git.ipfire.org Git - thirdparty/openssl.git/commit

author	Pauli <paul.dale@oracle.com>
	Thu, 13 Aug 2020 00:02:01 +0000 (10:02 +1000)
committer	Pauli <paul.dale@oracle.com>
	Fri, 14 Aug 2020 08:17:47 +0000 (18:17 +1000)
commit	ebe3f24b3d53e503bd37a2a08a8b1f896014c30d
tree	156ad137c65c0d07aec2b93c55bba095ca845c5f	tree \| snapshot
parent	0e53cd5207615038de8496684d9aa3a18d50c388	commit \| diff

provider: disable fall-backs if OSSL_PROVIDER_load() fails.

If an attempt is made to load a provider and it fails, the fall-back mechanism
should be disabled to prevent the user getting some weird happening. E.g. a
failure to load the FIPS provider should not allow the default to load as a
fall-back.

The OSSL_PROVIDER_try_load() call has been added, to allow a provider to be
loaded without disabling the fall-back mechanism if it fails.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12625)

crypto/provider.c		diff \| blob \| blame \| history
crypto/provider_core.c		diff \| blob \| blame \| history
doc/man3/OSSL_PROVIDER.pod		diff \| blob \| blame \| history
include/internal/provider.h		diff \| blob \| blame \| history
include/openssl/provider.h		diff \| blob \| blame \| history
util/libcrypto.num		diff \| blob \| blame \| history