diff options
author | Pauli <paul.dale@oracle.com> | 2020-08-13 10:02:01 +1000 |
---|---|---|
committer | Pauli <paul.dale@oracle.com> | 2020-08-14 18:17:47 +1000 |
commit | ebe3f24b3d53e503bd37a2a08a8b1f896014c30d (patch) | |
tree | 156ad137c65c0d07aec2b93c55bba095ca845c5f /util | |
parent | 0e53cd5207615038de8496684d9aa3a18d50c388 (diff) |
provider: disable fall-backs if OSSL_PROVIDER_load() fails.
If an attempt is made to load a provider and it fails, the fall-back mechanism
should be disabled to prevent the user getting some weird happening. E.g. a
failure to load the FIPS provider should not allow the default to load as a
fall-back.
The OSSL_PROVIDER_try_load() call has been added, to allow a provider to be
loaded without disabling the fall-back mechanism if it fails.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12625)
Diffstat (limited to 'util')
-rw-r--r-- | util/libcrypto.num | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/util/libcrypto.num b/util/libcrypto.num index a2b5a5c6ff..838d1e686d 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -4487,6 +4487,7 @@ OSSL_trace_enabled ? 3_0_0 EXIST::FUNCTION: OSSL_trace_begin ? 3_0_0 EXIST::FUNCTION: OSSL_trace_end ? 3_0_0 EXIST::FUNCTION: OSSL_PROVIDER_load ? 3_0_0 EXIST::FUNCTION: +OSSL_PROVIDER_try_load ? 3_0_0 EXIST::FUNCTION: OSSL_PROVIDER_unload ? 3_0_0 EXIST::FUNCTION: OSSL_PROVIDER_add_builtin ? 3_0_0 EXIST::FUNCTION: OSSL_PROVIDER_gettable_params ? 3_0_0 EXIST::FUNCTION: |