/src/irssi/subprojects/openssl-1.1.1l/ssl/ssl_init.c

Source (jump to first uncovered line)
/*
 * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the OpenSSL license (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include "e_os.h"

#include "internal/err.h"
#include <openssl/crypto.h>
#include <openssl/evp.h>
#include "ssl_local.h"
#include "internal/thread_once.h"

static int stopped;

static void ssl_library_stop(void);

static CRYPTO_ONCE ssl_base = CRYPTO_ONCE_STATIC_INIT;
static int ssl_base_inited = 0;
DEFINE_RUN_ONCE_STATIC(ossl_init_ssl_base)
{
#ifdef OPENSSL_INIT_DEBUG
    fprintf(stderr, "OPENSSL_INIT: ossl_init_ssl_base: "
            "Adding SSL ciphers and digests\n");
#endif
#ifndef OPENSSL_NO_DES
    EVP_add_cipher(EVP_des_cbc());
    EVP_add_cipher(EVP_des_ede3_cbc());
#endif
#ifndef OPENSSL_NO_IDEA
    EVP_add_cipher(EVP_idea_cbc());
#endif
#ifndef OPENSSL_NO_RC4
    EVP_add_cipher(EVP_rc4());
# ifndef OPENSSL_NO_MD5
    EVP_add_cipher(EVP_rc4_hmac_md5());
# endif
#endif
#ifndef OPENSSL_NO_RC2
    EVP_add_cipher(EVP_rc2_cbc());
    /*
     * Not actually used for SSL/TLS but this makes PKCS#12 work if an
     * application only calls SSL_library_init().
     */
    EVP_add_cipher(EVP_rc2_40_cbc());
#endif
    EVP_add_cipher(EVP_aes_128_cbc());
    EVP_add_cipher(EVP_aes_192_cbc());
    EVP_add_cipher(EVP_aes_256_cbc());
    EVP_add_cipher(EVP_aes_128_gcm());
    EVP_add_cipher(EVP_aes_256_gcm());
    EVP_add_cipher(EVP_aes_128_ccm());
    EVP_add_cipher(EVP_aes_256_ccm());
    EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1());
    EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1());
    EVP_add_cipher(EVP_aes_128_cbc_hmac_sha256());
    EVP_add_cipher(EVP_aes_256_cbc_hmac_sha256());
#ifndef OPENSSL_NO_ARIA
    EVP_add_cipher(EVP_aria_128_gcm());
    EVP_add_cipher(EVP_aria_256_gcm());
#endif
#ifndef OPENSSL_NO_CAMELLIA
    EVP_add_cipher(EVP_camellia_128_cbc());
    EVP_add_cipher(EVP_camellia_256_cbc());
#endif
#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
    EVP_add_cipher(EVP_chacha20_poly1305());
#endif

#ifndef OPENSSL_NO_SEED
    EVP_add_cipher(EVP_seed_cbc());
#endif

#ifndef OPENSSL_NO_MD5
    EVP_add_digest(EVP_md5());
    EVP_add_digest_alias(SN_md5, "ssl3-md5");
    EVP_add_digest(EVP_md5_sha1());
#endif
    EVP_add_digest(EVP_sha1()); /* RSA with sha1 */
    EVP_add_digest_alias(SN_sha1, "ssl3-sha1");
    EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA);
    EVP_add_digest(EVP_sha224());
    EVP_add_digest(EVP_sha256());
    EVP_add_digest(EVP_sha384());
    EVP_add_digest(EVP_sha512());
#ifndef OPENSSL_NO_COMP
# ifdef OPENSSL_INIT_DEBUG
    fprintf(stderr, "OPENSSL_INIT: ossl_init_ssl_base: "
            "SSL_COMP_get_compression_methods()\n");
# endif
    /*
     * This will initialise the built-in compression algorithms. The value
     * returned is a STACK_OF(SSL_COMP), but that can be discarded safely
     */
    SSL_COMP_get_compression_methods();
#endif
    /* initialize cipher/digest methods table */
    if (!ssl_load_ciphers())
        return 0;

#ifdef OPENSSL_INIT_DEBUG
    fprintf(stderr, "OPENSSL_INIT: ossl_init_ssl_base: "
            "SSL_add_ssl_module()\n");
#endif
    /*
     * We ignore an error return here. Not much we can do - but not that bad
     * either. We can still safely continue.
     */
    OPENSSL_atexit(ssl_library_stop);
    ssl_base_inited = 1;
    return 1;
}

static CRYPTO_ONCE ssl_strings = CRYPTO_ONCE_STATIC_INIT;
static int ssl_strings_inited = 0;
DEFINE_RUN_ONCE_STATIC(ossl_init_load_ssl_strings)
{
    /*
     * OPENSSL_NO_AUTOERRINIT is provided here to prevent at compile time
     * pulling in all the error strings during static linking
     */
#if !defined(OPENSSL_NO_ERR) && !defined(OPENSSL_NO_AUTOERRINIT)
# ifdef OPENSSL_INIT_DEBUG
    fprintf(stderr, "OPENSSL_INIT: ossl_init_load_ssl_strings: "
            "ERR_load_SSL_strings()\n");
# endif
    ERR_load_SSL_strings();
    ssl_strings_inited = 1;
#endif
    return 1;
}

DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_load_ssl_strings,
                           ossl_init_load_ssl_strings)
{
    /* Do nothing in this case */
    return 1;
}

static void ssl_library_stop(void)
{
    /* Might be explicitly called and also by atexit */
    if (stopped)
        return;
    stopped = 1;

    if (ssl_base_inited) {
#ifndef OPENSSL_NO_COMP
# ifdef OPENSSL_INIT_DEBUG
        fprintf(stderr, "OPENSSL_INIT: ssl_library_stop: "
                "ssl_comp_free_compression_methods_int()\n");
# endif
        ssl_comp_free_compression_methods_int();
#endif
    }

    if (ssl_strings_inited) {
#ifdef OPENSSL_INIT_DEBUG
        fprintf(stderr, "OPENSSL_INIT: ssl_library_stop: "
                "err_free_strings_int()\n");
#endif
        /*
         * If both crypto and ssl error strings are inited we will end up
         * calling err_free_strings_int() twice - but that's ok. The second
         * time will be a no-op. It's easier to do that than to try and track
         * between the two libraries whether they have both been inited.
         */
        err_free_strings_int();
    }
}

/*
 * If this function is called with a non NULL settings value then it must be
 * called prior to any threads making calls to any OpenSSL functions,
 * i.e. passing a non-null settings value is assumed to be single-threaded.
 */
int OPENSSL_init_ssl(uint64_t opts, const OPENSSL_INIT_SETTINGS * settings)
{
    static int stoperrset = 0;

    if (stopped) {
        if (!stoperrset) {
            /*
             * We only ever set this once to avoid getting into an infinite
             * loop where the error system keeps trying to init and fails so
             * sets an error etc
             */
            stoperrset = 1;
            SSLerr(SSL_F_OPENSSL_INIT_SSL, ERR_R_INIT_FAIL);
        }
        return 0;
    }

    opts |= OPENSSL_INIT_ADD_ALL_CIPHERS
         |  OPENSSL_INIT_ADD_ALL_DIGESTS;
#ifndef OPENSSL_NO_AUTOLOAD_CONFIG
    if ((opts & OPENSSL_INIT_NO_LOAD_CONFIG) == 0)
        opts |= OPENSSL_INIT_LOAD_CONFIG;
#endif

    if (!OPENSSL_init_crypto(opts, settings))
        return 0;

    if (!RUN_ONCE(&ssl_base, ossl_init_ssl_base))
        return 0;

    if ((opts & OPENSSL_INIT_NO_LOAD_SSL_STRINGS)
        && !RUN_ONCE_ALT(&ssl_strings, ossl_init_no_load_ssl_strings,
                         ossl_init_load_ssl_strings))
        return 0;

    if ((opts & OPENSSL_INIT_LOAD_SSL_STRINGS)
        && !RUN_ONCE(&ssl_strings, ossl_init_load_ssl_strings))
        return 0;

    return 1;
}

Coverage Report

Created: 2025-08-26 06:31

Line	Count	Source (jump to first uncovered line)
1		/*
2		* Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
3		*
4		* Licensed under the OpenSSL license (the "License"). You may not use
5		* this file except in compliance with the License. You can obtain a copy
6		* in the file LICENSE in the source distribution or at
7		* https://www.openssl.org/source/license.html
8		*/
9
10		#include "e_os.h"
11
12		#include "internal/err.h"
13		#include <openssl/crypto.h>
14		#include <openssl/evp.h>
15		#include "ssl_local.h"
16		#include "internal/thread_once.h"
17
18		static int stopped;
19
20		static void ssl_library_stop(void);
21
22		static CRYPTO_ONCE ssl_base = CRYPTO_ONCE_STATIC_INIT;
23		static int ssl_base_inited = 0;
24		DEFINE_RUN_ONCE_STATIC(ossl_init_ssl_base)
25	2	{
26		#ifdef OPENSSL_INIT_DEBUG
27		fprintf(stderr, "OPENSSL_INIT: ossl_init_ssl_base: "
28		"Adding SSL ciphers and digests\n");
29		#endif
30	2	#ifndef OPENSSL_NO_DES
31	2	EVP_add_cipher(EVP_des_cbc());
32	2	EVP_add_cipher(EVP_des_ede3_cbc());
33	2	#endif
34	2	#ifndef OPENSSL_NO_IDEA
35	2	EVP_add_cipher(EVP_idea_cbc());
36	2	#endif
37	2	#ifndef OPENSSL_NO_RC4
38	2	EVP_add_cipher(EVP_rc4());
39	2	# ifndef OPENSSL_NO_MD5
40	2	EVP_add_cipher(EVP_rc4_hmac_md5());
41	2	# endif
42	2	#endif
43	2	#ifndef OPENSSL_NO_RC2
44	2	EVP_add_cipher(EVP_rc2_cbc());
45		/*
46		* Not actually used for SSL/TLS but this makes PKCS#12 work if an
47		* application only calls SSL_library_init().
48		*/
49	2	EVP_add_cipher(EVP_rc2_40_cbc());
50	2	#endif
51	2	EVP_add_cipher(EVP_aes_128_cbc());
52	2	EVP_add_cipher(EVP_aes_192_cbc());
53	2	EVP_add_cipher(EVP_aes_256_cbc());
54	2	EVP_add_cipher(EVP_aes_128_gcm());
55	2	EVP_add_cipher(EVP_aes_256_gcm());
56	2	EVP_add_cipher(EVP_aes_128_ccm());
57	2	EVP_add_cipher(EVP_aes_256_ccm());
58	2	EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1());
59	2	EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1());
60	2	EVP_add_cipher(EVP_aes_128_cbc_hmac_sha256());
61	2	EVP_add_cipher(EVP_aes_256_cbc_hmac_sha256());
62	2	#ifndef OPENSSL_NO_ARIA
63	2	EVP_add_cipher(EVP_aria_128_gcm());
64	2	EVP_add_cipher(EVP_aria_256_gcm());
65	2	#endif
66	2	#ifndef OPENSSL_NO_CAMELLIA
67	2	EVP_add_cipher(EVP_camellia_128_cbc());
68	2	EVP_add_cipher(EVP_camellia_256_cbc());
69	2	#endif
70	2	#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
71	2	EVP_add_cipher(EVP_chacha20_poly1305());
72	2	#endif
73
74	2	#ifndef OPENSSL_NO_SEED
75	2	EVP_add_cipher(EVP_seed_cbc());
76	2	#endif
77
78	2	#ifndef OPENSSL_NO_MD5
79	2	EVP_add_digest(EVP_md5());
80	2	EVP_add_digest_alias(SN_md5, "ssl3-md5");
81	2	EVP_add_digest(EVP_md5_sha1());
82	2	#endif
83	2	EVP_add_digest(EVP_sha1()); /* RSA with sha1 */
84	2	EVP_add_digest_alias(SN_sha1, "ssl3-sha1");
85	2	EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA);
86	2	EVP_add_digest(EVP_sha224());
87	2	EVP_add_digest(EVP_sha256());
88	2	EVP_add_digest(EVP_sha384());
89	2	EVP_add_digest(EVP_sha512());
90		#ifndef OPENSSL_NO_COMP
91		# ifdef OPENSSL_INIT_DEBUG
92		fprintf(stderr, "OPENSSL_INIT: ossl_init_ssl_base: "
93		"SSL_COMP_get_compression_methods()\n");
94		# endif
95		/*
96		* This will initialise the built-in compression algorithms. The value
97		* returned is a STACK_OF(SSL_COMP), but that can be discarded safely
98		*/
99		SSL_COMP_get_compression_methods();
100		#endif
101		/* initialize cipher/digest methods table */
102	2	if (!ssl_load_ciphers())
103	0	return 0;
104
105		#ifdef OPENSSL_INIT_DEBUG
106		fprintf(stderr, "OPENSSL_INIT: ossl_init_ssl_base: "
107		"SSL_add_ssl_module()\n");
108		#endif
109		/*
110		* We ignore an error return here. Not much we can do - but not that bad
111		* either. We can still safely continue.
112		*/
113	2	OPENSSL_atexit(ssl_library_stop);
114	2	ssl_base_inited = 1;
115	2	return 1;
116	2	}
117
118		static CRYPTO_ONCE ssl_strings = CRYPTO_ONCE_STATIC_INIT;
119		static int ssl_strings_inited = 0;
120		DEFINE_RUN_ONCE_STATIC(ossl_init_load_ssl_strings)
121	2	{
122		/*
123		* OPENSSL_NO_AUTOERRINIT is provided here to prevent at compile time
124		* pulling in all the error strings during static linking
125		*/
126	2	#if !defined(OPENSSL_NO_ERR) && !defined(OPENSSL_NO_AUTOERRINIT)
127		# ifdef OPENSSL_INIT_DEBUG
128		fprintf(stderr, "OPENSSL_INIT: ossl_init_load_ssl_strings: "
129		"ERR_load_SSL_strings()\n");
130		# endif
131	2	ERR_load_SSL_strings();
132	2	ssl_strings_inited = 1;
133	2	#endif
134	2	return 1;
135	2	}
136
137		DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_load_ssl_strings,
138		ossl_init_load_ssl_strings)
139	0	{
140		/* Do nothing in this case */
141	0	return 1;
142	0	}
143
144		static void ssl_library_stop(void)
145	2	{
146		/* Might be explicitly called and also by atexit */
147	2	if (stopped)
148	0	return;
149	2	stopped = 1;
150
151	2	if (ssl_base_inited) {
152		#ifndef OPENSSL_NO_COMP
153		# ifdef OPENSSL_INIT_DEBUG
154		fprintf(stderr, "OPENSSL_INIT: ssl_library_stop: "
155		"ssl_comp_free_compression_methods_int()\n");
156		# endif
157		ssl_comp_free_compression_methods_int();
158		#endif
159	2	}
160
161	2	if (ssl_strings_inited) {
162		#ifdef OPENSSL_INIT_DEBUG
163		fprintf(stderr, "OPENSSL_INIT: ssl_library_stop: "
164		"err_free_strings_int()\n");
165		#endif
166		/*
167		* If both crypto and ssl error strings are inited we will end up
168		* calling err_free_strings_int() twice - but that's ok. The second
169		* time will be a no-op. It's easier to do that than to try and track
170		* between the two libraries whether they have both been inited.
171		*/
172	2	err_free_strings_int();
173	2	}
174	2	}
175
176		/*
177		* If this function is called with a non NULL settings value then it must be
178		* called prior to any threads making calls to any OpenSSL functions,
179		* i.e. passing a non-null settings value is assumed to be single-threaded.
180		*/
181		int OPENSSL_init_ssl(uint64_t opts, const OPENSSL_INIT_SETTINGS * settings)
182	131k	{
183	131k	static int stoperrset = 0;
184
185	131k	if (stopped) {
186	0	if (!stoperrset) {
187		/*
188		* We only ever set this once to avoid getting into an infinite
189		* loop where the error system keeps trying to init and fails so
190		* sets an error etc
191		*/
192	0	stoperrset = 1;
193	0	SSLerr(SSL_F_OPENSSL_INIT_SSL, ERR_R_INIT_FAIL);
194	0	}
195	0	return 0;
196	0	}
197
198	131k	opts \|= OPENSSL_INIT_ADD_ALL_CIPHERS
199	131k	\| OPENSSL_INIT_ADD_ALL_DIGESTS;
200	131k	#ifndef OPENSSL_NO_AUTOLOAD_CONFIG
201	131k	if ((opts & OPENSSL_INIT_NO_LOAD_CONFIG) == 0)
202	131k	opts \|= OPENSSL_INIT_LOAD_CONFIG;
203	131k	#endif
204
205	131k	if (!OPENSSL_init_crypto(opts, settings))
206	0	return 0;
207
208	131k	if (!RUN_ONCE(&ssl_base, ossl_init_ssl_base))
209	0	return 0;
210
211	131k	if ((opts & OPENSSL_INIT_NO_LOAD_SSL_STRINGS)
212	131k	&& !RUN_ONCE_ALT(&ssl_strings, ossl_init_no_load_ssl_strings,
213	131k	ossl_init_load_ssl_strings))
214	0	return 0;
215
216	131k	if ((opts & OPENSSL_INIT_LOAD_SSL_STRINGS)
217	131k	&& !RUN_ONCE(&ssl_strings, ossl_init_load_ssl_strings))
218	0	return 0;
219
220	131k	return 1;
221	131k	}