Introduce a no-pinshared option
[openssl.git] / crypto / init.c
1 /*
2  * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the Apache License 2.0 (the "License").  You may not use
5  * this file except in compliance with the License.  You can obtain a copy
6  * in the file LICENSE in the source distribution or at
7  * https://www.openssl.org/source/license.html
8  */
9
10 #include "e_os.h"
11 #include "internal/cryptlib_int.h"
12 #include <openssl/err.h>
13 #include "internal/rand_int.h"
14 #include "internal/bio.h"
15 #include <openssl/evp.h>
16 #include "internal/evp_int.h"
17 #include "internal/conf.h"
18 #include "internal/async.h"
19 #include "internal/engine.h"
20 #include "internal/comp.h"
21 #include "internal/err.h"
22 #include "internal/err_int.h"
23 #include "internal/objects.h"
24 #include <stdlib.h>
25 #include <assert.h>
26 #include "internal/thread_once.h"
27 #include "internal/dso_conf.h"
28 #include "internal/dso.h"
29 #include "internal/store.h"
30
31 static int stopped = 0;
32
33 /*
34  * Since per-thread-specific-data destructors are not universally
35  * available, i.e. not on Windows, only below CRYPTO_THREAD_LOCAL key
36  * is assumed to have destructor associated. And then an effort is made
37  * to call this single destructor on non-pthread platform[s].
38  *
39  * Initial value is "impossible". It is used as guard value to shortcut
40  * destructor for threads terminating before libcrypto is initialized or
41  * after it's de-initialized. Access to the key doesn't have to be
42  * serialized for the said threads, because they didn't use libcrypto
43  * and it doesn't matter if they pick "impossible" or derefernce real
44  * key value and pull NULL past initialization in the first thread that
45  * intends to use libcrypto.
46  */
47 static union {
48     long sane;
49     CRYPTO_THREAD_LOCAL value;
50 } destructor_key = { -1 };
51
52 static void ossl_init_thread_stop(struct thread_local_inits_st *locals);
53
54 static void ossl_init_thread_destructor(void *local)
55 {
56     ossl_init_thread_stop((struct thread_local_inits_st *)local);
57 }
58
59 static struct thread_local_inits_st *ossl_init_get_thread_local(int alloc)
60 {
61     struct thread_local_inits_st *local =
62         CRYPTO_THREAD_get_local(&destructor_key.value);
63
64     if (alloc) {
65         if (local == NULL
66             && (local = OPENSSL_zalloc(sizeof(*local))) != NULL
67             && !CRYPTO_THREAD_set_local(&destructor_key.value, local)) {
68             OPENSSL_free(local);
69             return NULL;
70         }
71     } else {
72         CRYPTO_THREAD_set_local(&destructor_key.value, NULL);
73     }
74
75     return local;
76 }
77
78 typedef struct ossl_init_stop_st OPENSSL_INIT_STOP;
79 struct ossl_init_stop_st {
80     void (*handler)(void);
81     OPENSSL_INIT_STOP *next;
82 };
83
84 static OPENSSL_INIT_STOP *stop_handlers = NULL;
85 static CRYPTO_RWLOCK *init_lock = NULL;
86
87 static CRYPTO_ONCE base = CRYPTO_ONCE_STATIC_INIT;
88 static int base_inited = 0;
89 DEFINE_RUN_ONCE_STATIC(ossl_init_base)
90 {
91     CRYPTO_THREAD_LOCAL key;
92
93 #ifdef OPENSSL_INIT_DEBUG
94     fprintf(stderr, "OPENSSL_INIT: ossl_init_base: Setting up stop handlers\n");
95 #endif
96 #ifndef OPENSSL_NO_CRYPTO_MDEBUG
97     ossl_malloc_setup_failures();
98 #endif
99     if (!CRYPTO_THREAD_init_local(&key, ossl_init_thread_destructor))
100         return 0;
101     if ((init_lock = CRYPTO_THREAD_lock_new()) == NULL)
102         goto err;
103     OPENSSL_cpuid_setup();
104
105     destructor_key.value = key;
106     base_inited = 1;
107     return 1;
108
109 err:
110 #ifdef OPENSSL_INIT_DEBUG
111     fprintf(stderr, "OPENSSL_INIT: ossl_init_base not ok!\n");
112 #endif
113     CRYPTO_THREAD_lock_free(init_lock);
114     init_lock = NULL;
115
116     CRYPTO_THREAD_cleanup_local(&key);
117     return 0;
118 }
119
120 static CRYPTO_ONCE register_atexit = CRYPTO_ONCE_STATIC_INIT;
121 DEFINE_RUN_ONCE_STATIC(ossl_init_register_atexit)
122 {
123 # ifdef OPENSSL_INIT_DEBUG
124     fprintf(stderr, "OPENSSL_INIT: ossl_init_register_atexit()\n");
125 # endif
126 #ifndef OPENSSL_SYS_UEFI
127     if (atexit(OPENSSL_cleanup) != 0)
128         return 0;
129 #endif
130
131     return 1;
132 }
133
134 DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_register_atexit,
135                            ossl_init_register_atexit)
136 {
137 #ifdef OPENSSL_INIT_DEBUG
138     fprintf(stderr, "OPENSSL_INIT: ossl_init_no_register_atexit ok!\n");
139 #endif
140     /* Do nothing in this case */
141     return 1;
142 }
143
144 static CRYPTO_ONCE load_crypto_nodelete = CRYPTO_ONCE_STATIC_INIT;
145 DEFINE_RUN_ONCE_STATIC(ossl_init_load_crypto_nodelete)
146 {
147 #ifdef OPENSSL_INIT_DEBUG
148     fprintf(stderr, "OPENSSL_INIT: ossl_init_load_crypto_nodelete()\n");
149 #endif
150 #if !defined(OPENSSL_NO_DSO) \
151     && !defined(OPENSSL_USE_NODELETE) \
152     && !defined(OPENSSL_NO_PINSHARED)
153 # ifdef DSO_WIN32
154     {
155         HMODULE handle = NULL;
156         BOOL ret;
157
158         /* We don't use the DSO route for WIN32 because there is a better way */
159         ret = GetModuleHandleEx(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS
160                                 | GET_MODULE_HANDLE_EX_FLAG_PIN,
161                                 (void *)&base_inited, &handle);
162
163 #  ifdef OPENSSL_INIT_DEBUG
164         fprintf(stderr, "OPENSSL_INIT: obtained DSO reference? %s\n",
165                 (ret == TRUE ? "No!" : "Yes."));
166 #  endif
167         return (ret == TRUE) ? 1 : 0;
168     }
169 # else
170     /*
171      * Deliberately leak a reference to ourselves. This will force the library
172      * to remain loaded until the atexit() handler is run at process exit.
173      */
174     {
175         DSO *dso;
176         void *err;
177
178         if (!err_shelve_state(&err))
179             return 0;
180
181         dso = DSO_dsobyaddr(&base_inited, DSO_FLAG_NO_UNLOAD_ON_FREE);
182 #  ifdef OPENSSL_INIT_DEBUG
183         fprintf(stderr, "OPENSSL_INIT: obtained DSO reference? %s\n",
184                 (dso == NULL ? "No!" : "Yes."));
185         /*
186          * In case of No!, it is uncertain our exit()-handlers can still be
187          * called. After dlclose() the whole library might have been unloaded
188          * already.
189          */
190 #  endif
191         DSO_free(dso);
192         err_unshelve_state(err);
193     }
194 # endif
195 #endif
196
197     return 1;
198 }
199
200 static CRYPTO_ONCE load_crypto_strings = CRYPTO_ONCE_STATIC_INIT;
201 static int load_crypto_strings_inited = 0;
202 DEFINE_RUN_ONCE_STATIC(ossl_init_load_crypto_strings)
203 {
204     int ret = 1;
205     /*
206      * OPENSSL_NO_AUTOERRINIT is provided here to prevent at compile time
207      * pulling in all the error strings during static linking
208      */
209 #if !defined(OPENSSL_NO_ERR) && !defined(OPENSSL_NO_AUTOERRINIT)
210 # ifdef OPENSSL_INIT_DEBUG
211     fprintf(stderr, "OPENSSL_INIT: ossl_init_load_crypto_strings: "
212                     "err_load_crypto_strings_int()\n");
213 # endif
214     ret = err_load_crypto_strings_int();
215     load_crypto_strings_inited = 1;
216 #endif
217     return ret;
218 }
219
220 DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_load_crypto_strings,
221                            ossl_init_load_crypto_strings)
222 {
223     /* Do nothing in this case */
224     return 1;
225 }
226
227 static CRYPTO_ONCE add_all_ciphers = CRYPTO_ONCE_STATIC_INIT;
228 DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_ciphers)
229 {
230     /*
231      * OPENSSL_NO_AUTOALGINIT is provided here to prevent at compile time
232      * pulling in all the ciphers during static linking
233      */
234 #ifndef OPENSSL_NO_AUTOALGINIT
235 # ifdef OPENSSL_INIT_DEBUG
236     fprintf(stderr, "OPENSSL_INIT: ossl_init_add_all_ciphers: "
237                     "openssl_add_all_ciphers_int()\n");
238 # endif
239     openssl_add_all_ciphers_int();
240 #endif
241     return 1;
242 }
243
244 DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_add_all_ciphers,
245                            ossl_init_add_all_ciphers)
246 {
247     /* Do nothing */
248     return 1;
249 }
250
251 static CRYPTO_ONCE add_all_digests = CRYPTO_ONCE_STATIC_INIT;
252 DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_digests)
253 {
254     /*
255      * OPENSSL_NO_AUTOALGINIT is provided here to prevent at compile time
256      * pulling in all the ciphers during static linking
257      */
258 #ifndef OPENSSL_NO_AUTOALGINIT
259 # ifdef OPENSSL_INIT_DEBUG
260     fprintf(stderr, "OPENSSL_INIT: ossl_init_add_all_digests: "
261                     "openssl_add_all_digests()\n");
262 # endif
263     openssl_add_all_digests_int();
264 #endif
265     return 1;
266 }
267
268 DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_add_all_digests,
269                            ossl_init_add_all_digests)
270 {
271     /* Do nothing */
272     return 1;
273 }
274
275 static CRYPTO_ONCE add_all_macs = CRYPTO_ONCE_STATIC_INIT;
276 DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_macs)
277 {
278     /*
279      * OPENSSL_NO_AUTOALGINIT is provided here to prevent at compile time
280      * pulling in all the macs during static linking
281      */
282 #ifndef OPENSSL_NO_AUTOALGINIT
283 # ifdef OPENSSL_INIT_DEBUG
284     fprintf(stderr, "OPENSSL_INIT: ossl_init_add_all_macs: "
285                     "openssl_add_all_macs_int()\n");
286 # endif
287     openssl_add_all_macs_int();
288 #endif
289     return 1;
290 }
291
292 DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_add_all_macs, ossl_init_add_all_macs)
293 {
294     /* Do nothing */
295     return 1;
296 }
297
298 static CRYPTO_ONCE config = CRYPTO_ONCE_STATIC_INIT;
299 static int config_inited = 0;
300 static const char *appname;
301 DEFINE_RUN_ONCE_STATIC(ossl_init_config)
302 {
303 #ifdef OPENSSL_INIT_DEBUG
304     fprintf(stderr,
305             "OPENSSL_INIT: ossl_init_config: openssl_config(%s)\n",
306             appname == NULL ? "NULL" : appname);
307 #endif
308     openssl_config_int(appname);
309     config_inited = 1;
310     return 1;
311 }
312 DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_config, ossl_init_config)
313 {
314 #ifdef OPENSSL_INIT_DEBUG
315     fprintf(stderr,
316             "OPENSSL_INIT: ossl_init_config: openssl_no_config_int()\n");
317 #endif
318     openssl_no_config_int();
319     config_inited = 1;
320     return 1;
321 }
322
323 static CRYPTO_ONCE async = CRYPTO_ONCE_STATIC_INIT;
324 static int async_inited = 0;
325 DEFINE_RUN_ONCE_STATIC(ossl_init_async)
326 {
327 #ifdef OPENSSL_INIT_DEBUG
328     fprintf(stderr, "OPENSSL_INIT: ossl_init_async: async_init()\n");
329 #endif
330     if (!async_init())
331         return 0;
332     async_inited = 1;
333     return 1;
334 }
335
336 #ifndef OPENSSL_NO_ENGINE
337 static CRYPTO_ONCE engine_openssl = CRYPTO_ONCE_STATIC_INIT;
338 DEFINE_RUN_ONCE_STATIC(ossl_init_engine_openssl)
339 {
340 # ifdef OPENSSL_INIT_DEBUG
341     fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_openssl: "
342                     "engine_load_openssl_int()\n");
343 # endif
344     engine_load_openssl_int();
345     return 1;
346 }
347 # ifndef OPENSSL_NO_DEVCRYPTOENG
348 static CRYPTO_ONCE engine_devcrypto = CRYPTO_ONCE_STATIC_INIT;
349 DEFINE_RUN_ONCE_STATIC(ossl_init_engine_devcrypto)
350 {
351 #  ifdef OPENSSL_INIT_DEBUG
352     fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_devcrypto: "
353                     "engine_load_devcrypto_int()\n");
354 #  endif
355     engine_load_devcrypto_int();
356     return 1;
357 }
358 # endif
359
360 # ifndef OPENSSL_NO_RDRAND
361 static CRYPTO_ONCE engine_rdrand = CRYPTO_ONCE_STATIC_INIT;
362 DEFINE_RUN_ONCE_STATIC(ossl_init_engine_rdrand)
363 {
364 #  ifdef OPENSSL_INIT_DEBUG
365     fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_rdrand: "
366                     "engine_load_rdrand_int()\n");
367 #  endif
368     engine_load_rdrand_int();
369     return 1;
370 }
371 # endif
372 static CRYPTO_ONCE engine_dynamic = CRYPTO_ONCE_STATIC_INIT;
373 DEFINE_RUN_ONCE_STATIC(ossl_init_engine_dynamic)
374 {
375 # ifdef OPENSSL_INIT_DEBUG
376     fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_dynamic: "
377                     "engine_load_dynamic_int()\n");
378 # endif
379     engine_load_dynamic_int();
380     return 1;
381 }
382 # ifndef OPENSSL_NO_STATIC_ENGINE
383 #  if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_PADLOCK)
384 static CRYPTO_ONCE engine_padlock = CRYPTO_ONCE_STATIC_INIT;
385 DEFINE_RUN_ONCE_STATIC(ossl_init_engine_padlock)
386 {
387 #   ifdef OPENSSL_INIT_DEBUG
388     fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_padlock: "
389                     "engine_load_padlock_int()\n");
390 #   endif
391     engine_load_padlock_int();
392     return 1;
393 }
394 #  endif
395 #  if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG)
396 static CRYPTO_ONCE engine_capi = CRYPTO_ONCE_STATIC_INIT;
397 DEFINE_RUN_ONCE_STATIC(ossl_init_engine_capi)
398 {
399 #   ifdef OPENSSL_INIT_DEBUG
400     fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_capi: "
401                     "engine_load_capi_int()\n");
402 #   endif
403     engine_load_capi_int();
404     return 1;
405 }
406 #  endif
407 #  if !defined(OPENSSL_NO_AFALGENG)
408 static CRYPTO_ONCE engine_afalg = CRYPTO_ONCE_STATIC_INIT;
409 DEFINE_RUN_ONCE_STATIC(ossl_init_engine_afalg)
410 {
411 #   ifdef OPENSSL_INIT_DEBUG
412     fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_afalg: "
413                     "engine_load_afalg_int()\n");
414 #   endif
415     engine_load_afalg_int();
416     return 1;
417 }
418 #  endif
419 # endif
420 #endif
421
422 #ifndef OPENSSL_NO_COMP
423 static CRYPTO_ONCE zlib = CRYPTO_ONCE_STATIC_INIT;
424
425 static int zlib_inited = 0;
426 DEFINE_RUN_ONCE_STATIC(ossl_init_zlib)
427 {
428     /* Do nothing - we need to know about this for the later cleanup */
429     zlib_inited = 1;
430     return 1;
431 }
432 #endif
433
434 static void ossl_init_thread_stop(struct thread_local_inits_st *locals)
435 {
436     /* Can't do much about this */
437     if (locals == NULL)
438         return;
439
440     if (locals->async) {
441 #ifdef OPENSSL_INIT_DEBUG
442         fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_stop: "
443                         "async_delete_thread_state()\n");
444 #endif
445         async_delete_thread_state();
446     }
447
448     if (locals->err_state) {
449 #ifdef OPENSSL_INIT_DEBUG
450         fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_stop: "
451                         "err_delete_thread_state()\n");
452 #endif
453         err_delete_thread_state();
454     }
455
456     if (locals->rand) {
457 #ifdef OPENSSL_INIT_DEBUG
458         fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_stop: "
459                         "drbg_delete_thread_state()\n");
460 #endif
461         drbg_delete_thread_state();
462     }
463
464     OPENSSL_free(locals);
465 }
466
467 void OPENSSL_thread_stop(void)
468 {
469     if (destructor_key.sane != -1)
470         ossl_init_thread_stop(ossl_init_get_thread_local(0));
471 }
472
473 int ossl_init_thread_start(uint64_t opts)
474 {
475     struct thread_local_inits_st *locals;
476
477     if (!OPENSSL_init_crypto(0, NULL))
478         return 0;
479
480     locals = ossl_init_get_thread_local(1);
481
482     if (locals == NULL)
483         return 0;
484
485     if (opts & OPENSSL_INIT_THREAD_ASYNC) {
486 #ifdef OPENSSL_INIT_DEBUG
487         fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_start: "
488                         "marking thread for async\n");
489 #endif
490         locals->async = 1;
491     }
492
493     if (opts & OPENSSL_INIT_THREAD_ERR_STATE) {
494 #ifdef OPENSSL_INIT_DEBUG
495         fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_start: "
496                         "marking thread for err_state\n");
497 #endif
498         locals->err_state = 1;
499     }
500
501     if (opts & OPENSSL_INIT_THREAD_RAND) {
502 #ifdef OPENSSL_INIT_DEBUG
503         fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_start: "
504                         "marking thread for rand\n");
505 #endif
506         locals->rand = 1;
507     }
508
509     return 1;
510 }
511
512 void OPENSSL_cleanup(void)
513 {
514     OPENSSL_INIT_STOP *currhandler, *lasthandler;
515     CRYPTO_THREAD_LOCAL key;
516
517     /* If we've not been inited then no need to deinit */
518     if (!base_inited)
519         return;
520
521     /* Might be explicitly called and also by atexit */
522     if (stopped)
523         return;
524     stopped = 1;
525
526     /*
527      * Thread stop may not get automatically called by the thread library for
528      * the very last thread in some situations, so call it directly.
529      */
530     ossl_init_thread_stop(ossl_init_get_thread_local(0));
531
532     currhandler = stop_handlers;
533     while (currhandler != NULL) {
534         currhandler->handler();
535         lasthandler = currhandler;
536         currhandler = currhandler->next;
537         OPENSSL_free(lasthandler);
538     }
539     stop_handlers = NULL;
540
541     CRYPTO_THREAD_lock_free(init_lock);
542     init_lock = NULL;
543
544     /*
545      * We assume we are single-threaded for this function, i.e. no race
546      * conditions for the various "*_inited" vars below.
547      */
548
549 #ifndef OPENSSL_NO_COMP
550     if (zlib_inited) {
551 #ifdef OPENSSL_INIT_DEBUG
552         fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
553                         "comp_zlib_cleanup_int()\n");
554 #endif
555         comp_zlib_cleanup_int();
556     }
557 #endif
558
559     if (async_inited) {
560 # ifdef OPENSSL_INIT_DEBUG
561         fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
562                         "async_deinit()\n");
563 # endif
564         async_deinit();
565     }
566
567     if (load_crypto_strings_inited) {
568 #ifdef OPENSSL_INIT_DEBUG
569         fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
570                         "err_free_strings_int()\n");
571 #endif
572         err_free_strings_int();
573     }
574
575     key = destructor_key.value;
576     destructor_key.sane = -1;
577     CRYPTO_THREAD_cleanup_local(&key);
578
579 #ifdef OPENSSL_INIT_DEBUG
580     fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
581                     "rand_cleanup_int()\n");
582     fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
583                     "conf_modules_free_int()\n");
584 #ifndef OPENSSL_NO_ENGINE
585     fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
586                     "engine_cleanup_int()\n");
587 #endif
588     fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
589                     "crypto_cleanup_all_ex_data_int()\n");
590     fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
591                     "bio_sock_cleanup_int()\n");
592     fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
593                     "bio_cleanup()\n");
594     fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
595                     "evp_cleanup_int()\n");
596     fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
597                     "obj_cleanup_int()\n");
598     fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
599                     "err_cleanup()\n");
600 #endif
601     /*
602      * Note that cleanup order is important:
603      * - rand_cleanup_int could call an ENGINE's RAND cleanup function so
604      * must be called before engine_cleanup_int()
605      * - ENGINEs use CRYPTO_EX_DATA and therefore, must be cleaned up
606      * before the ex data handlers are wiped in CRYPTO_cleanup_all_ex_data().
607      * - conf_modules_free_int() can end up in ENGINE code so must be called
608      * before engine_cleanup_int()
609      * - ENGINEs and additional EVP algorithms might use added OIDs names so
610      * obj_cleanup_int() must be called last
611      */
612     rand_cleanup_int();
613     rand_drbg_cleanup_int();
614     conf_modules_free_int();
615 #ifndef OPENSSL_NO_ENGINE
616     engine_cleanup_int();
617 #endif
618     ossl_store_cleanup_int();
619     crypto_cleanup_all_ex_data_int();
620     bio_cleanup();
621     evp_cleanup_int();
622     obj_cleanup_int();
623     err_cleanup();
624
625     CRYPTO_secure_malloc_done();
626
627     base_inited = 0;
628 }
629
630 /*
631  * If this function is called with a non NULL settings value then it must be
632  * called prior to any threads making calls to any OpenSSL functions,
633  * i.e. passing a non-null settings value is assumed to be single-threaded.
634  */
635 int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings)
636 {
637     if (stopped) {
638         if (!(opts & OPENSSL_INIT_BASE_ONLY))
639             CRYPTOerr(CRYPTO_F_OPENSSL_INIT_CRYPTO, ERR_R_INIT_FAIL);
640         return 0;
641     }
642
643     if (!RUN_ONCE(&base, ossl_init_base))
644         return 0;
645
646     if ((opts & OPENSSL_INIT_NO_ATEXIT) != 0) {
647         if (!RUN_ONCE_ALT(&register_atexit, ossl_init_no_register_atexit,
648                           ossl_init_register_atexit))
649             return 0;
650     } else if (!RUN_ONCE(&register_atexit, ossl_init_register_atexit)) {
651         return 0;
652     }
653
654     if (!(opts & OPENSSL_INIT_BASE_ONLY)
655             && !RUN_ONCE(&load_crypto_nodelete,
656                          ossl_init_load_crypto_nodelete))
657         return 0;
658
659     if ((opts & OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS)
660             && !RUN_ONCE_ALT(&load_crypto_strings,
661                              ossl_init_no_load_crypto_strings,
662                              ossl_init_load_crypto_strings))
663         return 0;
664
665     if ((opts & OPENSSL_INIT_LOAD_CRYPTO_STRINGS)
666             && !RUN_ONCE(&load_crypto_strings, ossl_init_load_crypto_strings))
667         return 0;
668
669     if ((opts & OPENSSL_INIT_NO_ADD_ALL_CIPHERS)
670             && !RUN_ONCE_ALT(&add_all_ciphers, ossl_init_no_add_all_ciphers,
671                              ossl_init_add_all_ciphers))
672         return 0;
673
674     if ((opts & OPENSSL_INIT_ADD_ALL_CIPHERS)
675             && !RUN_ONCE(&add_all_ciphers, ossl_init_add_all_ciphers))
676         return 0;
677
678     if ((opts & OPENSSL_INIT_NO_ADD_ALL_DIGESTS)
679             && !RUN_ONCE_ALT(&add_all_digests, ossl_init_no_add_all_digests,
680                              ossl_init_add_all_digests))
681         return 0;
682
683     if ((opts & OPENSSL_INIT_ADD_ALL_DIGESTS)
684             && !RUN_ONCE(&add_all_digests, ossl_init_add_all_digests))
685         return 0;
686
687     if ((opts & OPENSSL_INIT_NO_ADD_ALL_MACS)
688             && !RUN_ONCE_ALT(&add_all_macs, ossl_init_no_add_all_macs,
689                              ossl_init_add_all_macs))
690         return 0;
691
692     if ((opts & OPENSSL_INIT_ADD_ALL_MACS)
693             && !RUN_ONCE(&add_all_macs, ossl_init_add_all_macs))
694         return 0;
695
696     if ((opts & OPENSSL_INIT_ATFORK)
697             && !openssl_init_fork_handlers())
698         return 0;
699
700     if ((opts & OPENSSL_INIT_NO_LOAD_CONFIG)
701             && !RUN_ONCE_ALT(&config, ossl_init_no_config, ossl_init_config))
702         return 0;
703
704     if (opts & OPENSSL_INIT_LOAD_CONFIG) {
705         int ret;
706         CRYPTO_THREAD_write_lock(init_lock);
707         appname = (settings == NULL) ? NULL : settings->appname;
708         ret = RUN_ONCE(&config, ossl_init_config);
709         CRYPTO_THREAD_unlock(init_lock);
710         if (!ret)
711             return 0;
712     }
713
714     if ((opts & OPENSSL_INIT_ASYNC)
715             && !RUN_ONCE(&async, ossl_init_async))
716         return 0;
717
718 #ifndef OPENSSL_NO_ENGINE
719     if ((opts & OPENSSL_INIT_ENGINE_OPENSSL)
720             && !RUN_ONCE(&engine_openssl, ossl_init_engine_openssl))
721         return 0;
722 # if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_DEVCRYPTOENG)
723     if ((opts & OPENSSL_INIT_ENGINE_CRYPTODEV)
724             && !RUN_ONCE(&engine_devcrypto, ossl_init_engine_devcrypto))
725         return 0;
726 # endif
727 # ifndef OPENSSL_NO_RDRAND
728     if ((opts & OPENSSL_INIT_ENGINE_RDRAND)
729             && !RUN_ONCE(&engine_rdrand, ossl_init_engine_rdrand))
730         return 0;
731 # endif
732     if ((opts & OPENSSL_INIT_ENGINE_DYNAMIC)
733             && !RUN_ONCE(&engine_dynamic, ossl_init_engine_dynamic))
734         return 0;
735 # ifndef OPENSSL_NO_STATIC_ENGINE
736 #  if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_PADLOCK)
737     if ((opts & OPENSSL_INIT_ENGINE_PADLOCK)
738             && !RUN_ONCE(&engine_padlock, ossl_init_engine_padlock))
739         return 0;
740 #  endif
741 #  if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG)
742     if ((opts & OPENSSL_INIT_ENGINE_CAPI)
743             && !RUN_ONCE(&engine_capi, ossl_init_engine_capi))
744         return 0;
745 #  endif
746 #  if !defined(OPENSSL_NO_AFALGENG)
747     if ((opts & OPENSSL_INIT_ENGINE_AFALG)
748             && !RUN_ONCE(&engine_afalg, ossl_init_engine_afalg))
749         return 0;
750 #  endif
751 # endif
752     if (opts & (OPENSSL_INIT_ENGINE_ALL_BUILTIN
753                 | OPENSSL_INIT_ENGINE_OPENSSL
754                 | OPENSSL_INIT_ENGINE_AFALG)) {
755         ENGINE_register_all_complete();
756     }
757 #endif
758
759 #ifndef OPENSSL_NO_COMP
760     if ((opts & OPENSSL_INIT_ZLIB)
761             && !RUN_ONCE(&zlib, ossl_init_zlib))
762         return 0;
763 #endif
764
765     return 1;
766 }
767
768 int OPENSSL_atexit(void (*handler)(void))
769 {
770     OPENSSL_INIT_STOP *newhand;
771
772 #if !defined(OPENSSL_NO_DSO) \
773     && !defined(OPENSSL_USE_NODELETE)\
774     && !defined(OPENSSL_NO_PINSHARED)
775     {
776         union {
777             void *sym;
778             void (*func)(void);
779         } handlersym;
780
781         handlersym.func = handler;
782 # ifdef DSO_WIN32
783         {
784             HMODULE handle = NULL;
785             BOOL ret;
786
787             /*
788              * We don't use the DSO route for WIN32 because there is a better
789              * way
790              */
791             ret = GetModuleHandleEx(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS
792                                     | GET_MODULE_HANDLE_EX_FLAG_PIN,
793                                     handlersym.sym, &handle);
794
795             if (!ret)
796                 return 0;
797         }
798 # else
799         /*
800          * Deliberately leak a reference to the handler. This will force the
801          * library/code containing the handler to remain loaded until we run the
802          * atexit handler. If -znodelete has been used then this is
803          * unnecessary.
804          */
805         {
806             DSO *dso = NULL;
807
808             ERR_set_mark();
809             dso = DSO_dsobyaddr(handlersym.sym, DSO_FLAG_NO_UNLOAD_ON_FREE);
810 #  ifdef OPENSSL_INIT_DEBUG
811             fprintf(stderr,
812                     "OPENSSL_INIT: OPENSSL_atexit: obtained DSO reference? %s\n",
813                     (dso == NULL ? "No!" : "Yes."));
814             /* See same code above in ossl_init_base() for an explanation. */
815 #  endif
816             DSO_free(dso);
817             ERR_pop_to_mark();
818         }
819 # endif
820     }
821 #endif
822
823     if ((newhand = OPENSSL_malloc(sizeof(*newhand))) == NULL) {
824         CRYPTOerr(CRYPTO_F_OPENSSL_ATEXIT, ERR_R_MALLOC_FAILURE);
825         return 0;
826     }
827
828     newhand->handler = handler;
829     newhand->next = stop_handlers;
830     stop_handlers = newhand;
831
832     return 1;
833 }
834
835 #ifdef OPENSSL_SYS_UNIX
836 /*
837  * The following three functions are for OpenSSL developers.  This is
838  * where we set/reset state across fork (called via pthread_atfork when
839  * it exists, or manually by the application when it doesn't).
840  *
841  * WARNING!  If you put code in either OPENSSL_fork_parent or
842  * OPENSSL_fork_child, you MUST MAKE SURE that they are async-signal-
843  * safe.  See this link, for example:
844  *      http://man7.org/linux/man-pages/man7/signal-safety.7.html
845  */
846
847 void OPENSSL_fork_prepare(void)
848 {
849 }
850
851 void OPENSSL_fork_parent(void)
852 {
853 }
854
855 void OPENSSL_fork_child(void)
856 {
857     rand_fork();
858 }
859 #endif