[openssl] master update

tomas at openssl.org tomas at openssl.org
Thu Jun 3 15:42:43 UTC 2021


The branch master has been updated
       via  7d69c07ddf7a27bf4dca250c8a37b8f929d33100 (commit)
      from  effb0dcf864110a4595f1a243adb9c1dd09eb516 (commit)


- Log -----------------------------------------------------------------
commit 7d69c07ddf7a27bf4dca250c8a37b8f929d33100
Author: Tomas Mraz <tomas at openssl.org>
Date:   Wed Jun 2 15:15:45 2021 +0200

    OPENSSL_init_crypto must return 0 when cleanup was done
    
    Fixes #15581
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    Reviewed-by: Paul Dale <pauli at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/15589)

-----------------------------------------------------------------------

Summary of changes:
 crypto/init.c | 17 ++++++++---------
 1 file changed, 8 insertions(+), 9 deletions(-)

diff --git a/crypto/init.c b/crypto/init.c
index 49d817c089..552a4fa66c 100644
--- a/crypto/init.c
+++ b/crypto/init.c
@@ -454,6 +454,13 @@ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings)
     uint64_t tmp;
     int aloaddone = 0;
 
+   /* Applications depend on 0 being returned when cleanup was already done */
+    if (stopped) {
+        if (!(opts & OPENSSL_INIT_BASE_ONLY))
+            ERR_raise(ERR_LIB_CRYPTO, ERR_R_INIT_FAIL);
+        return 0;
+    }
+
     /*
      * We ignore failures from this function. It is probably because we are
      * on a platform that doesn't support lockless atomic loads (we may not
@@ -476,15 +483,7 @@ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings)
     /*
      * At some point we should look at this function with a view to moving
      * most/all of this into OSSL_LIB_CTX.
-     */
-
-    if (stopped) {
-        if (!(opts & OPENSSL_INIT_BASE_ONLY))
-            ERR_raise(ERR_LIB_CRYPTO, ERR_R_INIT_FAIL);
-        return 0;
-    }
-
-    /*
+     *
      * When the caller specifies OPENSSL_INIT_BASE_ONLY, that should be the
      * *only* option specified.  With that option we return immediately after
      * doing the requested limited initialization.  Note that


More information about the openssl-commits mailing list