From: Daniel Stenberg <daniel@haxx.se>
Date: Thu, 7 Aug 2014 10:02:34 +0000 (+0200)
Subject: openssl: replace call to OPENSSL_config
X-Git-Tag: curl-7_38_0~134
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=7d2f61f66ab4e047fc9aefc2effc1ac6d340a66a;p=thirdparty%2Fcurl.git

openssl: replace call to OPENSSL_config

OPENSSL_config() is "strongly recommended" to use but unfortunately that
function makes an exit() call on wrongly formatted config files which
makes it hard to use in some situations. OPENSSL_config() itself calls
CONF_modules_load_file() and we use that instead and we ignore its
return code!

Reported-by: Jan Ehrhardt
Bug: http://curl.haxx.se/bug/view.cgi?id=1401
---

diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index fa879d9749..62d86c0171 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -741,7 +741,17 @@ int Curl_ossl_init(void)
     return 0;
 
   OpenSSL_add_all_algorithms();
-  OPENSSL_config(NULL);
+
+
+  /* OPENSSL_config(NULL); is "strongly recommended" to use but unfortunately
+     that function makes an exit() call on wrongly formatted config files
+     which makes it hard to use in some situations. OPENSSL_config() itself
+     calls CONF_modules_load_file() and we use that instead and we ignore
+     its return code! */
+
+  (void)CONF_modules_load_file(NULL, NULL,
+                               CONF_MFLAGS_DEFAULT_SECTION|
+                               CONF_MFLAGS_IGNORE_MISSING_FILE);
 
   return 1;
 }