crypto/init.c

   1 /*
   2  * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
   3  *
   4  * Licensed under the OpenSSL license (the "License").  You may not use
   5  * this file except in compliance with the License.  You can obtain a copy
   6  * in the file LICENSE in the source distribution or at
   7  * https://www.openssl.org/source/license.html
   8  */
   9
  10 #include "e_os.h"
  11 #include "internal/cryptlib_int.h"
  12 #include <openssl/err.h>
  13 #include "internal/rand_int.h"
  14 #include "internal/bio.h"
  15 #include <openssl/evp.h>
  16 #include "internal/evp_int.h"
  17 #include "internal/conf.h"
  18 #include "internal/async.h"
  19 #include "internal/engine.h"
  20 #include "internal/comp.h"
  21 #include "internal/err.h"
  22 #include "internal/err_int.h"
  23 #include "internal/objects.h"
  24 #include <stdlib.h>
  25 #include <assert.h>
  26 #include "internal/thread_once.h"
  27 #include "internal/dso_conf.h"
  28 #include "internal/dso.h"
  29 #include "internal/store.h"
  30
  31 static int stopped = 0;
  32
  33 /*
  34  * Since per-thread-specific-data destructors are not universally
  35  * available, i.e. not on Windows, only below CRYPTO_THREAD_LOCAL key
  36  * is assumed to have destructor associated. And then an effort is made
  37  * to call this single destructor on non-pthread platform[s].
  38  *
  39  * Initial value is "impossible". It is used as guard value to shortcut
  40  * destructor for threads terminating before libcrypto is initialized or
  41  * after it's de-initialized. Access to the key doesn't have to be
  42  * serialized for the said threads, because they didn't use libcrypto
  43  * and it doesn't matter if they pick "impossible" or derefernce real
  44  * key value and pull NULL past initialization in the first thread that
  45  * intends to use libcrypto.
  46  */
  47 static union {
  48     long sane;
  49     CRYPTO_THREAD_LOCAL value;
  50 } destructor_key = { -1 };
  51
  52 static void ossl_init_thread_stop(struct thread_local_inits_st *locals);
  53
  54 static void ossl_init_thread_destructor(void *local)
  55 {
  56     ossl_init_thread_stop((struct thread_local_inits_st *)local);
  57 }
  58
  59 static struct thread_local_inits_st *ossl_init_get_thread_local(int alloc)
  60 {
  61     struct thread_local_inits_st *local =
  62         CRYPTO_THREAD_get_local(&destructor_key.value);
  63
  64     if (alloc) {
  65         if (local == NULL
  66             && (local = OPENSSL_zalloc(sizeof(*local))) != NULL
  67             && !CRYPTO_THREAD_set_local(&destructor_key.value, local)) {
  68             OPENSSL_free(local);
  69             return NULL;
  70         }
  71     } else {
  72         CRYPTO_THREAD_set_local(&destructor_key.value, NULL);
  73     }
  74
  75     return local;
  76 }
  77
  78 typedef struct ossl_init_stop_st OPENSSL_INIT_STOP;
  79 struct ossl_init_stop_st {
  80     void (*handler)(void);
  81     OPENSSL_INIT_STOP *next;
  82 };
  83
  84 static OPENSSL_INIT_STOP *stop_handlers = NULL;
  85 static CRYPTO_RWLOCK *init_lock = NULL;
  86
  87 static CRYPTO_ONCE base = CRYPTO_ONCE_STATIC_INIT;
  88 static int base_inited = 0;
  89 DEFINE_RUN_ONCE_STATIC(ossl_init_base)
  90 {
  91     CRYPTO_THREAD_LOCAL key;
  92
  93 #ifdef OPENSSL_INIT_DEBUG
  94     fprintf(stderr, "OPENSSL_INIT: ossl_init_base: Setting up stop handlers\n");
  95 #endif
  96 #ifndef OPENSSL_NO_CRYPTO_MDEBUG
  97     ossl_malloc_setup_failures();
  98 #endif
  99     if (!CRYPTO_THREAD_init_local(&key, ossl_init_thread_destructor))
 100         return 0;
 101     if ((init_lock = CRYPTO_THREAD_lock_new()) == NULL)
 102         goto err;
 103 #ifndef OPENSSL_SYS_UEFI
 104     if (atexit(OPENSSL_cleanup) != 0)
 105         goto err;
 106 #endif
 107     OPENSSL_cpuid_setup();
 108
 109     destructor_key.value = key;
 110     base_inited = 1;
 111     return 1;
 112
 113 err:
 114 #ifdef OPENSSL_INIT_DEBUG
 115     fprintf(stderr, "OPENSSL_INIT: ossl_init_base not ok!\n");
 116 #endif
 117     CRYPTO_THREAD_lock_free(init_lock);
 118     init_lock = NULL;
 119
 120     CRYPTO_THREAD_cleanup_local(&key);
 121     return 0;
 122 }
 123
 124 static CRYPTO_ONCE load_crypto_nodelete = CRYPTO_ONCE_STATIC_INIT;
 125 DEFINE_RUN_ONCE_STATIC(ossl_init_load_crypto_nodelete)
 126 {
 127 #ifdef OPENSSL_INIT_DEBUG
 128     fprintf(stderr, "OPENSSL_INIT: ossl_init_load_crypto_nodelete()\n");
 129 #endif
 130 #if !defined(OPENSSL_NO_DSO) && !defined(OPENSSL_USE_NODELETE)
 131 # ifdef DSO_WIN32
 132     {
 133         HMODULE handle = NULL;
 134         BOOL ret;
 135
 136         /* We don't use the DSO route for WIN32 because there is a better way */
 137         ret = GetModuleHandleEx(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS
 138                                 | GET_MODULE_HANDLE_EX_FLAG_PIN,
 139                                 (void *)&base_inited, &handle);
 140
 141 #  ifdef OPENSSL_INIT_DEBUG
 142         fprintf(stderr, "OPENSSL_INIT: obtained DSO reference? %s\n",
 143                 (ret == TRUE ? "No!" : "Yes."));
 144 #  endif
 145         return (ret == TRUE) ? 1 : 0;
 146     }
 147 # else
 148     /*
 149      * Deliberately leak a reference to ourselves. This will force the library
 150      * to remain loaded until the atexit() handler is run at process exit.
 151      */
 152     {
 153         DSO *dso;
 154         void *err;
 155
 156         if (!err_shelve_state(&err))
 157             return 0;
 158
 159         dso = DSO_dsobyaddr(&base_inited, DSO_FLAG_NO_UNLOAD_ON_FREE);
 160 #  ifdef OPENSSL_INIT_DEBUG
 161         fprintf(stderr, "OPENSSL_INIT: obtained DSO reference? %s\n",
 162                 (dso == NULL ? "No!" : "Yes."));
 163         /*
 164          * In case of No!, it is uncertain our exit()-handlers can still be
 165          * called. After dlclose() the whole library might have been unloaded
 166          * already.
 167          */
 168 #  endif
 169         DSO_free(dso);
 170         err_unshelve_state(err);
 171     }
 172 # endif
 173 #endif
 174
 175     return 1;
 176 }
 177
 178 static CRYPTO_ONCE load_crypto_strings = CRYPTO_ONCE_STATIC_INIT;
 179 static int load_crypto_strings_inited = 0;
 180 DEFINE_RUN_ONCE_STATIC(ossl_init_no_load_crypto_strings)
 181 {
 182     /* Do nothing in this case */
 183     return 1;
 184 }
 185
 186 DEFINE_RUN_ONCE_STATIC(ossl_init_load_crypto_strings)
 187 {
 188     int ret = 1;
 189     /*
 190      * OPENSSL_NO_AUTOERRINIT is provided here to prevent at compile time
 191      * pulling in all the error strings during static linking
 192      */
 193 #if !defined(OPENSSL_NO_ERR) && !defined(OPENSSL_NO_AUTOERRINIT)
 194 # ifdef OPENSSL_INIT_DEBUG
 195     fprintf(stderr, "OPENSSL_INIT: ossl_init_load_crypto_strings: "
 196                     "err_load_crypto_strings_int()\n");
 197 # endif
 198     ret = err_load_crypto_strings_int();
 199     load_crypto_strings_inited = 1;
 200 #endif
 201     return ret;
 202 }
 203
 204 static CRYPTO_ONCE add_all_ciphers = CRYPTO_ONCE_STATIC_INIT;
 205 DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_ciphers)
 206 {
 207     /*
 208      * OPENSSL_NO_AUTOALGINIT is provided here to prevent at compile time
 209      * pulling in all the ciphers during static linking
 210      */
 211 #ifndef OPENSSL_NO_AUTOALGINIT
 212 # ifdef OPENSSL_INIT_DEBUG
 213     fprintf(stderr, "OPENSSL_INIT: ossl_init_add_all_ciphers: "
 214                     "openssl_add_all_ciphers_int()\n");
 215 # endif
 216     openssl_add_all_ciphers_int();
 217 #endif
 218     return 1;
 219 }
 220
 221 static CRYPTO_ONCE add_all_digests = CRYPTO_ONCE_STATIC_INIT;
 222 DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_digests)
 223 {
 224     /*
 225      * OPENSSL_NO_AUTOALGINIT is provided here to prevent at compile time
 226      * pulling in all the ciphers during static linking
 227      */
 228 #ifndef OPENSSL_NO_AUTOALGINIT
 229 # ifdef OPENSSL_INIT_DEBUG
 230     fprintf(stderr, "OPENSSL_INIT: ossl_init_add_all_digests: "
 231                     "openssl_add_all_digests()\n");
 232 # endif
 233     openssl_add_all_digests_int();
 234 #endif
 235     return 1;
 236 }
 237
 238 DEFINE_RUN_ONCE_STATIC(ossl_init_no_add_algs)
 239 {
 240     /* Do nothing */
 241     return 1;
 242 }
 243
 244 static CRYPTO_ONCE config = CRYPTO_ONCE_STATIC_INIT;
 245 static int config_inited = 0;
 246 static const char *appname;
 247 DEFINE_RUN_ONCE_STATIC(ossl_init_config)
 248 {
 249 #ifdef OPENSSL_INIT_DEBUG
 250     fprintf(stderr,
 251             "OPENSSL_INIT: ossl_init_config: openssl_config(%s)\n",
 252             appname == NULL ? "NULL" : appname);
 253 #endif
 254     openssl_config_int(appname);
 255     config_inited = 1;
 256     return 1;
 257 }
 258 DEFINE_RUN_ONCE_STATIC(ossl_init_no_config)
 259 {
 260 #ifdef OPENSSL_INIT_DEBUG
 261     fprintf(stderr,
 262             "OPENSSL_INIT: ossl_init_config: openssl_no_config_int()\n");
 263 #endif
 264     openssl_no_config_int();
 265     config_inited = 1;
 266     return 1;
 267 }
 268
 269 static CRYPTO_ONCE async = CRYPTO_ONCE_STATIC_INIT;
 270 static int async_inited = 0;
 271 DEFINE_RUN_ONCE_STATIC(ossl_init_async)
 272 {
 273 #ifdef OPENSSL_INIT_DEBUG
 274     fprintf(stderr, "OPENSSL_INIT: ossl_init_async: async_init()\n");
 275 #endif
 276     if (!async_init())
 277         return 0;
 278     async_inited = 1;
 279     return 1;
 280 }
 281
 282 #ifndef OPENSSL_NO_ENGINE
 283 static CRYPTO_ONCE engine_openssl = CRYPTO_ONCE_STATIC_INIT;
 284 DEFINE_RUN_ONCE_STATIC(ossl_init_engine_openssl)
 285 {
 286 # ifdef OPENSSL_INIT_DEBUG
 287     fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_openssl: "
 288                     "engine_load_openssl_int()\n");
 289 # endif
 290     engine_load_openssl_int();
 291     return 1;
 292 }
 293 # ifndef OPENSSL_NO_DEVCRYPTOENG
 294 static CRYPTO_ONCE engine_devcrypto = CRYPTO_ONCE_STATIC_INIT;
 295 DEFINE_RUN_ONCE_STATIC(ossl_init_engine_devcrypto)
 296 {
 297 #  ifdef OPENSSL_INIT_DEBUG
 298     fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_devcrypto: "
 299                     "engine_load_devcrypto_int()\n");
 300 #  endif
 301     engine_load_devcrypto_int();
 302     return 1;
 303 }
 304 # endif
 305
 306 # ifndef OPENSSL_NO_RDRAND
 307 static CRYPTO_ONCE engine_rdrand = CRYPTO_ONCE_STATIC_INIT;
 308 DEFINE_RUN_ONCE_STATIC(ossl_init_engine_rdrand)
 309 {
 310 #  ifdef OPENSSL_INIT_DEBUG
 311     fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_rdrand: "
 312                     "engine_load_rdrand_int()\n");
 313 #  endif
 314     engine_load_rdrand_int();
 315     return 1;
 316 }
 317 # endif
 318 static CRYPTO_ONCE engine_dynamic = CRYPTO_ONCE_STATIC_INIT;
 319 DEFINE_RUN_ONCE_STATIC(ossl_init_engine_dynamic)
 320 {
 321 # ifdef OPENSSL_INIT_DEBUG
 322     fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_dynamic: "
 323                     "engine_load_dynamic_int()\n");
 324 # endif
 325     engine_load_dynamic_int();
 326     return 1;
 327 }
 328 # ifndef OPENSSL_NO_STATIC_ENGINE
 329 #  if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_PADLOCK)
 330 static CRYPTO_ONCE engine_padlock = CRYPTO_ONCE_STATIC_INIT;
 331 DEFINE_RUN_ONCE_STATIC(ossl_init_engine_padlock)
 332 {
 333 #   ifdef OPENSSL_INIT_DEBUG
 334     fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_padlock: "
 335                     "engine_load_padlock_int()\n");
 336 #   endif
 337     engine_load_padlock_int();
 338     return 1;
 339 }
 340 #  endif
 341 #  if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG)
 342 static CRYPTO_ONCE engine_capi = CRYPTO_ONCE_STATIC_INIT;
 343 DEFINE_RUN_ONCE_STATIC(ossl_init_engine_capi)
 344 {
 345 #   ifdef OPENSSL_INIT_DEBUG
 346     fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_capi: "
 347                     "engine_load_capi_int()\n");
 348 #   endif
 349     engine_load_capi_int();
 350     return 1;
 351 }
 352 #  endif
 353 #  if !defined(OPENSSL_NO_AFALGENG)
 354 static CRYPTO_ONCE engine_afalg = CRYPTO_ONCE_STATIC_INIT;
 355 DEFINE_RUN_ONCE_STATIC(ossl_init_engine_afalg)
 356 {
 357 #   ifdef OPENSSL_INIT_DEBUG
 358     fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_afalg: "
 359                     "engine_load_afalg_int()\n");
 360 #   endif
 361     engine_load_afalg_int();
 362     return 1;
 363 }
 364 #  endif
 365 # endif
 366 #endif
 367
 368 #ifndef OPENSSL_NO_COMP
 369 static CRYPTO_ONCE zlib = CRYPTO_ONCE_STATIC_INIT;
 370
 371 static int zlib_inited = 0;
 372 DEFINE_RUN_ONCE_STATIC(ossl_init_zlib)
 373 {
 374     /* Do nothing - we need to know about this for the later cleanup */
 375     zlib_inited = 1;
 376     return 1;
 377 }
 378 #endif
 379
 380 static void ossl_init_thread_stop(struct thread_local_inits_st *locals)
 381 {
 382     /* Can't do much about this */
 383     if (locals == NULL)
 384         return;
 385
 386     if (locals->async) {
 387 #ifdef OPENSSL_INIT_DEBUG
 388         fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_stop: "
 389                         "async_delete_thread_state()\n");
 390 #endif
 391         async_delete_thread_state();
 392     }
 393
 394     if (locals->err_state) {
 395 #ifdef OPENSSL_INIT_DEBUG
 396         fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_stop: "
 397                         "err_delete_thread_state()\n");
 398 #endif
 399         err_delete_thread_state();
 400     }
 401
 402     if (locals->rand) {
 403 #ifdef OPENSSL_INIT_DEBUG
 404         fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_stop: "
 405                         "drbg_delete_thread_state()\n");
 406 #endif
 407         drbg_delete_thread_state();
 408     }
 409
 410     OPENSSL_free(locals);
 411 }
 412
 413 void OPENSSL_thread_stop(void)
 414 {
 415     if (destructor_key.sane != -1)
 416         ossl_init_thread_stop(ossl_init_get_thread_local(0));
 417 }
 418
 419 int ossl_init_thread_start(uint64_t opts)
 420 {
 421     struct thread_local_inits_st *locals;
 422
 423     if (!OPENSSL_init_crypto(0, NULL))
 424         return 0;
 425
 426     locals = ossl_init_get_thread_local(1);
 427
 428     if (locals == NULL)
 429         return 0;
 430
 431     if (opts & OPENSSL_INIT_THREAD_ASYNC) {
 432 #ifdef OPENSSL_INIT_DEBUG
 433         fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_start: "
 434                         "marking thread for async\n");
 435 #endif
 436         locals->async = 1;
 437     }
 438
 439     if (opts & OPENSSL_INIT_THREAD_ERR_STATE) {
 440 #ifdef OPENSSL_INIT_DEBUG
 441         fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_start: "
 442                         "marking thread for err_state\n");
 443 #endif
 444         locals->err_state = 1;
 445     }
 446
 447     if (opts & OPENSSL_INIT_THREAD_RAND) {
 448 #ifdef OPENSSL_INIT_DEBUG
 449         fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_start: "
 450                         "marking thread for rand\n");
 451 #endif
 452         locals->rand = 1;
 453     }
 454
 455     return 1;
 456 }
 457
 458 void OPENSSL_cleanup(void)
 459 {
 460     OPENSSL_INIT_STOP *currhandler, *lasthandler;
 461     CRYPTO_THREAD_LOCAL key;
 462
 463     /* If we've not been inited then no need to deinit */
 464     if (!base_inited)
 465         return;
 466
 467     /* Might be explicitly called and also by atexit */
 468     if (stopped)
 469         return;
 470     stopped = 1;
 471
 472     /*
 473      * Thread stop may not get automatically called by the thread library for
 474      * the very last thread in some situations, so call it directly.
 475      */
 476     ossl_init_thread_stop(ossl_init_get_thread_local(0));
 477
 478     currhandler = stop_handlers;
 479     while (currhandler != NULL) {
 480         currhandler->handler();
 481         lasthandler = currhandler;
 482         currhandler = currhandler->next;
 483         OPENSSL_free(lasthandler);
 484     }
 485     stop_handlers = NULL;
 486
 487     CRYPTO_THREAD_lock_free(init_lock);
 488     init_lock = NULL;
 489
 490     /*
 491      * We assume we are single-threaded for this function, i.e. no race
 492      * conditions for the various "*_inited" vars below.
 493      */
 494
 495 #ifndef OPENSSL_NO_COMP
 496     if (zlib_inited) {
 497 #ifdef OPENSSL_INIT_DEBUG
 498         fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
 499                         "comp_zlib_cleanup_int()\n");
 500 #endif
 501         comp_zlib_cleanup_int();
 502     }
 503 #endif
 504
 505     if (async_inited) {
 506 # ifdef OPENSSL_INIT_DEBUG
 507         fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
 508                         "async_deinit()\n");
 509 # endif
 510         async_deinit();
 511     }
 512
 513     if (load_crypto_strings_inited) {
 514 #ifdef OPENSSL_INIT_DEBUG
 515         fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
 516                         "err_free_strings_int()\n");
 517 #endif
 518         err_free_strings_int();
 519     }
 520
 521     key = destructor_key.value;
 522     destructor_key.sane = -1;
 523     CRYPTO_THREAD_cleanup_local(&key);
 524
 525 #ifdef OPENSSL_INIT_DEBUG
 526     fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
 527                     "rand_cleanup_int()\n");
 528     fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
 529                     "conf_modules_free_int()\n");
 530 #ifndef OPENSSL_NO_ENGINE
 531     fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
 532                     "engine_cleanup_int()\n");
 533 #endif
 534     fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
 535                     "crypto_cleanup_all_ex_data_int()\n");
 536     fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
 537                     "bio_sock_cleanup_int()\n");
 538     fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
 539                     "bio_cleanup()\n");
 540     fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
 541                     "evp_cleanup_int()\n");
 542     fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
 543                     "obj_cleanup_int()\n");
 544     fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
 545                     "err_cleanup()\n");
 546 #endif
 547     /*
 548      * Note that cleanup order is important:
 549      * - rand_cleanup_int could call an ENGINE's RAND cleanup function so
 550      * must be called before engine_cleanup_int()
 551      * - ENGINEs use CRYPTO_EX_DATA and therefore, must be cleaned up
 552      * before the ex data handlers are wiped in CRYPTO_cleanup_all_ex_data().
 553      * - conf_modules_free_int() can end up in ENGINE code so must be called
 554      * before engine_cleanup_int()
 555      * - ENGINEs and additional EVP algorithms might use added OIDs names so
 556      * obj_cleanup_int() must be called last
 557      */
 558     rand_cleanup_int();
 559     rand_drbg_cleanup_int();
 560     conf_modules_free_int();
 561 #ifndef OPENSSL_NO_ENGINE
 562     engine_cleanup_int();
 563 #endif
 564     ossl_store_cleanup_int();
 565     crypto_cleanup_all_ex_data_int();
 566     bio_cleanup();
 567     evp_cleanup_int();
 568     obj_cleanup_int();
 569     err_cleanup();
 570
 571     CRYPTO_secure_malloc_done();
 572
 573     base_inited = 0;
 574 }
 575
 576 /*
 577  * If this function is called with a non NULL settings value then it must be
 578  * called prior to any threads making calls to any OpenSSL functions,
 579  * i.e. passing a non-null settings value is assumed to be single-threaded.
 580  */
 581 int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings)
 582 {
 583     if (stopped) {
 584         if (!(opts & OPENSSL_INIT_BASE_ONLY))
 585             CRYPTOerr(CRYPTO_F_OPENSSL_INIT_CRYPTO, ERR_R_INIT_FAIL);
 586         return 0;
 587     }
 588
 589     if (!RUN_ONCE(&base, ossl_init_base))
 590         return 0;
 591
 592     if (!(opts & OPENSSL_INIT_BASE_ONLY)
 593             && !RUN_ONCE(&load_crypto_nodelete,
 594                          ossl_init_load_crypto_nodelete))
 595         return 0;
 596
 597     if ((opts & OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS)
 598             && !RUN_ONCE(&load_crypto_strings,
 599                          ossl_init_no_load_crypto_strings))
 600         return 0;
 601
 602     if ((opts & OPENSSL_INIT_LOAD_CRYPTO_STRINGS)
 603             && !RUN_ONCE(&load_crypto_strings, ossl_init_load_crypto_strings))
 604         return 0;
 605
 606     if ((opts & OPENSSL_INIT_NO_ADD_ALL_CIPHERS)
 607             && !RUN_ONCE(&add_all_ciphers, ossl_init_no_add_algs))
 608         return 0;
 609
 610     if ((opts & OPENSSL_INIT_ADD_ALL_CIPHERS)
 611             && !RUN_ONCE(&add_all_ciphers, ossl_init_add_all_ciphers))
 612         return 0;
 613
 614     if ((opts & OPENSSL_INIT_NO_ADD_ALL_DIGESTS)
 615             && !RUN_ONCE(&add_all_digests, ossl_init_no_add_algs))
 616         return 0;
 617
 618     if ((opts & OPENSSL_INIT_ADD_ALL_DIGESTS)
 619             && !RUN_ONCE(&add_all_digests, ossl_init_add_all_digests))
 620         return 0;
 621
 622     if ((opts & OPENSSL_INIT_ATFORK)
 623             && !openssl_init_fork_handlers())
 624         return 0;
 625
 626     if ((opts & OPENSSL_INIT_NO_LOAD_CONFIG)
 627             && !RUN_ONCE(&config, ossl_init_no_config))
 628         return 0;
 629
 630     if (opts & OPENSSL_INIT_LOAD_CONFIG) {
 631         int ret;
 632         CRYPTO_THREAD_write_lock(init_lock);
 633         appname = (settings == NULL) ? NULL : settings->appname;
 634         ret = RUN_ONCE(&config, ossl_init_config);
 635         CRYPTO_THREAD_unlock(init_lock);
 636         if (!ret)
 637             return 0;
 638     }
 639
 640     if ((opts & OPENSSL_INIT_ASYNC)
 641             && !RUN_ONCE(&async, ossl_init_async))
 642         return 0;
 643
 644 #ifndef OPENSSL_NO_ENGINE
 645     if ((opts & OPENSSL_INIT_ENGINE_OPENSSL)
 646             && !RUN_ONCE(&engine_openssl, ossl_init_engine_openssl))
 647         return 0;
 648 # if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_DEVCRYPTOENG)
 649     if ((opts & OPENSSL_INIT_ENGINE_CRYPTODEV)
 650             && !RUN_ONCE(&engine_devcrypto, ossl_init_engine_devcrypto))
 651         return 0;
 652 # endif
 653 # ifndef OPENSSL_NO_RDRAND
 654     if ((opts & OPENSSL_INIT_ENGINE_RDRAND)
 655             && !RUN_ONCE(&engine_rdrand, ossl_init_engine_rdrand))
 656         return 0;
 657 # endif
 658     if ((opts & OPENSSL_INIT_ENGINE_DYNAMIC)
 659             && !RUN_ONCE(&engine_dynamic, ossl_init_engine_dynamic))
 660         return 0;
 661 # ifndef OPENSSL_NO_STATIC_ENGINE
 662 #  if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_PADLOCK)
 663     if ((opts & OPENSSL_INIT_ENGINE_PADLOCK)
 664             && !RUN_ONCE(&engine_padlock, ossl_init_engine_padlock))
 665         return 0;
 666 #  endif
 667 #  if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG)
 668     if ((opts & OPENSSL_INIT_ENGINE_CAPI)
 669             && !RUN_ONCE(&engine_capi, ossl_init_engine_capi))
 670         return 0;
 671 #  endif
 672 #  if !defined(OPENSSL_NO_AFALGENG)
 673     if ((opts & OPENSSL_INIT_ENGINE_AFALG)
 674             && !RUN_ONCE(&engine_afalg, ossl_init_engine_afalg))
 675         return 0;
 676 #  endif
 677 # endif
 678     if (opts & (OPENSSL_INIT_ENGINE_ALL_BUILTIN
 679                 | OPENSSL_INIT_ENGINE_OPENSSL
 680                 | OPENSSL_INIT_ENGINE_AFALG)) {
 681         ENGINE_register_all_complete();
 682     }
 683 #endif
 684
 685 #ifndef OPENSSL_NO_COMP
 686     if ((opts & OPENSSL_INIT_ZLIB)
 687             && !RUN_ONCE(&zlib, ossl_init_zlib))
 688         return 0;
 689 #endif
 690
 691     return 1;
 692 }
 693
 694 int OPENSSL_atexit(void (*handler)(void))
 695 {
 696     OPENSSL_INIT_STOP *newhand;
 697
 698 #if !defined(OPENSSL_NO_DSO) && !defined(OPENSSL_USE_NODELETE)
 699     {
 700         union {
 701             void *sym;
 702             void (*func)(void);
 703         } handlersym;
 704
 705         handlersym.func = handler;
 706 # ifdef DSO_WIN32
 707         {
 708             HMODULE handle = NULL;
 709             BOOL ret;
 710
 711             /*
 712              * We don't use the DSO route for WIN32 because there is a better
 713              * way
 714              */
 715             ret = GetModuleHandleEx(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS
 716                                     | GET_MODULE_HANDLE_EX_FLAG_PIN,
 717                                     handlersym.sym, &handle);
 718
 719             if (!ret)
 720                 return 0;
 721         }
 722 # else
 723         /*
 724          * Deliberately leak a reference to the handler. This will force the
 725          * library/code containing the handler to remain loaded until we run the
 726          * atexit handler. If -znodelete has been used then this is
 727          * unnecessary.
 728          */
 729         {
 730             DSO *dso = NULL;
 731
 732             ERR_set_mark();
 733             dso = DSO_dsobyaddr(handlersym.sym, DSO_FLAG_NO_UNLOAD_ON_FREE);
 734 #  ifdef OPENSSL_INIT_DEBUG
 735             fprintf(stderr,
 736                     "OPENSSL_INIT: OPENSSL_atexit: obtained DSO reference? %s\n",
 737                     (dso == NULL ? "No!" : "Yes."));
 738             /* See same code above in ossl_init_base() for an explanation. */
 739 #  endif
 740             DSO_free(dso);
 741             ERR_pop_to_mark();
 742         }
 743 # endif
 744     }
 745 #endif
 746
 747     if ((newhand = OPENSSL_malloc(sizeof(*newhand))) == NULL) {
 748         CRYPTOerr(CRYPTO_F_OPENSSL_ATEXIT, ERR_R_MALLOC_FAILURE);
 749         return 0;
 750     }
 751
 752     newhand->handler = handler;
 753     newhand->next = stop_handlers;
 754     stop_handlers = newhand;
 755
 756     return 1;
 757 }
 758
 759 #ifdef OPENSSL_SYS_UNIX
 760 /*
 761  * The following three functions are for OpenSSL developers.  This is
 762  * where we set/reset state across fork (called via pthread_atfork when
 763  * it exists, or manually by the application when it doesn't).
 764  *
 765  * WARNING!  If you put code in either OPENSSL_fork_parent or
 766  * OPENSSL_fork_child, you MUST MAKE SURE that they are async-signal-
 767  * safe.  See this link, for example:
 768  *      http://man7.org/linux/man-pages/man7/signal-safety.7.html
 769  */
 770
 771 void OPENSSL_fork_prepare(void)
 772 {
 773 }
 774
 775 void OPENSSL_fork_parent(void)
 776 {
 777 }
 778
 779 void OPENSSL_fork_child(void)
 780 {
 781     rand_fork();
 782 }
 783 #endif