]>
Commit | Line | Data |
---|---|---|
b184e3ef | 1 | /* |
48e5119a | 2 | * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. |
b184e3ef | 3 | * |
0e9725bc | 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
2039c421 RS |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
b184e3ef MC |
8 | */ |
9 | ||
07016a8a | 10 | #include "e_os.h" |
176db6dc | 11 | #include "internal/cryptlib_int.h" |
b184e3ef | 12 | #include <openssl/err.h> |
176db6dc RS |
13 | #include "internal/rand_int.h" |
14 | #include "internal/bio.h" | |
b184e3ef | 15 | #include <openssl/evp.h> |
176db6dc RS |
16 | #include "internal/evp_int.h" |
17 | #include "internal/conf.h" | |
18 | #include "internal/async.h" | |
19 | #include "internal/engine.h" | |
20 | #include "internal/comp.h" | |
21 | #include "internal/err.h" | |
22 | #include "internal/err_int.h" | |
23 | #include "internal/objects.h" | |
b184e3ef | 24 | #include <stdlib.h> |
dd27f16e | 25 | #include <assert.h> |
176db6dc | 26 | #include "internal/thread_once.h" |
b71fa7b3 | 27 | #include "internal/dso_conf.h" |
176db6dc RS |
28 | #include "internal/dso.h" |
29 | #include "internal/store.h" | |
dd27f16e RS |
30 | |
31 | static int stopped = 0; | |
b184e3ef | 32 | |
80ae7285 AP |
33 | /* |
34 | * Since per-thread-specific-data destructors are not universally | |
35 | * available, i.e. not on Windows, only below CRYPTO_THREAD_LOCAL key | |
36 | * is assumed to have destructor associated. And then an effort is made | |
37 | * to call this single destructor on non-pthread platform[s]. | |
38 | * | |
39 | * Initial value is "impossible". It is used as guard value to shortcut | |
40 | * destructor for threads terminating before libcrypto is initialized or | |
41 | * after it's de-initialized. Access to the key doesn't have to be | |
42 | * serialized for the said threads, because they didn't use libcrypto | |
43 | * and it doesn't matter if they pick "impossible" or derefernce real | |
44 | * key value and pull NULL past initialization in the first thread that | |
45 | * intends to use libcrypto. | |
46 | */ | |
0b1319ba AP |
47 | static union { |
48 | long sane; | |
49 | CRYPTO_THREAD_LOCAL value; | |
50 | } destructor_key = { -1 }; | |
71567a6f | 51 | |
80ae7285 | 52 | static void ossl_init_thread_stop(struct thread_local_inits_st *locals); |
b184e3ef | 53 | |
80ae7285 | 54 | static void ossl_init_thread_destructor(void *local) |
b184e3ef MC |
55 | { |
56 | ossl_init_thread_stop((struct thread_local_inits_st *)local); | |
57 | } | |
58 | ||
b7326ea7 | 59 | static struct thread_local_inits_st *ossl_init_get_thread_local(int alloc) |
b184e3ef | 60 | { |
a072ed0c | 61 | struct thread_local_inits_st *local = |
0b1319ba | 62 | CRYPTO_THREAD_get_local(&destructor_key.value); |
b184e3ef | 63 | |
80ae7285 AP |
64 | if (alloc) { |
65 | if (local == NULL | |
66 | && (local = OPENSSL_zalloc(sizeof(*local))) != NULL | |
0b1319ba | 67 | && !CRYPTO_THREAD_set_local(&destructor_key.value, local)) { |
3ac6d5ee BE |
68 | OPENSSL_free(local); |
69 | return NULL; | |
70 | } | |
80ae7285 | 71 | } else { |
0b1319ba | 72 | CRYPTO_THREAD_set_local(&destructor_key.value, NULL); |
b7326ea7 | 73 | } |
b184e3ef MC |
74 | |
75 | return local; | |
76 | } | |
77 | ||
7253fd55 | 78 | typedef struct ossl_init_stop_st OPENSSL_INIT_STOP; |
b184e3ef MC |
79 | struct ossl_init_stop_st { |
80 | void (*handler)(void); | |
81 | OPENSSL_INIT_STOP *next; | |
82 | }; | |
83 | ||
84 | static OPENSSL_INIT_STOP *stop_handlers = NULL; | |
c292b105 | 85 | static CRYPTO_RWLOCK *init_lock = NULL; |
b184e3ef | 86 | |
b1f1e7ae | 87 | static CRYPTO_ONCE base = CRYPTO_ONCE_STATIC_INIT; |
b184e3ef | 88 | static int base_inited = 0; |
c2e4e5d2 | 89 | DEFINE_RUN_ONCE_STATIC(ossl_init_base) |
b184e3ef | 90 | { |
80ae7285 AP |
91 | CRYPTO_THREAD_LOCAL key; |
92 | ||
b184e3ef MC |
93 | #ifdef OPENSSL_INIT_DEBUG |
94 | fprintf(stderr, "OPENSSL_INIT: ossl_init_base: Setting up stop handlers\n"); | |
f7edeced RS |
95 | #endif |
96 | #ifndef OPENSSL_NO_CRYPTO_MDEBUG | |
97 | ossl_malloc_setup_failures(); | |
b184e3ef | 98 | #endif |
80ae7285 | 99 | if (!CRYPTO_THREAD_init_local(&key, ossl_init_thread_destructor)) |
eb2b9892 BE |
100 | return 0; |
101 | if ((init_lock = CRYPTO_THREAD_lock_new()) == NULL) | |
102 | goto err; | |
b184e3ef | 103 | OPENSSL_cpuid_setup(); |
8aa9cf7e | 104 | |
0b1319ba | 105 | destructor_key.value = key; |
b184e3ef | 106 | base_inited = 1; |
eb2b9892 BE |
107 | return 1; |
108 | ||
109 | err: | |
110 | #ifdef OPENSSL_INIT_DEBUG | |
111 | fprintf(stderr, "OPENSSL_INIT: ossl_init_base not ok!\n"); | |
112 | #endif | |
113 | CRYPTO_THREAD_lock_free(init_lock); | |
114 | init_lock = NULL; | |
5836780f | 115 | |
80ae7285 | 116 | CRYPTO_THREAD_cleanup_local(&key); |
eb2b9892 BE |
117 | return 0; |
118 | } | |
119 | ||
8f6a5c56 | 120 | static CRYPTO_ONCE register_atexit = CRYPTO_ONCE_STATIC_INIT; |
de2debc5 MC |
121 | #if !defined(OPENSSL_SYS_UEFI) && defined(_WIN32) |
122 | static int win32atexit(void) | |
123 | { | |
124 | OPENSSL_cleanup(); | |
125 | return 0; | |
126 | } | |
127 | #endif | |
128 | ||
8f6a5c56 MC |
129 | DEFINE_RUN_ONCE_STATIC(ossl_init_register_atexit) |
130 | { | |
de2debc5 | 131 | #ifdef OPENSSL_INIT_DEBUG |
8f6a5c56 | 132 | fprintf(stderr, "OPENSSL_INIT: ossl_init_register_atexit()\n"); |
de2debc5 | 133 | #endif |
8f6a5c56 | 134 | #ifndef OPENSSL_SYS_UEFI |
de2debc5 MC |
135 | # ifdef _WIN32 |
136 | /* We use _onexit() in preference because it gets called on DLL unload */ | |
137 | if (_onexit(win32atexit) == NULL) | |
138 | return 0; | |
139 | # else | |
8f6a5c56 MC |
140 | if (atexit(OPENSSL_cleanup) != 0) |
141 | return 0; | |
de2debc5 | 142 | # endif |
8f6a5c56 MC |
143 | #endif |
144 | ||
145 | return 1; | |
146 | } | |
147 | ||
148 | DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_register_atexit, | |
149 | ossl_init_register_atexit) | |
150 | { | |
151 | #ifdef OPENSSL_INIT_DEBUG | |
152 | fprintf(stderr, "OPENSSL_INIT: ossl_init_no_register_atexit ok!\n"); | |
153 | #endif | |
154 | /* Do nothing in this case */ | |
155 | return 1; | |
156 | } | |
157 | ||
eb2b9892 BE |
158 | static CRYPTO_ONCE load_crypto_nodelete = CRYPTO_ONCE_STATIC_INIT; |
159 | DEFINE_RUN_ONCE_STATIC(ossl_init_load_crypto_nodelete) | |
160 | { | |
161 | #ifdef OPENSSL_INIT_DEBUG | |
162 | fprintf(stderr, "OPENSSL_INIT: ossl_init_load_crypto_nodelete()\n"); | |
163 | #endif | |
41999e7d MC |
164 | #if !defined(OPENSSL_NO_DSO) \ |
165 | && !defined(OPENSSL_USE_NODELETE) \ | |
166 | && !defined(OPENSSL_NO_PINSHARED) | |
2b59d1be MC |
167 | # ifdef DSO_WIN32 |
168 | { | |
169 | HMODULE handle = NULL; | |
170 | BOOL ret; | |
171 | ||
172 | /* We don't use the DSO route for WIN32 because there is a better way */ | |
173 | ret = GetModuleHandleEx(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS | |
174 | | GET_MODULE_HANDLE_EX_FLAG_PIN, | |
175 | (void *)&base_inited, &handle); | |
176 | ||
eb2b9892 BE |
177 | # ifdef OPENSSL_INIT_DEBUG |
178 | fprintf(stderr, "OPENSSL_INIT: obtained DSO reference? %s\n", | |
179 | (ret == TRUE ? "No!" : "Yes.")); | |
180 | # endif | |
2b59d1be MC |
181 | return (ret == TRUE) ? 1 : 0; |
182 | } | |
183 | # else | |
5836780f MC |
184 | /* |
185 | * Deliberately leak a reference to ourselves. This will force the library | |
689f112d | 186 | * to remain loaded until the atexit() handler is run at process exit. |
5836780f MC |
187 | */ |
188 | { | |
eb2b9892 BE |
189 | DSO *dso; |
190 | void *err; | |
191 | ||
192 | if (!err_shelve_state(&err)) | |
193 | return 0; | |
5836780f MC |
194 | |
195 | dso = DSO_dsobyaddr(&base_inited, DSO_FLAG_NO_UNLOAD_ON_FREE); | |
4af14b7b MK |
196 | # ifdef OPENSSL_INIT_DEBUG |
197 | fprintf(stderr, "OPENSSL_INIT: obtained DSO reference? %s\n", | |
198 | (dso == NULL ? "No!" : "Yes.")); | |
199 | /* | |
200 | * In case of No!, it is uncertain our exit()-handlers can still be | |
201 | * called. After dlclose() the whole library might have been unloaded | |
202 | * already. | |
203 | */ | |
204 | # endif | |
5836780f | 205 | DSO_free(dso); |
eb2b9892 | 206 | err_unshelve_state(err); |
5836780f | 207 | } |
2b59d1be | 208 | # endif |
b6d5ba1a | 209 | #endif |
5836780f | 210 | |
c2e4e5d2 | 211 | return 1; |
b184e3ef MC |
212 | } |
213 | ||
b1f1e7ae | 214 | static CRYPTO_ONCE load_crypto_strings = CRYPTO_ONCE_STATIC_INIT; |
b184e3ef | 215 | static int load_crypto_strings_inited = 0; |
c2e4e5d2 | 216 | DEFINE_RUN_ONCE_STATIC(ossl_init_load_crypto_strings) |
b184e3ef | 217 | { |
69588edb | 218 | int ret = 1; |
498abff0 MC |
219 | /* |
220 | * OPENSSL_NO_AUTOERRINIT is provided here to prevent at compile time | |
221 | * pulling in all the error strings during static linking | |
222 | */ | |
223 | #if !defined(OPENSSL_NO_ERR) && !defined(OPENSSL_NO_AUTOERRINIT) | |
b184e3ef MC |
224 | # ifdef OPENSSL_INIT_DEBUG |
225 | fprintf(stderr, "OPENSSL_INIT: ossl_init_load_crypto_strings: " | |
b3599dbb | 226 | "err_load_crypto_strings_int()\n"); |
b184e3ef | 227 | # endif |
69588edb | 228 | ret = err_load_crypto_strings_int(); |
b184e3ef | 229 | load_crypto_strings_inited = 1; |
bd91e3c8 | 230 | #endif |
69588edb | 231 | return ret; |
b184e3ef MC |
232 | } |
233 | ||
660a1e04 MC |
234 | DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_load_crypto_strings, |
235 | ossl_init_load_crypto_strings) | |
236 | { | |
237 | /* Do nothing in this case */ | |
238 | return 1; | |
239 | } | |
240 | ||
b1f1e7ae | 241 | static CRYPTO_ONCE add_all_ciphers = CRYPTO_ONCE_STATIC_INIT; |
c2e4e5d2 | 242 | DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_ciphers) |
b184e3ef MC |
243 | { |
244 | /* | |
245 | * OPENSSL_NO_AUTOALGINIT is provided here to prevent at compile time | |
246 | * pulling in all the ciphers during static linking | |
247 | */ | |
248 | #ifndef OPENSSL_NO_AUTOALGINIT | |
249 | # ifdef OPENSSL_INIT_DEBUG | |
250 | fprintf(stderr, "OPENSSL_INIT: ossl_init_add_all_ciphers: " | |
b3599dbb | 251 | "openssl_add_all_ciphers_int()\n"); |
b184e3ef | 252 | # endif |
b3599dbb | 253 | openssl_add_all_ciphers_int(); |
b184e3ef | 254 | #endif |
c2e4e5d2 | 255 | return 1; |
b184e3ef MC |
256 | } |
257 | ||
660a1e04 MC |
258 | DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_add_all_ciphers, |
259 | ossl_init_add_all_ciphers) | |
260 | { | |
261 | /* Do nothing */ | |
262 | return 1; | |
263 | } | |
264 | ||
b1f1e7ae | 265 | static CRYPTO_ONCE add_all_digests = CRYPTO_ONCE_STATIC_INIT; |
c2e4e5d2 | 266 | DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_digests) |
b184e3ef MC |
267 | { |
268 | /* | |
269 | * OPENSSL_NO_AUTOALGINIT is provided here to prevent at compile time | |
270 | * pulling in all the ciphers during static linking | |
271 | */ | |
272 | #ifndef OPENSSL_NO_AUTOALGINIT | |
273 | # ifdef OPENSSL_INIT_DEBUG | |
274 | fprintf(stderr, "OPENSSL_INIT: ossl_init_add_all_digests: " | |
b3599dbb | 275 | "openssl_add_all_digests()\n"); |
b184e3ef | 276 | # endif |
b3599dbb | 277 | openssl_add_all_digests_int(); |
b184e3ef | 278 | #endif |
c2e4e5d2 | 279 | return 1; |
b184e3ef MC |
280 | } |
281 | ||
660a1e04 MC |
282 | DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_add_all_digests, |
283 | ossl_init_add_all_digests) | |
284 | { | |
285 | /* Do nothing */ | |
286 | return 1; | |
287 | } | |
288 | ||
0145dd32 RL |
289 | static CRYPTO_ONCE add_all_macs = CRYPTO_ONCE_STATIC_INIT; |
290 | DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_macs) | |
291 | { | |
292 | /* | |
293 | * OPENSSL_NO_AUTOALGINIT is provided here to prevent at compile time | |
294 | * pulling in all the macs during static linking | |
295 | */ | |
296 | #ifndef OPENSSL_NO_AUTOALGINIT | |
297 | # ifdef OPENSSL_INIT_DEBUG | |
298 | fprintf(stderr, "OPENSSL_INIT: ossl_init_add_all_macs: " | |
299 | "openssl_add_all_macs_int()\n"); | |
300 | # endif | |
301 | openssl_add_all_macs_int(); | |
302 | #endif | |
303 | return 1; | |
304 | } | |
305 | ||
660a1e04 | 306 | DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_add_all_macs, ossl_init_add_all_macs) |
b184e3ef MC |
307 | { |
308 | /* Do nothing */ | |
c2e4e5d2 | 309 | return 1; |
b184e3ef MC |
310 | } |
311 | ||
b1f1e7ae | 312 | static CRYPTO_ONCE config = CRYPTO_ONCE_STATIC_INIT; |
b184e3ef | 313 | static int config_inited = 0; |
cda3ae5b | 314 | static const char *appname; |
c2e4e5d2 | 315 | DEFINE_RUN_ONCE_STATIC(ossl_init_config) |
b184e3ef MC |
316 | { |
317 | #ifdef OPENSSL_INIT_DEBUG | |
318 | fprintf(stderr, | |
b3599dbb | 319 | "OPENSSL_INIT: ossl_init_config: openssl_config(%s)\n", |
cda3ae5b | 320 | appname == NULL ? "NULL" : appname); |
b184e3ef | 321 | #endif |
cda3ae5b | 322 | openssl_config_int(appname); |
b184e3ef | 323 | config_inited = 1; |
c2e4e5d2 | 324 | return 1; |
b184e3ef | 325 | } |
660a1e04 | 326 | DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_config, ossl_init_config) |
b184e3ef MC |
327 | { |
328 | #ifdef OPENSSL_INIT_DEBUG | |
329 | fprintf(stderr, | |
b3599dbb | 330 | "OPENSSL_INIT: ossl_init_config: openssl_no_config_int()\n"); |
b184e3ef | 331 | #endif |
b3599dbb | 332 | openssl_no_config_int(); |
b184e3ef | 333 | config_inited = 1; |
c2e4e5d2 | 334 | return 1; |
b184e3ef MC |
335 | } |
336 | ||
b1f1e7ae | 337 | static CRYPTO_ONCE async = CRYPTO_ONCE_STATIC_INIT; |
b184e3ef | 338 | static int async_inited = 0; |
c2e4e5d2 | 339 | DEFINE_RUN_ONCE_STATIC(ossl_init_async) |
b184e3ef MC |
340 | { |
341 | #ifdef OPENSSL_INIT_DEBUG | |
342 | fprintf(stderr, "OPENSSL_INIT: ossl_init_async: async_init()\n"); | |
343 | #endif | |
c2e4e5d2 RL |
344 | if (!async_init()) |
345 | return 0; | |
b184e3ef | 346 | async_inited = 1; |
c2e4e5d2 | 347 | return 1; |
b184e3ef MC |
348 | } |
349 | ||
350 | #ifndef OPENSSL_NO_ENGINE | |
b1f1e7ae | 351 | static CRYPTO_ONCE engine_openssl = CRYPTO_ONCE_STATIC_INIT; |
c2e4e5d2 | 352 | DEFINE_RUN_ONCE_STATIC(ossl_init_engine_openssl) |
b184e3ef MC |
353 | { |
354 | # ifdef OPENSSL_INIT_DEBUG | |
355 | fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_openssl: " | |
b3599dbb | 356 | "engine_load_openssl_int()\n"); |
b184e3ef | 357 | # endif |
b3599dbb | 358 | engine_load_openssl_int(); |
c2e4e5d2 | 359 | return 1; |
b184e3ef | 360 | } |
619eb33a RL |
361 | # ifndef OPENSSL_NO_DEVCRYPTOENG |
362 | static CRYPTO_ONCE engine_devcrypto = CRYPTO_ONCE_STATIC_INIT; | |
363 | DEFINE_RUN_ONCE_STATIC(ossl_init_engine_devcrypto) | |
364 | { | |
365 | # ifdef OPENSSL_INIT_DEBUG | |
366 | fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_devcrypto: " | |
367 | "engine_load_devcrypto_int()\n"); | |
368 | # endif | |
369 | engine_load_devcrypto_int(); | |
370 | return 1; | |
371 | } | |
372 | # endif | |
b184e3ef MC |
373 | |
374 | # ifndef OPENSSL_NO_RDRAND | |
b1f1e7ae | 375 | static CRYPTO_ONCE engine_rdrand = CRYPTO_ONCE_STATIC_INIT; |
c2e4e5d2 | 376 | DEFINE_RUN_ONCE_STATIC(ossl_init_engine_rdrand) |
b184e3ef MC |
377 | { |
378 | # ifdef OPENSSL_INIT_DEBUG | |
379 | fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_rdrand: " | |
b3599dbb | 380 | "engine_load_rdrand_int()\n"); |
b184e3ef | 381 | # endif |
b3599dbb | 382 | engine_load_rdrand_int(); |
c2e4e5d2 | 383 | return 1; |
b184e3ef MC |
384 | } |
385 | # endif | |
b1f1e7ae | 386 | static CRYPTO_ONCE engine_dynamic = CRYPTO_ONCE_STATIC_INIT; |
c2e4e5d2 | 387 | DEFINE_RUN_ONCE_STATIC(ossl_init_engine_dynamic) |
b184e3ef MC |
388 | { |
389 | # ifdef OPENSSL_INIT_DEBUG | |
390 | fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_dynamic: " | |
b3599dbb | 391 | "engine_load_dynamic_int()\n"); |
b184e3ef | 392 | # endif |
b3599dbb | 393 | engine_load_dynamic_int(); |
c2e4e5d2 | 394 | return 1; |
b184e3ef MC |
395 | } |
396 | # ifndef OPENSSL_NO_STATIC_ENGINE | |
397 | # if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_PADLOCK) | |
b1f1e7ae | 398 | static CRYPTO_ONCE engine_padlock = CRYPTO_ONCE_STATIC_INIT; |
c2e4e5d2 | 399 | DEFINE_RUN_ONCE_STATIC(ossl_init_engine_padlock) |
b184e3ef MC |
400 | { |
401 | # ifdef OPENSSL_INIT_DEBUG | |
402 | fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_padlock: " | |
b3599dbb | 403 | "engine_load_padlock_int()\n"); |
b184e3ef | 404 | # endif |
b3599dbb | 405 | engine_load_padlock_int(); |
c2e4e5d2 | 406 | return 1; |
b184e3ef MC |
407 | } |
408 | # endif | |
409 | # if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG) | |
b1f1e7ae | 410 | static CRYPTO_ONCE engine_capi = CRYPTO_ONCE_STATIC_INIT; |
c2e4e5d2 | 411 | DEFINE_RUN_ONCE_STATIC(ossl_init_engine_capi) |
b184e3ef MC |
412 | { |
413 | # ifdef OPENSSL_INIT_DEBUG | |
414 | fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_capi: " | |
b3599dbb | 415 | "engine_load_capi_int()\n"); |
b184e3ef | 416 | # endif |
b3599dbb | 417 | engine_load_capi_int(); |
c2e4e5d2 | 418 | return 1; |
b184e3ef MC |
419 | } |
420 | # endif | |
6cba4a66 | 421 | # if !defined(OPENSSL_NO_AFALGENG) |
a4d8bcf1 | 422 | static CRYPTO_ONCE engine_afalg = CRYPTO_ONCE_STATIC_INIT; |
c2e4e5d2 | 423 | DEFINE_RUN_ONCE_STATIC(ossl_init_engine_afalg) |
6cba4a66 | 424 | { |
425 | # ifdef OPENSSL_INIT_DEBUG | |
426 | fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_afalg: " | |
b3599dbb | 427 | "engine_load_afalg_int()\n"); |
6cba4a66 | 428 | # endif |
b3599dbb | 429 | engine_load_afalg_int(); |
c2e4e5d2 | 430 | return 1; |
6cba4a66 | 431 | } |
432 | # endif | |
b184e3ef MC |
433 | # endif |
434 | #endif | |
435 | ||
e4ad0763 | 436 | #ifndef OPENSSL_NO_COMP |
b1f1e7ae | 437 | static CRYPTO_ONCE zlib = CRYPTO_ONCE_STATIC_INIT; |
e4ad0763 | 438 | |
b184e3ef | 439 | static int zlib_inited = 0; |
c2e4e5d2 | 440 | DEFINE_RUN_ONCE_STATIC(ossl_init_zlib) |
b184e3ef MC |
441 | { |
442 | /* Do nothing - we need to know about this for the later cleanup */ | |
443 | zlib_inited = 1; | |
c2e4e5d2 | 444 | return 1; |
b184e3ef | 445 | } |
e4ad0763 | 446 | #endif |
b184e3ef | 447 | |
71567a6f | 448 | static void ossl_init_thread_stop(struct thread_local_inits_st *locals) |
b184e3ef MC |
449 | { |
450 | /* Can't do much about this */ | |
451 | if (locals == NULL) | |
452 | return; | |
453 | ||
454 | if (locals->async) { | |
455 | #ifdef OPENSSL_INIT_DEBUG | |
456 | fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_stop: " | |
74a8acbd | 457 | "async_delete_thread_state()\n"); |
b184e3ef | 458 | #endif |
74a8acbd | 459 | async_delete_thread_state(); |
b184e3ef MC |
460 | } |
461 | ||
462 | if (locals->err_state) { | |
463 | #ifdef OPENSSL_INIT_DEBUG | |
464 | fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_stop: " | |
21e00174 | 465 | "err_delete_thread_state()\n"); |
b184e3ef | 466 | #endif |
21e00174 | 467 | err_delete_thread_state(); |
b184e3ef MC |
468 | } |
469 | ||
7caf122e KR |
470 | if (locals->rand) { |
471 | #ifdef OPENSSL_INIT_DEBUG | |
472 | fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_stop: " | |
473 | "drbg_delete_thread_state()\n"); | |
474 | #endif | |
475 | drbg_delete_thread_state(); | |
476 | } | |
477 | ||
b184e3ef | 478 | OPENSSL_free(locals); |
b184e3ef MC |
479 | } |
480 | ||
f672aee4 | 481 | void OPENSSL_thread_stop(void) |
71567a6f | 482 | { |
0b1319ba | 483 | if (destructor_key.sane != -1) |
80ae7285 | 484 | ossl_init_thread_stop(ossl_init_get_thread_local(0)); |
71567a6f MC |
485 | } |
486 | ||
b184e3ef MC |
487 | int ossl_init_thread_start(uint64_t opts) |
488 | { | |
3ac6d5ee BE |
489 | struct thread_local_inits_st *locals; |
490 | ||
491 | if (!OPENSSL_init_crypto(0, NULL)) | |
492 | return 0; | |
493 | ||
494 | locals = ossl_init_get_thread_local(1); | |
b184e3ef MC |
495 | |
496 | if (locals == NULL) | |
497 | return 0; | |
498 | ||
499 | if (opts & OPENSSL_INIT_THREAD_ASYNC) { | |
500 | #ifdef OPENSSL_INIT_DEBUG | |
501 | fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_start: " | |
502 | "marking thread for async\n"); | |
503 | #endif | |
504 | locals->async = 1; | |
505 | } | |
506 | ||
507 | if (opts & OPENSSL_INIT_THREAD_ERR_STATE) { | |
508 | #ifdef OPENSSL_INIT_DEBUG | |
509 | fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_start: " | |
510 | "marking thread for err_state\n"); | |
511 | #endif | |
512 | locals->err_state = 1; | |
513 | } | |
514 | ||
7caf122e KR |
515 | if (opts & OPENSSL_INIT_THREAD_RAND) { |
516 | #ifdef OPENSSL_INIT_DEBUG | |
517 | fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_start: " | |
518 | "marking thread for rand\n"); | |
519 | #endif | |
520 | locals->rand = 1; | |
521 | } | |
522 | ||
b184e3ef MC |
523 | return 1; |
524 | } | |
525 | ||
f672aee4 | 526 | void OPENSSL_cleanup(void) |
b184e3ef MC |
527 | { |
528 | OPENSSL_INIT_STOP *currhandler, *lasthandler; | |
80ae7285 | 529 | CRYPTO_THREAD_LOCAL key; |
b184e3ef | 530 | |
deca5df2 MC |
531 | /* If we've not been inited then no need to deinit */ |
532 | if (!base_inited) | |
533 | return; | |
534 | ||
dd27f16e RS |
535 | /* Might be explicitly called and also by atexit */ |
536 | if (stopped) | |
537 | return; | |
538 | stopped = 1; | |
539 | ||
b184e3ef MC |
540 | /* |
541 | * Thread stop may not get automatically called by the thread library for | |
542 | * the very last thread in some situations, so call it directly. | |
543 | */ | |
544 | ossl_init_thread_stop(ossl_init_get_thread_local(0)); | |
545 | ||
546 | currhandler = stop_handlers; | |
547 | while (currhandler != NULL) { | |
548 | currhandler->handler(); | |
549 | lasthandler = currhandler; | |
550 | currhandler = currhandler->next; | |
551 | OPENSSL_free(lasthandler); | |
552 | } | |
553 | stop_handlers = NULL; | |
c292b105 MC |
554 | |
555 | CRYPTO_THREAD_lock_free(init_lock); | |
adeb4bc7 | 556 | init_lock = NULL; |
c292b105 | 557 | |
b184e3ef MC |
558 | /* |
559 | * We assume we are single-threaded for this function, i.e. no race | |
560 | * conditions for the various "*_inited" vars below. | |
561 | */ | |
562 | ||
e4ad0763 | 563 | #ifndef OPENSSL_NO_COMP |
b184e3ef MC |
564 | if (zlib_inited) { |
565 | #ifdef OPENSSL_INIT_DEBUG | |
f672aee4 | 566 | fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " |
b3599dbb | 567 | "comp_zlib_cleanup_int()\n"); |
b184e3ef | 568 | #endif |
b3599dbb | 569 | comp_zlib_cleanup_int(); |
b184e3ef | 570 | } |
e4ad0763 | 571 | #endif |
b184e3ef | 572 | |
ed49f43a MC |
573 | if (async_inited) { |
574 | # ifdef OPENSSL_INIT_DEBUG | |
575 | fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " | |
576 | "async_deinit()\n"); | |
577 | # endif | |
578 | async_deinit(); | |
579 | } | |
ed49f43a | 580 | |
b184e3ef MC |
581 | if (load_crypto_strings_inited) { |
582 | #ifdef OPENSSL_INIT_DEBUG | |
f672aee4 | 583 | fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " |
b3599dbb | 584 | "err_free_strings_int()\n"); |
b184e3ef | 585 | #endif |
b3599dbb | 586 | err_free_strings_int(); |
b184e3ef MC |
587 | } |
588 | ||
0b1319ba AP |
589 | key = destructor_key.value; |
590 | destructor_key.sane = -1; | |
80ae7285 | 591 | CRYPTO_THREAD_cleanup_local(&key); |
6bc7bad0 | 592 | |
b184e3ef | 593 | #ifdef OPENSSL_INIT_DEBUG |
58a8fc25 | 594 | fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " |
b3599dbb | 595 | "rand_cleanup_int()\n"); |
58a8fc25 | 596 | fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " |
b3599dbb | 597 | "conf_modules_free_int()\n"); |
9749a07a | 598 | #ifndef OPENSSL_NO_ENGINE |
ae6412f3 | 599 | fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " |
b3599dbb | 600 | "engine_cleanup_int()\n"); |
9749a07a | 601 | #endif |
58a8fc25 | 602 | fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " |
b3599dbb | 603 | "crypto_cleanup_all_ex_data_int()\n"); |
58a8fc25 | 604 | fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " |
b3599dbb | 605 | "bio_sock_cleanup_int()\n"); |
ff234405 MC |
606 | fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " |
607 | "bio_cleanup()\n"); | |
58a8fc25 | 608 | fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " |
b3599dbb | 609 | "evp_cleanup_int()\n"); |
58a8fc25 | 610 | fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " |
b3599dbb | 611 | "obj_cleanup_int()\n"); |
ff234405 MC |
612 | fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " |
613 | "err_cleanup()\n"); | |
9749a07a | 614 | #endif |
58a8fc25 MC |
615 | /* |
616 | * Note that cleanup order is important: | |
a535fe12 | 617 | * - rand_cleanup_int could call an ENGINE's RAND cleanup function so |
b3599dbb | 618 | * must be called before engine_cleanup_int() |
58a8fc25 MC |
619 | * - ENGINEs use CRYPTO_EX_DATA and therefore, must be cleaned up |
620 | * before the ex data handlers are wiped in CRYPTO_cleanup_all_ex_data(). | |
b3599dbb MC |
621 | * - conf_modules_free_int() can end up in ENGINE code so must be called |
622 | * before engine_cleanup_int() | |
a535fe12 DSH |
623 | * - ENGINEs and additional EVP algorithms might use added OIDs names so |
624 | * obj_cleanup_int() must be called last | |
58a8fc25 | 625 | */ |
b3599dbb | 626 | rand_cleanup_int(); |
c16de9d8 | 627 | rand_drbg_cleanup_int(); |
b3599dbb | 628 | conf_modules_free_int(); |
773fd0ba | 629 | #ifndef OPENSSL_NO_ENGINE |
b3599dbb | 630 | engine_cleanup_int(); |
773fd0ba | 631 | #endif |
71a5516d | 632 | ossl_store_cleanup_int(); |
b3599dbb | 633 | crypto_cleanup_all_ex_data_int(); |
ff234405 | 634 | bio_cleanup(); |
b3599dbb MC |
635 | evp_cleanup_int(); |
636 | obj_cleanup_int(); | |
ff234405 MC |
637 | err_cleanup(); |
638 | ||
d7c402c4 DMSP |
639 | CRYPTO_secure_malloc_done(); |
640 | ||
deca5df2 | 641 | base_inited = 0; |
b184e3ef MC |
642 | } |
643 | ||
b184e3ef MC |
644 | /* |
645 | * If this function is called with a non NULL settings value then it must be | |
646 | * called prior to any threads making calls to any OpenSSL functions, | |
647 | * i.e. passing a non-null settings value is assumed to be single-threaded. | |
648 | */ | |
0fc32b07 | 649 | int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings) |
b184e3ef | 650 | { |
302f7588 | 651 | if (stopped) { |
eb2b9892 BE |
652 | if (!(opts & OPENSSL_INIT_BASE_ONLY)) |
653 | CRYPTOerr(CRYPTO_F_OPENSSL_INIT_CRYPTO, ERR_R_INIT_FAIL); | |
0fc32b07 | 654 | return 0; |
302f7588 | 655 | } |
dd27f16e | 656 | |
eb2b9892 BE |
657 | if (!RUN_ONCE(&base, ossl_init_base)) |
658 | return 0; | |
659 | ||
8f6a5c56 MC |
660 | if ((opts & OPENSSL_INIT_NO_ATEXIT) != 0) { |
661 | if (!RUN_ONCE_ALT(®ister_atexit, ossl_init_no_register_atexit, | |
662 | ossl_init_register_atexit)) | |
663 | return 0; | |
664 | } else if (!RUN_ONCE(®ister_atexit, ossl_init_register_atexit)) { | |
665 | return 0; | |
666 | } | |
667 | ||
eb2b9892 BE |
668 | if (!(opts & OPENSSL_INIT_BASE_ONLY) |
669 | && !RUN_ONCE(&load_crypto_nodelete, | |
670 | ossl_init_load_crypto_nodelete)) | |
b1f1e7ae | 671 | return 0; |
b184e3ef | 672 | |
b1f1e7ae | 673 | if ((opts & OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS) |
660a1e04 MC |
674 | && !RUN_ONCE_ALT(&load_crypto_strings, |
675 | ossl_init_no_load_crypto_strings, | |
676 | ossl_init_load_crypto_strings)) | |
b1f1e7ae | 677 | return 0; |
b184e3ef | 678 | |
b1f1e7ae | 679 | if ((opts & OPENSSL_INIT_LOAD_CRYPTO_STRINGS) |
c2e4e5d2 | 680 | && !RUN_ONCE(&load_crypto_strings, ossl_init_load_crypto_strings)) |
b1f1e7ae | 681 | return 0; |
b184e3ef | 682 | |
b1f1e7ae | 683 | if ((opts & OPENSSL_INIT_NO_ADD_ALL_CIPHERS) |
660a1e04 MC |
684 | && !RUN_ONCE_ALT(&add_all_ciphers, ossl_init_no_add_all_ciphers, |
685 | ossl_init_add_all_ciphers)) | |
b1f1e7ae | 686 | return 0; |
b184e3ef | 687 | |
b1f1e7ae | 688 | if ((opts & OPENSSL_INIT_ADD_ALL_CIPHERS) |
c2e4e5d2 | 689 | && !RUN_ONCE(&add_all_ciphers, ossl_init_add_all_ciphers)) |
b1f1e7ae | 690 | return 0; |
b184e3ef | 691 | |
b1f1e7ae | 692 | if ((opts & OPENSSL_INIT_NO_ADD_ALL_DIGESTS) |
660a1e04 MC |
693 | && !RUN_ONCE_ALT(&add_all_digests, ossl_init_no_add_all_digests, |
694 | ossl_init_add_all_digests)) | |
b1f1e7ae | 695 | return 0; |
b184e3ef | 696 | |
b1f1e7ae | 697 | if ((opts & OPENSSL_INIT_ADD_ALL_DIGESTS) |
c2e4e5d2 | 698 | && !RUN_ONCE(&add_all_digests, ossl_init_add_all_digests)) |
b1f1e7ae | 699 | return 0; |
b184e3ef | 700 | |
0145dd32 | 701 | if ((opts & OPENSSL_INIT_NO_ADD_ALL_MACS) |
660a1e04 MC |
702 | && !RUN_ONCE_ALT(&add_all_macs, ossl_init_no_add_all_macs, |
703 | ossl_init_add_all_macs)) | |
0145dd32 RL |
704 | return 0; |
705 | ||
706 | if ((opts & OPENSSL_INIT_ADD_ALL_MACS) | |
707 | && !RUN_ONCE(&add_all_macs, ossl_init_add_all_macs)) | |
708 | return 0; | |
709 | ||
b5319bdb | 710 | if ((opts & OPENSSL_INIT_ATFORK) |
2915fe19 RS |
711 | && !openssl_init_fork_handlers()) |
712 | return 0; | |
713 | ||
b1f1e7ae | 714 | if ((opts & OPENSSL_INIT_NO_LOAD_CONFIG) |
660a1e04 | 715 | && !RUN_ONCE_ALT(&config, ossl_init_no_config, ossl_init_config)) |
b1f1e7ae | 716 | return 0; |
b184e3ef MC |
717 | |
718 | if (opts & OPENSSL_INIT_LOAD_CONFIG) { | |
b1f1e7ae | 719 | int ret; |
c292b105 | 720 | CRYPTO_THREAD_write_lock(init_lock); |
cda3ae5b | 721 | appname = (settings == NULL) ? NULL : settings->appname; |
c2e4e5d2 | 722 | ret = RUN_ONCE(&config, ossl_init_config); |
c292b105 | 723 | CRYPTO_THREAD_unlock(init_lock); |
b1f1e7ae MC |
724 | if (!ret) |
725 | return 0; | |
b184e3ef MC |
726 | } |
727 | ||
b1f1e7ae | 728 | if ((opts & OPENSSL_INIT_ASYNC) |
c2e4e5d2 | 729 | && !RUN_ONCE(&async, ossl_init_async)) |
b1f1e7ae | 730 | return 0; |
7626fbf2 | 731 | |
b184e3ef | 732 | #ifndef OPENSSL_NO_ENGINE |
b1f1e7ae | 733 | if ((opts & OPENSSL_INIT_ENGINE_OPENSSL) |
c2e4e5d2 | 734 | && !RUN_ONCE(&engine_openssl, ossl_init_engine_openssl)) |
b1f1e7ae | 735 | return 0; |
619eb33a RL |
736 | # if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_DEVCRYPTOENG) |
737 | if ((opts & OPENSSL_INIT_ENGINE_CRYPTODEV) | |
738 | && !RUN_ONCE(&engine_devcrypto, ossl_init_engine_devcrypto)) | |
739 | return 0; | |
740 | # endif | |
b184e3ef | 741 | # ifndef OPENSSL_NO_RDRAND |
b1f1e7ae | 742 | if ((opts & OPENSSL_INIT_ENGINE_RDRAND) |
c2e4e5d2 | 743 | && !RUN_ONCE(&engine_rdrand, ossl_init_engine_rdrand)) |
b1f1e7ae | 744 | return 0; |
b184e3ef | 745 | # endif |
b1f1e7ae | 746 | if ((opts & OPENSSL_INIT_ENGINE_DYNAMIC) |
c2e4e5d2 | 747 | && !RUN_ONCE(&engine_dynamic, ossl_init_engine_dynamic)) |
b1f1e7ae | 748 | return 0; |
b184e3ef MC |
749 | # ifndef OPENSSL_NO_STATIC_ENGINE |
750 | # if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_PADLOCK) | |
b1f1e7ae | 751 | if ((opts & OPENSSL_INIT_ENGINE_PADLOCK) |
c2e4e5d2 | 752 | && !RUN_ONCE(&engine_padlock, ossl_init_engine_padlock)) |
b1f1e7ae | 753 | return 0; |
b184e3ef MC |
754 | # endif |
755 | # if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG) | |
b1f1e7ae | 756 | if ((opts & OPENSSL_INIT_ENGINE_CAPI) |
c2e4e5d2 | 757 | && !RUN_ONCE(&engine_capi, ossl_init_engine_capi)) |
b1f1e7ae | 758 | return 0; |
b184e3ef | 759 | # endif |
6cba4a66 | 760 | # if !defined(OPENSSL_NO_AFALGENG) |
b1f1e7ae | 761 | if ((opts & OPENSSL_INIT_ENGINE_AFALG) |
c2e4e5d2 | 762 | && !RUN_ONCE(&engine_afalg, ossl_init_engine_afalg)) |
b1f1e7ae | 763 | return 0; |
6cba4a66 | 764 | # endif |
b184e3ef MC |
765 | # endif |
766 | if (opts & (OPENSSL_INIT_ENGINE_ALL_BUILTIN | |
8d00e30f | 767 | | OPENSSL_INIT_ENGINE_OPENSSL |
6cba4a66 | 768 | | OPENSSL_INIT_ENGINE_AFALG)) { |
b184e3ef MC |
769 | ENGINE_register_all_complete(); |
770 | } | |
771 | #endif | |
772 | ||
e4ad0763 | 773 | #ifndef OPENSSL_NO_COMP |
b1f1e7ae | 774 | if ((opts & OPENSSL_INIT_ZLIB) |
c2e4e5d2 | 775 | && !RUN_ONCE(&zlib, ossl_init_zlib)) |
b1f1e7ae | 776 | return 0; |
e4ad0763 | 777 | #endif |
0fc32b07 MC |
778 | |
779 | return 1; | |
b184e3ef MC |
780 | } |
781 | ||
f672aee4 | 782 | int OPENSSL_atexit(void (*handler)(void)) |
b184e3ef MC |
783 | { |
784 | OPENSSL_INIT_STOP *newhand; | |
785 | ||
41999e7d MC |
786 | #if !defined(OPENSSL_NO_DSO) \ |
787 | && !defined(OPENSSL_USE_NODELETE)\ | |
788 | && !defined(OPENSSL_NO_PINSHARED) | |
5836780f | 789 | { |
5836780f MC |
790 | union { |
791 | void *sym; | |
792 | void (*func)(void); | |
793 | } handlersym; | |
794 | ||
795 | handlersym.func = handler; | |
2b59d1be MC |
796 | # ifdef DSO_WIN32 |
797 | { | |
798 | HMODULE handle = NULL; | |
799 | BOOL ret; | |
5836780f | 800 | |
2b59d1be MC |
801 | /* |
802 | * We don't use the DSO route for WIN32 because there is a better | |
803 | * way | |
804 | */ | |
805 | ret = GetModuleHandleEx(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS | |
806 | | GET_MODULE_HANDLE_EX_FLAG_PIN, | |
807 | handlersym.sym, &handle); | |
808 | ||
809 | if (!ret) | |
810 | return 0; | |
811 | } | |
812 | # else | |
813 | /* | |
814 | * Deliberately leak a reference to the handler. This will force the | |
815 | * library/code containing the handler to remain loaded until we run the | |
816 | * atexit handler. If -znodelete has been used then this is | |
c9a41d7d | 817 | * unnecessary. |
2b59d1be MC |
818 | */ |
819 | { | |
820 | DSO *dso = NULL; | |
821 | ||
689f112d | 822 | ERR_set_mark(); |
2b59d1be | 823 | dso = DSO_dsobyaddr(handlersym.sym, DSO_FLAG_NO_UNLOAD_ON_FREE); |
4af14b7b MK |
824 | # ifdef OPENSSL_INIT_DEBUG |
825 | fprintf(stderr, | |
826 | "OPENSSL_INIT: OPENSSL_atexit: obtained DSO reference? %s\n", | |
827 | (dso == NULL ? "No!" : "Yes.")); | |
828 | /* See same code above in ossl_init_base() for an explanation. */ | |
829 | # endif | |
2b59d1be | 830 | DSO_free(dso); |
689f112d | 831 | ERR_pop_to_mark(); |
2b59d1be MC |
832 | } |
833 | # endif | |
5836780f | 834 | } |
b6d5ba1a | 835 | #endif |
5836780f | 836 | |
cdb10bae RS |
837 | if ((newhand = OPENSSL_malloc(sizeof(*newhand))) == NULL) { |
838 | CRYPTOerr(CRYPTO_F_OPENSSL_ATEXIT, ERR_R_MALLOC_FAILURE); | |
b184e3ef | 839 | return 0; |
cdb10bae | 840 | } |
b184e3ef MC |
841 | |
842 | newhand->handler = handler; | |
843 | newhand->next = stop_handlers; | |
844 | stop_handlers = newhand; | |
845 | ||
846 | return 1; | |
847 | } | |
2915fe19 | 848 | |
63ab5ea1 | 849 | #ifdef OPENSSL_SYS_UNIX |
2915fe19 RS |
850 | /* |
851 | * The following three functions are for OpenSSL developers. This is | |
852 | * where we set/reset state across fork (called via pthread_atfork when | |
853 | * it exists, or manually by the application when it doesn't). | |
854 | * | |
855 | * WARNING! If you put code in either OPENSSL_fork_parent or | |
856 | * OPENSSL_fork_child, you MUST MAKE SURE that they are async-signal- | |
857 | * safe. See this link, for example: | |
858 | * http://man7.org/linux/man-pages/man7/signal-safety.7.html | |
859 | */ | |
860 | ||
861 | void OPENSSL_fork_prepare(void) | |
862 | { | |
863 | } | |
864 | ||
865 | void OPENSSL_fork_parent(void) | |
866 | { | |
867 | } | |
868 | ||
869 | void OPENSSL_fork_child(void) | |
870 | { | |
a35f607c | 871 | rand_fork(); |
2915fe19 RS |
872 | } |
873 | #endif |