search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
vendor/BIND: Update to 9.5.2-P3
[dragonfly.git] / contrib / bind / lib / dns / openssl_link.c
blob6fe8618f4a2b9471347245965748c2552e157dd0
1 /*
2 * Portions Copyright (C) 2004-2007, 2009 Internet Systems Consortium, Inc. ("ISC")
3 * Portions Copyright (C) 1999-2003 Internet Software Consortium.
4 *
5 * Permission to use, copy, modify, and/or distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS
10 * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
11 * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE
12 * FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
15 * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 *
17 * Portions Copyright (C) 1995-2000 by Network Associates, Inc.
18 *
19 * Permission to use, copy, modify, and/or distribute this software for any
20 * purpose with or without fee is hereby granted, provided that the above
21 * copyright notice and this permission notice appear in all copies.
22 *
23 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS
24 * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
25 * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE
26 * FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
27 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
28 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
29 * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
30 */
31
32 /*
33 * Principal Author: Brian Wellington
34 * $Id: openssl_link.c,v 1.16.92.2 2009/02/11 23:46:41 tbox Exp $
35 */
36 #ifdef OPENSSL
37
38 #include <config.h>
39
40 #include <isc/entropy.h>
41 #include <isc/mem.h>
42 #include <isc/mutex.h>
43 #include <isc/mutexblock.h>
44 #include <isc/string.h>
45 #include <isc/thread.h>
46 #include <isc/util.h>
47
48 #include "dst_internal.h"
49 #include "dst_openssl.h"
50
51 #include <openssl/err.h>
52 #include <openssl/rand.h>
53 #include <openssl/evp.h>
54 #include <openssl/conf.h>
55 #include <openssl/crypto.h>
56
57 #if defined(CRYPTO_LOCK_ENGINE) && (OPENSSL_VERSION_NUMBER != 0x00907000L)
58 #define USE_ENGINE 1
59 #endif
60
61 #ifdef USE_ENGINE
62 #include <openssl/engine.h>
63 #endif
64
65 static RAND_METHOD *rm = NULL;
66
67 static isc_mutex_t *locks = NULL;
68 static int nlocks;
69
70 #ifdef USE_ENGINE
71 static ENGINE *e;
72 #endif
73
74 static int
75 entropy_get(unsigned char *buf, int num) {
76 isc_result_t result;
77 if (num < 0)
78 return (-1);
79 result = dst__entropy_getdata(buf, (unsigned int) num, ISC_FALSE);
80 return (result == ISC_R_SUCCESS ? num : -1);
81 }
82
83 static int
84 entropy_status(void) {
85 return (dst__entropy_status() > 32);
86 }
87
88 static int
89 entropy_getpseudo(unsigned char *buf, int num) {
90 isc_result_t result;
91 if (num < 0)
92 return (-1);
93 result = dst__entropy_getdata(buf, (unsigned int) num, ISC_TRUE);
94 return (result == ISC_R_SUCCESS ? num : -1);
95 }
96
97 static void
98 entropy_add(const void *buf, int num, double entropy) {
99 /*
100 * Do nothing. The only call to this provides no useful data anyway.
101 */
102 UNUSED(buf);
103 UNUSED(num);
104 UNUSED(entropy);
105 }
106
107 static void
108 lock_callback(int mode, int type, const char *file, int line) {
109 UNUSED(file);
110 UNUSED(line);
111 if ((mode & CRYPTO_LOCK) != 0)
112 LOCK(&locks[type]);
113 else
114 UNLOCK(&locks[type]);
115 }
116
117 static unsigned long
118 id_callback(void) {
119 return ((unsigned long)isc_thread_self());
120 }
121
122 static void *
123 mem_alloc(size_t size) {
124 INSIST(dst__memory_pool != NULL);
125 return (isc_mem_allocate(dst__memory_pool, size));
126 }
127
128 static void
129 mem_free(void *ptr) {
130 INSIST(dst__memory_pool != NULL);
131 if (ptr != NULL)
132 isc_mem_free(dst__memory_pool, ptr);
133 }
134
135 static void *
136 mem_realloc(void *ptr, size_t size) {
137 INSIST(dst__memory_pool != NULL);
138 return (isc_mem_reallocate(dst__memory_pool, ptr, size));
139 }
140
141 isc_result_t
142 dst__openssl_init() {
143 isc_result_t result;
144
145 #ifdef DNS_CRYPTO_LEAKS
146 CRYPTO_malloc_debug_init();
147 CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
148 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
149 #endif
150 CRYPTO_set_mem_functions(mem_alloc, mem_realloc, mem_free);
151 nlocks = CRYPTO_num_locks();
152 locks = mem_alloc(sizeof(isc_mutex_t) * nlocks);
153 if (locks == NULL)
154 return (ISC_R_NOMEMORY);
155 result = isc_mutexblock_init(locks, nlocks);
156 if (result != ISC_R_SUCCESS)
157 goto cleanup_mutexalloc;
158 CRYPTO_set_locking_callback(lock_callback);
159 CRYPTO_set_id_callback(id_callback);
160
161 rm = mem_alloc(sizeof(RAND_METHOD));
162 if (rm == NULL) {
163 result = ISC_R_NOMEMORY;
164 goto cleanup_mutexinit;
165 }
166 rm->seed = NULL;
167 rm->bytes = entropy_get;
168 rm->cleanup = NULL;
169 rm->add = entropy_add;
170 rm->pseudorand = entropy_getpseudo;
171 rm->status = entropy_status;
172 #ifdef USE_ENGINE
173 e = ENGINE_new();
174 if (e == NULL) {
175 result = ISC_R_NOMEMORY;
176 goto cleanup_rm;
177 }
178 ENGINE_set_RAND(e, rm);
179 RAND_set_rand_method(rm);
180 #else
181 RAND_set_rand_method(rm);
182 #endif /* USE_ENGINE */
183 return (ISC_R_SUCCESS);
184
185 #ifdef USE_ENGINE
186 cleanup_rm:
187 mem_free(rm);
188 #endif
189 cleanup_mutexinit:
190 CRYPTO_set_locking_callback(NULL);
191 DESTROYMUTEXBLOCK(locks, nlocks);
192 cleanup_mutexalloc:
193 mem_free(locks);
194 return (result);
195 }
196
197 void
198 dst__openssl_destroy() {
199
200 /*
201 * Sequence taken from apps_shutdown() in <apps/apps.h>.
202 */
203 #if (OPENSSL_VERSION_NUMBER >= 0x00907000L)
204 CONF_modules_unload(1);
205 #endif
206 EVP_cleanup();
207 #if defined(USE_ENGINE) && OPENSSL_VERSION_NUMBER >= 0x00907000L
208 ENGINE_cleanup();
209 #endif
210 #if (OPENSSL_VERSION_NUMBER >= 0x00907000L)
211 CRYPTO_cleanup_all_ex_data();
212 #endif
213 ERR_clear_error();
214 ERR_free_strings();
215 ERR_remove_state(0);
216
217 #ifdef DNS_CRYPTO_LEAKS
218 CRYPTO_mem_leaks_fp(stderr);
219 #endif
220
221 #if 0
222 /*
223 * The old error sequence that leaked. Remove for 9.4.1 if
224 * there are no issues by then.
225 */
226 ERR_clear_error();
227 #ifdef USE_ENGINE
228 if (e != NULL) {
229 ENGINE_free(e);
230 e = NULL;
231 }
232 #endif
233 #endif
234 if (rm != NULL) {
235 #if OPENSSL_VERSION_NUMBER >= 0x00907000L
236 RAND_cleanup();
237 #endif
238 mem_free(rm);
239 }
240 if (locks != NULL) {
241 CRYPTO_set_locking_callback(NULL);
242 DESTROYMUTEXBLOCK(locks, nlocks);
243 mem_free(locks);
244 }
245 }
246
247 isc_result_t
248 dst__openssl_toresult(isc_result_t fallback) {
249 isc_result_t result = fallback;
250 int err = ERR_get_error();
251
252 switch (ERR_GET_REASON(err)) {
253 case ERR_R_MALLOC_FAILURE:
254 result = ISC_R_NOMEMORY;
255 break;
256 default:
257 break;
258 }
259 ERR_clear_error();
260 return (result);
261 }
262
263 #else /* OPENSSL */
264
265 #include <isc/util.h>
266
267 EMPTY_TRANSLATION_UNIT
268
269 #endif /* OPENSSL */
270 /*! \file */
DragonFly BSD