diff options
| author | Sverker Eriksson <[email protected]> | 2012-10-05 11:52:52 +0200 |
|---|---|---|
| committer | Sverker Eriksson <[email protected]> | 2012-10-09 22:05:11 +0200 |
| commit | e5c1d346e29e5b1227ed30ee4d725a09eca0e532 (patch) | |
| tree | b5c8114a810459e855d4a81ec918c40e240c82d9 /lib/crypto/c_src/crypto_callback.h | |
| parent | 54e7cc9086908a0e5642caa6ac3680557acc5a67 (diff) | |
| download | otp-e5c1d346e29e5b1227ed30ee4d725a09eca0e532.tar.gz otp-e5c1d346e29e5b1227ed30ee4d725a09eca0e532.tar.bz2 otp-e5c1d346e29e5b1227ed30ee4d725a09eca0e532.zip | |
crypto: Make unloading of crypto safer
Facts:
crypto nif-lib registers callback functions that openssl uses
for memory management and thread synchronization. The callback
functions can only be set once, openssl does not allow changing the
callback functions.
Problem:
If openssl is dynamicly linked to crypto, you might get s scenario
where the crypto lib is unloaded while leaving openssl loaded
with its old pointers to the unloaded crypto code intact.
If crypto is then reloaded (by init:restart() for example), the crypto
nif-lib might get relocated at a different address. crypto calls
openssl which in turn calls the old invalid callback functions...kaboom.
Solution:
Break apart the callback functions into a separate dynamic lib that
crypto loads with dlopen. When crypto is unloaded the callback lib is
left in place to be reused if/when crypto is loaded again.
Diffstat (limited to 'lib/crypto/c_src/crypto_callback.h')
| -rw-r--r-- | lib/crypto/c_src/crypto_callback.h | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/lib/crypto/c_src/crypto_callback.h b/lib/crypto/c_src/crypto_callback.h new file mode 100644 index 0000000000..a0c828b502 --- /dev/null +++ b/lib/crypto/c_src/crypto_callback.h @@ -0,0 +1,42 @@ +/* + * %CopyrightBegin% + * + * Copyright Ericsson AB 2012. All Rights Reserved. + * + * The contents of this file are subject to the Erlang Public License, + * Version 1.1, (the "License"); you may not use this file except in + * compliance with the License. You should have received a copy of the + * Erlang Public License along with this software. If not, it can be + * retrieved online at http://www.erlang.org/. + * + * Software distributed under the License is distributed on an "AS IS" + * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See + * the License for the specific language governing rights and limitations + * under the License. + * + * %CopyrightEnd% + */ + +struct crypto_callbacks +{ + size_t sizeof_me; + + void* (*crypto_alloc)(size_t size); + void* (*crypto_realloc)(void* ptr, size_t size); + void (*crypto_free)(void* ptr); + + /* openssl callbacks */ + #ifdef OPENSSL_THREADS + void (*locking_function)(int mode, int n, const char *file, int line); + unsigned long (*id_function)(void); + struct CRYPTO_dynlock_value* (*dyn_create_function)(const char *file, + int line); + void (*dyn_lock_function)(int mode, struct CRYPTO_dynlock_value* ptr, + const char *file, int line); + void (*dyn_destroy_function)(struct CRYPTO_dynlock_value *ptr, + const char *file, int line); + #endif /* OPENSSL_THREADS */ +}; + +typedef struct crypto_callbacks* get_crypto_callbacks_t(int nlocks); + |