Dear OpenSSL developers, I would like to propose the following patch to engines/e_chil.c:
Index: engines/e_chil.c
===================================================================
RCS file: /home/openssl/cvs/openssl/engines/e_chil.c,v
retrieving revision 1.5
diff -u -r1.5 e_chil.c
--- engines/e_chil.c 18 Mar 2006 14:22:20 -0000 1.5
+++ engines/e_chil.c 20 Oct 2008 19:12:11 -0000
@@ -588,12 +588,6 @@
hwcrhk_globals.mutex_release = hwcrhk_mutex_unlock;
hwcrhk_globals.mutex_destroy = hwcrhk_mutex_destroy;
}
- else if (CRYPTO_get_locking_callback() != NULL)
- {
-
HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_LOCKING_MISSING);
- ERR_add_error_data(1,"You HAVE to add dynamic locking
callbacks
via CRYPTO_set_dynlock_{create,lock,destroy}_callback()");
- goto err;
- }
}
/* Try and get a context - if not, we may have a DSO but no
The effect will be that the CHIL engine can be loaded into any
program, whether multithreaded or not. It does not release the
developer from the obligation to set up the dynamic locking
callbacks. It just stops the engine from trying to be its brother's
keeper, which it has no business doing.
Please consider this patch against the CVS trunk for backport to 0.9.8.
Thank you,
Sander
--
[EMAIL PROTECTED] http://www.temme.net/sander/
PGP FP: 51B4 8727 466A 0BC3 69F4 B7B8 B2BE BC40 1529 24AF
openssl_chil_nolocks_donotbreak.patch
Description: Binary data
smime.p7s
Description: S/MIME cryptographic signature
