Move OpenSSL calls out from the generic crypto layer and into the
OpenSSL specific layer. Also don't load all algortihms if SSL
isn't enabled.
Error strings will also not be loaded into memory if ENABLE_SMALL
is configured.
Signed-off-by: Igor Novgorodov <igor@novg.net>
Acked-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: David Sommerseth <davids@redhat.com>
Signed-off-by: David Sommerseth <davids@redhat.com>
... | ... |
@@ -1384,8 +1384,6 @@ get_random() |
1384 | 1384 |
void |
1385 | 1385 |
init_ssl_lib (void) |
1386 | 1386 |
{ |
1387 |
- ERR_load_crypto_strings (); |
|
1388 |
- OpenSSL_add_all_algorithms (); |
|
1389 | 1387 |
crypto_init_lib (); |
1390 | 1388 |
} |
1391 | 1389 |
|
... | ... |
@@ -1394,8 +1392,6 @@ free_ssl_lib (void) |
1394 | 1394 |
{ |
1395 | 1395 |
crypto_uninit_lib (); |
1396 | 1396 |
prng_uninit(); |
1397 |
- EVP_cleanup (); |
|
1398 |
- ERR_free_strings (); |
|
1399 | 1397 |
} |
1400 | 1398 |
|
1401 | 1399 |
#endif /* ENABLE_SSL */ |
... | ... |
@@ -194,11 +194,19 @@ crypto_init_lib_engine (const char *engine_name) |
194 | 194 |
void |
195 | 195 |
crypto_init_lib (void) |
196 | 196 |
{ |
197 |
+#ifndef USE_SSL |
|
198 |
+#ifndef ENABLE_SMALL |
|
199 |
+ ERR_load_crypto_strings (); |
|
200 |
+#endif |
|
201 |
+ OpenSSL_add_all_algorithms (); |
|
202 |
+#endif |
|
203 |
+ |
|
197 | 204 |
/* |
198 | 205 |
* If you build the OpenSSL library and OpenVPN with |
199 | 206 |
* CRYPTO_MDEBUG, you will get a listing of OpenSSL |
200 | 207 |
* memory leaks on program termination. |
201 | 208 |
*/ |
209 |
+ |
|
202 | 210 |
#ifdef CRYPTO_MDEBUG |
203 | 211 |
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); |
204 | 212 |
#endif |
... | ... |
@@ -207,6 +215,13 @@ crypto_init_lib (void) |
207 | 207 |
void |
208 | 208 |
crypto_uninit_lib (void) |
209 | 209 |
{ |
210 |
+#ifndef USE_SSL |
|
211 |
+ EVP_cleanup (); |
|
212 |
+#ifndef ENABLE_SMALL |
|
213 |
+ ERR_free_strings (); |
|
214 |
+#endif |
|
215 |
+#endif |
|
216 |
+ |
|
210 | 217 |
#ifdef CRYPTO_MDEBUG |
211 | 218 |
FILE* fp = fopen ("sdlog", "w"); |
212 | 219 |
ASSERT (fp); |
... | ... |
@@ -69,7 +69,9 @@ void |
69 | 69 |
tls_init_lib() |
70 | 70 |
{ |
71 | 71 |
SSL_library_init(); |
72 |
+#ifndef ENABLE_SMALL |
|
72 | 73 |
SSL_load_error_strings(); |
74 |
+#endif |
|
73 | 75 |
OpenSSL_add_all_algorithms (); |
74 | 76 |
|
75 | 77 |
mydata_index = SSL_get_ex_new_index(0, "struct session *", NULL, NULL, NULL); |
... | ... |
@@ -80,7 +82,9 @@ void |
80 | 80 |
tls_free_lib() |
81 | 81 |
{ |
82 | 82 |
EVP_cleanup(); |
83 |
+#ifndef ENABLE_SMALL |
|
83 | 84 |
ERR_free_strings(); |
85 |
+#endif |
|
84 | 86 |
} |
85 | 87 |
|
86 | 88 |
void |