I understand from the cvs check-in log that the process for loading engines
changed for 1.53 to use the ENGINE_get_static_state function to check for a
static vs. dynamic library. The _stable version of the code has been
updated, it seems, to use ERR_get_implementation to check for statically
loaded libraries (from 1.36.2.9):
#define IMPLEMENT_DYNAMIC_BIND_FN(fn) \
int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { \
if (ERR_get_implementation() != fns->err_fns) \
{ \
if(!CRYPTO_set_mem_functions(fns->mem_fns.malloc_cb, \
fns->mem_fns.realloc_cb, fns->mem_fns.free_cb)) \
return 0; \
CRYPTO_set_locking_callback(fns->lock_fns.lock_locking_cb); \
CRYPTO_set_add_lock_callback(fns->lock_fns.lock_add_lock_cb); \
CRYPTO_set_dynlock_create_callback(fns->lock_fns.dynlock_create_cb); \
CRYPTO_set_dynlock_lock_callback(fns->lock_fns.dynlock_lock_cb); \
CRYPTO_set_dynlock_destroy_callback(fns->lock_fns.dynlock_destroy_cb); \
if(!CRYPTO_set_ex_data_implementation(fns->ex_data_fns)) \
return 0; \
if(!ERR_set_implementation(fns->err_fns)) return 0; \
} \
if(!fn(e,id)) return 0; \
return 1; }
If the library is statically compiled, then the ERR_get_implementation will
initialize the static err_fns to err_defaults. The ERR_set_implementation
will then report an error because that static err_fns is not null.
I think this effectively makes statically linked engines impossible - which I
really don't mind. Can we just always use shared engines as of 0.9.7d?
Thanks to Zoltan Tesch for actually tracking this down.
Kevin
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
