[BW]: [Fix] Eliminated OpenSSL initialization from CRT init time (which caused random problems on windows7 machines leading the application to silent crash). Right now it is done at first use of fc parts using it. Also added method to setup OpenSSL configuration path to custom one (to avoid using path compiled into OpenSSL at configuration & build time).
This commit is contained in:
vogel76
parent
9fa6e8a430
commit
04f07aa429
6 changed files with 51 additions and 9 deletions
|
|
@ -305,5 +305,12 @@ if(WIN32)
|
|||
|
||||
endif(WIN32)
|
||||
|
||||
SET(POST_BUILD_STEP_COMMANDS ${POST_BUILD_STEP_COMMANDS}
|
||||
COMMAND ${CMAKE_COMMAND} -E copy_if_different "${OPENSSL_ROOT_DIR}/ssl/openssl.cnf" "${CMAKE_RUNTIME_OUTPUT_DIRECTORY}/openssl.cnf")
|
||||
|
||||
ADD_CUSTOM_COMMAND(TARGET fc POST_BUILD ${POST_BUILD_STEP_COMMANDS}
|
||||
COMMENT "Copying OpenSSL/ssl/openssl.cnf into target directory."
|
||||
)
|
||||
|
||||
MESSAGE(STATUS "Finished fc module configuration...")
|
||||
|
||||
|
|
|
|||
|
|
@ -15,6 +15,7 @@
|
|||
*/
|
||||
namespace fc
|
||||
{
|
||||
class path;
|
||||
|
||||
template <typename ssl_type>
|
||||
struct ssl_wrapper
|
||||
|
|
@ -55,6 +56,13 @@ namespace fc
|
|||
~ssl_bignum() { BN_free(obj); }
|
||||
};
|
||||
|
||||
/** Allows to explicitly specify OpenSSL configuration file path to be loaded at OpenSSL library init.
|
||||
If not set OpenSSL will try to load the conf. file (openssl.cnf) from the path it was
|
||||
configured with what caused serious Keyhotee startup bugs on some Win7 machines.
|
||||
\warning to be effective this method should be used before any part using OpenSSL, especially
|
||||
before init_openssl call
|
||||
*/
|
||||
void store_configuration_path(const path& filePath);
|
||||
int init_openssl();
|
||||
|
||||
} // namespace fc
|
||||
|
|
|
|||
|
|
@ -10,17 +10,20 @@
|
|||
|
||||
namespace fc {
|
||||
|
||||
static int init = init_openssl();
|
||||
|
||||
struct aes_encoder::impl
|
||||
{
|
||||
evp_cipher_ctx ctx;
|
||||
};
|
||||
|
||||
aes_encoder::aes_encoder(){}
|
||||
aes_encoder::aes_encoder()
|
||||
{
|
||||
static int init = init_openssl();
|
||||
}
|
||||
|
||||
aes_encoder::~aes_encoder()
|
||||
{
|
||||
}
|
||||
|
||||
void aes_encoder::init( const fc::sha256& key, const fc::uint128& init_value )
|
||||
{
|
||||
my->ctx.obj = EVP_CIPHER_CTX_new();
|
||||
|
|
@ -80,7 +83,11 @@ struct aes_decoder::impl
|
|||
evp_cipher_ctx ctx;
|
||||
};
|
||||
|
||||
aes_decoder::aes_decoder(){}
|
||||
aes_decoder::aes_decoder()
|
||||
{
|
||||
static int init = init_openssl();
|
||||
}
|
||||
|
||||
void aes_decoder::init( const fc::sha256& key, const fc::uint128& init_value )
|
||||
{
|
||||
my->ctx.obj = EVP_CIPHER_CTX_new();
|
||||
|
|
|
|||
|
|
@ -10,8 +10,6 @@
|
|||
#include <assert.h>
|
||||
|
||||
namespace fc { namespace ecc {
|
||||
static int init = init_openssl();
|
||||
|
||||
namespace detail
|
||||
{
|
||||
class public_key_impl
|
||||
|
|
@ -20,7 +18,9 @@ namespace fc { namespace ecc {
|
|||
public_key_impl()
|
||||
:_key(nullptr)
|
||||
{
|
||||
static int init = init_openssl();
|
||||
}
|
||||
|
||||
~public_key_impl()
|
||||
{
|
||||
if( _key != nullptr )
|
||||
|
|
@ -40,6 +40,7 @@ namespace fc { namespace ecc {
|
|||
private_key_impl()
|
||||
:_key(nullptr)
|
||||
{
|
||||
static int init = init_openssl();
|
||||
}
|
||||
~private_key_impl()
|
||||
{
|
||||
|
|
|
|||
|
|
@ -1,20 +1,37 @@
|
|||
#include <fc/crypto/openssl.hpp>
|
||||
|
||||
#include <fc/filesystem.hpp>
|
||||
|
||||
#include <boost/filesystem/path.hpp>
|
||||
|
||||
#include <string>
|
||||
|
||||
namespace fc
|
||||
{
|
||||
struct openssl_scope
|
||||
{
|
||||
static path _configurationFilePath;
|
||||
openssl_scope()
|
||||
{
|
||||
ERR_load_crypto_strings();
|
||||
OpenSSL_add_all_algorithms();
|
||||
OPENSSL_config(NULL);
|
||||
const boost::filesystem::path& boostPath = _configurationFilePath;
|
||||
OPENSSL_config(boostPath.empty() ? nullptr : _configurationFilePath.to_native_ansi_path().c_str());
|
||||
}
|
||||
|
||||
~openssl_scope()
|
||||
{
|
||||
EVP_cleanup();
|
||||
ERR_free_strings();
|
||||
}
|
||||
};
|
||||
|
||||
path openssl_scope::_configurationFilePath;
|
||||
|
||||
void store_configuration_path(const path& filePath)
|
||||
{
|
||||
openssl_scope::_configurationFilePath = filePath;
|
||||
}
|
||||
|
||||
int init_openssl()
|
||||
{
|
||||
|
|
|
|||
|
|
@ -6,10 +6,10 @@
|
|||
|
||||
namespace fc {
|
||||
|
||||
static int init = init_openssl();
|
||||
|
||||
void rand_bytes(char* buf, int count)
|
||||
{
|
||||
static int init = init_openssl();
|
||||
|
||||
int result = RAND_bytes((unsigned char*)buf, count);
|
||||
if (result != 1)
|
||||
FC_THROW("Error calling OpenSSL's RAND_bytes(): ${code}", ("code", (uint32_t)ERR_get_error()));
|
||||
|
|
@ -17,6 +17,8 @@ void rand_bytes(char* buf, int count)
|
|||
|
||||
void rand_pseudo_bytes(char* buf, int count)
|
||||
{
|
||||
static int init = init_openssl();
|
||||
|
||||
int result = RAND_pseudo_bytes((unsigned char*)buf, count);
|
||||
if (result == -1)
|
||||
FC_THROW("Error calling OpenSSL's RAND_pseudo_bytes(): ${code}", ("code", (uint32_t)ERR_get_error()));
|
||||
|
|
|
|||
Loading…
Reference in a new issue