On 24 Jun 2019, at 08:46, Ruediger Pluem <[email protected]> wrote: >> URL: http://svn.apache.org/viewvc?rev=1861947&view=rev >> Log: >> After reinstatement of DSO support in APR/APR-util, revert r1837437, >> r1837435, r1834553, r1833598, r1833452, r1833383, r1833368.
>> -#else /* USE_APR_CRYPTO_LIB_INIT */
>> - {
>> - /* We must register the library in full, to ensure our configuration
>> - * code can successfully test the SSL environment.
>> - */
>> -/* Both undefined (or no-op) with LibreSSL */
>> -#if !defined(LIBRESSL_VERSION_NUMBER)
>> -#if MODSSL_USE_OPENSSL_PRE_1_1_API
>> - CRYPTO_malloc_init();
>> -#else
>> - OPENSSL_malloc_init();
>> -#endif
>> -#endif
>> - ERR_load_crypto_strings();
>> -#if HAVE_ENGINE_LOAD_BUILTIN_ENGINES
>> - ENGINE_load_builtin_engines();
>> -#endif
>> - OpenSSL_add_all_algorithms();
>> - OPENSSL_load_builtin_modules();
>> -
>> - SSL_load_error_strings();
>> - SSL_library_init();
>> -
>> - /*
>> - * Let us cleanup the ssl library when the module is unloaded
>> - */
>> - apr_pool_cleanup_register(pconf, NULL, ssl_cleanup_pre_config,
>> - apr_pool_cleanup_null);
>> - }
>> -
>> -#if APR_HAS_THREADS && MODSSL_USE_OPENSSL_PRE_1_1_API
>> /* Some OpenSSL internals are allocated per-thread, make sure they
>> - * are associated to the/our same thread-id until cleaned up. Then
>> - * initialize all the thread locking stuff needed by the lib.
>> + * are associated to the/our same thread-id until cleaned up.
>> */
>> +#if APR_HAS_THREADS && MODSSL_USE_OPENSSL_PRE_1_1_API
>> ssl_util_thread_id_setup(pconf);
>> - ssl_util_thread_setup(pconf);
>> #endif
>> -#endif /* USE_APR_CRYPTO_LIB_INIT */
>> +
>> + /* We must register the library in full, to ensure our configuration
>> + * code can successfully test the SSL environment.
>> + */
>> +#if MODSSL_USE_OPENSSL_PRE_1_1_API || defined(LIBRESSL_VERSION_NUMBER)
>> + (void)CRYPTO_malloc_init();
>> +#else
>> + OPENSSL_malloc_init();
>> +#endif
>> + ERR_load_crypto_strings();
>> + SSL_load_error_strings();
>> + SSL_library_init();
>> +#if HAVE_ENGINE_LOAD_BUILTIN_ENGINES
>> + ENGINE_load_builtin_engines();
>> +#endif
>> + OpenSSL_add_all_algorithms();
>> + OPENSSL_load_builtin_modules();
>
> Is there any reason why the order of the above 6 library calls has changed?
> The order doesn't matter?
I have no idea to be honest, to answer this we would need to pick apart the
original reverted commits to see why.
>> @@ -302,6 +301,10 @@ apr_status_t ssl_init_Module(apr_pool_t
>> #endif
>> }
>>
>> +#if APR_HAS_THREADS && MODSSL_USE_OPENSSL_PRE_1_1_API
>> + ssl_util_thread_setup(p);
>> +#endif
>> +
>
> Why moving it here and not leaving it in the old place?
Again, this is a revert, the original changes would need to be analysed to
answer this.
Regards,
Graham
—
smime.p7s
Description: S/MIME cryptographic signature
