tls: implemented tls hook for pre-mod init execution

- do openssl init at this callback (cherry picked from commit f712434)
kamailio · Jan 28, 2015 · e6eca3e · e6eca3e
1 parent 93804b6
commit e6eca3e
Show file tree

Hide file tree

Showing 3 changed files with 44 additions and 7 deletions.
diff --git a/modules/tls/tls_init.c b/modules/tls/tls_init.c
@@ -61,6 +61,7 @@
 #include "tls_cfg.h"
 
 /* will be set to 1 when the TLS env is initialized to make destroy safe */
+static int tls_mod_preinitialized = 0;
 static int tls_mod_initialized = 0;
 
 #if OPENSSL_VERSION_NUMBER < 0x00907000L
@@ -469,6 +470,7 @@ static int init_tls_compression(void)
 
 /**
  * tls pre-init function
+ * - executed when module is loaded
  */
 int tls_pre_init(void)
 {
@@ -493,6 +495,23 @@ int tls_pre_init(void)
 	return 0;
 }
 
+/**
+ * tls mod pre-init function
+ * - executed before any mod_init()
+ */
+int tls_mod_pre_init_h(void)
+{
+	if(tls_mod_preinitialized==1) {
+		LM_DBG("already mod pre-initialized\n");
+		return 0;
+	}
+	DBG("============= :preparing tls env for modules initialization\n");
+	SSL_library_init();
+	SSL_load_error_strings();
+	tls_mod_preinitialized=1;
+	return 0;
+}
+
 /*
  * First step of TLS initialization
  */
@@ -511,6 +530,12 @@ int init_tls_h(void)
 	str s;
 	cfg_ctx_t* cfg_ctx;
 
+	if(tls_mod_initialized == 1) {
+		LM_DBG("already initialized\n");
+		return 0;
+	}
+	DBG("initializing tls system\n");
+
 #if OPENSSL_VERSION_NUMBER < 0x00907000L
 	WARN("You are using an old version of OpenSSL (< 0.9.7). Upgrade!\n");
 #endif
@@ -657,8 +682,6 @@ int init_tls_h(void)
 		}
 	}
 
-	SSL_library_init();
-	SSL_load_error_strings();
 	init_ssl_methods();
 	tls_mod_initialized = 1;
 	return 0;
@@ -693,7 +716,7 @@ int tls_check_sockets(tls_domains_cfg_t* cfg)
 void destroy_tls_h(void)
 {
 	DBG("tls module final tls destroy\n");
-	if(tls_mod_initialized > 0)
+	if(tls_mod_preinitialized > 0)
 		ERR_free_strings();
 	/* TODO: free all the ctx'es */
 	tls_destroy_cfg();

diff --git a/modules/tls/tls_init.h b/modules/tls/tls_init.h
@@ -52,8 +52,13 @@ extern const SSL_METHOD* ssl_methods[];
  */
 int tls_pre_init(void);
 
+/**
+ * just once, prepare for init of all modules
+ */
+int tls_mod_pre_init_h(void);
+
 /*
- * just once, initialize the tls subsystem 
+ * just once, initialize the tls subsystem after all mod inits
  */
 int init_tls_h(void);
 

diff --git a/modules/tls/tls_mod.c b/modules/tls/tls_mod.c
@@ -231,7 +231,8 @@ static struct tls_hooks tls_h = {
 	tls_h_close,
 	tls_h_init_si,
 	init_tls_h,
-	destroy_tls_h
+	destroy_tls_h,
+	tls_mod_pre_init_h,
 };
 
 
@@ -253,12 +254,21 @@ static tls_domains_cfg_t* tls_use_modparams(void)
 
 int mod_register(char *path, int *dlflags, void *p1, void *p2)
 {
+	if (tls_disable) {
+		LOG(L_WARN, "tls support is disabled "
+				"(set enable_tls=1 in the config to enable it)\n");
+		return 0;
+	}
+
 	/* shm is used, be sure it is initialized */
 	if(!shm_initialized() && init_shm()<0)
 		return -1;
 
 	if(tls_pre_init()<0)
 		return -1;
+
+	register_tls_hooks(&tls_h);
+
 	return 0;
 }
 
@@ -267,7 +277,7 @@ static int mod_init(void)
 	int method;
 
 	if (tls_disable){
-		LOG(L_WARN, "WARNING: tls: mod_init: tls support is disabled "
+		LOG(L_WARN, "tls support is disabled "
 				"(set enable_tls=1 in the config to enable it)\n");
 		return 0;
 	}
@@ -306,7 +316,6 @@ static int mod_init(void)
 	}
 	*tls_domains_cfg = NULL;
 
-	register_tls_hooks(&tls_h);
 	register_select_table(tls_sel);
 	/* register the rpc interface */
 	if (rpc_register_array(tls_rpc)!=0) {