[tor-commits] [tor/master] Adjustments to 32406 per review
nickm at torproject.org
nickm at torproject.org
Thu Nov 7 13:59:49 UTC 2019
commit de7053b8967db64ae2a871d11b12afbcb9b1f8a6
Author: Nick Mathewson <nickm at torproject.org>
Date: Thu Nov 7 07:42:58 2019 -0500
Adjustments to 32406 per review
When we are failing because of a lack of a _required_ engine, note
that the engine was "required".
When engines are disabled, any required engine should cause a
failure.
---
src/lib/crypt_ops/crypto_openssl_mgt.c | 8 +++++++-
src/test/conf_examples/crypto_accel_req/error | 2 +-
2 files changed, 8 insertions(+), 2 deletions(-)
diff --git a/src/lib/crypt_ops/crypto_openssl_mgt.c b/src/lib/crypt_ops/crypto_openssl_mgt.c
index d7a3e0692..f028422ac 100644
--- a/src/lib/crypt_ops/crypto_openssl_mgt.c
+++ b/src/lib/crypt_ops/crypto_openssl_mgt.c
@@ -290,6 +290,11 @@ crypto_openssl_init_engines(const char *accelName,
(void)accelName;
(void)accelDir;
log_warn(LD_CRYPTO, "No OpenSSL hardware acceleration support enabled.");
+ if (accelName && accelName[0] == '!') {
+ log_warn(LD_CRYPTO, "Unable to load required dynamic OpenSSL engine "
+ "\"%s\".", accelName+1);
+ return -1;
+ }
return 0;
#else
ENGINE *e = NULL;
@@ -312,7 +317,8 @@ crypto_openssl_init_engines(const char *accelName,
e = ENGINE_by_id(accelName);
}
if (!e) {
- log_warn(LD_CRYPTO, "Unable to load dynamic OpenSSL engine \"%s\".",
+ log_warn(LD_CRYPTO, "Unable to load %sdynamic OpenSSL engine \"%s\".",
+ required?"required ":"",
accelName);
if (required)
return -1;
diff --git a/src/test/conf_examples/crypto_accel_req/error b/src/test/conf_examples/crypto_accel_req/error
index 7fab0c8da..e12e00291 100644
--- a/src/test/conf_examples/crypto_accel_req/error
+++ b/src/test/conf_examples/crypto_accel_req/error
@@ -1 +1 @@
-Unable to load dynamic OpenSSL engine "nonexistent_chartreuse_accelerator"
+Unable to load required dynamic OpenSSL engine "nonexistent_chartreuse_accelerator"
More information about the tor-commits
mailing list