www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-08 15:02:10 +03:00
Code Activity

mod_ssl: Minor cleanup to avoid defining init handling functions for

Browse Source 
pre-1.1 builds where they are noops or unused.  No functional change
(intended).

* modules/ssl/mod_ssl.c: Define NEED_MANUAL_OPENSSL_INIT for builds
  where pre-1.1 OpenSSL needs "manual" initialization/cleanup.  Only
  define modssl_running_statically for this case (otherwise it is set
  and never read).
  (modssl_is_prelinked): Only define for NEED_MANUAL_OPENSSL_INIT.
  (ssl_cleanup_pre_config): Only define for NEED_MANUAL_OPENSSL_INIT;
  otherwise it is a noop returning APR_SUCCESS;
  (ssl_hook_pre_config): Only install the cleanup and initialize
  modssl_is_prelinked for NEED_MANUAL_OPENSSL_INIT build.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1877440 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Joe Orton
2020-05-06 15:30:14 +00:00
parent b8155f30da
commit cac14a0f34
1 changed files with 21 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
modules/ssl/mod_ssl.c
View File

@@ -40,7 +40,18 @@
#include <valgrind.h> #include <valgrind.h>
int ssl_running_on_valgrind = 0; int ssl_running_on_valgrind = 0;
#endif #endif
#if HAVE_OPENSSL_INIT_SSL || (OPENSSL_VERSION_NUMBER >= 0x10100000L && \
!defined(LIBRESSL_VERSION_NUMBER))
/* Openssl v1.1+ handles all termination automatically from
* OPENSSL_init_ssl(). No manual initialization is required. */
#else
/* For older OpenSSL releases, "manual" initialization and cleanup are
* required. */
#define NEED_MANUAL_OPENSSL_INIT
/* Will be set to true if mod_ssl is built statically into httpd. */
static int modssl_running_statically = 0; static int modssl_running_statically = 0;
#endif
APR_IMPLEMENT_OPTIONAL_HOOK_RUN_ALL(ssl, SSL, int, pre_handshake, APR_IMPLEMENT_OPTIONAL_HOOK_RUN_ALL(ssl, SSL, int, pre_handshake,
(conn_rec *c,SSL *ssl,int is_proxy), (conn_rec *c,SSL *ssl,int is_proxy),
@@ -317,9 +328,7 @@ static const command_rec ssl_config_cmds[] = {
AP_END_CMD AP_END_CMD
}; };
/* #ifdef NEED_MANUAL_OPENSSL_INIT
* the various processing hooks
*/
static int modssl_is_prelinked(void) static int modssl_is_prelinked(void)
{ {
apr_size_t i = 0; apr_size_t i = 0;
@@ -332,19 +341,10 @@ static int modssl_is_prelinked(void)
return 0; return 0;
} }
/* Termination below is for legacy Openssl versions v1.0.x and
* older. */
static apr_status_t ssl_cleanup_pre_config(void *data) static apr_status_t ssl_cleanup_pre_config(void *data)
{ {
#if HAVE_OPENSSL_INIT_SSL || (OPENSSL_VERSION_NUMBER >= 0x10100000L && \
!defined(LIBRESSL_VERSION_NUMBER))
/* Openssl v1.1+ handles all termination automatically from
* OPENSSL_init_ssl(). Do nothing in this case.
*/
#else
/* Termination below is for legacy Openssl versions v1.0.x and
* older.
*/
/* Corresponds to OBJ_create()s */ /* Corresponds to OBJ_create()s */
OBJ_cleanup(); OBJ_cleanup();
/* Corresponds to OPENSSL_load_builtin_modules() */ /* Corresponds to OPENSSL_load_builtin_modules() */
@@ -384,7 +384,6 @@ static apr_status_t ssl_cleanup_pre_config(void *data)
if (!modssl_running_statically) { if (!modssl_running_statically) {
CRYPTO_cleanup_all_ex_data(); CRYPTO_cleanup_all_ex_data();
} }
#endif
/* /*
* TODO: determine somewhere we can safely shove out diagnostics * TODO: determine somewhere we can safely shove out diagnostics
@@ -394,6 +393,7 @@ static apr_status_t ssl_cleanup_pre_config(void *data)
return APR_SUCCESS; return APR_SUCCESS;
} }
#endif /* NEED_MANUAL_OPENSSL_INIT */
static int ssl_hook_pre_config(apr_pool_t *pconf, static int ssl_hook_pre_config(apr_pool_t *pconf,
apr_pool_t *plog, apr_pool_t *plog,
@@ -402,10 +402,8 @@ static int ssl_hook_pre_config(apr_pool_t *pconf,
#if HAVE_VALGRIND #if HAVE_VALGRIND
ssl_running_on_valgrind = RUNNING_ON_VALGRIND; ssl_running_on_valgrind = RUNNING_ON_VALGRIND;
#endif #endif
modssl_running_statically = modssl_is_prelinked();
#if HAVE_OPENSSL_INIT_SSL || (OPENSSL_VERSION_NUMBER >= 0x10100000L && \ #ifndef NEED_MANUAL_OPENSSL_INIT
!defined(LIBRESSL_VERSION_NUMBER))
/* Openssl v1.1+ handles all initialisation automatically, apart /* Openssl v1.1+ handles all initialisation automatically, apart
* from hints as to how we want to use the library. * from hints as to how we want to use the library.
* *
@@ -417,6 +415,7 @@ static int ssl_hook_pre_config(apr_pool_t *pconf,
/* Configuration below is for legacy versions Openssl v1.0 and /* Configuration below is for legacy versions Openssl v1.0 and
* older. * older.
*/ */
modssl_running_statically = modssl_is_prelinked();
#if APR_HAS_THREADS && MODSSL_USE_OPENSSL_PRE_1_1_API #if APR_HAS_THREADS && MODSSL_USE_OPENSSL_PRE_1_1_API
ssl_util_thread_id_setup(pconf); ssl_util_thread_id_setup(pconf);
@@ -434,7 +433,7 @@ static int ssl_hook_pre_config(apr_pool_t *pconf,
#endif #endif
OpenSSL_add_all_algorithms(); OpenSSL_add_all_algorithms();
OPENSSL_load_builtin_modules(); OPENSSL_load_builtin_modules();
#endif #endif /* NEED_MANUAL_OPENSSL_INIT */
if (OBJ_txt2nid("id-on-dnsSRV") == NID_undef) { if (OBJ_txt2nid("id-on-dnsSRV") == NID_undef) {
(void)OBJ_create("1.3.6.1.5.5.7.8.7", "id-on-dnsSRV", (void)OBJ_create("1.3.6.1.5.5.7.8.7", "id-on-dnsSRV",
@@ -444,11 +443,14 @@ static int ssl_hook_pre_config(apr_pool_t *pconf,
/* Start w/o errors (e.g. OBJ_txt2nid() above) */ /* Start w/o errors (e.g. OBJ_txt2nid() above) */
ERR_clear_error(); ERR_clear_error();
#ifdef NEED_MANUAL_OPENSSL_INIT
/* /*
* Let us cleanup the ssl library when the module is unloaded * Let us cleanup the ssl library when the module is unloaded
*/ */
apr_pool_cleanup_register(pconf, NULL, ssl_cleanup_pre_config, apr_pool_cleanup_register(pconf, NULL, ssl_cleanup_pre_config,
apr_pool_cleanup_null); apr_pool_cleanup_null);
#endif
/* Register us to handle mod_log_config %c/%x variables */ /* Register us to handle mod_log_config %c/%x variables */
ssl_var_log_config_register(pconf); ssl_var_log_config_register(pconf);