Add OPENSSL_config(NULL) to each binary to load openssl.cnf

In the current framework for using engine based keys, the engine has
to be loaded and initialised as part of the default engines.  The only
way this can happen for the TPM engine is if it is named in a config
secion, so all the tools must read and act on the config file to be
able to use TPM based keys.

Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
This commit is contained in:
James Bottomley 2016-11-16 10:27:54 -05:00
parent df8303a4e3
commit e9626fefa1
5 changed files with 10 additions and 0 deletions

View file

@ -44,6 +44,7 @@
#include <getopt.h>
#include <openssl/conf.h>
#include <openssl/pkcs7.h>
#include <openssl/evp.h>
#include <openssl/err.h>
@ -232,6 +233,7 @@ int main(int argc, char **argv)
ERR_load_crypto_strings();
OpenSSL_add_all_digests();
OPENSSL_config(NULL);
/* here we may get highly unlikely failures or we'll get a
* complaint about FIPS signatures (usually becuase the FIPS
* module isn't present). In either case ignore the errors

View file

@ -47,6 +47,7 @@
#include <ccan/array_size/array_size.h>
#include <ccan/talloc/talloc.h>
#include <openssl/conf.h>
#include <openssl/x509.h>
#include <openssl/err.h>
@ -930,6 +931,7 @@ int main(int argc, char **argv)
ERR_load_crypto_strings();
OpenSSL_add_all_digests();
OpenSSL_add_all_ciphers();
OPENSSL_config(NULL);
/* here we may get highly unlikely failures or we'll get a
* complaint about FIPS signatures (usually becuase the FIPS
* module isn't present). In either case ignore the errors

View file

@ -42,6 +42,7 @@
#include <getopt.h>
#include <openssl/conf.h>
#include <openssl/pem.h>
#include <openssl/pkcs7.h>
#include <openssl/err.h>
@ -183,6 +184,7 @@ int main(int argc, char **argv)
ERR_load_crypto_strings();
OpenSSL_add_all_digests();
OpenSSL_add_all_ciphers();
OPENSSL_config(NULL);
/* here we may get highly unlikely failures or we'll get a
* complaint about FIPS signatures (usually becuase the FIPS
* module isn't present). In either case ignore the errors

View file

@ -45,6 +45,7 @@
#include <uuid/uuid.h>
#include <openssl/bio.h>
#include <openssl/conf.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include <openssl/pem.h>
@ -506,6 +507,7 @@ int main(int argc, char **argv)
OpenSSL_add_all_digests();
OpenSSL_add_all_ciphers();
ERR_load_crypto_strings();
OPENSSL_config(NULL);
/* here we may get highly unlikely failures or we'll get a
* complaint about FIPS signatures (usually becuase the FIPS
* module isn't present). In either case ignore the errors

View file

@ -48,6 +48,7 @@
#include "idc.h"
#include "fileio.h"
#include <openssl/conf.h>
#include <openssl/err.h>
#include <openssl/bio.h>
#include <openssl/evp.h>
@ -224,6 +225,7 @@ int main(int argc, char **argv)
OpenSSL_add_all_digests();
ERR_load_crypto_strings();
OPENSSL_config(NULL);
/* here we may get highly unlikely failures or we'll get a
* complaint about FIPS signatures (usually becuase the FIPS
* module isn't present). In either case ignore the errors