From: Dr. Stephen Henson <steve@openssl.org>
Date: Tue, 19 Jan 2010 19:56:06 +0000 (+0000)
Subject: The use of NIDs in the password based encryption table can result in
X-Git-Tag: OpenSSL-fips-2_0-rc1~1335
X-Git-Url: https://git.openssl.org/?p=openssl.git;a=commitdiff_plain;h=071ef65cfa1f6174f677163555aa63ce6d68b9d2

The use of NIDs in the password based encryption table can result in
algorithms not found when an application uses PKCS#12 and only calls
SSL_library_init() instead of OpenSSL_add_all_algorithms(). Simple
work around is to add the missing algorithm (40 bit RC2) in
SSL_library_init().
---

diff --git a/ssl/ssl_algs.c b/ssl/ssl_algs.c
index 640f6cff5c..a26ae43957 100644
--- a/ssl/ssl_algs.c
+++ b/ssl/ssl_algs.c
@@ -76,6 +76,10 @@ int SSL_library_init(void)
 #endif  
 #ifndef OPENSSL_NO_RC2
 	EVP_add_cipher(EVP_rc2_cbc());
+	/* Not actually used for SSL/TLS but this makes PKCS#12 work
+	 * if an application only calls SSL_library_init().
+	 */
+	EVP_add_cipher(EVP_rc2_40_cbc());
 #endif
 #ifndef OPENSSL_NO_AES
 	EVP_add_cipher(EVP_aes_128_cbc());