him411/wlan-ap-Telecominfraproject
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/wlan-ap.git synced 2025-12-21 11:22:50 +00:00
Code Issues Packages Projects Releases Wiki Activity
008ca9618d
wlan-ap-Telecominfraproject/feeds/ipq807x_v5.4/hostapd/patches/046-OpenSSL-Load-OpenSSL-3.0-legacy-provider-but-let-def.patch
John Crispin 99f6881a36 hostapd: add internal radius server 
Signed-off-by: John Crispin <john@phrozen.org>
2023-10-23 08:38:02 +02:00

60 lines
2.0 KiB
Diff
Raw Blame History

From 0143dc1cb6404f13f6fee6da192a486038e79a9f Mon Sep 17 00:00:00 2001
From: Norman Hamer <NHamer@absolute.com>
Date: Mon, 31 Oct 2022 23:06:22 +0000
Subject: [PATCH] OpenSSL: Load OpenSSL 3.0 legacy provider but let default be
loaded
The default provider is being loaded here explicitly only because
OSSL_PROVIDER_load() disables the fallback provider loading (on either
success or failure). If the legacy provider fails to load, which it may
in some configurations, it will never load the default provider.
Just use the formulation which attempts to load without changing the
fallback behavior.
"default" will still be/only be loaded if no other provider (notably
FIPS) is loaded to provide algorithms.
Signed-off-by: Norman Hamer <nhamer@absolute.com>
---
src/crypto/crypto_openssl.c | 9 +--------
1 file changed, 1 insertion(+), 8 deletions(-)
diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c
index c8013a892..8f220bb1a 100644
--- a/src/crypto/crypto_openssl.c
+++ b/src/crypto/crypto_openssl.c
@@ -182,7 +182,6 @@ static int EC_GROUP_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a,
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
-static OSSL_PROVIDER *openssl_default_provider = NULL;
static OSSL_PROVIDER *openssl_legacy_provider = NULL;
#endif /* OpenSSL version >= 3.0 */
@@ -192,9 +191,7 @@ void openssl_load_legacy_provider(void)
if (openssl_legacy_provider)
return;
- openssl_legacy_provider = OSSL_PROVIDER_load(NULL, "legacy");
- if (openssl_legacy_provider && !openssl_default_provider)
- openssl_default_provider = OSSL_PROVIDER_load(NULL, "default");
+ openssl_legacy_provider = OSSL_PROVIDER_try_load(NULL, "legacy", 1);
#endif /* OpenSSL version >= 3.0 */
}
@@ -206,10 +203,6 @@ static void openssl_unload_legacy_provider(void)
OSSL_PROVIDER_unload(openssl_legacy_provider);
openssl_legacy_provider = NULL;
}
- if (openssl_default_provider) {
- OSSL_PROVIDER_unload(openssl_default_provider);
- openssl_default_provider = NULL;
- }
#endif /* OpenSSL version >= 3.0 */
}
--
2.34.1
Reference in New Issue View Git Blame Copy Permalink