Add the ability to fail when a hardware accelerator is missing.

Closes ticket 32406.

3 files changed, 24 insertions, 3 deletions

diff --git a/changes/ticket32406 b/changes/ticket32406
new file mode 100644
index 0000000000..c0c60207c0
--- /dev/null
+++ b/changes/ticket32406
@@ -0,0 +1,4 @@
+  o Minor features (configuration):
+    - If the configured hardware crypto accelerator in AccelName
+      is prefixed with "!", Tor now exits when it cannot be found.
+      Closes ticket 32406.
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index 5e3953e332..a3c05961e3 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -843,6 +843,9 @@ GENERAL OPTIONS
     engine of this name. This must be used for any dynamic hardware engine.
     Names can be verified with the openssl engine command. Can not be changed
     while tor is running.
+ +
+    If the engine name is prefixed with a "!", then Tor will exit if the
+    engine cannot be loaded.
 
 [[AccelDir]] **AccelDir** __DIR__::
     Specify this option if using dynamic hardware acceleration and the engine
diff --git a/src/lib/crypt_ops/crypto_openssl_mgt.c b/src/lib/crypt_ops/crypto_openssl_mgt.c
index 2fbebd87e0..d7a3e0692b 100644
--- a/src/lib/crypt_ops/crypto_openssl_mgt.c
+++ b/src/lib/crypt_ops/crypto_openssl_mgt.c
@@ -275,8 +275,14 @@ log_engine(const char *fn, ENGINE *e)
 }
 #endif /* !defined(DISABLE_ENGINES) */
 
-/** Initialize engines for openssl (if enabled). */
-static void
+/** Initialize engines for openssl (if enabled).  Load all the built-in
+ * engines, along with the one called <b>accelName</b> (which may be NULL).
+ * If <b>accelName is prefixed with "!", then it is required: return -1
+ * if it can't be loaded.  Otherwise return 0.
+ *
+ * If <b>accelDir</b> is not NULL, it is the path from which the engine should
+ * be loaded. */
+static int
 crypto_openssl_init_engines(const char *accelName,
                             const char *accelDir)
 {
@@ -284,6 +290,7 @@ crypto_openssl_init_engines(const char *accelName,
   (void)accelName;
   (void)accelDir;
   log_warn(LD_CRYPTO, "No OpenSSL hardware acceleration support enabled.");
+  return 0;
 #else
   ENGINE *e = NULL;
 
@@ -292,6 +299,9 @@ crypto_openssl_init_engines(const char *accelName,
   ENGINE_register_all_complete();
 
   if (accelName) {
+    const bool required = accelName[0] == '!';
+    if (required)
+      ++accelName;
     if (accelDir) {
       log_info(LD_CRYPTO, "Trying to load dynamic OpenSSL engine \"%s\""
                " via path \"%s\".", accelName, accelDir);
@@ -304,6 +314,8 @@ crypto_openssl_init_engines(const char *accelName,
     if (!e) {
       log_warn(LD_CRYPTO, "Unable to load dynamic OpenSSL engine \"%s\".",
                accelName);
+      if (required)
+        return -1;
     } else {
       log_info(LD_CRYPTO, "Loaded dynamic OpenSSL engine \"%s\".",
                accelName);
@@ -340,6 +352,7 @@ crypto_openssl_init_engines(const char *accelName,
 #ifdef NID_aes_256_gcm
   log_engine("AES-256-GCM", ENGINE_get_cipher_engine(NID_aes_256_gcm));
 #endif
+  return 0;
 
 #endif /* defined(DISABLE_ENGINES) */
 }
@@ -350,7 +363,8 @@ crypto_openssl_late_init(int useAccel, const char *accelName,
                          const char *accelDir)
 {
   if (useAccel > 0) {
-    crypto_openssl_init_engines(accelName, accelDir);
+    if (crypto_openssl_init_engines(accelName, accelDir) < 0)
+      return -1;
   } else {
     log_info(LD_CRYPTO, "NOT using OpenSSL engine support.");
   }