hello all, Nick,
per the other thread in tor-talk about RDRAND, this is the minor fix for OpenSSL 1.0.1+ mentioned.
i don't know that this is useful, and i am still giving the engine code a thorough review per Nick's other feedback: "Above all, do not assume that you understand how OpenSSL works until you have investigated with a debugger, the source code, and a pot of coffee." :)
best regards,
---
diff --git a/src/common/crypto.c b/src/common/crypto.c index 5afb98e..7c02ea4 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -282,7 +282,10 @@ crypto_global_init(int useAccel, const char *accelName, const char *accelDir)
log_info(LD_CRYPTO, "Initializing OpenSSL engine support."); ENGINE_load_builtin_engines(); - ENGINE_register_all_complete(); + /* OpenSSL 1.0.1 and newer register complete when engines loaded. */ + if (SSLeay() < OPENSSL_V_SERIES(1,0,1)) { + ENGINE_register_all_complete(); + }
if (accelName) { if (accelDir) {