Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / 3f54384dd2ba230c03085ebc5079a952b6fc2230
commit3f54384dd2ba230c03085ebc5079a952b6fc2230[log] [tgz]
authorWilliam Lallemand <wlallemand@haproxy.com>Tue Mar 12 12:03:07 2024 +0100
committerChristopher Faulet <cfaulet@haproxy.com>Fri Jul 12 09:40:46 2024 +0200
tree7bdd897b3ae35142e10b7faa17ec383fb9d583ec
parent8c3c39359d2b91d57cb72fd0b00576e7c78d0f83 [diff]
MEDIUM: ssl: initialize the SSL stack explicitely

In issue #2448, users are complaining that FIPS is not working correctly
since the removal of SSL_library_init().

This was removed because SSL_library_init() is deprecated with OpenSSL
3.x and emits a warning. But the initialization was not needed anymore
because it is done at the first openssl API call.

However it some cases it is needed. SSL_library_init() is now a define
to OPENSSL_init_ssl(0, NULL). This patch adds OPENSSL_init_ssl(0, NULL)
to the init.

This could be backported in every stable branches, however let's wait
before backporting it.

(cherry picked from commit 7e9e4a8f501191044bf37341b6b5df68219e9e1c)
Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
(cherry picked from commit a93432de6645e5fb365993c846229863cb048e9c)
Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
1 file changed
tree: 7bdd897b3ae35142e10b7faa17ec383fb9d583ec
  1. .github/
  2. addons/
  3. admin/
  4. dev/
  5. doc/
  6. examples/
  7. include/
  8. reg-tests/
  9. scripts/
  10. src/
  11. tests/
  12. .cirrus.yml
  13. .gitattributes
  14. .gitignore
  15. .mailmap
  16. .travis.yml
  17. BRANCHES
  18. BSDmakefile
  19. CHANGELOG
  20. CONTRIBUTING
  21. INSTALL
  22. LICENSE
  23. MAINTAINERS
  24. Makefile
  25. README
  26. SUBVERS
  27. VERDATE
  28. VERSION