2 * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <internal/cryptlib_int.h>
11 #include <openssl/err.h>
12 #include <internal/rand.h>
13 #include <internal/bio.h>
14 #include <openssl/evp.h>
15 #include <internal/evp_int.h>
16 #include <internal/conf.h>
17 #include <internal/async.h>
18 #include <internal/engine.h>
19 #include <internal/comp.h>
20 #include <internal/err.h>
21 #include <internal/err_int.h>
22 #include <internal/objects.h>
25 #include <internal/thread_once.h>
26 #include <internal/dso.h>
28 static int stopped = 0;
30 static void ossl_init_thread_stop(struct thread_local_inits_st *locals);
32 static CRYPTO_THREAD_LOCAL threadstopkey;
34 static void ossl_init_thread_stop_wrap(void *local)
36 ossl_init_thread_stop((struct thread_local_inits_st *)local);
39 static struct thread_local_inits_st *ossl_init_get_thread_local(int alloc)
41 struct thread_local_inits_st *local =
42 CRYPTO_THREAD_get_local(&threadstopkey);
44 if (local == NULL && alloc) {
45 local = OPENSSL_zalloc(sizeof *local);
46 CRYPTO_THREAD_set_local(&threadstopkey, local);
49 CRYPTO_THREAD_set_local(&threadstopkey, NULL);
55 typedef struct ossl_init_stop_st OPENSSL_INIT_STOP;
56 struct ossl_init_stop_st {
57 void (*handler)(void);
58 OPENSSL_INIT_STOP *next;
61 static OPENSSL_INIT_STOP *stop_handlers = NULL;
62 static CRYPTO_RWLOCK *init_lock = NULL;
64 static CRYPTO_ONCE base = CRYPTO_ONCE_STATIC_INIT;
65 static int base_inited = 0;
66 DEFINE_RUN_ONCE_STATIC(ossl_init_base)
68 #ifdef OPENSSL_INIT_DEBUG
69 fprintf(stderr, "OPENSSL_INIT: ossl_init_base: Setting up stop handlers\n");
72 * We use a dummy thread local key here. We use the destructor to detect
73 * when the thread is going to stop (where that feature is available)
75 CRYPTO_THREAD_init_local(&threadstopkey, ossl_init_thread_stop_wrap);
76 #ifndef OPENSSL_SYS_UEFI
77 atexit(OPENSSL_cleanup);
79 if ((init_lock = CRYPTO_THREAD_lock_new()) == NULL)
81 OPENSSL_cpuid_setup();
84 #ifndef OPENSSL_USE_NODELETE
86 * Deliberately leak a reference to ourselves. This will force the library
87 * to remain loaded until the atexit() handler is run a process exit.
92 dso = DSO_dsobyaddr(&base_inited, DSO_FLAG_NO_UNLOAD_ON_FREE);
100 static CRYPTO_ONCE load_crypto_strings = CRYPTO_ONCE_STATIC_INIT;
101 static int load_crypto_strings_inited = 0;
102 DEFINE_RUN_ONCE_STATIC(ossl_init_no_load_crypto_strings)
104 /* Do nothing in this case */
108 DEFINE_RUN_ONCE_STATIC(ossl_init_load_crypto_strings)
112 * OPENSSL_NO_AUTOERRINIT is provided here to prevent at compile time
113 * pulling in all the error strings during static linking
115 #if !defined(OPENSSL_NO_ERR) && !defined(OPENSSL_NO_AUTOERRINIT)
116 # ifdef OPENSSL_INIT_DEBUG
117 fprintf(stderr, "OPENSSL_INIT: ossl_init_load_crypto_strings: "
118 "err_load_crypto_strings_int()\n");
120 ret = err_load_crypto_strings_int();
121 load_crypto_strings_inited = 1;
126 static CRYPTO_ONCE add_all_ciphers = CRYPTO_ONCE_STATIC_INIT;
127 DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_ciphers)
130 * OPENSSL_NO_AUTOALGINIT is provided here to prevent at compile time
131 * pulling in all the ciphers during static linking
133 #ifndef OPENSSL_NO_AUTOALGINIT
134 # ifdef OPENSSL_INIT_DEBUG
135 fprintf(stderr, "OPENSSL_INIT: ossl_init_add_all_ciphers: "
136 "openssl_add_all_ciphers_int()\n");
138 openssl_add_all_ciphers_int();
143 static CRYPTO_ONCE add_all_digests = CRYPTO_ONCE_STATIC_INIT;
144 DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_digests)
147 * OPENSSL_NO_AUTOALGINIT is provided here to prevent at compile time
148 * pulling in all the ciphers during static linking
150 #ifndef OPENSSL_NO_AUTOALGINIT
151 # ifdef OPENSSL_INIT_DEBUG
152 fprintf(stderr, "OPENSSL_INIT: ossl_init_add_all_digests: "
153 "openssl_add_all_digests()\n");
155 openssl_add_all_digests_int();
160 DEFINE_RUN_ONCE_STATIC(ossl_init_no_add_algs)
166 static CRYPTO_ONCE config = CRYPTO_ONCE_STATIC_INIT;
167 static int config_inited = 0;
168 static const char *appname;
169 DEFINE_RUN_ONCE_STATIC(ossl_init_config)
171 #ifdef OPENSSL_INIT_DEBUG
173 "OPENSSL_INIT: ossl_init_config: openssl_config(%s)\n",
174 appname == NULL ? "NULL" : appname);
176 openssl_config_int(appname);
180 DEFINE_RUN_ONCE_STATIC(ossl_init_no_config)
182 #ifdef OPENSSL_INIT_DEBUG
184 "OPENSSL_INIT: ossl_init_config: openssl_no_config_int()\n");
186 openssl_no_config_int();
191 static CRYPTO_ONCE async = CRYPTO_ONCE_STATIC_INIT;
192 static int async_inited = 0;
193 DEFINE_RUN_ONCE_STATIC(ossl_init_async)
195 #ifdef OPENSSL_INIT_DEBUG
196 fprintf(stderr, "OPENSSL_INIT: ossl_init_async: async_init()\n");
204 #ifndef OPENSSL_NO_ENGINE
205 static CRYPTO_ONCE engine_openssl = CRYPTO_ONCE_STATIC_INIT;
206 DEFINE_RUN_ONCE_STATIC(ossl_init_engine_openssl)
208 # ifdef OPENSSL_INIT_DEBUG
209 fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_openssl: "
210 "engine_load_openssl_int()\n");
212 engine_load_openssl_int();
215 # if !defined(OPENSSL_NO_HW) && \
216 (defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV))
217 static CRYPTO_ONCE engine_cryptodev = CRYPTO_ONCE_STATIC_INIT;
218 DEFINE_RUN_ONCE_STATIC(ossl_init_engine_cryptodev)
220 # ifdef OPENSSL_INIT_DEBUG
221 fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_cryptodev: "
222 "engine_load_cryptodev_int()\n");
224 engine_load_cryptodev_int();
229 # ifndef OPENSSL_NO_RDRAND
230 static CRYPTO_ONCE engine_rdrand = CRYPTO_ONCE_STATIC_INIT;
231 DEFINE_RUN_ONCE_STATIC(ossl_init_engine_rdrand)
233 # ifdef OPENSSL_INIT_DEBUG
234 fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_rdrand: "
235 "engine_load_rdrand_int()\n");
237 engine_load_rdrand_int();
241 static CRYPTO_ONCE engine_dynamic = CRYPTO_ONCE_STATIC_INIT;
242 DEFINE_RUN_ONCE_STATIC(ossl_init_engine_dynamic)
244 # ifdef OPENSSL_INIT_DEBUG
245 fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_dynamic: "
246 "engine_load_dynamic_int()\n");
248 engine_load_dynamic_int();
251 # ifndef OPENSSL_NO_STATIC_ENGINE
252 # if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_PADLOCK)
253 static CRYPTO_ONCE engine_padlock = CRYPTO_ONCE_STATIC_INIT;
254 DEFINE_RUN_ONCE_STATIC(ossl_init_engine_padlock)
256 # ifdef OPENSSL_INIT_DEBUG
257 fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_padlock: "
258 "engine_load_padlock_int()\n");
260 engine_load_padlock_int();
264 # if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG)
265 static CRYPTO_ONCE engine_capi = CRYPTO_ONCE_STATIC_INIT;
266 DEFINE_RUN_ONCE_STATIC(ossl_init_engine_capi)
268 # ifdef OPENSSL_INIT_DEBUG
269 fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_capi: "
270 "engine_load_capi_int()\n");
272 engine_load_capi_int();
276 # if !defined(OPENSSL_NO_AFALGENG)
277 static CRYPTO_ONCE engine_afalg = CRYPTO_ONCE_STATIC_INIT;
278 DEFINE_RUN_ONCE_STATIC(ossl_init_engine_afalg)
280 # ifdef OPENSSL_INIT_DEBUG
281 fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_afalg: "
282 "engine_load_afalg_int()\n");
284 engine_load_afalg_int();
291 #ifndef OPENSSL_NO_COMP
292 static CRYPTO_ONCE zlib = CRYPTO_ONCE_STATIC_INIT;
294 static int zlib_inited = 0;
295 DEFINE_RUN_ONCE_STATIC(ossl_init_zlib)
297 /* Do nothing - we need to know about this for the later cleanup */
303 static void ossl_init_thread_stop(struct thread_local_inits_st *locals)
305 /* Can't do much about this */
310 #ifdef OPENSSL_INIT_DEBUG
311 fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_stop: "
312 "ASYNC_cleanup_thread()\n");
314 ASYNC_cleanup_thread();
317 if (locals->err_state) {
318 #ifdef OPENSSL_INIT_DEBUG
319 fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_stop: "
320 "err_delete_thread_state()\n");
322 err_delete_thread_state();
325 OPENSSL_free(locals);
328 void OPENSSL_thread_stop(void)
330 ossl_init_thread_stop(
331 (struct thread_local_inits_st *)ossl_init_get_thread_local(0));
334 int ossl_init_thread_start(uint64_t opts)
336 struct thread_local_inits_st *locals = ossl_init_get_thread_local(1);
341 if (opts & OPENSSL_INIT_THREAD_ASYNC) {
342 #ifdef OPENSSL_INIT_DEBUG
343 fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_start: "
344 "marking thread for async\n");
349 if (opts & OPENSSL_INIT_THREAD_ERR_STATE) {
350 #ifdef OPENSSL_INIT_DEBUG
351 fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_start: "
352 "marking thread for err_state\n");
354 locals->err_state = 1;
360 void OPENSSL_cleanup(void)
362 OPENSSL_INIT_STOP *currhandler, *lasthandler;
364 /* If we've not been inited then no need to deinit */
368 /* Might be explicitly called and also by atexit */
374 * Thread stop may not get automatically called by the thread library for
375 * the very last thread in some situations, so call it directly.
377 ossl_init_thread_stop(ossl_init_get_thread_local(0));
379 currhandler = stop_handlers;
380 while (currhandler != NULL) {
381 currhandler->handler();
382 lasthandler = currhandler;
383 currhandler = currhandler->next;
384 OPENSSL_free(lasthandler);
386 stop_handlers = NULL;
388 CRYPTO_THREAD_lock_free(init_lock);
391 * We assume we are single-threaded for this function, i.e. no race
392 * conditions for the various "*_inited" vars below.
395 #ifndef OPENSSL_NO_COMP
397 #ifdef OPENSSL_INIT_DEBUG
398 fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
399 "comp_zlib_cleanup_int()\n");
401 comp_zlib_cleanup_int();
406 # ifdef OPENSSL_INIT_DEBUG
407 fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
413 if (load_crypto_strings_inited) {
414 #ifdef OPENSSL_INIT_DEBUG
415 fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
416 "err_free_strings_int()\n");
418 err_free_strings_int();
421 CRYPTO_THREAD_cleanup_local(&threadstopkey);
423 #ifdef OPENSSL_INIT_DEBUG
424 fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
425 "rand_cleanup_int()\n");
426 fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
427 "conf_modules_free_int()\n");
428 #ifndef OPENSSL_NO_ENGINE
429 fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
430 "engine_cleanup_int()\n");
432 fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
433 "crypto_cleanup_all_ex_data_int()\n");
434 fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
435 "bio_sock_cleanup_int()\n");
436 fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
438 fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
439 "evp_cleanup_int()\n");
440 fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
441 "obj_cleanup_int()\n");
442 fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: "
446 * Note that cleanup order is important:
447 * - rand_cleanup_int could call an ENGINE's RAND cleanup function so
448 * must be called before engine_cleanup_int()
449 * - ENGINEs use CRYPTO_EX_DATA and therefore, must be cleaned up
450 * before the ex data handlers are wiped in CRYPTO_cleanup_all_ex_data().
451 * - conf_modules_free_int() can end up in ENGINE code so must be called
452 * before engine_cleanup_int()
453 * - ENGINEs and additional EVP algorithms might use added OIDs names so
454 * obj_cleanup_int() must be called last
457 conf_modules_free_int();
458 #ifndef OPENSSL_NO_ENGINE
459 engine_cleanup_int();
461 crypto_cleanup_all_ex_data_int();
471 * If this function is called with a non NULL settings value then it must be
472 * called prior to any threads making calls to any OpenSSL functions,
473 * i.e. passing a non-null settings value is assumed to be single-threaded.
475 int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings)
477 static int stoperrset = 0;
482 * We only ever set this once to avoid getting into an infinite
483 * loop where the error system keeps trying to init and fails so
487 CRYPTOerr(CRYPTO_F_OPENSSL_INIT_CRYPTO, ERR_R_INIT_FAIL);
492 if (!RUN_ONCE(&base, ossl_init_base))
495 if ((opts & OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS)
496 && !RUN_ONCE(&load_crypto_strings,
497 ossl_init_no_load_crypto_strings))
500 if ((opts & OPENSSL_INIT_LOAD_CRYPTO_STRINGS)
501 && !RUN_ONCE(&load_crypto_strings, ossl_init_load_crypto_strings))
504 if ((opts & OPENSSL_INIT_NO_ADD_ALL_CIPHERS)
505 && !RUN_ONCE(&add_all_ciphers, ossl_init_no_add_algs))
508 if ((opts & OPENSSL_INIT_ADD_ALL_CIPHERS)
509 && !RUN_ONCE(&add_all_ciphers, ossl_init_add_all_ciphers))
512 if ((opts & OPENSSL_INIT_NO_ADD_ALL_DIGESTS)
513 && !RUN_ONCE(&add_all_digests, ossl_init_no_add_algs))
516 if ((opts & OPENSSL_INIT_ADD_ALL_DIGESTS)
517 && !RUN_ONCE(&add_all_digests, ossl_init_add_all_digests))
520 if ((opts & OPENSSL_INIT_NO_LOAD_CONFIG)
521 && !RUN_ONCE(&config, ossl_init_no_config))
524 if (opts & OPENSSL_INIT_LOAD_CONFIG) {
526 CRYPTO_THREAD_write_lock(init_lock);
527 appname = (settings == NULL) ? NULL : settings->appname;
528 ret = RUN_ONCE(&config, ossl_init_config);
529 CRYPTO_THREAD_unlock(init_lock);
534 if ((opts & OPENSSL_INIT_ASYNC)
535 && !RUN_ONCE(&async, ossl_init_async))
538 #ifndef OPENSSL_NO_ENGINE
539 if ((opts & OPENSSL_INIT_ENGINE_OPENSSL)
540 && !RUN_ONCE(&engine_openssl, ossl_init_engine_openssl))
542 # if !defined(OPENSSL_NO_HW) && \
543 (defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV))
544 if ((opts & OPENSSL_INIT_ENGINE_CRYPTODEV)
545 && !RUN_ONCE(&engine_cryptodev, ossl_init_engine_cryptodev))
548 # ifndef OPENSSL_NO_RDRAND
549 if ((opts & OPENSSL_INIT_ENGINE_RDRAND)
550 && !RUN_ONCE(&engine_rdrand, ossl_init_engine_rdrand))
553 if ((opts & OPENSSL_INIT_ENGINE_DYNAMIC)
554 && !RUN_ONCE(&engine_dynamic, ossl_init_engine_dynamic))
556 # ifndef OPENSSL_NO_STATIC_ENGINE
557 # if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_PADLOCK)
558 if ((opts & OPENSSL_INIT_ENGINE_PADLOCK)
559 && !RUN_ONCE(&engine_padlock, ossl_init_engine_padlock))
562 # if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG)
563 if ((opts & OPENSSL_INIT_ENGINE_CAPI)
564 && !RUN_ONCE(&engine_capi, ossl_init_engine_capi))
567 # if !defined(OPENSSL_NO_AFALGENG)
568 if ((opts & OPENSSL_INIT_ENGINE_AFALG)
569 && !RUN_ONCE(&engine_afalg, ossl_init_engine_afalg))
573 if (opts & (OPENSSL_INIT_ENGINE_ALL_BUILTIN
574 | OPENSSL_INIT_ENGINE_OPENSSL
575 | OPENSSL_INIT_ENGINE_AFALG)) {
576 ENGINE_register_all_complete();
580 #ifndef OPENSSL_NO_COMP
581 if ((opts & OPENSSL_INIT_ZLIB)
582 && !RUN_ONCE(&zlib, ossl_init_zlib))
589 int OPENSSL_atexit(void (*handler)(void))
591 OPENSSL_INIT_STOP *newhand;
593 #ifndef OPENSSL_USE_NODELETE
595 * Deliberately leak a reference to the handler. This will force the
596 * library/code containing the handler to remain loaded until we run the
597 * atexit handler. If -znodelete has been used then this is unneccessary.
606 handlersym.func = handler;
608 dso = DSO_dsobyaddr(handlersym.sym, DSO_FLAG_NO_UNLOAD_ON_FREE);
613 newhand = OPENSSL_malloc(sizeof(*newhand));
617 newhand->handler = handler;
618 newhand->next = stop_handlers;
619 stop_handlers = newhand;