[prev in list] [next in list] [prev in thread] [next in thread]
List: linux-integrity
Subject: [PATCH] ima-evm-utils: limit OPENSSL_init_crypto calls
From: Mimi Zohar <zohar () linux ! ibm ! com>
Date: 2019-07-29 15:17:28
Message-ID: 1564413448-21785-1-git-send-email-zohar () linux ! ibm ! com
[Download RAW message or body]
OPENSSL_init_crypto() was introduced in version 1.1. When using an
older version of openssl, don't call OPENSSL_init_crypto. Partially
revert commit 782224f33cd7 ("ima-evm-utils: Rework openssl init").
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
---
src/evmctl.c | 2 ++
src/libimaevm.c | 7 +++++++
2 files changed, 9 insertions(+)
diff --git a/src/evmctl.c b/src/evmctl.c
index b02be8b1507a..244663f18ba8 100644
--- a/src/evmctl.c
+++ b/src/evmctl.c
@@ -1943,11 +1943,13 @@ int main(int argc, char *argv[])
int err = 0, c, lind;
ENGINE *eng = NULL;
+#if !(OPENSSL_VERSION_NUMBER < 0x10100000)
OPENSSL_init_crypto(
#ifndef DISABLE_OPENSSL_CONF
OPENSSL_INIT_LOAD_CONFIG |
#endif
OPENSSL_INIT_ENGINE_ALL_BUILTIN, NULL);
+#endif
g_argv = argv;
g_argc = argc;
diff --git a/src/libimaevm.c b/src/libimaevm.c
index 4f4b20732f4a..7c17bf4d590e 100644
--- a/src/libimaevm.c
+++ b/src/libimaevm.c
@@ -979,7 +979,14 @@ int sign_hash(const char *hashalgo, const unsigned char *hash, int size, const c
static void libinit()
{
+
+#if OPENSSL_VERSION_NUMBER < 0x10100000
+ OpenSSL_add_all_algorithms();
+ OPENSSL_add_all_algorithms_conf();
+#else
+
OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS |
OPENSSL_INIT_ADD_ALL_DIGESTS, NULL);
ERR_load_crypto_strings();
+#endif
}
--
2.7.5
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic