From: Petr Menšík Date: Wed, 7 Sep 2022 11:46:31 +0000 (+0200) Subject: Add ENGINE_init and ENGINE_finish calls X-Git-Tag: v9.19.6~41^2~9 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=71a8f1e7cd83075416a4edd71572c9aec0ec49d5;p=thirdparty%2Fbind9.git Add ENGINE_init and ENGINE_finish calls According to manual page of ENGINE_init, it should be called explicitly before any key operations happens. Make it active whole lifetime. --- diff --git a/lib/dns/openssl_link.c b/lib/dns/openssl_link.c index 333f34cb37a..a3f63885fa3 100644 --- a/lib/dns/openssl_link.c +++ b/lib/dns/openssl_link.c @@ -85,14 +85,20 @@ dst__openssl_init(const char *engine) { result = DST_R_NOENGINE; goto cleanup_rm; } + if (!ENGINE_init(e)) { + result = DST_R_NOENGINE; + goto cleanup_rm; + } /* This will init the engine. */ if (!ENGINE_set_default(e, ENGINE_METHOD_ALL)) { result = DST_R_NOENGINE; - goto cleanup_rm; + goto cleanup_init; } } return (ISC_R_SUCCESS); +cleanup_init: + ENGINE_finish(e); cleanup_rm: if (e != NULL) { ENGINE_free(e); @@ -108,6 +114,7 @@ void dst__openssl_destroy(void) { #if !defined(OPENSSL_NO_ENGINE) && OPENSSL_API_LEVEL < 30000 if (e != NULL) { + ENGINE_finish(e); ENGINE_free(e); } e = NULL;