This is an automated email from the ASF dual-hosted git repository.
sebb pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/commons-crypto.git
The following commit(s) were added to refs/heads/master by this push:
new e1b8028a Drop support for OpenSSL 1.0.x (#271)
e1b8028a is described below
commit e1b8028a3db116d72ccde5f95092d2687832500c
Author: sebbASF <[email protected]>
AuthorDate: Tue Nov 14 17:10:35 2023 +0000
Drop support for OpenSSL 1.0.x (#271)
* Drop support for 1.0
---
.../commons/crypto/jna/OpenSsl10XNativeJna.java | 454 ---------------------
.../commons/crypto/jna/OpenSslNativeJna.java | 14 +-
.../org/apache/commons/crypto/OpenSslInfoNative.c | 4 +-
.../commons/crypto/org_apache_commons_crypto.h | 1 -
.../crypto/random/OpenSslCryptoRandomNative.c | 143 +------
5 files changed, 11 insertions(+), 605 deletions(-)
diff --git
a/src/main/java/org/apache/commons/crypto/jna/OpenSsl10XNativeJna.java
b/src/main/java/org/apache/commons/crypto/jna/OpenSsl10XNativeJna.java
deleted file mode 100644
index c3f5ae33..00000000
--- a/src/main/java/org/apache/commons/crypto/jna/OpenSsl10XNativeJna.java
+++ /dev/null
@@ -1,454 +0,0 @@
- /*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.commons.crypto.jna;
-
-import java.nio.ByteBuffer;
-
-import org.apache.commons.crypto.Crypto;
-
-import com.sun.jna.Native;
-import com.sun.jna.NativeLong;
-import com.sun.jna.ptr.PointerByReference;
-
-final class OpenSsl10XNativeJna implements OpenSslInterfaceNativeJna {
-
- static final boolean INIT_OK;
-
- static final Throwable INIT_ERROR;
-
- static {
- boolean ok = false;
- Throwable thrown = null;
- try {
- final String libName = System.getProperty(Crypto.CONF_PREFIX +
OpenSslNativeJna.class.getSimpleName(), "crypto");
- OpenSslJna.debug("Native.register('%s')", libName);
- Native.register(libName);
- ok = true;
- } catch (final Exception | UnsatisfiedLinkError e) {
- thrown = e;
- } finally {
- INIT_OK = ok;
- INIT_ERROR = thrown;
- }
- }
-
- // Try to keep methods aligned across versions
-
- /**
- * Gets engine by id
- *
- * @param id
- * engine id
- * @return engine instance
- */
- public static native PointerByReference ENGINE_by_id(String id);
-
- /**
- * Cleanups before program exit, it will avoid memory leaks.
- *
- * @return 0 on success, 1 otherwise.
- */
- public static native int ENGINE_cleanup();
-
- /**
- * Releases all functional references.
- *
- * @param e
- * engine reference.
- * @return 0 on success, 1 otherwise.
- */
- public static native int ENGINE_finish(PointerByReference e);
-
- /**
- * Frees the structural reference
- *
- * @param e
- * engine reference.
- * @return 0 on success, 1 otherwise.
- */
- public static native int ENGINE_free(PointerByReference e);
-
- /**
- * Obtains a functional reference from an existing structural reference.
- *
- * @param e
- * engine reference
- * @return zero if the ENGINE was not already operational and couldn't be
successfully
- * initialized
- */
- public static native int ENGINE_init(PointerByReference e);
-
- /**
- * Initializes the engine.
- */
- public static native void ENGINE_load_rdrand();
-
- /**
- * Sets the engine as the default for random number generation.
- *
- * @param e
- * engine reference
- * @param flags
- * ENGINE_METHOD_RAND
- * @return zero if failed.
- */
- public static native int ENGINE_set_default(PointerByReference e, int
flags);
-
- /**
- * Generates a human-readable string representing the error code e.
- *
- * @see <a
href="https://www.openssl.org/docs/man1.0.2/man3/ERR_error_string.html";>ERR_error_string</a>
- *
- * @param err
- * the error code
- * @param null_
- * buf is NULL, the error string is placed in a static buffer
- * @return the human-readable error messages.
- */
- public static native String ERR_error_string(NativeLong err, char[] null_);
-
- // TODO: NOT USED?
- /**
- * Registers the error strings for all libcrypto functions.
- */
- public static native void ERR_load_crypto_strings();
-
- /**
- * @return the earliest error code from the thread's error queue without
modifying it.
- */
- public static native NativeLong ERR_peek_error();
-
- /**
- * @return an OpenSSL AES EVP cipher instance with a 128-bit key CBC mode
- */
- public static native PointerByReference EVP_aes_128_cbc();
-
- /**
- * @return an OpenSSL AES EVP cipher instance with a 128-bit key CTR mode
- */
- public static native PointerByReference EVP_aes_128_ctr();
-
- /**
- * @return an OpenSSL AES EVP cipher instance with a 192-bit key CBC mode
- */
- public static native PointerByReference EVP_aes_192_cbc();
-
- /**
- * @return an OpenSSL AES EVP cipher instance with a 192-bit key CTR mode
- */
- public static native PointerByReference EVP_aes_192_ctr();
-
- /**
- * @return an OpenSSL AES EVP cipher instance with a 256-bit key CBC mode
- */
- public static native PointerByReference EVP_aes_256_cbc();
-
- /**
- * @return an OpenSSL AES EVP cipher instance with a 256-bit key CTR mode
- */
- public static native PointerByReference EVP_aes_256_ctr();
-
- /**
- * Clears all information from a cipher context and free up any allocated
* memory associate
- * with it.
- *
- * @param c
- * openssl evp cipher
- */
- public static native void EVP_CIPHER_CTX_cleanup(PointerByReference c);
-
- /**
- * Clears all information from a cipher context and free up any allocated
memory associate with
- * it, including ctx itself.
- *
- * @param c
- * openssl evp cipher
- */
- public static native void EVP_CIPHER_CTX_free(PointerByReference c);
-
- // TODO: NOT USED?
- /**
- * EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset
- *
- * @param p
- * cipher context
- */
- public static native void EVP_CIPHER_CTX_init(PointerByReference p);
-
- /**
- * Creates a cipher context.
- *
- * @return a pointer to a newly created EVP_CIPHER_CTX for success and
NULL for failure.
- */
- public static native PointerByReference EVP_CIPHER_CTX_new();
-
- /**
- * Enables or disables padding
- *
- * @param c
- * cipher context
- * @param pad
- * If the pad parameter is zero then no padding is performed
- * @return always returns 1
- */
- public static native int EVP_CIPHER_CTX_set_padding(PointerByReference c,
int pad);
-
- /**
- * Finishes a multiple-part operation.
- *
- * @param ctx
- * cipher context
- * @param bout
- * output byte buffer
- * @param outl
- * output length
- * @return 1 for success and 0 for failure.
- */
- public static native int EVP_CipherFinal_ex(PointerByReference ctx,
ByteBuffer bout,
- int[] outl);
-
- // ENGINE API: https://www.openssl.org/docs/man1.0.2/man3/engine.html
-
- /**
- * Init a cipher.
- *
- * @param ctx
- * cipher context
- * @param cipher
- * evp cipher instance
- * @param impl
- * engine
- * @param key
- * key
- * @param iv
- * iv
- * @param enc
- * 1 for encryption, 0 for decryption
- * @return 1 for success and 0 for failure.
- */
- public static native int EVP_CipherInit_ex(PointerByReference ctx,
PointerByReference cipher,
- PointerByReference impl, byte[] key, byte[] iv, int enc);
-
- /**
- * Continues a multiple-part encryption/decryption operation.
- *
- * @param ctx
- * cipher context
- * @param bout
- * output byte buffer
- * @param outl
- * output length
- * @param in
- * input byte buffer
- * @param inl
- * input length
- * @return 1 for success and 0 for failure.
- */
- public static native int EVP_CipherUpdate(PointerByReference ctx,
ByteBuffer bout, int[] outl,
- ByteBuffer in, int inl);
-
- /**
- * Generates random data
- *
- * @param buf
- * the bytes for generated random.
- * @param num
- * buffer length
- * @return 1 on success, 0 otherwise.
- */
- public static native int RAND_bytes(ByteBuffer buf, int num);
-
- // Random generator
- /**
- * OpenSSL uses for random number generation
- *
- * @return pointers to the respective methods
- */
- public static native PointerByReference RAND_get_rand_method();
-
- /**
- * OpenSSL uses for random number generation.
- *
- * @return pointers to the respective methods
- */
- public static native PointerByReference RAND_SSLeay();
-
- /**
- * @see <a
href="https://www.openssl.org/docs/man1.0.2/man3/SSLeay.html";>Version Number</a>
- * TODO (does not appear to be used yet)
- * @return OPENSSL_VERSION_NUMBER which is a numeric release version
identifier
- */
- public static native NativeLong SSLeay();
-
- /**
- * Retrieves version/build information about OpenSSL library.
- * This is returned by {@link OpenSslNativeJna#OpenSSLVersion(int)}
- *
- * @see <a
href="https://www.openssl.org/docs/man1.0.2/man3/SSLeay_version.html";>Version
Info</a>
- *
- * @param type
- * type can be SSLEAY_VERSION, SSLEAY_CFLAGS, SSLEAY_BUILT_ON...
- * @return A pointer to a constant string describing the version of the
OpenSSL library or
- * giving information about the library build.
- */
- public static native String SSLeay_version(int type);
-
-
- @Override
- public PointerByReference _ENGINE_by_id(final String string) {
- return ENGINE_by_id(string);
- }
-
- @Override
- public int _ENGINE_cleanup() {
- return ENGINE_cleanup();
- }
-
- @Override
- public int _ENGINE_finish(final PointerByReference rdrandEngine) {
- return ENGINE_finish(rdrandEngine);
- }
-
- @Override
- public int _ENGINE_free(final PointerByReference rdrandEngine) {
- return ENGINE_free(rdrandEngine);
- }
-
- @Override
- public int _ENGINE_init(final PointerByReference rdrandEngine) {
- return ENGINE_init(rdrandEngine);
- }
-
- @Override
- public void _ENGINE_load_rdrand() {
- ENGINE_load_rdrand();
- }
-
- @Override
- public int _ENGINE_set_default(final PointerByReference rdrandEngine,
final int flags) {
- return ENGINE_set_default(rdrandEngine, flags);
- }
-
- @Override
- public String _ERR_error_string(final NativeLong err, final char[] buff) {
- return ERR_error_string(err, buff);
- }
-
- @Override
- public NativeLong _ERR_peek_error() {
- return ERR_peek_error();
- }
-
- @Override
- public PointerByReference _EVP_aes_128_cbc() {
- return EVP_aes_128_cbc();
- }
-
- @Override
- public PointerByReference _EVP_aes_128_ctr() {
- return EVP_aes_128_ctr();
- }
-
- @Override
- public PointerByReference _EVP_aes_192_cbc() {
- return EVP_aes_192_cbc();
- }
-
- @Override
- public PointerByReference _EVP_aes_192_ctr() {
- return EVP_aes_192_ctr();
- }
-
- @Override
- public PointerByReference _EVP_aes_256_cbc() {
- return EVP_aes_256_cbc();
- }
-
- @Override
- public PointerByReference _EVP_aes_256_ctr() {
- return EVP_aes_256_ctr();
- }
-
- @Override
- public void _EVP_CIPHER_CTX_cleanup(final PointerByReference context) {
- EVP_CIPHER_CTX_cleanup(context);
- }
-
- @Override
- public void _EVP_CIPHER_CTX_free(final PointerByReference context) {
- EVP_CIPHER_CTX_free(context);
- }
-
- @Override
- public PointerByReference _EVP_CIPHER_CTX_new() {
- return EVP_CIPHER_CTX_new();
- }
-
- @Override
- public int _EVP_CIPHER_CTX_set_padding(final PointerByReference context,
final int padding) {
- return EVP_CIPHER_CTX_set_padding(context, padding);
- }
-
- @Override
- public int _EVP_CipherFinal_ex(final PointerByReference context, final
ByteBuffer outBuffer, final int[] outlen) {
- return EVP_CipherFinal_ex(context, outBuffer, outlen);
- }
-
- @Override
- public int _EVP_CipherInit_ex(final PointerByReference context, final
PointerByReference algo, final PointerByReference impl, final byte[] encoded,
- final byte[] iv, final int cipherMode) {
- return EVP_CipherInit_ex(context, algo, impl, encoded, iv, cipherMode);
- }
-
- @Override
- public int _EVP_CipherUpdate(final PointerByReference context, final
ByteBuffer outBuffer, final int[] outlen, final ByteBuffer inBuffer,
- final int remaining) {
- return EVP_CipherUpdate(context, outBuffer, outlen, inBuffer,
remaining);
- }
-
- @Override
- public Throwable _INIT_ERROR() {
- return INIT_ERROR;
- }
-
- @Override
- public boolean _INIT_OK() {
- return INIT_OK;
- }
-
- @Override
- public String _OpenSSL_version(final int i) {
- return SSLeay_version(i);
- }
-
- @Override
- public int _RAND_bytes(final ByteBuffer buf, final int length) {
- return RAND_bytes(buf, length) ;
- }
-
- @Override
- public PointerByReference _RAND_get_rand_method() {
- return RAND_get_rand_method();
- }
-
- @Override
- public PointerByReference _RAND_SSLeay() {
- return RAND_SSLeay();
- }
-}
diff --git a/src/main/java/org/apache/commons/crypto/jna/OpenSslNativeJna.java
b/src/main/java/org/apache/commons/crypto/jna/OpenSslNativeJna.java
index 6af8a1e7..44348c67 100644
--- a/src/main/java/org/apache/commons/crypto/jna/OpenSslNativeJna.java
+++ b/src/main/java/org/apache/commons/crypto/jna/OpenSslNativeJna.java
@@ -44,7 +44,6 @@ final class OpenSslNativeJna {
/** Major Minor version from JNA call, without the maintenance level. */
static final long VERSION_X_Y;
- static final long VERSION_1_0_X = 0x10000000;
static final long VERSION_1_1_X = 0x10100000;
static final long VERSION_2_0_X = 0x20000000;
static final long VERSION_3_0_X = 0x30000000;
@@ -61,7 +60,7 @@ final class OpenSslNativeJna {
OpenSslJna.debug("OpenSslNativeJna NativeLibrary.getInstance('%s') ->
%s", libraryName, crypto);
Function versionFunction = null;
try {
- versionFunction = crypto.getFunction("SSLeay");
+ versionFunction = crypto.getFunction("SSLeay"); // Needed for
LibreSSL 2.x
} catch (final UnsatisfiedLinkError e) {
versionFunction = crypto.getFunction("OpenSSL_version_num");
}
@@ -74,10 +73,7 @@ final class OpenSslNativeJna {
OpenSslJna.debug(String.format("OpenSslNativeJna detected version 0x%x
=> 0x%x", VERSION, VERSION_X_Y));
- if (VERSION_X_Y == VERSION_1_0_X) {
- OpenSslJna.debug("Creating OpenSsl10XNativeJna");
- JnaImplementation = new OpenSsl10XNativeJna();
- } else if (VERSION_X_Y == VERSION_1_1_X) {
+ if (VERSION_X_Y == VERSION_1_1_X) {
OpenSslJna.debug("Creating OpenSsl11XNativeJna");
JnaImplementation = new OpenSsl11XNativeJna();
} else if (VERSION_X_Y == VERSION_2_0_X) {
@@ -87,10 +83,8 @@ final class OpenSslNativeJna {
OpenSslJna.debug("Creating OpenSsl30XNativeJna");
JnaImplementation = new OpenSsl30XNativeJna();
} else {
- // TODO: Throw error?
- OpenSslJna.debug("Creating OpenSsl10XNativeJna");
- JnaImplementation = new OpenSsl10XNativeJna();
- }
+ throw new UnsupportedOperationException(String.format("Unsupported
Version: %x", VERSION_X_Y));
+ }
INIT_OK = JnaImplementation._INIT_OK();
diff --git a/src/main/native/org/apache/commons/crypto/OpenSslInfoNative.c
b/src/main/native/org/apache/commons/crypto/OpenSslInfoNative.c
index 5adeb814..38b68b6d 100644
--- a/src/main/native/org/apache/commons/crypto/OpenSslInfoNative.c
+++ b/src/main/native/org/apache/commons/crypto/OpenSslInfoNative.c
@@ -56,8 +56,8 @@ static char dynamicLibraryPath[80]; // where was the crypto
library found?
static void get_methods(JNIEnv *env, HMODULE openssl)
{
- LOAD_DYNAMIC_SYMBOL_FALLBACK(__dlsym_OpenSSL_version_num,
dlsym_OpenSSL_version_num, env, openssl, "OpenSSL_version_num", "SSLeay");
- LOAD_DYNAMIC_SYMBOL_FALLBACK(__dlsym_OpenSSL_version, dlsym_OpenSSL_version,
env, openssl, "OpenSSL_version", "SSLeay_version");
+ LOAD_DYNAMIC_SYMBOL_FALLBACK(__dlsym_OpenSSL_version_num,
dlsym_OpenSSL_version_num, env, openssl, "OpenSSL_version_num", "SSLeay"); //
SSLeay fallback needed by LibreSSL 2.x
+ LOAD_DYNAMIC_SYMBOL_FALLBACK(__dlsym_OpenSSL_version, dlsym_OpenSSL_version,
env, openssl, "OpenSSL_version", "SSLeay_version"); // SSLeay fallback needed
by LibreSSL 2.x
#ifdef UNIX
Dl_info info;
(void) dladdr(dlsym_OpenSSL_version_num, &info); // ignore the return code
diff --git
a/src/main/native/org/apache/commons/crypto/org_apache_commons_crypto.h
b/src/main/native/org/apache/commons/crypto/org_apache_commons_crypto.h
index 1ba10a75..4c16db1c 100644
--- a/src/main/native/org/apache/commons/crypto/org_apache_commons_crypto.h
+++ b/src/main/native/org/apache/commons/crypto/org_apache_commons_crypto.h
@@ -314,7 +314,6 @@ static FARPROC WINAPI do_dlsym_fallback(JNIEnv *env,
HMODULE handle, LPCSTR symb
#define NOPADDING 0
#define PKCS5PADDING 1
-#define VERSION_1_0_X 0x10000000
#define VERSION_1_1_X 0x10100000
#define VERSION_3_0_X 0x30000000
diff --git
a/src/main/native/org/apache/commons/crypto/random/OpenSslCryptoRandomNative.c
b/src/main/native/org/apache/commons/crypto/random/OpenSslCryptoRandomNative.c
index fed383e6..efaca8f9 100644
---
a/src/main/native/org/apache/commons/crypto/random/OpenSslCryptoRandomNative.c
+++
b/src/main/native/org/apache/commons/crypto/random/OpenSslCryptoRandomNative.c
@@ -51,14 +51,6 @@ static int (*dlsym_ENGINE_free) (ENGINE *);
static int (*dlsym_RAND_bytes) (unsigned char *, int);
static unsigned long (*dlsym_ERR_get_error) (void);
static unsigned long (*dlsym_OpenSSL_version_num)(void);
-static int (*dlsym_CRYPTO_num_locks) (void);
-static void (*dlsym_CRYPTO_set_id_callback) (unsigned long (*)());
-static void (*dlsym_CRYPTO_set_locking_callback) (void (*)());
-static void (*dlsym_ENGINE_load_rdrand) (void);
-static void (*dlsym_ENGINE_cleanup) (void);
-static void pthreads_locking_callback(int mode, int type, char *file, int
line);
-static unsigned long pthreads_thread_id(void);
-static pthread_mutex_t *lock_cs;
#endif
#ifdef WINDOWS
@@ -72,10 +64,6 @@ typedef int (__cdecl *__dlsym_ENGINE_free) (ENGINE *);
typedef int (__cdecl *__dlsym_RAND_bytes) (unsigned char *, int);
typedef unsigned long (__cdecl *__dlsym_ERR_get_error) (void);
typedef unsigned long (__cdecl *__dlsym_OpenSSL_version_num) (void);
-typedef int (__cdecl *__dlsym_CRYPTO_num_locks) (void);
-typedef void (__cdecl *__dlsym_CRYPTO_set_locking_callback) (void (*)());
-typedef void (__cdecl *__dlsym_ENGINE_load_rdrand) (void);
-typedef void (__cdecl *__dlsym_ENGINE_cleanup) (void);
static __dlsym_CRYPTO_malloc dlsym_CRYPTO_malloc;
static __dlsym_CRYPTO_free dlsym_CRYPTO_free;
static __dlsym_ENGINE_by_id dlsym_ENGINE_by_id;
@@ -86,11 +74,6 @@ static __dlsym_ENGINE_free dlsym_ENGINE_free;
static __dlsym_RAND_bytes dlsym_RAND_bytes;
static __dlsym_ERR_get_error dlsym_ERR_get_error;
static __dlsym_OpenSSL_version_num dlsym_OpenSSL_version_num;
-static __dlsym_CRYPTO_num_locks dlsym_CRYPTO_num_locks;
-static __dlsym_CRYPTO_set_locking_callback dlsym_CRYPTO_set_locking_callback;
-static __dlsym_ENGINE_load_rdrand dlsym_ENGINE_load_rdrand;
-static __dlsym_ENGINE_cleanup dlsym_ENGINE_cleanup;
-static void windows_locking_callback(int mode, int type, char *file, int line);
static HANDLE *lock_cs;
#endif
@@ -107,6 +90,11 @@ JNIEXPORT void JNICALL
Java_org_apache_commons_crypto_random_OpenSslCryptoRandom
}
LOAD_DYNAMIC_SYMBOL_FALLBACK(__dlsym_OpenSSL_version_num,
dlsym_OpenSSL_version_num, env, openssl, "OpenSSL_version_num", "SSLeay");
+ // Reject attempt to use obsolete version
+ if (dlsym_OpenSSL_version_num() < VERSION_1_1_X) {
+ THROW(env, "java/lang/UnsatisfiedLinkError", "Versions below 1.1 are not
supported");
+ return;
+ }
#ifdef UNIX
dlerror(); // Clear any existing error
#endif
@@ -119,12 +107,6 @@ JNIEXPORT void JNICALL
Java_org_apache_commons_crypto_random_OpenSslCryptoRandom
LOAD_DYNAMIC_SYMBOL(__dlsym_ENGINE_free, dlsym_ENGINE_free, env, openssl,
"ENGINE_free");
LOAD_DYNAMIC_SYMBOL(__dlsym_RAND_bytes, dlsym_RAND_bytes, env, openssl,
"RAND_bytes");
LOAD_DYNAMIC_SYMBOL(__dlsym_ERR_get_error, dlsym_ERR_get_error, env,
openssl, "ERR_get_error");
- if (dlsym_OpenSSL_version_num() < VERSION_1_1_X) {
- LOAD_DYNAMIC_SYMBOL(__dlsym_CRYPTO_num_locks, dlsym_CRYPTO_num_locks, env,
openssl, "CRYPTO_num_locks");
- LOAD_DYNAMIC_SYMBOL(__dlsym_CRYPTO_set_locking_callback,
dlsym_CRYPTO_set_locking_callback, env, openssl, "CRYPTO_set_locking_callback");
- LOAD_DYNAMIC_SYMBOL(__dlsym_ENGINE_load_rdrand, dlsym_ENGINE_load_rdrand,
env, openssl, "ENGINE_load_rdrand");
- LOAD_DYNAMIC_SYMBOL(__dlsym_ENGINE_cleanup, dlsym_ENGINE_cleanup, env,
openssl, "ENGINE_cleanup");
- }
openssl_rand_init();
}
@@ -163,120 +145,12 @@ JNIEXPORT jboolean JNICALL
Java_org_apache_commons_crypto_random_OpenSslCryptoRa
return JNI_TRUE;
}
-/**
- * To ensure thread safety for random number generators, we need to call
- * CRYPTO_set_locking_callback.
- * http://wiki.openssl.org/index.php/Random_Numbers
- * Example: crypto/threads/mttest.c
- */
-#ifdef UNIX
-static void pthreads_locking_callback(int mode, int type, char *file, int line)
-{
- UNUSED(file), UNUSED(line);
-
- if (mode & CRYPTO_LOCK) {
- pthread_mutex_lock(&(lock_cs[type]));
- } else {
- pthread_mutex_unlock(&(lock_cs[type]));
- }
-}
-
-static unsigned long pthreads_thread_id(void)
-{
-// CRYPTO-171 - not supported on macOS M1 after 10.12 (Sierra)
-// It would be best to throw an error, but that does not seem possible
-// without access to the JNI environment, so print a message instead
-#if defined(MAC_OS) && defined(__arm64__)
- fprintf(stderr, "openssl(2) is not supported on this architecture\n");
- return 0;
-#else
- return (unsigned long)syscall(SYS_gettid);
-#endif
-}
-
-static void locks_setup(void)
-{
- if (dlsym_OpenSSL_version_num() < VERSION_1_1_X) {
- int i;
- lock_cs = dlsym_CRYPTO_malloc(dlsym_CRYPTO_num_locks() *
sizeof(pthread_mutex_t), __FILE__, __LINE__);
-
- for (i = 0; i < dlsym_CRYPTO_num_locks(); i++) {
- pthread_mutex_init(&(lock_cs[i]), NULL);
- }
-
- dlsym_CRYPTO_set_id_callback((unsigned long (*)())pthreads_thread_id);
- dlsym_CRYPTO_set_locking_callback((void (*)())pthreads_locking_callback);
- }
-}
-
-static void locks_cleanup(void)
-{
- if (dlsym_OpenSSL_version_num() < VERSION_1_1_X) {
- int i;
- dlsym_CRYPTO_set_locking_callback(NULL);
-
- for (i = 0; i < dlsym_CRYPTO_num_locks(); i++) {
- pthread_mutex_destroy(&(lock_cs[i]));
- }
-
- dlsym_CRYPTO_free(lock_cs);
- }
-}
-#endif /* UNIX */
-
-#ifdef WINDOWS
-static void locks_setup(void)
-{
- if (dlsym_OpenSSL_version_num() < VERSION_1_1_X) {
- int i;
- lock_cs = dlsym_CRYPTO_malloc(dlsym_CRYPTO_num_locks() * sizeof(HANDLE), \
- __FILE__, __LINE__);
-
- for (i = 0; i < dlsym_CRYPTO_num_locks(); i++) {
- lock_cs[i] = CreateMutex(NULL, FALSE, NULL);
- }
- dlsym_CRYPTO_set_locking_callback((void (*)(int, int, char *, int)) \
- windows_locking_callback);
- /* id callback defined */
- }
-}
-
-static void locks_cleanup(void)
-{
- if (dlsym_OpenSSL_version_num() < VERSION_1_1_X) {
- int i;
- dlsym_CRYPTO_set_locking_callback(NULL);
-
- for (i = 0; i < dlsym_CRYPTO_num_locks(); i++) {
- CloseHandle(lock_cs[i]);
- }
- dlsym_CRYPTO_free(lock_cs);
- }
-}
-
-static void windows_locking_callback(int mode, int type, char *file, int line)
-{
- UNUSED(file), UNUSED(line);
-
- if (mode & CRYPTO_LOCK) {
- WaitForSingleObject(lock_cs[type], INFINITE);
- } else {
- ReleaseMutex(lock_cs[type]);
- }
-}
-#endif /* WINDOWS */
-
/**
* If using an Intel chipset with RDRAND, the high-performance hardware
* random number generator will be used.
*/
static ENGINE * openssl_rand_init(void)
{
- if (dlsym_OpenSSL_version_num() < VERSION_1_1_X) {
- locks_setup();
- dlsym_ENGINE_load_rdrand();
- }
-
ENGINE *eng = dlsym_ENGINE_by_id("rdrand");
int ret = -1;
@@ -310,13 +184,6 @@ static void openssl_rand_clean(ENGINE *eng, int
clean_locks)
if (NULL != eng) {
dlsym_ENGINE_finish(eng);
dlsym_ENGINE_free(eng);
-
- if (dlsym_OpenSSL_version_num() < VERSION_1_1_X) {
- dlsym_ENGINE_cleanup();
- if (clean_locks) {
- locks_cleanup();
- }
- }
}
}
