OPENSSL_init_crypto must return 0 when cleanup was done

author Tomas Mraz <tomas@openssl.org>

Wed, 2 Jun 2021 13:15:45 +0000 (15:15 +0200)

committer Tomas Mraz <tomas@openssl.org>

Thu, 3 Jun 2021 15:42:21 +0000 (17:42 +0200)
author Tomas Mraz <tomas@openssl.org>
Wed, 2 Jun 2021 13:15:45 +0000 (15:15 +0200)
committer Tomas Mraz <tomas@openssl.org>
Thu, 3 Jun 2021 15:42:21 +0000 (17:42 +0200)
diff --git a/crypto/init.c b/crypto/init.c

index 49d817c089198fbcdb4d709651cb9374d0ff13eb..552a4fa66c2d502820538e36cf6d14a26214c539 100644 (file)
--- a/crypto/init.c
+++ b/crypto/init.c
@@ -454,6 +454,13 @@ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings)
      uint64_t tmp;
      int aloaddone = 0;
  
+   /* Applications depend on 0 being returned when cleanup was already done */
+    if (stopped) {
+        if (!(opts & OPENSSL_INIT_BASE_ONLY))
+            ERR_raise(ERR_LIB_CRYPTO, ERR_R_INIT_FAIL);
+        return 0;
+    }
+
      /*
       * We ignore failures from this function. It is probably because we are
       * on a platform that doesn't support lockless atomic loads (we may not
@@ -476,15 +483,7 @@ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings)
      /*
       * At some point we should look at this function with a view to moving
       * most/all of this into OSSL_LIB_CTX.
-     */
-
-    if (stopped) {
-        if (!(opts & OPENSSL_INIT_BASE_ONLY))
-            ERR_raise(ERR_LIB_CRYPTO, ERR_R_INIT_FAIL);
-        return 0;
-    }
-
-    /*
+     *
       * When the caller specifies OPENSSL_INIT_BASE_ONLY, that should be the
       * *only* option specified.  With that option we return immediately after
       * doing the requested limited initialization.  Note that
author	Tomas Mraz <tomas@openssl.org>
	Wed, 2 Jun 2021 13:15:45 +0000 (15:15 +0200)
committer	Tomas Mraz <tomas@openssl.org>
	Thu, 3 Jun 2021 15:42:21 +0000 (17:42 +0200)