine_configure(char *name, char *value, const CONF *cnf)
 	CONF_VALUE *ecmd;
 	char *ctrlname, *ctrlvalue;
 	ENGINE *e = NULL;
+	int soft = 0;
+
 	name = skip_dot(name);
 #ifdef ENGINE_CONF_DEBUG
 	fprintf(stderr, "Configuring engine %s\n", name);
@@ -125,6 +127,8 @@ static int int_engine_configure(char *name, char *value, const CONF *cnf)
 		/* Override engine name to use */
 		if (!strcmp(ctrlname, "engine_id"))
 			name = ctrlvalue;
+		else if (!strcmp(ctrlname, "soft_load"))
+			soft = 1;
 		/* Load a dynamic ENGINE */
 		else if (!strcmp(ctrlname, "dynamic_path"))
 			{
@@ -147,6 +151,11 @@ static int int_engine_configure(char *name, char *value, const CONF *cnf)
 			if (!e)
 				{
 				e = ENGINE_by_id(name);
+				if (!e && soft)
+					{
+					ERR_clear_error();
+					return 1;
+					}
 				if (!e)
 					return 0;
 				}