Explicitly initialize OpenSSL with SSL proxy specs

Make sure we always initialize OpenSSL explicitly, even if there are no certificates or keys loaded or generated. Previously, OpenSSL would only have been initialized if the configuration actually uses certificates or keys, which is not always the case, e.g. with -t pointing to an empty directory. Issue: #92 Reported by: xelalexv
10 years ago · 95d4a9bc35
parent dd0d3238ca
commit 95d4a9bc35
1 changed files with 5 additions and 0 deletions
--- a/main.c
+++ b/main.c
@ -696,6 +696,11 @@ main(int argc, char *argv[])
 		spec->natsocket = nat_getsocketcb(spec->natengine);
 	}
 	if (opts_has_ssl_spec(opts)) {
+		if (ssl_init() == -1) {
+			fprintf(stderr, "%s: failed to initialize OpenSSL.\n",
+			                argv0);
+			exit(EXIT_FAILURE);
+		}
 		if ((opts->cacrt || !opts->tgcrtdir) && !opts->cakey) {
 			fprintf(stderr, "%s: no CA key specified (-k).\n",
 			                argv0);