git.openssl.org Git - openssl.git/commit

author	Matt Caswell <matt@openssl.org>
	Fri, 30 Mar 2018 18:19:56 +0000 (19:19 +0100)
committer	Matt Caswell <matt@openssl.org>
	Thu, 5 Apr 2018 14:30:12 +0000 (15:30 +0100)
commit	d8f031e890d35887047c35b60347ac385b989065
tree	ee6c353be64840cf86030b5e5ffca02321310641	tree \| snapshot
parent	4845aeba4c49e1bd65259a5014d7e3ab38657d42	commit \| diff

Move the loading of the ssl_conf module to libcrypto

The GOST engine needs to be loaded before we initialise libssl. Otherwise
the GOST ciphersuites are not enabled. However the SSL conf module must
be loaded before we initialise libcrypto. Otherwise we will fail to read
the SSL config from a config file properly.

Another problem is that an application may make use of both libcrypto and
libssl. If it performs libcrypto stuff first and OPENSSL_init_crypto()
is called and loads a config file it will fail if that config file has
any libssl stuff in it.

This commit separates out the loading of the SSL conf module from the
interpretation of its contents. The loading piece doesn't know anything
about SSL so this can be moved to libcrypto. The interpretation of what it
means remains in libssl. This means we can load the SSL conf data before
libssl is there and interpret it when it later becomes available.

Fixes #5809

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5818)

crypto/conf/build.info		diff \| blob \| history
crypto/conf/conf_err.c		diff \| blob \| history
crypto/conf/conf_lcl.h	[new file with mode: 0644]	blob
crypto/conf/conf_mall.c		diff \| blob \| history
crypto/conf/conf_ssl.c	[new file with mode: 0644]	blob
crypto/err/openssl.txt		diff \| blob \| history
include/internal/sslconf.h	[new file with mode: 0644]	blob
include/openssl/conferr.h		diff \| blob \| history
ssl/ssl_init.c		diff \| blob \| history
ssl/ssl_mcnf.c		diff \| blob \| history
util/libcrypto.num		diff \| blob \| history
util/mkdef.pl		diff \| blob \| history