From: tb <tb@openbsd.org>
Date: Wed, 22 Nov 2023 15:53:53 +0000 (+0000)
Subject: Make SSL_library_init() a wrapper of OPENSSL_init_ssl()
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=f1cab7dbd58658972ff1b75f6c4f7c5965127235;p=openbsd

Make SSL_library_init() a wrapper of OPENSSL_init_ssl()

This way it doesn't do nonsensical work for all those who cargo culted an
init sequence. There's no point in having SSL_library_init() as a cheaper
version of OPENSSL_init_ssl(): once you do crypto, you'll init crypto...

Also move the now trivial implementation to ssl_init.c which has a good
license.

ok jsing
---

diff --git a/lib/libssl/ssl_algs.c b/lib/libssl/ssl_algs.c
index 684697df516..c5c3619cc6d 100644
--- a/lib/libssl/ssl_algs.c
+++ b/lib/libssl/ssl_algs.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_algs.c,v 1.32 2023/07/08 16:40:13 beck Exp $ */
+/* $OpenBSD: ssl_algs.c,v 1.33 2023/11/22 15:53:53 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -64,62 +64,3 @@
 
 #include "ssl_local.h"
 
-int
-SSL_library_init(void)
-{
-
-#ifndef OPENSSL_NO_DES
-	EVP_add_cipher(EVP_des_cbc());
-	EVP_add_cipher(EVP_des_ede3_cbc());
-#endif
-#ifndef OPENSSL_NO_RC4
-	EVP_add_cipher(EVP_rc4());
-#if !defined(OPENSSL_NO_MD5) && (defined(__x86_64) || defined(__x86_64__))
-	EVP_add_cipher(EVP_rc4_hmac_md5());
-#endif
-#endif
-#ifndef OPENSSL_NO_RC2
-	EVP_add_cipher(EVP_rc2_cbc());
-	/* Not actually used for SSL/TLS but this makes PKCS#12 work
-	 * if an application only calls SSL_library_init().
-	 */
-	EVP_add_cipher(EVP_rc2_40_cbc());
-#endif
-	EVP_add_cipher(EVP_aes_128_cbc());
-	EVP_add_cipher(EVP_aes_192_cbc());
-	EVP_add_cipher(EVP_aes_256_cbc());
-	EVP_add_cipher(EVP_aes_128_gcm());
-	EVP_add_cipher(EVP_aes_256_gcm());
-	EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1());
-	EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1());
-#ifndef OPENSSL_NO_CAMELLIA
-	EVP_add_cipher(EVP_camellia_128_cbc());
-	EVP_add_cipher(EVP_camellia_256_cbc());
-#endif
-#ifndef OPENSSL_NO_GOST
-	EVP_add_cipher(EVP_gost2814789_cfb64());
-	EVP_add_cipher(EVP_gost2814789_cnt());
-#endif
-
-	EVP_add_digest(EVP_md5());
-	EVP_add_digest(EVP_md5_sha1());
-	EVP_add_digest_alias(SN_md5, "ssl2-md5");
-	EVP_add_digest_alias(SN_md5, "ssl3-md5");
-
-	EVP_add_digest(EVP_sha1()); /* RSA with sha1 */
-	EVP_add_digest_alias(SN_sha1, "ssl3-sha1");
-	EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA);
-	EVP_add_digest(EVP_sha224());
-	EVP_add_digest(EVP_sha256());
-	EVP_add_digest(EVP_sha384());
-	EVP_add_digest(EVP_sha512());
-#ifndef OPENSSL_NO_GOST
-	EVP_add_digest(EVP_gostr341194());
-	EVP_add_digest(EVP_gost2814789imit());
-	EVP_add_digest(EVP_streebog256());
-	EVP_add_digest(EVP_streebog512());
-#endif
-
-	return (1);
-}
-LSSL_ALIAS(SSL_library_init);
diff --git a/lib/libssl/ssl_init.c b/lib/libssl/ssl_init.c
index 7df48fb6a0f..b314e714c10 100644
--- a/lib/libssl/ssl_init.c
+++ b/lib/libssl/ssl_init.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_init.c,v 1.5 2023/11/22 15:49:47 tb Exp $ */
+/* $OpenBSD: ssl_init.c,v 1.6 2023/11/22 15:53:53 tb Exp $ */
 /*
  * Copyright (c) 2018 Bob Beck <beck@openbsd.org>
  *
@@ -26,6 +26,13 @@
 
 static pthread_t ssl_init_thread;
 
+int
+SSL_library_init(void)
+{
+	return OPENSSL_init_ssl(0, NULL);
+}
+LSSL_ALIAS(SSL_library_init);
+
 static void
 OPENSSL_init_ssl_internal(void)
 {