From e464d58452a0842aa8954833a7d46480949f5a6b Mon Sep 17 00:00:00 2001
From: beck <>
Date: Mon, 19 Mar 2018 03:35:38 +0000
Subject: Correct mistake of loading the default openssl.conf by default during
 autoinit.

This brings in the OPENSSL_INIT_LOAD_CONFIG flag with the same semantics as
OpenSSL. As a result, by default the openssl.conf file is not loaded during
autoinit, which makes autoinit safe for pledge(stdio).

ok jsing@
---
 src/lib/libcrypto/conf/conf_sap.c | 31 ++++++++++++++++++++++++-------
 src/lib/libcrypto/crypto.h        |  4 ++--
 src/lib/libcrypto/crypto_init.c   | 15 +++++++++++----
 3 files changed, 37 insertions(+), 13 deletions(-)

(limited to 'src')

diff --git a/src/lib/libcrypto/conf/conf_sap.c b/src/lib/libcrypto/conf/conf_sap.c
index f1844f69f4..98497025ee 100644
--- a/src/lib/libcrypto/conf/conf_sap.c
+++ b/src/lib/libcrypto/conf/conf_sap.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: conf_sap.c,v 1.12 2018/03/17 16:20:01 beck Exp $ */
+/* $OpenBSD: conf_sap.c,v 1.13 2018/03/19 03:35:38 beck Exp $ */
 /* Written by Stephen Henson (steve@openssl.org) for the OpenSSL
  * project 2001.
  */
@@ -108,8 +108,8 @@ OPENSSL_config_internal(void)
 	return;
 }
 
-void
-OPENSSL_config(const char *config_name)
+int
+OpenSSL_config(const char *config_name)
 {
 	/* Don't override if NULL */
 	/*
@@ -120,11 +120,19 @@ OPENSSL_config(const char *config_name)
 	if (config_name != NULL)
 		openssl_config_name = config_name;
 
-	(void) OPENSSL_init_crypto(0, NULL);
+	if (OPENSSL_init_crypto(0, NULL) == 0)
+		return 0;
 
-	(void) pthread_once(&openssl_configured, OPENSSL_config_internal);
+	if (pthread_once(&openssl_configured, OPENSSL_config_internal) != 0)
+		return 0;
 
-	return;
+	return 1;
+}
+
+void
+OPENSSL_config(const char *config_name)
+{
+	(void) OpenSSL_config(config_name);
 }
 
 static void
@@ -132,8 +140,17 @@ OPENSSL_no_config_internal(void)
 {
 }
 
+int
+OpenSSL_no_config(void)
+{
+	if (pthread_once(&openssl_configured, OPENSSL_no_config_internal) != 0)
+		return 0;
+
+	return 1;
+}
+
 void
 OPENSSL_no_config(void)
 {
-	(void) pthread_once(&openssl_configured, OPENSSL_no_config_internal);
+	(void) OpenSSL_no_config();
 }
diff --git a/src/lib/libcrypto/crypto.h b/src/lib/libcrypto/crypto.h
index f13ce92584..67e06a1509 100644
--- a/src/lib/libcrypto/crypto.h
+++ b/src/lib/libcrypto/crypto.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: crypto.h,v 1.44 2018/03/18 01:39:26 tb Exp $ */
+/* $OpenBSD: crypto.h,v 1.45 2018/03/19 03:35:38 beck Exp $ */
 /* ====================================================================
  * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
  *
@@ -547,6 +547,7 @@ void ERR_load_CRYPTO_strings(void);
  */
 
 #define OPENSSL_INIT_NO_LOAD_CONFIG		0x00000001L
+#define OPENSSL_INIT_LOAD_CONFIG		0x00000002L
 
 /* LibreSSL specific */
 #define _OPENSSL_INIT_FLAG_NOOP			0x80000000L
@@ -555,7 +556,6 @@ void ERR_load_CRYPTO_strings(void);
  * These are provided for compatibiliy, but have no effect
  * on how LibreSSL is initialized.
  */
-#define OPENSSL_INIT_LOAD_CONFIG		_OPENSSL_INIT_FLAG_NOOP
 #define OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS	_OPENSSL_INIT_FLAG_NOOP
 #define OPENSSL_INIT_LOAD_CRYPTO_STRINGS	_OPENSSL_INIT_FLAG_NOOP
 #define OPENSSL_INIT_ADD_ALL_CIPHERS		_OPENSSL_INIT_FLAG_NOOP
diff --git a/src/lib/libcrypto/crypto_init.c b/src/lib/libcrypto/crypto_init.c
index f3d1a2bce9..ed2b5d4810 100644
--- a/src/lib/libcrypto/crypto_init.c
+++ b/src/lib/libcrypto/crypto_init.c
@@ -25,6 +25,9 @@
 #include <openssl/err.h>
 #include "cryptlib.h"
 
+int OpenSSL_config(char *);
+int OpenSSL_no_config(char *);
+
 static pthread_t crypto_init_thread;
 
 static void
@@ -35,7 +38,6 @@ OPENSSL_init_crypto_internal(void)
 	ERR_load_crypto_strings();
 	OpenSSL_add_all_ciphers();
 	OpenSSL_add_all_digests();
-	OPENSSL_config(NULL);
 }
 
 int
@@ -46,11 +48,16 @@ OPENSSL_init_crypto(uint64_t opts, const void *settings)
 	if (pthread_equal(pthread_self(), crypto_init_thread))
 		return 1; /* don't recurse */
 
-	if (opts & OPENSSL_INIT_NO_LOAD_CONFIG)
-		OPENSSL_no_config();
-
 	if (pthread_once(&once, OPENSSL_init_crypto_internal) != 0)
 		return 0;
 
+	if ((opts & OPENSSL_INIT_NO_LOAD_CONFIG) &&
+	    (OpenSSL_no_config(NULL) == 0))
+		return 0;
+
+	if ((opts & OPENSSL_INIT_LOAD_CONFIG) &&
+	    (OpenSSL_config(NULL) == 0))
+		return 0;
+
 	return 1;
 }
-- 
cgit v1.2.3-55-g6feb