From: Matt Caswell <matt@openssl.org>
Date: Mon, 20 Feb 2023 14:47:20 +0000 (+0000)
Subject: Only call OPENSSL_init_crypto on fetch if using the default libctx
X-Git-Tag: openssl-3.2.0-alpha1~1270
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7a6a0baa591e3d04831ed0f468c72dc45feba452;p=thirdparty%2Fopenssl.git

Only call OPENSSL_init_crypto on fetch if using the default libctx

There is no point in calling OPENSSL_init_crypto() unless we are actually
going to be using the default libctx.

Fixes #20315

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20341)
---

diff --git a/crypto/property/property.c b/crypto/property/property.c
index 6f56d2366bd..034cde51a8b 100644
--- a/crypto/property/property.c
+++ b/crypto/property/property.c
@@ -502,13 +502,14 @@ int ossl_method_store_fetch(OSSL_METHOD_STORE *store,
     int ret = 0;
     int j, best = -1, score, optional;
 
-#ifndef FIPS_MODULE
-    if (!OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL))
+    if (nid <= 0 || method == NULL || store == NULL)
         return 0;
-#endif
 
-    if (nid <= 0 || method == NULL || store == NULL)
+#ifndef FIPS_MODULE
+    if (ossl_lib_ctx_is_default(store->ctx)
+            && !OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL))
         return 0;
+#endif
 
     /* This only needs to be a read lock, because the query won't create anything */
     if (!ossl_property_read_lock(store))