]>
Commit | Line | Data |
---|---|---|
b184e3ef | 1 | /* |
48e5119a | 2 | * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. |
b184e3ef | 3 | * |
2039c421 RS |
4 | * Licensed under the OpenSSL license (the "License"). You may not use |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
b184e3ef MC |
8 | */ |
9 | ||
07016a8a | 10 | #include "e_os.h" |
176db6dc | 11 | #include "internal/cryptlib_int.h" |
b184e3ef | 12 | #include <openssl/err.h> |
176db6dc RS |
13 | #include "internal/rand_int.h" |
14 | #include "internal/bio.h" | |
b184e3ef | 15 | #include <openssl/evp.h> |
176db6dc RS |
16 | #include "internal/evp_int.h" |
17 | #include "internal/conf.h" | |
18 | #include "internal/async.h" | |
19 | #include "internal/engine.h" | |
20 | #include "internal/comp.h" | |
21 | #include "internal/err.h" | |
22 | #include "internal/err_int.h" | |
23 | #include "internal/objects.h" | |
b184e3ef | 24 | #include <stdlib.h> |
dd27f16e | 25 | #include <assert.h> |
176db6dc | 26 | #include "internal/thread_once.h" |
b71fa7b3 | 27 | #include "internal/dso_conf.h" |
176db6dc RS |
28 | #include "internal/dso.h" |
29 | #include "internal/store.h" | |
dd27f16e RS |
30 | |
31 | static int stopped = 0; | |
b184e3ef | 32 | |
80ae7285 AP |
33 | /* |
34 | * Since per-thread-specific-data destructors are not universally | |
35 | * available, i.e. not on Windows, only below CRYPTO_THREAD_LOCAL key | |
36 | * is assumed to have destructor associated. And then an effort is made | |
37 | * to call this single destructor on non-pthread platform[s]. | |
38 | * | |
39 | * Initial value is "impossible". It is used as guard value to shortcut | |
40 | * destructor for threads terminating before libcrypto is initialized or | |
41 | * after it's de-initialized. Access to the key doesn't have to be | |
42 | * serialized for the said threads, because they didn't use libcrypto | |
43 | * and it doesn't matter if they pick "impossible" or derefernce real | |
44 | * key value and pull NULL past initialization in the first thread that | |
45 | * intends to use libcrypto. | |
46 | */ | |
0b1319ba AP |
47 | static union { |
48 | long sane; | |
49 | CRYPTO_THREAD_LOCAL value; | |
50 | } destructor_key = { -1 }; | |
71567a6f | 51 | |
80ae7285 | 52 | static void ossl_init_thread_stop(struct thread_local_inits_st *locals); |
b184e3ef | 53 | |
80ae7285 | 54 | static void ossl_init_thread_destructor(void *local) |
b184e3ef MC |
55 | { |
56 | ossl_init_thread_stop((struct thread_local_inits_st *)local); | |
57 | } | |
58 | ||
b7326ea7 | 59 | static struct thread_local_inits_st *ossl_init_get_thread_local(int alloc) |
b184e3ef | 60 | { |
a072ed0c | 61 | struct thread_local_inits_st *local = |
0b1319ba | 62 | CRYPTO_THREAD_get_local(&destructor_key.value); |
b184e3ef | 63 | |
80ae7285 AP |
64 | if (alloc) { |
65 | if (local == NULL | |
66 | && (local = OPENSSL_zalloc(sizeof(*local))) != NULL | |
0b1319ba | 67 | && !CRYPTO_THREAD_set_local(&destructor_key.value, local)) { |
3ac6d5ee BE |
68 | OPENSSL_free(local); |
69 | return NULL; | |
70 | } | |
80ae7285 | 71 | } else { |
0b1319ba | 72 | CRYPTO_THREAD_set_local(&destructor_key.value, NULL); |
b7326ea7 | 73 | } |
b184e3ef MC |
74 | |
75 | return local; | |
76 | } | |
77 | ||
7253fd55 | 78 | typedef struct ossl_init_stop_st OPENSSL_INIT_STOP; |
b184e3ef MC |
79 | struct ossl_init_stop_st { |
80 | void (*handler)(void); | |
81 | OPENSSL_INIT_STOP *next; | |
82 | }; | |
83 | ||
84 | static OPENSSL_INIT_STOP *stop_handlers = NULL; | |
c292b105 | 85 | static CRYPTO_RWLOCK *init_lock = NULL; |
b184e3ef | 86 | |
b1f1e7ae | 87 | static CRYPTO_ONCE base = CRYPTO_ONCE_STATIC_INIT; |
b184e3ef | 88 | static int base_inited = 0; |
c2e4e5d2 | 89 | DEFINE_RUN_ONCE_STATIC(ossl_init_base) |
b184e3ef | 90 | { |
80ae7285 AP |
91 | CRYPTO_THREAD_LOCAL key; |
92 | ||
b184e3ef MC |
93 | #ifdef OPENSSL_INIT_DEBUG |
94 | fprintf(stderr, "OPENSSL_INIT: ossl_init_base: Setting up stop handlers\n"); | |
f7edeced RS |
95 | #endif |
96 | #ifndef OPENSSL_NO_CRYPTO_MDEBUG | |
97 | ossl_malloc_setup_failures(); | |
b184e3ef | 98 | #endif |
80ae7285 | 99 | if (!CRYPTO_THREAD_init_local(&key, ossl_init_thread_destructor)) |
eb2b9892 BE |
100 | return 0; |
101 | if ((init_lock = CRYPTO_THREAD_lock_new()) == NULL) | |
102 | goto err; | |
c7b7938e | 103 | #ifndef OPENSSL_SYS_UEFI |
eb2b9892 BE |
104 | if (atexit(OPENSSL_cleanup) != 0) |
105 | goto err; | |
c7b7938e | 106 | #endif |
b184e3ef | 107 | OPENSSL_cpuid_setup(); |
8aa9cf7e | 108 | |
0b1319ba | 109 | destructor_key.value = key; |
b184e3ef | 110 | base_inited = 1; |
eb2b9892 BE |
111 | return 1; |
112 | ||
113 | err: | |
114 | #ifdef OPENSSL_INIT_DEBUG | |
115 | fprintf(stderr, "OPENSSL_INIT: ossl_init_base not ok!\n"); | |
116 | #endif | |
117 | CRYPTO_THREAD_lock_free(init_lock); | |
118 | init_lock = NULL; | |
5836780f | 119 | |
80ae7285 | 120 | CRYPTO_THREAD_cleanup_local(&key); |
eb2b9892 BE |
121 | return 0; |
122 | } | |
123 | ||
124 | static CRYPTO_ONCE load_crypto_nodelete = CRYPTO_ONCE_STATIC_INIT; | |
125 | DEFINE_RUN_ONCE_STATIC(ossl_init_load_crypto_nodelete) | |
126 | { | |
127 | #ifdef OPENSSL_INIT_DEBUG | |
128 | fprintf(stderr, "OPENSSL_INIT: ossl_init_load_crypto_nodelete()\n"); | |
129 | #endif | |
6e290a25 | 130 | #if !defined(OPENSSL_NO_DSO) && !defined(OPENSSL_USE_NODELETE) |
2b59d1be MC |
131 | # ifdef DSO_WIN32 |
132 | { | |
133 | HMODULE handle = NULL; | |
134 | BOOL ret; | |
135 | ||
136 | /* We don't use the DSO route for WIN32 because there is a better way */ | |
137 | ret = GetModuleHandleEx(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS | |
138 | | GET_MODULE_HANDLE_EX_FLAG_PIN, | |
139 | (void *)&base_inited, &handle); | |
140 | ||
eb2b9892 BE |
141 | # ifdef OPENSSL_INIT_DEBUG |
142 | fprintf(stderr, "OPENSSL_INIT: obtained DSO reference? %s\n", | |
143 | (ret == TRUE ? "No!" : "Yes.")); | |
144 | # endif | |
2b59d1be MC |
145 | return (ret == TRUE) ? 1 : 0; |
146 | } | |
147 | # else | |
5836780f MC |
148 | /* |
149 | * Deliberately leak a reference to ourselves. This will force the library | |
689f112d | 150 | * to remain loaded until the atexit() handler is run at process exit. |
5836780f MC |
151 | */ |
152 | { | |
eb2b9892 BE |
153 | DSO *dso; |
154 | void *err; | |
155 | ||
156 | if (!err_shelve_state(&err)) | |
157 | return 0; | |
5836780f MC |
158 | |
159 | dso = DSO_dsobyaddr(&base_inited, DSO_FLAG_NO_UNLOAD_ON_FREE); | |
4af14b7b MK |
160 | # ifdef OPENSSL_INIT_DEBUG |
161 | fprintf(stderr, "OPENSSL_INIT: obtained DSO reference? %s\n", | |
162 | (dso == NULL ? "No!" : "Yes.")); | |
163 | /* | |
164 | * In case of No!, it is uncertain our exit()-handlers can still be | |
165 | * called. After dlclose() the whole library might have been unloaded | |
166 | * already. | |
167 | */ | |
168 | # endif | |
5836780f | 169 | DSO_free(dso); |
eb2b9892 | 170 | err_unshelve_state(err); |
5836780f | 171 | } |
2b59d1be | 172 | # endif |
b6d5ba1a | 173 | #endif |
5836780f | 174 | |
c2e4e5d2 | 175 | return 1; |
b184e3ef MC |
176 | } |
177 | ||
b1f1e7ae | 178 | static CRYPTO_ONCE load_crypto_strings = CRYPTO_ONCE_STATIC_INIT; |
b184e3ef | 179 | static int load_crypto_strings_inited = 0; |
c2e4e5d2 | 180 | DEFINE_RUN_ONCE_STATIC(ossl_init_no_load_crypto_strings) |
b184e3ef MC |
181 | { |
182 | /* Do nothing in this case */ | |
c2e4e5d2 | 183 | return 1; |
b184e3ef MC |
184 | } |
185 | ||
c2e4e5d2 | 186 | DEFINE_RUN_ONCE_STATIC(ossl_init_load_crypto_strings) |
b184e3ef | 187 | { |
69588edb | 188 | int ret = 1; |
498abff0 MC |
189 | /* |
190 | * OPENSSL_NO_AUTOERRINIT is provided here to prevent at compile time | |
191 | * pulling in all the error strings during static linking | |
192 | */ | |
193 | #if !defined(OPENSSL_NO_ERR) && !defined(OPENSSL_NO_AUTOERRINIT) | |
b184e3ef MC |
194 | # ifdef OPENSSL_INIT_DEBUG |
195 | fprintf(stderr, "OPENSSL_INIT: ossl_init_load_crypto_strings: " | |
b3599dbb | 196 | "err_load_crypto_strings_int()\n"); |
b184e3ef | 197 | # endif |
69588edb | 198 | ret = err_load_crypto_strings_int(); |
b184e3ef | 199 | load_crypto_strings_inited = 1; |
bd91e3c8 | 200 | #endif |
69588edb | 201 | return ret; |
b184e3ef MC |
202 | } |
203 | ||
b1f1e7ae | 204 | static CRYPTO_ONCE add_all_ciphers = CRYPTO_ONCE_STATIC_INIT; |
c2e4e5d2 | 205 | DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_ciphers) |
b184e3ef MC |
206 | { |
207 | /* | |
208 | * OPENSSL_NO_AUTOALGINIT is provided here to prevent at compile time | |
209 | * pulling in all the ciphers during static linking | |
210 | */ | |
211 | #ifndef OPENSSL_NO_AUTOALGINIT | |
212 | # ifdef OPENSSL_INIT_DEBUG | |
213 | fprintf(stderr, "OPENSSL_INIT: ossl_init_add_all_ciphers: " | |
b3599dbb | 214 | "openssl_add_all_ciphers_int()\n"); |
b184e3ef | 215 | # endif |
b3599dbb | 216 | openssl_add_all_ciphers_int(); |
b184e3ef | 217 | #endif |
c2e4e5d2 | 218 | return 1; |
b184e3ef MC |
219 | } |
220 | ||
b1f1e7ae | 221 | static CRYPTO_ONCE add_all_digests = CRYPTO_ONCE_STATIC_INIT; |
c2e4e5d2 | 222 | DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_digests) |
b184e3ef MC |
223 | { |
224 | /* | |
225 | * OPENSSL_NO_AUTOALGINIT is provided here to prevent at compile time | |
226 | * pulling in all the ciphers during static linking | |
227 | */ | |
228 | #ifndef OPENSSL_NO_AUTOALGINIT | |
229 | # ifdef OPENSSL_INIT_DEBUG | |
230 | fprintf(stderr, "OPENSSL_INIT: ossl_init_add_all_digests: " | |
b3599dbb | 231 | "openssl_add_all_digests()\n"); |
b184e3ef | 232 | # endif |
b3599dbb | 233 | openssl_add_all_digests_int(); |
b184e3ef | 234 | #endif |
c2e4e5d2 | 235 | return 1; |
b184e3ef MC |
236 | } |
237 | ||
c2e4e5d2 | 238 | DEFINE_RUN_ONCE_STATIC(ossl_init_no_add_algs) |
b184e3ef MC |
239 | { |
240 | /* Do nothing */ | |
c2e4e5d2 | 241 | return 1; |
b184e3ef MC |
242 | } |
243 | ||
b1f1e7ae | 244 | static CRYPTO_ONCE config = CRYPTO_ONCE_STATIC_INIT; |
b184e3ef | 245 | static int config_inited = 0; |
cda3ae5b | 246 | static const char *appname; |
c2e4e5d2 | 247 | DEFINE_RUN_ONCE_STATIC(ossl_init_config) |
b184e3ef MC |
248 | { |
249 | #ifdef OPENSSL_INIT_DEBUG | |
250 | fprintf(stderr, | |
b3599dbb | 251 | "OPENSSL_INIT: ossl_init_config: openssl_config(%s)\n", |
cda3ae5b | 252 | appname == NULL ? "NULL" : appname); |
b184e3ef | 253 | #endif |
cda3ae5b | 254 | openssl_config_int(appname); |
b184e3ef | 255 | config_inited = 1; |
c2e4e5d2 | 256 | return 1; |
b184e3ef | 257 | } |
c2e4e5d2 | 258 | DEFINE_RUN_ONCE_STATIC(ossl_init_no_config) |
b184e3ef MC |
259 | { |
260 | #ifdef OPENSSL_INIT_DEBUG | |
261 | fprintf(stderr, | |
b3599dbb | 262 | "OPENSSL_INIT: ossl_init_config: openssl_no_config_int()\n"); |
b184e3ef | 263 | #endif |
b3599dbb | 264 | openssl_no_config_int(); |
b184e3ef | 265 | config_inited = 1; |
c2e4e5d2 | 266 | return 1; |
b184e3ef MC |
267 | } |
268 | ||
b1f1e7ae | 269 | static CRYPTO_ONCE async = CRYPTO_ONCE_STATIC_INIT; |
b184e3ef | 270 | static int async_inited = 0; |
c2e4e5d2 | 271 | DEFINE_RUN_ONCE_STATIC(ossl_init_async) |
b184e3ef MC |
272 | { |
273 | #ifdef OPENSSL_INIT_DEBUG | |
274 | fprintf(stderr, "OPENSSL_INIT: ossl_init_async: async_init()\n"); | |
275 | #endif | |
c2e4e5d2 RL |
276 | if (!async_init()) |
277 | return 0; | |
b184e3ef | 278 | async_inited = 1; |
c2e4e5d2 | 279 | return 1; |
b184e3ef MC |
280 | } |
281 | ||
282 | #ifndef OPENSSL_NO_ENGINE | |
b1f1e7ae | 283 | static CRYPTO_ONCE engine_openssl = CRYPTO_ONCE_STATIC_INIT; |
c2e4e5d2 | 284 | DEFINE_RUN_ONCE_STATIC(ossl_init_engine_openssl) |
b184e3ef MC |
285 | { |
286 | # ifdef OPENSSL_INIT_DEBUG | |
287 | fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_openssl: " | |
b3599dbb | 288 | "engine_load_openssl_int()\n"); |
b184e3ef | 289 | # endif |
b3599dbb | 290 | engine_load_openssl_int(); |
c2e4e5d2 | 291 | return 1; |
b184e3ef | 292 | } |
619eb33a RL |
293 | # ifndef OPENSSL_NO_DEVCRYPTOENG |
294 | static CRYPTO_ONCE engine_devcrypto = CRYPTO_ONCE_STATIC_INIT; | |
295 | DEFINE_RUN_ONCE_STATIC(ossl_init_engine_devcrypto) | |
296 | { | |
297 | # ifdef OPENSSL_INIT_DEBUG | |
298 | fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_devcrypto: " | |
299 | "engine_load_devcrypto_int()\n"); | |
300 | # endif | |
301 | engine_load_devcrypto_int(); | |
302 | return 1; | |
303 | } | |
304 | # endif | |
b184e3ef MC |
305 | |
306 | # ifndef OPENSSL_NO_RDRAND | |
b1f1e7ae | 307 | static CRYPTO_ONCE engine_rdrand = CRYPTO_ONCE_STATIC_INIT; |
c2e4e5d2 | 308 | DEFINE_RUN_ONCE_STATIC(ossl_init_engine_rdrand) |
b184e3ef MC |
309 | { |
310 | # ifdef OPENSSL_INIT_DEBUG | |
311 | fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_rdrand: " | |
b3599dbb | 312 | "engine_load_rdrand_int()\n"); |
b184e3ef | 313 | # endif |
b3599dbb | 314 | engine_load_rdrand_int(); |
c2e4e5d2 | 315 | return 1; |
b184e3ef MC |
316 | } |
317 | # endif | |
b1f1e7ae | 318 | static CRYPTO_ONCE engine_dynamic = CRYPTO_ONCE_STATIC_INIT; |
c2e4e5d2 | 319 | DEFINE_RUN_ONCE_STATIC(ossl_init_engine_dynamic) |
b184e3ef MC |
320 | { |
321 | # ifdef OPENSSL_INIT_DEBUG | |
322 | fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_dynamic: " | |
b3599dbb | 323 | "engine_load_dynamic_int()\n"); |
b184e3ef | 324 | # endif |
b3599dbb | 325 | engine_load_dynamic_int(); |
c2e4e5d2 | 326 | return 1; |
b184e3ef MC |
327 | } |
328 | # ifndef OPENSSL_NO_STATIC_ENGINE | |
329 | # if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_PADLOCK) | |
b1f1e7ae | 330 | static CRYPTO_ONCE engine_padlock = CRYPTO_ONCE_STATIC_INIT; |
c2e4e5d2 | 331 | DEFINE_RUN_ONCE_STATIC(ossl_init_engine_padlock) |
b184e3ef MC |
332 | { |
333 | # ifdef OPENSSL_INIT_DEBUG | |
334 | fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_padlock: " | |
b3599dbb | 335 | "engine_load_padlock_int()\n"); |
b184e3ef | 336 | # endif |
b3599dbb | 337 | engine_load_padlock_int(); |
c2e4e5d2 | 338 | return 1; |
b184e3ef MC |
339 | } |
340 | # endif | |
341 | # if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG) | |
b1f1e7ae | 342 | static CRYPTO_ONCE engine_capi = CRYPTO_ONCE_STATIC_INIT; |
c2e4e5d2 | 343 | DEFINE_RUN_ONCE_STATIC(ossl_init_engine_capi) |
b184e3ef MC |
344 | { |
345 | # ifdef OPENSSL_INIT_DEBUG | |
346 | fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_capi: " | |
b3599dbb | 347 | "engine_load_capi_int()\n"); |
b184e3ef | 348 | # endif |
b3599dbb | 349 | engine_load_capi_int(); |
c2e4e5d2 | 350 | return 1; |
b184e3ef MC |
351 | } |
352 | # endif | |
6cba4a66 | 353 | # if !defined(OPENSSL_NO_AFALGENG) |
a4d8bcf1 | 354 | static CRYPTO_ONCE engine_afalg = CRYPTO_ONCE_STATIC_INIT; |
c2e4e5d2 | 355 | DEFINE_RUN_ONCE_STATIC(ossl_init_engine_afalg) |
6cba4a66 | 356 | { |
357 | # ifdef OPENSSL_INIT_DEBUG | |
358 | fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_afalg: " | |
b3599dbb | 359 | "engine_load_afalg_int()\n"); |
6cba4a66 | 360 | # endif |
b3599dbb | 361 | engine_load_afalg_int(); |
c2e4e5d2 | 362 | return 1; |
6cba4a66 | 363 | } |
364 | # endif | |
b184e3ef MC |
365 | # endif |
366 | #endif | |
367 | ||
e4ad0763 | 368 | #ifndef OPENSSL_NO_COMP |
b1f1e7ae | 369 | static CRYPTO_ONCE zlib = CRYPTO_ONCE_STATIC_INIT; |
e4ad0763 | 370 | |
b184e3ef | 371 | static int zlib_inited = 0; |
c2e4e5d2 | 372 | DEFINE_RUN_ONCE_STATIC(ossl_init_zlib) |
b184e3ef MC |
373 | { |
374 | /* Do nothing - we need to know about this for the later cleanup */ | |
375 | zlib_inited = 1; | |
c2e4e5d2 | 376 | return 1; |
b184e3ef | 377 | } |
e4ad0763 | 378 | #endif |
b184e3ef | 379 | |
71567a6f | 380 | static void ossl_init_thread_stop(struct thread_local_inits_st *locals) |
b184e3ef MC |
381 | { |
382 | /* Can't do much about this */ | |
383 | if (locals == NULL) | |
384 | return; | |
385 | ||
386 | if (locals->async) { | |
387 | #ifdef OPENSSL_INIT_DEBUG | |
388 | fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_stop: " | |
74a8acbd | 389 | "async_delete_thread_state()\n"); |
b184e3ef | 390 | #endif |
74a8acbd | 391 | async_delete_thread_state(); |
b184e3ef MC |
392 | } |
393 | ||
394 | if (locals->err_state) { | |
395 | #ifdef OPENSSL_INIT_DEBUG | |
396 | fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_stop: " | |
21e00174 | 397 | "err_delete_thread_state()\n"); |
b184e3ef | 398 | #endif |
21e00174 | 399 | err_delete_thread_state(); |
b184e3ef MC |
400 | } |
401 | ||
7caf122e KR |
402 | if (locals->rand) { |
403 | #ifdef OPENSSL_INIT_DEBUG | |
404 | fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_stop: " | |
405 | "drbg_delete_thread_state()\n"); | |
406 | #endif | |
407 | drbg_delete_thread_state(); | |
408 | } | |
409 | ||
b184e3ef | 410 | OPENSSL_free(locals); |
b184e3ef MC |
411 | } |
412 | ||
f672aee4 | 413 | void OPENSSL_thread_stop(void) |
71567a6f | 414 | { |
0b1319ba | 415 | if (destructor_key.sane != -1) |
80ae7285 | 416 | ossl_init_thread_stop(ossl_init_get_thread_local(0)); |
71567a6f MC |
417 | } |
418 | ||
b184e3ef MC |
419 | int ossl_init_thread_start(uint64_t opts) |
420 | { | |
3ac6d5ee BE |
421 | struct thread_local_inits_st *locals; |
422 | ||
423 | if (!OPENSSL_init_crypto(0, NULL)) | |
424 | return 0; | |
425 | ||
426 | locals = ossl_init_get_thread_local(1); | |
b184e3ef MC |
427 | |
428 | if (locals == NULL) | |
429 | return 0; | |
430 | ||
431 | if (opts & OPENSSL_INIT_THREAD_ASYNC) { | |
432 | #ifdef OPENSSL_INIT_DEBUG | |
433 | fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_start: " | |
434 | "marking thread for async\n"); | |
435 | #endif | |
436 | locals->async = 1; | |
437 | } | |
438 | ||
439 | if (opts & OPENSSL_INIT_THREAD_ERR_STATE) { | |
440 | #ifdef OPENSSL_INIT_DEBUG | |
441 | fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_start: " | |
442 | "marking thread for err_state\n"); | |
443 | #endif | |
444 | locals->err_state = 1; | |
445 | } | |
446 | ||
7caf122e KR |
447 | if (opts & OPENSSL_INIT_THREAD_RAND) { |
448 | #ifdef OPENSSL_INIT_DEBUG | |
449 | fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_start: " | |
450 | "marking thread for rand\n"); | |
451 | #endif | |
452 | locals->rand = 1; | |
453 | } | |
454 | ||
b184e3ef MC |
455 | return 1; |
456 | } | |
457 | ||
f672aee4 | 458 | void OPENSSL_cleanup(void) |
b184e3ef MC |
459 | { |
460 | OPENSSL_INIT_STOP *currhandler, *lasthandler; | |
80ae7285 | 461 | CRYPTO_THREAD_LOCAL key; |
b184e3ef | 462 | |
deca5df2 MC |
463 | /* If we've not been inited then no need to deinit */ |
464 | if (!base_inited) | |
465 | return; | |
466 | ||
dd27f16e RS |
467 | /* Might be explicitly called and also by atexit */ |
468 | if (stopped) | |
469 | return; | |
470 | stopped = 1; | |
471 | ||
b184e3ef MC |
472 | /* |
473 | * Thread stop may not get automatically called by the thread library for | |
474 | * the very last thread in some situations, so call it directly. | |
475 | */ | |
476 | ossl_init_thread_stop(ossl_init_get_thread_local(0)); | |
477 | ||
478 | currhandler = stop_handlers; | |
479 | while (currhandler != NULL) { | |
480 | currhandler->handler(); | |
481 | lasthandler = currhandler; | |
482 | currhandler = currhandler->next; | |
483 | OPENSSL_free(lasthandler); | |
484 | } | |
485 | stop_handlers = NULL; | |
c292b105 MC |
486 | |
487 | CRYPTO_THREAD_lock_free(init_lock); | |
adeb4bc7 | 488 | init_lock = NULL; |
c292b105 | 489 | |
b184e3ef MC |
490 | /* |
491 | * We assume we are single-threaded for this function, i.e. no race | |
492 | * conditions for the various "*_inited" vars below. | |
493 | */ | |
494 | ||
e4ad0763 | 495 | #ifndef OPENSSL_NO_COMP |
b184e3ef MC |
496 | if (zlib_inited) { |
497 | #ifdef OPENSSL_INIT_DEBUG | |
f672aee4 | 498 | fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " |
b3599dbb | 499 | "comp_zlib_cleanup_int()\n"); |
b184e3ef | 500 | #endif |
b3599dbb | 501 | comp_zlib_cleanup_int(); |
b184e3ef | 502 | } |
e4ad0763 | 503 | #endif |
b184e3ef | 504 | |
ed49f43a MC |
505 | if (async_inited) { |
506 | # ifdef OPENSSL_INIT_DEBUG | |
507 | fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " | |
508 | "async_deinit()\n"); | |
509 | # endif | |
510 | async_deinit(); | |
511 | } | |
ed49f43a | 512 | |
b184e3ef MC |
513 | if (load_crypto_strings_inited) { |
514 | #ifdef OPENSSL_INIT_DEBUG | |
f672aee4 | 515 | fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " |
b3599dbb | 516 | "err_free_strings_int()\n"); |
b184e3ef | 517 | #endif |
b3599dbb | 518 | err_free_strings_int(); |
b184e3ef MC |
519 | } |
520 | ||
0b1319ba AP |
521 | key = destructor_key.value; |
522 | destructor_key.sane = -1; | |
80ae7285 | 523 | CRYPTO_THREAD_cleanup_local(&key); |
6bc7bad0 | 524 | |
b184e3ef | 525 | #ifdef OPENSSL_INIT_DEBUG |
58a8fc25 | 526 | fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " |
b3599dbb | 527 | "rand_cleanup_int()\n"); |
58a8fc25 | 528 | fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " |
b3599dbb | 529 | "conf_modules_free_int()\n"); |
9749a07a | 530 | #ifndef OPENSSL_NO_ENGINE |
ae6412f3 | 531 | fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " |
b3599dbb | 532 | "engine_cleanup_int()\n"); |
9749a07a | 533 | #endif |
58a8fc25 | 534 | fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " |
b3599dbb | 535 | "crypto_cleanup_all_ex_data_int()\n"); |
58a8fc25 | 536 | fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " |
b3599dbb | 537 | "bio_sock_cleanup_int()\n"); |
ff234405 MC |
538 | fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " |
539 | "bio_cleanup()\n"); | |
58a8fc25 | 540 | fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " |
b3599dbb | 541 | "evp_cleanup_int()\n"); |
58a8fc25 | 542 | fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " |
b3599dbb | 543 | "obj_cleanup_int()\n"); |
ff234405 MC |
544 | fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " |
545 | "err_cleanup()\n"); | |
9749a07a | 546 | #endif |
58a8fc25 MC |
547 | /* |
548 | * Note that cleanup order is important: | |
a535fe12 | 549 | * - rand_cleanup_int could call an ENGINE's RAND cleanup function so |
b3599dbb | 550 | * must be called before engine_cleanup_int() |
58a8fc25 MC |
551 | * - ENGINEs use CRYPTO_EX_DATA and therefore, must be cleaned up |
552 | * before the ex data handlers are wiped in CRYPTO_cleanup_all_ex_data(). | |
b3599dbb MC |
553 | * - conf_modules_free_int() can end up in ENGINE code so must be called |
554 | * before engine_cleanup_int() | |
a535fe12 DSH |
555 | * - ENGINEs and additional EVP algorithms might use added OIDs names so |
556 | * obj_cleanup_int() must be called last | |
58a8fc25 | 557 | */ |
b3599dbb | 558 | rand_cleanup_int(); |
c16de9d8 | 559 | rand_drbg_cleanup_int(); |
b3599dbb | 560 | conf_modules_free_int(); |
773fd0ba | 561 | #ifndef OPENSSL_NO_ENGINE |
b3599dbb | 562 | engine_cleanup_int(); |
773fd0ba | 563 | #endif |
71a5516d | 564 | ossl_store_cleanup_int(); |
b3599dbb | 565 | crypto_cleanup_all_ex_data_int(); |
ff234405 | 566 | bio_cleanup(); |
b3599dbb MC |
567 | evp_cleanup_int(); |
568 | obj_cleanup_int(); | |
ff234405 MC |
569 | err_cleanup(); |
570 | ||
d7c402c4 DMSP |
571 | CRYPTO_secure_malloc_done(); |
572 | ||
deca5df2 | 573 | base_inited = 0; |
b184e3ef MC |
574 | } |
575 | ||
b184e3ef MC |
576 | /* |
577 | * If this function is called with a non NULL settings value then it must be | |
578 | * called prior to any threads making calls to any OpenSSL functions, | |
579 | * i.e. passing a non-null settings value is assumed to be single-threaded. | |
580 | */ | |
0fc32b07 | 581 | int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings) |
b184e3ef | 582 | { |
302f7588 | 583 | if (stopped) { |
eb2b9892 BE |
584 | if (!(opts & OPENSSL_INIT_BASE_ONLY)) |
585 | CRYPTOerr(CRYPTO_F_OPENSSL_INIT_CRYPTO, ERR_R_INIT_FAIL); | |
0fc32b07 | 586 | return 0; |
302f7588 | 587 | } |
dd27f16e | 588 | |
eb2b9892 BE |
589 | if (!RUN_ONCE(&base, ossl_init_base)) |
590 | return 0; | |
591 | ||
592 | if (!(opts & OPENSSL_INIT_BASE_ONLY) | |
593 | && !RUN_ONCE(&load_crypto_nodelete, | |
594 | ossl_init_load_crypto_nodelete)) | |
b1f1e7ae | 595 | return 0; |
b184e3ef | 596 | |
b1f1e7ae | 597 | if ((opts & OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS) |
c2e4e5d2 RL |
598 | && !RUN_ONCE(&load_crypto_strings, |
599 | ossl_init_no_load_crypto_strings)) | |
b1f1e7ae | 600 | return 0; |
b184e3ef | 601 | |
b1f1e7ae | 602 | if ((opts & OPENSSL_INIT_LOAD_CRYPTO_STRINGS) |
c2e4e5d2 | 603 | && !RUN_ONCE(&load_crypto_strings, ossl_init_load_crypto_strings)) |
b1f1e7ae | 604 | return 0; |
b184e3ef | 605 | |
b1f1e7ae | 606 | if ((opts & OPENSSL_INIT_NO_ADD_ALL_CIPHERS) |
c2e4e5d2 | 607 | && !RUN_ONCE(&add_all_ciphers, ossl_init_no_add_algs)) |
b1f1e7ae | 608 | return 0; |
b184e3ef | 609 | |
b1f1e7ae | 610 | if ((opts & OPENSSL_INIT_ADD_ALL_CIPHERS) |
c2e4e5d2 | 611 | && !RUN_ONCE(&add_all_ciphers, ossl_init_add_all_ciphers)) |
b1f1e7ae | 612 | return 0; |
b184e3ef | 613 | |
b1f1e7ae | 614 | if ((opts & OPENSSL_INIT_NO_ADD_ALL_DIGESTS) |
c2e4e5d2 | 615 | && !RUN_ONCE(&add_all_digests, ossl_init_no_add_algs)) |
b1f1e7ae | 616 | return 0; |
b184e3ef | 617 | |
b1f1e7ae | 618 | if ((opts & OPENSSL_INIT_ADD_ALL_DIGESTS) |
c2e4e5d2 | 619 | && !RUN_ONCE(&add_all_digests, ossl_init_add_all_digests)) |
b1f1e7ae | 620 | return 0; |
b184e3ef | 621 | |
b5319bdb | 622 | if ((opts & OPENSSL_INIT_ATFORK) |
2915fe19 RS |
623 | && !openssl_init_fork_handlers()) |
624 | return 0; | |
625 | ||
b1f1e7ae | 626 | if ((opts & OPENSSL_INIT_NO_LOAD_CONFIG) |
c2e4e5d2 | 627 | && !RUN_ONCE(&config, ossl_init_no_config)) |
b1f1e7ae | 628 | return 0; |
b184e3ef MC |
629 | |
630 | if (opts & OPENSSL_INIT_LOAD_CONFIG) { | |
b1f1e7ae | 631 | int ret; |
c292b105 | 632 | CRYPTO_THREAD_write_lock(init_lock); |
cda3ae5b | 633 | appname = (settings == NULL) ? NULL : settings->appname; |
c2e4e5d2 | 634 | ret = RUN_ONCE(&config, ossl_init_config); |
c292b105 | 635 | CRYPTO_THREAD_unlock(init_lock); |
b1f1e7ae MC |
636 | if (!ret) |
637 | return 0; | |
b184e3ef MC |
638 | } |
639 | ||
b1f1e7ae | 640 | if ((opts & OPENSSL_INIT_ASYNC) |
c2e4e5d2 | 641 | && !RUN_ONCE(&async, ossl_init_async)) |
b1f1e7ae | 642 | return 0; |
7626fbf2 | 643 | |
b184e3ef | 644 | #ifndef OPENSSL_NO_ENGINE |
b1f1e7ae | 645 | if ((opts & OPENSSL_INIT_ENGINE_OPENSSL) |
c2e4e5d2 | 646 | && !RUN_ONCE(&engine_openssl, ossl_init_engine_openssl)) |
b1f1e7ae | 647 | return 0; |
619eb33a RL |
648 | # if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_DEVCRYPTOENG) |
649 | if ((opts & OPENSSL_INIT_ENGINE_CRYPTODEV) | |
650 | && !RUN_ONCE(&engine_devcrypto, ossl_init_engine_devcrypto)) | |
651 | return 0; | |
652 | # endif | |
b184e3ef | 653 | # ifndef OPENSSL_NO_RDRAND |
b1f1e7ae | 654 | if ((opts & OPENSSL_INIT_ENGINE_RDRAND) |
c2e4e5d2 | 655 | && !RUN_ONCE(&engine_rdrand, ossl_init_engine_rdrand)) |
b1f1e7ae | 656 | return 0; |
b184e3ef | 657 | # endif |
b1f1e7ae | 658 | if ((opts & OPENSSL_INIT_ENGINE_DYNAMIC) |
c2e4e5d2 | 659 | && !RUN_ONCE(&engine_dynamic, ossl_init_engine_dynamic)) |
b1f1e7ae | 660 | return 0; |
b184e3ef MC |
661 | # ifndef OPENSSL_NO_STATIC_ENGINE |
662 | # if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_PADLOCK) | |
b1f1e7ae | 663 | if ((opts & OPENSSL_INIT_ENGINE_PADLOCK) |
c2e4e5d2 | 664 | && !RUN_ONCE(&engine_padlock, ossl_init_engine_padlock)) |
b1f1e7ae | 665 | return 0; |
b184e3ef MC |
666 | # endif |
667 | # if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG) | |
b1f1e7ae | 668 | if ((opts & OPENSSL_INIT_ENGINE_CAPI) |
c2e4e5d2 | 669 | && !RUN_ONCE(&engine_capi, ossl_init_engine_capi)) |
b1f1e7ae | 670 | return 0; |
b184e3ef | 671 | # endif |
6cba4a66 | 672 | # if !defined(OPENSSL_NO_AFALGENG) |
b1f1e7ae | 673 | if ((opts & OPENSSL_INIT_ENGINE_AFALG) |
c2e4e5d2 | 674 | && !RUN_ONCE(&engine_afalg, ossl_init_engine_afalg)) |
b1f1e7ae | 675 | return 0; |
6cba4a66 | 676 | # endif |
b184e3ef MC |
677 | # endif |
678 | if (opts & (OPENSSL_INIT_ENGINE_ALL_BUILTIN | |
8d00e30f | 679 | | OPENSSL_INIT_ENGINE_OPENSSL |
6cba4a66 | 680 | | OPENSSL_INIT_ENGINE_AFALG)) { |
b184e3ef MC |
681 | ENGINE_register_all_complete(); |
682 | } | |
683 | #endif | |
684 | ||
e4ad0763 | 685 | #ifndef OPENSSL_NO_COMP |
b1f1e7ae | 686 | if ((opts & OPENSSL_INIT_ZLIB) |
c2e4e5d2 | 687 | && !RUN_ONCE(&zlib, ossl_init_zlib)) |
b1f1e7ae | 688 | return 0; |
e4ad0763 | 689 | #endif |
0fc32b07 MC |
690 | |
691 | return 1; | |
b184e3ef MC |
692 | } |
693 | ||
f672aee4 | 694 | int OPENSSL_atexit(void (*handler)(void)) |
b184e3ef MC |
695 | { |
696 | OPENSSL_INIT_STOP *newhand; | |
697 | ||
6e290a25 | 698 | #if !defined(OPENSSL_NO_DSO) && !defined(OPENSSL_USE_NODELETE) |
5836780f | 699 | { |
5836780f MC |
700 | union { |
701 | void *sym; | |
702 | void (*func)(void); | |
703 | } handlersym; | |
704 | ||
705 | handlersym.func = handler; | |
2b59d1be MC |
706 | # ifdef DSO_WIN32 |
707 | { | |
708 | HMODULE handle = NULL; | |
709 | BOOL ret; | |
5836780f | 710 | |
2b59d1be MC |
711 | /* |
712 | * We don't use the DSO route for WIN32 because there is a better | |
713 | * way | |
714 | */ | |
715 | ret = GetModuleHandleEx(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS | |
716 | | GET_MODULE_HANDLE_EX_FLAG_PIN, | |
717 | handlersym.sym, &handle); | |
718 | ||
719 | if (!ret) | |
720 | return 0; | |
721 | } | |
722 | # else | |
723 | /* | |
724 | * Deliberately leak a reference to the handler. This will force the | |
725 | * library/code containing the handler to remain loaded until we run the | |
726 | * atexit handler. If -znodelete has been used then this is | |
c9a41d7d | 727 | * unnecessary. |
2b59d1be MC |
728 | */ |
729 | { | |
730 | DSO *dso = NULL; | |
731 | ||
689f112d | 732 | ERR_set_mark(); |
2b59d1be | 733 | dso = DSO_dsobyaddr(handlersym.sym, DSO_FLAG_NO_UNLOAD_ON_FREE); |
4af14b7b MK |
734 | # ifdef OPENSSL_INIT_DEBUG |
735 | fprintf(stderr, | |
736 | "OPENSSL_INIT: OPENSSL_atexit: obtained DSO reference? %s\n", | |
737 | (dso == NULL ? "No!" : "Yes.")); | |
738 | /* See same code above in ossl_init_base() for an explanation. */ | |
739 | # endif | |
2b59d1be | 740 | DSO_free(dso); |
689f112d | 741 | ERR_pop_to_mark(); |
2b59d1be MC |
742 | } |
743 | # endif | |
5836780f | 744 | } |
b6d5ba1a | 745 | #endif |
5836780f | 746 | |
cdb10bae RS |
747 | if ((newhand = OPENSSL_malloc(sizeof(*newhand))) == NULL) { |
748 | CRYPTOerr(CRYPTO_F_OPENSSL_ATEXIT, ERR_R_MALLOC_FAILURE); | |
b184e3ef | 749 | return 0; |
cdb10bae | 750 | } |
b184e3ef MC |
751 | |
752 | newhand->handler = handler; | |
753 | newhand->next = stop_handlers; | |
754 | stop_handlers = newhand; | |
755 | ||
756 | return 1; | |
757 | } | |
2915fe19 | 758 | |
63ab5ea1 | 759 | #ifdef OPENSSL_SYS_UNIX |
2915fe19 RS |
760 | /* |
761 | * The following three functions are for OpenSSL developers. This is | |
762 | * where we set/reset state across fork (called via pthread_atfork when | |
763 | * it exists, or manually by the application when it doesn't). | |
764 | * | |
765 | * WARNING! If you put code in either OPENSSL_fork_parent or | |
766 | * OPENSSL_fork_child, you MUST MAKE SURE that they are async-signal- | |
767 | * safe. See this link, for example: | |
768 | * http://man7.org/linux/man-pages/man7/signal-safety.7.html | |
769 | */ | |
770 | ||
771 | void OPENSSL_fork_prepare(void) | |
772 | { | |
773 | } | |
774 | ||
775 | void OPENSSL_fork_parent(void) | |
776 | { | |
777 | } | |
778 | ||
779 | void OPENSSL_fork_child(void) | |
780 | { | |
a35f607c | 781 | rand_fork(); |
2915fe19 RS |
782 | } |
783 | #endif |