MINOR: ssl: always initialize random generator

Explicitly call ssl_initialize_random to initialize the random generator
in init() global function. If the initialization fails, the startup is
interrupted.

This commit is in preparation for support of ssl on dynamic servers. To
be able to activate ssl on dynamic servers, it is necessary to ensure
that the random generator is initialized on startup regardless of the
config. It cannot be called at runtime as access to /dev/urandom is
required.

This also has the effect to fix the previous non-consistent behavior.
Indeed, if bind or server in the config are using ssl, the
initialization function was called, and if it failed, the startup was
interrupted. Otherwise, the ssl initialization code could have been
called through the ssl server for lua, but this times without blocking
the startup on error. Or not called at all if lua was deactivated.

diff --git a/include/haproxy/ssl_sock.h b/include/haproxy/ssl_sock.h
index 9978abc08df294ceb828beaade9d93026b5b7512..cb9c0b86ca2038857f17f883dab2c1b0c4d9f83d 100644 (file)
--- a/include/haproxy/ssl_sock.h
+++ b/include/haproxy/ssl_sock.h
@@ -120,6 +120,7 @@ int ssl_load_global_issuer_from_BIO(BIO *in, char *fp, char **err);
 int ssl_sock_load_cert(char *path, struct bind_conf *bind_conf, char **err);
 int ssl_sock_load_srv_cert(char *path, struct server *server, char **err);
 void ssl_free_global_issuers(void);
+int ssl_initialize_random(void);
 int ssl_sock_load_cert_list_file(char *file, int dir, struct bind_conf *bind_conf, struct proxy *curproxy, char **err);
 int ssl_init_single_engine(const char *engine_id, const char *def_algorithms);
 #if ((defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP) && !defined OPENSSL_IS_BORINGSSL)

diff --git a/src/haproxy.c b/src/haproxy.c
index c05f18d76ee61435ee014016f6a79994ee79a48b..7e0141335ef444dc536016f45b9d6b93874916fb 100644 (file)
--- a/src/haproxy.c
+++ b/src/haproxy.c
@@ -1510,6 +1510,16 @@ static void init(int argc, char **argv)
        if (init_acl() != 0)
                exit(1);
 
+#ifdef USE_OPENSSL
+       /* Initialize the random generator.
+        * Must be called before chroot for access to /dev/urandom
+        */
+       if (!ssl_initialize_random()) {
+               ha_alert("OpenSSL random data generator initialization failed.\n");
+               exit(1);
+       }
+#endif
+
        /* Initialise lua. */
        hlua_init();
 

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 059fef3f42b8da043bb9d8c035e1196857defe55..4ebf56f2a603d87482c2e4ede12cf042cdca1709 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -3536,7 +3536,7 @@ static int ssl_sock_load_srv_ckchs(const char *path, struct ckch_store *ckchs,
  * if the random is said as not implemented, because we expect that openssl
  * will use another method once needed.
  */
-static int ssl_initialize_random()
+int ssl_initialize_random(void)
 {
        unsigned char random;
        static int random_initialized = 0;
@@ -4640,12 +4640,6 @@ int ssl_sock_prepare_srv_ctx(struct server *srv)
        int cfgerr = 0;
        SSL_CTX *ctx = srv->ssl_ctx.ctx;
 
-       /* Make sure openssl opens /dev/urandom before the chroot */
-       if (!ssl_initialize_random()) {
-               ha_alert("OpenSSL random data generator initialization failed.\n");
-               cfgerr++;
-       }
-
        /* Automatic memory computations need to know we use SSL there */
        global.ssl_used_backend = 1;
 
@@ -4898,11 +4892,6 @@ int ssl_sock_prepare_all_ctx(struct bind_conf *bind_conf)
        /* Automatic memory computations need to know we use SSL there */
        global.ssl_used_frontend = 1;
 
-       /* Make sure openssl opens /dev/urandom before the chroot */
-       if (!ssl_initialize_random()) {
-               ha_alert("OpenSSL random data generator initialization failed.\n");
-               err++;
-       }
        /* Create initial_ctx used to start the ssl connection before do switchctx */
        if (!bind_conf->initial_ctx) {
                err += ssl_initial_ctx(bind_conf);