[PATCH v2] Fix ENGINE support with OpenSSL 1.1+

Andrej Shadura andrew at shadura.me
Thu Apr 4 03:38:36 PDT 2019

Hi David,

On Thu, 14 Mar 2019 at 18:25, David Woodhouse <dwmw2 at infradead.org> wrote:
> Commit 373c7969485 ("OpenSSL: Fix compile with OpenSSL 1.1.0 and
> deprecated APIs") removed a call to ENGINE_load_dynamic() for newer
> versions of OpenSSL, asserting that it should happen automatically.
> That appears not to be the case, and loading engines now fails because
> the dynamic engine isn't present.
> Fix it by calling ENGINE_load_builtin_engines(), which works for all
> versions of OpenSSL. Also remove the call to ERR_load_ENGINE_strings()
> because that should have happened when SSL_load_error_strings() is
> called anyway.
> Signed-off-by: David Woodhouse <dwmw2 at infradead.org>
> diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
> index 705fa29a3..ee7ed7c9b 100644
> @@ -1034,10 +1034,7 @@ void * tls_init(const struct tls_config *conf)

I’m not sure you noticed, but your patch is slightly malformed
(missing ---/+++ lines), meaning some (but not all) patch parsers will
accept it but others will not.


More information about the Hostap mailing list