[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-integrity
Subject:    [PATCH] ima-evm-utils: limit OPENSSL_init_crypto calls
From:       Mimi Zohar <zohar () linux ! ibm ! com>
Date:       2019-07-29 15:17:28
Message-ID: 1564413448-21785-1-git-send-email-zohar () linux ! ibm ! com
[Download RAW message or body]

OPENSSL_init_crypto() was introduced in version 1.1.  When using an
older version of openssl, don't call OPENSSL_init_crypto.  Partially
revert commit 782224f33cd7 ("ima-evm-utils: Rework openssl init").

Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
---
 src/evmctl.c    | 2 ++
 src/libimaevm.c | 7 +++++++
 2 files changed, 9 insertions(+)

diff --git a/src/evmctl.c b/src/evmctl.c
index b02be8b1507a..244663f18ba8 100644
--- a/src/evmctl.c
+++ b/src/evmctl.c
@@ -1943,11 +1943,13 @@ int main(int argc, char *argv[])
 	int err = 0, c, lind;
 	ENGINE *eng = NULL;
 
+#if !(OPENSSL_VERSION_NUMBER < 0x10100000)
 	OPENSSL_init_crypto(
 #ifndef DISABLE_OPENSSL_CONF
 			    OPENSSL_INIT_LOAD_CONFIG |
 #endif
 			    OPENSSL_INIT_ENGINE_ALL_BUILTIN, NULL);
+#endif
 	g_argv = argv;
 	g_argc = argc;
 
diff --git a/src/libimaevm.c b/src/libimaevm.c
index 4f4b20732f4a..7c17bf4d590e 100644
--- a/src/libimaevm.c
+++ b/src/libimaevm.c
@@ -979,7 +979,14 @@ int sign_hash(const char *hashalgo, const unsigned char *hash, int size, const c
 
 static void libinit()
 {
+
+#if OPENSSL_VERSION_NUMBER < 0x10100000
+	OpenSSL_add_all_algorithms();
+	OPENSSL_add_all_algorithms_conf();
+#else
+
 	OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS |
 			    OPENSSL_INIT_ADD_ALL_DIGESTS, NULL);
 	ERR_load_crypto_strings();
+#endif
 }
-- 
2.7.5

[prev in list] [next in list] [prev in thread] [next in thread]