In OPENSSL_init_ssl(), run the base ssl init before OPENSSL_init_crypto() IF OPENSSL_init_ssl() is called with the option flag OPENSSL_INIT_LOAD_CONFIG, any SSL config will be handled wrongly (i.e. there will be an attempt to load libssl_conf.so or whatever corresponds to that on non-Unix platforms). Therefore, at least SSL_add_ssl_module() MUST be called before OPENSSL_init_crypto() is called. The base ssl init does that, plus adds all kinds of ciphers and digests, which is harmless. Fixes #4788 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4792)

commit: 0a90a6831e02e00d9043ada635421cfd3da5ffe2 [log] [tgz]
author: Richard Levitte <levitte@openssl.org> Sat Nov 25 12:02:58 2017 +0100
committer: Richard Levitte <levitte@openssl.org> Fri Dec 08 16:08:39 2017 +0100
tree: 4bd43d075b746deec3d3ad6a4385ab138f9f7ba0
parent: a14715888bc4b5bd2b1da3f8ac7d4cabef8c9cb8 [diff]
diff --git a/ssl/ssl_init.c b/ssl/ssl_init.c
index 8eb6ef1..34e6773 100644
--- a/ssl/ssl_init.c
+++ b/ssl/ssl_init.c

@@ -195,11 +195,11 @@
         return 0;
     }
 
-    if (!OPENSSL_init_crypto(opts | OPENSSL_INIT_ADD_ALL_CIPHERS
-                             | OPENSSL_INIT_ADD_ALL_DIGESTS, settings))
+    if (!RUN_ONCE(&ssl_base, ossl_init_ssl_base))
         return 0;
 
-    if (!RUN_ONCE(&ssl_base, ossl_init_ssl_base))
+    if (!OPENSSL_init_crypto(opts | OPENSSL_INIT_ADD_ALL_CIPHERS
+                             | OPENSSL_INIT_ADD_ALL_DIGESTS, settings))
         return 0;
 
     if ((opts & OPENSSL_INIT_NO_LOAD_SSL_STRINGS)
commit	0a90a6831e02e00d9043ada635421cfd3da5ffe2	[log] [tgz]
author	Richard Levitte <levitte@openssl.org>	Sat Nov 25 12:02:58 2017 +0100
committer	Richard Levitte <levitte@openssl.org>	Fri Dec 08 16:08:39 2017 +0100
tree	4bd43d075b746deec3d3ad6a4385ab138f9f7ba0
parent	a14715888bc4b5bd2b1da3f8ac7d4cabef8c9cb8 [diff]