summaryrefslogtreecommitdiff
path: root/deps/openssl/openssl/ssl/ssl_mcnf.c
diff options
context:
space:
mode:
Diffstat (limited to 'deps/openssl/openssl/ssl/ssl_mcnf.c')
-rw-r--r--deps/openssl/openssl/ssl/ssl_mcnf.c26
1 files changed, 18 insertions, 8 deletions
diff --git a/deps/openssl/openssl/ssl/ssl_mcnf.c b/deps/openssl/openssl/ssl/ssl_mcnf.c
index 24742660e4..a0e2657714 100644
--- a/deps/openssl/openssl/ssl/ssl_mcnf.c
+++ b/deps/openssl/openssl/ssl/ssl_mcnf.c
@@ -17,11 +17,10 @@
void SSL_add_ssl_module(void)
{
- /* Just load all of the crypto builtin modules. This includes the SSL one */
- OPENSSL_load_builtin_modules();
+ /* Do nothing. This will be added automatically by libcrypto */
}
-static int ssl_do_config(SSL *s, SSL_CTX *ctx, const char *name)
+static int ssl_do_config(SSL *s, SSL_CTX *ctx, const char *name, int system)
{
SSL_CONF_CTX *cctx = NULL;
size_t i, idx, cmd_count;
@@ -34,9 +33,14 @@ static int ssl_do_config(SSL *s, SSL_CTX *ctx, const char *name)
SSLerr(SSL_F_SSL_DO_CONFIG, ERR_R_PASSED_NULL_PARAMETER);
goto err;
}
+
+ if (name == NULL && system)
+ name = "system_default";
if (!conf_ssl_name_find(name, &idx)) {
- SSLerr(SSL_F_SSL_DO_CONFIG, SSL_R_INVALID_CONFIGURATION_NAME);
- ERR_add_error_data(2, "name=", name);
+ if (!system) {
+ SSLerr(SSL_F_SSL_DO_CONFIG, SSL_R_INVALID_CONFIGURATION_NAME);
+ ERR_add_error_data(2, "name=", name);
+ }
goto err;
}
cmds = conf_ssl_get(idx, &name, &cmd_count);
@@ -44,7 +48,8 @@ static int ssl_do_config(SSL *s, SSL_CTX *ctx, const char *name)
if (cctx == NULL)
goto err;
flags = SSL_CONF_FLAG_FILE;
- flags |= SSL_CONF_FLAG_CERTIFICATE | SSL_CONF_FLAG_REQUIRE_PRIVATE;
+ if (!system)
+ flags |= SSL_CONF_FLAG_CERTIFICATE | SSL_CONF_FLAG_REQUIRE_PRIVATE;
if (s != NULL) {
meth = s->method;
SSL_CONF_CTX_set_ssl(cctx, s);
@@ -80,10 +85,15 @@ static int ssl_do_config(SSL *s, SSL_CTX *ctx, const char *name)
int SSL_config(SSL *s, const char *name)
{
- return ssl_do_config(s, NULL, name);
+ return ssl_do_config(s, NULL, name, 0);
}
int SSL_CTX_config(SSL_CTX *ctx, const char *name)
{
- return ssl_do_config(NULL, ctx, name);
+ return ssl_do_config(NULL, ctx, name, 0);
+}
+
+void ssl_ctx_system_config(SSL_CTX *ctx)
+{
+ ssl_do_config(NULL, ctx, NULL, 1);
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-26 14:31:37 +0000