Allow FIPS malloc callback setting. Automatically set some callbacks
authorDr. Stephen Henson <steve@openssl.org>
Fri, 1 Apr 2011 16:23:16 +0000 (16:23 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Fri, 1 Apr 2011 16:23:16 +0000 (16:23 +0000)
in OPENSSL_init().

crypto/o_init.c
fips/fips.h
fips/utl/fips_mem.c

index 1a042ff..1017f3b 100644 (file)
@@ -54,6 +54,9 @@
 
 #include <e_os.h>
 #include <openssl/err.h>
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
 
 #if defined(__GNUC__) && __GNUC__>=2
   void OPENSSL_init(void) __attribute__((constructor));
@@ -116,6 +119,11 @@ void OPENSSL_init(void)
        if (done)
                return;
        done = 1;
+#ifdef OPENSSL_FIPS
+       FIPS_set_locking_callbacks(CRYPTO_lock, CRYPTO_add_lock);
+       FIPS_set_error_callbacks(ERR_put_error, ERR_add_error_vdata);
+       FIPS_set_malloc_callbacks(CRYPTO_malloc, CRYPTO_free);
+#endif
 #if 1
        fprintf(stderr, "Called OPENSSL_init\n");
 #endif
index 2c71041..921591b 100644 (file)
@@ -122,6 +122,10 @@ void FIPS_set_locking_callbacks(void (*func)(int mode, int type,
                                int (*add_cb)(int *pointer, int amount,
                                        int type, const char *file, int line));
 
+void FIPS_set_malloc_callbacks(
+               void *(*malloc_cb)(int num, const char *file, int line),
+               void (*free_cb)(void *));
+
 #define FIPS_ERROR_IGNORED(alg) OpenSSLDie(__FILE__, __LINE__, \
                alg " previous FIPS forbidden algorithm error ignored");
 
index e0bd0a8..ff6e727 100644 (file)
@@ -84,3 +84,11 @@ void FIPS_free(void *x)
        {
        fips_free_cb(x);
        }
+
+void FIPS_set_malloc_callbacks(
+               void *(*malloc_cb)(int num, const char *file, int line),
+               void (*free_cb)(void *))
+       {
+       fips_malloc_cb = malloc_cb;
+       fips_free_cb = free_cb;
+       }