From: David Woodhouse <dwmw2@infradead.org>
Date: Thu, 18 Dec 2014 15:09:40 +0000 (+0000)
Subject: OpenSSL: Load dynamic ENGINE unconditionally
X-Git-Tag: hostap_2_4~648
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ddda627618eb44c1928e1a14aff336c926fb6dc5;p=thirdparty%2Fhostap.git

OpenSSL: Load dynamic ENGINE unconditionally

This means that if the PKCS#11 engine is installed in the right place
in the system, it'll automatically be invoked by ENGINE_by_id("pkcs11")
later, and things work without explictly configuring pkcs11_engine_path.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
---

diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index f0a8930e8..89b242b0c 100644
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -828,13 +828,13 @@ void * tls_init(const struct tls_config *conf)
 #endif /* OPENSSL_SUPPORTS_CTX_APP_DATA */
 
 #ifndef OPENSSL_NO_ENGINE
+	wpa_printf(MSG_DEBUG, "ENGINE: Loading dynamic engine");
+	ERR_load_ENGINE_strings();
+	ENGINE_load_dynamic();
+
 	if (conf &&
 	    (conf->opensc_engine_path || conf->pkcs11_engine_path ||
 	     conf->pkcs11_module_path)) {
-		wpa_printf(MSG_DEBUG, "ENGINE: Loading dynamic engine");
-		ERR_load_ENGINE_strings();
-		ENGINE_load_dynamic();
-
 		if (tls_engine_load_dynamic_opensc(conf->opensc_engine_path) ||
 		    tls_engine_load_dynamic_pkcs11(conf->pkcs11_engine_path,
 						   conf->pkcs11_module_path)) {