openssl: avoid config file load/race

This commit is contained in:
Cory Fields 2015-07-14 17:38:03 -04:00
parent 3d9362d5ac
commit d4b1d5a8ba

View File

@ -83,6 +83,7 @@
#include <boost/thread.hpp> #include <boost/thread.hpp>
#include <openssl/crypto.h> #include <openssl/crypto.h>
#include <openssl/rand.h> #include <openssl/rand.h>
#include <openssl/conf.h>
// Work around clang compilation problem in Boost 1.46: // Work around clang compilation problem in Boost 1.46:
// /usr/include/boost/program_options/detail/config_file.hpp:163:17: error: call to function 'to_internal' that is neither visible in the template definition nor found by argument-dependent lookup // /usr/include/boost/program_options/detail/config_file.hpp:163:17: error: call to function 'to_internal' that is neither visible in the template definition nor found by argument-dependent lookup
@ -134,6 +135,13 @@ public:
ppmutexOpenSSL[i] = new CCriticalSection(); ppmutexOpenSSL[i] = new CCriticalSection();
CRYPTO_set_locking_callback(locking_callback); CRYPTO_set_locking_callback(locking_callback);
// OpenSSL can optionally load a config file which lists optional loadable modules and engines.
// We don't use them so we don't require the config. However some of our libs may call functions
// which attempt to load the config file, possibly resulting in an exit() or crash if it is missing
// or corrupt. Explicitly tell OpenSSL not to try to load the file. The result for our libs will be
// that the config appears to have been loaded and there are no modules/engines available.
OPENSSL_no_config();
#ifdef WIN32 #ifdef WIN32
// Seed OpenSSL PRNG with current contents of the screen // Seed OpenSSL PRNG with current contents of the screen
RAND_screen(); RAND_screen();