13 Dec
2011
13 Dec
'11
7:03 a.m.
Module: sip-router
Branch: master
Commit: 517d38ed02586bc9fc88ea0d3ceb8b81f510ade5
URL:
http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=517d38e…
Author: Daniel-Constantin Mierla <miconda(a)gmail.com>
Committer: Daniel-Constantin Mierla <miconda(a)gmail.com>
Date: Tue Dec 13 13:00:50 2011 +0100
tls: do TLS pre-init operations at the time of loading module
- makes sure that it sets the memory managing functions and the locks
before other modules may start using libssl
- reported by Øyvind Kolbu, FS#183
---
modules/tls/tls_init.c | 50 +++++++++++++++++++++++++++++++----------------
modules/tls/tls_init.h | 5 ++++
modules/tls/tls_mod.c | 10 +++++++++
3 files changed, 48 insertions(+), 17 deletions(-)
diff --git a/modules/tls/tls_init.c b/modules/tls/tls_init.c
index a57772e..cc16598 100644
--- a/modules/tls/tls_init.c
+++ b/modules/tls/tls_init.c
@@ -74,6 +74,9 @@
#include "tls_ct_wrq.h"
#include "tls_cfg.h"
+/* will be set to 1 when the TLS env is initialized to make destroy safe */
+static int tls_mod_initialized = 0;
+
#if OPENSSL_VERSION_NUMBER < 0x00907000L
# warning ""
# warning "==============================================================="
@@ -148,7 +151,6 @@ const SSL_METHOD* ssl_methods[TLS_USE_SSLv23 + 1];
#define NULL_GRACE_PERIOD 10U
*/
-
inline static char* buf_append(char* buf, char* end, char* str, int str_len)
{
if ( (buf+str_len)<end){
@@ -442,6 +444,32 @@ end:
}
+/**
+ * tls pre-init function
+ */
+int tls_pre_init(void)
+{
+ /*
+ * this has to be called before any function calling CRYPTO_malloc,
+ * CRYPTO_malloc will set allow_customize in openssl to 0
+ */
+#ifdef TLS_MALLOC_DBG
+ if (!CRYPTO_set_mem_ex_functions(ser_malloc, ser_realloc, ser_free)) {
+#else
+ if (!CRYPTO_set_mem_functions(ser_malloc, ser_realloc, ser_free)) {
+#endif
+ ERR("Unable to set the memory allocation functions\n");
+ return -1;
+ }
+
+ if (tls_init_locks()<0)
+ return -1;
+
+ init_tls_compression();
+
+ return 0;
+}
+
/*
* First step of TLS initialization
*/
@@ -538,21 +566,7 @@ int init_tls_h(void)
" enabled. Possible unstable configuration\n");
}
}
- /*
- * this has to be called before any function calling CRYPTO_malloc,
- * CRYPTO_malloc will set allow_customize in openssl to 0
- */
-#ifdef TLS_MALLOC_DBG
- if (!CRYPTO_set_mem_ex_functions(ser_malloc, ser_realloc, ser_free)) {
-#else
- if (!CRYPTO_set_mem_functions(ser_malloc, ser_realloc, ser_free)) {
-#endif
- ERR("Unable to set the memory allocation functions\n");
- return -1;
- }
- if (tls_init_locks()<0)
- return -1;
- init_tls_compression();
+
#ifdef TLS_KSSL_WORKARROUND
/* if openssl compiled with kerberos support, and openssl < 0.9.8e-dev
* or openssl between 0.9.9-dev and 0.9.9-beta1 apply workaround for
@@ -623,6 +637,7 @@ int init_tls_h(void)
SSL_library_init();
SSL_load_error_strings();
init_ssl_methods();
+ tls_mod_initialized = 1;
return 0;
}
@@ -655,7 +670,8 @@ int tls_check_sockets(tls_domains_cfg_t* cfg)
void destroy_tls_h(void)
{
DBG("tls module final tls destroy\n");
- ERR_free_strings();
+ if(tls_mod_initialized > 0)
+ ERR_free_strings();
/* TODO: free all the ctx'es */
tls_destroy_cfg();
tls_destroy_locks();
diff --git a/modules/tls/tls_init.h b/modules/tls/tls_init.h
index f234df7..7101949 100644
--- a/modules/tls/tls_init.h
+++ b/modules/tls/tls_init.h
@@ -61,6 +61,11 @@ extern const SSL_METHOD* ssl_methods[];
/*
+ * just once, pre-initialize the tls subsystem
+ */
+int tls_pre_init(void);
+
+/*
* just once, initialize the tls subsystem
*/
int init_tls_h(void);
diff --git a/modules/tls/tls_mod.c b/modules/tls/tls_mod.c
index 0f1df72..2f7d626 100644
--- a/modules/tls/tls_mod.c
+++ b/modules/tls/tls_mod.c
@@ -57,6 +57,7 @@
#include "../../timer.h" /* ticks_t */
#include "../../tls_hooks.h"
#include "../../ut.h"
+#include "../../shm_init.h"
#include "../../rpc_lookup.h"
#include "../../cfg/cfg.h"
#include "tls_init.h"
@@ -269,7 +270,16 @@ static tls_domains_cfg_t* tls_use_modparams(void)
}
#endif
+int mod_register(char *path, int *dlflags, void *p1, void *p2)
+{
+ /* shm is used, be sure it is initialized */
+ if(!shm_initialized() && init_shm()<0)
+ return -1;
+ if(tls_pre_init()<0)
+ return -1;
+ return 0;
+}
static int mod_init(void)
{