Module: kamailio
Branch: master
Commit: f71243410d5e051def1a47cc73adb6caeeadd1cd
URL:
https://github.com/kamailio/kamailio/commit/f71243410d5e051def1a47cc73adb6c…
Author: Daniel-Constantin Mierla <miconda(a)gmail.com>
Committer: Daniel-Constantin Mierla <miconda(a)gmail.com>
Date: 2015-01-25T10:59:07+01:00
tls: implemented tls hook for pre-mod init execution
- do openssl init at this callback
---
Modified: modules/tls/tls_init.c
Modified: modules/tls/tls_init.h
Modified: modules/tls/tls_mod.c
---
Diff:
https://github.com/kamailio/kamailio/commit/f71243410d5e051def1a47cc73adb6c…
Patch:
https://github.com/kamailio/kamailio/commit/f71243410d5e051def1a47cc73adb6c…
---
diff --git a/modules/tls/tls_init.c b/modules/tls/tls_init.c
index 6812f42..58684d8 100644
--- a/modules/tls/tls_init.c
+++ b/modules/tls/tls_init.c
@@ -61,6 +61,7 @@
#include "tls_cfg.h"
/* will be set to 1 when the TLS env is initialized to make destroy safe */
+static int tls_mod_preinitialized = 0;
static int tls_mod_initialized = 0;
#if OPENSSL_VERSION_NUMBER < 0x00907000L
@@ -469,6 +470,7 @@ static int init_tls_compression(void)
/**
* tls pre-init function
+ * - executed when module is loaded
*/
int tls_pre_init(void)
{
@@ -493,6 +495,23 @@ int tls_pre_init(void)
return 0;
}
+/**
+ * tls mod pre-init function
+ * - executed before any mod_init()
+ */
+int tls_mod_pre_init_h(void)
+{
+ if(tls_mod_preinitialized==1) {
+ LM_DBG("already mod pre-initialized\n");
+ return 0;
+ }
+ DBG("============= :preparing tls env for modules initialization\n");
+ SSL_library_init();
+ SSL_load_error_strings();
+ tls_mod_preinitialized=1;
+ return 0;
+}
+
/*
* First step of TLS initialization
*/
@@ -511,6 +530,12 @@ int init_tls_h(void)
str s;
cfg_ctx_t* cfg_ctx;
+ if(tls_mod_initialized == 1) {
+ LM_DBG("already initialized\n");
+ return 0;
+ }
+ DBG("initializing tls system\n");
+
#if OPENSSL_VERSION_NUMBER < 0x00907000L
WARN("You are using an old version of OpenSSL (< 0.9.7). Upgrade!\n");
#endif
@@ -657,8 +682,6 @@ int init_tls_h(void)
}
}
- SSL_library_init();
- SSL_load_error_strings();
init_ssl_methods();
tls_mod_initialized = 1;
return 0;
@@ -693,7 +716,7 @@ int tls_check_sockets(tls_domains_cfg_t* cfg)
void destroy_tls_h(void)
{
DBG("tls module final tls destroy\n");
- if(tls_mod_initialized > 0)
+ if(tls_mod_preinitialized > 0)
ERR_free_strings();
/* TODO: free all the ctx'es */
tls_destroy_cfg();
diff --git a/modules/tls/tls_init.h b/modules/tls/tls_init.h
index 412fa49..eb28398 100644
--- a/modules/tls/tls_init.h
+++ b/modules/tls/tls_init.h
@@ -53,8 +53,13 @@ extern const SSL_METHOD* ssl_methods[];
*/
int tls_pre_init(void);
+/**
+ * just once, prepare for init of all modules
+ */
+int tls_mod_pre_init_h(void);
+
/*
- * just once, initialize the tls subsystem
+ * just once, initialize the tls subsystem after all mod inits
*/
int init_tls_h(void);
diff --git a/modules/tls/tls_mod.c b/modules/tls/tls_mod.c
index 356b494..b02e1a1 100644
--- a/modules/tls/tls_mod.c
+++ b/modules/tls/tls_mod.c
@@ -231,7 +231,8 @@ static struct tls_hooks tls_h = {
tls_h_close,
tls_h_init_si,
init_tls_h,
- destroy_tls_h
+ destroy_tls_h,
+ tls_mod_pre_init_h,
};
@@ -253,12 +254,21 @@ static tls_domains_cfg_t* tls_use_modparams(void)
int mod_register(char *path, int *dlflags, void *p1, void *p2)
{
+ if (tls_disable) {
+ LOG(L_WARN, "tls support is disabled "
+ "(set enable_tls=1 in the config to enable it)\n");
+ return 0;
+ }
+
/* shm is used, be sure it is initialized */
if(!shm_initialized() && init_shm()<0)
return -1;
if(tls_pre_init()<0)
return -1;
+
+ register_tls_hooks(&tls_h);
+
return 0;
}
@@ -267,7 +277,7 @@ static int mod_init(void)
int method;
if (tls_disable){
- LOG(L_WARN, "WARNING: tls: mod_init: tls support is disabled "
+ LOG(L_WARN, "tls support is disabled "
"(set enable_tls=1 in the config to enable it)\n");
return 0;
}
@@ -306,7 +316,6 @@ static int mod_init(void)
}
*tls_domains_cfg = NULL;
- register_tls_hooks(&tls_h);
register_select_table(tls_sel);
/* register the rpc interface */
if (rpc_register_array(tls_rpc)!=0) {