int CRYPTO_get_new_lockid(char *name)
{
char *str;
int i;
#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16)
/* A hack to make Visual C++ 5.0 work correctly when linking as
* a DLL using /MT. Without this, the application cannot use
* any floating point printf's.
* It also seems to be needed for Visual C 1.5 (win16) */
SSLeay_MSVC5_hack=(double)name[0]*(double)name[1];
#endif
if ((app_locks == NULL) && ((app_locks=sk_OPENSSL_STRING_new_null()) == NULL))
{
CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID,ERR_R_MALLOC_FAILURE);
return(0);
}
if ((str=BUF_strdup(name)) == NULL)
{
CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID,ERR_R_MALLOC_FAILURE);
return(0);
}
i=sk_OPENSSL_STRING_push(app_locks,str);
if (!i)
OPENSSL_free(str);
else
i+=CRYPTO_NUM_LOCKS; /* gap of one :-) */
return(i);
}
int CRYPTO_get_new_dynlockid(void)
{
int i = 0;
CRYPTO_dynlock *pointer = NULL;
if (dynlock_create_callback == NULL)
{
CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK);
return(0);
}
CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
if ((dyn_locks == NULL)
&& ((dyn_locks=sk_CRYPTO_dynlock_new_null()) == NULL))
{
CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE);
return(0);
}
CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
pointer = (CRYPTO_dynlock *)OPENSSL_malloc(sizeof(CRYPTO_dynlock));
if (pointer == NULL)
{
CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE);
return(0);
}
pointer->references = 1;
pointer->data = dynlock_create_callback(__FILE__,__LINE__);
if (pointer->data == NULL)
{
OPENSSL_free(pointer);
CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE);
return(0);
}
CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
/* First, try to find an existing empty slot */
i=sk_CRYPTO_dynlock_find(dyn_locks,NULL);
/* If there was none, push, thereby creating a new one */
if (i == -1)
/* Since sk_push() returns the number of items on the
stack, not the location of the pushed item, we need
to transform the returned number into a position,
by decreasing it. */
i=sk_CRYPTO_dynlock_push(dyn_locks,pointer) - 1;
else
/* If we found a place with a NULL pointer, put our pointer
in it. */
(void)sk_CRYPTO_dynlock_set(dyn_locks,i,pointer);
CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
if (i == -1)
{
dynlock_destroy_callback(pointer->data,__FILE__,__LINE__);
OPENSSL_free(pointer);
}
else
i += 1; /* to avoid 0 */
return -i;
}
/*
* Register a new index.
*/
int crypto_get_ex_new_index_ex(OPENSSL_CTX *ctx, int class_index, long argl,
void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func,
CRYPTO_EX_free *free_func)
{
int toret = -1;
EX_CALLBACK *a;
EX_CALLBACKS *ip;
OSSL_EX_DATA_GLOBAL *global = openssl_ctx_get_ex_data_global(ctx);
if (global == NULL)
return -1;
ip = get_and_lock(ctx, class_index);
if (ip == NULL)
return -1;
if (ip->meth == NULL) {
ip->meth = sk_EX_CALLBACK_new_null();
/* We push an initial value on the stack because the SSL
* "app_data" routines use ex_data index zero. See RT 3710. */
if (ip->meth == NULL
|| !sk_EX_CALLBACK_push(ip->meth, NULL)) {
CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX_EX, ERR_R_MALLOC_FAILURE);
goto err;
}
}
a = (EX_CALLBACK *)OPENSSL_malloc(sizeof(*a));
if (a == NULL) {
CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX_EX, ERR_R_MALLOC_FAILURE);
goto err;
}
a->argl = argl;
a->argp = argp;
a->new_func = new_func;
a->dup_func = dup_func;
a->free_func = free_func;
if (!sk_EX_CALLBACK_push(ip->meth, NULL)) {
CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX_EX, ERR_R_MALLOC_FAILURE);
OPENSSL_free(a);
goto err;
}
toret = sk_EX_CALLBACK_num(ip->meth) - 1;
(void)sk_EX_CALLBACK_set(ip->meth, toret, a);
err:
CRYPTO_THREAD_unlock(global->ex_data_lock);
return toret;
}
/*
* Return the EX_CALLBACKS from the |ex_data| array that corresponds to
* a given class. On success, *holds the lock.*
*/
static EX_CALLBACKS *get_and_lock(OPENSSL_CTX *ctx, int class_index)
{
EX_CALLBACKS *ip;
OSSL_EX_DATA_GLOBAL *global = NULL;
if (class_index < 0 || class_index >= CRYPTO_EX_INDEX__COUNT) {
CRYPTOerr(CRYPTO_F_GET_AND_LOCK, ERR_R_PASSED_INVALID_ARGUMENT);
return NULL;
}
global = openssl_ctx_get_ex_data_global(ctx);
if (global->ex_data_lock == NULL) {
/*
* This can happen in normal operation when using CRYPTO_mem_leaks().
* The CRYPTO_mem_leaks() function calls OPENSSL_cleanup() which cleans
* up the locks. Subsequently the BIO that CRYPTO_mem_leaks() uses gets
* freed, which also attempts to free the ex_data. However
* CRYPTO_mem_leaks() ensures that the ex_data is freed early (i.e.
* before OPENSSL_cleanup() is called), so if we get here we can safely
* ignore this operation. We just treat it as an error.
*/
return NULL;
}
ip = &global->ex_data[class_index];
CRYPTO_THREAD_write_lock(global->ex_data_lock);
return ip;
}
OSSL_PROVIDER *ossl_provider_new(OPENSSL_CTX *libctx, const char *name,
OSSL_provider_init_fn *init_function)
{
struct provider_store_st *store = NULL;
OSSL_PROVIDER *prov = NULL;
if ((store = get_provider_store(libctx)) == NULL)
return NULL;
if ((prov = ossl_provider_find(libctx, name)) != NULL) { /* refcount +1 */
ossl_provider_free(prov); /* refcount -1 */
CRYPTOerr(CRYPTO_F_OSSL_PROVIDER_NEW,
CRYPTO_R_PROVIDER_ALREADY_EXISTS);
ERR_add_error_data(2, "name=", name);
return NULL;
}
/* provider_new() generates an error, so no need here */
if ((prov = provider_new(name, init_function)) == NULL)
return NULL;
CRYPTO_THREAD_write_lock(store->lock);
if (!ossl_provider_upref(prov)) { /* +1 One reference for the store */
ossl_provider_free(prov); /* -1 Reference that was to be returned */
prov = NULL;
} else if (sk_OSSL_PROVIDER_push(store->providers, prov) == 0) {
ossl_provider_free(prov); /* -1 Store reference */
ossl_provider_free(prov); /* -1 Reference that was to be returned */
prov = NULL;
} else {
prov->store = store;
}
CRYPTO_THREAD_unlock(store->lock);
if (prov == NULL)
CRYPTOerr(CRYPTO_F_OSSL_PROVIDER_NEW, ERR_R_MALLOC_FAILURE);
/*
* At this point, the provider is only partially "loaded". To be
* fully "loaded", ossl_provider_activate() must also be called.
*/
return prov;
}
/* Setters */
int ossl_provider_set_module_path(OSSL_PROVIDER *prov, const char *module_path)
{
OPENSSL_free(prov->path);
if (module_path == NULL)
return 1;
if ((prov->path = OPENSSL_strdup(module_path)) != NULL)
return 1;
CRYPTOerr(CRYPTO_F_OSSL_PROVIDER_SET_MODULE_PATH, ERR_R_MALLOC_FAILURE);
return 0;
}
int FIPS_mode_set(int r)
{
#ifdef OPENSSL_FIPS
return FIPS_module_mode_set(r);
#else
if (r == 0)
return 1;
CRYPTOerr(CRYPTO_F_FIPS_MODE_SET, CRYPTO_R_FIPS_MODE_NOT_SUPPORTED);
return 0;
#endif
}
/*
* For a given CRYPTO_EX_DATA variable, set the value corresponding to a
* particular index in the class used by this variable
*/
int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val)
{
int i;
if (ad->sk == NULL) {
if ((ad->sk = sk_void_new_null()) == NULL) {
CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA, ERR_R_MALLOC_FAILURE);
return 0;
}
}
for (i = sk_void_num(ad->sk); i <= idx; ++i) {
if (!sk_void_push(ad->sk, NULL)) {
CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA, ERR_R_MALLOC_FAILURE);
return 0;
}
}
sk_void_set(ad->sk, idx, val);
return 1;
}
static struct provider_store_st *get_provider_store(OPENSSL_CTX *libctx)
{
struct provider_store_st *store = NULL;
if (!RUN_ONCE(&provider_store_init_flag, do_provider_store_init))
return NULL;
store = openssl_ctx_get_data(libctx, provider_store_index);
if (store == NULL)
CRYPTOerr(CRYPTO_F_GET_PROVIDER_STORE, ERR_R_INTERNAL_ERROR);
return store;
}
void *CRYPTO_memdup(const void *data, size_t siz, const char* file, int line)
{
void *ret;
if (data == NULL || siz >= INT_MAX)
return NULL;
ret = CRYPTO_malloc(siz, file, line);
if (ret == NULL) {
CRYPTOerr(CRYPTO_F_CRYPTO_MEMDUP, ERR_R_MALLOC_FAILURE);
return NULL;
}
return memcpy(ret, data, siz);
}
/*
* Initialise a new CRYPTO_EX_DATA for use in a particular class - including
* calling new() callbacks for each index in the class used by this variable
* Thread-safe by copying a class's array of "EX_CALLBACK" entries
* in the lock, then using them outside the lock. Note this only applies
* to the global "ex_data" state (ie. class definitions), not 'ad' itself.
*/
int crypto_new_ex_data_ex(OPENSSL_CTX *ctx, int class_index, void *obj,
CRYPTO_EX_DATA *ad)
{
int mx, i;
void *ptr;
EX_CALLBACK **storage = NULL;
EX_CALLBACK *stack[10];
EX_CALLBACKS *ip;
OSSL_EX_DATA_GLOBAL *global = openssl_ctx_get_ex_data_global(ctx);
if (global == NULL)
return 0;
ip = get_and_lock(ctx, class_index);
if (ip == NULL)
return 0;
ad->ctx = ctx;
ad->sk = NULL;
mx = sk_EX_CALLBACK_num(ip->meth);
if (mx > 0) {
if (mx < (int)OSSL_NELEM(stack))
storage = stack;
else
storage = OPENSSL_malloc(sizeof(*storage) * mx);
if (storage != NULL)
for (i = 0; i < mx; i++)
storage[i] = sk_EX_CALLBACK_value(ip->meth, i);
}
CRYPTO_THREAD_unlock(global->ex_data_lock);
if (mx > 0 && storage == NULL) {
CRYPTOerr(CRYPTO_F_CRYPTO_NEW_EX_DATA_EX, ERR_R_MALLOC_FAILURE);
return 0;
}
for (i = 0; i < mx; i++) {
if (storage[i] != NULL && storage[i]->new_func != NULL) {
ptr = CRYPTO_get_ex_data(ad, i);
storage[i]->new_func(obj, ptr, ad, i,
storage[i]->argl, storage[i]->argp);
}
}
if (storage != stack)
OPENSSL_free(storage);
return 1;
}
static OSSL_PROVIDER *provider_new(const char *name,
OSSL_provider_init_fn *init_function)
{
OSSL_PROVIDER *prov = NULL;
if ((prov = OPENSSL_zalloc(sizeof(*prov))) == NULL
#ifndef HAVE_ATOMICS
|| (prov->refcnt_lock = CRYPTO_THREAD_lock_new()) == NULL
#endif
|| !ossl_provider_upref(prov) /* +1 One reference to be returned */
|| (prov->name = OPENSSL_strdup(name)) == NULL) {
ossl_provider_free(prov);
CRYPTOerr(CRYPTO_F_PROVIDER_NEW, ERR_R_MALLOC_FAILURE);
return NULL;
}
prov->init_function = init_function;
return prov;
}
int ossl_provider_add_parameter(OSSL_PROVIDER *prov,
const char *name, const char *value)
{
INFOPAIR *pair = NULL;
if ((pair = OPENSSL_zalloc(sizeof(*pair))) != NULL
&& (prov->parameters != NULL
|| (prov->parameters = sk_INFOPAIR_new_null()) != NULL)
&& (pair->name = OPENSSL_strdup(name)) != NULL
&& (pair->value = OPENSSL_strdup(value)) != NULL
&& sk_INFOPAIR_push(prov->parameters, pair) > 0)
return 1;
if (pair != NULL) {
OPENSSL_free(pair->name);
OPENSSL_free(pair->value);
OPENSSL_free(pair);
}
CRYPTOerr(CRYPTO_F_OSSL_PROVIDER_ADD_PARAMETER, ERR_R_MALLOC_FAILURE);
return 0;
}
int FIPS_mode_set(int r)
{
OPENSSL_init();
#ifdef OPENSSL_FIPS
#ifndef FIPS_AUTH_USER_PASS
#define FIPS_AUTH_USER_PASS "Default FIPS Crypto User Password"
#endif
if (!FIPS_module_mode_set(r, FIPS_AUTH_USER_PASS))
return 0;
if (r)
RAND_set_rand_method(FIPS_rand_get_method());
else
RAND_set_rand_method(NULL);
return 1;
#else
if (r == 0)
return 1;
CRYPTOerr(CRYPTO_F_FIPS_MODE_SET, CRYPTO_R_FIPS_MODE_NOT_SUPPORTED);
return 0;
#endif
}
static void *provider_store_new(void)
{
struct provider_store_st *store = OPENSSL_zalloc(sizeof(*store));
const struct predefined_providers_st *p = NULL;
if (store == NULL
|| (store->providers = sk_OSSL_PROVIDER_new(ossl_provider_cmp)) == NULL
|| (store->lock = CRYPTO_THREAD_lock_new()) == NULL) {
provider_store_free(store);
return NULL;
}
store->use_fallbacks = 1;
for (p = predefined_providers; p->name != NULL; p++) {
OSSL_PROVIDER *prov = NULL;
/*
* We use the internal constructor directly here,
* otherwise we get a call loop
*/
prov = provider_new(p->name, p->init);
if (prov == NULL
|| sk_OSSL_PROVIDER_push(store->providers, prov) == 0) {
ossl_provider_free(prov);
provider_store_free(store);
CRYPTOerr(CRYPTO_F_PROVIDER_STORE_NEW, ERR_R_INTERNAL_ERROR);
return NULL;
}
prov->store = store;
if(p->is_fallback)
ossl_provider_set_fallback(prov);
}
return store;
}
int OPENSSL_atexit(void (*handler)(void))
{
OPENSSL_INIT_STOP *newhand;
#if !defined(OPENSSL_NO_DSO) \
&& !defined(OPENSSL_USE_NODELETE)\
&& !defined(OPENSSL_NO_PINSHARED)
{
union {
void *sym;
void (*func)(void);
} handlersym;
handlersym.func = handler;
# ifdef DSO_WIN32
{
HMODULE handle = NULL;
BOOL ret;
/*
* We don't use the DSO route for WIN32 because there is a better
* way
*/
ret = GetModuleHandleEx(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS
| GET_MODULE_HANDLE_EX_FLAG_PIN,
handlersym.sym, &handle);
if (!ret)
return 0;
}
# else
/*
* Deliberately leak a reference to the handler. This will force the
* library/code containing the handler to remain loaded until we run the
* atexit handler. If -znodelete has been used then this is
* unnecessary.
*/
{
DSO *dso = NULL;
ERR_set_mark();
dso = DSO_dsobyaddr(handlersym.sym, DSO_FLAG_NO_UNLOAD_ON_FREE);
/* See same code above in ossl_init_base() for an explanation. */
OSSL_TRACE1(INIT,
"atexit: obtained DSO reference? %s\n",
(dso == NULL ? "No!" : "Yes."));
DSO_free(dso);
ERR_pop_to_mark();
}
# endif
}
#endif
if ((newhand = OPENSSL_malloc(sizeof(*newhand))) == NULL) {
CRYPTOerr(CRYPTO_F_OPENSSL_ATEXIT, ERR_R_MALLOC_FAILURE);
return 0;
}
newhand->handler = handler;
newhand->next = stop_handlers;
stop_handlers = newhand;
return 1;
}
/*
* Internal version that doesn't affect the store flags, and thereby avoid
* locking. Direct callers must remember to set the store flags when
* appropriate
*/
static int provider_activate(OSSL_PROVIDER *prov)
{
const OSSL_DISPATCH *provider_dispatch = NULL;
if (prov->flag_initialized)
return 1;
/*
* If the init function isn't set, it indicates that this provider is
* a loadable module.
*/
if (prov->init_function == NULL) {
if (prov->module == NULL) {
char *allocated_path = NULL;
const char *module_path = NULL;
char *merged_path = NULL;
const char *load_dir = ossl_safe_getenv("OPENSSL_MODULES");
if ((prov->module = DSO_new()) == NULL) {
/* DSO_new() generates an error already */
return 0;
}
if (load_dir == NULL)
load_dir = MODULESDIR;
DSO_ctrl(prov->module, DSO_CTRL_SET_FLAGS,
DSO_FLAG_NAME_TRANSLATION_EXT_ONLY, NULL);
module_path = prov->path;
if (module_path == NULL)
module_path = allocated_path =
DSO_convert_filename(prov->module, prov->name);
if (module_path != NULL)
merged_path = DSO_merge(prov->module, module_path, load_dir);
if (merged_path == NULL
|| (DSO_load(prov->module, merged_path, NULL, 0)) == NULL) {
DSO_free(prov->module);
prov->module = NULL;
}
OPENSSL_free(merged_path);
OPENSSL_free(allocated_path);
}
if (prov->module != NULL)
prov->init_function = (OSSL_provider_init_fn *)
DSO_bind_func(prov->module, "OSSL_provider_init");
}
if (prov->init_function == NULL
|| !prov->init_function(prov, core_dispatch, &provider_dispatch)) {
CRYPTOerr(CRYPTO_F_PROVIDER_ACTIVATE, ERR_R_INIT_FAIL);
ERR_add_error_data(2, "name=", prov->name);
DSO_free(prov->module);
prov->module = NULL;
return 0;
}
for (; provider_dispatch->function_id != 0; provider_dispatch++) {
switch (provider_dispatch->function_id) {
case OSSL_FUNC_PROVIDER_TEARDOWN:
prov->teardown =
OSSL_get_provider_teardown(provider_dispatch);
break;
case OSSL_FUNC_PROVIDER_GET_PARAM_TYPES:
prov->get_param_types =
OSSL_get_provider_get_param_types(provider_dispatch);
break;
case OSSL_FUNC_PROVIDER_GET_PARAMS:
prov->get_params =
OSSL_get_provider_get_params(provider_dispatch);
break;
case OSSL_FUNC_PROVIDER_QUERY_OPERATION:
prov->query_operation =
OSSL_get_provider_query_operation(provider_dispatch);
break;
}
}
/* With this flag set, this provider has become fully "loaded". */
prov->flag_initialized = 1;
return 1;
}
/*
* Duplicate a CRYPTO_EX_DATA variable - including calling dup() callbacks
* for each index in the class used by this variable
*/
int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to,
const CRYPTO_EX_DATA *from)
{
int mx, j, i;
void *ptr;
EX_CALLBACK *stack[10];
EX_CALLBACK **storage = NULL;
EX_CALLBACKS *ip;
int toret = 0;
OSSL_EX_DATA_GLOBAL *global = openssl_ctx_get_ex_data_global(from->ctx);
if (global == NULL)
return 0;
to->ctx = from->ctx;
if (from->sk == NULL)
/* Nothing to copy over */
return 1;
if ((ip = get_and_lock(from->ctx, class_index)) == NULL)
return 0;
mx = sk_EX_CALLBACK_num(ip->meth);
j = sk_void_num(from->sk);
if (j < mx)
mx = j;
if (mx > 0) {
if (mx < (int)OSSL_NELEM(stack))
storage = stack;
else
storage = OPENSSL_malloc(sizeof(*storage) * mx);
if (storage != NULL)
for (i = 0; i < mx; i++)
storage[i] = sk_EX_CALLBACK_value(ip->meth, i);
}
CRYPTO_THREAD_unlock(global->ex_data_lock);
if (mx == 0)
return 1;
if (storage == NULL) {
CRYPTOerr(CRYPTO_F_CRYPTO_DUP_EX_DATA, ERR_R_MALLOC_FAILURE);
return 0;
}
/*
* Make sure the ex_data stack is at least |mx| elements long to avoid
* issues in the for loop that follows; so go get the |mx|'th element
* (if it does not exist CRYPTO_get_ex_data() returns NULL), and assign
* to itself. This is normally a no-op; but ensures the stack is the
* proper size
*/
if (!CRYPTO_set_ex_data(to, mx - 1, CRYPTO_get_ex_data(to, mx - 1)))
goto err;
for (i = 0; i < mx; i++) {
ptr = CRYPTO_get_ex_data(from, i);
if (storage[i] != NULL && storage[i]->dup_func != NULL)
if (!storage[i]->dup_func(to, from, &ptr, i,
storage[i]->argl, storage[i]->argp))
goto err;
CRYPTO_set_ex_data(to, i, ptr);
}
toret = 1;
err:
if (storage != stack)
OPENSSL_free(storage);
return toret;
}
/*
* If this function is called with a non NULL settings value then it must be
* called prior to any threads making calls to any OpenSSL functions,
* i.e. passing a non-null settings value is assumed to be single-threaded.
*/
int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings)
{
static int stoperrset = 0;
if (stopped) {
if (!stoperrset) {
/*
* We only ever set this once to avoid getting into an infinite
* loop where the error system keeps trying to init and fails so
* sets an error etc
*/
stoperrset = 1;
CRYPTOerr(CRYPTO_F_OPENSSL_INIT_CRYPTO, ERR_R_INIT_FAIL);
}
return 0;
}
if (!base_inited && !RUN_ONCE(&base, ossl_init_base))
return 0;
if ((opts & OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS)
&& !RUN_ONCE(&load_crypto_strings,
ossl_init_no_load_crypto_strings))
return 0;
if ((opts & OPENSSL_INIT_LOAD_CRYPTO_STRINGS)
&& !RUN_ONCE(&load_crypto_strings, ossl_init_load_crypto_strings))
return 0;
if ((opts & OPENSSL_INIT_NO_ADD_ALL_CIPHERS)
&& !RUN_ONCE(&add_all_ciphers, ossl_init_no_add_algs))
return 0;
if ((opts & OPENSSL_INIT_ADD_ALL_CIPHERS)
&& !RUN_ONCE(&add_all_ciphers, ossl_init_add_all_ciphers))
return 0;
if ((opts & OPENSSL_INIT_NO_ADD_ALL_DIGESTS)
&& !RUN_ONCE(&add_all_digests, ossl_init_no_add_algs))
return 0;
if ((opts & OPENSSL_INIT_ADD_ALL_DIGESTS)
&& !RUN_ONCE(&add_all_digests, ossl_init_add_all_digests))
return 0;
if ((opts & OPENSSL_INIT_NO_LOAD_CONFIG)
&& !RUN_ONCE(&config, ossl_init_no_config))
return 0;
if (opts & OPENSSL_INIT_LOAD_CONFIG) {
int ret;
CRYPTO_THREAD_write_lock(init_lock);
appname = (settings == NULL) ? NULL : settings->appname;
ret = RUN_ONCE(&config, ossl_init_config);
CRYPTO_THREAD_unlock(init_lock);
if (!ret)
return 0;
}
if ((opts & OPENSSL_INIT_ASYNC)
&& !RUN_ONCE(&async, ossl_init_async))
return 0;
#ifndef OPENSSL_NO_ENGINE
if ((opts & OPENSSL_INIT_ENGINE_OPENSSL)
&& !RUN_ONCE(&engine_openssl, ossl_init_engine_openssl))
return 0;
# if !defined(OPENSSL_NO_HW) && \
(defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV))
if ((opts & OPENSSL_INIT_ENGINE_CRYPTODEV)
&& !RUN_ONCE(&engine_cryptodev, ossl_init_engine_cryptodev))
return 0;
# endif
# ifndef OPENSSL_NO_RDRAND
if ((opts & OPENSSL_INIT_ENGINE_RDRAND)
&& !RUN_ONCE(&engine_rdrand, ossl_init_engine_rdrand))
return 0;
# endif
if ((opts & OPENSSL_INIT_ENGINE_DYNAMIC)
&& !RUN_ONCE(&engine_dynamic, ossl_init_engine_dynamic))
return 0;
# ifndef OPENSSL_NO_STATIC_ENGINE
# if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_PADLOCK)
if ((opts & OPENSSL_INIT_ENGINE_PADLOCK)
&& !RUN_ONCE(&engine_padlock, ossl_init_engine_padlock))
return 0;
# endif
# if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG)
if ((opts & OPENSSL_INIT_ENGINE_CAPI)
&& !RUN_ONCE(&engine_capi, ossl_init_engine_capi))
return 0;
# endif
# if !defined(OPENSSL_NO_AFALGENG)
if ((opts & OPENSSL_INIT_ENGINE_AFALG)
&& !RUN_ONCE(&engine_afalg, ossl_init_engine_afalg))
return 0;
# endif
# endif
if (opts & (OPENSSL_INIT_ENGINE_ALL_BUILTIN
| OPENSSL_INIT_ENGINE_OPENSSL
| OPENSSL_INIT_ENGINE_AFALG)) {
ENGINE_register_all_complete();
}
#endif
#ifndef OPENSSL_NO_COMP
if ((opts & OPENSSL_INIT_ZLIB)
&& !RUN_ONCE(&zlib, ossl_init_zlib))
return 0;
#endif
return 1;
}
/*
* If this function is called with a non NULL settings value then it must be
* called prior to any threads making calls to any OpenSSL functions,
* i.e. passing a non-null settings value is assumed to be single-threaded.
*/
int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings)
{
if (stopped) {
if (!(opts & OPENSSL_INIT_BASE_ONLY))
CRYPTOerr(CRYPTO_F_OPENSSL_INIT_CRYPTO, ERR_R_INIT_FAIL);
return 0;
}
/*
* When the caller specifies OPENSSL_INIT_BASE_ONLY, that should be the
* *only* option specified. With that option we return immediately after
* doing the requested limited initialization. Note that
* err_shelve_state() called by us via ossl_init_load_crypto_nodelete()
* re-enters OPENSSL_init_crypto() with OPENSSL_INIT_BASE_ONLY, but with
* base already initialized this is a harmless NOOP.
*
* If we remain the only caller of err_shelve_state() the recursion should
* perhaps be removed, but if in doubt, it can be left in place.
*/
if (!RUN_ONCE(&base, ossl_init_base))
return 0;
if (opts & OPENSSL_INIT_BASE_ONLY)
return 1;
/*
* Now we don't always set up exit handlers, the INIT_BASE_ONLY calls
* should not have the side-effect of setting up exit handlers, and
* therefore, this code block is below the INIT_BASE_ONLY-conditioned early
* return above.
*/
if ((opts & OPENSSL_INIT_NO_ATEXIT) != 0) {
if (!RUN_ONCE_ALT(®ister_atexit, ossl_init_no_register_atexit,
ossl_init_register_atexit))
return 0;
} else if (!RUN_ONCE(®ister_atexit, ossl_init_register_atexit)) {
return 0;
}
if (!RUN_ONCE(&load_crypto_nodelete, ossl_init_load_crypto_nodelete))
return 0;
if ((opts & OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS)
&& !RUN_ONCE_ALT(&load_crypto_strings,
ossl_init_no_load_crypto_strings,
ossl_init_load_crypto_strings))
return 0;
if ((opts & OPENSSL_INIT_LOAD_CRYPTO_STRINGS)
&& !RUN_ONCE(&load_crypto_strings, ossl_init_load_crypto_strings))
return 0;
if ((opts & OPENSSL_INIT_NO_ADD_ALL_CIPHERS)
&& !RUN_ONCE_ALT(&add_all_ciphers, ossl_init_no_add_all_ciphers,
ossl_init_add_all_ciphers))
return 0;
if ((opts & OPENSSL_INIT_ADD_ALL_CIPHERS)
&& !RUN_ONCE(&add_all_ciphers, ossl_init_add_all_ciphers))
return 0;
if ((opts & OPENSSL_INIT_NO_ADD_ALL_DIGESTS)
&& !RUN_ONCE_ALT(&add_all_digests, ossl_init_no_add_all_digests,
ossl_init_add_all_digests))
return 0;
if ((opts & OPENSSL_INIT_ADD_ALL_DIGESTS)
&& !RUN_ONCE(&add_all_digests, ossl_init_add_all_digests))
return 0;
if ((opts & OPENSSL_INIT_NO_ADD_ALL_MACS)
&& !RUN_ONCE_ALT(&add_all_macs, ossl_init_no_add_all_macs,
ossl_init_add_all_macs))
return 0;
if ((opts & OPENSSL_INIT_ADD_ALL_MACS)
&& !RUN_ONCE(&add_all_macs, ossl_init_add_all_macs))
return 0;
if ((opts & OPENSSL_INIT_ATFORK)
&& !openssl_init_fork_handlers())
return 0;
if ((opts & OPENSSL_INIT_NO_LOAD_CONFIG)
&& !RUN_ONCE_ALT(&config, ossl_init_no_config, ossl_init_config))
return 0;
if (opts & OPENSSL_INIT_LOAD_CONFIG) {
int ret;
CRYPTO_THREAD_write_lock(init_lock);
conf_settings = settings;
ret = RUN_ONCE(&config, ossl_init_config);
conf_settings = NULL;
CRYPTO_THREAD_unlock(init_lock);
if (!ret)
return 0;
}
if ((opts & OPENSSL_INIT_ASYNC)
&& !RUN_ONCE(&async, ossl_init_async))
return 0;
#ifndef OPENSSL_NO_ENGINE
if ((opts & OPENSSL_INIT_ENGINE_OPENSSL)
&& !RUN_ONCE(&engine_openssl, ossl_init_engine_openssl))
return 0;
# ifndef OPENSSL_NO_RDRAND
if ((opts & OPENSSL_INIT_ENGINE_RDRAND)
&& !RUN_ONCE(&engine_rdrand, ossl_init_engine_rdrand))
return 0;
# endif
if ((opts & OPENSSL_INIT_ENGINE_DYNAMIC)
&& !RUN_ONCE(&engine_dynamic, ossl_init_engine_dynamic))
return 0;
# ifndef OPENSSL_NO_STATIC_ENGINE
# ifndef OPENSSL_NO_DEVCRYPTOENG
if ((opts & OPENSSL_INIT_ENGINE_CRYPTODEV)
&& !RUN_ONCE(&engine_devcrypto, ossl_init_engine_devcrypto))
return 0;
# endif
# if !defined(OPENSSL_NO_PADLOCKENG)
if ((opts & OPENSSL_INIT_ENGINE_PADLOCK)
&& !RUN_ONCE(&engine_padlock, ossl_init_engine_padlock))
return 0;
# endif
# if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG)
if ((opts & OPENSSL_INIT_ENGINE_CAPI)
&& !RUN_ONCE(&engine_capi, ossl_init_engine_capi))
return 0;
# endif
# if !defined(OPENSSL_NO_AFALGENG)
if ((opts & OPENSSL_INIT_ENGINE_AFALG)
&& !RUN_ONCE(&engine_afalg, ossl_init_engine_afalg))
return 0;
# endif
# endif
if (opts & (OPENSSL_INIT_ENGINE_ALL_BUILTIN
| OPENSSL_INIT_ENGINE_OPENSSL
| OPENSSL_INIT_ENGINE_AFALG)) {
ENGINE_register_all_complete();
}
#endif
#ifndef OPENSSL_NO_COMP
if ((opts & OPENSSL_INIT_ZLIB)
&& !RUN_ONCE(&zlib, ossl_init_zlib))
return 0;
#endif
return 1;
}
