Change #238324
| Category | curl |
| Changed by | Piotr Nakraszewicz <piotr.nakraszewicz@consult.red> |
| Changed at | Fri 04 Jul 2025 08:28:46 |
| Repository | https://github.com/curl/curl.git |
| Project | curl |
| Branch | master |
| Revision | e022da0e8301b0bcc905cd2ca09879ca860e0332 |
Comments
openssl: fix pkcs11 provider available check Commit f2ce6c46 among other things added the use of own library context instead of the default context. Default context has access to OpenSSL configuration file, own context doesn't have it. Therefore if a pkcs11 provider is loaded via config file, the function OSSL_PROVIDER_available() incorrectly detects the provider as unavailable. Fix this by loading the OpenSSL config to the library context according to OpenSSL documentation: "OSSL_LIB_CTX_load_config() loads a configuration file using the given ctx. This can be used to associate a library context with providers that are loaded from a configuration." Moreover use the provider_loaded flag instead of provider pointer to determine if a provider is available, as the latter is not set when the provider is loaded from a configuration. Closes #17804
Changed files
- lib/vtls/openssl.c