Initial ENGINE config module, docs to follow.

Fix buffer overrun errors in OPENSSL_conf().

1 files changed, 9 insertions, 16 deletions

diff --git a/crypto/conf/conf_mall.c b/crypto/conf/conf_mall.c
index 3e752ac694..814d5df877 100644
--- a/crypto/conf/conf_mall.c
+++ b/crypto/conf/conf_mall.c
@@ -63,11 +63,13 @@
 #include <openssl/dso.h>
 #include <openssl/x509.h>
 #include <openssl/asn1.h>
+#include <openssl/engine.h>
 
 void OPENSSL_load_builtin_modules(void)
 	{
 	/* Add builtin modules here */
 	ASN1_add_oid_module();
+	ENGINE_add_conf_module();
 	}
 
 /* This is the automatic configuration loader: it is called automatically by
@@ -77,32 +79,24 @@ void OPENSSL_load_builtin_modules(void)
 
 static int openssl_configured = 0;
 
-#if 0 /* Disabled because of obvious buffer overflow.
-       * This is not yet actually used anywhere -- but it shouldn't
-       * unless it is fixed first. */
 void OPENSSL_config(void)
 	{
-	char *file, config_name[256];
+	int ret;
+	char *file;
 	if (openssl_configured)
 		return;
 
 	OPENSSL_load_builtin_modules();
 
-	file = getenv("OPENSSL_CONF");
+	file = CONF_get1_default_config_file();
 	if (!file)
-                {
-		strcpy(config_name,X509_get_default_cert_area());
-#ifndef OPENSSL_SYS_VMS
-		strcat(config_name,"/");
-#endif
-		strcat(config_name,OPENSSL_CONF);
-		file=config_name;
-                }
+		return;
 
-	if(CONF_modules_load_file(file, "openssl_config", 0) <= 0)
+	ret = CONF_modules_load_file(file, "openssl_config", 0);
+	OPENSSL_free(file);
+	if (ret <= 0)
 		{
 		BIO *bio_err;
-
 		ERR_load_crypto_strings();
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
 			{
@@ -116,7 +110,6 @@ void OPENSSL_config(void)
 	return;
 
 	}
-#endif
 
 void OPENSSL_no_config()
 	{