From 171a1e29d7c6492596c225ddd22a6c56a3e906c5 Mon Sep 17 00:00:00 2001
From: Shauren <shauren.trinity@gmail.com>
Date: Thu, 9 Oct 2025 12:08:33 +0200
Subject: Core/Crypto: Check openssl legacy provider load result at startup
 instead of only failing after first login attempt

---
 src/common/Cryptography/OpenSSLCrypto.cpp | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

(limited to 'src/common/Cryptography/OpenSSLCrypto.cpp')

diff --git a/src/common/Cryptography/OpenSSLCrypto.cpp b/src/common/Cryptography/OpenSSLCrypto.cpp
index e6224d13841..1337694f105 100644
--- a/src/common/Cryptography/OpenSSLCrypto.cpp
+++ b/src/common/Cryptography/OpenSSLCrypto.cpp
@@ -16,12 +16,12 @@
  */
 
 #include "OpenSSLCrypto.h"
+#include "Errors.h"
 #include <openssl/crypto.h>
 
 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
 #include <openssl/provider.h>
 OSSL_PROVIDER* LegacyProvider;
-OSSL_PROVIDER* DefaultProvider;
 #endif
 
 void OpenSSLCrypto::threadsSetup([[maybe_unused]] boost::filesystem::path const& providerModulePath)
@@ -29,9 +29,12 @@ void OpenSSLCrypto::threadsSetup([[maybe_unused]] boost::filesystem::path const&
 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
 #if TRINITY_PLATFORM == TRINITY_PLATFORM_WINDOWS
     OSSL_PROVIDER_set_default_search_path(nullptr, providerModulePath.string().c_str());
+#define OPENSSL_LEGACY_PROVIDER_FILENAME "legacy.dll"
+#else
+#define OPENSSL_LEGACY_PROVIDER_FILENAME "legacy.so"
 #endif
-    LegacyProvider = OSSL_PROVIDER_load(nullptr, "legacy");
-    DefaultProvider = OSSL_PROVIDER_load(nullptr, "default");
+    LegacyProvider = OSSL_PROVIDER_try_load(nullptr, "legacy", 1);
+    WPFatal(LegacyProvider != nullptr, "OpenSSL failed to load " OPENSSL_LEGACY_PROVIDER_FILENAME);
 #endif
 }
 
@@ -39,7 +42,6 @@ void OpenSSLCrypto::threadsCleanup()
 {
 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
     OSSL_PROVIDER_unload(LegacyProvider);
-    OSSL_PROVIDER_unload(DefaultProvider);
     OSSL_PROVIDER_set_default_search_path(nullptr, nullptr);
 #endif
 }
-- 
cgit v1.2.3