diff options
| author | Matt Caswell <matt@openssl.org> | 2018-03-30 19:19:56 +0100 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2018-04-05 15:34:41 +0100 |
| commit | 23dec58b9c2e36311208a90efb3d56818a9ed6fd (patch) | |
| tree | c6a295c72a52815d051f84c39e77586e1abcba6e /util | |
| parent | bd90e98e149532aac345080905603f98af3d3350 (diff) | |
Move the loading of the ssl_conf module to libcrypto
The GOST engine needs to be loaded before we initialise libssl. Otherwise
the GOST ciphersuites are not enabled. However the SSL conf module must
be loaded before we initialise libcrypto. Otherwise we will fail to read
the SSL config from a config file properly.
Another problem is that an application may make use of both libcrypto and
libssl. If it performs libcrypto stuff first and OPENSSL_init_crypto()
is called and loads a config file it will fail if that config file has
any libssl stuff in it.
This commit separates out the loading of the SSL conf module from the
interpretation of its contents. The loading piece doesn't know anything
about SSL so this can be moved to libcrypto. The interpretation of what it
means remains in libssl. This means we can load the SSL conf data before
libssl is there and interpret it when it later becomes available.
Fixes #5809
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5879)
Diffstat (limited to 'util')
| -rw-r--r-- | util/libcrypto.num | 3 | ||||
| -rwxr-xr-x | util/mkdef.pl | 1 |
2 files changed, 4 insertions, 0 deletions
diff --git a/util/libcrypto.num b/util/libcrypto.num index 8414d97ff1..461bd8a098 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -4234,3 +4234,6 @@ CRYPTO_secure_clear_free 4315 1_1_0g EXIST::FUNCTION: EVP_PKEY_set1_engine 4347 1_1_0g EXIST::FUNCTION:ENGINE OCSP_resp_get0_signer 4374 1_1_0h EXIST::FUNCTION:OCSP X509_get0_authority_key_id 4448 1_1_0h EXIST::FUNCTION: +conf_ssl_name_find 4469 1_1_0i EXIST::FUNCTION: +conf_ssl_get_cmd 4470 1_1_0i EXIST::FUNCTION: +conf_ssl_get 4471 1_1_0i EXIST::FUNCTION: diff --git a/util/mkdef.pl b/util/mkdef.pl index 66db26c3b9..eb303e603b 100755 --- a/util/mkdef.pl +++ b/util/mkdef.pl @@ -252,6 +252,7 @@ $crypto.=" include/internal/o_dir.h"; $crypto.=" include/internal/o_str.h"; $crypto.=" include/internal/err.h"; $crypto.=" include/internal/asn1t.h"; +$crypto.=" include/internal/sslconf.h"; $crypto.=" include/openssl/des.h" ; # unless $no_des; $crypto.=" include/openssl/idea.h" ; # unless $no_idea; $crypto.=" include/openssl/rc4.h" ; # unless $no_rc4; |