#include <openssl/evp.h>
#include <openssl/ssl.h>
#include <openssl/conf.h>
+#if defined(RSPAMD_LEGACY_SSL_PROVIDER) && OPENSSL_VERSION_NUMBER >= 0x30000000L
+#include <openssl/provider.h>
+#endif
#endif
#ifdef HAVE_LOCALE_H
#include <locale.h>
ottery_config_init(ottery_cfg);
ctx->ottery_cfg = ottery_cfg;
- rspamd_openssl_maybe_init();
+ rspamd_openssl_maybe_init(ctx);
/* Check if we have rdrand */
if ((ctx->crypto_ctx->cpu_config & CPUID_RDRAND) == 0) {
ERR_free_strings();
rspamd_ssl_ctx_free(ctx->ssl_ctx);
rspamd_ssl_ctx_free(ctx->ssl_ctx_noverify);
+#if defined(RSPAMD_LEGACY_SSL_PROVIDER) && OPENSSL_VERSION_NUMBER >= 0x30000000L
+ if (ctx->ssl_legacy_provider) {
+ OSSL_PROVIDER_unload((OSSL_PROVIDER *) ctx->ssl_legacy_provider);
+ }
+ if (ctx->ssl_default_provider) {
+ OSSL_PROVIDER_unload((OSSL_PROVIDER *) ctx->ssl_default_provider);
+ }
+#endif
#endif
rspamd_inet_library_destroy();
rspamd_free_zstd_dictionary(ctx->in_dict);
#include "libutil/hash.h"
#include "libserver/logger.h"
#include "libserver/cfg_file.h"
+#include "rspamd.h"
#include "ssl_util.h"
#include "unix-std.h"
#include "cryptobox.h"
int ssl_options;
static const unsigned int client_cache_size = 1024;
- rspamd_openssl_maybe_init();
-
ret = g_malloc0(sizeof(*ret));
ssl_options = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3;
ssl_ctx = SSL_CTX_new(SSLv23_method());
}
#if defined(RSPAMD_LEGACY_SSL_PROVIDER) && OPENSSL_VERSION_NUMBER >= 0x30000000L
#include <openssl/provider.h>
-static OSSL_PROVIDER *rspamd_legacy_provider = NULL;
-static OSSL_PROVIDER *rspamd_default_provider = NULL;
#endif
-void rspamd_openssl_maybe_init(void)
+void rspamd_openssl_maybe_init(struct rspamd_external_libs_ctx *ctx)
{
static gboolean openssl_initialized = FALSE;
OPENSSL_init_ssl(0, NULL);
#endif
#if defined(RSPAMD_LEGACY_SSL_PROVIDER) && OPENSSL_VERSION_NUMBER >= 0x30000000L
- rspamd_legacy_provider = OSSL_PROVIDER_load(NULL, "legacy");
- if (rspamd_legacy_provider == NULL) {
- msg_err("cannot load legacy OpenSSL provider: %s", ERR_lib_error_string(ERR_get_error()));
- ERR_clear_error();
- }
- rspamd_default_provider = OSSL_PROVIDER_load(NULL, "default");
- if (rspamd_default_provider == NULL) {
- msg_err("cannot load default OpenSSL provider: %s", ERR_lib_error_string(ERR_get_error()));
- ERR_clear_error();
+ if (ctx) {
+ ctx->ssl_legacy_provider = OSSL_PROVIDER_load(NULL, "legacy");
+ if (ctx->ssl_legacy_provider == NULL) {
+ msg_err("cannot load legacy OpenSSL provider: %s", ERR_lib_error_string(ERR_get_error()));
+ ERR_clear_error();
+ }
+ ctx->ssl_default_provider = OSSL_PROVIDER_load(NULL, "default");
+ if (ctx->ssl_default_provider == NULL) {
+ msg_err("cannot load default OpenSSL provider: %s", ERR_lib_error_string(ERR_get_error()));
+ ERR_clear_error();
+ }
}
#endif
}
}
-void rspamd_openssl_cleanup(void)
-{
-#if defined(RSPAMD_LEGACY_SSL_PROVIDER) && OPENSSL_VERSION_NUMBER >= 0x30000000L
- if (rspamd_legacy_provider) {
- OSSL_PROVIDER_unload(rspamd_legacy_provider);
- rspamd_legacy_provider = NULL;
- }
- if (rspamd_default_provider) {
- OSSL_PROVIDER_unload(rspamd_default_provider);
- rspamd_default_provider = NULL;
- }
-#endif
-}
-
void rspamd_ssl_ctx_config(struct rspamd_config *cfg, gpointer ssl_ctx)
{
struct rspamd_ssl_ctx *ctx = (struct rspamd_ssl_ctx *) ssl_ctx;
gpointer rspamd_init_ssl_ctx_noverify(void);
void rspamd_ssl_ctx_config(struct rspamd_config *cfg, gpointer ssl_ctx);
void rspamd_ssl_ctx_free(gpointer ssl_ctx);
-void rspamd_openssl_maybe_init(void);
-void rspamd_openssl_cleanup(void);
+void rspamd_openssl_maybe_init(struct rspamd_external_libs_ctx *ctx);
#ifdef __cplusplus
}
rspamd_main->cfg = old_cfg;
rspamd_main->logger = old_logger;
msg_err_main("cannot parse new config file, revert to old one");
- REF_RELEASE(tmp_cfg);
+ CFG_REF_RELEASE(tmp_cfg);
return FALSE;
}
else {
rspamd_log_close(old_logger);
msg_info_main("replacing config");
- REF_RELEASE(old_cfg);
+ CFG_REF_RELEASE(old_cfg);
rspamd_main->cfg->rspamd_user = rspamd_user;
rspamd_main->cfg->rspamd_group = rspamd_group;
/* Here, we can do post actions with the existing config */
#ifdef WITH_HYPERSCAN
rspamd_hyperscan_cleanup_maybe();
#endif
- REF_RELEASE(rspamd_main->cfg);
+ CFG_REF_RELEASE(rspamd_main->cfg);
rspamd_log_close(rspamd_main->logger);
- rspamd_openssl_cleanup();
g_hash_table_unref(rspamd_main->spairs);
g_hash_table_unref(rspamd_main->workers);
rspamd_mempool_delete(rspamd_main->server_pool);
struct zstd_dictionary *out_dict;
void *out_zstream;
void *in_zstream;
+#if defined(RSPAMD_LEGACY_SSL_PROVIDER) && OPENSSL_VERSION_NUMBER >= 0x30000000L
+ void *ssl_legacy_provider;
+ void *ssl_default_provider;
+#endif
ref_entry_t ref;
};
projects / thirdparty / rspamd.git / commitdiff
