This definitely needs some decent testing; nobody wants to make things worse :); I'm on vacation for now, I'll try to come here next week with a piece of tested code. My intention is to get a patch that will not only add the config handling capability, but also won't break anything in PHP, with curl module enabled and regardless of the module loading order. Right now it works only if modules are loaded in particular order, because the same patch for php openssl module is also known and widely spread across the php bugtracker.

---
** [bugs:#1208] curl is unable to load non-default openssl engines**
**Status:** open-confirmed
**Labels:** openssl 
**Created:** Mon Mar 25, 2013 12:18 AM UTC by drook
**Last Updated:** Mon Mar 25, 2013 11:22 PM UTC
**Owner:** Daniel Stenberg
curl is unable to load non-default openssl engines, because openssl isn't initialized properly - curl ignores the openssl configutration file. for example curl cannot load ccgost engine, provided since 1.0.0:
    # /usr/local/openssl/bin/openssl engine
    (rsax) RSAX engine support
    (rdrand) Intel RDRAND engine
    (dynamic) Dynamic engine loading support
    (gost) Reference implementation of GOST engine
    # ldd /usr/local/curl/bin/curl
        linux-vdso.so.1 =>  (0x00007fff0c9ff000)
        libcurl.so.4 => /usr/local/curl/lib/libcurl.so.4 (0x00007fb5f1f17000)
        libz.so.1 => /usr/lib/libz.so.1 (0x00007fb5f1d00000)
        librt.so.1 => /lib/librt.so.1 (0x00007fb5f1af7000)
        libc.so.6 => /lib/libc.so.6 (0x00007fb5f1795000)
        libssl.so.1.0.0 => /usr/local/openssl/lib/libssl.so.1.0.0 (0x00007fb5f152c000)
        libcrypto.so.1.0.0 => /usr/local/openssl/lib/libcrypto.so.1.0.0 (0x00007fb5f1151000)
        libpthread.so.0 => /lib/libpthread.so.0 (0x00007fb5f0f35000)
        /lib64/ld-linux-x86-64.so.2 (0x00007fb5f2178000)
        libdl.so.2 => /lib/libdl.so.2 (0x00007fb5f0d31000)
    # /usr/local/curl/bin//curl --engine list
    Build-time engines:
      rsax
      rdrand
      dynamic
"It is strongly recommended that all new applications call OPENSSL_config() or the more sophisticated functions such as CONF_modules_load() during initialization (that is before starting any threads). By doing this an application does not need to keep track of all configuration options and some new functionality can be supported automatically." - curl totally ignores this openssl note.
The patch provided fixes the issue.
---
Sent from sourceforge.net because you indicated interest in <https://sourceforge.net/p/curl/bugs/1208/>
To unsubscribe from further messages, please visit <https://sourceforge.net/auth/prefs/>