[openssl-commits] [openssl] master update

bernd.edlinger at hotmail.de bernd.edlinger at hotmail.de
Tue Apr 17 14:33:48 UTC 2018 

The branch master has been updated
       via  dbabc862966b9afbcc55c59cc07ab643a14ffb31 (commit)
      from  a051af0e75bf717cc818db498d9b977953816f80 (commit)


- Log -----------------------------------------------------------------
commit dbabc862966b9afbcc55c59cc07ab643a14ffb31
Author: Bernd Edlinger <bernd.edlinger at hotmail.de>
Date:   Sun Apr 15 12:02:25 2018 +0200

    Add a config option to disable automatic config loading
    
    ./config no-autoload-config
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/5959)

-----------------------------------------------------------------------

Summary of changes:
 Configure       | 3 ++-
 INSTALL         | 4 ++++
 ssl/ssl_init.c  | 2 ++
 test/ssl_test.c | 5 +++++
 4 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/Configure b/Configure
index 99ab26f..5703302 100755
--- a/Configure
+++ b/Configure
@@ -325,6 +325,7 @@ my @disablables = (
     "async",
     "autoalginit",
     "autoerrinit",
+    "autoload-config",
     "bf",
     "blake2",
     "camellia",
@@ -426,7 +427,7 @@ my %deprecated_disablables = (
 # All of the following are disabled by default:
 
 our %disabled = ( # "what"         => "comment"
-                  "asan"		=> "default",
+		  "asan"		=> "default",
 		  "crypto-mdebug"       => "default",
 		  "crypto-mdebug-backtrace" => "default",
 		  "devcryptoeng"	=> "default",
diff --git a/INSTALL b/INSTALL
index 71d6b88..c0163a9 100644
--- a/INSTALL
+++ b/INSTALL
@@ -276,6 +276,10 @@
                    error strings. For a statically linked application this may
                    be undesirable if small executable size is an objective.
 
+  no-autoload-config
+                   Don't automatically load the default openssl.cnf file.
+                   Typically OpenSSL will automatically load a system config
+                   file which configures default ssl options.
 
   no-capieng
                    Don't build the CAPI engine. This option will be forced if
diff --git a/ssl/ssl_init.c b/ssl/ssl_init.c
index 6073556..ed2bf84 100644
--- a/ssl/ssl_init.c
+++ b/ssl/ssl_init.c
@@ -195,7 +195,9 @@ int OPENSSL_init_ssl(uint64_t opts, const OPENSSL_INIT_SETTINGS * settings)
     }
 
     if (!OPENSSL_init_crypto(opts
+#ifndef OPENSSL_NO_AUTOLOAD_CONFIG
                              | OPENSSL_INIT_LOAD_CONFIG
+#endif
                              | OPENSSL_INIT_ADD_ALL_CIPHERS
                              | OPENSSL_INIT_ADD_ALL_DIGESTS,
                              settings))
diff --git a/test/ssl_test.c b/test/ssl_test.c
index f2a1812..7453a9d 100644
--- a/test/ssl_test.c
+++ b/test/ssl_test.c
@@ -467,6 +467,11 @@ static int test_handshake(int idx)
         }
     }
 
+#ifdef OPENSSL_NO_AUTOLOAD_CONFIG
+    if (!TEST_true(OPENSSL_init_ssl(OPENSSL_INIT_LOAD_CONFIG, NULL)))
+        goto err;
+#endif
+
     if (!TEST_ptr(server_ctx)
             || !TEST_ptr(client_ctx)
             || !TEST_int_gt(CONF_modules_load(conf, test_app, 0),  0))

More information about the openssl-commits mailing list