Skip to content

Commit 6ccfaa5

Browse files
bobstablerbobstabler
committed
Allow caller to disable SSL Initialization, so it can be done outside of Poco.
1 parent b565d72 commit 6ccfaa5

2 files changed

Lines changed: 39 additions & 20 deletions

File tree

Crypto/include/Poco/Crypto/OpenSSLInitializer.h

Lines changed: 10 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -44,7 +44,7 @@ namespace Crypto {
4444

4545

4646
class Crypto_API OpenSSLInitializer
47-
/// Initializes the OpenSSL library.
47+
/// Initalizes the OpenSSL library.
4848
///
4949
/// The class ensures the earliest initialization and the
5050
/// latest shutdown of the OpenSSL library.
@@ -68,6 +68,8 @@ class Crypto_API OpenSSLInitializer
6868
static void enableFIPSMode(bool enabled);
6969
// Enable or disable FIPS mode. If FIPS is not available, this method doesn't do anything.
7070

71+
static void disableSSLInitialization(); // Call if OpenSSL is already being initialized by another component before constructing any OpenSSLInitializers.
72+
7173
protected:
7274
enum
7375
{
@@ -84,6 +86,8 @@ class Crypto_API OpenSSLInitializer
8486
private:
8587
static Poco::FastMutex* _mutexes;
8688
static Poco::AtomicCounter _rc;
89+
static bool _disableSSLInitialization;
90+
static bool _setupMultiThreadSupport;
8791
};
8892

8993

@@ -110,6 +114,11 @@ inline void OpenSSLInitializer::enableFIPSMode(bool /*enabled*/)
110114
}
111115
#endif
112116

117+
inline void OpenSSLInitializer::disableSSLInitialization()
118+
{
119+
_disableSSLInitialization = true;
120+
}
121+
113122

114123
} } // namespace Poco::Crypto
115124

Crypto/src/OpenSSLInitializer.cpp

Lines changed: 29 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -36,7 +36,7 @@ namespace Crypto {
3636

3737
Poco::FastMutex* OpenSSLInitializer::_mutexes(0);
3838
Poco::AtomicCounter OpenSSLInitializer::_rc;
39-
39+
bool OpenSSLInitializer::_disableSSLInitialization = false;
4040

4141
OpenSSLInitializer::OpenSSLInitializer()
4242
{
@@ -64,18 +64,21 @@ void OpenSSLInitializer::initialize()
6464
#if OPENSSL_VERSION_NUMBER >= 0x0907000L
6565
OPENSSL_config(NULL);
6666
#endif
67-
SSL_library_init();
68-
SSL_load_error_strings();
69-
OpenSSL_add_all_algorithms();
70-
67+
if(! _disableSSLInitialization) {
68+
SSL_library_init();
69+
SSL_load_error_strings();
70+
OpenSSL_add_all_algorithms();
71+
}
72+
7173
char seed[SEEDSIZE];
7274
RandomInputStream rnd;
7375
rnd.read(seed, sizeof(seed));
7476
RAND_seed(seed, SEEDSIZE);
7577

76-
int nMutexes = CRYPTO_num_locks();
77-
_mutexes = new Poco::FastMutex[nMutexes];
78-
CRYPTO_set_locking_callback(&OpenSSLInitializer::lock);
78+
if(CRYPTO_get_locking_callback() == NULL) {
79+
int nMutexes = CRYPTO_num_locks();
80+
_mutexes = new Poco::FastMutex[nMutexes];
81+
CRYPTO_set_locking_callback(&OpenSSLInitializer::lock);
7982
#ifndef POCO_OS_FAMILY_WINDOWS
8083
// Not needed on Windows (see SF #110: random unhandled exceptions when linking with ssl).
8184
// https://sourceforge.net/p/poco/bugs/110/
@@ -84,11 +87,12 @@ void OpenSSLInitializer::initialize()
8487
// "If the application does not register such a callback using CRYPTO_THREADID_set_callback(),
8588
// then a default implementation is used - on Windows and BeOS this uses the system's
8689
// default thread identifying APIs"
87-
CRYPTO_set_id_callback(&OpenSSLInitializer::id);
90+
CRYPTO_set_id_callback(&OpenSSLInitializer::id);
8891
#endif
89-
CRYPTO_set_dynlock_create_callback(&OpenSSLInitializer::dynlockCreate);
90-
CRYPTO_set_dynlock_lock_callback(&OpenSSLInitializer::dynlock);
91-
CRYPTO_set_dynlock_destroy_callback(&OpenSSLInitializer::dynlockDestroy);
92+
CRYPTO_set_dynlock_create_callback(&OpenSSLInitializer::dynlockCreate);
93+
CRYPTO_set_dynlock_lock_callback(&OpenSSLInitializer::dynlock);
94+
CRYPTO_set_dynlock_destroy_callback(&OpenSSLInitializer::dynlockDestroy);
95+
}
9296
}
9397
}
9498

@@ -97,15 +101,21 @@ void OpenSSLInitializer::uninitialize()
97101
{
98102
if (--_rc == 0)
99103
{
100-
EVP_cleanup();
101-
ERR_free_strings();
102-
CRYPTO_set_locking_callback(0);
104+
if(_mutexes != NULL) {
105+
CRYPTO_set_dynlock_create_callback(0);
106+
CRYPTO_set_dynlock_lock_callback(0);
107+
CRYPTO_set_dynlock_destroy_callback(0);
108+
CRYPTO_set_locking_callback(0);
103109
#ifndef POCO_OS_FAMILY_WINDOWS
104-
CRYPTO_set_id_callback(0);
110+
CRYPTO_set_id_callback(0);
105111
#endif
106-
delete [] _mutexes;
107-
108-
CONF_modules_free();
112+
delete [] _mutexes;
113+
}
114+
if(! _disableSSLInitialization) {
115+
EVP_cleanup();
116+
ERR_free_strings();
117+
CONF_modules_free();
118+
}
109119
}
110120
}
111121

0 commit comments

Comments
 (0)