From 1a489c9af1b0481ad9570968c5fecd56854580db Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bodo=20M=C3=B6ller?= Date: Mon, 15 Sep 2008 20:41:24 +0000 Subject: [PATCH] From branch OpenSSL_0_9_8-stable: Allow soft-loading engines. Also, fix CHANGES (consistency with stable branch). --- CHANGES | 22 ++++++++++------------ apps/openssl.c | 18 +++++++++++++++--- crypto/engine/eng_cnf.c | 9 +++++++++ 3 files changed, 34 insertions(+), 15 deletions(-) diff --git a/CHANGES b/CHANGES index 208ff318e..e8d45736c 100644 --- a/CHANGES +++ b/CHANGES @@ -703,13 +703,7 @@ *) Change 'Configure' script to enable Camellia by default. [NTT] - *) Fix bug in X509_ATTRIBUTE creation: dont set attribute using - ASN1_TYPE_set1 if MBSTRING flag set. This bug would crash certain - attribute creation routines such as certifcate requests and PKCS#12 - files. - [Steve Henson] - - Changes between 0.9.8h and 0.9.8i [xx XXX xxxx] + Changes between 0.9.8h and 0.9.8i [15 Sep 2008] *) Fix a state transitition in s3_srvr.c and d1_srvr.c (was using SSL3_ST_CW_CLNT_HELLO_B, should be ..._ST_SW_SRVR_...). @@ -741,6 +735,10 @@ [Neel Mehta, Bodo Moeller] + *) Allow engines to be "soft loaded" - i.e. optionally don't die if + the load fails. Useful for distros. + [Ben Laurie and the FreeBSD team] + *) Add support for Local Machine Keyset attribute in PKCS#12 files. [Steve Henson] @@ -759,11 +757,11 @@ This work was sponsored by Logica. [Steve Henson] ->>> Note: this change doesn't apply to the 0.9.9-dev branch (yet). - *) Allow engines to be "soft loaded" - i.e. optionally don't die if - the load fails. Useful for distros. - [Ben Laurie and the FreeBSD team] -<<< + *) Fix bug in X509_ATTRIBUTE creation: dont set attribute using + ASN1_TYPE_set1 if MBSTRING flag set. This bug would crash certain + attribute creation routines such as certifcate requests and PKCS#12 + files. + [Steve Henson] Changes between 0.9.8g and 0.9.8h [28 May 2008] diff --git a/apps/openssl.c b/apps/openssl.c index 8323b5965..5d61d171c 100644 --- a/apps/openssl.c +++ b/apps/openssl.c @@ -272,9 +272,21 @@ int main(int Argc, char *Argv[]) i=NCONF_load(config,p,&errline); if (i == 0) { - NCONF_free(config); - config = NULL; - ERR_clear_error(); + if (ERR_GET_REASON(ERR_peek_last_error()) + == CONF_R_NO_SUCH_FILE) + { + BIO_printf(bio_err, + "WARNING: can't open config file: %s\n",p); + ERR_clear_error(); + NCONF_free(config); + config = NULL; + } + else + { + ERR_print_errors(bio_err); + NCONF_free(config); + exit(1); + } } prog=prog_init(); diff --git a/crypto/engine/eng_cnf.c b/crypto/engine/eng_cnf.c index a97e01e61..afd6b6f8c 100644 --- a/crypto/engine/eng_cnf.c +++ b/crypto/engine/eng_cnf.c @@ -98,6 +98,8 @@ static int int_engine_configure(char *name, char *value, const CONF *cnf) CONF_VALUE *ecmd; char *ctrlname, *ctrlvalue; ENGINE *e = NULL; + int soft = 0; + name = skip_dot(name); #ifdef ENGINE_CONF_DEBUG fprintf(stderr, "Configuring engine %s\n", name); @@ -125,6 +127,8 @@ static int int_engine_configure(char *name, char *value, const CONF *cnf) /* Override engine name to use */ if (!strcmp(ctrlname, "engine_id")) name = ctrlvalue; + else if (!strcmp(ctrlname, "soft_load")) + soft = 1; /* Load a dynamic ENGINE */ else if (!strcmp(ctrlname, "dynamic_path")) { @@ -147,6 +151,11 @@ static int int_engine_configure(char *name, char *value, const CONF *cnf) if (!e) { e = ENGINE_by_id(name); + if (!e && soft) + { + ERR_clear_error(); + return 1; + } if (!e) return 0; }