Asterisk - The Open Source Telephony Project  21.4.1
Macros | Functions | Variables
libasteriskssl.c File Reference

Common OpenSSL support code. More...

#include "asterisk.h"
#include "asterisk/_private.h"
#include <openssl/opensslv.h>
#include <dlfcn.h>
#include <openssl/crypto.h>
#include <openssl/err.h>
#include <openssl/ssl.h>
#include <pthread.h>
#include "asterisk/lock.h"
#include "asterisk/logger.h"
#include "asterisk/utils.h"

Go to the source code of this file.

Macros

#define get_OpenSSL_function(func)   do { real_##func = dlsym(RTLD_NEXT, __stringify(func)); } while(0)
 

Functions

int ast_ssl_init (void)
 
void CRYPTO_set_id_callback (unsigned long(*func)(void))
 
void CRYPTO_set_locking_callback (void(*func)(int mode, int type, const char *file, int line))
 
void ERR_free_strings (void)
 
int SSL_library_init (void)
 
void SSL_load_error_strings (void)
 
static void ssl_lock (int mode, int n, const char *file, int line)
 
static unsigned long ssl_threadid (void)
 

Variables

static ast_mutex_tssl_locks
 
static int ssl_num_locks
 
static int startup_complete
 

Detailed Description

Common OpenSSL support code.

Author
Russell Bryant russe.nosp@m.ll@d.nosp@m.igium.nosp@m..com

Definition in file libasteriskssl.c.

Function Documentation

int ast_ssl_init ( void  )

Provided by ssl.c

Definition at line 130 of file libasteriskssl.c.

References ast_calloc, and ast_debug.

131 {
132  unsigned int i;
133  int (*real_SSL_library_init)(void);
134 #if OPENSSL_VERSION_NUMBER < 0x10000000L
135  void (*real_CRYPTO_set_id_callback)(unsigned long (*)(void));
136 #endif
137  void (*real_CRYPTO_set_locking_callback)(void (*)(int, int, const char *, int));
138  void (*real_SSL_load_error_strings)(void);
139  const char *errstr;
140 
141  /* clear any previous dynamic linker errors */
142  dlerror();
143  get_OpenSSL_function(SSL_library_init);
144  if ((errstr = dlerror()) != NULL) {
145  ast_debug(1, "unable to get real address of SSL_library_init: %s\n", errstr);
146  /* there is no way to continue in this situation... SSL will
147  * likely be broken in this process
148  */
149  return -1;
150  } else {
151  real_SSL_library_init();
152  }
153 
154  /* Make OpenSSL usage thread-safe. */
155 
156 #if OPENSSL_VERSION_NUMBER < 0x10000000L
157  dlerror();
158  get_OpenSSL_function(CRYPTO_set_id_callback);
159  if ((errstr = dlerror()) != NULL) {
160  ast_debug(1, "unable to get real address of CRYPTO_set_id_callback: %s\n", errstr);
161  /* there is no way to continue in this situation... SSL will
162  * likely be broken in this process
163  */
164  return -1;
165  } else {
166  real_CRYPTO_set_id_callback(ssl_threadid);
167  }
168 #endif
169 
170  dlerror();
171  get_OpenSSL_function(CRYPTO_set_locking_callback);
172  if ((errstr = dlerror()) != NULL) {
173  ast_debug(1, "unable to get real address of CRYPTO_set_locking_callback: %s\n", errstr);
174  /* there is no way to continue in this situation... SSL will
175  * likely be broken in this process
176  */
177  return -1;
178  } else {
179  ssl_num_locks = CRYPTO_num_locks();
180  if (!(ssl_locks = ast_calloc(ssl_num_locks, sizeof(ssl_locks[0])))) {
181  return -1;
182  }
183  for (i = 0; i < ssl_num_locks; i++) {
184  ast_mutex_init(&ssl_locks[i]);
185  }
186  real_CRYPTO_set_locking_callback(ssl_lock);
187  }
188 
189  /* after this point, we don't check for errors from the dlsym() calls,
190  * under the assumption that if the ones above were successful, all
191  * the rest will be too. this assumption holds as long as OpenSSL still
192  * provides all of these functions.
193  */
194 
195  get_OpenSSL_function(SSL_load_error_strings);
196  real_SSL_load_error_strings();
197 
198  startup_complete = 1;
199 
200  return 0;
201 }
#define ast_debug(level,...)
Log a DEBUG message.
#define ast_calloc(num, len)
A wrapper for calloc()
Definition: astmm.h:202