Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / 151dbbe77849ea0aa8917a9321663c50a9aec613^! / .
commit151dbbe77849ea0aa8917a9321663c50a9aec613[log] [tgz]
authorWilliam Lallemand <wlallemand@haproxy.org>Fri Dec 02 17:17:43 2022 +0100
committerWilliam Lallemand <wlallemand@haproxy.org>Fri Dec 02 17:17:43 2022 +0100
treef7ca364f77115033b704ec25f8a88615a30cbe6f
parent44c80ce5b397b8571b53ab75f12065166b1eea27 [diff]
BUG/MINOR: ssl: initialize WolfSSL before parsing

The wolfSSL library need to be initialized before parsing the
configuration which uses some SSL functions.

To be backported in 2.6.

diff --git a/src/haproxy.c b/src/haproxy.c
index 7c1add8..6076e02 100644
--- a/src/haproxy.c
+++ b/src/haproxy.c

@@ -1932,13 +1932,19 @@
 	struct pre_check_fct *prcf;
 	int ideal_maxconn;
 
-#if defined(USE_OPENSSL) && (HA_OPENSSL_VERSION_NUMBER < 0x1010000fL)
+#ifdef USE_OPENSSL
+#ifdef USE_OPENSSL_WOLFSSL
+        wolfSSL_Init();
+        wolfSSL_Debugging_ON();
+#endif
+#if (HA_OPENSSL_VERSION_NUMBER < 0x1010000fL)
 	/* Initialize the error strings of OpenSSL
 	 * It only needs to be done explicitly with older versions of the SSL
 	 * library. On newer versions, errors strings are loaded during start
 	 * up. */
 	SSL_load_error_strings();
 #endif
+#endif
 
 	startup_logs_init();
 
@@ -2308,11 +2314,6 @@
 	}
 
 #ifdef USE_OPENSSL
-#ifdef USE_OPENSSL_WOLFSSL
-        wolfSSL_Init();
-        wolfSSL_Debugging_ON();
-#endif
-
 
 	/* Initialize SSL random generator. Must be called before chroot for
 	 * access to /dev/urandom, and before ha_random_boot() which may use