diff options
| -rw-r--r-- | src/lib/libcrypto/crypto.h | 5 | ||||
| -rw-r--r-- | src/lib/libcrypto/crypto_init.c | 28 | ||||
| -rw-r--r-- | src/lib/libcrypto/x509/x509_issuer_cache.h | 3 |
3 files changed, 30 insertions, 6 deletions
diff --git a/src/lib/libcrypto/crypto.h b/src/lib/libcrypto/crypto.h index 82372537e1..2d934413ea 100644 --- a/src/lib/libcrypto/crypto.h +++ b/src/lib/libcrypto/crypto.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: crypto.h,v 1.55 2022/07/12 14:42:48 kn Exp $ */ | 1 | /* $OpenBSD: crypto.h,v 1.56 2022/09/03 17:47:47 jsing Exp $ */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. |
| 4 | * | 4 | * |
| @@ -562,6 +562,9 @@ void ERR_load_CRYPTO_strings(void); | |||
| 562 | #define OPENSSL_INIT_ENGINE_ALL_BUILTIN _OPENSSL_INIT_FLAG_NOOP | 562 | #define OPENSSL_INIT_ENGINE_ALL_BUILTIN _OPENSSL_INIT_FLAG_NOOP |
| 563 | 563 | ||
| 564 | int OPENSSL_init_crypto(uint64_t opts, const void *settings); | 564 | int OPENSSL_init_crypto(uint64_t opts, const void *settings); |
| 565 | #if defined(LIBRESSL_NEXT_API) || defined(LIBRESSL_INTERNAL) | ||
| 566 | void OPENSSL_cleanup(void); | ||
| 567 | #endif | ||
| 565 | 568 | ||
| 566 | #ifdef __cplusplus | 569 | #ifdef __cplusplus |
| 567 | } | 570 | } |
diff --git a/src/lib/libcrypto/crypto_init.c b/src/lib/libcrypto/crypto_init.c index 67e7920890..69ba62991e 100644 --- a/src/lib/libcrypto/crypto_init.c +++ b/src/lib/libcrypto/crypto_init.c | |||
| @@ -19,17 +19,21 @@ | |||
| 19 | #include <pthread.h> | 19 | #include <pthread.h> |
| 20 | #include <stdio.h> | 20 | #include <stdio.h> |
| 21 | 21 | ||
| 22 | #include <openssl/objects.h> | ||
| 23 | #include <openssl/conf.h> | 22 | #include <openssl/conf.h> |
| 24 | #include <openssl/evp.h> | 23 | #include <openssl/engine.h> |
| 25 | #include <openssl/err.h> | 24 | #include <openssl/err.h> |
| 25 | #include <openssl/evp.h> | ||
| 26 | #include <openssl/objects.h> | ||
| 26 | 27 | ||
| 27 | #include "cryptlib.h" | 28 | #include "cryptlib.h" |
| 29 | #include "x509_issuer_cache.h" | ||
| 28 | 30 | ||
| 29 | int OpenSSL_config(const char *); | 31 | int OpenSSL_config(const char *); |
| 30 | int OpenSSL_no_config(void); | 32 | int OpenSSL_no_config(void); |
| 31 | 33 | ||
| 34 | static pthread_once_t crypto_init_once = PTHREAD_ONCE_INIT; | ||
| 32 | static pthread_t crypto_init_thread; | 35 | static pthread_t crypto_init_thread; |
| 36 | static int crypto_init_cleaned_up; | ||
| 33 | 37 | ||
| 34 | static void | 38 | static void |
| 35 | OPENSSL_init_crypto_internal(void) | 39 | OPENSSL_init_crypto_internal(void) |
| @@ -45,12 +49,15 @@ OPENSSL_init_crypto_internal(void) | |||
| 45 | int | 49 | int |
| 46 | OPENSSL_init_crypto(uint64_t opts, const void *settings) | 50 | OPENSSL_init_crypto(uint64_t opts, const void *settings) |
| 47 | { | 51 | { |
| 48 | static pthread_once_t once = PTHREAD_ONCE_INIT; | 52 | if (crypto_init_cleaned_up) { |
| 53 | CRYPTOerror(ERR_R_INIT_FAIL); | ||
| 54 | return 0; | ||
| 55 | } | ||
| 49 | 56 | ||
| 50 | if (pthread_equal(pthread_self(), crypto_init_thread)) | 57 | if (pthread_equal(pthread_self(), crypto_init_thread)) |
| 51 | return 1; /* don't recurse */ | 58 | return 1; /* don't recurse */ |
| 52 | 59 | ||
| 53 | if (pthread_once(&once, OPENSSL_init_crypto_internal) != 0) | 60 | if (pthread_once(&crypto_init_once, OPENSSL_init_crypto_internal) != 0) |
| 54 | return 0; | 61 | return 0; |
| 55 | 62 | ||
| 56 | if ((opts & OPENSSL_INIT_NO_LOAD_CONFIG) && | 63 | if ((opts & OPENSSL_INIT_NO_LOAD_CONFIG) && |
| @@ -63,3 +70,16 @@ OPENSSL_init_crypto(uint64_t opts, const void *settings) | |||
| 63 | 70 | ||
| 64 | return 1; | 71 | return 1; |
| 65 | } | 72 | } |
| 73 | |||
| 74 | void | ||
| 75 | OPENSSL_cleanup(void) | ||
| 76 | { | ||
| 77 | /* This currently calls init... */ | ||
| 78 | ERR_free_strings(); | ||
| 79 | |||
| 80 | ENGINE_cleanup(); | ||
| 81 | EVP_cleanup(); | ||
| 82 | x509_issuer_cache_free(); | ||
| 83 | |||
| 84 | crypto_init_cleaned_up = 1; | ||
| 85 | } | ||
diff --git a/src/lib/libcrypto/x509/x509_issuer_cache.h b/src/lib/libcrypto/x509/x509_issuer_cache.h index 6dedde75f1..3afe65bd49 100644 --- a/src/lib/libcrypto/x509/x509_issuer_cache.h +++ b/src/lib/libcrypto/x509/x509_issuer_cache.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: x509_issuer_cache.h,v 1.1 2020/09/11 14:30:51 beck Exp $ */ | 1 | /* $OpenBSD: x509_issuer_cache.h,v 1.2 2022/09/03 17:47:47 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2020 Bob Beck <beck@openbsd.org> | 3 | * Copyright (c) 2020 Bob Beck <beck@openbsd.org> |
| 4 | * | 4 | * |
| @@ -41,6 +41,7 @@ int x509_issuer_cache_set_max(size_t max); | |||
| 41 | int x509_issuer_cache_find(unsigned char *parent_md, unsigned char *child_md); | 41 | int x509_issuer_cache_find(unsigned char *parent_md, unsigned char *child_md); |
| 42 | void x509_issuer_cache_add(unsigned char *parent_md, unsigned char *child_md, | 42 | void x509_issuer_cache_add(unsigned char *parent_md, unsigned char *child_md, |
| 43 | int valid); | 43 | int valid); |
| 44 | void x509_issuer_cache_free(); | ||
| 44 | 45 | ||
| 45 | __END_HIDDEN_DECLS | 46 | __END_HIDDEN_DECLS |
| 46 | 47 | ||