static isc_result_t state_key_init(void) { isc_result_t result; result = isc_once_do(&mutex_once, key_mutex_init); if (result != ISC_R_SUCCESS) return (result); if (!state_key_initialized) { LOCK(&key_mutex); if (!state_key_initialized) { int ret; if (state_mctx == NULL) result = isc_mem_create2(0, 0, &state_mctx, 0); if (result != ISC_R_SUCCESS) goto unlock; isc_mem_setname(state_mctx, "geoip_state", NULL); isc_mem_setdestroycheck(state_mctx, ISC_FALSE); ret = isc_thread_key_create(&state_key, free_state); if (ret == 0) state_key_initialized = ISC_TRUE; else result = ISC_R_FAILURE; } unlock: UNLOCK(&key_mutex); } return (result); }
isc_result_t dst_lib_init(isc_mem_t *mctx, isc_entropy_t *ectx, unsigned int eflags) { isc_result_t result; REQUIRE(mctx != NULL && ectx != NULL); REQUIRE(dst_initialized == ISC_FALSE); dst__memory_pool = NULL; #ifdef OPENSSL UNUSED(mctx); /* * When using --with-openssl, there seems to be no good way of not * leaking memory due to the openssl error handling mechanism. * Avoid assertions by using a local memory context and not checking * for leaks on exit. Note: as there are leaks we cannot use * ISC_MEMFLAG_INTERNAL as it will free up memory still being used * by libcrypto. */ result = isc_mem_createx2(0, 0, default_memalloc, default_memfree, NULL, &dst__memory_pool, 0); if (result != ISC_R_SUCCESS) return (result); isc_mem_setdestroycheck(dst__memory_pool, ISC_FALSE); #else isc_mem_attach(mctx, &dst__memory_pool); #endif isc_entropy_attach(ectx, &dst_entropy_pool); dst_entropy_flags = eflags; dst_result_register(); memset(dst_t_func, 0, sizeof(dst_t_func)); RETERR(dst__hmacmd5_init(&dst_t_func[DST_ALG_HMACMD5])); RETERR(dst__hmacsha1_init(&dst_t_func[DST_ALG_HMACSHA1])); RETERR(dst__hmacsha224_init(&dst_t_func[DST_ALG_HMACSHA224])); RETERR(dst__hmacsha256_init(&dst_t_func[DST_ALG_HMACSHA256])); RETERR(dst__hmacsha384_init(&dst_t_func[DST_ALG_HMACSHA384])); RETERR(dst__hmacsha512_init(&dst_t_func[DST_ALG_HMACSHA512])); #ifdef OPENSSL RETERR(dst__openssl_init()); RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_RSAMD5])); RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_RSASHA1])); #ifdef HAVE_OPENSSL_DSA RETERR(dst__openssldsa_init(&dst_t_func[DST_ALG_DSA])); #endif RETERR(dst__openssldh_init(&dst_t_func[DST_ALG_DH])); #endif /* OPENSSL */ #ifdef GSSAPI RETERR(dst__gssapi_init(&dst_t_func[DST_ALG_GSSAPI])); #endif dst_initialized = ISC_TRUE; return (ISC_R_SUCCESS); out: dst_lib_destroy(); return (result); }
isc_result_t dst_lib_init2(isc_mem_t *mctx, isc_entropy_t *ectx, const char *engine, unsigned int eflags) { isc_result_t result; REQUIRE(mctx != NULL); UNUSED(ectx); REQUIRE(dst_initialized == ISC_FALSE); #if !defined(OPENSSL) && !defined(PKCS11CRYPTO) UNUSED(engine); #endif dst__memory_pool = NULL; #if defined(OPENSSL) UNUSED(mctx); /* * When using --with-openssl, there seems to be no good way of not * leaking memory due to the openssl error handling mechanism. * Avoid assertions by using a local memory context and not checking * for leaks on exit. Note: as there are leaks we cannot use * ISC_MEMFLAG_INTERNAL as it will free up memory still being used * by libcrypto. */ result = isc_mem_createx2(0, 0, default_memalloc, default_memfree, NULL, &dst__memory_pool, 0); if (result != ISC_R_SUCCESS) return (result); isc_mem_setname(dst__memory_pool, "dst", NULL); #ifndef OPENSSL_LEAKS isc_mem_setdestroycheck(dst__memory_pool, ISC_FALSE); #endif #else /* OPENSSL */ isc_mem_attach(mctx, &dst__memory_pool); #endif /* OPENSSL */ if (ectx != NULL) { isc_entropy_attach(ectx, &dst_entropy_pool); dst_entropy_flags = eflags; } dst_result_register(); memset(dst_t_func, 0, sizeof(dst_t_func)); RETERR(dst__hmacmd5_init(&dst_t_func[DST_ALG_HMACMD5])); RETERR(dst__hmacsha1_init(&dst_t_func[DST_ALG_HMACSHA1])); RETERR(dst__hmacsha224_init(&dst_t_func[DST_ALG_HMACSHA224])); RETERR(dst__hmacsha256_init(&dst_t_func[DST_ALG_HMACSHA256])); RETERR(dst__hmacsha384_init(&dst_t_func[DST_ALG_HMACSHA384])); RETERR(dst__hmacsha512_init(&dst_t_func[DST_ALG_HMACSHA512])); #ifdef OPENSSL RETERR(dst__openssl_init(engine)); RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_RSAMD5], DST_ALG_RSAMD5)); RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_RSASHA1], DST_ALG_RSASHA1)); RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_NSEC3RSASHA1], DST_ALG_NSEC3RSASHA1)); RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_RSASHA256], DST_ALG_RSASHA256)); RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_RSASHA512], DST_ALG_RSASHA512)); #ifdef HAVE_OPENSSL_DSA RETERR(dst__openssldsa_init(&dst_t_func[DST_ALG_DSA])); RETERR(dst__openssldsa_init(&dst_t_func[DST_ALG_NSEC3DSA])); #endif RETERR(dst__openssldh_init(&dst_t_func[DST_ALG_DH])); #ifdef HAVE_OPENSSL_GOST RETERR(dst__opensslgost_init(&dst_t_func[DST_ALG_ECCGOST])); #endif #ifdef HAVE_OPENSSL_ECDSA RETERR(dst__opensslecdsa_init(&dst_t_func[DST_ALG_ECDSA256])); RETERR(dst__opensslecdsa_init(&dst_t_func[DST_ALG_ECDSA384])); #endif #elif PKCS11CRYPTO RETERR(dst__pkcs11_init(mctx, engine)); RETERR(dst__pkcs11rsa_init(&dst_t_func[DST_ALG_RSAMD5])); RETERR(dst__pkcs11rsa_init(&dst_t_func[DST_ALG_RSASHA1])); RETERR(dst__pkcs11rsa_init(&dst_t_func[DST_ALG_NSEC3RSASHA1])); RETERR(dst__pkcs11rsa_init(&dst_t_func[DST_ALG_RSASHA256])); RETERR(dst__pkcs11rsa_init(&dst_t_func[DST_ALG_RSASHA512])); RETERR(dst__pkcs11dsa_init(&dst_t_func[DST_ALG_DSA])); RETERR(dst__pkcs11dsa_init(&dst_t_func[DST_ALG_NSEC3DSA])); RETERR(dst__pkcs11dh_init(&dst_t_func[DST_ALG_DH])); #ifdef HAVE_PKCS11_ECDSA RETERR(dst__pkcs11ecdsa_init(&dst_t_func[DST_ALG_ECDSA256])); RETERR(dst__pkcs11ecdsa_init(&dst_t_func[DST_ALG_ECDSA384])); #endif #ifdef HAVE_PKCS11_GOST RETERR(dst__pkcs11gost_init(&dst_t_func[DST_ALG_ECCGOST])); #endif #endif /* if OPENSSL, elif PKCS11CRYPTO */ #ifdef GSSAPI RETERR(dst__gssapi_init(&dst_t_func[DST_ALG_GSSAPI])); #endif dst_initialized = ISC_TRUE; return (ISC_R_SUCCESS); out: /* avoid immediate crash! */ dst_initialized = ISC_TRUE; dst_lib_destroy(); return (result); }