From b01cb9ef6b7ed5769f925fc96b6eb534c794203f Mon Sep 17 00:00:00 2001 From: Adriaan de Jong Date: Thu, 23 Jun 2011 11:40:52 +0200 Subject: Refactored crypto initialisation functions Signed-off-by: Adriaan de Jong Acked-by: David Sommerseth Signed-off-by: David Sommerseth --- crypto.c | 138 +-------------------------------------------------------------- 1 file changed, 2 insertions(+), 136 deletions(-) (limited to 'crypto.c') diff --git a/crypto.c b/crypto.c index bdb3b1d..ff34d5f 100644 --- a/crypto.c +++ b/crypto.c @@ -1451,104 +1451,6 @@ key_len_err: return 0; } -/* - * Enable crypto acceleration, if available - */ - -static bool engine_initialized = false; /* GLOBAL */ - -#if CRYPTO_ENGINE - -static ENGINE *engine_persist = NULL; /* GLOBAL */ - -/* Try to load an engine in a shareable library */ -static ENGINE * -try_load_engine (const char *engine) -{ - ENGINE *e = ENGINE_by_id ("dynamic"); - if (e) - { - if (!ENGINE_ctrl_cmd_string (e, "SO_PATH", engine, 0) - || !ENGINE_ctrl_cmd_string (e, "LOAD", NULL, 0)) - { - ENGINE_free (e); - e = NULL; - } - } - return e; -} - -static ENGINE * -setup_engine (const char *engine) -{ - ENGINE *e = NULL; - - ENGINE_load_builtin_engines (); - - if (engine) - { - if (strcmp (engine, "auto") == 0) - { - msg (M_INFO, "Initializing OpenSSL auto engine support"); - ENGINE_register_all_complete (); - return NULL; - } - if ((e = ENGINE_by_id (engine)) == NULL - && (e = try_load_engine (engine)) == NULL) - { - msg (M_FATAL, "OpenSSL error: cannot load engine '%s'", engine); - } - - if (!ENGINE_set_default (e, ENGINE_METHOD_ALL)) - { - msg (M_FATAL, "OpenSSL error: ENGINE_set_default failed on engine '%s'", - engine); - } - - msg (M_INFO, "Initializing OpenSSL support for engine '%s'", - ENGINE_get_id (e)); - } - return e; -} -#endif - -void -init_crypto_lib_engine (const char *engine_name) -{ - if (!engine_initialized) - { -#if CRYPTO_ENGINE - ASSERT (engine_name); - ASSERT (!engine_persist); - engine_persist = setup_engine (engine_name); -#else - msg (M_WARN, "Note: OpenSSL hardware crypto engine functionality is not available"); -#endif - engine_initialized = true; - } -} - -/* - * This routine should have additional OpenSSL crypto library initialisations - * used by both crypto and ssl components of OpenVPN. - */ -void init_crypto_lib () -{ -} - -void uninit_crypto_lib () -{ -#if CRYPTO_ENGINE - if (engine_initialized) - { - ENGINE_cleanup (); - engine_persist = NULL; - engine_initialized = false; - } -#endif - prng_uninit (); -} - /* * Random number functions, used in cases where we want * reasonably strong cryptographic random number generation @@ -1642,42 +1544,6 @@ md5sum (uint8_t *buf, int len, int n_print_chars, struct gc_arena *gc) return format_hex (digest, MD5_DIGEST_LENGTH, n_print_chars, gc); } -/* - * OpenSSL memory debugging. If dmalloc debugging is enabled, tell - * OpenSSL to use our private malloc/realloc/free functions so that - * we can dispatch them to dmalloc. - */ - -#ifdef DMALLOC - -static void * -crypto_malloc (size_t size, const char *file, int line) -{ - return dmalloc_malloc(file, line, size, DMALLOC_FUNC_MALLOC, 0, 0); -} - -static void * -crypto_realloc (void *ptr, size_t size, const char *file, int line) -{ - return dmalloc_realloc(file, line, ptr, size, DMALLOC_FUNC_REALLOC, 0); -} - -static void -crypto_free (void *ptr) -{ - dmalloc_free (__FILE__, __LINE__, ptr, DMALLOC_FUNC_FREE); -} - -void -openssl_dmalloc_init (void) -{ - CRYPTO_set_mem_ex_functions (crypto_malloc, - crypto_realloc, - crypto_free); -} - -#endif /* DMALLOC */ - #ifndef USE_SSL void @@ -1685,13 +1551,13 @@ init_ssl_lib (void) { ERR_load_crypto_strings (); OpenSSL_add_all_algorithms (); - init_crypto_lib (); + crypto_init_lib (); } void free_ssl_lib (void) { - uninit_crypto_lib (); + crypto_uninit_lib (); EVP_cleanup (); ERR_free_strings (); } -- cgit