fix: explicitly initialize ssl

From the OpenSSL man pages: Numerous internal OpenSSL functions call OPENSSL_init_ssl(). Therefore, in order to perform nondefault initialisation, OPENSSL_init_ssl() MUST be called by application code prior to any other OpenSSL function calls. See: https://docs.openssl.org/1.1.1/man3/OPENSSL_init_ssl/#description This fixes errors where e.g. the openssl config configures ssl_conf, which requires ssl to be initialized. Ticket: MEN-7549 Changelog: Title Signed-off-by: Daniel Skinstad Drabitzius <[email protected]>
mendersoftware · Oct 2, 2024 · 6177933 · 6177933
1 parent c7c71cf
commit 6177933
Showing 1 changed file with 7 additions and 0 deletions.
diff --git a/src/common/crypto/platform/openssl/crypto.cpp b/src/common/crypto/platform/openssl/crypto.cpp
@@ -282,6 +282,13 @@ ExpectedPrivateKey LoadFrom(const Args &args) {
 #endif // ndef MENDER_CRYPTO_OPENSSL_LEGACY
 
 ExpectedPrivateKey PrivateKey::Load(const Args &args) {
+	// Numerous internal OpenSSL functions call OPENSSL_init_ssl().
+	// Therefore, in order to perform nondefault initialisation,
+	// OPENSSL_init_ssl() MUST be called by application code prior to any other OpenSSL function
+	// calls. See: https://docs.openssl.org/1.1.1/man3/OPENSSL_init_ssl/#description
+	if (OPENSSL_init_ssl(0, nullptr); != OPENSSL_SUCCESS) {
+		log::Warning("Error initializing libssl: " + GetOpenSSLErrorMessage());
+	}
 	// Load OpenSSL config
 	if (CONF_modules_load_file(nullptr, nullptr, 0) != OPENSSL_SUCCESS) {
 		log::Warning("Failed to load OpenSSL configuration file: " + GetOpenSSLErrorMessage());