diff options
| author | Nick Mathewson <nickm@torproject.org> | 2019-11-07 07:42:58 -0500 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2019-11-07 07:42:58 -0500 |
| commit | de7053b8967db64ae2a871d11b12afbcb9b1f8a6 (patch) | |
| tree | ea41357a0b0d96dfd3826a55ab841d4ce183fd7a /src/lib/crypt_ops | |
| parent | c550990400cbab450eaead69f6dd5261b89b484f (diff) | |
| download | tor-de7053b8967db64ae2a871d11b12afbcb9b1f8a6.tar.gz tor-de7053b8967db64ae2a871d11b12afbcb9b1f8a6.zip | |
Adjustments to 32406 per review
When we are failing because of a lack of a _required_ engine, note
that the engine was "required".
When engines are disabled, any required engine should cause a
failure.
Diffstat (limited to 'src/lib/crypt_ops')
| -rw-r--r-- | src/lib/crypt_ops/crypto_openssl_mgt.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/src/lib/crypt_ops/crypto_openssl_mgt.c b/src/lib/crypt_ops/crypto_openssl_mgt.c index d7a3e0692b..f028422acb 100644 --- a/src/lib/crypt_ops/crypto_openssl_mgt.c +++ b/src/lib/crypt_ops/crypto_openssl_mgt.c @@ -290,6 +290,11 @@ crypto_openssl_init_engines(const char *accelName, (void)accelName; (void)accelDir; log_warn(LD_CRYPTO, "No OpenSSL hardware acceleration support enabled."); + if (accelName && accelName[0] == '!') { + log_warn(LD_CRYPTO, "Unable to load required dynamic OpenSSL engine " + "\"%s\".", accelName+1); + return -1; + } return 0; #else ENGINE *e = NULL; @@ -312,7 +317,8 @@ crypto_openssl_init_engines(const char *accelName, e = ENGINE_by_id(accelName); } if (!e) { - log_warn(LD_CRYPTO, "Unable to load dynamic OpenSSL engine \"%s\".", + log_warn(LD_CRYPTO, "Unable to load %sdynamic OpenSSL engine \"%s\".", + required?"required ":"", accelName); if (required) return -1; |