Module: sip-router Branch: master Commit: 517d38ed02586bc9fc88ea0d3ceb8b81f510ade5 URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=517d38ed...
Author: Daniel-Constantin Mierla miconda@gmail.com Committer: Daniel-Constantin Mierla miconda@gmail.com Date: Tue Dec 13 13:00:50 2011 +0100
tls: do TLS pre-init operations at the time of loading module
- makes sure that it sets the memory managing functions and the locks before other modules may start using libssl - reported by Øyvind Kolbu, FS#183
---
modules/tls/tls_init.c | 50 +++++++++++++++++++++++++++++++---------------- modules/tls/tls_init.h | 5 ++++ modules/tls/tls_mod.c | 10 +++++++++ 3 files changed, 48 insertions(+), 17 deletions(-)
diff --git a/modules/tls/tls_init.c b/modules/tls/tls_init.c index a57772e..cc16598 100644 --- a/modules/tls/tls_init.c +++ b/modules/tls/tls_init.c @@ -74,6 +74,9 @@ #include "tls_ct_wrq.h" #include "tls_cfg.h"
+/* will be set to 1 when the TLS env is initialized to make destroy safe */ +static int tls_mod_initialized = 0; + #if OPENSSL_VERSION_NUMBER < 0x00907000L # warning "" # warning "===============================================================" @@ -148,7 +151,6 @@ const SSL_METHOD* ssl_methods[TLS_USE_SSLv23 + 1]; #define NULL_GRACE_PERIOD 10U */
- inline static char* buf_append(char* buf, char* end, char* str, int str_len) { if ( (buf+str_len)<end){ @@ -442,6 +444,32 @@ end: }
+/** + * tls pre-init function + */ +int tls_pre_init(void) +{ + /* + * this has to be called before any function calling CRYPTO_malloc, + * CRYPTO_malloc will set allow_customize in openssl to 0 + */ +#ifdef TLS_MALLOC_DBG + if (!CRYPTO_set_mem_ex_functions(ser_malloc, ser_realloc, ser_free)) { +#else + if (!CRYPTO_set_mem_functions(ser_malloc, ser_realloc, ser_free)) { +#endif + ERR("Unable to set the memory allocation functions\n"); + return -1; + } + + if (tls_init_locks()<0) + return -1; + + init_tls_compression(); + + return 0; +} + /* * First step of TLS initialization */ @@ -538,21 +566,7 @@ int init_tls_h(void) " enabled. Possible unstable configuration\n"); } } - /* - * this has to be called before any function calling CRYPTO_malloc, - * CRYPTO_malloc will set allow_customize in openssl to 0 - */ -#ifdef TLS_MALLOC_DBG - if (!CRYPTO_set_mem_ex_functions(ser_malloc, ser_realloc, ser_free)) { -#else - if (!CRYPTO_set_mem_functions(ser_malloc, ser_realloc, ser_free)) { -#endif - ERR("Unable to set the memory allocation functions\n"); - return -1; - } - if (tls_init_locks()<0) - return -1; - init_tls_compression(); + #ifdef TLS_KSSL_WORKARROUND /* if openssl compiled with kerberos support, and openssl < 0.9.8e-dev * or openssl between 0.9.9-dev and 0.9.9-beta1 apply workaround for @@ -623,6 +637,7 @@ int init_tls_h(void) SSL_library_init(); SSL_load_error_strings(); init_ssl_methods(); + tls_mod_initialized = 1; return 0; }
@@ -655,7 +670,8 @@ int tls_check_sockets(tls_domains_cfg_t* cfg) void destroy_tls_h(void) { DBG("tls module final tls destroy\n"); - ERR_free_strings(); + if(tls_mod_initialized > 0) + ERR_free_strings(); /* TODO: free all the ctx'es */ tls_destroy_cfg(); tls_destroy_locks(); diff --git a/modules/tls/tls_init.h b/modules/tls/tls_init.h index f234df7..7101949 100644 --- a/modules/tls/tls_init.h +++ b/modules/tls/tls_init.h @@ -61,6 +61,11 @@ extern const SSL_METHOD* ssl_methods[];
/* + * just once, pre-initialize the tls subsystem + */ +int tls_pre_init(void); + +/* * just once, initialize the tls subsystem */ int init_tls_h(void); diff --git a/modules/tls/tls_mod.c b/modules/tls/tls_mod.c index 0f1df72..2f7d626 100644 --- a/modules/tls/tls_mod.c +++ b/modules/tls/tls_mod.c @@ -57,6 +57,7 @@ #include "../../timer.h" /* ticks_t */ #include "../../tls_hooks.h" #include "../../ut.h" +#include "../../shm_init.h" #include "../../rpc_lookup.h" #include "../../cfg/cfg.h" #include "tls_init.h" @@ -269,7 +270,16 @@ static tls_domains_cfg_t* tls_use_modparams(void) } #endif
+int mod_register(char *path, int *dlflags, void *p1, void *p2) +{ + /* shm is used, be sure it is initialized */ + if(!shm_initialized() && init_shm()<0) + return -1;
+ if(tls_pre_init()<0) + return -1; + return 0; +}
static int mod_init(void) {