On shutdown, mark openssl as uninitialized.

This causes openssl to get completely reinitialized on startup,
which is probably a good idea.

diff --git a/src/common/crypto.c b/src/common/crypto.c
index 85bed538e5af3de75387071f9150433695352b55..b519caed07b71ea51ae644ef338354308b1970a0 100644 (file)
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -283,11 +283,12 @@ crypto_force_rand_ssleay(void)
   return 0;
 }
 
+static int have_seeded_siphash = 0;
+
 /** Set up the siphash key if we haven't already done so. */
 int
 crypto_init_siphash_key(void)
 {
-  static int have_seeded_siphash = 0;
   struct sipkey key;
   if (have_seeded_siphash)
     return 0;
@@ -3495,6 +3496,12 @@ crypto_global_cleanup(void)
 
   tor_free(crypto_openssl_version_str);
   tor_free(crypto_openssl_header_version_str);
+
+  crypto_early_initialized_ = 0;
+  crypto_global_initialized_ = 0;
+  have_seeded_siphash = 0;
+  siphash_unset_global_key();
+
   return 0;
 }
 

diff --git a/src/ext/csiphash.c b/src/ext/csiphash.c
index 508e4f6ceb416e4e8fa62c21055975635bf0ad93..0427c8795092343be9c4c4d643cb262c6e11ac55 100644 (file)
--- a/src/ext/csiphash.c
+++ b/src/ext/csiphash.c
@@ -123,3 +123,9 @@ void siphash_set_global_key(const struct sipkey *key)
        the_siphash_key.k1 = key->k1;
        the_siphash_key_is_set = 1;
 }
+
+void siphash_unset_global_key(void)
+{
+       the_siphash_key_is_set = 0;
+       memset(&the_siphash_key, 0, sizeof(the_siphash_key));
+}

diff --git a/src/ext/siphash.h b/src/ext/siphash.h
index d9b34b8980f43dae70ab72d5fca5c354f993b210..730e49937d0f78e08345687d445f181e4fb2db03 100644 (file)
--- a/src/ext/siphash.h
+++ b/src/ext/siphash.h
@@ -9,5 +9,6 @@ uint64_t siphash24(const void *src, unsigned long src_sz, const struct sipkey *k
 
 void siphash_set_global_key(const struct sipkey *key);
 uint64_t siphash24g(const void *src, unsigned long src_sz);
+void siphash_unset_global_key(void);
 
 #endif