[openssl-dev] [openssl.org #4562] Possible bug in OPENSSL_config - ignore input parameter
Alexander Zaika via RT
rt at openssl.org
Fri Jun 10 13:02:57 UTC 2016
Hello
Looks like OPENSSL_config have a bug as result users can't set
alternative path to openssl.cnf file.
If you take a look on implementation of void OPENSSL_config(const char
*config_name) it call a
CONF_modules_load_file(NULL, config_name, CONF_MFLAGS_DEFAULT_SECTION |
CONF_MFLAGS_IGNORE_MISSING_FILE);
As you can see "config_name" put to "CONF_modules_load_file" as second
argument, but if you take a look on:
int CONF_modules_load_file(const char *filename, const char *appname,
unsigned long flags)
Looks like CONF_modules_load_file expected config file name as FIRST
argument (instead of second).
Best Regards
Alex
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4562
Please log in as guest with password guest if prompted
More information about the openssl-dev
mailing list