diff options
| author | Igor Novgorodov <igor@novg.net> | 2012-02-28 15:16:01 +0400 |
|---|---|---|
| committer | David Sommerseth <davids@redhat.com> | 2012-03-29 14:36:48 +0200 |
| commit | 39b54baa36e8625fd29d0a1ed6482f83fa78d322 (patch) | |
| tree | a2a6575defd292323403df70d58fd9a4f67284ab /src | |
| parent | 3c1971de878bb3658c38b0504f314d38b6b765d2 (diff) | |
| download | openvpn-39b54baa36e8625fd29d0a1ed6482f83fa78d322.tar.gz openvpn-39b54baa36e8625fd29d0a1ed6482f83fa78d322.tar.xz openvpn-39b54baa36e8625fd29d0a1ed6482f83fa78d322.zip | |
Remove calls to OpenSSL when building with --disable-ssl
Move OpenSSL calls out from the generic crypto layer and into the
OpenSSL specific layer. Also don't load all algortihms if SSL
isn't enabled.
Error strings will also not be loaded into memory if ENABLE_SMALL
is configured.
Signed-off-by: Igor Novgorodov <igor@novg.net>
Acked-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: David Sommerseth <davids@redhat.com>
Signed-off-by: David Sommerseth <davids@redhat.com>
Diffstat (limited to 'src')
| -rw-r--r-- | src/openvpn/crypto.c | 4 | ||||
| -rw-r--r-- | src/openvpn/crypto_openssl.c | 15 | ||||
| -rw-r--r-- | src/openvpn/ssl_openssl.c | 4 |
3 files changed, 19 insertions, 4 deletions
diff --git a/src/openvpn/crypto.c b/src/openvpn/crypto.c index f811966..03781fc 100644 --- a/src/openvpn/crypto.c +++ b/src/openvpn/crypto.c @@ -1384,8 +1384,6 @@ get_random() void init_ssl_lib (void) { - ERR_load_crypto_strings (); - OpenSSL_add_all_algorithms (); crypto_init_lib (); } @@ -1394,8 +1392,6 @@ free_ssl_lib (void) { crypto_uninit_lib (); prng_uninit(); - EVP_cleanup (); - ERR_free_strings (); } #endif /* ENABLE_SSL */ diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c index 4a3be1e..5342502 100644 --- a/src/openvpn/crypto_openssl.c +++ b/src/openvpn/crypto_openssl.c @@ -194,11 +194,19 @@ crypto_init_lib_engine (const char *engine_name) void crypto_init_lib (void) { +#ifndef USE_SSL +#ifndef ENABLE_SMALL + ERR_load_crypto_strings (); +#endif + OpenSSL_add_all_algorithms (); +#endif + /* * If you build the OpenSSL library and OpenVPN with * CRYPTO_MDEBUG, you will get a listing of OpenSSL * memory leaks on program termination. */ + #ifdef CRYPTO_MDEBUG CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); #endif @@ -207,6 +215,13 @@ crypto_init_lib (void) void crypto_uninit_lib (void) { +#ifndef USE_SSL + EVP_cleanup (); +#ifndef ENABLE_SMALL + ERR_free_strings (); +#endif +#endif + #ifdef CRYPTO_MDEBUG FILE* fp = fopen ("sdlog", "w"); ASSERT (fp); diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c index d712c66..8f35325 100644 --- a/src/openvpn/ssl_openssl.c +++ b/src/openvpn/ssl_openssl.c @@ -69,7 +69,9 @@ void tls_init_lib() { SSL_library_init(); +#ifndef ENABLE_SMALL SSL_load_error_strings(); +#endif OpenSSL_add_all_algorithms (); mydata_index = SSL_get_ex_new_index(0, "struct session *", NULL, NULL, NULL); @@ -80,7 +82,9 @@ void tls_free_lib() { EVP_cleanup(); +#ifndef ENABLE_SMALL ERR_free_strings(); +#endif } void |