From 104fd20ac367331cf7b5895796777305df9ab2bd Mon Sep 17 00:00:00 2001 From: Nikita Vetrov Date: Sat, 21 Jun 2014 10:34:13 +0400 Subject: [PATCH] Add GOST94-GOST89-GOST89 and other ciphers support It is done via one-time call OPENSSL_config. It will fix this error `OpenSSL: error:140920F8:SSL routines:SSL3_GET_SERVER_HELLO:unknown cipher returned`. OpenSSL with GOST-support and rebuilding wget required --- src/ChangeLog | 4 ++++ src/openssl.c | 11 +++++++++++ 2 files changed, 15 insertions(+) diff --git a/src/ChangeLog b/src/ChangeLog index aabfaf57..cc0a28d7 100644 --- a/src/ChangeLog +++ b/src/ChangeLog @@ -1,3 +1,7 @@ +2014-06-21 Nikita Vetrov (tiny change) + + * openssl.c: Add one-time call OPENSSL_config in ssl_init. + 2014-06-19 Giuseppe Scrivano * mswindows.c (fake_fork_child): Revert dinamic allocation of diff --git a/src/openssl.c b/src/openssl.c index 4eab376f..879b27e6 100644 --- a/src/openssl.c +++ b/src/openssl.c @@ -153,6 +153,9 @@ key_type_to_ssl_type (enum keyfile_type type) } } +/* SSL has been initialized */ +static int ssl_true_initialized = 0; + /* Create an SSL Context and set default paths etc. Called the first time an HTTP download is attempted. @@ -161,6 +164,14 @@ key_type_to_ssl_type (enum keyfile_type type) bool ssl_init (void) { +#if OPENSSL_VERSION_NUMBER >= 0x00907000 + if (ssl_true_initialized == 0) + { + OPENSSL_config (NULL); + ssl_true_initialized = 1; + } +#endif + SSL_METHOD const *meth; if (ssl_ctx)