[openssl/openssl] 9ffd4a: Add a test for late loading of an ENGINE in TLS

Matt Caswell noreply at github.com
Tue Dec 12 16:22:54 UTC 2023


  Branch: refs/heads/openssl-3.0
  Home:   https://github.com/openssl/openssl
  Commit: 9ffd4a34681feb9968719905b366276e7425e2a2
      https://github.com/openssl/openssl/commit/9ffd4a34681feb9968719905b366276e7425e2a2
  Author: Matt Caswell <matt at openssl.org>
  Date:   2023-12-12 (Tue, 12 Dec 2023)

  Changed paths:
    M test/sslapitest.c

  Log Message:
  -----------
  Add a test for late loading of an ENGINE in TLS

Confirm that using an ENGINE works as expected with TLS even if it is
loaded late (after construction of the SSL_CTX).

(cherry picked from commit a9c97da4910648790387d035afb12963158778fb)

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Todd Short <todd.short at me.com>
(Merged from https://github.com/openssl/openssl/pull/22865)

(cherry picked from commit dda9208cef52670e6c832cbadaa3e08ad535ac30)


  Commit: 4f41e1b1d0cd545278017099b4ba062ab7a0f470
      https://github.com/openssl/openssl/commit/4f41e1b1d0cd545278017099b4ba062ab7a0f470
  Author: Matt Caswell <matt at openssl.org>
  Date:   2023-12-12 (Tue, 12 Dec 2023)

  Changed paths:
    M ssl/s3_enc.c
    M ssl/t1_enc.c

  Log Message:
  -----------
  Don't attempt to set provider params on an ENGINE based cipher

If an ENGINE has been loaded after the SSL_CTX has been created then
the cipher we have cached might be provider based, but the cipher we
actually end up using might not be. Don't try to set provider params on
a cipher that is actually ENGINE based.

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Todd Short <todd.short at me.com>
(Merged from https://github.com/openssl/openssl/pull/22865)

(cherry picked from commit ed5f9ce63e98da2e7fddd55040c8e9e03f3af975)


Compare: https://github.com/openssl/openssl/compare/a52ca9cbb134...4f41e1b1d0cd


More information about the openssl-commits mailing list