aboutsummaryrefslogtreecommitdiff
path: root/contrib/bind9/lib/dns/openssl_link.c
diff options
context:
space:
mode:
Diffstat (limited to 'contrib/bind9/lib/dns/openssl_link.c')
-rw-r--r--contrib/bind9/lib/dns/openssl_link.c392
1 files changed, 0 insertions, 392 deletions
diff --git a/contrib/bind9/lib/dns/openssl_link.c b/contrib/bind9/lib/dns/openssl_link.c
deleted file mode 100644
index 56465aa00645..000000000000
--- a/contrib/bind9/lib/dns/openssl_link.c
+++ /dev/null
@@ -1,392 +0,0 @@
-/*
- * Portions Copyright (C) 2004-2012 Internet Systems Consortium, Inc. ("ISC")
- * Portions Copyright (C) 1999-2003 Internet Software Consortium.
- *
- * Permission to use, copy, modify, and/or distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS
- * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE
- * FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
- * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- *
- * Portions Copyright (C) 1995-2000 by Network Associates, Inc.
- *
- * Permission to use, copy, modify, and/or distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS
- * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE
- * FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
- * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-/*
- * Principal Author: Brian Wellington
- * $Id$
- */
-#ifdef OPENSSL
-
-#include <config.h>
-
-#include <isc/entropy.h>
-#include <isc/mem.h>
-#include <isc/mutex.h>
-#include <isc/mutexblock.h>
-#include <isc/string.h>
-#include <isc/thread.h>
-#include <isc/util.h>
-
-#include <dns/log.h>
-
-#include <dst/result.h>
-
-#include "dst_internal.h"
-#include "dst_openssl.h"
-
-#ifdef USE_ENGINE
-#include <openssl/engine.h>
-#endif
-
-static RAND_METHOD *rm = NULL;
-
-static isc_mutex_t *locks = NULL;
-static int nlocks;
-
-#ifdef USE_ENGINE
-static ENGINE *e = NULL;
-#endif
-
-static int
-entropy_get(unsigned char *buf, int num) {
- isc_result_t result;
- if (num < 0)
- return (-1);
- result = dst__entropy_getdata(buf, (unsigned int) num, ISC_FALSE);
- return (result == ISC_R_SUCCESS ? 1 : -1);
-}
-
-static int
-entropy_status(void) {
- return (dst__entropy_status() > 32);
-}
-
-static int
-entropy_getpseudo(unsigned char *buf, int num) {
- isc_result_t result;
- if (num < 0)
- return (-1);
- result = dst__entropy_getdata(buf, (unsigned int) num, ISC_TRUE);
- return (result == ISC_R_SUCCESS ? 1 : -1);
-}
-
-static void
-entropy_add(const void *buf, int num, double entropy) {
- /*
- * Do nothing. The only call to this provides no useful data anyway.
- */
- UNUSED(buf);
- UNUSED(num);
- UNUSED(entropy);
-}
-
-static void
-lock_callback(int mode, int type, const char *file, int line) {
- UNUSED(file);
- UNUSED(line);
- if ((mode & CRYPTO_LOCK) != 0)
- LOCK(&locks[type]);
- else
- UNLOCK(&locks[type]);
-}
-
-static unsigned long
-id_callback(void) {
- return ((unsigned long)isc_thread_self());
-}
-
-static void *
-mem_alloc(size_t size) {
-#ifdef OPENSSL_LEAKS
- void *ptr;
-
- INSIST(dst__memory_pool != NULL);
- ptr = isc_mem_allocate(dst__memory_pool, size);
- return (ptr);
-#else
- INSIST(dst__memory_pool != NULL);
- return (isc_mem_allocate(dst__memory_pool, size));
-#endif
-}
-
-static void
-mem_free(void *ptr) {
- INSIST(dst__memory_pool != NULL);
- if (ptr != NULL)
- isc_mem_free(dst__memory_pool, ptr);
-}
-
-static void *
-mem_realloc(void *ptr, size_t size) {
-#ifdef OPENSSL_LEAKS
- void *rptr;
-
- INSIST(dst__memory_pool != NULL);
- rptr = isc_mem_reallocate(dst__memory_pool, ptr, size);
- return (rptr);
-#else
- INSIST(dst__memory_pool != NULL);
- return (isc_mem_reallocate(dst__memory_pool, ptr, size));
-#endif
-}
-
-isc_result_t
-dst__openssl_init(const char *engine) {
- isc_result_t result;
-#ifdef USE_ENGINE
- ENGINE *re;
-#else
-
- UNUSED(engine);
-#endif
-
-#ifdef DNS_CRYPTO_LEAKS
- CRYPTO_malloc_debug_init();
- CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
-#endif
- CRYPTO_set_mem_functions(mem_alloc, mem_realloc, mem_free);
- nlocks = CRYPTO_num_locks();
- locks = mem_alloc(sizeof(isc_mutex_t) * nlocks);
- if (locks == NULL)
- return (ISC_R_NOMEMORY);
- result = isc_mutexblock_init(locks, nlocks);
- if (result != ISC_R_SUCCESS)
- goto cleanup_mutexalloc;
- CRYPTO_set_locking_callback(lock_callback);
- CRYPTO_set_id_callback(id_callback);
-
- ERR_load_crypto_strings();
-
- rm = mem_alloc(sizeof(RAND_METHOD));
- if (rm == NULL) {
- result = ISC_R_NOMEMORY;
- goto cleanup_mutexinit;
- }
- rm->seed = NULL;
- rm->bytes = entropy_get;
- rm->cleanup = NULL;
- rm->add = entropy_add;
- rm->pseudorand = entropy_getpseudo;
- rm->status = entropy_status;
-
-#ifdef USE_ENGINE
- OPENSSL_config(NULL);
-
- if (engine != NULL && *engine == '\0')
- engine = NULL;
-
- if (engine != NULL) {
- e = ENGINE_by_id(engine);
- if (e == NULL) {
- result = DST_R_NOENGINE;
- goto cleanup_rm;
- }
- /* This will init the engine. */
- if (!ENGINE_set_default(e, ENGINE_METHOD_ALL)) {
- result = DST_R_NOENGINE;
- goto cleanup_rm;
- }
- }
-
- re = ENGINE_get_default_RAND();
- if (re == NULL) {
- re = ENGINE_new();
- if (re == NULL) {
- result = ISC_R_NOMEMORY;
- goto cleanup_rm;
- }
- ENGINE_set_RAND(re, rm);
- ENGINE_set_default_RAND(re);
- ENGINE_free(re);
- } else
- ENGINE_finish(re);
-#else
- RAND_set_rand_method(rm);
-#endif /* USE_ENGINE */
- return (ISC_R_SUCCESS);
-
-#ifdef USE_ENGINE
- cleanup_rm:
- if (e != NULL)
- ENGINE_free(e);
- e = NULL;
- mem_free(rm);
- rm = NULL;
-#endif
- cleanup_mutexinit:
- CRYPTO_set_locking_callback(NULL);
- DESTROYMUTEXBLOCK(locks, nlocks);
- cleanup_mutexalloc:
- mem_free(locks);
- locks = NULL;
- return (result);
-}
-
-void
-dst__openssl_destroy() {
-
- /*
- * Sequence taken from apps_shutdown() in <apps/apps.h>.
- */
- if (rm != NULL) {
-#if OPENSSL_VERSION_NUMBER >= 0x00907000L
- RAND_cleanup();
-#endif
- mem_free(rm);
- rm = NULL;
- }
-#if (OPENSSL_VERSION_NUMBER >= 0x00907000L)
- CONF_modules_free();
-#endif
- OBJ_cleanup();
- EVP_cleanup();
-#if defined(USE_ENGINE)
- if (e != NULL)
- ENGINE_free(e);
- e = NULL;
-#if defined(USE_ENGINE) && OPENSSL_VERSION_NUMBER >= 0x00907000L
- ENGINE_cleanup();
-#endif
-#endif
-#if (OPENSSL_VERSION_NUMBER >= 0x00907000L)
- CRYPTO_cleanup_all_ex_data();
-#endif
- ERR_clear_error();
- ERR_remove_state(0);
- ERR_free_strings();
-
-#ifdef DNS_CRYPTO_LEAKS
- CRYPTO_mem_leaks_fp(stderr);
-#endif
-
- if (locks != NULL) {
- CRYPTO_set_locking_callback(NULL);
- DESTROYMUTEXBLOCK(locks, nlocks);
- mem_free(locks);
- locks = NULL;
- }
-}
-
-static isc_result_t
-toresult(isc_result_t fallback) {
- isc_result_t result = fallback;
- unsigned long err = ERR_get_error();
-#ifdef HAVE_OPENSSL_ECDSA
- int lib = ERR_GET_LIB(err);
-#endif
- int reason = ERR_GET_REASON(err);
-
- switch (reason) {
- /*
- * ERR_* errors are globally unique; others
- * are unique per sublibrary
- */
- case ERR_R_MALLOC_FAILURE:
- result = ISC_R_NOMEMORY;
- break;
- default:
-#ifdef HAVE_OPENSSL_ECDSA
- if (lib == ERR_R_ECDSA_LIB &&
- reason == ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED) {
- result = ISC_R_NOENTROPY;
- break;
- }
-#endif
- break;
- }
-
- return (result);
-}
-
-isc_result_t
-dst__openssl_toresult(isc_result_t fallback) {
- isc_result_t result;
-
- result = toresult(fallback);
-
- ERR_clear_error();
- return (result);
-}
-
-isc_result_t
-dst__openssl_toresult2(const char *funcname, isc_result_t fallback) {
- return (dst__openssl_toresult3(DNS_LOGCATEGORY_GENERAL,
- funcname, fallback));
-}
-
-isc_result_t
-dst__openssl_toresult3(isc_logcategory_t *category,
- const char *funcname, isc_result_t fallback) {
- isc_result_t result;
- unsigned long err;
- const char *file, *data;
- int line, flags;
- char buf[256];
-
- result = toresult(fallback);
-
- isc_log_write(dns_lctx, category,
- DNS_LOGMODULE_CRYPTO, ISC_LOG_WARNING,
- "%s failed (%s)", funcname,
- isc_result_totext(result));
-
- if (result == ISC_R_NOMEMORY)
- goto done;
-
- for (;;) {
- err = ERR_get_error_line_data(&file, &line, &data, &flags);
- if (err == 0U)
- goto done;
- ERR_error_string_n(err, buf, sizeof(buf));
- isc_log_write(dns_lctx, category,
- DNS_LOGMODULE_CRYPTO, ISC_LOG_INFO,
- "%s:%s:%d:%s", buf, file, line,
- (flags & ERR_TXT_STRING) ? data : "");
- }
-
- done:
- ERR_clear_error();
- return (result);
-}
-
-#if defined(USE_ENGINE)
-ENGINE *
-dst__openssl_getengine(const char *engine) {
-
- if (engine == NULL)
- return (NULL);
- if (e == NULL)
- return (NULL);
- if (strcmp(engine, ENGINE_get_id(e)) == 0)
- return (e);
- return (NULL);
-}
-#endif
-
-#else /* OPENSSL */
-
-#include <isc/util.h>
-
-EMPTY_TRANSLATION_UNIT
-
-#endif /* OPENSSL */
-/*! \file */
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-25 09:44:49 +0000