int CRYPTO_get_new_lockid(char *name) { char *str; int i; #if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16) /* A hack to make Visual C++ 5.0 work correctly when linking as * a DLL using /MT. Without this, the application cannot use * any floating point printf's. * It also seems to be needed for Visual C 1.5 (win16) */ SSLeay_MSVC5_hack=(double)name[0]*(double)name[1]; #endif if ((app_locks == NULL) && ((app_locks=sk_OPENSSL_STRING_new_null()) == NULL)) { CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID,ERR_R_MALLOC_FAILURE); return(0); } if ((str=BUF_strdup(name)) == NULL) { CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID,ERR_R_MALLOC_FAILURE); return(0); } i=sk_OPENSSL_STRING_push(app_locks,str); if (!i) OPENSSL_free(str); else i+=CRYPTO_NUM_LOCKS; /* gap of one :-) */ return(i); }
int CRYPTO_get_new_dynlockid(void) { int i = 0; CRYPTO_dynlock *pointer = NULL; if (dynlock_create_callback == NULL) { CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK); return(0); } CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK); if ((dyn_locks == NULL) && ((dyn_locks=sk_CRYPTO_dynlock_new_null()) == NULL)) { CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE); return(0); } CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); pointer = (CRYPTO_dynlock *)OPENSSL_malloc(sizeof(CRYPTO_dynlock)); if (pointer == NULL) { CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE); return(0); } pointer->references = 1; pointer->data = dynlock_create_callback(__FILE__,__LINE__); if (pointer->data == NULL) { OPENSSL_free(pointer); CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE); return(0); } CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK); /* First, try to find an existing empty slot */ i=sk_CRYPTO_dynlock_find(dyn_locks,NULL); /* If there was none, push, thereby creating a new one */ if (i == -1) /* Since sk_push() returns the number of items on the stack, not the location of the pushed item, we need to transform the returned number into a position, by decreasing it. */ i=sk_CRYPTO_dynlock_push(dyn_locks,pointer) - 1; else /* If we found a place with a NULL pointer, put our pointer in it. */ (void)sk_CRYPTO_dynlock_set(dyn_locks,i,pointer); CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); if (i == -1) { dynlock_destroy_callback(pointer->data,__FILE__,__LINE__); OPENSSL_free(pointer); } else i += 1; /* to avoid 0 */ return -i; }
/* * Register a new index. */ int crypto_get_ex_new_index_ex(OPENSSL_CTX *ctx, int class_index, long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) { int toret = -1; EX_CALLBACK *a; EX_CALLBACKS *ip; OSSL_EX_DATA_GLOBAL *global = openssl_ctx_get_ex_data_global(ctx); if (global == NULL) return -1; ip = get_and_lock(ctx, class_index); if (ip == NULL) return -1; if (ip->meth == NULL) { ip->meth = sk_EX_CALLBACK_new_null(); /* We push an initial value on the stack because the SSL * "app_data" routines use ex_data index zero. See RT 3710. */ if (ip->meth == NULL || !sk_EX_CALLBACK_push(ip->meth, NULL)) { CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX_EX, ERR_R_MALLOC_FAILURE); goto err; } } a = (EX_CALLBACK *)OPENSSL_malloc(sizeof(*a)); if (a == NULL) { CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX_EX, ERR_R_MALLOC_FAILURE); goto err; } a->argl = argl; a->argp = argp; a->new_func = new_func; a->dup_func = dup_func; a->free_func = free_func; if (!sk_EX_CALLBACK_push(ip->meth, NULL)) { CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX_EX, ERR_R_MALLOC_FAILURE); OPENSSL_free(a); goto err; } toret = sk_EX_CALLBACK_num(ip->meth) - 1; (void)sk_EX_CALLBACK_set(ip->meth, toret, a); err: CRYPTO_THREAD_unlock(global->ex_data_lock); return toret; }
/* * Return the EX_CALLBACKS from the |ex_data| array that corresponds to * a given class. On success, *holds the lock.* */ static EX_CALLBACKS *get_and_lock(OPENSSL_CTX *ctx, int class_index) { EX_CALLBACKS *ip; OSSL_EX_DATA_GLOBAL *global = NULL; if (class_index < 0 || class_index >= CRYPTO_EX_INDEX__COUNT) { CRYPTOerr(CRYPTO_F_GET_AND_LOCK, ERR_R_PASSED_INVALID_ARGUMENT); return NULL; } global = openssl_ctx_get_ex_data_global(ctx); if (global->ex_data_lock == NULL) { /* * This can happen in normal operation when using CRYPTO_mem_leaks(). * The CRYPTO_mem_leaks() function calls OPENSSL_cleanup() which cleans * up the locks. Subsequently the BIO that CRYPTO_mem_leaks() uses gets * freed, which also attempts to free the ex_data. However * CRYPTO_mem_leaks() ensures that the ex_data is freed early (i.e. * before OPENSSL_cleanup() is called), so if we get here we can safely * ignore this operation. We just treat it as an error. */ return NULL; } ip = &global->ex_data[class_index]; CRYPTO_THREAD_write_lock(global->ex_data_lock); return ip; }
OSSL_PROVIDER *ossl_provider_new(OPENSSL_CTX *libctx, const char *name, OSSL_provider_init_fn *init_function) { struct provider_store_st *store = NULL; OSSL_PROVIDER *prov = NULL; if ((store = get_provider_store(libctx)) == NULL) return NULL; if ((prov = ossl_provider_find(libctx, name)) != NULL) { /* refcount +1 */ ossl_provider_free(prov); /* refcount -1 */ CRYPTOerr(CRYPTO_F_OSSL_PROVIDER_NEW, CRYPTO_R_PROVIDER_ALREADY_EXISTS); ERR_add_error_data(2, "name=", name); return NULL; } /* provider_new() generates an error, so no need here */ if ((prov = provider_new(name, init_function)) == NULL) return NULL; CRYPTO_THREAD_write_lock(store->lock); if (!ossl_provider_upref(prov)) { /* +1 One reference for the store */ ossl_provider_free(prov); /* -1 Reference that was to be returned */ prov = NULL; } else if (sk_OSSL_PROVIDER_push(store->providers, prov) == 0) { ossl_provider_free(prov); /* -1 Store reference */ ossl_provider_free(prov); /* -1 Reference that was to be returned */ prov = NULL; } else { prov->store = store; } CRYPTO_THREAD_unlock(store->lock); if (prov == NULL) CRYPTOerr(CRYPTO_F_OSSL_PROVIDER_NEW, ERR_R_MALLOC_FAILURE); /* * At this point, the provider is only partially "loaded". To be * fully "loaded", ossl_provider_activate() must also be called. */ return prov; }
/* Setters */ int ossl_provider_set_module_path(OSSL_PROVIDER *prov, const char *module_path) { OPENSSL_free(prov->path); if (module_path == NULL) return 1; if ((prov->path = OPENSSL_strdup(module_path)) != NULL) return 1; CRYPTOerr(CRYPTO_F_OSSL_PROVIDER_SET_MODULE_PATH, ERR_R_MALLOC_FAILURE); return 0; }
int FIPS_mode_set(int r) { #ifdef OPENSSL_FIPS return FIPS_module_mode_set(r); #else if (r == 0) return 1; CRYPTOerr(CRYPTO_F_FIPS_MODE_SET, CRYPTO_R_FIPS_MODE_NOT_SUPPORTED); return 0; #endif }
/* * For a given CRYPTO_EX_DATA variable, set the value corresponding to a * particular index in the class used by this variable */ int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val) { int i; if (ad->sk == NULL) { if ((ad->sk = sk_void_new_null()) == NULL) { CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA, ERR_R_MALLOC_FAILURE); return 0; } } for (i = sk_void_num(ad->sk); i <= idx; ++i) { if (!sk_void_push(ad->sk, NULL)) { CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA, ERR_R_MALLOC_FAILURE); return 0; } } sk_void_set(ad->sk, idx, val); return 1; }
static struct provider_store_st *get_provider_store(OPENSSL_CTX *libctx) { struct provider_store_st *store = NULL; if (!RUN_ONCE(&provider_store_init_flag, do_provider_store_init)) return NULL; store = openssl_ctx_get_data(libctx, provider_store_index); if (store == NULL) CRYPTOerr(CRYPTO_F_GET_PROVIDER_STORE, ERR_R_INTERNAL_ERROR); return store; }
void *CRYPTO_memdup(const void *data, size_t siz, const char* file, int line) { void *ret; if (data == NULL || siz >= INT_MAX) return NULL; ret = CRYPTO_malloc(siz, file, line); if (ret == NULL) { CRYPTOerr(CRYPTO_F_CRYPTO_MEMDUP, ERR_R_MALLOC_FAILURE); return NULL; } return memcpy(ret, data, siz); }
/* * Initialise a new CRYPTO_EX_DATA for use in a particular class - including * calling new() callbacks for each index in the class used by this variable * Thread-safe by copying a class's array of "EX_CALLBACK" entries * in the lock, then using them outside the lock. Note this only applies * to the global "ex_data" state (ie. class definitions), not 'ad' itself. */ int crypto_new_ex_data_ex(OPENSSL_CTX *ctx, int class_index, void *obj, CRYPTO_EX_DATA *ad) { int mx, i; void *ptr; EX_CALLBACK **storage = NULL; EX_CALLBACK *stack[10]; EX_CALLBACKS *ip; OSSL_EX_DATA_GLOBAL *global = openssl_ctx_get_ex_data_global(ctx); if (global == NULL) return 0; ip = get_and_lock(ctx, class_index); if (ip == NULL) return 0; ad->ctx = ctx; ad->sk = NULL; mx = sk_EX_CALLBACK_num(ip->meth); if (mx > 0) { if (mx < (int)OSSL_NELEM(stack)) storage = stack; else storage = OPENSSL_malloc(sizeof(*storage) * mx); if (storage != NULL) for (i = 0; i < mx; i++) storage[i] = sk_EX_CALLBACK_value(ip->meth, i); } CRYPTO_THREAD_unlock(global->ex_data_lock); if (mx > 0 && storage == NULL) { CRYPTOerr(CRYPTO_F_CRYPTO_NEW_EX_DATA_EX, ERR_R_MALLOC_FAILURE); return 0; } for (i = 0; i < mx; i++) { if (storage[i] != NULL && storage[i]->new_func != NULL) { ptr = CRYPTO_get_ex_data(ad, i); storage[i]->new_func(obj, ptr, ad, i, storage[i]->argl, storage[i]->argp); } } if (storage != stack) OPENSSL_free(storage); return 1; }
static OSSL_PROVIDER *provider_new(const char *name, OSSL_provider_init_fn *init_function) { OSSL_PROVIDER *prov = NULL; if ((prov = OPENSSL_zalloc(sizeof(*prov))) == NULL #ifndef HAVE_ATOMICS || (prov->refcnt_lock = CRYPTO_THREAD_lock_new()) == NULL #endif || !ossl_provider_upref(prov) /* +1 One reference to be returned */ || (prov->name = OPENSSL_strdup(name)) == NULL) { ossl_provider_free(prov); CRYPTOerr(CRYPTO_F_PROVIDER_NEW, ERR_R_MALLOC_FAILURE); return NULL; } prov->init_function = init_function; return prov; }
int ossl_provider_add_parameter(OSSL_PROVIDER *prov, const char *name, const char *value) { INFOPAIR *pair = NULL; if ((pair = OPENSSL_zalloc(sizeof(*pair))) != NULL && (prov->parameters != NULL || (prov->parameters = sk_INFOPAIR_new_null()) != NULL) && (pair->name = OPENSSL_strdup(name)) != NULL && (pair->value = OPENSSL_strdup(value)) != NULL && sk_INFOPAIR_push(prov->parameters, pair) > 0) return 1; if (pair != NULL) { OPENSSL_free(pair->name); OPENSSL_free(pair->value); OPENSSL_free(pair); } CRYPTOerr(CRYPTO_F_OSSL_PROVIDER_ADD_PARAMETER, ERR_R_MALLOC_FAILURE); return 0; }
int FIPS_mode_set(int r) { OPENSSL_init(); #ifdef OPENSSL_FIPS #ifndef FIPS_AUTH_USER_PASS #define FIPS_AUTH_USER_PASS "Default FIPS Crypto User Password" #endif if (!FIPS_module_mode_set(r, FIPS_AUTH_USER_PASS)) return 0; if (r) RAND_set_rand_method(FIPS_rand_get_method()); else RAND_set_rand_method(NULL); return 1; #else if (r == 0) return 1; CRYPTOerr(CRYPTO_F_FIPS_MODE_SET, CRYPTO_R_FIPS_MODE_NOT_SUPPORTED); return 0; #endif }
static void *provider_store_new(void) { struct provider_store_st *store = OPENSSL_zalloc(sizeof(*store)); const struct predefined_providers_st *p = NULL; if (store == NULL || (store->providers = sk_OSSL_PROVIDER_new(ossl_provider_cmp)) == NULL || (store->lock = CRYPTO_THREAD_lock_new()) == NULL) { provider_store_free(store); return NULL; } store->use_fallbacks = 1; for (p = predefined_providers; p->name != NULL; p++) { OSSL_PROVIDER *prov = NULL; /* * We use the internal constructor directly here, * otherwise we get a call loop */ prov = provider_new(p->name, p->init); if (prov == NULL || sk_OSSL_PROVIDER_push(store->providers, prov) == 0) { ossl_provider_free(prov); provider_store_free(store); CRYPTOerr(CRYPTO_F_PROVIDER_STORE_NEW, ERR_R_INTERNAL_ERROR); return NULL; } prov->store = store; if(p->is_fallback) ossl_provider_set_fallback(prov); } return store; }
int OPENSSL_atexit(void (*handler)(void)) { OPENSSL_INIT_STOP *newhand; #if !defined(OPENSSL_NO_DSO) \ && !defined(OPENSSL_USE_NODELETE)\ && !defined(OPENSSL_NO_PINSHARED) { union { void *sym; void (*func)(void); } handlersym; handlersym.func = handler; # ifdef DSO_WIN32 { HMODULE handle = NULL; BOOL ret; /* * We don't use the DSO route for WIN32 because there is a better * way */ ret = GetModuleHandleEx(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS | GET_MODULE_HANDLE_EX_FLAG_PIN, handlersym.sym, &handle); if (!ret) return 0; } # else /* * Deliberately leak a reference to the handler. This will force the * library/code containing the handler to remain loaded until we run the * atexit handler. If -znodelete has been used then this is * unnecessary. */ { DSO *dso = NULL; ERR_set_mark(); dso = DSO_dsobyaddr(handlersym.sym, DSO_FLAG_NO_UNLOAD_ON_FREE); /* See same code above in ossl_init_base() for an explanation. */ OSSL_TRACE1(INIT, "atexit: obtained DSO reference? %s\n", (dso == NULL ? "No!" : "Yes.")); DSO_free(dso); ERR_pop_to_mark(); } # endif } #endif if ((newhand = OPENSSL_malloc(sizeof(*newhand))) == NULL) { CRYPTOerr(CRYPTO_F_OPENSSL_ATEXIT, ERR_R_MALLOC_FAILURE); return 0; } newhand->handler = handler; newhand->next = stop_handlers; stop_handlers = newhand; return 1; }
/* * Internal version that doesn't affect the store flags, and thereby avoid * locking. Direct callers must remember to set the store flags when * appropriate */ static int provider_activate(OSSL_PROVIDER *prov) { const OSSL_DISPATCH *provider_dispatch = NULL; if (prov->flag_initialized) return 1; /* * If the init function isn't set, it indicates that this provider is * a loadable module. */ if (prov->init_function == NULL) { if (prov->module == NULL) { char *allocated_path = NULL; const char *module_path = NULL; char *merged_path = NULL; const char *load_dir = ossl_safe_getenv("OPENSSL_MODULES"); if ((prov->module = DSO_new()) == NULL) { /* DSO_new() generates an error already */ return 0; } if (load_dir == NULL) load_dir = MODULESDIR; DSO_ctrl(prov->module, DSO_CTRL_SET_FLAGS, DSO_FLAG_NAME_TRANSLATION_EXT_ONLY, NULL); module_path = prov->path; if (module_path == NULL) module_path = allocated_path = DSO_convert_filename(prov->module, prov->name); if (module_path != NULL) merged_path = DSO_merge(prov->module, module_path, load_dir); if (merged_path == NULL || (DSO_load(prov->module, merged_path, NULL, 0)) == NULL) { DSO_free(prov->module); prov->module = NULL; } OPENSSL_free(merged_path); OPENSSL_free(allocated_path); } if (prov->module != NULL) prov->init_function = (OSSL_provider_init_fn *) DSO_bind_func(prov->module, "OSSL_provider_init"); } if (prov->init_function == NULL || !prov->init_function(prov, core_dispatch, &provider_dispatch)) { CRYPTOerr(CRYPTO_F_PROVIDER_ACTIVATE, ERR_R_INIT_FAIL); ERR_add_error_data(2, "name=", prov->name); DSO_free(prov->module); prov->module = NULL; return 0; } for (; provider_dispatch->function_id != 0; provider_dispatch++) { switch (provider_dispatch->function_id) { case OSSL_FUNC_PROVIDER_TEARDOWN: prov->teardown = OSSL_get_provider_teardown(provider_dispatch); break; case OSSL_FUNC_PROVIDER_GET_PARAM_TYPES: prov->get_param_types = OSSL_get_provider_get_param_types(provider_dispatch); break; case OSSL_FUNC_PROVIDER_GET_PARAMS: prov->get_params = OSSL_get_provider_get_params(provider_dispatch); break; case OSSL_FUNC_PROVIDER_QUERY_OPERATION: prov->query_operation = OSSL_get_provider_query_operation(provider_dispatch); break; } } /* With this flag set, this provider has become fully "loaded". */ prov->flag_initialized = 1; return 1; }
/* * Duplicate a CRYPTO_EX_DATA variable - including calling dup() callbacks * for each index in the class used by this variable */ int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from) { int mx, j, i; void *ptr; EX_CALLBACK *stack[10]; EX_CALLBACK **storage = NULL; EX_CALLBACKS *ip; int toret = 0; OSSL_EX_DATA_GLOBAL *global = openssl_ctx_get_ex_data_global(from->ctx); if (global == NULL) return 0; to->ctx = from->ctx; if (from->sk == NULL) /* Nothing to copy over */ return 1; if ((ip = get_and_lock(from->ctx, class_index)) == NULL) return 0; mx = sk_EX_CALLBACK_num(ip->meth); j = sk_void_num(from->sk); if (j < mx) mx = j; if (mx > 0) { if (mx < (int)OSSL_NELEM(stack)) storage = stack; else storage = OPENSSL_malloc(sizeof(*storage) * mx); if (storage != NULL) for (i = 0; i < mx; i++) storage[i] = sk_EX_CALLBACK_value(ip->meth, i); } CRYPTO_THREAD_unlock(global->ex_data_lock); if (mx == 0) return 1; if (storage == NULL) { CRYPTOerr(CRYPTO_F_CRYPTO_DUP_EX_DATA, ERR_R_MALLOC_FAILURE); return 0; } /* * Make sure the ex_data stack is at least |mx| elements long to avoid * issues in the for loop that follows; so go get the |mx|'th element * (if it does not exist CRYPTO_get_ex_data() returns NULL), and assign * to itself. This is normally a no-op; but ensures the stack is the * proper size */ if (!CRYPTO_set_ex_data(to, mx - 1, CRYPTO_get_ex_data(to, mx - 1))) goto err; for (i = 0; i < mx; i++) { ptr = CRYPTO_get_ex_data(from, i); if (storage[i] != NULL && storage[i]->dup_func != NULL) if (!storage[i]->dup_func(to, from, &ptr, i, storage[i]->argl, storage[i]->argp)) goto err; CRYPTO_set_ex_data(to, i, ptr); } toret = 1; err: if (storage != stack) OPENSSL_free(storage); return toret; }
/* * If this function is called with a non NULL settings value then it must be * called prior to any threads making calls to any OpenSSL functions, * i.e. passing a non-null settings value is assumed to be single-threaded. */ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings) { static int stoperrset = 0; if (stopped) { if (!stoperrset) { /* * We only ever set this once to avoid getting into an infinite * loop where the error system keeps trying to init and fails so * sets an error etc */ stoperrset = 1; CRYPTOerr(CRYPTO_F_OPENSSL_INIT_CRYPTO, ERR_R_INIT_FAIL); } return 0; } if (!base_inited && !RUN_ONCE(&base, ossl_init_base)) return 0; if ((opts & OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS) && !RUN_ONCE(&load_crypto_strings, ossl_init_no_load_crypto_strings)) return 0; if ((opts & OPENSSL_INIT_LOAD_CRYPTO_STRINGS) && !RUN_ONCE(&load_crypto_strings, ossl_init_load_crypto_strings)) return 0; if ((opts & OPENSSL_INIT_NO_ADD_ALL_CIPHERS) && !RUN_ONCE(&add_all_ciphers, ossl_init_no_add_algs)) return 0; if ((opts & OPENSSL_INIT_ADD_ALL_CIPHERS) && !RUN_ONCE(&add_all_ciphers, ossl_init_add_all_ciphers)) return 0; if ((opts & OPENSSL_INIT_NO_ADD_ALL_DIGESTS) && !RUN_ONCE(&add_all_digests, ossl_init_no_add_algs)) return 0; if ((opts & OPENSSL_INIT_ADD_ALL_DIGESTS) && !RUN_ONCE(&add_all_digests, ossl_init_add_all_digests)) return 0; if ((opts & OPENSSL_INIT_NO_LOAD_CONFIG) && !RUN_ONCE(&config, ossl_init_no_config)) return 0; if (opts & OPENSSL_INIT_LOAD_CONFIG) { int ret; CRYPTO_THREAD_write_lock(init_lock); appname = (settings == NULL) ? NULL : settings->appname; ret = RUN_ONCE(&config, ossl_init_config); CRYPTO_THREAD_unlock(init_lock); if (!ret) return 0; } if ((opts & OPENSSL_INIT_ASYNC) && !RUN_ONCE(&async, ossl_init_async)) return 0; #ifndef OPENSSL_NO_ENGINE if ((opts & OPENSSL_INIT_ENGINE_OPENSSL) && !RUN_ONCE(&engine_openssl, ossl_init_engine_openssl)) return 0; # if !defined(OPENSSL_NO_HW) && \ (defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV)) if ((opts & OPENSSL_INIT_ENGINE_CRYPTODEV) && !RUN_ONCE(&engine_cryptodev, ossl_init_engine_cryptodev)) return 0; # endif # ifndef OPENSSL_NO_RDRAND if ((opts & OPENSSL_INIT_ENGINE_RDRAND) && !RUN_ONCE(&engine_rdrand, ossl_init_engine_rdrand)) return 0; # endif if ((opts & OPENSSL_INIT_ENGINE_DYNAMIC) && !RUN_ONCE(&engine_dynamic, ossl_init_engine_dynamic)) return 0; # ifndef OPENSSL_NO_STATIC_ENGINE # if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_PADLOCK) if ((opts & OPENSSL_INIT_ENGINE_PADLOCK) && !RUN_ONCE(&engine_padlock, ossl_init_engine_padlock)) return 0; # endif # if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG) if ((opts & OPENSSL_INIT_ENGINE_CAPI) && !RUN_ONCE(&engine_capi, ossl_init_engine_capi)) return 0; # endif # if !defined(OPENSSL_NO_AFALGENG) if ((opts & OPENSSL_INIT_ENGINE_AFALG) && !RUN_ONCE(&engine_afalg, ossl_init_engine_afalg)) return 0; # endif # endif if (opts & (OPENSSL_INIT_ENGINE_ALL_BUILTIN | OPENSSL_INIT_ENGINE_OPENSSL | OPENSSL_INIT_ENGINE_AFALG)) { ENGINE_register_all_complete(); } #endif #ifndef OPENSSL_NO_COMP if ((opts & OPENSSL_INIT_ZLIB) && !RUN_ONCE(&zlib, ossl_init_zlib)) return 0; #endif return 1; }
/* * If this function is called with a non NULL settings value then it must be * called prior to any threads making calls to any OpenSSL functions, * i.e. passing a non-null settings value is assumed to be single-threaded. */ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings) { if (stopped) { if (!(opts & OPENSSL_INIT_BASE_ONLY)) CRYPTOerr(CRYPTO_F_OPENSSL_INIT_CRYPTO, ERR_R_INIT_FAIL); return 0; } /* * When the caller specifies OPENSSL_INIT_BASE_ONLY, that should be the * *only* option specified. With that option we return immediately after * doing the requested limited initialization. Note that * err_shelve_state() called by us via ossl_init_load_crypto_nodelete() * re-enters OPENSSL_init_crypto() with OPENSSL_INIT_BASE_ONLY, but with * base already initialized this is a harmless NOOP. * * If we remain the only caller of err_shelve_state() the recursion should * perhaps be removed, but if in doubt, it can be left in place. */ if (!RUN_ONCE(&base, ossl_init_base)) return 0; if (opts & OPENSSL_INIT_BASE_ONLY) return 1; /* * Now we don't always set up exit handlers, the INIT_BASE_ONLY calls * should not have the side-effect of setting up exit handlers, and * therefore, this code block is below the INIT_BASE_ONLY-conditioned early * return above. */ if ((opts & OPENSSL_INIT_NO_ATEXIT) != 0) { if (!RUN_ONCE_ALT(®ister_atexit, ossl_init_no_register_atexit, ossl_init_register_atexit)) return 0; } else if (!RUN_ONCE(®ister_atexit, ossl_init_register_atexit)) { return 0; } if (!RUN_ONCE(&load_crypto_nodelete, ossl_init_load_crypto_nodelete)) return 0; if ((opts & OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS) && !RUN_ONCE_ALT(&load_crypto_strings, ossl_init_no_load_crypto_strings, ossl_init_load_crypto_strings)) return 0; if ((opts & OPENSSL_INIT_LOAD_CRYPTO_STRINGS) && !RUN_ONCE(&load_crypto_strings, ossl_init_load_crypto_strings)) return 0; if ((opts & OPENSSL_INIT_NO_ADD_ALL_CIPHERS) && !RUN_ONCE_ALT(&add_all_ciphers, ossl_init_no_add_all_ciphers, ossl_init_add_all_ciphers)) return 0; if ((opts & OPENSSL_INIT_ADD_ALL_CIPHERS) && !RUN_ONCE(&add_all_ciphers, ossl_init_add_all_ciphers)) return 0; if ((opts & OPENSSL_INIT_NO_ADD_ALL_DIGESTS) && !RUN_ONCE_ALT(&add_all_digests, ossl_init_no_add_all_digests, ossl_init_add_all_digests)) return 0; if ((opts & OPENSSL_INIT_ADD_ALL_DIGESTS) && !RUN_ONCE(&add_all_digests, ossl_init_add_all_digests)) return 0; if ((opts & OPENSSL_INIT_NO_ADD_ALL_MACS) && !RUN_ONCE_ALT(&add_all_macs, ossl_init_no_add_all_macs, ossl_init_add_all_macs)) return 0; if ((opts & OPENSSL_INIT_ADD_ALL_MACS) && !RUN_ONCE(&add_all_macs, ossl_init_add_all_macs)) return 0; if ((opts & OPENSSL_INIT_ATFORK) && !openssl_init_fork_handlers()) return 0; if ((opts & OPENSSL_INIT_NO_LOAD_CONFIG) && !RUN_ONCE_ALT(&config, ossl_init_no_config, ossl_init_config)) return 0; if (opts & OPENSSL_INIT_LOAD_CONFIG) { int ret; CRYPTO_THREAD_write_lock(init_lock); conf_settings = settings; ret = RUN_ONCE(&config, ossl_init_config); conf_settings = NULL; CRYPTO_THREAD_unlock(init_lock); if (!ret) return 0; } if ((opts & OPENSSL_INIT_ASYNC) && !RUN_ONCE(&async, ossl_init_async)) return 0; #ifndef OPENSSL_NO_ENGINE if ((opts & OPENSSL_INIT_ENGINE_OPENSSL) && !RUN_ONCE(&engine_openssl, ossl_init_engine_openssl)) return 0; # ifndef OPENSSL_NO_RDRAND if ((opts & OPENSSL_INIT_ENGINE_RDRAND) && !RUN_ONCE(&engine_rdrand, ossl_init_engine_rdrand)) return 0; # endif if ((opts & OPENSSL_INIT_ENGINE_DYNAMIC) && !RUN_ONCE(&engine_dynamic, ossl_init_engine_dynamic)) return 0; # ifndef OPENSSL_NO_STATIC_ENGINE # ifndef OPENSSL_NO_DEVCRYPTOENG if ((opts & OPENSSL_INIT_ENGINE_CRYPTODEV) && !RUN_ONCE(&engine_devcrypto, ossl_init_engine_devcrypto)) return 0; # endif # if !defined(OPENSSL_NO_PADLOCKENG) if ((opts & OPENSSL_INIT_ENGINE_PADLOCK) && !RUN_ONCE(&engine_padlock, ossl_init_engine_padlock)) return 0; # endif # if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG) if ((opts & OPENSSL_INIT_ENGINE_CAPI) && !RUN_ONCE(&engine_capi, ossl_init_engine_capi)) return 0; # endif # if !defined(OPENSSL_NO_AFALGENG) if ((opts & OPENSSL_INIT_ENGINE_AFALG) && !RUN_ONCE(&engine_afalg, ossl_init_engine_afalg)) return 0; # endif # endif if (opts & (OPENSSL_INIT_ENGINE_ALL_BUILTIN | OPENSSL_INIT_ENGINE_OPENSSL | OPENSSL_INIT_ENGINE_AFALG)) { ENGINE_register_all_complete(); } #endif #ifndef OPENSSL_NO_COMP if ((opts & OPENSSL_INIT_ZLIB) && !RUN_ONCE(&zlib, ossl_init_zlib)) return 0; #endif return 1; }