curl-tracker Archives

[curl:bugs] #1208 curl is unable to load non-default openssl engines

From: Taiki <taikisan_at_users.sf.net>
Date: Mon, 28 Jul 2014 17:11:24 +0000

Hi,
The proposed patch break libcurl in the case /usr/lib/ssl/openssl.cnf in unreadable (similar to https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584911)
OpenSSL throw a few lines of errors then the whole thing exit().
Removing the OPENSSL_config call make the problem go away.
It's probably an openssl bug, but maybe adding a check that this file can be open before calling OPENSSL_config would be great.

---
** [bugs:#1208] curl is unable to load non-default openssl engines**
**Status:** closed-later
**Labels:** openssl 
**Created:** Mon Mar 25, 2013 12:18 AM UTC by drook
**Last Updated:** Fri Apr 18, 2014 06:33 AM UTC
**Owner:** Daniel Stenberg
curl is unable to load non-default openssl engines, because openssl isn't initialized properly - curl ignores the openssl configutration file. for example curl cannot load ccgost engine, provided since 1.0.0:
    # /usr/local/openssl/bin/openssl engine
    (rsax) RSAX engine support
    (rdrand) Intel RDRAND engine
    (dynamic) Dynamic engine loading support
    (gost) Reference implementation of GOST engine
    # ldd /usr/local/curl/bin/curl
        linux-vdso.so.1 =>  (0x00007fff0c9ff000)
        libcurl.so.4 => /usr/local/curl/lib/libcurl.so.4 (0x00007fb5f1f17000)
        libz.so.1 => /usr/lib/libz.so.1 (0x00007fb5f1d00000)
        librt.so.1 => /lib/librt.so.1 (0x00007fb5f1af7000)
        libc.so.6 => /lib/libc.so.6 (0x00007fb5f1795000)
        libssl.so.1.0.0 => /usr/local/openssl/lib/libssl.so.1.0.0 (0x00007fb5f152c000)
        libcrypto.so.1.0.0 => /usr/local/openssl/lib/libcrypto.so.1.0.0 (0x00007fb5f1151000)
        libpthread.so.0 => /lib/libpthread.so.0 (0x00007fb5f0f35000)
        /lib64/ld-linux-x86-64.so.2 (0x00007fb5f2178000)
        libdl.so.2 => /lib/libdl.so.2 (0x00007fb5f0d31000)
    # /usr/local/curl/bin//curl --engine list
    Build-time engines:
      rsax
      rdrand
      dynamic
"It is strongly recommended that all new applications call OPENSSL_config() or the more sophisticated functions such as CONF_modules_load() during initialization (that is before starting any threads). By doing this an application does not need to keep track of all configuration options and some new functionality can be supported automatically." - curl totally ignores this openssl note.
The patch provided fixes the issue.
---
Sent from sourceforge.net because curl-tracker@cool.haxx.se is subscribed to https://sourceforge.net/p/curl/bugs/
To unsubscribe from further messages, a project admin can change settings at https://sourceforge.net/p/curl/admin/bugs/options.  Or, if this is a mailing list, you can unsubscribe from the mailing list.

Received on 2014-07-28

This message: [ Message body ]
Next message: Daniel Stenberg: "[curl:bugs] #1208 curl is unable to load non-default openssl engines"
Previous message: Jan-E: "[curl:bugs] #1401 STR_COPY:variable has no value"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

These mail archives are generated by hypermail.