aboutsummaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorPhilipp Waehnert <philipp.waehnert@mgm-tp.com>2018-07-25 11:00:15 +0200
committerDaniel Stenberg <daniel@haxx.se>2018-09-07 09:38:33 +0200
commit6684653b682bae0be75ea62bb473b126923952f1 (patch)
tree3e5749139cd2cdaba658fbd530473c51beffe197 /lib
parentc515294cec6ee9b72d68e6f13dc1972bcf3fed30 (diff)
configure: add option to disable automatic OpenSSL config loading
Sometimes it may be considered a security risk to load an external OpenSSL configuration automatically inside curl_global_init(). The configuration option --disable-ssl-auto-load-config disables this automatism. The Windows build scripts winbuild/Makefile.vs provide a corresponding option ENABLE_SSL_AUTO_LOAD_CONFIG accepting a boolean value. Setting neither of these options corresponds to the previous behavior loading the external OpenSSL configuration automatically. Fixes #2724 Closes #2791
Diffstat (limited to 'lib')
-rw-r--r--lib/vtls/openssl.c2
1 files changed, 2 insertions, 0 deletions
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index ce890fe3c..d257d9490 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -994,9 +994,11 @@ static int Curl_ossl_init(void)
#define CONF_MFLAGS_DEFAULT_SECTION 0x0
#endif
+#ifndef CURL_DISABLE_OPENSSL_AUTO_LOAD_CONFIG
CONF_modules_load_file(NULL, NULL,
CONF_MFLAGS_DEFAULT_SECTION|
CONF_MFLAGS_IGNORE_MISSING_FILE);
+#endif
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && \
!defined(LIBRESSL_VERSION_NUMBER)