Unify crypto module initialization functions

Taken from Fabio M. Di Nitto.
kronosnet · Nov 30, 2017 · effdb3a · effdb3a
1 parent 5712304
commit effdb3a
Show file tree

Hide file tree

Showing 3 changed files with 40 additions and 53 deletions.
diff --git a/libknet/common.c b/libknet/common.c
@@ -191,9 +191,6 @@ int load_crypto_lib(knet_handle_t knet_h, crypto_model_t *model)
 		errno = EINVAL;
 		return -1;
 	}
-	if (module_cmds->load_lib && (*module_cmds->load_lib)(knet_h)) {
-		return -1;
-	}
 	model->init = module_cmds->init;
 	model->fini = module_cmds->fini;
 	model->crypt = module_cmds->crypt;

diff --git a/libknet/crypto_nss.c b/libknet/crypto_nss.c
@@ -26,7 +26,6 @@
 #include "logging.h"
 
 static int nss_db_is_init = 0;
-static int at_exit_registered = 0;
 
 static void nss_atexit_handler(void)
 {
@@ -40,30 +39,6 @@ static void nss_atexit_handler(void)
 	return;
 }
 
-static int nsscrypto_load_lib(
-	knet_handle_t knet_h)
-{
-	if (!at_exit_registered) {
-		if (atexit(nss_atexit_handler)) {
-			log_err(knet_h, KNET_SUB_NSSCRYPTO, "Unable to register NSS atexit handler");
-			errno = EAGAIN;
-			return -1;
-		}
-		at_exit_registered = 1;
-	}
-
-	if (!nss_db_is_init) {
-		if (NSS_NoDB_Init(".") != SECSuccess) {
-			log_err(knet_h, KNET_SUB_NSSCRYPTO, "NSS DB initialization failed (err %d): %s",
-				PR_GetError(), PR_ErrorToString(PR_GetError(), PR_LANGUAGE_I_DEFAULT));
-			errno = EAGAIN;
-			return -1;
-		}
-		nss_db_is_init = 1;
-	}
-	return 0;
-}
-
 /*
  * crypto definitions and conversion tables
  */
@@ -597,6 +572,27 @@ static int calculate_nss_hash(
 
 static int init_nss(knet_handle_t knet_h)
 {
+	static int at_exit_registered = 0;
+
+	if (!at_exit_registered) {
+		if (atexit(nss_atexit_handler)) {
+			log_err(knet_h, KNET_SUB_NSSCRYPTO, "Unable to register NSS atexit handler");
+			errno = EAGAIN;
+			return -1;
+		}
+		at_exit_registered = 1;
+	}
+
+	if (!nss_db_is_init) {
+		if (NSS_NoDB_Init(".") != SECSuccess) {
+			log_err(knet_h, KNET_SUB_NSSCRYPTO, "NSS DB initialization failed (err %d): %s",
+				PR_GetError(), PR_ErrorToString(PR_GetError(), PR_LANGUAGE_I_DEFAULT));
+			errno = EAGAIN;
+			return -1;
+		}
+		nss_db_is_init = 1;
+	}
+
 	if (init_nss_crypto(knet_h) < 0) {
 		return -1;
 	}
@@ -804,4 +800,4 @@ static int nsscrypto_init(
 	return -1;
 }
 
-crypto_model_t crypto_model = { "", 0, nsscrypto_load_lib, 0, nsscrypto_init, nsscrypto_fini, nsscrypto_encrypt_and_sign, nsscrypto_encrypt_and_signv, nsscrypto_authenticate_and_decrypt };
+crypto_model_t crypto_model = { "", 0, NULL, 0, nsscrypto_init, nsscrypto_fini, nsscrypto_encrypt_and_sign, nsscrypto_encrypt_and_signv, nsscrypto_authenticate_and_decrypt };
diff --git a/libknet/crypto_openssl.c b/libknet/crypto_openssl.c
@@ -27,29 +27,6 @@
  */
 #define SSLERR_BUF_SIZE 512
 
-static int openssl_is_init = 0;
-
-static int opensslcrypto_load_lib(
-	knet_handle_t knet_h)
-{
-	if (!openssl_is_init) {
-#ifdef BUILDCRYPTOOPENSSL10
-		ERR_load_crypto_strings();
-		OPENSSL_add_all_algorithms_noconf();
-#endif
-#ifdef BUILDCRYPTOOPENSSL11
-		if (!OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \
-					 | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL)) {
-			log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "Unable to init openssl");
-			errno = EAGAIN;
-			return -1;
-		}
-#endif
-		openssl_is_init = 1;
-	}
-	return 0;
-}
-
 /*
  * crypto definitions and conversion tables
  */
@@ -440,13 +417,30 @@ static int opensslcrypto_init(
 	knet_handle_t knet_h,
 	struct knet_handle_crypto_cfg *knet_handle_crypto_cfg)
 {
+	static int openssl_is_init = 0;
 	struct opensslcrypto_instance *opensslcrypto_instance = NULL;
 
 	log_debug(knet_h, KNET_SUB_OPENSSLCRYPTO,
 		  "Initizializing openssl crypto module [%s/%s]",
 		  knet_handle_crypto_cfg->crypto_cipher_type,
 		  knet_handle_crypto_cfg->crypto_hash_type);
 
+	if (!openssl_is_init) {
+#ifdef BUILDCRYPTOOPENSSL10
+		ERR_load_crypto_strings();
+		OPENSSL_add_all_algorithms_noconf();
+#endif
+#ifdef BUILDCRYPTOOPENSSL11
+		if (!OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \
+					 | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL)) {
+			log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "Unable to init openssl");
+			errno = EAGAIN;
+			return -1;
+		}
+#endif
+		openssl_is_init = 1;
+	}
+
 	knet_h->crypto_instance->model_instance = malloc(sizeof(struct opensslcrypto_instance));
 	if (!knet_h->crypto_instance->model_instance) {
 		log_err(knet_h, KNET_SUB_OPENSSLCRYPTO, "Unable to allocate memory for openssl model instance");
@@ -520,4 +514,4 @@ static int opensslcrypto_init(
 	return -1;
 }
 
-crypto_model_t crypto_model = { "", 0, opensslcrypto_load_lib, 0, opensslcrypto_init, opensslcrypto_fini, opensslcrypto_encrypt_and_sign, opensslcrypto_encrypt_and_signv, opensslcrypto_authenticate_and_decrypt };
+crypto_model_t crypto_model = { "", 0, NULL, 0, opensslcrypto_init, opensslcrypto_fini, opensslcrypto_encrypt_and_sign, opensslcrypto_encrypt_and_signv, opensslcrypto_authenticate_and_decrypt };