]>
Commit | Line | Data |
---|---|---|
1 | /* | |
2 | * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. | |
3 | * | |
4 | * Licensed under the Apache License 2.0 (the "License"). You may not use | |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8 | */ | |
9 | ||
10 | #include "e_os.h" | |
11 | #include "crypto/cryptlib.h" | |
12 | #include <openssl/err.h> | |
13 | #include "crypto/rand.h" | |
14 | #include "internal/bio.h" | |
15 | #include <openssl/evp.h> | |
16 | #include "crypto/evp.h" | |
17 | #include "internal/conf.h" | |
18 | #include "crypto/async.h" | |
19 | #include "crypto/engine.h" | |
20 | #include "internal/comp.h" | |
21 | #include "internal/err.h" | |
22 | #include "crypto/err.h" | |
23 | #include "crypto/objects.h" | |
24 | #include <stdlib.h> | |
25 | #include <assert.h> | |
26 | #include "internal/thread_once.h" | |
27 | #include "crypto/dso_conf.h" | |
28 | #include "internal/dso.h" | |
29 | #include "crypto/store.h" | |
30 | #include <openssl/cmp_util.h> /* for OSSL_CMP_log_close() */ | |
31 | #include <openssl/trace.h> | |
32 | ||
33 | static int stopped = 0; | |
34 | ||
35 | typedef struct ossl_init_stop_st OPENSSL_INIT_STOP; | |
36 | struct ossl_init_stop_st { | |
37 | void (*handler)(void); | |
38 | OPENSSL_INIT_STOP *next; | |
39 | }; | |
40 | ||
41 | static OPENSSL_INIT_STOP *stop_handlers = NULL; | |
42 | static CRYPTO_RWLOCK *init_lock = NULL; | |
43 | ||
44 | static CRYPTO_ONCE base = CRYPTO_ONCE_STATIC_INIT; | |
45 | static int base_inited = 0; | |
46 | DEFINE_RUN_ONCE_STATIC(ossl_init_base) | |
47 | { | |
48 | /* no need to init trace */ | |
49 | ||
50 | OSSL_TRACE(INIT, "ossl_init_base: setting up stop handlers\n"); | |
51 | #ifndef OPENSSL_NO_CRYPTO_MDEBUG | |
52 | ossl_malloc_setup_failures(); | |
53 | #endif | |
54 | ||
55 | if ((init_lock = CRYPTO_THREAD_lock_new()) == NULL) | |
56 | goto err; | |
57 | OPENSSL_cpuid_setup(); | |
58 | ||
59 | if (!ossl_init_thread()) | |
60 | return 0; | |
61 | ||
62 | base_inited = 1; | |
63 | return 1; | |
64 | ||
65 | err: | |
66 | OSSL_TRACE(INIT, "ossl_init_base failed!\n"); | |
67 | CRYPTO_THREAD_lock_free(init_lock); | |
68 | init_lock = NULL; | |
69 | ||
70 | return 0; | |
71 | } | |
72 | ||
73 | static CRYPTO_ONCE register_atexit = CRYPTO_ONCE_STATIC_INIT; | |
74 | #if !defined(OPENSSL_SYS_UEFI) && defined(_WIN32) | |
75 | static int win32atexit(void) | |
76 | { | |
77 | OPENSSL_cleanup(); | |
78 | return 0; | |
79 | } | |
80 | #endif | |
81 | ||
82 | DEFINE_RUN_ONCE_STATIC(ossl_init_register_atexit) | |
83 | { | |
84 | #ifdef OPENSSL_INIT_DEBUG | |
85 | fprintf(stderr, "OPENSSL_INIT: ossl_init_register_atexit()\n"); | |
86 | #endif | |
87 | #ifndef OPENSSL_SYS_UEFI | |
88 | # ifdef _WIN32 | |
89 | /* We use _onexit() in preference because it gets called on DLL unload */ | |
90 | if (_onexit(win32atexit) == NULL) | |
91 | return 0; | |
92 | # else | |
93 | if (atexit(OPENSSL_cleanup) != 0) | |
94 | return 0; | |
95 | # endif | |
96 | #endif | |
97 | ||
98 | return 1; | |
99 | } | |
100 | ||
101 | DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_register_atexit, | |
102 | ossl_init_register_atexit) | |
103 | { | |
104 | #ifdef OPENSSL_INIT_DEBUG | |
105 | fprintf(stderr, "OPENSSL_INIT: ossl_init_no_register_atexit ok!\n"); | |
106 | #endif | |
107 | /* Do nothing in this case */ | |
108 | return 1; | |
109 | } | |
110 | ||
111 | static CRYPTO_ONCE load_crypto_nodelete = CRYPTO_ONCE_STATIC_INIT; | |
112 | DEFINE_RUN_ONCE_STATIC(ossl_init_load_crypto_nodelete) | |
113 | { | |
114 | OSSL_TRACE(INIT, "ossl_init_load_crypto_nodelete()\n"); | |
115 | ||
116 | #if !defined(OPENSSL_USE_NODELETE) \ | |
117 | && !defined(OPENSSL_NO_PINSHARED) | |
118 | # if defined(DSO_WIN32) && !defined(_WIN32_WCE) | |
119 | { | |
120 | HMODULE handle = NULL; | |
121 | BOOL ret; | |
122 | ||
123 | /* We don't use the DSO route for WIN32 because there is a better way */ | |
124 | ret = GetModuleHandleEx(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS | |
125 | | GET_MODULE_HANDLE_EX_FLAG_PIN, | |
126 | (void *)&base_inited, &handle); | |
127 | ||
128 | OSSL_TRACE1(INIT, | |
129 | "ossl_init_load_crypto_nodelete: " | |
130 | "obtained DSO reference? %s\n", | |
131 | (ret == TRUE ? "No!" : "Yes.")); | |
132 | return (ret == TRUE) ? 1 : 0; | |
133 | } | |
134 | # elif !defined(DSO_NONE) | |
135 | /* | |
136 | * Deliberately leak a reference to ourselves. This will force the library | |
137 | * to remain loaded until the atexit() handler is run at process exit. | |
138 | */ | |
139 | { | |
140 | DSO *dso; | |
141 | void *err; | |
142 | ||
143 | if (!err_shelve_state(&err)) | |
144 | return 0; | |
145 | ||
146 | dso = DSO_dsobyaddr(&base_inited, DSO_FLAG_NO_UNLOAD_ON_FREE); | |
147 | /* | |
148 | * In case of No!, it is uncertain our exit()-handlers can still be | |
149 | * called. After dlclose() the whole library might have been unloaded | |
150 | * already. | |
151 | */ | |
152 | OSSL_TRACE1(INIT, "obtained DSO reference? %s\n", | |
153 | (dso == NULL ? "No!" : "Yes.")); | |
154 | DSO_free(dso); | |
155 | err_unshelve_state(err); | |
156 | } | |
157 | # endif | |
158 | #endif | |
159 | ||
160 | return 1; | |
161 | } | |
162 | ||
163 | static CRYPTO_ONCE load_crypto_strings = CRYPTO_ONCE_STATIC_INIT; | |
164 | static int load_crypto_strings_inited = 0; | |
165 | DEFINE_RUN_ONCE_STATIC(ossl_init_load_crypto_strings) | |
166 | { | |
167 | int ret = 1; | |
168 | /* | |
169 | * OPENSSL_NO_AUTOERRINIT is provided here to prevent at compile time | |
170 | * pulling in all the error strings during static linking | |
171 | */ | |
172 | #if !defined(OPENSSL_NO_ERR) && !defined(OPENSSL_NO_AUTOERRINIT) | |
173 | OSSL_TRACE(INIT, "err_load_crypto_strings_int()\n"); | |
174 | ret = err_load_crypto_strings_int(); | |
175 | load_crypto_strings_inited = 1; | |
176 | #endif | |
177 | return ret; | |
178 | } | |
179 | ||
180 | DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_load_crypto_strings, | |
181 | ossl_init_load_crypto_strings) | |
182 | { | |
183 | /* Do nothing in this case */ | |
184 | return 1; | |
185 | } | |
186 | ||
187 | static CRYPTO_ONCE add_all_ciphers = CRYPTO_ONCE_STATIC_INIT; | |
188 | DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_ciphers) | |
189 | { | |
190 | /* | |
191 | * OPENSSL_NO_AUTOALGINIT is provided here to prevent at compile time | |
192 | * pulling in all the ciphers during static linking | |
193 | */ | |
194 | #ifndef OPENSSL_NO_AUTOALGINIT | |
195 | OSSL_TRACE(INIT, "openssl_add_all_ciphers_int()\n"); | |
196 | openssl_add_all_ciphers_int(); | |
197 | #endif | |
198 | return 1; | |
199 | } | |
200 | ||
201 | DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_add_all_ciphers, | |
202 | ossl_init_add_all_ciphers) | |
203 | { | |
204 | /* Do nothing */ | |
205 | return 1; | |
206 | } | |
207 | ||
208 | static CRYPTO_ONCE add_all_digests = CRYPTO_ONCE_STATIC_INIT; | |
209 | DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_digests) | |
210 | { | |
211 | /* | |
212 | * OPENSSL_NO_AUTOALGINIT is provided here to prevent at compile time | |
213 | * pulling in all the ciphers during static linking | |
214 | */ | |
215 | #ifndef OPENSSL_NO_AUTOALGINIT | |
216 | OSSL_TRACE(INIT, "openssl_add_all_digests()\n"); | |
217 | openssl_add_all_digests_int(); | |
218 | #endif | |
219 | return 1; | |
220 | } | |
221 | ||
222 | DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_add_all_digests, | |
223 | ossl_init_add_all_digests) | |
224 | { | |
225 | /* Do nothing */ | |
226 | return 1; | |
227 | } | |
228 | ||
229 | static CRYPTO_ONCE config = CRYPTO_ONCE_STATIC_INIT; | |
230 | static int config_inited = 0; | |
231 | static const OPENSSL_INIT_SETTINGS *conf_settings = NULL; | |
232 | DEFINE_RUN_ONCE_STATIC(ossl_init_config) | |
233 | { | |
234 | int ret = openssl_config_int(conf_settings); | |
235 | config_inited = 1; | |
236 | return ret; | |
237 | } | |
238 | DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_config, ossl_init_config) | |
239 | { | |
240 | OSSL_TRACE(INIT, "openssl_no_config_int()\n"); | |
241 | openssl_no_config_int(); | |
242 | config_inited = 1; | |
243 | return 1; | |
244 | } | |
245 | ||
246 | static CRYPTO_ONCE async = CRYPTO_ONCE_STATIC_INIT; | |
247 | static int async_inited = 0; | |
248 | DEFINE_RUN_ONCE_STATIC(ossl_init_async) | |
249 | { | |
250 | OSSL_TRACE(INIT, "async_init()\n"); | |
251 | if (!async_init()) | |
252 | return 0; | |
253 | async_inited = 1; | |
254 | return 1; | |
255 | } | |
256 | ||
257 | #ifndef OPENSSL_NO_ENGINE | |
258 | static CRYPTO_ONCE engine_openssl = CRYPTO_ONCE_STATIC_INIT; | |
259 | DEFINE_RUN_ONCE_STATIC(ossl_init_engine_openssl) | |
260 | { | |
261 | OSSL_TRACE(INIT, "engine_load_openssl_int()\n"); | |
262 | engine_load_openssl_int(); | |
263 | return 1; | |
264 | } | |
265 | # ifndef OPENSSL_NO_RDRAND | |
266 | static CRYPTO_ONCE engine_rdrand = CRYPTO_ONCE_STATIC_INIT; | |
267 | DEFINE_RUN_ONCE_STATIC(ossl_init_engine_rdrand) | |
268 | { | |
269 | OSSL_TRACE(INIT, "engine_load_rdrand_int()\n"); | |
270 | engine_load_rdrand_int(); | |
271 | return 1; | |
272 | } | |
273 | # endif | |
274 | static CRYPTO_ONCE engine_dynamic = CRYPTO_ONCE_STATIC_INIT; | |
275 | DEFINE_RUN_ONCE_STATIC(ossl_init_engine_dynamic) | |
276 | { | |
277 | OSSL_TRACE(INIT, "engine_load_dynamic_int()\n"); | |
278 | engine_load_dynamic_int(); | |
279 | return 1; | |
280 | } | |
281 | # ifndef OPENSSL_NO_STATIC_ENGINE | |
282 | # ifndef OPENSSL_NO_DEVCRYPTOENG | |
283 | static CRYPTO_ONCE engine_devcrypto = CRYPTO_ONCE_STATIC_INIT; | |
284 | DEFINE_RUN_ONCE_STATIC(ossl_init_engine_devcrypto) | |
285 | { | |
286 | OSSL_TRACE(INIT, "engine_load_devcrypto_int()\n"); | |
287 | engine_load_devcrypto_int(); | |
288 | return 1; | |
289 | } | |
290 | # endif | |
291 | # if !defined(OPENSSL_NO_PADLOCKENG) | |
292 | static CRYPTO_ONCE engine_padlock = CRYPTO_ONCE_STATIC_INIT; | |
293 | DEFINE_RUN_ONCE_STATIC(ossl_init_engine_padlock) | |
294 | { | |
295 | OSSL_TRACE(INIT, "engine_load_padlock_int()\n"); | |
296 | engine_load_padlock_int(); | |
297 | return 1; | |
298 | } | |
299 | # endif | |
300 | # if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG) | |
301 | static CRYPTO_ONCE engine_capi = CRYPTO_ONCE_STATIC_INIT; | |
302 | DEFINE_RUN_ONCE_STATIC(ossl_init_engine_capi) | |
303 | { | |
304 | OSSL_TRACE(INIT, "engine_load_capi_int()\n"); | |
305 | engine_load_capi_int(); | |
306 | return 1; | |
307 | } | |
308 | # endif | |
309 | # if !defined(OPENSSL_NO_AFALGENG) | |
310 | static CRYPTO_ONCE engine_afalg = CRYPTO_ONCE_STATIC_INIT; | |
311 | DEFINE_RUN_ONCE_STATIC(ossl_init_engine_afalg) | |
312 | { | |
313 | OSSL_TRACE(INIT, "engine_load_afalg_int()\n"); | |
314 | engine_load_afalg_int(); | |
315 | return 1; | |
316 | } | |
317 | # endif | |
318 | # endif | |
319 | #endif | |
320 | ||
321 | #ifndef OPENSSL_NO_COMP | |
322 | static CRYPTO_ONCE zlib = CRYPTO_ONCE_STATIC_INIT; | |
323 | ||
324 | static int zlib_inited = 0; | |
325 | DEFINE_RUN_ONCE_STATIC(ossl_init_zlib) | |
326 | { | |
327 | /* Do nothing - we need to know about this for the later cleanup */ | |
328 | zlib_inited = 1; | |
329 | return 1; | |
330 | } | |
331 | #endif | |
332 | ||
333 | void OPENSSL_cleanup(void) | |
334 | { | |
335 | OPENSSL_INIT_STOP *currhandler, *lasthandler; | |
336 | ||
337 | /* | |
338 | * TODO(3.0): This function needs looking at with a view to moving most/all | |
339 | * of this into onfree handlers in OPENSSL_CTX. | |
340 | */ | |
341 | ||
342 | /* If we've not been inited then no need to deinit */ | |
343 | if (!base_inited) | |
344 | return; | |
345 | ||
346 | /* Might be explicitly called and also by atexit */ | |
347 | if (stopped) | |
348 | return; | |
349 | stopped = 1; | |
350 | ||
351 | /* | |
352 | * Thread stop may not get automatically called by the thread library for | |
353 | * the very last thread in some situations, so call it directly. | |
354 | */ | |
355 | OPENSSL_thread_stop(); | |
356 | ||
357 | currhandler = stop_handlers; | |
358 | while (currhandler != NULL) { | |
359 | currhandler->handler(); | |
360 | lasthandler = currhandler; | |
361 | currhandler = currhandler->next; | |
362 | OPENSSL_free(lasthandler); | |
363 | } | |
364 | stop_handlers = NULL; | |
365 | ||
366 | CRYPTO_THREAD_lock_free(init_lock); | |
367 | init_lock = NULL; | |
368 | ||
369 | /* | |
370 | * We assume we are single-threaded for this function, i.e. no race | |
371 | * conditions for the various "*_inited" vars below. | |
372 | */ | |
373 | ||
374 | #ifndef OPENSSL_NO_COMP | |
375 | if (zlib_inited) { | |
376 | OSSL_TRACE(INIT, "OPENSSL_cleanup: comp_zlib_cleanup_int()\n"); | |
377 | comp_zlib_cleanup_int(); | |
378 | } | |
379 | #endif | |
380 | ||
381 | if (async_inited) { | |
382 | OSSL_TRACE(INIT, "OPENSSL_cleanup: async_deinit()\n"); | |
383 | async_deinit(); | |
384 | } | |
385 | ||
386 | if (load_crypto_strings_inited) { | |
387 | OSSL_TRACE(INIT, "OPENSSL_cleanup: err_free_strings_int()\n"); | |
388 | err_free_strings_int(); | |
389 | } | |
390 | ||
391 | /* | |
392 | * Note that cleanup order is important: | |
393 | * - rand_cleanup_int could call an ENGINE's RAND cleanup function so | |
394 | * must be called before engine_cleanup_int() | |
395 | * - ENGINEs use CRYPTO_EX_DATA and therefore, must be cleaned up | |
396 | * before the ex data handlers are wiped during default openssl_ctx deinit. | |
397 | * - conf_modules_free_int() can end up in ENGINE code so must be called | |
398 | * before engine_cleanup_int() | |
399 | * - ENGINEs and additional EVP algorithms might use added OIDs names so | |
400 | * obj_cleanup_int() must be called last | |
401 | */ | |
402 | OSSL_TRACE(INIT, "OPENSSL_cleanup: rand_cleanup_int()\n"); | |
403 | rand_cleanup_int(); | |
404 | ||
405 | OSSL_TRACE(INIT, "OPENSSL_cleanup: conf_modules_free_int()\n"); | |
406 | conf_modules_free_int(); | |
407 | ||
408 | #ifndef OPENSSL_NO_ENGINE | |
409 | OSSL_TRACE(INIT, "OPENSSL_cleanup: engine_cleanup_int()\n"); | |
410 | engine_cleanup_int(); | |
411 | #endif | |
412 | OSSL_TRACE(INIT, "OPENSSL_cleanup: ossl_store_cleanup_int()\n"); | |
413 | ossl_store_cleanup_int(); | |
414 | ||
415 | OSSL_TRACE(INIT, "OPENSSL_cleanup: openssl_ctx_default_deinit()\n"); | |
416 | openssl_ctx_default_deinit(); | |
417 | ||
418 | ossl_cleanup_thread(); | |
419 | ||
420 | OSSL_TRACE(INIT, "OPENSSL_cleanup: bio_cleanup()\n"); | |
421 | bio_cleanup(); | |
422 | ||
423 | OSSL_TRACE(INIT, "OPENSSL_cleanup: evp_cleanup_int()\n"); | |
424 | evp_cleanup_int(); | |
425 | ||
426 | OSSL_TRACE(INIT, "OPENSSL_cleanup: obj_cleanup_int()\n"); | |
427 | obj_cleanup_int(); | |
428 | ||
429 | OSSL_TRACE(INIT, "OPENSSL_cleanup: err_int()\n"); | |
430 | err_cleanup(); | |
431 | ||
432 | OSSL_TRACE(INIT, "OPENSSL_cleanup: CRYPTO_secure_malloc_done()\n"); | |
433 | CRYPTO_secure_malloc_done(); | |
434 | ||
435 | #ifndef OPENSSL_NO_CMP | |
436 | OSSL_TRACE(INIT, "OPENSSL_cleanup: OSSL_CMP_log_close()\n"); | |
437 | OSSL_CMP_log_close(); | |
438 | #endif | |
439 | ||
440 | OSSL_TRACE(INIT, "OPENSSL_cleanup: ossl_trace_cleanup()\n"); | |
441 | ossl_trace_cleanup(); | |
442 | ||
443 | base_inited = 0; | |
444 | } | |
445 | ||
446 | /* | |
447 | * If this function is called with a non NULL settings value then it must be | |
448 | * called prior to any threads making calls to any OpenSSL functions, | |
449 | * i.e. passing a non-null settings value is assumed to be single-threaded. | |
450 | */ | |
451 | int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings) | |
452 | { | |
453 | /* | |
454 | * TODO(3.0): This function needs looking at with a view to moving most/all | |
455 | * of this into OPENSSL_CTX. | |
456 | */ | |
457 | ||
458 | if (stopped) { | |
459 | if (!(opts & OPENSSL_INIT_BASE_ONLY)) | |
460 | CRYPTOerr(CRYPTO_F_OPENSSL_INIT_CRYPTO, ERR_R_INIT_FAIL); | |
461 | return 0; | |
462 | } | |
463 | ||
464 | /* | |
465 | * When the caller specifies OPENSSL_INIT_BASE_ONLY, that should be the | |
466 | * *only* option specified. With that option we return immediately after | |
467 | * doing the requested limited initialization. Note that | |
468 | * err_shelve_state() called by us via ossl_init_load_crypto_nodelete() | |
469 | * re-enters OPENSSL_init_crypto() with OPENSSL_INIT_BASE_ONLY, but with | |
470 | * base already initialized this is a harmless NOOP. | |
471 | * | |
472 | * If we remain the only caller of err_shelve_state() the recursion should | |
473 | * perhaps be removed, but if in doubt, it can be left in place. | |
474 | */ | |
475 | if (!RUN_ONCE(&base, ossl_init_base)) | |
476 | return 0; | |
477 | ||
478 | if (opts & OPENSSL_INIT_BASE_ONLY) | |
479 | return 1; | |
480 | ||
481 | /* | |
482 | * Now we don't always set up exit handlers, the INIT_BASE_ONLY calls | |
483 | * should not have the side-effect of setting up exit handlers, and | |
484 | * therefore, this code block is below the INIT_BASE_ONLY-conditioned early | |
485 | * return above. | |
486 | */ | |
487 | if ((opts & OPENSSL_INIT_NO_ATEXIT) != 0) { | |
488 | if (!RUN_ONCE_ALT(®ister_atexit, ossl_init_no_register_atexit, | |
489 | ossl_init_register_atexit)) | |
490 | return 0; | |
491 | } else if (!RUN_ONCE(®ister_atexit, ossl_init_register_atexit)) { | |
492 | return 0; | |
493 | } | |
494 | ||
495 | if (!RUN_ONCE(&load_crypto_nodelete, ossl_init_load_crypto_nodelete)) | |
496 | return 0; | |
497 | ||
498 | if ((opts & OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS) | |
499 | && !RUN_ONCE_ALT(&load_crypto_strings, | |
500 | ossl_init_no_load_crypto_strings, | |
501 | ossl_init_load_crypto_strings)) | |
502 | return 0; | |
503 | ||
504 | if ((opts & OPENSSL_INIT_LOAD_CRYPTO_STRINGS) | |
505 | && !RUN_ONCE(&load_crypto_strings, ossl_init_load_crypto_strings)) | |
506 | return 0; | |
507 | ||
508 | if ((opts & OPENSSL_INIT_NO_ADD_ALL_CIPHERS) | |
509 | && !RUN_ONCE_ALT(&add_all_ciphers, ossl_init_no_add_all_ciphers, | |
510 | ossl_init_add_all_ciphers)) | |
511 | return 0; | |
512 | ||
513 | if ((opts & OPENSSL_INIT_ADD_ALL_CIPHERS) | |
514 | && !RUN_ONCE(&add_all_ciphers, ossl_init_add_all_ciphers)) | |
515 | return 0; | |
516 | ||
517 | if ((opts & OPENSSL_INIT_NO_ADD_ALL_DIGESTS) | |
518 | && !RUN_ONCE_ALT(&add_all_digests, ossl_init_no_add_all_digests, | |
519 | ossl_init_add_all_digests)) | |
520 | return 0; | |
521 | ||
522 | if ((opts & OPENSSL_INIT_ADD_ALL_DIGESTS) | |
523 | && !RUN_ONCE(&add_all_digests, ossl_init_add_all_digests)) | |
524 | return 0; | |
525 | ||
526 | if ((opts & OPENSSL_INIT_ATFORK) | |
527 | && !openssl_init_fork_handlers()) | |
528 | return 0; | |
529 | ||
530 | if ((opts & OPENSSL_INIT_NO_LOAD_CONFIG) | |
531 | && !RUN_ONCE_ALT(&config, ossl_init_no_config, ossl_init_config)) | |
532 | return 0; | |
533 | ||
534 | if (opts & OPENSSL_INIT_LOAD_CONFIG) { | |
535 | int ret; | |
536 | CRYPTO_THREAD_write_lock(init_lock); | |
537 | conf_settings = settings; | |
538 | ret = RUN_ONCE(&config, ossl_init_config); | |
539 | conf_settings = NULL; | |
540 | CRYPTO_THREAD_unlock(init_lock); | |
541 | if (ret <= 0) | |
542 | return 0; | |
543 | } | |
544 | ||
545 | if ((opts & OPENSSL_INIT_ASYNC) | |
546 | && !RUN_ONCE(&async, ossl_init_async)) | |
547 | return 0; | |
548 | ||
549 | #ifndef OPENSSL_NO_ENGINE | |
550 | if ((opts & OPENSSL_INIT_ENGINE_OPENSSL) | |
551 | && !RUN_ONCE(&engine_openssl, ossl_init_engine_openssl)) | |
552 | return 0; | |
553 | # ifndef OPENSSL_NO_RDRAND | |
554 | if ((opts & OPENSSL_INIT_ENGINE_RDRAND) | |
555 | && !RUN_ONCE(&engine_rdrand, ossl_init_engine_rdrand)) | |
556 | return 0; | |
557 | # endif | |
558 | if ((opts & OPENSSL_INIT_ENGINE_DYNAMIC) | |
559 | && !RUN_ONCE(&engine_dynamic, ossl_init_engine_dynamic)) | |
560 | return 0; | |
561 | # ifndef OPENSSL_NO_STATIC_ENGINE | |
562 | # ifndef OPENSSL_NO_DEVCRYPTOENG | |
563 | if ((opts & OPENSSL_INIT_ENGINE_CRYPTODEV) | |
564 | && !RUN_ONCE(&engine_devcrypto, ossl_init_engine_devcrypto)) | |
565 | return 0; | |
566 | # endif | |
567 | # if !defined(OPENSSL_NO_PADLOCKENG) | |
568 | if ((opts & OPENSSL_INIT_ENGINE_PADLOCK) | |
569 | && !RUN_ONCE(&engine_padlock, ossl_init_engine_padlock)) | |
570 | return 0; | |
571 | # endif | |
572 | # if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG) | |
573 | if ((opts & OPENSSL_INIT_ENGINE_CAPI) | |
574 | && !RUN_ONCE(&engine_capi, ossl_init_engine_capi)) | |
575 | return 0; | |
576 | # endif | |
577 | # if !defined(OPENSSL_NO_AFALGENG) | |
578 | if ((opts & OPENSSL_INIT_ENGINE_AFALG) | |
579 | && !RUN_ONCE(&engine_afalg, ossl_init_engine_afalg)) | |
580 | return 0; | |
581 | # endif | |
582 | # endif | |
583 | if (opts & (OPENSSL_INIT_ENGINE_ALL_BUILTIN | |
584 | | OPENSSL_INIT_ENGINE_OPENSSL | |
585 | | OPENSSL_INIT_ENGINE_AFALG)) { | |
586 | ENGINE_register_all_complete(); | |
587 | } | |
588 | #endif | |
589 | ||
590 | #ifndef OPENSSL_NO_COMP | |
591 | if ((opts & OPENSSL_INIT_ZLIB) | |
592 | && !RUN_ONCE(&zlib, ossl_init_zlib)) | |
593 | return 0; | |
594 | #endif | |
595 | ||
596 | return 1; | |
597 | } | |
598 | ||
599 | int OPENSSL_atexit(void (*handler)(void)) | |
600 | { | |
601 | OPENSSL_INIT_STOP *newhand; | |
602 | ||
603 | #if !defined(OPENSSL_USE_NODELETE)\ | |
604 | && !defined(OPENSSL_NO_PINSHARED) | |
605 | { | |
606 | union { | |
607 | void *sym; | |
608 | void (*func)(void); | |
609 | } handlersym; | |
610 | ||
611 | handlersym.func = handler; | |
612 | # if defined(DSO_WIN32) && !defined(_WIN32_WCE) | |
613 | { | |
614 | HMODULE handle = NULL; | |
615 | BOOL ret; | |
616 | ||
617 | /* | |
618 | * We don't use the DSO route for WIN32 because there is a better | |
619 | * way | |
620 | */ | |
621 | ret = GetModuleHandleEx(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS | |
622 | | GET_MODULE_HANDLE_EX_FLAG_PIN, | |
623 | handlersym.sym, &handle); | |
624 | ||
625 | if (!ret) | |
626 | return 0; | |
627 | } | |
628 | # elif !defined(DSO_NONE) | |
629 | /* | |
630 | * Deliberately leak a reference to the handler. This will force the | |
631 | * library/code containing the handler to remain loaded until we run the | |
632 | * atexit handler. If -znodelete has been used then this is | |
633 | * unnecessary. | |
634 | */ | |
635 | { | |
636 | DSO *dso = NULL; | |
637 | ||
638 | ERR_set_mark(); | |
639 | dso = DSO_dsobyaddr(handlersym.sym, DSO_FLAG_NO_UNLOAD_ON_FREE); | |
640 | /* See same code above in ossl_init_base() for an explanation. */ | |
641 | OSSL_TRACE1(INIT, | |
642 | "atexit: obtained DSO reference? %s\n", | |
643 | (dso == NULL ? "No!" : "Yes.")); | |
644 | DSO_free(dso); | |
645 | ERR_pop_to_mark(); | |
646 | } | |
647 | # endif | |
648 | } | |
649 | #endif | |
650 | ||
651 | if ((newhand = OPENSSL_malloc(sizeof(*newhand))) == NULL) { | |
652 | CRYPTOerr(CRYPTO_F_OPENSSL_ATEXIT, ERR_R_MALLOC_FAILURE); | |
653 | return 0; | |
654 | } | |
655 | ||
656 | newhand->handler = handler; | |
657 | newhand->next = stop_handlers; | |
658 | stop_handlers = newhand; | |
659 | ||
660 | return 1; | |
661 | } | |
662 | ||
663 | #ifdef OPENSSL_SYS_UNIX | |
664 | /* | |
665 | * The following three functions are for OpenSSL developers. This is | |
666 | * where we set/reset state across fork (called via pthread_atfork when | |
667 | * it exists, or manually by the application when it doesn't). | |
668 | * | |
669 | * WARNING! If you put code in either OPENSSL_fork_parent or | |
670 | * OPENSSL_fork_child, you MUST MAKE SURE that they are async-signal- | |
671 | * safe. See this link, for example: | |
672 | * http://man7.org/linux/man-pages/man7/signal-safety.7.html | |
673 | */ | |
674 | ||
675 | void OPENSSL_fork_prepare(void) | |
676 | { | |
677 | } | |
678 | ||
679 | void OPENSSL_fork_parent(void) | |
680 | { | |
681 | } | |
682 | ||
683 | void OPENSSL_fork_child(void) | |
684 | { | |
685 | /* TODO(3.0): Inform all providers about a fork event */ | |
686 | } | |
687 | #endif |