Browse code

tls: do TLS pre-init operations at the time of loading module

- makes sure that it sets the memory managing functions and the locks
before other modules may start using libssl
- reported by √ėyvind Kolbu, FS#183

Daniel-Constantin Mierla authored on 13/12/2011 12:00:50
Showing 3 changed files
... ...
@@ -74,6 +74,9 @@
74 74
 #include "tls_ct_wrq.h"
75 75
 #include "tls_cfg.h"
76 76
 
77
+/* will be set to 1 when the TLS env is initialized to make destroy safe */
78
+static int tls_mod_initialized = 0;
79
+
77 80
 #if OPENSSL_VERSION_NUMBER < 0x00907000L
78 81
 #    warning ""
79 82
 #    warning "==============================================================="
... ...
@@ -148,7 +151,6 @@ const SSL_METHOD* ssl_methods[TLS_USE_SSLv23 + 1];
148 151
 #define NULL_GRACE_PERIOD 10U
149 152
 */
150 153
 
151
-
152 154
 inline static char* buf_append(char* buf, char* end, char* str, int str_len)
153 155
 {
154 156
 	if ( (buf+str_len)<end){
... ...
@@ -442,6 +444,32 @@ end:
442 444
 }
443 445
 
444 446
 
447
+/**
448
+ * tls pre-init function
449
+ */
450
+int tls_pre_init(void)
451
+{
452
+	     /*
453
+	      * this has to be called before any function calling CRYPTO_malloc,
454
+	      * CRYPTO_malloc will set allow_customize in openssl to 0
455
+	      */
456
+#ifdef TLS_MALLOC_DBG
457
+	if (!CRYPTO_set_mem_ex_functions(ser_malloc, ser_realloc, ser_free)) {
458
+#else
459
+	if (!CRYPTO_set_mem_functions(ser_malloc, ser_realloc, ser_free)) {
460
+#endif
461
+		ERR("Unable to set the memory allocation functions\n");
462
+		return -1;
463
+	}
464
+
465
+	if (tls_init_locks()<0)
466
+		return -1;
467
+
468
+	init_tls_compression();
469
+
470
+	return 0;
471
+}
472
+
445 473
 /*
446 474
  * First step of TLS initialization
447 475
  */
... ...
@@ -538,21 +566,7 @@ int init_tls_h(void)
538 566
 						" enabled. Possible unstable configuration\n");
539 567
 		}
540 568
 	}
541
-	     /*
542
-	      * this has to be called before any function calling CRYPTO_malloc,
543
-	      * CRYPTO_malloc will set allow_customize in openssl to 0 
544
-	      */
545
-#ifdef TLS_MALLOC_DBG
546
-	if (!CRYPTO_set_mem_ex_functions(ser_malloc, ser_realloc, ser_free)) {
547
-#else
548
-	if (!CRYPTO_set_mem_functions(ser_malloc, ser_realloc, ser_free)) {
549
-#endif
550
-		ERR("Unable to set the memory allocation functions\n");
551
-		return -1;
552
-	}
553
-	if (tls_init_locks()<0)
554
-		return -1;
555
-	init_tls_compression();
569
+
556 570
 	#ifdef TLS_KSSL_WORKARROUND
557 571
 	/* if openssl compiled with kerberos support, and openssl < 0.9.8e-dev
558 572
 	 * or openssl between 0.9.9-dev and 0.9.9-beta1 apply workaround for
... ...
@@ -623,6 +637,7 @@ int init_tls_h(void)
623 637
 	SSL_library_init();
624 638
 	SSL_load_error_strings();
625 639
 	init_ssl_methods();
640
+	tls_mod_initialized = 1;
626 641
 	return 0;
627 642
 }
628 643
 
... ...
@@ -655,7 +670,8 @@ int tls_check_sockets(tls_domains_cfg_t* cfg)
655 670
 void destroy_tls_h(void)
656 671
 {
657 672
 	DBG("tls module final tls destroy\n");
658
-	ERR_free_strings();
673
+	if(tls_mod_initialized > 0)
674
+		ERR_free_strings();
659 675
 	/* TODO: free all the ctx'es */
660 676
 	tls_destroy_cfg();
661 677
 	tls_destroy_locks();
... ...
@@ -60,6 +60,11 @@ extern int openssl_kssl_malloc_bug; /* is openssl bug #1467 present ? */
60 60
 extern const SSL_METHOD* ssl_methods[];
61 61
 
62 62
 
63
+/*
64
+ * just once, pre-initialize the tls subsystem
65
+ */
66
+int tls_pre_init(void);
67
+
63 68
 /*
64 69
  * just once, initialize the tls subsystem 
65 70
  */
... ...
@@ -57,6 +57,7 @@
57 57
 #include "../../timer.h" /* ticks_t */
58 58
 #include "../../tls_hooks.h"
59 59
 #include "../../ut.h"
60
+#include "../../shm_init.h"
60 61
 #include "../../rpc_lookup.h"
61 62
 #include "../../cfg/cfg.h"
62 63
 #include "tls_init.h"
... ...
@@ -269,7 +270,16 @@ static tls_domains_cfg_t* tls_use_modparams(void)
269 270
 }
270 271
 #endif
271 272
 
273
+int mod_register(char *path, int *dlflags, void *p1, void *p2)
274
+{
275
+	/* shm is used, be sure it is initialized */
276
+	if(!shm_initialized() && init_shm()<0)
277
+		return -1;
272 278
 
279
+	if(tls_pre_init()<0)
280
+		return -1;
281
+	return 0;
282
+}
273 283
 
274 284
 static int mod_init(void)
275 285
 {