diff options
| author | Cy Schubert <cy@FreeBSD.org> | 2014-12-20 22:52:39 +0000 |
|---|---|---|
| committer | Cy Schubert <cy@FreeBSD.org> | 2014-12-20 22:52:39 +0000 |
| commit | b5e14a1344528861a7016aa2c6b0f2e9630d1526 (patch) | |
| tree | f04bed14f7e8aed5c0e9d2f7785175c7951036d3 /libntp/ssl_init.c | |
| parent | 2b45e011ca352ce509bc83ae148230aeee0c7e0d (diff) | |
Diffstat (limited to 'libntp/ssl_init.c')
| -rw-r--r-- | libntp/ssl_init.c | 30 |
1 files changed, 23 insertions, 7 deletions
diff --git a/libntp/ssl_init.c b/libntp/ssl_init.c index 9e11e5f2cc617..7f1e9a096b209 100644 --- a/libntp/ssl_init.c +++ b/libntp/ssl_init.c @@ -16,19 +16,35 @@ #include "openssl/err.h" #include "openssl/evp.h" +void atexit_ssl_cleanup(void); int ssl_init_done; void ssl_init(void) { + init_lib(); + if (ssl_init_done) return; ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); + atexit(&atexit_ssl_cleanup); - ssl_init_done = 1; + ssl_init_done = TRUE; +} + + +void +atexit_ssl_cleanup(void) +{ + if (!ssl_init_done) + return; + + ssl_init_done = FALSE; + EVP_cleanup(); + ERR_free_strings(); } @@ -38,10 +54,10 @@ ssl_check_version(void) if ((SSLeay() ^ OPENSSL_VERSION_NUMBER) & ~0xff0L) { msyslog(LOG_WARNING, "OpenSSL version mismatch. Built against %lx, you have %lx", - OPENSSL_VERSION_NUMBER, SSLeay()); + (u_long)OPENSSL_VERSION_NUMBER, SSLeay()); fprintf(stderr, "OpenSSL version mismatch. Built against %lx, you have %lx\n", - OPENSSL_VERSION_NUMBER, SSLeay()); + (u_long)OPENSSL_VERSION_NUMBER, SSLeay()); } INIT_SSL(); @@ -61,10 +77,10 @@ keytype_from_text( size_t *pdigest_len ) { - const u_long max_digest_len = MAX_MAC_LEN - sizeof(keyid_t); int key_type; u_int digest_len; #ifdef OPENSSL + const u_long max_digest_len = MAX_MAC_LEN - sizeof(keyid_t); u_char digest[EVP_MAX_MD_SIZE]; char * upcased; char * pch; @@ -78,7 +94,7 @@ keytype_from_text( */ INIT_SSL(); LIB_GETBUF(upcased); - strncpy(upcased, text, LIB_BUFLENGTH); + strlcpy(upcased, text, LIB_BUFLENGTH); for (pch = upcased; '\0' != *pch; pch++) *pch = (char)toupper(*pch); key_type = OBJ_sn2nid(upcased); @@ -96,13 +112,13 @@ keytype_from_text( #ifdef OPENSSL EVP_DigestInit(&ctx, EVP_get_digestbynid(key_type)); EVP_DigestFinal(&ctx, digest, &digest_len); - if (digest_len + sizeof(keyid_t) > MAX_MAC_LEN) { + if (digest_len > max_digest_len) { fprintf(stderr, "key type %s %u octet digests are too big, max %lu\n", keytype_name(key_type), digest_len, max_digest_len); msyslog(LOG_ERR, - "key type %s %u octet digests are too big, max %lu\n", + "key type %s %u octet digests are too big, max %lu", keytype_name(key_type), digest_len, max_digest_len); return 0; |