]>
Commit | Line | Data |
---|---|---|
b184e3ef | 1 | /* |
72a7a702 | 2 | * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved. |
b184e3ef | 3 | * |
2039c421 RS |
4 | * Licensed under the OpenSSL license (the "License"). You may not use |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
b184e3ef MC |
8 | */ |
9 | ||
07016a8a | 10 | #include "e_os.h" |
0c994d54 | 11 | #include "crypto/cryptlib.h" |
b184e3ef | 12 | #include <openssl/err.h> |
0c994d54 | 13 | #include "crypto/rand.h" |
176db6dc | 14 | #include "internal/bio.h" |
b184e3ef | 15 | #include <openssl/evp.h> |
0c994d54 | 16 | #include "crypto/evp.h" |
176db6dc | 17 | #include "internal/conf.h" |
0c994d54 DMSP |
18 | #include "crypto/async.h" |
19 | #include "crypto/engine.h" | |
176db6dc RS |
20 | #include "internal/comp.h" |
21 | #include "internal/err.h" | |
0c994d54 DMSP |
22 | #include "crypto/err.h" |
23 | #include "crypto/objects.h" | |
b184e3ef | 24 | #include <stdlib.h> |
dd27f16e | 25 | #include <assert.h> |
176db6dc | 26 | #include "internal/thread_once.h" |
0c994d54 | 27 | #include "crypto/dso_conf.h" |
176db6dc | 28 | #include "internal/dso.h" |
0c994d54 | 29 | #include "crypto/store.h" |
dd27f16e RS |
30 | |
31 | static int stopped = 0; | |
b184e3ef | 32 | |
80ae7285 AP |
33 | /* |
34 | * Since per-thread-specific-data destructors are not universally | |
35 | * available, i.e. not on Windows, only below CRYPTO_THREAD_LOCAL key | |
36 | * is assumed to have destructor associated. And then an effort is made | |
37 | * to call this single destructor on non-pthread platform[s]. | |
38 | * | |
39 | * Initial value is "impossible". It is used as guard value to shortcut | |
40 | * destructor for threads terminating before libcrypto is initialized or | |
41 | * after it's de-initialized. Access to the key doesn't have to be | |
42 | * serialized for the said threads, because they didn't use libcrypto | |
a5c83db4 | 43 | * and it doesn't matter if they pick "impossible" or dereference real |
80ae7285 AP |
44 | * key value and pull NULL past initialization in the first thread that |
45 | * intends to use libcrypto. | |
46 | */ | |
0b1319ba AP |
47 | static union { |
48 | long sane; | |
49 | CRYPTO_THREAD_LOCAL value; | |
50 | } destructor_key = { -1 }; | |
71567a6f | 51 | |
80ae7285 | 52 | static void ossl_init_thread_stop(struct thread_local_inits_st *locals); |
b184e3ef | 53 | |
80ae7285 | 54 | static void ossl_init_thread_destructor(void *local) |
b184e3ef MC |
55 | { |
56 | ossl_init_thread_stop((struct thread_local_inits_st *)local); | |
57 | } | |
58 | ||
b7326ea7 | 59 | static struct thread_local_inits_st *ossl_init_get_thread_local(int alloc) |
b184e3ef | 60 | { |
a072ed0c | 61 | struct thread_local_inits_st *local = |
0b1319ba | 62 | CRYPTO_THREAD_get_local(&destructor_key.value); |
b184e3ef | 63 | |
80ae7285 AP |
64 | if (alloc) { |
65 | if (local == NULL | |
66 | && (local = OPENSSL_zalloc(sizeof(*local))) != NULL | |
0b1319ba | 67 | && !CRYPTO_THREAD_set_local(&destructor_key.value, local)) { |
3ac6d5ee BE |
68 | OPENSSL_free(local); |
69 | return NULL; | |
70 | } | |
80ae7285 | 71 | } else { |
0b1319ba | 72 | CRYPTO_THREAD_set_local(&destructor_key.value, NULL); |
b7326ea7 | 73 | } |
b184e3ef MC |
74 | |
75 | return local; | |
76 | } | |
77 | ||
7253fd55 | 78 | typedef struct ossl_init_stop_st OPENSSL_INIT_STOP; |
b184e3ef MC |
79 | struct ossl_init_stop_st { |
80 | void (*handler)(void); | |
81 | OPENSSL_INIT_STOP *next; | |
82 | }; | |
83 | ||
84 | static OPENSSL_INIT_STOP *stop_handlers = NULL; | |
c292b105 | 85 | static CRYPTO_RWLOCK *init_lock = NULL; |
b184e3ef | 86 | |
b1f1e7ae | 87 | static CRYPTO_ONCE base = CRYPTO_ONCE_STATIC_INIT; |
b184e3ef | 88 | static int base_inited = 0; |
c2e4e5d2 | 89 | DEFINE_RUN_ONCE_STATIC(ossl_init_base) |
b184e3ef | 90 | { |
80ae7285 AP |
91 | CRYPTO_THREAD_LOCAL key; |
92 | ||
b184e3ef MC |
93 | #ifdef OPENSSL_INIT_DEBUG |
94 | fprintf(stderr, "OPENSSL_INIT: ossl_init_base: Setting up stop handlers\n"); | |
f7edeced RS |
95 | #endif |
96 | #ifndef OPENSSL_NO_CRYPTO_MDEBUG | |
97 | ossl_malloc_setup_failures(); | |
b184e3ef | 98 | #endif |
80ae7285 | 99 | if (!CRYPTO_THREAD_init_local(&key, ossl_init_thread_destructor)) |
eb2b9892 BE |
100 | return 0; |
101 | if ((init_lock = CRYPTO_THREAD_lock_new()) == NULL) | |
102 | goto err; | |
b184e3ef | 103 | OPENSSL_cpuid_setup(); |
8aa9cf7e | 104 | |
0b1319ba | 105 | destructor_key.value = key; |
b184e3ef | 106 | base_inited = 1; |
eb2b9892 BE |
107 | return 1; |
108 | ||
109 | err: | |
110 | #ifdef OPENSSL_INIT_DEBUG | |
111 | fprintf(stderr, "OPENSSL_INIT: ossl_init_base not ok!\n"); | |
112 | #endif | |
113 | CRYPTO_THREAD_lock_free(init_lock); | |
114 | init_lock = NULL; | |
5836780f | 115 | |
80ae7285 | 116 | CRYPTO_THREAD_cleanup_local(&key); |
eb2b9892 BE |
117 | return 0; |
118 | } | |
119 | ||
c2b3db24 | 120 | static CRYPTO_ONCE register_atexit = CRYPTO_ONCE_STATIC_INIT; |
56806f43 MC |
121 | #if !defined(OPENSSL_SYS_UEFI) && defined(_WIN32) |
122 | static int win32atexit(void) | |
123 | { | |
124 | OPENSSL_cleanup(); | |
125 | return 0; | |
126 | } | |
127 | #endif | |
128 | ||
c2b3db24 MC |
129 | DEFINE_RUN_ONCE_STATIC(ossl_init_register_atexit) |
130 | { | |
56806f43 | 131 | #ifdef OPENSSL_INIT_DEBUG |
c2b3db24 | 132 | fprintf(stderr, "OPENSSL_INIT: ossl_init_register_atexit()\n"); |
56806f43 | 133 | #endif |
c2b3db24 | 134 | #ifndef OPENSSL_SYS_UEFI |
56806f43 MC |
135 | # ifdef _WIN32 |
136 | /* We use _onexit() in preference because it gets called on DLL unload */ | |
137 | if (_onexit(win32atexit) == NULL) | |
138 | return 0; | |
139 | # else | |
c2b3db24 MC |
140 | if (atexit(OPENSSL_cleanup) != 0) |
141 | return 0; | |
56806f43 | 142 | # endif |
c2b3db24 MC |
143 | #endif |
144 | ||
145 | return 1; | |
146 | } | |
147 | ||
148 | DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_register_atexit, | |
149 | ossl_init_register_atexit) | |
150 | { | |
151 | #ifdef OPENSSL_INIT_DEBUG | |
152 | fprintf(stderr, "OPENSSL_INIT: ossl_init_no_register_atexit ok!\n"); | |
153 | #endif | |
154 | /* Do nothing in this case */ | |
155 | return 1; | |
156 | } | |
157 | ||
eb2b9892 BE |
158 | static CRYPTO_ONCE load_crypto_nodelete = CRYPTO_ONCE_STATIC_INIT; |
159 | DEFINE_RUN_ONCE_STATIC(ossl_init_load_crypto_nodelete) | |
160 | { | |
161 | #ifdef OPENSSL_INIT_DEBUG | |
162 | fprintf(stderr, "OPENSSL_INIT: ossl_init_load_crypto_nodelete()\n"); | |
163 | #endif | |
5fba3afa | 164 | #if !defined(OPENSSL_USE_NODELETE) \ |
6b97cc6e | 165 | && !defined(OPENSSL_NO_PINSHARED) |
392c0953 | 166 | # if defined(DSO_WIN32) && !defined(_WIN32_WCE) |
2b59d1be MC |
167 | { |
168 | HMODULE handle = NULL; | |
169 | BOOL ret; | |
170 | ||
171 | /* We don't use the DSO route for WIN32 because there is a better way */ | |
172 | ret = GetModuleHandleEx(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS | |
173 | | GET_MODULE_HANDLE_EX_FLAG_PIN, | |
174 | (void *)&base_inited, &handle); | |
175 | ||
eb2b9892 BE |
176 | # ifdef OPENSSL_INIT_DEBUG |
177 | fprintf(stderr, "OPENSSL_INIT: obtained DSO reference? %s\n", | |
178 | (ret == TRUE ? "No!" : "Yes.")); | |
179 | # endif | |
2b59d1be MC |
180 | return (ret == TRUE) ? 1 : 0; |
181 | } | |
5fba3afa | 182 | # elif !defined(DSO_NONE) |
5836780f MC |
183 | /* |
184 | * Deliberately leak a reference to ourselves. This will force the library | |
689f112d | 185 | * to remain loaded until the atexit() handler is run at process exit. |
5836780f MC |
186 | */ |
187 | { | |
eb2b9892 BE |
188 | DSO *dso; |
189 | void *err; | |
190 | ||
191 | if (!err_shelve_state(&err)) | |
192 | return 0; | |
5836780f MC |
193 | |
194 | dso = DSO_dsobyaddr(&base_inited, DSO_FLAG_NO_UNLOAD_ON_FREE); | |
4af14b7b MK |
195 | # ifdef OPENSSL_INIT_DEBUG |
196 | fprintf(stderr, "OPENSSL_INIT: obtained DSO reference? %s\n", | |
197 | (dso == NULL ? "No!" : "Yes.")); | |
198 | /* | |
199 | * In case of No!, it is uncertain our exit()-handlers can still be | |
200 | * called. After dlclose() the whole library might have been unloaded | |
201 | * already. | |
202 | */ | |
203 | # endif | |
5836780f | 204 | DSO_free(dso); |
eb2b9892 | 205 | err_unshelve_state(err); |
5836780f | 206 | } |
2b59d1be | 207 | # endif |
b6d5ba1a | 208 | #endif |
5836780f | 209 | |
c2e4e5d2 | 210 | return 1; |
b184e3ef MC |
211 | } |
212 | ||
b1f1e7ae | 213 | static CRYPTO_ONCE load_crypto_strings = CRYPTO_ONCE_STATIC_INIT; |
b184e3ef | 214 | static int load_crypto_strings_inited = 0; |
c2e4e5d2 | 215 | DEFINE_RUN_ONCE_STATIC(ossl_init_load_crypto_strings) |
b184e3ef | 216 | { |
69588edb | 217 | int ret = 1; |
498abff0 MC |
218 | /* |
219 | * OPENSSL_NO_AUTOERRINIT is provided here to prevent at compile time | |
220 | * pulling in all the error strings during static linking | |
221 | */ | |
222 | #if !defined(OPENSSL_NO_ERR) && !defined(OPENSSL_NO_AUTOERRINIT) | |
b184e3ef MC |
223 | # ifdef OPENSSL_INIT_DEBUG |
224 | fprintf(stderr, "OPENSSL_INIT: ossl_init_load_crypto_strings: " | |
b3599dbb | 225 | "err_load_crypto_strings_int()\n"); |
b184e3ef | 226 | # endif |
69588edb | 227 | ret = err_load_crypto_strings_int(); |
b184e3ef | 228 | load_crypto_strings_inited = 1; |
bd91e3c8 | 229 | #endif |
69588edb | 230 | return ret; |
b184e3ef MC |
231 | } |
232 | ||
f725fe5b MC |
233 | DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_load_crypto_strings, |
234 | ossl_init_load_crypto_strings) | |
235 | { | |
236 | /* Do nothing in this case */ | |
237 | return 1; | |
238 | } | |
239 | ||
b1f1e7ae | 240 | static CRYPTO_ONCE add_all_ciphers = CRYPTO_ONCE_STATIC_INIT; |
c2e4e5d2 | 241 | DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_ciphers) |
b184e3ef MC |
242 | { |
243 | /* | |
244 | * OPENSSL_NO_AUTOALGINIT is provided here to prevent at compile time | |
245 | * pulling in all the ciphers during static linking | |
246 | */ | |
247 | #ifndef OPENSSL_NO_AUTOALGINIT | |
248 | # ifdef OPENSSL_INIT_DEBUG | |
249 | fprintf(stderr, "OPENSSL_INIT: ossl_init_add_all_ciphers: " | |
b3599dbb | 250 | "openssl_add_all_ciphers_int()\n"); |
b184e3ef | 251 | # endif |
b3599dbb | 252 | openssl_add_all_ciphers_int(); |
b184e3ef | 253 | #endif |
c2e4e5d2 | 254 | return 1; |
b184e3ef MC |
255 | } |
256 | ||
f725fe5b MC |
257 | DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_add_all_ciphers, |
258 | ossl_init_add_all_ciphers) | |
259 | { | |
260 | /* Do nothing */ | |
261 | return 1; | |
262 | } | |
263 | ||
b1f1e7ae | 264 | static CRYPTO_ONCE add_all_digests = CRYPTO_ONCE_STATIC_INIT; |
c2e4e5d2 | 265 | DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_digests) |
b184e3ef MC |
266 | { |
267 | /* | |
268 | * OPENSSL_NO_AUTOALGINIT is provided here to prevent at compile time | |
269 | * pulling in all the ciphers during static linking | |
270 | */ | |
271 | #ifndef OPENSSL_NO_AUTOALGINIT | |
272 | # ifdef OPENSSL_INIT_DEBUG | |
273 | fprintf(stderr, "OPENSSL_INIT: ossl_init_add_all_digests: " | |
b3599dbb | 274 | "openssl_add_all_digests()\n"); |
b184e3ef | 275 | # endif |
b3599dbb | 276 | openssl_add_all_digests_int(); |
b184e3ef | 277 | #endif |
c2e4e5d2 | 278 | return 1; |
b184e3ef MC |
279 | } |
280 | ||
f725fe5b MC |
281 | DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_add_all_digests, |
282 | ossl_init_add_all_digests) | |
b184e3ef MC |
283 | { |
284 | /* Do nothing */ | |
c2e4e5d2 | 285 | return 1; |
b184e3ef MC |
286 | } |
287 | ||
b1f1e7ae | 288 | static CRYPTO_ONCE config = CRYPTO_ONCE_STATIC_INIT; |
b184e3ef | 289 | static int config_inited = 0; |
25eb9299 | 290 | static const OPENSSL_INIT_SETTINGS *conf_settings = NULL; |
c2e4e5d2 | 291 | DEFINE_RUN_ONCE_STATIC(ossl_init_config) |
b184e3ef | 292 | { |
25eb9299 | 293 | int ret = openssl_config_int(conf_settings); |
b184e3ef | 294 | config_inited = 1; |
25eb9299 | 295 | return ret; |
b184e3ef | 296 | } |
f725fe5b | 297 | DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_config, ossl_init_config) |
b184e3ef MC |
298 | { |
299 | #ifdef OPENSSL_INIT_DEBUG | |
300 | fprintf(stderr, | |
b3599dbb | 301 | "OPENSSL_INIT: ossl_init_config: openssl_no_config_int()\n"); |
b184e3ef | 302 | #endif |
b3599dbb | 303 | openssl_no_config_int(); |
b184e3ef | 304 | config_inited = 1; |
c2e4e5d2 | 305 | return 1; |
b184e3ef MC |
306 | } |
307 | ||
b1f1e7ae | 308 | static CRYPTO_ONCE async = CRYPTO_ONCE_STATIC_INIT; |
b184e3ef | 309 | static int async_inited = 0; |
c2e4e5d2 | 310 | DEFINE_RUN_ONCE_STATIC(ossl_init_async) |
b184e3ef MC |
311 | { |
312 | #ifdef OPENSSL_INIT_DEBUG | |
313 | fprintf(stderr, "OPENSSL_INIT: ossl_init_async: async_init()\n"); | |
314 | #endif | |
c2e4e5d2 RL |
315 | if (!async_init()) |
316 | return 0; | |
b184e3ef | 317 | async_inited = 1; |
c2e4e5d2 | 318 | return 1; |
b184e3ef MC |
319 | } |
320 | ||
321 | #ifndef OPENSSL_NO_ENGINE | |
b1f1e7ae | 322 | static CRYPTO_ONCE engine_openssl = CRYPTO_ONCE_STATIC_INIT; |
c2e4e5d2 | 323 | DEFINE_RUN_ONCE_STATIC(ossl_init_engine_openssl) |
b184e3ef MC |
324 | { |
325 | # ifdef OPENSSL_INIT_DEBUG | |
326 | fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_openssl: " | |
b3599dbb | 327 | "engine_load_openssl_int()\n"); |
b184e3ef | 328 | # endif |
b3599dbb | 329 | engine_load_openssl_int(); |
c2e4e5d2 | 330 | return 1; |
b184e3ef | 331 | } |
619eb33a RL |
332 | # ifndef OPENSSL_NO_DEVCRYPTOENG |
333 | static CRYPTO_ONCE engine_devcrypto = CRYPTO_ONCE_STATIC_INIT; | |
334 | DEFINE_RUN_ONCE_STATIC(ossl_init_engine_devcrypto) | |
335 | { | |
336 | # ifdef OPENSSL_INIT_DEBUG | |
337 | fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_devcrypto: " | |
338 | "engine_load_devcrypto_int()\n"); | |
339 | # endif | |
340 | engine_load_devcrypto_int(); | |
341 | return 1; | |
342 | } | |
343 | # endif | |
b184e3ef MC |
344 | |
345 | # ifndef OPENSSL_NO_RDRAND | |
b1f1e7ae | 346 | static CRYPTO_ONCE engine_rdrand = CRYPTO_ONCE_STATIC_INIT; |
c2e4e5d2 | 347 | DEFINE_RUN_ONCE_STATIC(ossl_init_engine_rdrand) |
b184e3ef MC |
348 | { |
349 | # ifdef OPENSSL_INIT_DEBUG | |
350 | fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_rdrand: " | |
b3599dbb | 351 | "engine_load_rdrand_int()\n"); |
b184e3ef | 352 | # endif |
b3599dbb | 353 | engine_load_rdrand_int(); |
c2e4e5d2 | 354 | return 1; |
b184e3ef MC |
355 | } |
356 | # endif | |
b1f1e7ae | 357 | static CRYPTO_ONCE engine_dynamic = CRYPTO_ONCE_STATIC_INIT; |
c2e4e5d2 | 358 | DEFINE_RUN_ONCE_STATIC(ossl_init_engine_dynamic) |
b184e3ef MC |
359 | { |
360 | # ifdef OPENSSL_INIT_DEBUG | |
361 | fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_dynamic: " | |
b3599dbb | 362 | "engine_load_dynamic_int()\n"); |
b184e3ef | 363 | # endif |
b3599dbb | 364 | engine_load_dynamic_int(); |
c2e4e5d2 | 365 | return 1; |
b184e3ef MC |
366 | } |
367 | # ifndef OPENSSL_NO_STATIC_ENGINE | |
368 | # if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_PADLOCK) | |
b1f1e7ae | 369 | static CRYPTO_ONCE engine_padlock = CRYPTO_ONCE_STATIC_INIT; |
c2e4e5d2 | 370 | DEFINE_RUN_ONCE_STATIC(ossl_init_engine_padlock) |
b184e3ef MC |
371 | { |
372 | # ifdef OPENSSL_INIT_DEBUG | |
373 | fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_padlock: " | |
b3599dbb | 374 | "engine_load_padlock_int()\n"); |
b184e3ef | 375 | # endif |
b3599dbb | 376 | engine_load_padlock_int(); |
c2e4e5d2 | 377 | return 1; |
b184e3ef MC |
378 | } |
379 | # endif | |
380 | # if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG) | |
b1f1e7ae | 381 | static CRYPTO_ONCE engine_capi = CRYPTO_ONCE_STATIC_INIT; |
c2e4e5d2 | 382 | DEFINE_RUN_ONCE_STATIC(ossl_init_engine_capi) |
b184e3ef MC |
383 | { |
384 | # ifdef OPENSSL_INIT_DEBUG | |
385 | fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_capi: " | |
b3599dbb | 386 | "engine_load_capi_int()\n"); |
b184e3ef | 387 | # endif |
b3599dbb | 388 | engine_load_capi_int(); |
c2e4e5d2 | 389 | return 1; |
b184e3ef MC |
390 | } |
391 | # endif | |
6cba4a66 | 392 | # if !defined(OPENSSL_NO_AFALGENG) |
a4d8bcf1 | 393 | static CRYPTO_ONCE engine_afalg = CRYPTO_ONCE_STATIC_INIT; |
c2e4e5d2 | 394 | DEFINE_RUN_ONCE_STATIC(ossl_init_engine_afalg) |
6cba4a66 | 395 | { |
396 | # ifdef OPENSSL_INIT_DEBUG | |
397 | fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_afalg: " | |
b3599dbb | 398 | "engine_load_afalg_int()\n"); |
6cba4a66 | 399 | # endif |
b3599dbb | 400 | engine_load_afalg_int(); |
c2e4e5d2 | 401 | return 1; |
6cba4a66 | 402 | } |
403 | # endif | |
b184e3ef MC |
404 | # endif |
405 | #endif | |
406 | ||
e4ad0763 | 407 | #ifndef OPENSSL_NO_COMP |
b1f1e7ae | 408 | static CRYPTO_ONCE zlib = CRYPTO_ONCE_STATIC_INIT; |
e4ad0763 | 409 | |
b184e3ef | 410 | static int zlib_inited = 0; |
c2e4e5d2 | 411 | DEFINE_RUN_ONCE_STATIC(ossl_init_zlib) |
b184e3ef MC |
412 | { |
413 | /* Do nothing - we need to know about this for the later cleanup */ | |
414 | zlib_inited = 1; | |
c2e4e5d2 | 415 | return 1; |
b184e3ef | 416 | } |
e4ad0763 | 417 | #endif |
b184e3ef | 418 | |
71567a6f | 419 | static void ossl_init_thread_stop(struct thread_local_inits_st *locals) |
b184e3ef MC |
420 | { |
421 | /* Can't do much about this */ | |
422 | if (locals == NULL) | |
423 | return; | |
424 | ||
425 | if (locals->async) { | |
426 | #ifdef OPENSSL_INIT_DEBUG | |
427 | fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_stop: " | |
74a8acbd | 428 | "async_delete_thread_state()\n"); |
b184e3ef | 429 | #endif |
74a8acbd | 430 | async_delete_thread_state(); |
b184e3ef MC |
431 | } |
432 | ||
433 | if (locals->err_state) { | |
434 | #ifdef OPENSSL_INIT_DEBUG | |
435 | fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_stop: " | |
21e00174 | 436 | "err_delete_thread_state()\n"); |
b184e3ef | 437 | #endif |
21e00174 | 438 | err_delete_thread_state(); |
b184e3ef MC |
439 | } |
440 | ||
7caf122e KR |
441 | if (locals->rand) { |
442 | #ifdef OPENSSL_INIT_DEBUG | |
443 | fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_stop: " | |
444 | "drbg_delete_thread_state()\n"); | |
445 | #endif | |
446 | drbg_delete_thread_state(); | |
447 | } | |
448 | ||
b184e3ef | 449 | OPENSSL_free(locals); |
b184e3ef MC |
450 | } |
451 | ||
f672aee4 | 452 | void OPENSSL_thread_stop(void) |
71567a6f | 453 | { |
0b1319ba | 454 | if (destructor_key.sane != -1) |
80ae7285 | 455 | ossl_init_thread_stop(ossl_init_get_thread_local(0)); |
71567a6f MC |
456 | } |
457 | ||
b184e3ef MC |
458 | int ossl_init_thread_start(uint64_t opts) |
459 | { | |
3ac6d5ee BE |
460 | struct thread_local_inits_st *locals; |
461 | ||
462 | if (!OPENSSL_init_crypto(0, NULL)) | |
463 | return 0; | |
464 | ||
465 | locals = ossl_init_get_thread_local(1); | |
b184e3ef MC |
466 | |
467 | if (locals == NULL) | |
468 | return 0; | |
469 | ||
470 | if (opts & OPENSSL_INIT_THREAD_ASYNC) { | |
471 | #ifdef OPENSSL_INIT_DEBUG | |
472 | fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_start: " | |
473 | "marking thread for async\n"); | |
474 | #endif | |
475 | locals->async = 1; | |
476 | } | |
477 | ||
478 | if (opts & OPENSSL_INIT_THREAD_ERR_STATE) { | |
479 | #ifdef OPENSSL_INIT_DEBUG | |
480 | fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_start: " | |
481 | "marking thread for err_state\n"); | |
482 | #endif | |
483 | locals->err_state = 1; | |
484 | } | |
485 | ||
7caf122e KR |
486 | if (opts & OPENSSL_INIT_THREAD_RAND) { |
487 | #ifdef OPENSSL_INIT_DEBUG | |
488 | fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_start: " | |
489 | "marking thread for rand\n"); | |
490 | #endif | |
491 | locals->rand = 1; | |
492 | } | |
493 | ||
b184e3ef MC |
494 | return 1; |
495 | } | |
496 | ||
f672aee4 | 497 | void OPENSSL_cleanup(void) |
b184e3ef MC |
498 | { |
499 | OPENSSL_INIT_STOP *currhandler, *lasthandler; | |
80ae7285 | 500 | CRYPTO_THREAD_LOCAL key; |
b184e3ef | 501 | |
deca5df2 MC |
502 | /* If we've not been inited then no need to deinit */ |
503 | if (!base_inited) | |
504 | return; | |
505 | ||
dd27f16e RS |
506 | /* Might be explicitly called and also by atexit */ |
507 | if (stopped) | |
508 | return; | |
509 | stopped = 1; | |
510 | ||
b184e3ef MC |
511 | /* |
512 | * Thread stop may not get automatically called by the thread library for | |
513 | * the very last thread in some situations, so call it directly. | |
514 | */ | |
515 | ossl_init_thread_stop(ossl_init_get_thread_local(0)); | |
516 | ||
517 | currhandler = stop_handlers; | |
518 | while (currhandler != NULL) { | |
519 | currhandler->handler(); | |
520 | lasthandler = currhandler; | |
521 | currhandler = currhandler->next; | |
522 | OPENSSL_free(lasthandler); | |
523 | } | |
524 | stop_handlers = NULL; | |
c292b105 MC |
525 | |
526 | CRYPTO_THREAD_lock_free(init_lock); | |
adeb4bc7 | 527 | init_lock = NULL; |
c292b105 | 528 | |
b184e3ef MC |
529 | /* |
530 | * We assume we are single-threaded for this function, i.e. no race | |
531 | * conditions for the various "*_inited" vars below. | |
532 | */ | |
533 | ||
e4ad0763 | 534 | #ifndef OPENSSL_NO_COMP |
b184e3ef MC |
535 | if (zlib_inited) { |
536 | #ifdef OPENSSL_INIT_DEBUG | |
f672aee4 | 537 | fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " |
b3599dbb | 538 | "comp_zlib_cleanup_int()\n"); |
b184e3ef | 539 | #endif |
b3599dbb | 540 | comp_zlib_cleanup_int(); |
b184e3ef | 541 | } |
e4ad0763 | 542 | #endif |
b184e3ef | 543 | |
ed49f43a MC |
544 | if (async_inited) { |
545 | # ifdef OPENSSL_INIT_DEBUG | |
546 | fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " | |
547 | "async_deinit()\n"); | |
548 | # endif | |
549 | async_deinit(); | |
550 | } | |
ed49f43a | 551 | |
b184e3ef MC |
552 | if (load_crypto_strings_inited) { |
553 | #ifdef OPENSSL_INIT_DEBUG | |
f672aee4 | 554 | fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " |
b3599dbb | 555 | "err_free_strings_int()\n"); |
b184e3ef | 556 | #endif |
b3599dbb | 557 | err_free_strings_int(); |
b184e3ef MC |
558 | } |
559 | ||
0b1319ba AP |
560 | key = destructor_key.value; |
561 | destructor_key.sane = -1; | |
80ae7285 | 562 | CRYPTO_THREAD_cleanup_local(&key); |
6bc7bad0 | 563 | |
b184e3ef | 564 | #ifdef OPENSSL_INIT_DEBUG |
58a8fc25 | 565 | fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " |
b3599dbb | 566 | "rand_cleanup_int()\n"); |
58a8fc25 | 567 | fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " |
b3599dbb | 568 | "conf_modules_free_int()\n"); |
9749a07a | 569 | #ifndef OPENSSL_NO_ENGINE |
ae6412f3 | 570 | fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " |
b3599dbb | 571 | "engine_cleanup_int()\n"); |
9749a07a | 572 | #endif |
58a8fc25 | 573 | fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " |
b3599dbb | 574 | "crypto_cleanup_all_ex_data_int()\n"); |
58a8fc25 | 575 | fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " |
b3599dbb | 576 | "bio_sock_cleanup_int()\n"); |
ff234405 MC |
577 | fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " |
578 | "bio_cleanup()\n"); | |
58a8fc25 | 579 | fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " |
b3599dbb | 580 | "evp_cleanup_int()\n"); |
58a8fc25 | 581 | fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " |
b3599dbb | 582 | "obj_cleanup_int()\n"); |
ff234405 MC |
583 | fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " |
584 | "err_cleanup()\n"); | |
9749a07a | 585 | #endif |
58a8fc25 MC |
586 | /* |
587 | * Note that cleanup order is important: | |
a535fe12 | 588 | * - rand_cleanup_int could call an ENGINE's RAND cleanup function so |
b3599dbb | 589 | * must be called before engine_cleanup_int() |
58a8fc25 MC |
590 | * - ENGINEs use CRYPTO_EX_DATA and therefore, must be cleaned up |
591 | * before the ex data handlers are wiped in CRYPTO_cleanup_all_ex_data(). | |
b3599dbb MC |
592 | * - conf_modules_free_int() can end up in ENGINE code so must be called |
593 | * before engine_cleanup_int() | |
a535fe12 DSH |
594 | * - ENGINEs and additional EVP algorithms might use added OIDs names so |
595 | * obj_cleanup_int() must be called last | |
58a8fc25 | 596 | */ |
b3599dbb | 597 | rand_cleanup_int(); |
c16de9d8 | 598 | rand_drbg_cleanup_int(); |
b3599dbb | 599 | conf_modules_free_int(); |
773fd0ba | 600 | #ifndef OPENSSL_NO_ENGINE |
b3599dbb | 601 | engine_cleanup_int(); |
773fd0ba | 602 | #endif |
71a5516d | 603 | ossl_store_cleanup_int(); |
b3599dbb | 604 | crypto_cleanup_all_ex_data_int(); |
ff234405 | 605 | bio_cleanup(); |
b3599dbb MC |
606 | evp_cleanup_int(); |
607 | obj_cleanup_int(); | |
ff234405 MC |
608 | err_cleanup(); |
609 | ||
d7c402c4 DMSP |
610 | CRYPTO_secure_malloc_done(); |
611 | ||
deca5df2 | 612 | base_inited = 0; |
b184e3ef MC |
613 | } |
614 | ||
b184e3ef MC |
615 | /* |
616 | * If this function is called with a non NULL settings value then it must be | |
617 | * called prior to any threads making calls to any OpenSSL functions, | |
618 | * i.e. passing a non-null settings value is assumed to be single-threaded. | |
619 | */ | |
0fc32b07 | 620 | int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings) |
b184e3ef | 621 | { |
302f7588 | 622 | if (stopped) { |
eb2b9892 BE |
623 | if (!(opts & OPENSSL_INIT_BASE_ONLY)) |
624 | CRYPTOerr(CRYPTO_F_OPENSSL_INIT_CRYPTO, ERR_R_INIT_FAIL); | |
0fc32b07 | 625 | return 0; |
302f7588 | 626 | } |
dd27f16e | 627 | |
25eb9299 VD |
628 | /* |
629 | * When the caller specifies OPENSSL_INIT_BASE_ONLY, that should be the | |
630 | * *only* option specified. With that option we return immediately after | |
631 | * doing the requested limited initialization. Note that | |
632 | * err_shelve_state() called by us via ossl_init_load_crypto_nodelete() | |
633 | * re-enters OPENSSL_init_crypto() with OPENSSL_INIT_BASE_ONLY, but with | |
634 | * base already initialized this is a harmless NOOP. | |
635 | * | |
636 | * If we remain the only caller of err_shelve_state() the recursion should | |
637 | * perhaps be removed, but if in doubt, it can be left in place. | |
638 | */ | |
eb2b9892 BE |
639 | if (!RUN_ONCE(&base, ossl_init_base)) |
640 | return 0; | |
25eb9299 VD |
641 | if (opts & OPENSSL_INIT_BASE_ONLY) |
642 | return 1; | |
eb2b9892 | 643 | |
25eb9299 VD |
644 | /* |
645 | * Now we don't always set up exit handlers, the INIT_BASE_ONLY calls | |
646 | * should not have the side-effect of setting up exit handlers, and | |
647 | * therefore, this code block is below the INIT_BASE_ONLY-conditioned early | |
648 | * return above. | |
649 | */ | |
c2b3db24 MC |
650 | if ((opts & OPENSSL_INIT_NO_ATEXIT) != 0) { |
651 | if (!RUN_ONCE_ALT(®ister_atexit, ossl_init_no_register_atexit, | |
652 | ossl_init_register_atexit)) | |
653 | return 0; | |
654 | } else if (!RUN_ONCE(®ister_atexit, ossl_init_register_atexit)) { | |
655 | return 0; | |
656 | } | |
657 | ||
25eb9299 | 658 | if (!RUN_ONCE(&load_crypto_nodelete, ossl_init_load_crypto_nodelete)) |
b1f1e7ae | 659 | return 0; |
b184e3ef | 660 | |
b1f1e7ae | 661 | if ((opts & OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS) |
f725fe5b MC |
662 | && !RUN_ONCE_ALT(&load_crypto_strings, |
663 | ossl_init_no_load_crypto_strings, | |
664 | ossl_init_load_crypto_strings)) | |
b1f1e7ae | 665 | return 0; |
b184e3ef | 666 | |
b1f1e7ae | 667 | if ((opts & OPENSSL_INIT_LOAD_CRYPTO_STRINGS) |
c2e4e5d2 | 668 | && !RUN_ONCE(&load_crypto_strings, ossl_init_load_crypto_strings)) |
b1f1e7ae | 669 | return 0; |
b184e3ef | 670 | |
b1f1e7ae | 671 | if ((opts & OPENSSL_INIT_NO_ADD_ALL_CIPHERS) |
f725fe5b MC |
672 | && !RUN_ONCE_ALT(&add_all_ciphers, ossl_init_no_add_all_ciphers, |
673 | ossl_init_add_all_ciphers)) | |
b1f1e7ae | 674 | return 0; |
b184e3ef | 675 | |
b1f1e7ae | 676 | if ((opts & OPENSSL_INIT_ADD_ALL_CIPHERS) |
c2e4e5d2 | 677 | && !RUN_ONCE(&add_all_ciphers, ossl_init_add_all_ciphers)) |
b1f1e7ae | 678 | return 0; |
b184e3ef | 679 | |
b1f1e7ae | 680 | if ((opts & OPENSSL_INIT_NO_ADD_ALL_DIGESTS) |
f725fe5b MC |
681 | && !RUN_ONCE_ALT(&add_all_digests, ossl_init_no_add_all_digests, |
682 | ossl_init_add_all_digests)) | |
b1f1e7ae | 683 | return 0; |
b184e3ef | 684 | |
b1f1e7ae | 685 | if ((opts & OPENSSL_INIT_ADD_ALL_DIGESTS) |
c2e4e5d2 | 686 | && !RUN_ONCE(&add_all_digests, ossl_init_add_all_digests)) |
b1f1e7ae | 687 | return 0; |
b184e3ef | 688 | |
b5319bdb | 689 | if ((opts & OPENSSL_INIT_ATFORK) |
2915fe19 RS |
690 | && !openssl_init_fork_handlers()) |
691 | return 0; | |
692 | ||
b1f1e7ae | 693 | if ((opts & OPENSSL_INIT_NO_LOAD_CONFIG) |
f725fe5b | 694 | && !RUN_ONCE_ALT(&config, ossl_init_no_config, ossl_init_config)) |
b1f1e7ae | 695 | return 0; |
b184e3ef MC |
696 | |
697 | if (opts & OPENSSL_INIT_LOAD_CONFIG) { | |
b1f1e7ae | 698 | int ret; |
c292b105 | 699 | CRYPTO_THREAD_write_lock(init_lock); |
25eb9299 | 700 | conf_settings = settings; |
c2e4e5d2 | 701 | ret = RUN_ONCE(&config, ossl_init_config); |
25eb9299 | 702 | conf_settings = NULL; |
c292b105 | 703 | CRYPTO_THREAD_unlock(init_lock); |
b7534359 | 704 | if (ret <= 0) |
b1f1e7ae | 705 | return 0; |
b184e3ef MC |
706 | } |
707 | ||
b1f1e7ae | 708 | if ((opts & OPENSSL_INIT_ASYNC) |
c2e4e5d2 | 709 | && !RUN_ONCE(&async, ossl_init_async)) |
b1f1e7ae | 710 | return 0; |
7626fbf2 | 711 | |
b184e3ef | 712 | #ifndef OPENSSL_NO_ENGINE |
b1f1e7ae | 713 | if ((opts & OPENSSL_INIT_ENGINE_OPENSSL) |
c2e4e5d2 | 714 | && !RUN_ONCE(&engine_openssl, ossl_init_engine_openssl)) |
b1f1e7ae | 715 | return 0; |
619eb33a RL |
716 | # if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_DEVCRYPTOENG) |
717 | if ((opts & OPENSSL_INIT_ENGINE_CRYPTODEV) | |
718 | && !RUN_ONCE(&engine_devcrypto, ossl_init_engine_devcrypto)) | |
719 | return 0; | |
720 | # endif | |
b184e3ef | 721 | # ifndef OPENSSL_NO_RDRAND |
b1f1e7ae | 722 | if ((opts & OPENSSL_INIT_ENGINE_RDRAND) |
c2e4e5d2 | 723 | && !RUN_ONCE(&engine_rdrand, ossl_init_engine_rdrand)) |
b1f1e7ae | 724 | return 0; |
b184e3ef | 725 | # endif |
b1f1e7ae | 726 | if ((opts & OPENSSL_INIT_ENGINE_DYNAMIC) |
c2e4e5d2 | 727 | && !RUN_ONCE(&engine_dynamic, ossl_init_engine_dynamic)) |
b1f1e7ae | 728 | return 0; |
b184e3ef MC |
729 | # ifndef OPENSSL_NO_STATIC_ENGINE |
730 | # if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_PADLOCK) | |
b1f1e7ae | 731 | if ((opts & OPENSSL_INIT_ENGINE_PADLOCK) |
c2e4e5d2 | 732 | && !RUN_ONCE(&engine_padlock, ossl_init_engine_padlock)) |
b1f1e7ae | 733 | return 0; |
b184e3ef MC |
734 | # endif |
735 | # if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG) | |
b1f1e7ae | 736 | if ((opts & OPENSSL_INIT_ENGINE_CAPI) |
c2e4e5d2 | 737 | && !RUN_ONCE(&engine_capi, ossl_init_engine_capi)) |
b1f1e7ae | 738 | return 0; |
b184e3ef | 739 | # endif |
6cba4a66 | 740 | # if !defined(OPENSSL_NO_AFALGENG) |
b1f1e7ae | 741 | if ((opts & OPENSSL_INIT_ENGINE_AFALG) |
c2e4e5d2 | 742 | && !RUN_ONCE(&engine_afalg, ossl_init_engine_afalg)) |
b1f1e7ae | 743 | return 0; |
6cba4a66 | 744 | # endif |
b184e3ef MC |
745 | # endif |
746 | if (opts & (OPENSSL_INIT_ENGINE_ALL_BUILTIN | |
8d00e30f | 747 | | OPENSSL_INIT_ENGINE_OPENSSL |
6cba4a66 | 748 | | OPENSSL_INIT_ENGINE_AFALG)) { |
b184e3ef MC |
749 | ENGINE_register_all_complete(); |
750 | } | |
751 | #endif | |
752 | ||
e4ad0763 | 753 | #ifndef OPENSSL_NO_COMP |
b1f1e7ae | 754 | if ((opts & OPENSSL_INIT_ZLIB) |
c2e4e5d2 | 755 | && !RUN_ONCE(&zlib, ossl_init_zlib)) |
b1f1e7ae | 756 | return 0; |
e4ad0763 | 757 | #endif |
0fc32b07 MC |
758 | |
759 | return 1; | |
b184e3ef MC |
760 | } |
761 | ||
f672aee4 | 762 | int OPENSSL_atexit(void (*handler)(void)) |
b184e3ef MC |
763 | { |
764 | OPENSSL_INIT_STOP *newhand; | |
765 | ||
5fba3afa | 766 | #if !defined(OPENSSL_USE_NODELETE)\ |
6b97cc6e | 767 | && !defined(OPENSSL_NO_PINSHARED) |
5836780f | 768 | { |
5836780f MC |
769 | union { |
770 | void *sym; | |
771 | void (*func)(void); | |
772 | } handlersym; | |
773 | ||
774 | handlersym.func = handler; | |
392c0953 | 775 | # if defined(DSO_WIN32) && !defined(_WIN32_WCE) |
2b59d1be MC |
776 | { |
777 | HMODULE handle = NULL; | |
778 | BOOL ret; | |
5836780f | 779 | |
2b59d1be MC |
780 | /* |
781 | * We don't use the DSO route for WIN32 because there is a better | |
782 | * way | |
783 | */ | |
784 | ret = GetModuleHandleEx(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS | |
785 | | GET_MODULE_HANDLE_EX_FLAG_PIN, | |
786 | handlersym.sym, &handle); | |
787 | ||
788 | if (!ret) | |
789 | return 0; | |
790 | } | |
5fba3afa | 791 | # elif !defined(DSO_NONE) |
2b59d1be MC |
792 | /* |
793 | * Deliberately leak a reference to the handler. This will force the | |
794 | * library/code containing the handler to remain loaded until we run the | |
795 | * atexit handler. If -znodelete has been used then this is | |
c9a41d7d | 796 | * unnecessary. |
2b59d1be MC |
797 | */ |
798 | { | |
799 | DSO *dso = NULL; | |
800 | ||
689f112d | 801 | ERR_set_mark(); |
2b59d1be | 802 | dso = DSO_dsobyaddr(handlersym.sym, DSO_FLAG_NO_UNLOAD_ON_FREE); |
4af14b7b MK |
803 | # ifdef OPENSSL_INIT_DEBUG |
804 | fprintf(stderr, | |
805 | "OPENSSL_INIT: OPENSSL_atexit: obtained DSO reference? %s\n", | |
806 | (dso == NULL ? "No!" : "Yes.")); | |
807 | /* See same code above in ossl_init_base() for an explanation. */ | |
808 | # endif | |
2b59d1be | 809 | DSO_free(dso); |
689f112d | 810 | ERR_pop_to_mark(); |
2b59d1be MC |
811 | } |
812 | # endif | |
5836780f | 813 | } |
b6d5ba1a | 814 | #endif |
5836780f | 815 | |
cdb10bae RS |
816 | if ((newhand = OPENSSL_malloc(sizeof(*newhand))) == NULL) { |
817 | CRYPTOerr(CRYPTO_F_OPENSSL_ATEXIT, ERR_R_MALLOC_FAILURE); | |
b184e3ef | 818 | return 0; |
cdb10bae | 819 | } |
b184e3ef MC |
820 | |
821 | newhand->handler = handler; | |
822 | newhand->next = stop_handlers; | |
823 | stop_handlers = newhand; | |
824 | ||
825 | return 1; | |
826 | } | |
2915fe19 | 827 | |
63ab5ea1 | 828 | #ifdef OPENSSL_SYS_UNIX |
2915fe19 RS |
829 | /* |
830 | * The following three functions are for OpenSSL developers. This is | |
831 | * where we set/reset state across fork (called via pthread_atfork when | |
832 | * it exists, or manually by the application when it doesn't). | |
833 | * | |
834 | * WARNING! If you put code in either OPENSSL_fork_parent or | |
835 | * OPENSSL_fork_child, you MUST MAKE SURE that they are async-signal- | |
836 | * safe. See this link, for example: | |
837 | * http://man7.org/linux/man-pages/man7/signal-safety.7.html | |
838 | */ | |
839 | ||
840 | void OPENSSL_fork_prepare(void) | |
841 | { | |
842 | } | |
843 | ||
844 | void OPENSSL_fork_parent(void) | |
845 | { | |
846 | } | |
847 | ||
848 | void OPENSSL_fork_child(void) | |
849 | { | |
850 | } | |
851 | #endif |