2016-02-09 19:26:14 +08:00
|
|
|
/*
|
2018-01-19 17:49:22 +08:00
|
|
|
* Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
|
2016-02-09 19:26:14 +08:00
|
|
|
*
|
2018-12-06 21:03:01 +08:00
|
|
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
2016-05-18 02:51:34 +08:00
|
|
|
* this file except in compliance with the License. You can obtain a copy
|
|
|
|
* in the file LICENSE in the source distribution or at
|
|
|
|
* https://www.openssl.org/source/license.html
|
2016-02-09 19:26:14 +08:00
|
|
|
*/
|
|
|
|
|
2017-08-24 07:05:07 +08:00
|
|
|
#include "e_os.h"
|
2017-08-22 20:35:43 +08:00
|
|
|
#include "internal/cryptlib_int.h"
|
2016-02-09 19:26:14 +08:00
|
|
|
#include <openssl/err.h>
|
2017-08-22 20:35:43 +08:00
|
|
|
#include "internal/rand_int.h"
|
|
|
|
#include "internal/bio.h"
|
2016-02-09 19:26:14 +08:00
|
|
|
#include <openssl/evp.h>
|
2017-08-22 20:35:43 +08:00
|
|
|
#include "internal/evp_int.h"
|
|
|
|
#include "internal/conf.h"
|
|
|
|
#include "internal/async.h"
|
|
|
|
#include "internal/engine.h"
|
|
|
|
#include "internal/comp.h"
|
|
|
|
#include "internal/err.h"
|
|
|
|
#include "internal/err_int.h"
|
|
|
|
#include "internal/objects.h"
|
2016-02-09 19:26:14 +08:00
|
|
|
#include <stdlib.h>
|
2016-02-10 13:39:29 +08:00
|
|
|
#include <assert.h>
|
2017-08-22 20:35:43 +08:00
|
|
|
#include "internal/thread_once.h"
|
2018-03-23 08:05:23 +08:00
|
|
|
#include "internal/dso_conf.h"
|
2017-08-22 20:35:43 +08:00
|
|
|
#include "internal/dso.h"
|
|
|
|
#include "internal/store.h"
|
2018-12-13 07:32:57 +08:00
|
|
|
#include <openssl/trace.h>
|
2016-02-10 13:39:29 +08:00
|
|
|
|
|
|
|
static int stopped = 0;
|
2016-02-09 19:26:14 +08:00
|
|
|
|
2018-07-20 19:23:42 +08:00
|
|
|
/*
|
|
|
|
* Since per-thread-specific-data destructors are not universally
|
|
|
|
* available, i.e. not on Windows, only below CRYPTO_THREAD_LOCAL key
|
|
|
|
* is assumed to have destructor associated. And then an effort is made
|
|
|
|
* to call this single destructor on non-pthread platform[s].
|
|
|
|
*
|
|
|
|
* Initial value is "impossible". It is used as guard value to shortcut
|
|
|
|
* destructor for threads terminating before libcrypto is initialized or
|
|
|
|
* after it's de-initialized. Access to the key doesn't have to be
|
|
|
|
* serialized for the said threads, because they didn't use libcrypto
|
|
|
|
* and it doesn't matter if they pick "impossible" or derefernce real
|
|
|
|
* key value and pull NULL past initialization in the first thread that
|
|
|
|
* intends to use libcrypto.
|
|
|
|
*/
|
2018-08-16 15:26:12 +08:00
|
|
|
static union {
|
|
|
|
long sane;
|
|
|
|
CRYPTO_THREAD_LOCAL value;
|
|
|
|
} destructor_key = { -1 };
|
2016-02-09 17:13:45 +08:00
|
|
|
|
2018-07-20 19:23:42 +08:00
|
|
|
static void ossl_init_thread_stop(struct thread_local_inits_st *locals);
|
2016-02-09 19:26:14 +08:00
|
|
|
|
2018-07-20 19:23:42 +08:00
|
|
|
static void ossl_init_thread_destructor(void *local)
|
2016-02-09 19:26:14 +08:00
|
|
|
{
|
|
|
|
ossl_init_thread_stop((struct thread_local_inits_st *)local);
|
|
|
|
}
|
|
|
|
|
2016-02-10 07:09:44 +08:00
|
|
|
static struct thread_local_inits_st *ossl_init_get_thread_local(int alloc)
|
2016-02-09 19:26:14 +08:00
|
|
|
{
|
2016-03-02 23:23:57 +08:00
|
|
|
struct thread_local_inits_st *local =
|
2018-08-16 15:26:12 +08:00
|
|
|
CRYPTO_THREAD_get_local(&destructor_key.value);
|
2016-02-09 19:26:14 +08:00
|
|
|
|
2018-07-20 19:23:42 +08:00
|
|
|
if (alloc) {
|
|
|
|
if (local == NULL
|
|
|
|
&& (local = OPENSSL_zalloc(sizeof(*local))) != NULL
|
2018-08-16 15:26:12 +08:00
|
|
|
&& !CRYPTO_THREAD_set_local(&destructor_key.value, local)) {
|
2017-06-19 19:33:41 +08:00
|
|
|
OPENSSL_free(local);
|
|
|
|
return NULL;
|
|
|
|
}
|
2018-07-20 19:23:42 +08:00
|
|
|
} else {
|
2018-08-16 15:26:12 +08:00
|
|
|
CRYPTO_THREAD_set_local(&destructor_key.value, NULL);
|
2016-02-10 07:09:44 +08:00
|
|
|
}
|
2016-02-09 19:26:14 +08:00
|
|
|
|
|
|
|
return local;
|
|
|
|
}
|
|
|
|
|
2016-02-10 22:55:48 +08:00
|
|
|
typedef struct ossl_init_stop_st OPENSSL_INIT_STOP;
|
2016-02-09 19:26:14 +08:00
|
|
|
struct ossl_init_stop_st {
|
|
|
|
void (*handler)(void);
|
|
|
|
OPENSSL_INIT_STOP *next;
|
|
|
|
};
|
|
|
|
|
|
|
|
static OPENSSL_INIT_STOP *stop_handlers = NULL;
|
2016-03-07 22:39:22 +08:00
|
|
|
static CRYPTO_RWLOCK *init_lock = NULL;
|
2016-02-09 19:26:14 +08:00
|
|
|
|
2016-03-02 22:51:00 +08:00
|
|
|
static CRYPTO_ONCE base = CRYPTO_ONCE_STATIC_INIT;
|
2016-02-09 19:26:14 +08:00
|
|
|
static int base_inited = 0;
|
2016-07-20 01:42:11 +08:00
|
|
|
DEFINE_RUN_ONCE_STATIC(ossl_init_base)
|
2016-02-09 19:26:14 +08:00
|
|
|
{
|
2018-07-20 19:23:42 +08:00
|
|
|
CRYPTO_THREAD_LOCAL key;
|
|
|
|
|
2018-12-13 07:32:57 +08:00
|
|
|
if (ossl_trace_init() == 0)
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
OSSL_TRACE(INIT, "ossl_init_base: setting up stop handlers\n");
|
2016-07-09 01:40:08 +08:00
|
|
|
#ifndef OPENSSL_NO_CRYPTO_MDEBUG
|
|
|
|
ossl_malloc_setup_failures();
|
2016-02-09 19:26:14 +08:00
|
|
|
#endif
|
2018-07-20 19:23:42 +08:00
|
|
|
if (!CRYPTO_THREAD_init_local(&key, ossl_init_thread_destructor))
|
2018-04-20 21:45:06 +08:00
|
|
|
return 0;
|
|
|
|
if ((init_lock = CRYPTO_THREAD_lock_new()) == NULL)
|
|
|
|
goto err;
|
2016-02-09 19:26:14 +08:00
|
|
|
OPENSSL_cpuid_setup();
|
2016-11-15 07:58:51 +08:00
|
|
|
|
2018-08-16 15:26:12 +08:00
|
|
|
destructor_key.value = key;
|
2016-02-09 19:26:14 +08:00
|
|
|
base_inited = 1;
|
2018-04-20 21:45:06 +08:00
|
|
|
return 1;
|
|
|
|
|
|
|
|
err:
|
2018-12-13 07:32:57 +08:00
|
|
|
OSSL_TRACE(INIT, "ossl_init_base failed!\n");
|
2018-04-20 21:45:06 +08:00
|
|
|
CRYPTO_THREAD_lock_free(init_lock);
|
|
|
|
init_lock = NULL;
|
2016-10-18 21:13:25 +08:00
|
|
|
|
2018-07-20 19:23:42 +08:00
|
|
|
CRYPTO_THREAD_cleanup_local(&key);
|
2018-04-20 21:45:06 +08:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2018-11-16 00:27:34 +08:00
|
|
|
static CRYPTO_ONCE register_atexit = CRYPTO_ONCE_STATIC_INIT;
|
2018-11-17 01:26:23 +08:00
|
|
|
#if !defined(OPENSSL_SYS_UEFI) && defined(_WIN32)
|
|
|
|
static int win32atexit(void)
|
|
|
|
{
|
|
|
|
OPENSSL_cleanup();
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
2018-11-16 00:27:34 +08:00
|
|
|
DEFINE_RUN_ONCE_STATIC(ossl_init_register_atexit)
|
|
|
|
{
|
2018-11-17 01:26:23 +08:00
|
|
|
#ifdef OPENSSL_INIT_DEBUG
|
2018-11-16 00:27:34 +08:00
|
|
|
fprintf(stderr, "OPENSSL_INIT: ossl_init_register_atexit()\n");
|
2018-11-17 01:26:23 +08:00
|
|
|
#endif
|
2018-11-16 00:27:34 +08:00
|
|
|
#ifndef OPENSSL_SYS_UEFI
|
2018-11-17 01:26:23 +08:00
|
|
|
# ifdef _WIN32
|
|
|
|
/* We use _onexit() in preference because it gets called on DLL unload */
|
|
|
|
if (_onexit(win32atexit) == NULL)
|
|
|
|
return 0;
|
|
|
|
# else
|
2018-11-16 00:27:34 +08:00
|
|
|
if (atexit(OPENSSL_cleanup) != 0)
|
|
|
|
return 0;
|
2018-11-17 01:26:23 +08:00
|
|
|
# endif
|
2018-11-16 00:27:34 +08:00
|
|
|
#endif
|
|
|
|
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_register_atexit,
|
|
|
|
ossl_init_register_atexit)
|
|
|
|
{
|
|
|
|
#ifdef OPENSSL_INIT_DEBUG
|
|
|
|
fprintf(stderr, "OPENSSL_INIT: ossl_init_no_register_atexit ok!\n");
|
|
|
|
#endif
|
|
|
|
/* Do nothing in this case */
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
2018-04-20 21:45:06 +08:00
|
|
|
static CRYPTO_ONCE load_crypto_nodelete = CRYPTO_ONCE_STATIC_INIT;
|
|
|
|
DEFINE_RUN_ONCE_STATIC(ossl_init_load_crypto_nodelete)
|
|
|
|
{
|
2018-12-13 07:32:57 +08:00
|
|
|
OSSL_TRACE(INIT, "ossl_init_load_crypto_nodelete()\n");
|
|
|
|
|
2019-03-31 22:15:02 +08:00
|
|
|
#if !defined(OPENSSL_USE_NODELETE) \
|
2018-11-16 22:05:14 +08:00
|
|
|
&& !defined(OPENSSL_NO_PINSHARED)
|
2019-03-27 16:30:47 +08:00
|
|
|
# if defined(DSO_WIN32) && !defined(_WIN32_WCE)
|
2016-10-28 18:03:22 +08:00
|
|
|
{
|
|
|
|
HMODULE handle = NULL;
|
|
|
|
BOOL ret;
|
|
|
|
|
|
|
|
/* We don't use the DSO route for WIN32 because there is a better way */
|
|
|
|
ret = GetModuleHandleEx(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS
|
|
|
|
| GET_MODULE_HANDLE_EX_FLAG_PIN,
|
|
|
|
(void *)&base_inited, &handle);
|
|
|
|
|
2018-12-13 07:32:57 +08:00
|
|
|
OSSL_TRACE1(INIT,
|
|
|
|
"ossl_init_load_crypto_nodelete: "
|
|
|
|
"obtained DSO reference? %s\n",
|
|
|
|
(ret == TRUE ? "No!" : "Yes."));
|
2016-10-28 18:03:22 +08:00
|
|
|
return (ret == TRUE) ? 1 : 0;
|
|
|
|
}
|
2019-03-31 22:15:02 +08:00
|
|
|
# elif !defined(DSO_NONE)
|
2016-10-18 21:13:25 +08:00
|
|
|
/*
|
|
|
|
* Deliberately leak a reference to ourselves. This will force the library
|
2017-05-04 19:51:18 +08:00
|
|
|
* to remain loaded until the atexit() handler is run at process exit.
|
2016-10-18 21:13:25 +08:00
|
|
|
*/
|
|
|
|
{
|
2018-04-20 21:45:06 +08:00
|
|
|
DSO *dso;
|
|
|
|
void *err;
|
|
|
|
|
|
|
|
if (!err_shelve_state(&err))
|
|
|
|
return 0;
|
2016-10-18 21:13:25 +08:00
|
|
|
|
|
|
|
dso = DSO_dsobyaddr(&base_inited, DSO_FLAG_NO_UNLOAD_ON_FREE);
|
2018-03-20 01:37:46 +08:00
|
|
|
/*
|
|
|
|
* In case of No!, it is uncertain our exit()-handlers can still be
|
|
|
|
* called. After dlclose() the whole library might have been unloaded
|
|
|
|
* already.
|
|
|
|
*/
|
2018-12-13 07:32:57 +08:00
|
|
|
OSSL_TRACE1(INIT, "obtained DSO reference? %s\n",
|
|
|
|
(dso == NULL ? "No!" : "Yes."));
|
2016-10-18 21:13:25 +08:00
|
|
|
DSO_free(dso);
|
2018-04-20 21:45:06 +08:00
|
|
|
err_unshelve_state(err);
|
2016-10-18 21:13:25 +08:00
|
|
|
}
|
2016-10-28 18:03:22 +08:00
|
|
|
# endif
|
2016-10-18 22:11:57 +08:00
|
|
|
#endif
|
2016-10-18 21:13:25 +08:00
|
|
|
|
2016-07-20 01:42:11 +08:00
|
|
|
return 1;
|
2016-02-09 19:26:14 +08:00
|
|
|
}
|
|
|
|
|
2016-03-02 22:51:00 +08:00
|
|
|
static CRYPTO_ONCE load_crypto_strings = CRYPTO_ONCE_STATIC_INIT;
|
2016-02-09 19:26:14 +08:00
|
|
|
static int load_crypto_strings_inited = 0;
|
2016-07-20 01:42:11 +08:00
|
|
|
DEFINE_RUN_ONCE_STATIC(ossl_init_load_crypto_strings)
|
2016-02-09 19:26:14 +08:00
|
|
|
{
|
2016-07-12 21:50:06 +08:00
|
|
|
int ret = 1;
|
2016-02-09 17:39:07 +08:00
|
|
|
/*
|
|
|
|
* OPENSSL_NO_AUTOERRINIT is provided here to prevent at compile time
|
|
|
|
* pulling in all the error strings during static linking
|
|
|
|
*/
|
|
|
|
#if !defined(OPENSSL_NO_ERR) && !defined(OPENSSL_NO_AUTOERRINIT)
|
2018-12-13 07:32:57 +08:00
|
|
|
OSSL_TRACE(INIT, "err_load_crypto_strings_int()\n");
|
2016-07-12 21:50:06 +08:00
|
|
|
ret = err_load_crypto_strings_int();
|
2016-02-09 19:26:14 +08:00
|
|
|
load_crypto_strings_inited = 1;
|
2017-06-06 23:35:43 +08:00
|
|
|
#endif
|
2016-07-12 21:50:06 +08:00
|
|
|
return ret;
|
2016-02-09 19:26:14 +08:00
|
|
|
}
|
|
|
|
|
2018-11-20 23:32:55 +08:00
|
|
|
DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_load_crypto_strings,
|
|
|
|
ossl_init_load_crypto_strings)
|
|
|
|
{
|
|
|
|
/* Do nothing in this case */
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
2016-03-02 22:51:00 +08:00
|
|
|
static CRYPTO_ONCE add_all_ciphers = CRYPTO_ONCE_STATIC_INIT;
|
2016-07-20 01:42:11 +08:00
|
|
|
DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_ciphers)
|
2016-02-09 19:26:14 +08:00
|
|
|
{
|
|
|
|
/*
|
|
|
|
* OPENSSL_NO_AUTOALGINIT is provided here to prevent at compile time
|
|
|
|
* pulling in all the ciphers during static linking
|
|
|
|
*/
|
|
|
|
#ifndef OPENSSL_NO_AUTOALGINIT
|
2018-12-13 07:32:57 +08:00
|
|
|
OSSL_TRACE(INIT, "openssl_add_all_ciphers_int()\n");
|
2016-04-12 19:20:16 +08:00
|
|
|
openssl_add_all_ciphers_int();
|
2016-02-09 19:26:14 +08:00
|
|
|
#endif
|
2016-07-20 01:42:11 +08:00
|
|
|
return 1;
|
2016-02-09 19:26:14 +08:00
|
|
|
}
|
|
|
|
|
2018-11-20 23:32:55 +08:00
|
|
|
DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_add_all_ciphers,
|
|
|
|
ossl_init_add_all_ciphers)
|
|
|
|
{
|
|
|
|
/* Do nothing */
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
2016-03-02 22:51:00 +08:00
|
|
|
static CRYPTO_ONCE add_all_digests = CRYPTO_ONCE_STATIC_INIT;
|
2016-07-20 01:42:11 +08:00
|
|
|
DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_digests)
|
2016-02-09 19:26:14 +08:00
|
|
|
{
|
|
|
|
/*
|
|
|
|
* OPENSSL_NO_AUTOALGINIT is provided here to prevent at compile time
|
|
|
|
* pulling in all the ciphers during static linking
|
|
|
|
*/
|
|
|
|
#ifndef OPENSSL_NO_AUTOALGINIT
|
2018-12-13 07:32:57 +08:00
|
|
|
OSSL_TRACE(INIT, "openssl_add_all_digests()\n");
|
2016-04-12 19:20:16 +08:00
|
|
|
openssl_add_all_digests_int();
|
2016-02-09 19:26:14 +08:00
|
|
|
#endif
|
2016-07-20 01:42:11 +08:00
|
|
|
return 1;
|
2016-02-09 19:26:14 +08:00
|
|
|
}
|
|
|
|
|
2018-11-20 23:32:55 +08:00
|
|
|
DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_add_all_digests,
|
|
|
|
ossl_init_add_all_digests)
|
|
|
|
{
|
|
|
|
/* Do nothing */
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
2018-10-25 00:34:53 +08:00
|
|
|
static CRYPTO_ONCE add_all_macs = CRYPTO_ONCE_STATIC_INIT;
|
|
|
|
DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_macs)
|
|
|
|
{
|
|
|
|
/*
|
|
|
|
* OPENSSL_NO_AUTOALGINIT is provided here to prevent at compile time
|
|
|
|
* pulling in all the macs during static linking
|
|
|
|
*/
|
|
|
|
#ifndef OPENSSL_NO_AUTOALGINIT
|
2018-12-13 07:32:57 +08:00
|
|
|
OSSL_TRACE(INIT, "openssl_add_all_macs_int()\n");
|
2018-10-25 00:34:53 +08:00
|
|
|
openssl_add_all_macs_int();
|
|
|
|
#endif
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
2018-11-20 23:32:55 +08:00
|
|
|
DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_add_all_macs, ossl_init_add_all_macs)
|
2016-02-09 19:26:14 +08:00
|
|
|
{
|
|
|
|
/* Do nothing */
|
2016-07-20 01:42:11 +08:00
|
|
|
return 1;
|
2016-02-09 19:26:14 +08:00
|
|
|
}
|
|
|
|
|
2016-03-02 22:51:00 +08:00
|
|
|
static CRYPTO_ONCE config = CRYPTO_ONCE_STATIC_INIT;
|
2016-02-09 19:26:14 +08:00
|
|
|
static int config_inited = 0;
|
2019-01-01 15:53:24 +08:00
|
|
|
static const OPENSSL_INIT_SETTINGS *conf_settings = NULL;
|
2016-07-20 01:42:11 +08:00
|
|
|
DEFINE_RUN_ONCE_STATIC(ossl_init_config)
|
2016-02-09 19:26:14 +08:00
|
|
|
{
|
2019-01-01 15:53:24 +08:00
|
|
|
int ret = openssl_config_int(conf_settings);
|
2016-02-09 19:26:14 +08:00
|
|
|
config_inited = 1;
|
2019-01-01 15:53:24 +08:00
|
|
|
return ret;
|
2016-02-09 19:26:14 +08:00
|
|
|
}
|
2018-11-20 23:32:55 +08:00
|
|
|
DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_config, ossl_init_config)
|
2016-02-09 19:26:14 +08:00
|
|
|
{
|
2018-12-13 07:32:57 +08:00
|
|
|
OSSL_TRACE(INIT, "openssl_no_config_int()\n");
|
2016-04-12 19:20:16 +08:00
|
|
|
openssl_no_config_int();
|
2016-02-09 19:26:14 +08:00
|
|
|
config_inited = 1;
|
2016-07-20 01:42:11 +08:00
|
|
|
return 1;
|
2016-02-09 19:26:14 +08:00
|
|
|
}
|
|
|
|
|
2016-03-02 22:51:00 +08:00
|
|
|
static CRYPTO_ONCE async = CRYPTO_ONCE_STATIC_INIT;
|
2016-02-09 19:26:14 +08:00
|
|
|
static int async_inited = 0;
|
2016-07-20 01:42:11 +08:00
|
|
|
DEFINE_RUN_ONCE_STATIC(ossl_init_async)
|
2016-02-09 19:26:14 +08:00
|
|
|
{
|
2018-12-13 07:32:57 +08:00
|
|
|
OSSL_TRACE(INIT, "async_init()\n");
|
2016-07-20 01:42:11 +08:00
|
|
|
if (!async_init())
|
|
|
|
return 0;
|
2016-02-09 19:26:14 +08:00
|
|
|
async_inited = 1;
|
2016-07-20 01:42:11 +08:00
|
|
|
return 1;
|
2016-02-09 19:26:14 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
#ifndef OPENSSL_NO_ENGINE
|
2016-03-02 22:51:00 +08:00
|
|
|
static CRYPTO_ONCE engine_openssl = CRYPTO_ONCE_STATIC_INIT;
|
2016-07-20 01:42:11 +08:00
|
|
|
DEFINE_RUN_ONCE_STATIC(ossl_init_engine_openssl)
|
2016-02-09 19:26:14 +08:00
|
|
|
{
|
2018-12-13 07:32:57 +08:00
|
|
|
OSSL_TRACE(INIT, "engine_load_openssl_int()\n");
|
2016-04-12 19:20:16 +08:00
|
|
|
engine_load_openssl_int();
|
2016-07-20 01:42:11 +08:00
|
|
|
return 1;
|
2016-02-09 19:26:14 +08:00
|
|
|
}
|
|
|
|
# ifndef OPENSSL_NO_RDRAND
|
2016-03-02 22:51:00 +08:00
|
|
|
static CRYPTO_ONCE engine_rdrand = CRYPTO_ONCE_STATIC_INIT;
|
2016-07-20 01:42:11 +08:00
|
|
|
DEFINE_RUN_ONCE_STATIC(ossl_init_engine_rdrand)
|
2016-02-09 19:26:14 +08:00
|
|
|
{
|
2018-12-13 07:32:57 +08:00
|
|
|
OSSL_TRACE(INIT, "engine_load_rdrand_int()\n");
|
2016-04-12 19:20:16 +08:00
|
|
|
engine_load_rdrand_int();
|
2016-07-20 01:42:11 +08:00
|
|
|
return 1;
|
2016-02-09 19:26:14 +08:00
|
|
|
}
|
|
|
|
# endif
|
2016-03-02 22:51:00 +08:00
|
|
|
static CRYPTO_ONCE engine_dynamic = CRYPTO_ONCE_STATIC_INIT;
|
2016-07-20 01:42:11 +08:00
|
|
|
DEFINE_RUN_ONCE_STATIC(ossl_init_engine_dynamic)
|
2016-02-09 19:26:14 +08:00
|
|
|
{
|
2018-12-13 07:32:57 +08:00
|
|
|
OSSL_TRACE(INIT, "engine_load_dynamic_int()\n");
|
2016-04-12 19:20:16 +08:00
|
|
|
engine_load_dynamic_int();
|
2016-07-20 01:42:11 +08:00
|
|
|
return 1;
|
2016-02-09 19:26:14 +08:00
|
|
|
}
|
|
|
|
# ifndef OPENSSL_NO_STATIC_ENGINE
|
2018-11-06 20:57:03 +08:00
|
|
|
# ifndef OPENSSL_NO_DEVCRYPTOENG
|
|
|
|
static CRYPTO_ONCE engine_devcrypto = CRYPTO_ONCE_STATIC_INIT;
|
|
|
|
DEFINE_RUN_ONCE_STATIC(ossl_init_engine_devcrypto)
|
|
|
|
{
|
2018-12-13 07:32:57 +08:00
|
|
|
OSSL_TRACE(INIT, "engine_load_devcrypto_int()\n");
|
2018-11-06 20:57:03 +08:00
|
|
|
engine_load_devcrypto_int();
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
# endif
|
2019-03-01 20:18:11 +08:00
|
|
|
# if !defined(OPENSSL_NO_PADLOCKENG)
|
2016-03-02 22:51:00 +08:00
|
|
|
static CRYPTO_ONCE engine_padlock = CRYPTO_ONCE_STATIC_INIT;
|
2016-07-20 01:42:11 +08:00
|
|
|
DEFINE_RUN_ONCE_STATIC(ossl_init_engine_padlock)
|
2016-02-09 19:26:14 +08:00
|
|
|
{
|
2018-12-13 07:32:57 +08:00
|
|
|
OSSL_TRACE(INIT, "engine_load_padlock_int()\n");
|
2016-04-12 19:20:16 +08:00
|
|
|
engine_load_padlock_int();
|
2016-07-20 01:42:11 +08:00
|
|
|
return 1;
|
2016-02-09 19:26:14 +08:00
|
|
|
}
|
|
|
|
# endif
|
|
|
|
# if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG)
|
2016-03-02 22:51:00 +08:00
|
|
|
static CRYPTO_ONCE engine_capi = CRYPTO_ONCE_STATIC_INIT;
|
2016-07-20 01:42:11 +08:00
|
|
|
DEFINE_RUN_ONCE_STATIC(ossl_init_engine_capi)
|
2016-02-09 19:26:14 +08:00
|
|
|
{
|
2018-12-13 07:32:57 +08:00
|
|
|
OSSL_TRACE(INIT, "engine_load_capi_int()\n");
|
2016-04-12 19:20:16 +08:00
|
|
|
engine_load_capi_int();
|
2016-07-20 01:42:11 +08:00
|
|
|
return 1;
|
2016-02-09 19:26:14 +08:00
|
|
|
}
|
|
|
|
# endif
|
2016-02-23 16:01:01 +08:00
|
|
|
# if !defined(OPENSSL_NO_AFALGENG)
|
2016-03-15 21:06:34 +08:00
|
|
|
static CRYPTO_ONCE engine_afalg = CRYPTO_ONCE_STATIC_INIT;
|
2016-07-20 01:42:11 +08:00
|
|
|
DEFINE_RUN_ONCE_STATIC(ossl_init_engine_afalg)
|
2016-02-23 16:01:01 +08:00
|
|
|
{
|
2018-12-13 07:32:57 +08:00
|
|
|
OSSL_TRACE(INIT, "engine_load_afalg_int()\n");
|
2016-04-12 19:20:16 +08:00
|
|
|
engine_load_afalg_int();
|
2016-07-20 01:42:11 +08:00
|
|
|
return 1;
|
2016-02-23 16:01:01 +08:00
|
|
|
}
|
|
|
|
# endif
|
2016-02-09 19:26:14 +08:00
|
|
|
# endif
|
|
|
|
#endif
|
|
|
|
|
2016-03-12 04:13:19 +08:00
|
|
|
#ifndef OPENSSL_NO_COMP
|
2016-03-02 22:51:00 +08:00
|
|
|
static CRYPTO_ONCE zlib = CRYPTO_ONCE_STATIC_INIT;
|
2016-03-12 04:13:19 +08:00
|
|
|
|
2016-02-09 19:26:14 +08:00
|
|
|
static int zlib_inited = 0;
|
2016-07-20 01:42:11 +08:00
|
|
|
DEFINE_RUN_ONCE_STATIC(ossl_init_zlib)
|
2016-02-09 19:26:14 +08:00
|
|
|
{
|
|
|
|
/* Do nothing - we need to know about this for the later cleanup */
|
|
|
|
zlib_inited = 1;
|
2016-07-20 01:42:11 +08:00
|
|
|
return 1;
|
2016-02-09 19:26:14 +08:00
|
|
|
}
|
2016-03-12 04:13:19 +08:00
|
|
|
#endif
|
2016-02-09 19:26:14 +08:00
|
|
|
|
2016-02-09 17:13:45 +08:00
|
|
|
static void ossl_init_thread_stop(struct thread_local_inits_st *locals)
|
2016-02-09 19:26:14 +08:00
|
|
|
{
|
|
|
|
/* Can't do much about this */
|
|
|
|
if (locals == NULL)
|
|
|
|
return;
|
|
|
|
|
|
|
|
if (locals->async) {
|
2018-12-13 07:32:57 +08:00
|
|
|
OSSL_TRACE(INIT, "async_delete_thread_state()\n");
|
2018-04-27 00:39:51 +08:00
|
|
|
async_delete_thread_state();
|
2016-02-09 19:26:14 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
if (locals->err_state) {
|
2018-12-13 07:32:57 +08:00
|
|
|
OSSL_TRACE(INIT, "err_delete_thread_state()\n");
|
2016-05-08 23:01:09 +08:00
|
|
|
err_delete_thread_state();
|
2016-02-09 19:26:14 +08:00
|
|
|
}
|
|
|
|
|
2018-03-08 02:25:55 +08:00
|
|
|
if (locals->rand) {
|
2018-12-13 07:32:57 +08:00
|
|
|
OSSL_TRACE(INIT, "drbg_delete_thread_state()\n");
|
2018-03-08 02:25:55 +08:00
|
|
|
drbg_delete_thread_state();
|
|
|
|
}
|
|
|
|
|
2016-02-09 19:26:14 +08:00
|
|
|
OPENSSL_free(locals);
|
|
|
|
}
|
|
|
|
|
2016-02-10 00:52:40 +08:00
|
|
|
void OPENSSL_thread_stop(void)
|
2016-02-09 17:13:45 +08:00
|
|
|
{
|
2018-08-16 15:26:12 +08:00
|
|
|
if (destructor_key.sane != -1)
|
2018-07-20 19:23:42 +08:00
|
|
|
ossl_init_thread_stop(ossl_init_get_thread_local(0));
|
2016-02-09 17:13:45 +08:00
|
|
|
}
|
|
|
|
|
2016-02-09 19:26:14 +08:00
|
|
|
int ossl_init_thread_start(uint64_t opts)
|
|
|
|
{
|
2017-06-19 19:33:41 +08:00
|
|
|
struct thread_local_inits_st *locals;
|
|
|
|
|
|
|
|
if (!OPENSSL_init_crypto(0, NULL))
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
locals = ossl_init_get_thread_local(1);
|
2016-02-09 19:26:14 +08:00
|
|
|
|
|
|
|
if (locals == NULL)
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
if (opts & OPENSSL_INIT_THREAD_ASYNC) {
|
2018-12-13 07:32:57 +08:00
|
|
|
OSSL_TRACE(INIT,
|
|
|
|
"ossl_init_thread_start: "
|
|
|
|
"marking thread for async\n");
|
2016-02-09 19:26:14 +08:00
|
|
|
locals->async = 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (opts & OPENSSL_INIT_THREAD_ERR_STATE) {
|
2018-12-13 07:32:57 +08:00
|
|
|
OSSL_TRACE(INIT,
|
|
|
|
"ossl_init_thread_start: "
|
|
|
|
"marking thread for err_state\n");
|
2016-02-09 19:26:14 +08:00
|
|
|
locals->err_state = 1;
|
|
|
|
}
|
|
|
|
|
2018-03-08 02:25:55 +08:00
|
|
|
if (opts & OPENSSL_INIT_THREAD_RAND) {
|
2018-12-13 07:32:57 +08:00
|
|
|
OSSL_TRACE(INIT,
|
|
|
|
"ossl_init_thread_start: "
|
|
|
|
"marking thread for rand\n");
|
2018-03-08 02:25:55 +08:00
|
|
|
locals->rand = 1;
|
|
|
|
}
|
|
|
|
|
2016-02-09 19:26:14 +08:00
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
2016-02-10 00:52:40 +08:00
|
|
|
void OPENSSL_cleanup(void)
|
2016-02-09 19:26:14 +08:00
|
|
|
{
|
|
|
|
OPENSSL_INIT_STOP *currhandler, *lasthandler;
|
2018-07-20 19:23:42 +08:00
|
|
|
CRYPTO_THREAD_LOCAL key;
|
2016-02-09 19:26:14 +08:00
|
|
|
|
2019-05-02 20:42:31 +08:00
|
|
|
/*
|
|
|
|
* TODO(3.0): This function needs looking at with a view to moving most/all
|
|
|
|
* of this into onfree handlers in OPENSSL_CTX.
|
|
|
|
*/
|
|
|
|
|
2016-02-10 17:47:51 +08:00
|
|
|
/* If we've not been inited then no need to deinit */
|
|
|
|
if (!base_inited)
|
|
|
|
return;
|
|
|
|
|
2016-02-10 13:39:29 +08:00
|
|
|
/* Might be explicitly called and also by atexit */
|
|
|
|
if (stopped)
|
|
|
|
return;
|
|
|
|
stopped = 1;
|
|
|
|
|
2016-02-09 19:26:14 +08:00
|
|
|
/*
|
|
|
|
* Thread stop may not get automatically called by the thread library for
|
|
|
|
* the very last thread in some situations, so call it directly.
|
|
|
|
*/
|
|
|
|
ossl_init_thread_stop(ossl_init_get_thread_local(0));
|
|
|
|
|
|
|
|
currhandler = stop_handlers;
|
|
|
|
while (currhandler != NULL) {
|
|
|
|
currhandler->handler();
|
|
|
|
lasthandler = currhandler;
|
|
|
|
currhandler = currhandler->next;
|
|
|
|
OPENSSL_free(lasthandler);
|
|
|
|
}
|
|
|
|
stop_handlers = NULL;
|
2016-03-07 22:39:22 +08:00
|
|
|
|
|
|
|
CRYPTO_THREAD_lock_free(init_lock);
|
2018-01-26 23:32:40 +08:00
|
|
|
init_lock = NULL;
|
2016-03-07 22:39:22 +08:00
|
|
|
|
2016-02-09 19:26:14 +08:00
|
|
|
/*
|
|
|
|
* We assume we are single-threaded for this function, i.e. no race
|
|
|
|
* conditions for the various "*_inited" vars below.
|
|
|
|
*/
|
|
|
|
|
2016-03-12 04:13:19 +08:00
|
|
|
#ifndef OPENSSL_NO_COMP
|
2016-02-09 19:26:14 +08:00
|
|
|
if (zlib_inited) {
|
2018-12-13 07:32:57 +08:00
|
|
|
OSSL_TRACE(INIT, "OPENSSL_cleanup: comp_zlib_cleanup_int()\n");
|
2016-04-12 19:20:16 +08:00
|
|
|
comp_zlib_cleanup_int();
|
2016-02-09 19:26:14 +08:00
|
|
|
}
|
2016-03-12 04:13:19 +08:00
|
|
|
#endif
|
2016-02-09 19:26:14 +08:00
|
|
|
|
2016-03-03 00:52:43 +08:00
|
|
|
if (async_inited) {
|
2018-12-13 07:32:57 +08:00
|
|
|
OSSL_TRACE(INIT, "OPENSSL_cleanup: async_deinit()\n");
|
2016-03-03 00:52:43 +08:00
|
|
|
async_deinit();
|
|
|
|
}
|
|
|
|
|
2016-02-09 19:26:14 +08:00
|
|
|
if (load_crypto_strings_inited) {
|
2018-12-13 07:32:57 +08:00
|
|
|
OSSL_TRACE(INIT, "OPENSSL_cleanup: err_free_strings_int()\n");
|
2016-04-12 19:20:16 +08:00
|
|
|
err_free_strings_int();
|
2016-02-09 19:26:14 +08:00
|
|
|
}
|
|
|
|
|
2018-08-16 15:26:12 +08:00
|
|
|
key = destructor_key.value;
|
|
|
|
destructor_key.sane = -1;
|
2018-07-20 19:23:42 +08:00
|
|
|
CRYPTO_THREAD_cleanup_local(&key);
|
2016-02-18 20:24:09 +08:00
|
|
|
|
2016-03-14 18:34:59 +08:00
|
|
|
/*
|
|
|
|
* Note that cleanup order is important:
|
2016-04-13 19:11:59 +08:00
|
|
|
* - rand_cleanup_int could call an ENGINE's RAND cleanup function so
|
2016-04-12 19:20:16 +08:00
|
|
|
* must be called before engine_cleanup_int()
|
2016-03-14 18:34:59 +08:00
|
|
|
* - ENGINEs use CRYPTO_EX_DATA and therefore, must be cleaned up
|
2019-05-01 18:02:43 +08:00
|
|
|
* before the ex data handlers are wiped during default openssl_ctx deinit.
|
2016-04-12 19:20:16 +08:00
|
|
|
* - conf_modules_free_int() can end up in ENGINE code so must be called
|
|
|
|
* before engine_cleanup_int()
|
2016-04-13 19:11:59 +08:00
|
|
|
* - ENGINEs and additional EVP algorithms might use added OIDs names so
|
|
|
|
* obj_cleanup_int() must be called last
|
2016-03-14 18:34:59 +08:00
|
|
|
*/
|
2018-12-13 07:32:57 +08:00
|
|
|
OSSL_TRACE(INIT, "OPENSSL_cleanup: rand_cleanup_int()\n");
|
2016-04-12 19:20:16 +08:00
|
|
|
rand_cleanup_int();
|
2018-12-13 07:32:57 +08:00
|
|
|
|
|
|
|
OSSL_TRACE(INIT, "OPENSSL_cleanup: rand_drbg_cleanup_int()\n");
|
2017-09-01 05:16:22 +08:00
|
|
|
rand_drbg_cleanup_int();
|
2018-12-13 07:32:57 +08:00
|
|
|
|
|
|
|
OSSL_TRACE(INIT, "OPENSSL_cleanup: conf_modules_free_int()\n");
|
2016-04-12 19:20:16 +08:00
|
|
|
conf_modules_free_int();
|
2019-05-01 18:02:43 +08:00
|
|
|
|
2016-03-11 17:52:52 +08:00
|
|
|
#ifndef OPENSSL_NO_ENGINE
|
2018-12-13 07:32:57 +08:00
|
|
|
OSSL_TRACE(INIT, "OPENSSL_cleanup: engine_cleanup_int()\n");
|
2016-04-12 19:20:16 +08:00
|
|
|
engine_cleanup_int();
|
2016-03-11 17:52:52 +08:00
|
|
|
#endif
|
2018-12-13 07:32:57 +08:00
|
|
|
OSSL_TRACE(INIT, "OPENSSL_cleanup: ossl_store_cleanup_int()\n");
|
2016-12-08 22:51:31 +08:00
|
|
|
ossl_store_cleanup_int();
|
2018-12-13 07:32:57 +08:00
|
|
|
|
2019-05-01 18:02:43 +08:00
|
|
|
OSSL_TRACE(INIT, "OPENSSL_cleanup: openssl_ctx_default_deinit()\n");
|
|
|
|
openssl_ctx_default_deinit();
|
2018-12-13 07:32:57 +08:00
|
|
|
|
|
|
|
OSSL_TRACE(INIT, "OPENSSL_cleanup: bio_cleanup()\n");
|
2016-03-12 05:53:18 +08:00
|
|
|
bio_cleanup();
|
2018-12-13 07:32:57 +08:00
|
|
|
|
|
|
|
OSSL_TRACE(INIT, "OPENSSL_cleanup: evp_cleanup_int()\n");
|
2016-04-12 19:20:16 +08:00
|
|
|
evp_cleanup_int();
|
2018-12-13 07:32:57 +08:00
|
|
|
|
|
|
|
OSSL_TRACE(INIT, "OPENSSL_cleanup: obj_cleanup_int()\n");
|
2016-04-12 19:20:16 +08:00
|
|
|
obj_cleanup_int();
|
2018-12-13 07:32:57 +08:00
|
|
|
|
|
|
|
OSSL_TRACE(INIT, "OPENSSL_cleanup: err_int()\n");
|
2016-03-12 05:53:18 +08:00
|
|
|
err_cleanup();
|
|
|
|
|
2018-12-13 07:32:57 +08:00
|
|
|
OSSL_TRACE(INIT, "OPENSSL_cleanup: CRYPTO_secure_malloc_done()\n");
|
2018-02-12 09:37:27 +08:00
|
|
|
CRYPTO_secure_malloc_done();
|
|
|
|
|
2018-12-13 07:32:57 +08:00
|
|
|
OSSL_TRACE(INIT, "OPENSSL_cleanup: ossl_trace_cleanup()\n");
|
|
|
|
ossl_trace_cleanup();
|
|
|
|
|
2016-02-10 17:47:51 +08:00
|
|
|
base_inited = 0;
|
2016-02-09 19:26:14 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If this function is called with a non NULL settings value then it must be
|
|
|
|
* called prior to any threads making calls to any OpenSSL functions,
|
|
|
|
* i.e. passing a non-null settings value is assumed to be single-threaded.
|
|
|
|
*/
|
2016-02-10 21:59:15 +08:00
|
|
|
int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings)
|
2016-02-09 19:26:14 +08:00
|
|
|
{
|
2019-05-02 20:42:31 +08:00
|
|
|
/*
|
|
|
|
* TODO(3.0): This function needs looking at with a view to moving most/all
|
|
|
|
* of this into OPENSSL_CTX.
|
|
|
|
*/
|
|
|
|
|
2016-02-10 23:16:06 +08:00
|
|
|
if (stopped) {
|
2018-04-20 21:45:06 +08:00
|
|
|
if (!(opts & OPENSSL_INIT_BASE_ONLY))
|
|
|
|
CRYPTOerr(CRYPTO_F_OPENSSL_INIT_CRYPTO, ERR_R_INIT_FAIL);
|
2016-02-10 21:59:15 +08:00
|
|
|
return 0;
|
2016-02-10 23:16:06 +08:00
|
|
|
}
|
2016-02-10 13:39:29 +08:00
|
|
|
|
2019-01-01 15:53:24 +08:00
|
|
|
/*
|
|
|
|
* When the caller specifies OPENSSL_INIT_BASE_ONLY, that should be the
|
|
|
|
* *only* option specified. With that option we return immediately after
|
|
|
|
* doing the requested limited initialization. Note that
|
|
|
|
* err_shelve_state() called by us via ossl_init_load_crypto_nodelete()
|
|
|
|
* re-enters OPENSSL_init_crypto() with OPENSSL_INIT_BASE_ONLY, but with
|
|
|
|
* base already initialized this is a harmless NOOP.
|
|
|
|
*
|
|
|
|
* If we remain the only caller of err_shelve_state() the recursion should
|
|
|
|
* perhaps be removed, but if in doubt, it can be left in place.
|
|
|
|
*/
|
2018-04-20 21:45:06 +08:00
|
|
|
if (!RUN_ONCE(&base, ossl_init_base))
|
|
|
|
return 0;
|
|
|
|
|
2019-01-01 15:53:24 +08:00
|
|
|
if (opts & OPENSSL_INIT_BASE_ONLY)
|
|
|
|
return 1;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Now we don't always set up exit handlers, the INIT_BASE_ONLY calls
|
|
|
|
* should not have the side-effect of setting up exit handlers, and
|
|
|
|
* therefore, this code block is below the INIT_BASE_ONLY-conditioned early
|
|
|
|
* return above.
|
|
|
|
*/
|
2018-11-16 00:27:34 +08:00
|
|
|
if ((opts & OPENSSL_INIT_NO_ATEXIT) != 0) {
|
|
|
|
if (!RUN_ONCE_ALT(®ister_atexit, ossl_init_no_register_atexit,
|
|
|
|
ossl_init_register_atexit))
|
|
|
|
return 0;
|
|
|
|
} else if (!RUN_ONCE(®ister_atexit, ossl_init_register_atexit)) {
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2019-01-01 15:53:24 +08:00
|
|
|
if (!RUN_ONCE(&load_crypto_nodelete, ossl_init_load_crypto_nodelete))
|
2016-03-02 22:51:00 +08:00
|
|
|
return 0;
|
2016-02-09 19:26:14 +08:00
|
|
|
|
2016-03-02 22:51:00 +08:00
|
|
|
if ((opts & OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS)
|
2018-11-20 23:32:55 +08:00
|
|
|
&& !RUN_ONCE_ALT(&load_crypto_strings,
|
|
|
|
ossl_init_no_load_crypto_strings,
|
|
|
|
ossl_init_load_crypto_strings))
|
2016-03-02 22:51:00 +08:00
|
|
|
return 0;
|
2016-02-09 19:26:14 +08:00
|
|
|
|
2016-03-02 22:51:00 +08:00
|
|
|
if ((opts & OPENSSL_INIT_LOAD_CRYPTO_STRINGS)
|
2016-07-20 01:42:11 +08:00
|
|
|
&& !RUN_ONCE(&load_crypto_strings, ossl_init_load_crypto_strings))
|
2016-03-02 22:51:00 +08:00
|
|
|
return 0;
|
2016-02-09 19:26:14 +08:00
|
|
|
|
2016-03-02 22:51:00 +08:00
|
|
|
if ((opts & OPENSSL_INIT_NO_ADD_ALL_CIPHERS)
|
2018-11-20 23:32:55 +08:00
|
|
|
&& !RUN_ONCE_ALT(&add_all_ciphers, ossl_init_no_add_all_ciphers,
|
|
|
|
ossl_init_add_all_ciphers))
|
2016-03-02 22:51:00 +08:00
|
|
|
return 0;
|
2016-02-09 19:26:14 +08:00
|
|
|
|
2016-03-02 22:51:00 +08:00
|
|
|
if ((opts & OPENSSL_INIT_ADD_ALL_CIPHERS)
|
2016-07-20 01:42:11 +08:00
|
|
|
&& !RUN_ONCE(&add_all_ciphers, ossl_init_add_all_ciphers))
|
2016-03-02 22:51:00 +08:00
|
|
|
return 0;
|
2016-02-09 19:26:14 +08:00
|
|
|
|
2016-03-02 22:51:00 +08:00
|
|
|
if ((opts & OPENSSL_INIT_NO_ADD_ALL_DIGESTS)
|
2018-11-20 23:32:55 +08:00
|
|
|
&& !RUN_ONCE_ALT(&add_all_digests, ossl_init_no_add_all_digests,
|
|
|
|
ossl_init_add_all_digests))
|
2016-03-02 22:51:00 +08:00
|
|
|
return 0;
|
2016-02-09 19:26:14 +08:00
|
|
|
|
2016-03-02 22:51:00 +08:00
|
|
|
if ((opts & OPENSSL_INIT_ADD_ALL_DIGESTS)
|
2016-07-20 01:42:11 +08:00
|
|
|
&& !RUN_ONCE(&add_all_digests, ossl_init_add_all_digests))
|
2016-03-02 22:51:00 +08:00
|
|
|
return 0;
|
2016-02-09 19:26:14 +08:00
|
|
|
|
2018-10-25 00:34:53 +08:00
|
|
|
if ((opts & OPENSSL_INIT_NO_ADD_ALL_MACS)
|
2018-11-20 23:32:55 +08:00
|
|
|
&& !RUN_ONCE_ALT(&add_all_macs, ossl_init_no_add_all_macs,
|
|
|
|
ossl_init_add_all_macs))
|
2018-10-25 00:34:53 +08:00
|
|
|
return 0;
|
|
|
|
|
|
|
|
if ((opts & OPENSSL_INIT_ADD_ALL_MACS)
|
|
|
|
&& !RUN_ONCE(&add_all_macs, ossl_init_add_all_macs))
|
|
|
|
return 0;
|
|
|
|
|
2017-07-01 01:55:08 +08:00
|
|
|
if ((opts & OPENSSL_INIT_ATFORK)
|
2017-06-23 02:00:06 +08:00
|
|
|
&& !openssl_init_fork_handlers())
|
|
|
|
return 0;
|
|
|
|
|
2016-03-02 22:51:00 +08:00
|
|
|
if ((opts & OPENSSL_INIT_NO_LOAD_CONFIG)
|
2018-11-20 23:32:55 +08:00
|
|
|
&& !RUN_ONCE_ALT(&config, ossl_init_no_config, ossl_init_config))
|
2016-03-02 22:51:00 +08:00
|
|
|
return 0;
|
2016-02-09 19:26:14 +08:00
|
|
|
|
|
|
|
if (opts & OPENSSL_INIT_LOAD_CONFIG) {
|
2016-03-02 22:51:00 +08:00
|
|
|
int ret;
|
2016-03-07 22:39:22 +08:00
|
|
|
CRYPTO_THREAD_write_lock(init_lock);
|
2019-01-01 15:53:24 +08:00
|
|
|
conf_settings = settings;
|
2016-07-20 01:42:11 +08:00
|
|
|
ret = RUN_ONCE(&config, ossl_init_config);
|
2019-01-01 15:53:24 +08:00
|
|
|
conf_settings = NULL;
|
2016-03-07 22:39:22 +08:00
|
|
|
CRYPTO_THREAD_unlock(init_lock);
|
2019-04-05 16:28:32 +08:00
|
|
|
if (ret <= 0)
|
2016-03-02 22:51:00 +08:00
|
|
|
return 0;
|
2016-02-09 19:26:14 +08:00
|
|
|
}
|
|
|
|
|
2016-03-02 22:51:00 +08:00
|
|
|
if ((opts & OPENSSL_INIT_ASYNC)
|
2016-07-20 01:42:11 +08:00
|
|
|
&& !RUN_ONCE(&async, ossl_init_async))
|
2016-03-02 22:51:00 +08:00
|
|
|
return 0;
|
2016-03-18 01:06:28 +08:00
|
|
|
|
2016-02-09 19:26:14 +08:00
|
|
|
#ifndef OPENSSL_NO_ENGINE
|
2016-03-02 22:51:00 +08:00
|
|
|
if ((opts & OPENSSL_INIT_ENGINE_OPENSSL)
|
2016-07-20 01:42:11 +08:00
|
|
|
&& !RUN_ONCE(&engine_openssl, ossl_init_engine_openssl))
|
2016-03-02 22:51:00 +08:00
|
|
|
return 0;
|
2016-02-09 19:26:14 +08:00
|
|
|
# ifndef OPENSSL_NO_RDRAND
|
2016-03-02 22:51:00 +08:00
|
|
|
if ((opts & OPENSSL_INIT_ENGINE_RDRAND)
|
2016-07-20 01:42:11 +08:00
|
|
|
&& !RUN_ONCE(&engine_rdrand, ossl_init_engine_rdrand))
|
2016-03-02 22:51:00 +08:00
|
|
|
return 0;
|
2016-02-09 19:26:14 +08:00
|
|
|
# endif
|
2016-03-02 22:51:00 +08:00
|
|
|
if ((opts & OPENSSL_INIT_ENGINE_DYNAMIC)
|
2016-07-20 01:42:11 +08:00
|
|
|
&& !RUN_ONCE(&engine_dynamic, ossl_init_engine_dynamic))
|
2016-03-02 22:51:00 +08:00
|
|
|
return 0;
|
2016-02-09 19:26:14 +08:00
|
|
|
# ifndef OPENSSL_NO_STATIC_ENGINE
|
2018-11-06 20:57:03 +08:00
|
|
|
# ifndef OPENSSL_NO_DEVCRYPTOENG
|
|
|
|
if ((opts & OPENSSL_INIT_ENGINE_CRYPTODEV)
|
|
|
|
&& !RUN_ONCE(&engine_devcrypto, ossl_init_engine_devcrypto))
|
|
|
|
return 0;
|
|
|
|
# endif
|
2019-03-01 20:18:11 +08:00
|
|
|
# if !defined(OPENSSL_NO_PADLOCKENG)
|
2016-03-02 22:51:00 +08:00
|
|
|
if ((opts & OPENSSL_INIT_ENGINE_PADLOCK)
|
2016-07-20 01:42:11 +08:00
|
|
|
&& !RUN_ONCE(&engine_padlock, ossl_init_engine_padlock))
|
2016-03-02 22:51:00 +08:00
|
|
|
return 0;
|
2016-02-09 19:26:14 +08:00
|
|
|
# endif
|
|
|
|
# if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG)
|
2016-03-02 22:51:00 +08:00
|
|
|
if ((opts & OPENSSL_INIT_ENGINE_CAPI)
|
2016-07-20 01:42:11 +08:00
|
|
|
&& !RUN_ONCE(&engine_capi, ossl_init_engine_capi))
|
2016-03-02 22:51:00 +08:00
|
|
|
return 0;
|
2016-02-09 19:26:14 +08:00
|
|
|
# endif
|
2016-02-23 16:01:01 +08:00
|
|
|
# if !defined(OPENSSL_NO_AFALGENG)
|
2016-03-02 22:51:00 +08:00
|
|
|
if ((opts & OPENSSL_INIT_ENGINE_AFALG)
|
2016-07-20 01:42:11 +08:00
|
|
|
&& !RUN_ONCE(&engine_afalg, ossl_init_engine_afalg))
|
2016-03-02 22:51:00 +08:00
|
|
|
return 0;
|
2016-02-23 16:01:01 +08:00
|
|
|
# endif
|
2016-02-09 19:26:14 +08:00
|
|
|
# endif
|
|
|
|
if (opts & (OPENSSL_INIT_ENGINE_ALL_BUILTIN
|
2016-08-17 21:06:23 +08:00
|
|
|
| OPENSSL_INIT_ENGINE_OPENSSL
|
2016-02-23 16:01:01 +08:00
|
|
|
| OPENSSL_INIT_ENGINE_AFALG)) {
|
2016-02-09 19:26:14 +08:00
|
|
|
ENGINE_register_all_complete();
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
2016-03-12 04:13:19 +08:00
|
|
|
#ifndef OPENSSL_NO_COMP
|
2016-03-02 22:51:00 +08:00
|
|
|
if ((opts & OPENSSL_INIT_ZLIB)
|
2016-07-20 01:42:11 +08:00
|
|
|
&& !RUN_ONCE(&zlib, ossl_init_zlib))
|
2016-03-02 22:51:00 +08:00
|
|
|
return 0;
|
2016-03-12 04:13:19 +08:00
|
|
|
#endif
|
2016-02-10 21:59:15 +08:00
|
|
|
|
|
|
|
return 1;
|
2016-02-09 19:26:14 +08:00
|
|
|
}
|
|
|
|
|
2016-02-10 00:52:40 +08:00
|
|
|
int OPENSSL_atexit(void (*handler)(void))
|
2016-02-09 19:26:14 +08:00
|
|
|
{
|
|
|
|
OPENSSL_INIT_STOP *newhand;
|
|
|
|
|
2019-03-31 22:15:02 +08:00
|
|
|
#if !defined(OPENSSL_USE_NODELETE)\
|
2018-11-16 22:05:14 +08:00
|
|
|
&& !defined(OPENSSL_NO_PINSHARED)
|
2016-10-18 21:13:25 +08:00
|
|
|
{
|
|
|
|
union {
|
|
|
|
void *sym;
|
|
|
|
void (*func)(void);
|
|
|
|
} handlersym;
|
|
|
|
|
|
|
|
handlersym.func = handler;
|
2019-03-27 16:30:47 +08:00
|
|
|
# if defined(DSO_WIN32) && !defined(_WIN32_WCE)
|
2016-10-28 18:03:22 +08:00
|
|
|
{
|
|
|
|
HMODULE handle = NULL;
|
|
|
|
BOOL ret;
|
2016-10-18 21:13:25 +08:00
|
|
|
|
2016-10-28 18:03:22 +08:00
|
|
|
/*
|
|
|
|
* We don't use the DSO route for WIN32 because there is a better
|
|
|
|
* way
|
|
|
|
*/
|
|
|
|
ret = GetModuleHandleEx(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS
|
|
|
|
| GET_MODULE_HANDLE_EX_FLAG_PIN,
|
|
|
|
handlersym.sym, &handle);
|
|
|
|
|
|
|
|
if (!ret)
|
|
|
|
return 0;
|
|
|
|
}
|
2019-03-31 22:15:02 +08:00
|
|
|
# elif !defined(DSO_NONE)
|
2016-10-28 18:03:22 +08:00
|
|
|
/*
|
|
|
|
* Deliberately leak a reference to the handler. This will force the
|
|
|
|
* library/code containing the handler to remain loaded until we run the
|
|
|
|
* atexit handler. If -znodelete has been used then this is
|
2017-08-04 13:10:41 +08:00
|
|
|
* unnecessary.
|
2016-10-28 18:03:22 +08:00
|
|
|
*/
|
|
|
|
{
|
|
|
|
DSO *dso = NULL;
|
|
|
|
|
2017-05-04 19:51:18 +08:00
|
|
|
ERR_set_mark();
|
2016-10-28 18:03:22 +08:00
|
|
|
dso = DSO_dsobyaddr(handlersym.sym, DSO_FLAG_NO_UNLOAD_ON_FREE);
|
2018-03-20 01:37:46 +08:00
|
|
|
/* See same code above in ossl_init_base() for an explanation. */
|
2018-12-13 07:32:57 +08:00
|
|
|
OSSL_TRACE1(INIT,
|
|
|
|
"atexit: obtained DSO reference? %s\n",
|
|
|
|
(dso == NULL ? "No!" : "Yes."));
|
2016-10-28 18:03:22 +08:00
|
|
|
DSO_free(dso);
|
2017-05-04 19:51:18 +08:00
|
|
|
ERR_pop_to_mark();
|
2016-10-28 18:03:22 +08:00
|
|
|
}
|
|
|
|
# endif
|
2016-10-18 21:13:25 +08:00
|
|
|
}
|
2016-10-18 22:11:57 +08:00
|
|
|
#endif
|
2016-10-18 21:13:25 +08:00
|
|
|
|
2018-04-03 23:31:16 +08:00
|
|
|
if ((newhand = OPENSSL_malloc(sizeof(*newhand))) == NULL) {
|
|
|
|
CRYPTOerr(CRYPTO_F_OPENSSL_ATEXIT, ERR_R_MALLOC_FAILURE);
|
2016-02-09 19:26:14 +08:00
|
|
|
return 0;
|
2018-04-03 23:31:16 +08:00
|
|
|
}
|
2016-02-09 19:26:14 +08:00
|
|
|
|
|
|
|
newhand->handler = handler;
|
|
|
|
newhand->next = stop_handlers;
|
|
|
|
stop_handlers = newhand;
|
|
|
|
|
|
|
|
return 1;
|
|
|
|
}
|
2017-06-23 02:00:06 +08:00
|
|
|
|
Revert the crypto "global lock" implementation
Conceptually, this is a squashed version of:
Revert "Address feedback"
This reverts commit 75551e07bd2339dfea06ef1d31d69929e13a4495.
and
Revert "Add CRYPTO_thread_glock_new"
This reverts commit ed6b2c7938ec6f07b15745d4183afc276e74c6dd.
But there were some intervening commits that made neither revert apply
cleanly, so instead do it all as one shot.
The crypto global locks were an attempt to cope with the awkward
POSIX semantics for pthread_atfork(); its documentation (the "RATIONALE"
section) indicates that the expected usage is to have the prefork handler
lock all "global" locks, and the parent and child handlers release those
locks, to ensure that forking happens with a consistent (lock) state.
However, the set of functions available in the child process is limited
to async-signal-safe functions, and pthread_mutex_unlock() is not on
the list of async-signal-safe functions! The only synchronization
primitives that are async-signal-safe are the semaphore primitives,
which are not really appropriate for general-purpose usage.
However, the state consistency problem that the global locks were
attempting to solve is not actually a serious problem, particularly for
OpenSSL. That is, we can consider four cases of forking application
that might use OpenSSL:
(1) Single-threaded, does not call into OpenSSL in the child (e.g.,
the child calls exec() immediately)
For this class of process, no locking is needed at all, since there is
only ever a single thread of execution and the only reentrancy is due to
signal handlers (which are themselves limited to async-signal-safe
operation and should not be doing much work at all).
(2) Single-threaded, calls into OpenSSL after fork()
The application must ensure that it does not fork() with an unexpected
lock held (that is, one that would get unlocked in the parent but
accidentally remain locked in the child and cause deadlock). Since
OpenSSL does not expose any of its internal locks to the application
and the application is single-threaded, the OpenSSL internal locks
will be unlocked for the fork(), and the state will be consistent.
(OpenSSL will need to reseed its PRNG in the child, but that is
an orthogonal issue.) If the application makes use of locks from
libcrypto, proper handling for those locks is the responsibility of
the application, as for any other locking primitive that is available
for application programming.
(3) Multi-threaded, does not call into OpenSSL after fork()
As for (1), the OpenSSL state is only relevant in the parent, so
no particular fork()-related handling is needed. The internal locks
are relevant, but there is no interaction with the child to consider.
(4) Multi-threaded, calls into OpenSSL after fork()
This is the case where the pthread_atfork() hooks to ensure that all
global locks are in a known state across fork() would come into play,
per the above discussion. However, these "calls into OpenSSL after
fork()" are still subject to the restriction to async-signal-safe
functions. Since OpenSSL uses all sorts of locking and libc functions
that are not on the list of safe functions (e.g., malloc()), this
case is not currently usable and is unlikely to ever be usable,
independently of the locking situation. So, there is no need to
go through contortions to attempt to support this case in the one small
area of locking interaction with fork().
In light of the above analysis (thanks @davidben and @achernya), go
back to the simpler implementation that does not need to distinguish
"library-global" locks or to have complicated atfork handling for locks.
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/5089)
2018-01-16 23:49:54 +08:00
|
|
|
#ifdef OPENSSL_SYS_UNIX
|
2017-06-23 02:00:06 +08:00
|
|
|
/*
|
|
|
|
* The following three functions are for OpenSSL developers. This is
|
|
|
|
* where we set/reset state across fork (called via pthread_atfork when
|
|
|
|
* it exists, or manually by the application when it doesn't).
|
|
|
|
*
|
|
|
|
* WARNING! If you put code in either OPENSSL_fork_parent or
|
|
|
|
* OPENSSL_fork_child, you MUST MAKE SURE that they are async-signal-
|
|
|
|
* safe. See this link, for example:
|
|
|
|
* http://man7.org/linux/man-pages/man7/signal-safety.7.html
|
|
|
|
*/
|
|
|
|
|
|
|
|
void OPENSSL_fork_prepare(void)
|
|
|
|
{
|
|
|
|
}
|
|
|
|
|
|
|
|
void OPENSSL_fork_parent(void)
|
|
|
|
{
|
|
|
|
}
|
|
|
|
|
|
|
|
void OPENSSL_fork_child(void)
|
|
|
|
{
|
2017-08-07 06:12:28 +08:00
|
|
|
rand_fork();
|
2017-06-23 02:00:06 +08:00
|
|
|
}
|
|
|
|
#endif
|