OPENSSL_init_crypto load config into initial global default library context

OPENSSL_init_crypto() with OPENSSL_INIT_LOAD_CONFIG must load the configuration
into the initial global default library context, not the currently set default
library context.

OPENSSL_init_crypto() with OPENSSL_INIT_LOAD_CONFIG may be called within other
OpenSSL API functions, e.g. from within EVP_PKEY_CTX_new_xxx() when initializing
a pkey context, to perform implicit initialization, if it has not been
initialized yet. This implicit initialization may happen at a time when an
application has already create its own library context and made it the default
library context. So loading the config into the current default library context
would load it into the applications library context.

Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21897)

(cherry picked from commit ecb6cdf02a302af18fe4bc20097a9ea3177f897c)

diff --git a/crypto/conf/conf_sap.c b/crypto/conf/conf_sap.c
index 513f8bfc1fb94c83c6ce63f5abfd76e269bc0507..3019bcf31af81abf116cc6bae319b3d9cb094fd3 100644 (file)
--- a/crypto/conf/conf_sap.c
+++ b/crypto/conf/conf_sap.c
@@ -65,7 +65,8 @@ int ossl_config_int(const OPENSSL_INIT_SETTINGS *settings)
 #endif
 
 #ifndef OPENSSL_SYS_UEFI
-    ret = CONF_modules_load_file(filename, appname, flags);
+    ret = CONF_modules_load_file_ex(OSSL_LIB_CTX_get0_global_default(),
+                                    filename, appname, flags);
 #else
     ret = 1;
 #endif