1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-05 00:55:04 -05:00

openssl: use OPENSSL_init_ssl() with >= 1.1.0

Reported-by: Kovalkov Dmitrii and Per Nilsson
Fixes #6254
Fixes #6256
Closes #6260
This commit is contained in:
Daniel Stenberg 2020-11-28 16:42:52 +01:00
parent 6703eb2f4c
commit 1835cb916e
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2

View File

@ -1115,6 +1115,21 @@ static int x509_name_oneline(X509_NAME *a, char *buf, size_t size)
*/
static int Curl_ossl_init(void)
{
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && \
!defined(LIBRESSL_VERSION_NUMBER)
const uint64_t flags =
#ifdef OPENSSL_INIT_ENGINE_ALL_BUILTIN
/* not present in BoringSSL */
OPENSSL_INIT_ENGINE_ALL_BUILTIN |
#endif
#ifdef CURL_DISABLE_OPENSSL_AUTO_LOAD_CONFIG
OPENSSL_INIT_NO_LOAD_CONFIG |
#else
OPENSSL_INIT_LOAD_CONFIG |
#endif
0;
OPENSSL_init_ssl(flags, NULL);
#else
OPENSSL_load_builtin_modules();
#ifdef USE_OPENSSL_ENGINE
@ -1133,10 +1148,6 @@ static int Curl_ossl_init(void)
CONF_MFLAGS_IGNORE_MISSING_FILE);
#endif
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && \
!defined(LIBRESSL_VERSION_NUMBER)
/* OpenSSL 1.1.0+ takes care of initialization itself */
#else
/* Lets get nice error messages */
SSL_load_error_strings();