Load the default config file before working with default properties

A config file can change the global default properties. Therefore we
must ensure that the config file is loaded before reading or amending
them.

Fixes #12565

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12567)

crypto/evp/evp_cnf.c

@@ -14,6 +14,7 @@
 #include <openssl/x509.h>
 #include <openssl/x509v3.h>
 #include <openssl/trace.h>
+#include "crypto/evp.h"
 
 DEFINE_STACK_OF(CONF_VALUE)
 
@@ -52,7 +53,7 @@ static int alg_module_init(CONF_IMODULE *md, const CONF *cnf)
                 return 0;
             }
         } else if (strcmp(oval->name, "default_properties") == 0) {
-            if (!EVP_set_default_properties(cnf->libctx, oval->value)) {
+            if (!evp_set_default_properties_int(cnf->libctx, oval->value, 0)) {
                 EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_SET_DEFAULT_PROPERTY_FAILURE);
                 return 0;
             }

crypto/evp/evp_fetch.c

@@ -377,11 +377,12 @@ void evp_method_store_flush(OPENSSL_CTX *libctx)
         ossl_method_store_flush_cache(store, 1);
 }
 
-static int evp_set_default_properties(OPENSSL_CTX *libctx,
-                                      OSSL_PROPERTY_LIST *def_prop)
+static int evp_set_parsed_default_properties(OPENSSL_CTX *libctx,
+                                             OSSL_PROPERTY_LIST *def_prop,
+                                             int loadconfig)
 {
     OSSL_METHOD_STORE *store = get_evp_method_store(libctx);
-    OSSL_PROPERTY_LIST **plp = ossl_ctx_global_properties(libctx);
+    OSSL_PROPERTY_LIST **plp = ossl_ctx_global_properties(libctx, loadconfig);
 
     if (plp != NULL) {
         ossl_property_free(*plp);
@@ -394,7 +395,8 @@ static int evp_set_default_properties(OPENSSL_CTX *libctx,
     return 0;
 }
 
-int EVP_set_default_properties(OPENSSL_CTX *libctx, const char *propq)
+int evp_set_default_properties_int(OPENSSL_CTX *libctx, const char *propq,
+                                   int loadconfig)
 {
     OSSL_PROPERTY_LIST *pl = NULL;
 
@@ -402,13 +404,17 @@ int EVP_set_default_properties(OPENSSL_CTX *libctx, const char *propq)
         EVPerr(0, EVP_R_DEFAULT_QUERY_PARSE_ERROR);
         return 0;
     }
-    return evp_set_default_properties(libctx, pl);
+    return evp_set_parsed_default_properties(libctx, pl, loadconfig);
 }
 
+int EVP_set_default_properties(OPENSSL_CTX *libctx, const char *propq)
+{
+    return evp_set_default_properties_int(libctx, propq, 1);
+}
 
 static int evp_default_properties_merge(OPENSSL_CTX *libctx, const char *propq)
 {
-    OSSL_PROPERTY_LIST **plp = ossl_ctx_global_properties(libctx);
+    OSSL_PROPERTY_LIST **plp = ossl_ctx_global_properties(libctx, 1);
     OSSL_PROPERTY_LIST *pl1, *pl2;
 
     if (propq == NULL)
@@ -425,13 +431,13 @@ static int evp_default_properties_merge(OPENSSL_CTX *libctx, const char *propq)
         EVPerr(0, ERR_R_MALLOC_FAILURE);
         return 0;
     }
-    return evp_set_default_properties(libctx, pl2);
+    return evp_set_parsed_default_properties(libctx, pl2, 0);
 }
 
 static int evp_default_property_is_enabled(OPENSSL_CTX *libctx,
                                            const char *prop_name)
 {
-    OSSL_PROPERTY_LIST **plp = ossl_ctx_global_properties(libctx);
+    OSSL_PROPERTY_LIST **plp = ossl_ctx_global_properties(libctx, 1);
 
     return plp != NULL && ossl_property_is_enabled(libctx, prop_name, *plp);
 }

crypto/property/property.c

@@ -96,8 +96,13 @@ static const OPENSSL_CTX_METHOD ossl_ctx_global_properties_method = {
     ossl_ctx_global_properties_free,
 };
 
-OSSL_PROPERTY_LIST **ossl_ctx_global_properties(OPENSSL_CTX *libctx)
+OSSL_PROPERTY_LIST **ossl_ctx_global_properties(OPENSSL_CTX *libctx,
+                                                int loadconfig)
 {
+#ifndef FIPS_MODULE
+    if (loadconfig && !OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL))
+        return NULL;
+#endif
     return openssl_ctx_get_data(libctx, OPENSSL_CTX_GLOBAL_PROPERTIES,
                                 &ossl_ctx_global_properties_method);
 }
@@ -352,7 +357,7 @@ int ossl_method_store_fetch(OSSL_METHOD_STORE *store, int nid,
 
     if (prop_query != NULL)
         p2 = pq = ossl_parse_query(store->ctx, prop_query);
-    plp = ossl_ctx_global_properties(store->ctx);
+    plp = ossl_ctx_global_properties(store->ctx, 1);
     if (plp != NULL && *plp != NULL) {
         if (pq == NULL) {
             pq = *plp;

include/crypto/evp.h

@@ -771,3 +771,5 @@ EVP_PKEY *evp_pkcs82pkey_int(const PKCS8_PRIV_KEY_INFO *p8, OPENSSL_CTX *libctx,
                              const char *propq);
 #endif /* !defined(FIPS_MODULE) */
 void evp_method_store_flush(OPENSSL_CTX *libctx);
+int evp_set_default_properties_int(OPENSSL_CTX *libctx, const char *propq,
+                                   int loadconfig);

include/internal/property.h

@@ -45,7 +45,7 @@ int ossl_method_store_fetch(OSSL_METHOD_STORE *store, int nid,
                             const char *prop_query, void **method);
 
 /* Get the global properties associate with the specified library context */
-OSSL_PROPERTY_LIST **ossl_ctx_global_properties(OPENSSL_CTX *ctx);
+OSSL_PROPERTY_LIST **ossl_ctx_global_properties(OPENSSL_CTX *ctx, int loadconfig);
 
 /* property query cache functions */
 int ossl_method_store_cache_get(OSSL_METHOD_STORE *store, int nid,