[PATCH] Load OpenSSL 3.0 legacy provider but let default be loaded only if necessary by fallback
Norman Hamer
NHamer at absolute.com
Fri Oct 14 10:16:26 PDT 2022
diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c
index 2c591890a..700638761 100644
--- a/src/crypto/crypto_openssl.c
+++ b/src/crypto/crypto_openssl.c
@@ -182,7 +182,6 @@ static int EC_GROUP_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a,
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
-static OSSL_PROVIDER *openssl_default_provider = NULL;
static OSSL_PROVIDER *openssl_legacy_provider = NULL;
#endif /* OpenSSL version >= 3.0 */
@@ -192,9 +191,7 @@ void openssl_load_legacy_provider(void)
if (openssl_legacy_provider)
return;
- openssl_legacy_provider = OSSL_PROVIDER_load(NULL, "legacy");
- if (openssl_legacy_provider && !openssl_default_provider)
- openssl_default_provider = OSSL_PROVIDER_load(NULL, "default");
+ openssl_legacy_provider = OSSL_PROVIDER_try_load(NULL, "legacy", 1);
#endif /* OpenSSL version >= 3.0 */
}
@@ -206,10 +203,6 @@ static void openssl_unload_legacy_provider(void)
OSSL_PROVIDER_unload(openssl_legacy_provider);
openssl_legacy_provider = NULL;
}
- if (openssl_default_provider) {
- OSSL_PROVIDER_unload(openssl_default_provider);
- openssl_default_provider = NULL;
- }
#endif /* OpenSSL version >= 3.0 */
}
More information about the Hostap
mailing list