2 * Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include "internal/e_os.h"
12 #include "internal/err.h"
13 #include <openssl/crypto.h>
14 #include <openssl/evp.h>
15 #include <openssl/trace.h>
16 #include "ssl_local.h"
18 #include "internal/thread_once.h"
22 static void ssl_library_stop(void);
24 static CRYPTO_ONCE ssl_base
= CRYPTO_ONCE_STATIC_INIT
;
25 static int ssl_base_inited
= 0;
26 DEFINE_RUN_ONCE_STATIC(ossl_init_ssl_base
)
28 #ifndef OPENSSL_NO_COMP
29 OSSL_TRACE(INIT
, "ossl_init_ssl_base: "
30 "SSL_COMP_get_compression_methods()\n");
32 * This will initialise the built-in compression algorithms. The value
33 * returned is a STACK_OF(SSL_COMP), but that can be discarded safely
35 SSL_COMP_get_compression_methods();
37 ssl_sort_cipher_list();
38 OSSL_TRACE(INIT
, "ossl_init_ssl_base: SSL_add_ssl_module()\n");
40 * We ignore an error return here. Not much we can do - but not that bad
41 * either. We can still safely continue.
43 OPENSSL_atexit(ssl_library_stop
);
48 static CRYPTO_ONCE ssl_strings
= CRYPTO_ONCE_STATIC_INIT
;
49 static int ssl_strings_inited
= 0;
50 DEFINE_RUN_ONCE_STATIC(ossl_init_load_ssl_strings
)
53 * OPENSSL_NO_AUTOERRINIT is provided here to prevent at compile time
54 * pulling in all the error strings during static linking
56 #if !defined(OPENSSL_NO_ERR) && !defined(OPENSSL_NO_AUTOERRINIT)
57 OSSL_TRACE(INIT
, "ossl_init_load_ssl_strings: ossl_err_load_SSL_strings()\n");
58 ossl_err_load_SSL_strings();
59 ssl_strings_inited
= 1;
64 DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_load_ssl_strings
,
65 ossl_init_load_ssl_strings
)
67 /* Do nothing in this case */
71 static void ssl_library_stop(void)
73 /* Might be explicitly called and also by atexit */
78 if (ssl_base_inited
) {
79 #ifndef OPENSSL_NO_COMP
80 OSSL_TRACE(INIT
, "ssl_library_stop: "
81 "ssl_comp_free_compression_methods_int()\n");
82 ssl_comp_free_compression_methods_int();
86 if (ssl_strings_inited
) {
87 OSSL_TRACE(INIT
, "ssl_library_stop: err_free_strings_int()\n");
89 * If both crypto and ssl error strings are inited we will end up
90 * calling err_free_strings_int() twice - but that's ok. The second
91 * time will be a no-op. It's easier to do that than to try and track
92 * between the two libraries whether they have both been inited.
94 err_free_strings_int();
99 * If this function is called with a non NULL settings value then it must be
100 * called prior to any threads making calls to any OpenSSL functions,
101 * i.e. passing a non-null settings value is assumed to be single-threaded.
103 int OPENSSL_init_ssl(uint64_t opts
, const OPENSSL_INIT_SETTINGS
* settings
)
105 static int stoperrset
= 0;
110 * We only ever set this once to avoid getting into an infinite
111 * loop where the error system keeps trying to init and fails so
115 ERR_raise(ERR_LIB_SSL
, ERR_R_INIT_FAIL
);
120 opts
|= OPENSSL_INIT_ADD_ALL_CIPHERS
121 | OPENSSL_INIT_ADD_ALL_DIGESTS
;
122 #ifndef OPENSSL_NO_AUTOLOAD_CONFIG
123 if ((opts
& OPENSSL_INIT_NO_LOAD_CONFIG
) == 0)
124 opts
|= OPENSSL_INIT_LOAD_CONFIG
;
127 if (!OPENSSL_init_crypto(opts
, settings
))
130 if (!RUN_ONCE(&ssl_base
, ossl_init_ssl_base
))
133 if ((opts
& OPENSSL_INIT_NO_LOAD_SSL_STRINGS
)
134 && !RUN_ONCE_ALT(&ssl_strings
, ossl_init_no_load_ssl_strings
,
135 ossl_init_load_ssl_strings
))
138 if ((opts
& OPENSSL_INIT_LOAD_SSL_STRINGS
)
139 && !RUN_ONCE(&ssl_strings
, ossl_init_load_ssl_strings
))