diff options
author | Matt Caswell <matt@openssl.org> | 2016-02-10 13:59:15 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2016-02-10 17:40:59 +0000 |
commit | 0fc32b0718ec210e03b6d8623d4819ed04615a1b (patch) | |
tree | 9491a02a740d05b415790bcfeb16eb65f6a06267 /ssl | |
parent | 8bd8221be80708825ddb9771d4c9fff67860119b (diff) | |
download | openssl-0fc32b0718ec210e03b6d8623d4819ed04615a1b.zip openssl-0fc32b0718ec210e03b6d8623d4819ed04615a1b.tar.gz openssl-0fc32b0718ec210e03b6d8623d4819ed04615a1b.tar.bz2 |
The new init functions can now fail so shouldn't be void
The new init functions can fail if the library has already been stopped. We
should be able to indicate failure with a 0 return value.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/ssl_init.c | 13 | ||||
-rw-r--r-- | ssl/ssl_lib.c | 3 |
2 files changed, 10 insertions, 6 deletions
diff --git a/ssl/ssl_init.c b/ssl/ssl_init.c index 67e4319..134aa00 100644 --- a/ssl/ssl_init.c +++ b/ssl/ssl_init.c @@ -299,13 +299,14 @@ static void ssl_library_stop(void) * called prior to any threads making calls to any OpenSSL functions, * i.e. passing a non-null settings value is assumed to be single-threaded. */ -void OPENSSL_init_ssl(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings) +int OPENSSL_init_ssl(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings) { - /* XXX TODO WARNING To be updated to return a value not assert. */ - assert(!stopped); + if (stopped) + return 0; - OPENSSL_init_crypto(opts | OPENSSL_INIT_ADD_ALL_CIPHERS - | OPENSSL_INIT_ADD_ALL_DIGESTS, settings); + if (!OPENSSL_init_crypto(opts | OPENSSL_INIT_ADD_ALL_CIPHERS + | OPENSSL_INIT_ADD_ALL_DIGESTS, settings)) + return 0; ossl_init_once_run(&ssl_base, ossl_init_ssl_base); @@ -314,5 +315,7 @@ void OPENSSL_init_ssl(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings) if (opts & OPENSSL_INIT_LOAD_SSL_STRINGS) ossl_init_once_run(&ssl_strings, ossl_init_load_ssl_strings); + + return 1; } diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index e4b5d9f..d080220 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -2270,7 +2270,8 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth) return (NULL); } - OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL); + if (!OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL)) + return NULL; if (FIPS_mode() && (meth->version < TLS1_VERSION)) { SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_AT_LEAST_TLS_1_0_NEEDED_IN_FIPS_MODE); |