Refactored crypto initialisation functions

Signed-off-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: David Sommerseth <davids@redhat.com>
Signed-off-by: David Sommerseth <davids@redhat.com>

1 files changed, 2 insertions, 136 deletions

diff --git a/crypto.c b/crypto.c
index bdb3b1d..ff34d5f 100644
--- a/crypto.c
+++ b/crypto.c
@@ -1452,104 +1452,6 @@ key_len_err:
 }
 
 /*
- * Enable crypto acceleration, if available
- */
-
-static bool engine_initialized = false; /* GLOBAL */
-
-#if CRYPTO_ENGINE
-
-static ENGINE *engine_persist = NULL;   /* GLOBAL */
-
-/* Try to load an engine in a shareable library */
-static ENGINE *
-try_load_engine (const char *engine)
-{
-  ENGINE *e = ENGINE_by_id ("dynamic");
-  if (e)
-    {
-      if (!ENGINE_ctrl_cmd_string (e, "SO_PATH", engine, 0)
-	  || !ENGINE_ctrl_cmd_string (e, "LOAD", NULL, 0))
-	{
-	  ENGINE_free (e);
-	  e = NULL;
-	}
-    }
-  return e;
-}
-
-static ENGINE *
-setup_engine (const char *engine)
-{
-  ENGINE *e = NULL;
-
-  ENGINE_load_builtin_engines ();
-
-  if (engine)
-    {
-      if (strcmp (engine, "auto") == 0)
-	{
-	  msg (M_INFO, "Initializing OpenSSL auto engine support");
-	  ENGINE_register_all_complete ();
-	  return NULL;
-	}
-      if ((e = ENGINE_by_id (engine)) == NULL
-	 && (e = try_load_engine (engine)) == NULL)
-	{
-	  msg (M_FATAL, "OpenSSL error: cannot load engine '%s'", engine);
-	}
-
-      if (!ENGINE_set_default (e, ENGINE_METHOD_ALL))
-	{
-	  msg (M_FATAL, "OpenSSL error: ENGINE_set_default failed on engine '%s'",
-	       engine);
-	}
-
-      msg (M_INFO, "Initializing OpenSSL support for engine '%s'",
-	   ENGINE_get_id (e));
-    }
-  return e;
-}
-#endif
-
-void
-init_crypto_lib_engine (const char *engine_name)
-{
-  if (!engine_initialized)
-    {
-#if CRYPTO_ENGINE
-      ASSERT (engine_name);
-      ASSERT (!engine_persist);
-      engine_persist = setup_engine (engine_name);
-#else
-      msg (M_WARN, "Note: OpenSSL hardware crypto engine functionality is not available");
-#endif
-      engine_initialized = true;
-    }
-}
-
-/*
- * This routine should have additional OpenSSL crypto library initialisations
- * used by both crypto and ssl components of OpenVPN.
- */
-void init_crypto_lib ()
-{
-}
-
-void uninit_crypto_lib ()
-{
-#if CRYPTO_ENGINE
-  if (engine_initialized)
-    {
-      ENGINE_cleanup ();
-      engine_persist = NULL;
-      engine_initialized = false;
-    }
-#endif
-  prng_uninit ();
-}
-
-/*
  * Random number functions, used in cases where we want
  * reasonably strong cryptographic random number generation
  * without depleting our entropy pool.  Used for random
@@ -1642,42 +1544,6 @@ md5sum (uint8_t *buf, int len, int n_print_chars, struct gc_arena *gc)
   return format_hex (digest, MD5_DIGEST_LENGTH, n_print_chars, gc);
 }
 
-/*
- * OpenSSL memory debugging.  If dmalloc debugging is enabled, tell
- * OpenSSL to use our private malloc/realloc/free functions so that
- * we can dispatch them to dmalloc.
- */
-
-#ifdef DMALLOC
-
-static void *
-crypto_malloc (size_t size, const char *file, int line)
-{
-  return dmalloc_malloc(file, line, size, DMALLOC_FUNC_MALLOC, 0, 0);
-}
-
-static void *
-crypto_realloc (void *ptr, size_t size, const char *file, int line)
-{
-  return dmalloc_realloc(file, line, ptr, size, DMALLOC_FUNC_REALLOC, 0);
-}
-
-static void
-crypto_free (void *ptr)
-{
-  dmalloc_free (__FILE__, __LINE__, ptr, DMALLOC_FUNC_FREE);
-}
-
-void
-openssl_dmalloc_init (void)
-{
-   CRYPTO_set_mem_ex_functions (crypto_malloc,
-				crypto_realloc,
-				crypto_free);
-}
-
-#endif /* DMALLOC */
-
 #ifndef USE_SSL
 
 void
@@ -1685,13 +1551,13 @@ init_ssl_lib (void)
 {
   ERR_load_crypto_strings ();
   OpenSSL_add_all_algorithms ();
-  init_crypto_lib ();
+  crypto_init_lib ();
 }
 
 void
 free_ssl_lib (void)
 {
-  uninit_crypto_lib ();
+  crypto_uninit_lib ();
   EVP_cleanup ();
   ERR_free_strings ();
 }