daa24a
# HG changeset patch
daa24a
# User Anderson Sasaki <ansasaki@redhat.com>
daa24a
# Date 1533742801 -7200
daa24a
#      Wed Aug 08 17:40:01 2018 +0200
daa24a
# Node ID ae457c9b2967da1b05aefcf1e81c099e9375c0d7
daa24a
# Parent  ba971deb4b447662e3c47fcc860b34d43469162a
daa24a
SSL: added ENGINE_init() call before loading key.
daa24a
daa24a
It is necessary to call ENGINE_init() before using an OpenSSL engine
daa24a
to get the engine functional reference.  Without this, when
daa24a
ENGINE_load_private_key() is called, the engine is still uninitialized.
daa24a
daa24a
diff -r ba971deb4b44 -r ae457c9b2967 src/event/ngx_event_openssl.c
daa24a
--- a/src/event/ngx_event_openssl.c	Tue Aug 07 02:16:07 2018 +0300
daa24a
+++ b/src/event/ngx_event_openssl.c	Wed Aug 08 17:40:01 2018 +0200
daa24a
@@ -533,6 +533,13 @@
daa24a
             return NGX_ERROR;
daa24a
         }
daa24a
 
daa24a
+        if (!ENGINE_init(engine)) {
daa24a
+            ngx_ssl_error(NGX_LOG_EMERG, ssl->log, 0,
daa24a
+                          "ENGINE_init(\"%s\") failed", p);
daa24a
+            ENGINE_free(engine);
daa24a
+            return NGX_ERROR;
daa24a
+        }
daa24a
+
daa24a
         *last++ = ':';
daa24a
 
daa24a
         pkey = ENGINE_load_private_key(engine, (char *) last, 0, 0);
daa24a
@@ -540,10 +547,12 @@
daa24a
         if (pkey == NULL) {
daa24a
             ngx_ssl_error(NGX_LOG_EMERG, ssl->log, 0,
daa24a
                           "ENGINE_load_private_key(\"%s\") failed", last);
daa24a
+            ENGINE_finish(engine);
daa24a
             ENGINE_free(engine);
daa24a
             return NGX_ERROR;
daa24a
         }
daa24a
 
daa24a
+        ENGINE_finish(engine);
daa24a
         ENGINE_free(engine);
daa24a
 
daa24a
         if (SSL_CTX_use_PrivateKey(ssl->ctx, pkey) == 0) {