Add OPENSSL_config(NULL) to each binary to load openssl.cnf
In the current framework for using engine based keys, the engine has to be loaded and initialised as part of the default engines. The only way this can happen for the TPM engine is if it is named in a config secion, so all the tools must read and act on the config file to be able to use TPM based keys. Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
This commit is contained in:
James Bottomley
parent
df8303a4e3
commit
e9626fefa1
|
|
@ -44,6 +44,7 @@
|
|||
|
||||
#include <getopt.h>
|
||||
|
||||
#include <openssl/conf.h>
|
||||
#include <openssl/pkcs7.h>
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/err.h>
|
||||
|
|
@ -232,6 +233,7 @@ int main(int argc, char **argv)
|
|||
|
||||
ERR_load_crypto_strings();
|
||||
OpenSSL_add_all_digests();
|
||||
OPENSSL_config(NULL);
|
||||
/* here we may get highly unlikely failures or we'll get a
|
||||
* complaint about FIPS signatures (usually becuase the FIPS
|
||||
* module isn't present). In either case ignore the errors
|
||||
|
|
|
|||
|
|
@ -47,6 +47,7 @@
|
|||
#include <ccan/array_size/array_size.h>
|
||||
#include <ccan/talloc/talloc.h>
|
||||
|
||||
#include <openssl/conf.h>
|
||||
#include <openssl/x509.h>
|
||||
#include <openssl/err.h>
|
||||
|
||||
|
|
@ -930,6 +931,7 @@ int main(int argc, char **argv)
|
|||
ERR_load_crypto_strings();
|
||||
OpenSSL_add_all_digests();
|
||||
OpenSSL_add_all_ciphers();
|
||||
OPENSSL_config(NULL);
|
||||
/* here we may get highly unlikely failures or we'll get a
|
||||
* complaint about FIPS signatures (usually becuase the FIPS
|
||||
* module isn't present). In either case ignore the errors
|
||||
|
|
|
|||
|
|
@ -42,6 +42,7 @@
|
|||
|
||||
#include <getopt.h>
|
||||
|
||||
#include <openssl/conf.h>
|
||||
#include <openssl/pem.h>
|
||||
#include <openssl/pkcs7.h>
|
||||
#include <openssl/err.h>
|
||||
|
|
@ -183,6 +184,7 @@ int main(int argc, char **argv)
|
|||
ERR_load_crypto_strings();
|
||||
OpenSSL_add_all_digests();
|
||||
OpenSSL_add_all_ciphers();
|
||||
OPENSSL_config(NULL);
|
||||
/* here we may get highly unlikely failures or we'll get a
|
||||
* complaint about FIPS signatures (usually becuase the FIPS
|
||||
* module isn't present). In either case ignore the errors
|
||||
|
|
|
|||
|
|
@ -45,6 +45,7 @@
|
|||
#include <uuid/uuid.h>
|
||||
|
||||
#include <openssl/bio.h>
|
||||
#include <openssl/conf.h>
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/pem.h>
|
||||
|
|
@ -506,6 +507,7 @@ int main(int argc, char **argv)
|
|||
OpenSSL_add_all_digests();
|
||||
OpenSSL_add_all_ciphers();
|
||||
ERR_load_crypto_strings();
|
||||
OPENSSL_config(NULL);
|
||||
/* here we may get highly unlikely failures or we'll get a
|
||||
* complaint about FIPS signatures (usually becuase the FIPS
|
||||
* module isn't present). In either case ignore the errors
|
||||
|
|
|
|||
|
|
@ -48,6 +48,7 @@
|
|||
#include "idc.h"
|
||||
#include "fileio.h"
|
||||
|
||||
#include <openssl/conf.h>
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/bio.h>
|
||||
#include <openssl/evp.h>
|
||||
|
|
@ -224,6 +225,7 @@ int main(int argc, char **argv)
|
|||
|
||||
OpenSSL_add_all_digests();
|
||||
ERR_load_crypto_strings();
|
||||
OPENSSL_config(NULL);
|
||||
/* here we may get highly unlikely failures or we'll get a
|
||||
* complaint about FIPS signatures (usually becuase the FIPS
|
||||
* module isn't present). In either case ignore the errors
|
||||
|
|
|
|||
Loading…
Reference in New Issue