* The script tool `c_rehash` was removed. Use `openssl rehash` instead.
- * OPENSSL_cleanup() no longer invoked as atexit(3) handler by default.
+ * libcrypto no longer cleans up globally allocated data via atexit()
* ENGINE support was removed. The `no-engine` build option and the
`OPENSSL_NO_ENGINE` macro is always present.
EVP_MAC_CTX_free(ctx);
OPENSSL_free(read_buffer);
free_config_and_unload(conf);
- OPENSSL_cleanup();
return ret;
}
#include <openssl/cmp_util.h> /* for OSSL_CMP_log_close() */
#include <openssl/trace.h>
#include <openssl/ssl.h> /* for OPENSSL_INIT_(NO_)?LOAD_SSL_STRINGS */
+#include "crypto/bn.h"
#include "crypto/ctype.h"
#include "sslerr.h"
+#ifdef S390X_MOD_EXP
+#include "s390x_arch.h"
+#endif
+
static int stopped = 0;
static uint64_t optsdone = 0;
return 0;
}
-static CRYPTO_ONCE load_crypto_nodelete = CRYPTO_ONCE_STATIC_INIT;
-DEFINE_RUN_ONCE_STATIC(ossl_init_load_crypto_nodelete)
-{
- OSSL_TRACE(INIT, "ossl_init_load_crypto_nodelete()\n");
-
-#if !defined(OPENSSL_USE_NODELETE) \
- && !defined(OPENSSL_NO_PINSHARED)
-#if defined(DSO_WIN32) && !defined(_WIN32_WCE)
- {
- HMODULE handle = NULL;
- BOOL ret;
-
- /* We don't use the DSO route for WIN32 because there is a better way */
- ret = GetModuleHandleEx(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS
- | GET_MODULE_HANDLE_EX_FLAG_PIN,
- (void *)&base_inited, &handle);
-
- OSSL_TRACE1(INIT,
- "ossl_init_load_crypto_nodelete: "
- "obtained DSO reference? %s\n",
- (ret == TRUE ? "No!" : "Yes."));
- return (ret == TRUE) ? 1 : 0;
- }
-#elif !defined(DSO_NONE)
- /*
- * Deliberately leak a reference to ourselves. This will force the library
- * to remain loaded until the OPENSSL_cleanup() is called.
- */
- {
- DSO *dso;
- void *err;
-
- if (!err_shelve_state(&err))
- return 0;
-
- dso = DSO_dsobyaddr(&base_inited, DSO_FLAG_NO_UNLOAD_ON_FREE);
- /*
- * In case of No!, it is uncertain our exit()-handlers can still be
- * called. After dlclose() the whole library might have been unloaded
- * already.
- */
- OSSL_TRACE1(INIT, "obtained DSO reference? %s\n",
- (dso == NULL ? "No!" : "Yes."));
- DSO_free(dso);
- err_unshelve_state(err);
- }
-#endif
-#endif
-
- return 1;
-}
-
static CRYPTO_ONCE load_crypto_strings = CRYPTO_ONCE_STATIC_INIT;
DEFINE_RUN_ONCE_STATIC(ossl_init_load_crypto_strings)
if (!base_inited)
return;
- /* Might be explicitly called a*/
+ /* Might be explicitly called */
if (stopped)
return;
stopped = 1;
OSSL_TRACE(INIT, "OPENSSL_cleanup: ossl_trace_cleanup()\n");
ossl_trace_cleanup();
+#ifdef S390X_MOD_EXP
+ OPENSSL_s390x_cleanup();
+#endif
+
base_inited = 0;
}
*
* When the caller specifies OPENSSL_INIT_BASE_ONLY, that should be the
* *only* option specified. With that option we return immediately after
- * doing the requested limited initialization. Note that
- * err_shelve_state() called by us via ossl_init_load_crypto_nodelete()
- * re-enters OPENSSL_init_crypto() with OPENSSL_INIT_BASE_ONLY, but with
- * base already initialized this is a harmless NOOP.
+ * doing the requested limited initialization.
*
* If we remain the only caller of err_shelve_state() the recursion should
* perhaps be removed, but if in doubt, it can be left in place.
return 1;
}
- if (!RUN_ONCE(&load_crypto_nodelete, ossl_init_load_crypto_nodelete))
- return 0;
-
if ((opts & OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS)
&& !RUN_ONCE_ALT(&load_crypto_strings,
ossl_init_no_load_crypto_strings,
void ossl_thread_event_ctx_free(OSSL_LIB_CTX *ctx)
{
- THREAD_EVENT_HANDLER **hands;
-
- hands = (THREAD_EVENT_HANDLER **)CRYPTO_THREAD_get_local_ex(CRYPTO_THREAD_LOCAL_TEVENT_KEY, ctx);
CRYPTO_THREAD_set_local_ex(CRYPTO_THREAD_LOCAL_TEVENT_KEY, ctx, NULL);
-
- OPENSSL_free(hands);
}
static void ossl_arg_thread_stop(void *arg)
int s390x_pcc(unsigned int fc, void *param);
int s390x_kdsa(unsigned int fc, void *param, const unsigned char *in,
size_t len);
+void OPENSSL_s390x_cleanup(void);
void s390x_flip_endian32(unsigned char dst[32], const unsigned char src[32]);
void s390x_flip_endian64(unsigned char dst[64], const unsigned char src[64]);
OPENSSL_s390xcex = -1;
} else {
OPENSSL_s390xcex = open("/dev/z90crypt", O_RDWR | O_CLOEXEC);
- OPENSSL_atexit(OPENSSL_s390x_cleanup);
}
OPENSSL_s390xcex_nodev = 0;
#endif
With this option the library will register its fork handlers.
See OPENSSL_fork_prepare(3) for details.
+=item OPENSSL_INIT_NO_ATEXIT
+
+The option has no effect in 4.0 and later.
+
=back
Multiple options may be combined together in a single call to
Some functions have been removed that were deprecated in previous
versions of OpenSSL. See L<ossl-removed-api(7)>.
+libcrypto no longer arms OPENSSL_cleanup() function as atexit(3) handler.
+Memory leak detectors may report there is allocated, but still reachable,
+allocated memory at application exit. If clean report is desired, then
+application must call OPENSSL_cleanup() explicitly before main() returns.
+
=head1 OPENSSL 3.6
=head2 Main Changes from OpenSSL 3.5
/* FREE: 0x00010000L */
#define OPENSSL_INIT_ATFORK 0x00020000L
/* OPENSSL_INIT_BASE_ONLY 0x00040000L */
+#define OPENSSL_INIT_NO_ATEXIT 0x00080000L
/* OPENSSL_INIT flag range 0x03f00000 reserved for OPENSSL_init_ssl() */
-/* FREE: 0x00080000L */
/* FREE: 0x04000000L */
/* FREE: 0x08000000L */
/* FREE: 0x10000000L */
&& defined(OPENSSL_RAND_SEED_GETRANDOM)
static void *shm_addr;
-static void cleanup_shm(void)
-{
- shmdt(shm_addr);
-}
-
/*
* Ensure that the system randomness source has been adequately seeded.
* This is done by having the first start of libcrypto, wait until the device
* If this call fails, it isn't a big problem.
*/
shm_addr = shmat(shm_id, NULL, SHM_RDONLY);
- if (shm_addr != (void *)-1)
- OPENSSL_atexit(&cleanup_shm);
+ if (shm_addr == (void *)-1)
+ shm_addr = NULL;
}
}
return seeded;
for (i = 0; i < OSSL_NELEM(random_devices); i++)
close_random_device(i);
+
+#if defined(__linux) && defined(DEVRANDOM_WAIT) \
+ && defined(OPENSSL_RAND_SEED_GETRANDOM)
+ if (shm_addr != NULL) {
+ shmdt(shm_addr);
+ shm_addr = NULL;
+ }
+#endif
}
void ossl_rand_pool_keep_random_devices_open(int keep)
#if defined(OPENSSL_SYS_WINDOWS)
static CRYPTO_ONCE ensure_wsa_startup_once = CRYPTO_ONCE_STATIC_INIT;
+static CRYPTO_RWLOCK *wsa_lock;
static int wsa_started;
+static int wsa_ref;
static void ossl_wsa_cleanup(void)
{
wsa_started = 0;
WSACleanup();
}
+
+ CRYPTO_THREAD_lock_free(wsa_lock);
+ wsa_lock = NULL;
}
DEFINE_RUN_ONCE_STATIC(do_wsa_startup)
WORD versionreq = 0x0202; /* Version 2.2 */
WSADATA wsadata;
- if (WSAStartup(versionreq, &wsadata) != 0)
+ wsa_lock = CRYPTO_THREAD_lock_new();
+ if (wsa_lock == NULL)
+ return 0;
+
+ if (WSAStartup(versionreq, &wsadata) != 0) {
+ CRYPTO_THREAD_lock_free(wsa_lock);
+ wsa_lock = NULL;
return 0;
+ }
wsa_started = 1;
- OPENSSL_atexit(ossl_wsa_cleanup);
+
return 1;
}
static ossl_inline int ensure_wsa_startup(void)
{
- return RUN_ONCE(&ensure_wsa_startup_once, do_wsa_startup);
+ int rv, unused;
+
+ rv = RUN_ONCE(&ensure_wsa_startup_once, do_wsa_startup);
+ if (rv != 0)
+ CRYPTO_atomic_add(&wsa_ref, 1, &unused, wsa_lock);
+
+ return rv;
+}
+
+static void wsa_done(void)
+{
+ int ref;
+
+ if (wsa_lock != NULL) {
+ CRYPTO_atomic_add(&wsa_ref, -1, &ref, wsa_lock);
+ if (ref == 0) {
+ ossl_wsa_cleanup();
+ ensure_wsa_startup_once = CRYPTO_ONCE_STATIC_INIT;
+ wsa_lock = NULL;
+ }
+ }
}
#endif
if (!ensure_wsa_startup()) {
ERR_raise_data(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR,
"Cannot start Windows sockets");
+
+ wsa_done();
return 0;
}
#endif
BIO_closesocket(nfy->wfd);
BIO_closesocket(nfy->rfd);
nfy->rfd = nfy->wfd = -1;
+#if defined(OPENSSL_SYS_WINDOWS)
+ wsa_done();
+#endif
}
int ossl_rio_notifier_signal(RIO_NOTIFIER *nfy)
*/
#include <string.h>
-#include <openssl/crypto.h>
#include <openssl/evp.h>
#include <openssl/provider.h>
#include "testutil.h"
return 1;
}
-void cleanup_tests(void)
-{
- OPENSSL_cleanup();
-}
-
int setup_tests(void)
{
size_t argc;
#include <string.h>
#include <openssl/core_dispatch.h>
-#include <openssl/crypto.h>
#include <openssl/evp.h>
#include <openssl/pem.h>
#include <openssl/rsa.h>
OSSL_PROVIDER_unload(keyprov);
OSSL_LIB_CTX_free(testctx);
OSSL_LIB_CTX_free(keyctx);
-
- OPENSSL_cleanup();
}
* https://www.openssl.org/source/license.html
*/
-#include <openssl/crypto.h>
#include <openssl/evp.h>
#include <openssl/rand.h>
#include <openssl/bio.h>
return res;
}
-void cleanup_tests(void)
-{
- OPENSSL_cleanup();
-}
-
int setup_tests(void)
{
if (!test_skip_common_options()) {
* https://www.openssl.org/source/license.html
*/
+#include <openssl/crypto.h>
#include "../testutil.h"
#include "output.h"
#include "tu_local.h"
end:
ret = pulldown_test_framework(ret);
test_close_streams();
+ OPENSSL_cleanup();
return ret;
}
projects / 0xmirror / openssl.git / commitdiff