isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Only initialize the SSL library once.

Browse Source
This commit is contained in:
Todd C. Miller
2021-04-08 15:14:13 -06:00
parent c2909e20ee
commit 8f0c16f06e
1 changed files with 8 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
logsrvd/tls_init.c
View File

@@ -183,11 +183,16 @@ init_tls_context(const char *ca_bundle_file, const char *cert_file,
{ {
SSL_CTX *ctx = NULL; SSL_CTX *ctx = NULL;
const char *errstr; const char *errstr;
static bool initialized;
debug_decl(init_tls_context, SUDO_DEBUG_UTIL); debug_decl(init_tls_context, SUDO_DEBUG_UTIL);
/* Only initialize the SSL library once. */
if (!initialized) {
SSL_library_init(); SSL_library_init();
OpenSSL_add_all_algorithms(); OpenSSL_add_all_algorithms();
SSL_load_error_strings(); SSL_load_error_strings();
initialized = true;
}
/* Create the ssl context and enforce TLS 1.2 or higher. */ /* Create the ssl context and enforce TLS 1.2 or higher. */
if ((ctx = SSL_CTX_new(TLS_client_method())) == NULL) { if ((ctx = SSL_CTX_new(TLS_client_method())) == NULL) {