#4077: OpenSSL 3: Don't throw if legacy provider is not available

pocoproject · Jul 10, 2023 · e3a81b2 · e3a81b2
1 parent 1d64c61
commit e3a81b2
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 1 deletion.
diff --git a/Crypto/include/Poco/Crypto/OpenSSLInitializer.h b/Crypto/include/Poco/Crypto/OpenSSLInitializer.h
@@ -68,6 +68,9 @@ class Crypto_API OpenSSLInitializer
 	static void enableFIPSMode(bool enabled);
 		/// Enable or disable FIPS mode. If FIPS is not available, this method doesn't do anything.
 
+	static bool haveLegacyProvider();
+		/// Returns true if the OpenSSL 3.x legacy provider is available, otherwise false.
+
 protected:
 	enum
 	{
@@ -109,6 +112,7 @@ inline bool OpenSSLInitializer::isFIPSEnabled()
 #endif
 }
 
+
 #ifdef OPENSSL_FIPS
 inline void OpenSSLInitializer::enableFIPSMode(bool enabled)
 {
@@ -121,6 +125,12 @@ inline void OpenSSLInitializer::enableFIPSMode(bool /*enabled*/)
 #endif
 
 
+inline bool OpenSSLInitializer::haveLegacyProvider()
+{
+	return _legacyProvider != nullptr;
+}
+
+
 } } // namespace Poco::Crypto
 
 

diff --git a/Crypto/src/OpenSSLInitializer.cpp b/Crypto/src/OpenSSLInitializer.cpp
@@ -137,7 +137,6 @@ void OpenSSLInitializer::initialize()
 		if (!_legacyProvider)
 		{
 			_legacyProvider = OSSL_PROVIDER_load(NULL, "legacy");
-			if (!_legacyProvider) throw CryptoException("Failed to load OpenSSL legacy provider");
 		}
 #endif
 	}