diff options
| author |   jsing <jsing@openbsd.org> | 2018-03-19 16:34:47 +0000 |
|---|---|---|
| committer | jsing <jsing@openbsd.org> | 2018-03-19 16:34:47 +0000 |
| commit | b9573a74af9f34d4eb2bda625e3f663704431e4b (patch) | |
| tree | c2bd73f2a4362b8051a03e1bffe632d404fd4388 | |
| parent | Disallow "++minutes". (diff) | |
| download | wireguard-openbsd-b9573a74af9f34d4eb2bda625e3f663704431e4b.tar.xz wireguard-openbsd-b9573a74af9f34d4eb2bda625e3f663704431e4b.zip | |
Automatically handle library initialisation for libtls.
Now that we have tls_init() under pthread_once(), automatically initialise
libtls from the entry point functions (tls_config(), tls_client() and
tls_server()) - this makes an explicit tls_init() call no longer a
requirement.
ok bcook@ beck@ inoguchi@
| -rw-r--r-- | lib/libtls/man/tls_init.3 | 7 | ||||
| -rw-r--r-- | lib/libtls/tls.c | 5 | ||||
| -rw-r--r-- | lib/libtls/tls_client.c | 5 | ||||
| -rw-r--r-- | lib/libtls/tls_config.c | 13 | ||||
| -rw-r--r-- | lib/libtls/tls_internal.h | 4 | ||||
| -rw-r--r-- | lib/libtls/tls_server.c | 5 |
6 files changed, 28 insertions, 11 deletions
diff --git a/lib/libtls/man/tls_init.3 b/lib/libtls/man/tls_init.3 index dfafa612c19..f5f63fa3267 100644 --- a/lib/libtls/man/tls_init.3 +++ b/lib/libtls/man/tls_init.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: tls_init.3,v 1.10 2018/03/08 16:12:00 beck Exp $ +.\" $OpenBSD: tls_init.3,v 1.11 2018/03/19 16:34:47 jsing Exp $ .\" .\" Copyright (c) 2014 Ted Unangst <tedu@openbsd.org> .\" Copyright (c) 2016 Joel Sing <jsing@openbsd.org> @@ -16,7 +16,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: March 8 2018 $ +.Dd $Mdocdate: March 19 2018 $ .Dt TLS_INIT 3 .Os .Sh NAME @@ -45,7 +45,8 @@ Both clients and servers are supported. The .Fn tls_init function initializes global data structures. -It should be called once before any other functions. +It may be called once before any other functions, however this is no +longer necessary since it will be handled internally on demand. It may be called more than once, and may be called concurrently. .Pp Before a connection is created, a configuration must be created. diff --git a/lib/libtls/tls.c b/lib/libtls/tls.c index e7a485bcec8..467db164d5d 100644 --- a/lib/libtls/tls.c +++ b/lib/libtls/tls.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls.c,v 1.78 2018/03/08 16:12:00 beck Exp $ */ +/* $OpenBSD: tls.c,v 1.79 2018/03/19 16:34:47 jsing Exp $ */ /* * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> * @@ -47,13 +47,12 @@ tls_do_init(void) if (BIO_sock_init() != 1) return; - if ((tls_config_default = tls_config_new()) == NULL) + if ((tls_config_default = tls_config_new_internal()) == NULL) return; tls_config_default->refcount++; tls_init_rv = 0; - return; } int diff --git a/lib/libtls/tls_client.c b/lib/libtls/tls_client.c index 14c716fa171..04e44020ef4 100644 --- a/lib/libtls/tls_client.c +++ b/lib/libtls/tls_client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls_client.c,v 1.44 2018/02/10 04:41:24 jsing Exp $ */ +/* $OpenBSD: tls_client.c,v 1.45 2018/03/19 16:34:47 jsing Exp $ */ /* * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> * @@ -38,6 +38,9 @@ tls_client(void) { struct tls *ctx; + if (tls_init() == -1) + return (NULL); + if ((ctx = tls_new()) == NULL) return (NULL); diff --git a/lib/libtls/tls_config.c b/lib/libtls/tls_config.c index 2dab4fc7d86..02f2b3c6e92 100644 --- a/lib/libtls/tls_config.c +++ b/lib/libtls/tls_config.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls_config.c,v 1.49 2018/02/10 04:57:35 jsing Exp $ */ +/* $OpenBSD: tls_config.c,v 1.50 2018/03/19 16:34:47 jsing Exp $ */ /* * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> * @@ -77,7 +77,7 @@ tls_config_load_file(struct tls_error *error, const char *filetype, } struct tls_config * -tls_config_new(void) +tls_config_new_internal(void) { struct tls_config *config; unsigned char sid[TLS_MAX_SESSION_ID_LENGTH]; @@ -128,6 +128,15 @@ tls_config_new(void) return (NULL); } +struct tls_config * +tls_config_new(void) +{ + if (tls_init() == -1) + return (NULL); + + return tls_config_new_internal(); +} + void tls_config_free(struct tls_config *config) { diff --git a/lib/libtls/tls_internal.h b/lib/libtls/tls_internal.h index f8b9e6118e5..0d7e2289d39 100644 --- a/lib/libtls/tls_internal.h +++ b/lib/libtls/tls_internal.h @@ -1,4 +1,4 @@ -/* $OpenBSD: tls_internal.h,v 1.70 2018/02/10 04:57:35 jsing Exp $ */ +/* $OpenBSD: tls_internal.h,v 1.71 2018/03/19 16:34:47 jsing Exp $ */ /* * Copyright (c) 2014 Jeremie Courreges-Anglas <jca@openbsd.org> * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> @@ -219,6 +219,8 @@ int tls_keypair_load_cert(struct tls_keypair *_keypair, struct tls_sni_ctx *tls_sni_ctx_new(void); void tls_sni_ctx_free(struct tls_sni_ctx *sni_ctx); +struct tls_config *tls_config_new_internal(void); + struct tls *tls_new(void); struct tls *tls_server_conn(struct tls *ctx); diff --git a/lib/libtls/tls_server.c b/lib/libtls/tls_server.c index 98b09574371..44bef6bb11d 100644 --- a/lib/libtls/tls_server.c +++ b/lib/libtls/tls_server.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls_server.c,v 1.43 2018/02/08 05:56:49 jsing Exp $ */ +/* $OpenBSD: tls_server.c,v 1.44 2018/03/19 16:34:47 jsing Exp $ */ /* * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> * @@ -31,6 +31,9 @@ tls_server(void) { struct tls *ctx; + if (tls_init() == -1) + return (NULL); + if ((ctx = tls_new()) == NULL) return (NULL); |