Auto init/de-init libssl

Building on the pervious commit to auto initialise and de-initialise libssl

Reviewed-by: Richard Levitte <levitte@openssl.org>

include/openssl/ssl.h

@@ -1443,7 +1443,10 @@ __owur int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
 int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
                                        const char *dir);
 
-void SSL_load_error_strings(void);
+#define SSL_load_error_strings() \
+    OPENSSL_INIT_ssl_library_start(OPENSSL_INIT_LOAD_SSL_STRINGS \
+                                   | OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL)
+
 __owur const char *SSL_state_string(const SSL *s);
 __owur const char *SSL_rstate_string(const SSL *s);
 __owur const char *SSL_state_string_long(const SSL *s);
@@ -1673,7 +1676,7 @@ void SSL_set_accept_state(SSL *s);
 
 __owur long SSL_get_default_timeout(const SSL *s);
 
-int SSL_library_init(void);
+#define SSL_library_init() OPENSSL_INIT_ssl_library_start(0, NULL)
 
 __owur char *SSL_CIPHER_description(const SSL_CIPHER *, char *buf, int size);
 __owur STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk);

ssl/Makefile.in

@@ -23,9 +23,9 @@ LIBSRC=	\
 	methods.c   t1_lib.c  t1_enc.c t1_ext.c \
 	d1_lib.c  record/rec_layer_d1.c d1_msg.c \
 	statem/statem_dtls.c d1_srtp.c \
-	ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c \
+	ssl_lib.c ssl_cert.c ssl_sess.c \
 	ssl_ciph.c ssl_stat.c ssl_rsa.c \
-	ssl_asn1.c ssl_txt.c ssl_algs.c ssl_init.c ssl_conf.c  ssl_mcnf.c \
+	ssl_asn1.c ssl_txt.c ssl_init.c ssl_conf.c  ssl_mcnf.c \
 	bio_ssl.c ssl_err.c t1_reneg.c tls_srp.c t1_trce.c ssl_utst.c \
 	record/ssl3_buffer.c record/ssl3_record.c record/dtls1_bitmap.c \
 	statem/statem.c
@@ -36,9 +36,9 @@ LIBOBJ= \
 	methods.o   t1_lib.o  t1_enc.o t1_ext.o \
 	d1_lib.o  record/rec_layer_d1.o d1_msg.o \
 	statem/statem_dtls.o d1_srtp.o\
-	ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o \
+	ssl_lib.o ssl_cert.o ssl_sess.o \
 	ssl_ciph.o ssl_stat.o ssl_rsa.o \
-	ssl_asn1.o ssl_txt.o ssl_algs.o ssl_init.o ssl_conf.o ssl_mcnf.o \
+	ssl_asn1.o ssl_txt.o ssl_init.o ssl_conf.o ssl_mcnf.o \
 	bio_ssl.o ssl_err.o t1_reneg.o tls_srp.o t1_trce.o ssl_utst.o \
 	record/ssl3_buffer.o record/ssl3_record.o record/dtls1_bitmap.o \
 	statem/statem.o

ssl/ssl-lib.com

@@ -211,9 +211,9 @@ $ LIB_SSL = "s3_srvr, s3_clnt, s3_lib, s3_enc,s3_pkt,s3_both,s3_cbc,"+ -
 	    "t1_meth,  t1_srvr, t1_clnt, t1_lib, t1_enc,       t1_ext,"+ -
 	    "d1_meth,  d1_srvr, d1_clnt, d1_lib,        d1_pkt,"+ -
 	    "d1_both,d1_srtp,"+ -
-	    "ssl_lib,ssl_err2,ssl_cert,ssl_sess,"+ -
+	    "ssl_lib,ssl_cert,ssl_sess,"+ -
 	    "ssl_ciph,ssl_stat,ssl_rsa,"+ -
-	    "ssl_asn1,ssl_txt,ssl_algs,ssl_conf,"+ -
+	    "ssl_asn1,ssl_txt,ssl_init,ssl_conf,"+ -
 	    "bio_ssl,ssl_err,t1_reneg,tls_srp,t1_trce,ssl_utst"
 $!
 $! Tell The User That We Are Compiling The Library.

ssl/ssl_algs.c

@@ -1,137 +0,0 @@
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/objects.h>
-#include <openssl/lhash.h>
-#include "ssl_locl.h"
-
-int SSL_library_init(void)
-{
-
-#ifndef OPENSSL_NO_DES
-    EVP_add_cipher(EVP_des_cbc());
-    EVP_add_cipher(EVP_des_ede3_cbc());
-#endif
-#ifndef OPENSSL_NO_IDEA
-    EVP_add_cipher(EVP_idea_cbc());
-#endif
-#ifndef OPENSSL_NO_RC4
-    EVP_add_cipher(EVP_rc4());
-# ifndef OPENSSL_NO_MD5
-    EVP_add_cipher(EVP_rc4_hmac_md5());
-# endif
-#endif
-#ifndef OPENSSL_NO_RC2
-    EVP_add_cipher(EVP_rc2_cbc());
-    /*
-     * Not actually used for SSL/TLS but this makes PKCS#12 work if an
-     * application only calls SSL_library_init().
-     */
-    EVP_add_cipher(EVP_rc2_40_cbc());
-#endif
-#ifndef OPENSSL_NO_AES
-    EVP_add_cipher(EVP_aes_128_cbc());
-    EVP_add_cipher(EVP_aes_192_cbc());
-    EVP_add_cipher(EVP_aes_256_cbc());
-    EVP_add_cipher(EVP_aes_128_gcm());
-    EVP_add_cipher(EVP_aes_256_gcm());
-    EVP_add_cipher(EVP_aes_128_ccm());
-    EVP_add_cipher(EVP_aes_256_ccm());
-    EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1());
-    EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1());
-    EVP_add_cipher(EVP_aes_128_cbc_hmac_sha256());
-    EVP_add_cipher(EVP_aes_256_cbc_hmac_sha256());
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-    EVP_add_cipher(EVP_camellia_128_cbc());
-    EVP_add_cipher(EVP_camellia_256_cbc());
-#endif
-#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
-    EVP_add_cipher(EVP_chacha20_poly1305());
-#endif
-
-#ifndef OPENSSL_NO_SEED
-    EVP_add_cipher(EVP_seed_cbc());
-#endif
-
-#ifndef OPENSSL_NO_MD5
-    EVP_add_digest(EVP_md5());
-    EVP_add_digest_alias(SN_md5, "ssl3-md5");
-# ifndef OPENSSL_NO_SHA
-    EVP_add_digest(EVP_md5_sha1());
-# endif
-#endif
-    EVP_add_digest(EVP_sha1()); /* RSA with sha1 */
-    EVP_add_digest_alias(SN_sha1, "ssl3-sha1");
-    EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA);
-    EVP_add_digest(EVP_sha224());
-    EVP_add_digest(EVP_sha256());
-    EVP_add_digest(EVP_sha384());
-    EVP_add_digest(EVP_sha512());
-#ifndef OPENSSL_NO_COMP
-    /*
-     * This will initialise the built-in compression algorithms. The value
-     * returned is a STACK_OF(SSL_COMP), but that can be discarded safely
-     */
-    SSL_COMP_get_compression_methods();
-#endif
-    /* initialize cipher/digest methods table */
-    ssl_load_ciphers();
-    SSL_add_ssl_module();
-    return (1);
-}

ssl/ssl_err2.c

@@ -1,68 +0,0 @@
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/ssl.h>
-
-void SSL_load_error_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-    ERR_load_crypto_strings();
-    ERR_load_SSL_strings();
-#endif
-}

ssl/ssl_lib.c

@@ -2270,6 +2270,8 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
         return (NULL);
     }
 
+    OPENSSL_INIT_ssl_library_start(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL);
+
     if (FIPS_mode() && (meth->version < TLS1_VERSION)) {
         SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_AT_LEAST_TLS_1_0_NEEDED_IN_FIPS_MODE);
         return NULL;

util/ssleay.num

@@ -61,7 +61,7 @@ SSL_get_verify_mode                     70	1_1_0	EXIST::FUNCTION:
 SSL_get_version                         71	1_1_0	EXIST::FUNCTION:
 SSL_get_wbio                            72	1_1_0	EXIST::FUNCTION:
 SSL_load_client_CA_file                 73	1_1_0	EXIST::FUNCTION:
-SSL_load_error_strings                  74	1_1_0	EXIST::FUNCTION:
+SSL_load_error_strings                  74	1_1_0	NOEXIST::FUNCTION:
 SSL_new                                 75	1_1_0	EXIST::FUNCTION:
 SSL_peek                                76	1_1_0	EXIST::FUNCTION:
 SSL_pending                             77	1_1_0	EXIST::FUNCTION:
@@ -163,7 +163,7 @@ SSL_CTX_get_timeout                     179	1_1_0	EXIST::FUNCTION:
 SSL_CTX_get_cert_store                  180	1_1_0	EXIST::FUNCTION:
 SSL_CTX_set_cert_store                  181	1_1_0	EXIST::FUNCTION:
 SSL_want                                182	1_1_0	EXIST::FUNCTION:
-SSL_library_init                        183	1_1_0	EXIST::FUNCTION:
+SSL_library_init                        183	1_1_0	NOEXIST::FUNCTION:
 SSL_COMP_add_compression_method         184	1_1_0	EXIST::FUNCTION:
 SSL_add_file_cert_subjects_to_stack     185	1_1_0	EXIST:!VMS:FUNCTION:
 SSL_add_file_cert_subjs_to_stk          185	1_1_0	EXIST:VMS:FUNCTION: