1 /* 2 * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the OpenSSL license (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 #include "e_os.h" 11 #include "crypto/cryptlib.h" 12 #include <openssl/err.h> 13 #include "crypto/rand.h" 14 #include "internal/bio.h" 15 #include <openssl/evp.h> 16 #include "crypto/evp.h" 17 #include "internal/conf.h" 18 #include "crypto/async.h" 19 #include "crypto/engine.h" 20 #include "internal/comp.h" 21 #include "internal/err.h" 22 #include "crypto/err.h" 23 #include "crypto/objects.h" 24 #include <stdlib.h> 25 #include <assert.h> 26 #include "internal/thread_once.h" 27 #include "crypto/dso_conf.h" 28 #include "internal/dso.h" 29 #include "crypto/store.h" 30 31 static int stopped = 0; 32 33 /* 34 * Since per-thread-specific-data destructors are not universally 35 * available, i.e. not on Windows, only below CRYPTO_THREAD_LOCAL key 36 * is assumed to have destructor associated. And then an effort is made 37 * to call this single destructor on non-pthread platform[s]. 38 * 39 * Initial value is "impossible". It is used as guard value to shortcut 40 * destructor for threads terminating before libcrypto is initialized or 41 * after it's de-initialized. Access to the key doesn't have to be 42 * serialized for the said threads, because they didn't use libcrypto 43 * and it doesn't matter if they pick "impossible" or dereference real 44 * key value and pull NULL past initialization in the first thread that 45 * intends to use libcrypto. 46 */ 47 static union { 48 long sane; 49 CRYPTO_THREAD_LOCAL value; 50 } destructor_key = { -1 }; 51 52 static void ossl_init_thread_stop(struct thread_local_inits_st *locals); 53 54 static void ossl_init_thread_destructor(void *local) 55 { 56 ossl_init_thread_stop((struct thread_local_inits_st *)local); 57 } 58 59 static struct thread_local_inits_st *ossl_init_get_thread_local(int alloc) 60 { 61 struct thread_local_inits_st *local = 62 CRYPTO_THREAD_get_local(&destructor_key.value); 63 64 if (alloc) { 65 if (local == NULL 66 && (local = OPENSSL_zalloc(sizeof(*local))) != NULL 67 && !CRYPTO_THREAD_set_local(&destructor_key.value, local)) { 68 OPENSSL_free(local); 69 return NULL; 70 } 71 } else { 72 CRYPTO_THREAD_set_local(&destructor_key.value, NULL); 73 } 74 75 return local; 76 } 77 78 typedef struct ossl_init_stop_st OPENSSL_INIT_STOP; 79 struct ossl_init_stop_st { 80 void (*handler)(void); 81 OPENSSL_INIT_STOP *next; 82 }; 83 84 static OPENSSL_INIT_STOP *stop_handlers = NULL; 85 static CRYPTO_RWLOCK *init_lock = NULL; 86 87 static CRYPTO_ONCE base = CRYPTO_ONCE_STATIC_INIT; 88 static int base_inited = 0; 89 DEFINE_RUN_ONCE_STATIC(ossl_init_base) 90 { 91 CRYPTO_THREAD_LOCAL key; 92 93 #ifdef OPENSSL_INIT_DEBUG 94 fprintf(stderr, "OPENSSL_INIT: ossl_init_base: Setting up stop handlers\n"); 95 #endif 96 #ifndef OPENSSL_NO_CRYPTO_MDEBUG 97 ossl_malloc_setup_failures(); 98 #endif 99 if (!CRYPTO_THREAD_init_local(&key, ossl_init_thread_destructor)) 100 return 0; 101 if ((init_lock = CRYPTO_THREAD_lock_new()) == NULL) 102 goto err; 103 OPENSSL_cpuid_setup(); 104 105 destructor_key.value = key; 106 base_inited = 1; 107 return 1; 108 109 err: 110 #ifdef OPENSSL_INIT_DEBUG 111 fprintf(stderr, "OPENSSL_INIT: ossl_init_base not ok!\n"); 112 #endif 113 CRYPTO_THREAD_lock_free(init_lock); 114 init_lock = NULL; 115 116 CRYPTO_THREAD_cleanup_local(&key); 117 return 0; 118 } 119 120 static CRYPTO_ONCE register_atexit = CRYPTO_ONCE_STATIC_INIT; 121 #if !defined(OPENSSL_SYS_UEFI) && defined(_WIN32) 122 static int win32atexit(void) 123 { 124 OPENSSL_cleanup(); 125 return 0; 126 } 127 #endif 128 129 DEFINE_RUN_ONCE_STATIC(ossl_init_register_atexit) 130 { 131 #ifdef OPENSSL_INIT_DEBUG 132 fprintf(stderr, "OPENSSL_INIT: ossl_init_register_atexit()\n"); 133 #endif 134 #ifndef OPENSSL_SYS_UEFI 135 # ifdef _WIN32 136 /* We use _onexit() in preference because it gets called on DLL unload */ 137 if (_onexit(win32atexit) == NULL) 138 return 0; 139 # else 140 if (atexit(OPENSSL_cleanup) != 0) 141 return 0; 142 # endif 143 #endif 144 145 return 1; 146 } 147 148 DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_register_atexit, 149 ossl_init_register_atexit) 150 { 151 #ifdef OPENSSL_INIT_DEBUG 152 fprintf(stderr, "OPENSSL_INIT: ossl_init_no_register_atexit ok!\n"); 153 #endif 154 /* Do nothing in this case */ 155 return 1; 156 } 157 158 static CRYPTO_ONCE load_crypto_nodelete = CRYPTO_ONCE_STATIC_INIT; 159 DEFINE_RUN_ONCE_STATIC(ossl_init_load_crypto_nodelete) 160 { 161 #ifdef OPENSSL_INIT_DEBUG 162 fprintf(stderr, "OPENSSL_INIT: ossl_init_load_crypto_nodelete()\n"); 163 #endif 164 #if !defined(OPENSSL_USE_NODELETE) \ 165 && !defined(OPENSSL_NO_PINSHARED) 166 # if defined(DSO_WIN32) && !defined(_WIN32_WCE) 167 { 168 HMODULE handle = NULL; 169 BOOL ret; 170 171 /* We don't use the DSO route for WIN32 because there is a better way */ 172 ret = GetModuleHandleEx(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS 173 | GET_MODULE_HANDLE_EX_FLAG_PIN, 174 (void *)&base_inited, &handle); 175 176 # ifdef OPENSSL_INIT_DEBUG 177 fprintf(stderr, "OPENSSL_INIT: obtained DSO reference? %s\n", 178 (ret == TRUE ? "No!" : "Yes.")); 179 # endif 180 return (ret == TRUE) ? 1 : 0; 181 } 182 # elif !defined(DSO_NONE) 183 /* 184 * Deliberately leak a reference to ourselves. This will force the library 185 * to remain loaded until the atexit() handler is run at process exit. 186 */ 187 { 188 DSO *dso; 189 void *err; 190 191 if (!err_shelve_state(&err)) 192 return 0; 193 194 dso = DSO_dsobyaddr(&base_inited, DSO_FLAG_NO_UNLOAD_ON_FREE); 195 # ifdef OPENSSL_INIT_DEBUG 196 fprintf(stderr, "OPENSSL_INIT: obtained DSO reference? %s\n", 197 (dso == NULL ? "No!" : "Yes.")); 198 /* 199 * In case of No!, it is uncertain our exit()-handlers can still be 200 * called. After dlclose() the whole library might have been unloaded 201 * already. 202 */ 203 # endif 204 DSO_free(dso); 205 err_unshelve_state(err); 206 } 207 # endif 208 #endif 209 210 return 1; 211 } 212 213 static CRYPTO_ONCE load_crypto_strings = CRYPTO_ONCE_STATIC_INIT; 214 static int load_crypto_strings_inited = 0; 215 DEFINE_RUN_ONCE_STATIC(ossl_init_load_crypto_strings) 216 { 217 int ret = 1; 218 /* 219 * OPENSSL_NO_AUTOERRINIT is provided here to prevent at compile time 220 * pulling in all the error strings during static linking 221 */ 222 #if !defined(OPENSSL_NO_ERR) && !defined(OPENSSL_NO_AUTOERRINIT) 223 # ifdef OPENSSL_INIT_DEBUG 224 fprintf(stderr, "OPENSSL_INIT: ossl_init_load_crypto_strings: " 225 "err_load_crypto_strings_int()\n"); 226 # endif 227 ret = err_load_crypto_strings_int(); 228 load_crypto_strings_inited = 1; 229 #endif 230 return ret; 231 } 232 233 DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_load_crypto_strings, 234 ossl_init_load_crypto_strings) 235 { 236 /* Do nothing in this case */ 237 return 1; 238 } 239 240 static CRYPTO_ONCE add_all_ciphers = CRYPTO_ONCE_STATIC_INIT; 241 DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_ciphers) 242 { 243 /* 244 * OPENSSL_NO_AUTOALGINIT is provided here to prevent at compile time 245 * pulling in all the ciphers during static linking 246 */ 247 #ifndef OPENSSL_NO_AUTOALGINIT 248 # ifdef OPENSSL_INIT_DEBUG 249 fprintf(stderr, "OPENSSL_INIT: ossl_init_add_all_ciphers: " 250 "openssl_add_all_ciphers_int()\n"); 251 # endif 252 openssl_add_all_ciphers_int(); 253 #endif 254 return 1; 255 } 256 257 DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_add_all_ciphers, 258 ossl_init_add_all_ciphers) 259 { 260 /* Do nothing */ 261 return 1; 262 } 263 264 static CRYPTO_ONCE add_all_digests = CRYPTO_ONCE_STATIC_INIT; 265 DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_digests) 266 { 267 /* 268 * OPENSSL_NO_AUTOALGINIT is provided here to prevent at compile time 269 * pulling in all the ciphers during static linking 270 */ 271 #ifndef OPENSSL_NO_AUTOALGINIT 272 # ifdef OPENSSL_INIT_DEBUG 273 fprintf(stderr, "OPENSSL_INIT: ossl_init_add_all_digests: " 274 "openssl_add_all_digests()\n"); 275 # endif 276 openssl_add_all_digests_int(); 277 #endif 278 return 1; 279 } 280 281 DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_add_all_digests, 282 ossl_init_add_all_digests) 283 { 284 /* Do nothing */ 285 return 1; 286 } 287 288 static CRYPTO_ONCE config = CRYPTO_ONCE_STATIC_INIT; 289 static int config_inited = 0; 290 static const OPENSSL_INIT_SETTINGS *conf_settings = NULL; 291 DEFINE_RUN_ONCE_STATIC(ossl_init_config) 292 { 293 int ret = openssl_config_int(conf_settings); 294 config_inited = 1; 295 return ret; 296 } 297 DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_config, ossl_init_config) 298 { 299 #ifdef OPENSSL_INIT_DEBUG 300 fprintf(stderr, 301 "OPENSSL_INIT: ossl_init_config: openssl_no_config_int()\n"); 302 #endif 303 openssl_no_config_int(); 304 config_inited = 1; 305 return 1; 306 } 307 308 static CRYPTO_ONCE async = CRYPTO_ONCE_STATIC_INIT; 309 static int async_inited = 0; 310 DEFINE_RUN_ONCE_STATIC(ossl_init_async) 311 { 312 #ifdef OPENSSL_INIT_DEBUG 313 fprintf(stderr, "OPENSSL_INIT: ossl_init_async: async_init()\n"); 314 #endif 315 if (!async_init()) 316 return 0; 317 async_inited = 1; 318 return 1; 319 } 320 321 #ifndef OPENSSL_NO_ENGINE 322 static CRYPTO_ONCE engine_openssl = CRYPTO_ONCE_STATIC_INIT; 323 DEFINE_RUN_ONCE_STATIC(ossl_init_engine_openssl) 324 { 325 # ifdef OPENSSL_INIT_DEBUG 326 fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_openssl: " 327 "engine_load_openssl_int()\n"); 328 # endif 329 engine_load_openssl_int(); 330 return 1; 331 } 332 # ifndef OPENSSL_NO_DEVCRYPTOENG 333 static CRYPTO_ONCE engine_devcrypto = CRYPTO_ONCE_STATIC_INIT; 334 DEFINE_RUN_ONCE_STATIC(ossl_init_engine_devcrypto) 335 { 336 # ifdef OPENSSL_INIT_DEBUG 337 fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_devcrypto: " 338 "engine_load_devcrypto_int()\n"); 339 # endif 340 engine_load_devcrypto_int(); 341 return 1; 342 } 343 # endif 344 345 # ifndef OPENSSL_NO_RDRAND 346 static CRYPTO_ONCE engine_rdrand = CRYPTO_ONCE_STATIC_INIT; 347 DEFINE_RUN_ONCE_STATIC(ossl_init_engine_rdrand) 348 { 349 # ifdef OPENSSL_INIT_DEBUG 350 fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_rdrand: " 351 "engine_load_rdrand_int()\n"); 352 # endif 353 engine_load_rdrand_int(); 354 return 1; 355 } 356 # endif 357 static CRYPTO_ONCE engine_dynamic = CRYPTO_ONCE_STATIC_INIT; 358 DEFINE_RUN_ONCE_STATIC(ossl_init_engine_dynamic) 359 { 360 # ifdef OPENSSL_INIT_DEBUG 361 fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_dynamic: " 362 "engine_load_dynamic_int()\n"); 363 # endif 364 engine_load_dynamic_int(); 365 return 1; 366 } 367 # ifndef OPENSSL_NO_STATIC_ENGINE 368 # if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_PADLOCK) 369 static CRYPTO_ONCE engine_padlock = CRYPTO_ONCE_STATIC_INIT; 370 DEFINE_RUN_ONCE_STATIC(ossl_init_engine_padlock) 371 { 372 # ifdef OPENSSL_INIT_DEBUG 373 fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_padlock: " 374 "engine_load_padlock_int()\n"); 375 # endif 376 engine_load_padlock_int(); 377 return 1; 378 } 379 # endif 380 # if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG) 381 static CRYPTO_ONCE engine_capi = CRYPTO_ONCE_STATIC_INIT; 382 DEFINE_RUN_ONCE_STATIC(ossl_init_engine_capi) 383 { 384 # ifdef OPENSSL_INIT_DEBUG 385 fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_capi: " 386 "engine_load_capi_int()\n"); 387 # endif 388 engine_load_capi_int(); 389 return 1; 390 } 391 # endif 392 # if !defined(OPENSSL_NO_AFALGENG) 393 static CRYPTO_ONCE engine_afalg = CRYPTO_ONCE_STATIC_INIT; 394 DEFINE_RUN_ONCE_STATIC(ossl_init_engine_afalg) 395 { 396 # ifdef OPENSSL_INIT_DEBUG 397 fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_afalg: " 398 "engine_load_afalg_int()\n"); 399 # endif 400 engine_load_afalg_int(); 401 return 1; 402 } 403 # endif 404 # endif 405 #endif 406 407 #ifndef OPENSSL_NO_COMP 408 static CRYPTO_ONCE zlib = CRYPTO_ONCE_STATIC_INIT; 409 410 static int zlib_inited = 0; 411 DEFINE_RUN_ONCE_STATIC(ossl_init_zlib) 412 { 413 /* Do nothing - we need to know about this for the later cleanup */ 414 zlib_inited = 1; 415 return 1; 416 } 417 #endif 418 419 static void ossl_init_thread_stop(struct thread_local_inits_st *locals) 420 { 421 /* Can't do much about this */ 422 if (locals == NULL) 423 return; 424 425 if (locals->async) { 426 #ifdef OPENSSL_INIT_DEBUG 427 fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_stop: " 428 "async_delete_thread_state()\n"); 429 #endif 430 async_delete_thread_state(); 431 } 432 433 if (locals->err_state) { 434 #ifdef OPENSSL_INIT_DEBUG 435 fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_stop: " 436 "err_delete_thread_state()\n"); 437 #endif 438 err_delete_thread_state(); 439 } 440 441 if (locals->rand) { 442 #ifdef OPENSSL_INIT_DEBUG 443 fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_stop: " 444 "drbg_delete_thread_state()\n"); 445 #endif 446 drbg_delete_thread_state(); 447 } 448 449 OPENSSL_free(locals); 450 } 451 452 void OPENSSL_thread_stop(void) 453 { 454 if (destructor_key.sane != -1) 455 ossl_init_thread_stop(ossl_init_get_thread_local(0)); 456 } 457 458 int ossl_init_thread_start(uint64_t opts) 459 { 460 struct thread_local_inits_st *locals; 461 462 if (!OPENSSL_init_crypto(0, NULL)) 463 return 0; 464 465 locals = ossl_init_get_thread_local(1); 466 467 if (locals == NULL) 468 return 0; 469 470 if (opts & OPENSSL_INIT_THREAD_ASYNC) { 471 #ifdef OPENSSL_INIT_DEBUG 472 fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_start: " 473 "marking thread for async\n"); 474 #endif 475 locals->async = 1; 476 } 477 478 if (opts & OPENSSL_INIT_THREAD_ERR_STATE) { 479 #ifdef OPENSSL_INIT_DEBUG 480 fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_start: " 481 "marking thread for err_state\n"); 482 #endif 483 locals->err_state = 1; 484 } 485 486 if (opts & OPENSSL_INIT_THREAD_RAND) { 487 #ifdef OPENSSL_INIT_DEBUG 488 fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_start: " 489 "marking thread for rand\n"); 490 #endif 491 locals->rand = 1; 492 } 493 494 return 1; 495 } 496 497 void OPENSSL_cleanup(void) 498 { 499 OPENSSL_INIT_STOP *currhandler, *lasthandler; 500 CRYPTO_THREAD_LOCAL key; 501 502 /* If we've not been inited then no need to deinit */ 503 if (!base_inited) 504 return; 505 506 /* Might be explicitly called and also by atexit */ 507 if (stopped) 508 return; 509 stopped = 1; 510 511 /* 512 * Thread stop may not get automatically called by the thread library for 513 * the very last thread in some situations, so call it directly. 514 */ 515 ossl_init_thread_stop(ossl_init_get_thread_local(0)); 516 517 currhandler = stop_handlers; 518 while (currhandler != NULL) { 519 currhandler->handler(); 520 lasthandler = currhandler; 521 currhandler = currhandler->next; 522 OPENSSL_free(lasthandler); 523 } 524 stop_handlers = NULL; 525 526 CRYPTO_THREAD_lock_free(init_lock); 527 init_lock = NULL; 528 529 /* 530 * We assume we are single-threaded for this function, i.e. no race 531 * conditions for the various "*_inited" vars below. 532 */ 533 534 #ifndef OPENSSL_NO_COMP 535 if (zlib_inited) { 536 #ifdef OPENSSL_INIT_DEBUG 537 fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " 538 "comp_zlib_cleanup_int()\n"); 539 #endif 540 comp_zlib_cleanup_int(); 541 } 542 #endif 543 544 if (async_inited) { 545 # ifdef OPENSSL_INIT_DEBUG 546 fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " 547 "async_deinit()\n"); 548 # endif 549 async_deinit(); 550 } 551 552 if (load_crypto_strings_inited) { 553 #ifdef OPENSSL_INIT_DEBUG 554 fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " 555 "err_free_strings_int()\n"); 556 #endif 557 err_free_strings_int(); 558 } 559 560 key = destructor_key.value; 561 destructor_key.sane = -1; 562 CRYPTO_THREAD_cleanup_local(&key); 563 564 #ifdef OPENSSL_INIT_DEBUG 565 fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " 566 "rand_cleanup_int()\n"); 567 fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " 568 "conf_modules_free_int()\n"); 569 #ifndef OPENSSL_NO_ENGINE 570 fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " 571 "engine_cleanup_int()\n"); 572 #endif 573 fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " 574 "crypto_cleanup_all_ex_data_int()\n"); 575 fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " 576 "bio_sock_cleanup_int()\n"); 577 fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " 578 "bio_cleanup()\n"); 579 fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " 580 "evp_cleanup_int()\n"); 581 fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " 582 "obj_cleanup_int()\n"); 583 fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " 584 "err_cleanup()\n"); 585 #endif 586 /* 587 * Note that cleanup order is important: 588 * - rand_cleanup_int could call an ENGINE's RAND cleanup function so 589 * must be called before engine_cleanup_int() 590 * - ENGINEs use CRYPTO_EX_DATA and therefore, must be cleaned up 591 * before the ex data handlers are wiped in CRYPTO_cleanup_all_ex_data(). 592 * - conf_modules_free_int() can end up in ENGINE code so must be called 593 * before engine_cleanup_int() 594 * - ENGINEs and additional EVP algorithms might use added OIDs names so 595 * obj_cleanup_int() must be called last 596 */ 597 rand_cleanup_int(); 598 rand_drbg_cleanup_int(); 599 conf_modules_free_int(); 600 #ifndef OPENSSL_NO_ENGINE 601 engine_cleanup_int(); 602 #endif 603 ossl_store_cleanup_int(); 604 crypto_cleanup_all_ex_data_int(); 605 bio_cleanup(); 606 evp_cleanup_int(); 607 obj_cleanup_int(); 608 err_cleanup(); 609 610 CRYPTO_secure_malloc_done(); 611 612 base_inited = 0; 613 } 614 615 /* 616 * If this function is called with a non NULL settings value then it must be 617 * called prior to any threads making calls to any OpenSSL functions, 618 * i.e. passing a non-null settings value is assumed to be single-threaded. 619 */ 620 int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings) 621 { 622 if (stopped) { 623 if (!(opts & OPENSSL_INIT_BASE_ONLY)) 624 CRYPTOerr(CRYPTO_F_OPENSSL_INIT_CRYPTO, ERR_R_INIT_FAIL); 625 return 0; 626 } 627 628 /* 629 * When the caller specifies OPENSSL_INIT_BASE_ONLY, that should be the 630 * *only* option specified. With that option we return immediately after 631 * doing the requested limited initialization. Note that 632 * err_shelve_state() called by us via ossl_init_load_crypto_nodelete() 633 * re-enters OPENSSL_init_crypto() with OPENSSL_INIT_BASE_ONLY, but with 634 * base already initialized this is a harmless NOOP. 635 * 636 * If we remain the only caller of err_shelve_state() the recursion should 637 * perhaps be removed, but if in doubt, it can be left in place. 638 */ 639 if (!RUN_ONCE(&base, ossl_init_base)) 640 return 0; 641 if (opts & OPENSSL_INIT_BASE_ONLY) 642 return 1; 643 644 /* 645 * Now we don't always set up exit handlers, the INIT_BASE_ONLY calls 646 * should not have the side-effect of setting up exit handlers, and 647 * therefore, this code block is below the INIT_BASE_ONLY-conditioned early 648 * return above. 649 */ 650 if ((opts & OPENSSL_INIT_NO_ATEXIT) != 0) { 651 if (!RUN_ONCE_ALT(®ister_atexit, ossl_init_no_register_atexit, 652 ossl_init_register_atexit)) 653 return 0; 654 } else if (!RUN_ONCE(®ister_atexit, ossl_init_register_atexit)) { 655 return 0; 656 } 657 658 if (!RUN_ONCE(&load_crypto_nodelete, ossl_init_load_crypto_nodelete)) 659 return 0; 660 661 if ((opts & OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS) 662 && !RUN_ONCE_ALT(&load_crypto_strings, 663 ossl_init_no_load_crypto_strings, 664 ossl_init_load_crypto_strings)) 665 return 0; 666 667 if ((opts & OPENSSL_INIT_LOAD_CRYPTO_STRINGS) 668 && !RUN_ONCE(&load_crypto_strings, ossl_init_load_crypto_strings)) 669 return 0; 670 671 if ((opts & OPENSSL_INIT_NO_ADD_ALL_CIPHERS) 672 && !RUN_ONCE_ALT(&add_all_ciphers, ossl_init_no_add_all_ciphers, 673 ossl_init_add_all_ciphers)) 674 return 0; 675 676 if ((opts & OPENSSL_INIT_ADD_ALL_CIPHERS) 677 && !RUN_ONCE(&add_all_ciphers, ossl_init_add_all_ciphers)) 678 return 0; 679 680 if ((opts & OPENSSL_INIT_NO_ADD_ALL_DIGESTS) 681 && !RUN_ONCE_ALT(&add_all_digests, ossl_init_no_add_all_digests, 682 ossl_init_add_all_digests)) 683 return 0; 684 685 if ((opts & OPENSSL_INIT_ADD_ALL_DIGESTS) 686 && !RUN_ONCE(&add_all_digests, ossl_init_add_all_digests)) 687 return 0; 688 689 if ((opts & OPENSSL_INIT_ATFORK) 690 && !openssl_init_fork_handlers()) 691 return 0; 692 693 if ((opts & OPENSSL_INIT_NO_LOAD_CONFIG) 694 && !RUN_ONCE_ALT(&config, ossl_init_no_config, ossl_init_config)) 695 return 0; 696 697 if (opts & OPENSSL_INIT_LOAD_CONFIG) { 698 int ret; 699 CRYPTO_THREAD_write_lock(init_lock); 700 conf_settings = settings; 701 ret = RUN_ONCE(&config, ossl_init_config); 702 conf_settings = NULL; 703 CRYPTO_THREAD_unlock(init_lock); 704 if (ret <= 0) 705 return 0; 706 } 707 708 if ((opts & OPENSSL_INIT_ASYNC) 709 && !RUN_ONCE(&async, ossl_init_async)) 710 return 0; 711 712 #ifndef OPENSSL_NO_ENGINE 713 if ((opts & OPENSSL_INIT_ENGINE_OPENSSL) 714 && !RUN_ONCE(&engine_openssl, ossl_init_engine_openssl)) 715 return 0; 716 # if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_DEVCRYPTOENG) 717 if ((opts & OPENSSL_INIT_ENGINE_CRYPTODEV) 718 && !RUN_ONCE(&engine_devcrypto, ossl_init_engine_devcrypto)) 719 return 0; 720 # endif 721 # ifndef OPENSSL_NO_RDRAND 722 if ((opts & OPENSSL_INIT_ENGINE_RDRAND) 723 && !RUN_ONCE(&engine_rdrand, ossl_init_engine_rdrand)) 724 return 0; 725 # endif 726 if ((opts & OPENSSL_INIT_ENGINE_DYNAMIC) 727 && !RUN_ONCE(&engine_dynamic, ossl_init_engine_dynamic)) 728 return 0; 729 # ifndef OPENSSL_NO_STATIC_ENGINE 730 # if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_PADLOCK) 731 if ((opts & OPENSSL_INIT_ENGINE_PADLOCK) 732 && !RUN_ONCE(&engine_padlock, ossl_init_engine_padlock)) 733 return 0; 734 # endif 735 # if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG) 736 if ((opts & OPENSSL_INIT_ENGINE_CAPI) 737 && !RUN_ONCE(&engine_capi, ossl_init_engine_capi)) 738 return 0; 739 # endif 740 # if !defined(OPENSSL_NO_AFALGENG) 741 if ((opts & OPENSSL_INIT_ENGINE_AFALG) 742 && !RUN_ONCE(&engine_afalg, ossl_init_engine_afalg)) 743 return 0; 744 # endif 745 # endif 746 if (opts & (OPENSSL_INIT_ENGINE_ALL_BUILTIN 747 | OPENSSL_INIT_ENGINE_OPENSSL 748 | OPENSSL_INIT_ENGINE_AFALG)) { 749 ENGINE_register_all_complete(); 750 } 751 #endif 752 753 #ifndef OPENSSL_NO_COMP 754 if ((opts & OPENSSL_INIT_ZLIB) 755 && !RUN_ONCE(&zlib, ossl_init_zlib)) 756 return 0; 757 #endif 758 759 return 1; 760 } 761 762 int OPENSSL_atexit(void (*handler)(void)) 763 { 764 OPENSSL_INIT_STOP *newhand; 765 766 #if !defined(OPENSSL_USE_NODELETE)\ 767 && !defined(OPENSSL_NO_PINSHARED) 768 { 769 union { 770 void *sym; 771 void (*func)(void); 772 } handlersym; 773 774 handlersym.func = handler; 775 # if defined(DSO_WIN32) && !defined(_WIN32_WCE) 776 { 777 HMODULE handle = NULL; 778 BOOL ret; 779 780 /* 781 * We don't use the DSO route for WIN32 because there is a better 782 * way 783 */ 784 ret = GetModuleHandleEx(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS 785 | GET_MODULE_HANDLE_EX_FLAG_PIN, 786 handlersym.sym, &handle); 787 788 if (!ret) 789 return 0; 790 } 791 # elif !defined(DSO_NONE) 792 /* 793 * Deliberately leak a reference to the handler. This will force the 794 * library/code containing the handler to remain loaded until we run the 795 * atexit handler. If -znodelete has been used then this is 796 * unnecessary. 797 */ 798 { 799 DSO *dso = NULL; 800 801 ERR_set_mark(); 802 dso = DSO_dsobyaddr(handlersym.sym, DSO_FLAG_NO_UNLOAD_ON_FREE); 803 # ifdef OPENSSL_INIT_DEBUG 804 fprintf(stderr, 805 "OPENSSL_INIT: OPENSSL_atexit: obtained DSO reference? %s\n", 806 (dso == NULL ? "No!" : "Yes.")); 807 /* See same code above in ossl_init_base() for an explanation. */ 808 # endif 809 DSO_free(dso); 810 ERR_pop_to_mark(); 811 } 812 # endif 813 } 814 #endif 815 816 if ((newhand = OPENSSL_malloc(sizeof(*newhand))) == NULL) { 817 CRYPTOerr(CRYPTO_F_OPENSSL_ATEXIT, ERR_R_MALLOC_FAILURE); 818 return 0; 819 } 820 821 newhand->handler = handler; 822 newhand->next = stop_handlers; 823 stop_handlers = newhand; 824 825 return 1; 826 } 827 828 #ifdef OPENSSL_SYS_UNIX 829 /* 830 * The following three functions are for OpenSSL developers. This is 831 * where we set/reset state across fork (called via pthread_atfork when 832 * it exists, or manually by the application when it doesn't). 833 * 834 * WARNING! If you put code in either OPENSSL_fork_parent or 835 * OPENSSL_fork_child, you MUST MAKE SURE that they are async-signal- 836 * safe. See this link, for example: 837 * http://man7.org/linux/man-pages/man7/signal-safety.7.html 838 */ 839 840 void OPENSSL_fork_prepare(void) 841 { 842 } 843 844 void OPENSSL_fork_parent(void) 845 { 846 } 847 848 void OPENSSL_fork_child(void) 849 { 850 } 851 #endif 852