crypto: Make unloading of crypto safer

Facts:
crypto nif-lib registers callback functions that openssl uses
for memory management and thread synchronization. The callback
functions can only be set once, openssl does not allow changing the
callback functions.

Problem:
If openssl is dynamicly linked to crypto, you might get s scenario
where the crypto lib is unloaded while leaving openssl loaded
with its old pointers to the unloaded crypto code intact.
If crypto is then reloaded (by init:restart() for example), the crypto
nif-lib might get relocated at a different address. crypto calls
openssl which in turn calls the old invalid callback functions...kaboom.

Solution:
Break apart the callback functions into a separate dynamic lib that
crypto loads with dlopen. When crypto is unloaded the callback lib is
left in place to be reused if/when crypto is loaded again.

1 files changed, 29 insertions, 7 deletions

diff --git a/lib/crypto/c_src/Makefile.in b/lib/crypto/c_src/Makefile.in
index ffd556ca1a..f7e2193cec 100644
--- a/lib/crypto/c_src/Makefile.in
+++ b/lib/crypto/c_src/Makefile.in
@@ -69,13 +69,16 @@ RELSYSDIR = $(RELEASE_PATH)/lib/crypto-$(VSN)
 # ----------------------------------------------------
 # Misc Macros
 # ----------------------------------------------------
-OBJS = $(OBJDIR)/crypto$(TYPEMARKER).o
+CRYPTO_OBJS = $(OBJDIR)/crypto$(TYPEMARKER).o
+CALLBACK_OBJS = $(OBJDIR)/crypto_callback$(TYPEMARKER).o
 NIF_MAKEFILE = $(PRIVDIR)/Makefile
 
 ifeq ($(findstring win32,$(TARGET)), win32)
 NIF_LIB = $(LIBDIR)/crypto$(TYPEMARKER).dll
+CALLBACK_LIB = $(LIBDIR)/crypto_callback$(TYPEMARKER).dll
 else
 NIF_LIB = $(LIBDIR)/crypto$(TYPEMARKER).so
+CALLBACK_LIB = $(LIBDIR)/crypto_callback$(TYPEMARKER).so
 endif
 
 ifeq ($(HOST_OS),)
@@ -97,32 +100,49 @@ endif
 
 _create_dirs := $(shell mkdir -p $(OBJDIR) $(LIBDIR))
 
-debug opt valgrind: $(NIF_LIB)
+debug opt valgrind: $(NIF_LIB) $(CALLBACK_LIB)
 
 $(OBJDIR)/%$(TYPEMARKER).o: %.c
 	$(INSTALL_DIR) $(OBJDIR)
 	$(CC) -c -o $@ $(ALL_CFLAGS) $<
 
-$(LIBDIR)/crypto$(TYPEMARKER).so: $(OBJS)
-	$(INSTALL_DIR) $(LIBDIR) 
+$(LIBDIR)/crypto$(TYPEMARKER).so: $(CRYPTO_OBJS)
+	$(INSTALL_DIR) $(LIBDIR)
 	$(LD) $(LDFLAGS) -o $@ $^ $(LDLIBS) $(CRYPTO_LINK_LIB)
 
-$(LIBDIR)/crypto$(TYPEMARKER).dll: $(OBJS)
+$(LIBDIR)/crypto$(TYPEMARKER).dll: $(CRYPTO_OBJS)
+	$(INSTALL_DIR) $(LIBDIR)
+	$(LD) $(LDFLAGS) -o $@  $(SSL_DED_LD_RUNTIME_LIBRARY_PATH) -L$(SSL_LIBDIR) $(CRYPTO_OBJS) -l$(SSL_CRYPTO_LIBNAME) -l$(SSL_SSL_LIBNAME)
+
+$(LIBDIR)/crypto_callback$(TYPEMARKER).so: $(CALLBACK_OBJS)
 	$(INSTALL_DIR) $(LIBDIR)
-	$(LD) $(LDFLAGS) -o $@  $(SSL_DED_LD_RUNTIME_LIBRARY_PATH) -L$(SSL_LIBDIR) $(OBJS) -l$(SSL_CRYPTO_LIBNAME) -l$(SSL_SSL_LIBNAME)
+	$(LD) $(LDFLAGS) -o $@ $^ $(LDLIBS)
+
+$(LIBDIR)/crypto_callback$(TYPEMARKER).dll: $(CALLBACK_OBJS)
+	$(INSTALL_DIR) $(LIBDIR)
+	$(LD) $(LDFLAGS) -o $@ $(CALLBACK_OBJS)
+
 
 clean:
 ifeq ($(findstring win32,$(TARGET)), win32)
 	rm -f $(LIBDIR)/crypto.dll
 	rm -f $(LIBDIR)/crypto.debug.dll
+	rm -f $(LIBDIR)/crypto_callback.dll
+	rm -f $(LIBDIR)/crypto_callback.debug.dll
 else
 	rm -f $(LIBDIR)/crypto.so
 	rm -f $(LIBDIR)/crypto.debug.so
 	rm -f $(LIBDIR)/crypto.valgrind.so
+	rm -f $(LIBDIR)/crypto_callback.so
+	rm -f $(LIBDIR)/crypto_callback.debug.so
+	rm -f $(LIBDIR)/crypto_callback.valgrind.so
 endif
 	rm -f $(OBJDIR)/crypto.o
 	rm -f $(OBJDIR)/crypto.debug.o
 	rm -f $(OBJDIR)/crypto.valgrind.o
+	rm -f $(OBJDIR)/crypto_callback.o
+	rm -f $(OBJDIR)/crypto_callback.debug.o
+	rm -f $(OBJDIR)/crypto_callback.valgrind.o
 	rm -f core *~
 
 docs:
@@ -136,8 +156,10 @@ release_spec: opt
 	$(INSTALL_DIR) "$(RELSYSDIR)/priv/obj"
 	$(INSTALL_DIR) "$(RELSYSDIR)/priv/lib"
 	$(INSTALL_DATA) $(NIF_MAKEFILE) "$(RELSYSDIR)/priv/obj"
-	$(INSTALL_PROGRAM) $(OBJS) "$(RELSYSDIR)/priv/obj"
+	$(INSTALL_PROGRAM) $(CRYPTO_OBJS) "$(RELSYSDIR)/priv/obj"
+	$(INSTALL_PROGRAM) $(CALLBACK_OBJS) "$(RELSYSDIR)/priv/obj"
 	$(INSTALL_PROGRAM) $(NIF_LIB) "$(RELSYSDIR)/priv/lib"
+	$(INSTALL_PROGRAM) $(CALLBACK_LIB) "$(RELSYSDIR)/priv/lib"
 
 release_docs_spec: