Common OpenSSL support code. More...

#include "asterisk.h"
#include "asterisk/_private.h"
#include <openssl/opensslv.h>
#include <dlfcn.h>
#include <openssl/crypto.h>
#include <openssl/err.h>
#include <openssl/ssl.h>
#include <pthread.h>
#include "asterisk/lock.h"
#include "asterisk/logger.h"
#include "asterisk/utils.h"

Include dependency graph for libasteriskssl.c:

Go to the source code of this file.

Macros
#define	get_OpenSSL_function(func) do { real_##func = dlsym(RTLD_NEXT, __stringify(func)); } while(0)

Functions
int	ast_ssl_init (void)

void	CRYPTO_set_id_callback (unsigned long(*func)(void))

void	CRYPTO_set_locking_callback (void(func)(int mode, int type, const char file, int line))

void	ERR_free_strings (void)

int	SSL_library_init (void)

void	SSL_load_error_strings (void)

static void	ssl_lock (int mode, int n, const char *file, int line)

static unsigned long	ssl_threadid (void)

Variables
static ast_mutex_t *	ssl_locks

static int	ssl_num_locks

static int	startup_complete

Detailed Description

Common OpenSSL support code.

Author: Russell Bryant russe.nosp@m.ll@d.nosp@m.igium.nosp@m..com

Definition in file libasteriskssl.c.

Macro Definition Documentation

◆ get_OpenSSL_function

#define get_OpenSSL_function ( func ) do { real_##func = dlsym(RTLD_NEXT, __stringify(func)); } while(0)

Definition at line 49 of file libasteriskssl.c.

Referenced by ast_ssl_init().

Function Documentation

◆ ast_ssl_init()

int ast_ssl_init ( void )

Provided by ssl.c

Definition at line 130 of file libasteriskssl.c.

References ast_calloc, ast_debug, ast_mutex_init, CRYPTO_set_id_callback(), CRYPTO_set_locking_callback(), get_OpenSSL_function, NULL, SSL_library_init(), SSL_load_error_strings(), ssl_lock(), ssl_num_locks, ssl_threadid(), and startup_complete.

Referenced by asterisk_daemon().

 {
    unsigned int i;
    int (*real_SSL_library_init)(void);
 #if OPENSSL_VERSION_NUMBER < 0x10000000L
    void (*real_CRYPTO_set_id_callback)(unsigned long (*)(void));
 #endif
    void (*real_CRYPTO_set_locking_callback)(void (*)(int, int, const char *, int));
    void (*real_SSL_load_error_strings)(void);
    const char *errstr;
 
    /* clear any previous dynamic linker errors */
    dlerror();
    get_OpenSSL_function(SSL_library_init);
    if ((errstr = dlerror()) != NULL) {
       ast_debug(1, "unable to get real address of SSL_library_init: %s\n", errstr);
       /* there is no way to continue in this situation... SSL will
        * likely be broken in this process
        */
       return -1;
    } else {
       real_SSL_library_init();
    }
 
    /* Make OpenSSL usage thread-safe. */
 
 #if OPENSSL_VERSION_NUMBER < 0x10000000L
    dlerror();
    get_OpenSSL_function(CRYPTO_set_id_callback);
    if ((errstr = dlerror()) != NULL) {
       ast_debug(1, "unable to get real address of CRYPTO_set_id_callback: %s\n", errstr);
       /* there is no way to continue in this situation... SSL will
        * likely be broken in this process
        */
       return -1;
    } else {
       real_CRYPTO_set_id_callback(ssl_threadid);
    }
 #endif
 
    dlerror();
    get_OpenSSL_function(CRYPTO_set_locking_callback);
    if ((errstr = dlerror()) != NULL) {
       ast_debug(1, "unable to get real address of CRYPTO_set_locking_callback: %s\n", errstr);
       /* there is no way to continue in this situation... SSL will
        * likely be broken in this process
        */
       return -1;
    } else {
       ssl_num_locks = CRYPTO_num_locks();
       if (!(ssl_locks = ast_calloc(ssl_num_locks, sizeof(ssl_locks[0])))) {
          return -1;
       }
       for (i = 0; i < ssl_num_locks; i++) {
          ast_mutex_init(&ssl_locks[i]);
       }
       real_CRYPTO_set_locking_callback(ssl_lock);
    }
 
    /* after this point, we don't check for errors from the dlsym() calls,
     * under the assumption that if the ones above were successful, all
     * the rest will be too. this assumption holds as long as OpenSSL still
     * provides all of these functions.
     */
 
    get_OpenSSL_function(SSL_load_error_strings);
    real_SSL_load_error_strings();
 
    startup_complete = 1;
 
    return 0;
 }

◆ CRYPTO_set_id_callback()

void CRYPTO_set_id_callback ( unsigned long(*)(void) func )

Definition at line 100 of file libasteriskssl.c.

References ast_debug, and startup_complete.

Referenced by ast_ssl_init().

 {
 #if defined(AST_DEVMODE)
    if (startup_complete) {
       ast_debug(1, "Called after startup... ignoring!\n");
    }
 #endif
 }

◆ CRYPTO_set_locking_callback()

void CRYPTO_set_locking_callback ( void(*)(int mode, int type, const char *file, int line) func )

Definition at line 110 of file libasteriskssl.c.

References ast_debug, and startup_complete.

Referenced by ast_ssl_init().

 {
 #if defined(AST_DEVMODE)
    if (startup_complete) {
       ast_debug(1, "Called after startup... ignoring!\n");
    }
 #endif
 }

◆ ERR_free_strings()

void ERR_free_strings ( void )

Definition at line 119 of file libasteriskssl.c.

 {
    /* we can't allow this to be called, ever */
 }

◆ SSL_library_init()

int SSL_library_init ( void )

Definition at line 80 of file libasteriskssl.c.

References ast_debug, and startup_complete.

Referenced by ast_ssl_init().

 {
 #if defined(AST_DEVMODE)
    if (startup_complete) {
       ast_debug(1, "Called after startup... ignoring!\n");
    }
 #endif
    return 1;
 }

◆ SSL_load_error_strings()

void SSL_load_error_strings ( void )

Definition at line 90 of file libasteriskssl.c.

References ast_debug, and startup_complete.

Referenced by ast_ssl_init().

 {
 #if defined(AST_DEVMODE)
    if (startup_complete) {
       ast_debug(1, "Called after startup... ignoring!\n");
    }
 #endif
 }

◆ ssl_lock()

static void ssl_lock	(	int	mode,
		int	n,
		const char *	file,
		int	line
	)

static

Definition at line 64 of file libasteriskssl.c.

References ast_log, ast_mutex_lock, ast_mutex_unlock, LOG_ERROR, and ssl_num_locks.

Referenced by ast_ssl_init().

 {
    if (n < 0 || n >= ssl_num_locks) {
       ast_log(LOG_ERROR, "OpenSSL is full of LIES!!! - "
             "ssl_num_locks '%d' - n '%d'\n",
             ssl_num_locks, n);
       return;
    }
 
    if (mode & 0x1) {
       ast_mutex_lock(&ssl_locks[n]);
    } else {
       ast_mutex_unlock(&ssl_locks[n]);
    }
 }

◆ ssl_threadid()

static unsigned long ssl_threadid ( void )

static

Definition at line 58 of file libasteriskssl.c.

Referenced by ast_ssl_init().

 {
    return (unsigned long) pthread_self();
 }

Variable Documentation

◆ ssl_locks

ast_mutex_t* ssl_locks

static

Definition at line 53 of file libasteriskssl.c.

◆ ssl_num_locks

int ssl_num_locks

static

Definition at line 55 of file libasteriskssl.c.

Referenced by ast_ssl_init(), and ssl_lock().

◆ startup_complete

int startup_complete

static

Definition at line 51 of file libasteriskssl.c.

Referenced by ast_ssl_init(), CRYPTO_set_id_callback(), CRYPTO_set_locking_callback(), SSL_library_init(), and SSL_load_error_strings().

Macros

Functions

Variables

Detailed Description

Macro Definition Documentation

◆ get_OpenSSL_function

Function Documentation

◆ ast_ssl_init()

◆ CRYPTO_set_id_callback()

◆ CRYPTO_set_locking_callback()

◆ ERR_free_strings()

◆ SSL_library_init()

◆ SSL_load_error_strings()

◆ ssl_lock()

◆ ssl_threadid()

Variable Documentation

◆ ssl_locks

◆ ssl_num_locks

◆ startup_complete