1 /* 2 * Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 59 /* 60 * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 61 * Use is subject to license terms. 62 */ 63 64 /* 65 * Thread setup portions of this code derived from 66 * OpenSSL 0.9.4 file mt/mttest.c examples 67 */ 68 69 #pragma ident "%Z%%M% %I% %E% SMI" 70 71 #include <stdio.h> 72 #include <stdlib.h> 73 #include <string.h> 74 #include <errno.h> 75 #include <libintl.h> 76 #include <synch.h> 77 #include <thread.h> 78 #include <dlfcn.h> 79 #include <openssl/lhash.h> 80 #include <openssl/crypto.h> 81 #include <openssl/ssl.h> 82 #include <openssl/err.h> 83 #include "ipsec_util.h" 84 85 /* OpenSSL function pointers */ 86 static X509_NAME *(*d2i_X509_NAME_fn)() = NULL; 87 static int (*X509_NAME_print_ex_fp_fn)() = NULL; 88 static char *(*ERR_get_error_fn)() = NULL; 89 static char *(*ERR_error_string_fn)() = NULL; 90 static void (*SSL_load_error_strings_fn)() = NULL; 91 static void (*ERR_free_strings_fn)() = NULL; 92 static void (*CRYPTO_set_locking_callback_fn)() = NULL; 93 static void (*CRYPTO_set_id_callback_fn)() = NULL; 94 95 static void solaris_locking_callback(int, int, char *, int); 96 static unsigned long solaris_thread_id(void); 97 static void thread_setup(void); 98 /* LINTED E_STATIC_UNUSED */ 99 static void thread_cleanup(void); 100 101 mutex_t init_lock = DEFAULTMUTEX; 102 static mutex_t lock_cs[CRYPTO_NUM_LOCKS]; 103 static long lock_count[CRYPTO_NUM_LOCKS]; 104 105 void 106 libssl_load() 107 { 108 void *dldesc; 109 110 (void) mutex_lock(&init_lock); 111 if (libssl_loaded) { 112 (void) mutex_unlock(&init_lock); 113 return; 114 } 115 116 dldesc = dlopen(LIBSSL, RTLD_LAZY); 117 if (dldesc != NULL) { 118 d2i_X509_NAME_fn = (X509_NAME*(*)())dlsym(dldesc, 119 "d2i_X509_NAME"); 120 if (d2i_X509_NAME_fn == NULL) 121 goto libssl_err; 122 123 X509_NAME_print_ex_fp_fn = (int(*)())dlsym(dldesc, 124 "X509_NAME_print_ex_fp"); 125 if (X509_NAME_print_ex_fp_fn == NULL) 126 goto libssl_err; 127 128 ERR_get_error_fn = (char *(*)())dlsym(dldesc, 129 "ERR_get_error"); 130 if (ERR_get_error_fn == NULL) 131 goto libssl_err; 132 133 ERR_error_string_fn = (char *(*)())dlsym(dldesc, 134 "ERR_error_string"); 135 if (ERR_error_string_fn == NULL) 136 goto libssl_err; 137 138 SSL_load_error_strings_fn = (void(*)())dlsym(dldesc, 139 "SSL_load_error_strings"); 140 if (SSL_load_error_strings_fn == NULL) 141 goto libssl_err; 142 143 ERR_free_strings_fn = (void(*)())dlsym(dldesc, 144 "ERR_free_strings"); 145 if (ERR_free_strings_fn == NULL) 146 goto libssl_err; 147 148 CRYPTO_set_locking_callback_fn = (void(*)())dlsym(dldesc, 149 "CRYPTO_set_locking_callback"); 150 if (CRYPTO_set_locking_callback_fn == NULL) 151 goto libssl_err; 152 153 CRYPTO_set_id_callback_fn = (void(*)())dlsym(dldesc, 154 "CRYPTO_set_id_callback"); 155 if (CRYPTO_set_id_callback_fn == NULL) 156 goto libssl_err; 157 158 thread_setup(); 159 160 libssl_loaded = B_TRUE; 161 } 162 (void) mutex_unlock(&init_lock); 163 return; 164 libssl_err: 165 (void) dlclose(dldesc); 166 (void) mutex_unlock(&init_lock); 167 } 168 169 static void 170 thread_setup(void) 171 { 172 int i; 173 174 for (i = 0; i < CRYPTO_NUM_LOCKS; i++) { 175 lock_count[i] = 0; 176 (void) mutex_init(&(lock_cs[i]), USYNC_THREAD, NULL); 177 } 178 179 CRYPTO_set_id_callback_fn((unsigned long (*)())solaris_thread_id); 180 CRYPTO_set_locking_callback_fn((void (*)())solaris_locking_callback); 181 } 182 183 static void 184 thread_cleanup(void) 185 { 186 int i; 187 188 (void) mutex_lock(&init_lock); 189 CRYPTO_set_locking_callback_fn(NULL); 190 CRYPTO_set_id_callback_fn(NULL); 191 for (i = 0; i < CRYPTO_NUM_LOCKS; i++) 192 (void) mutex_destroy(&(lock_cs[i])); 193 (void) mutex_unlock(&init_lock); 194 } 195 196 /* ARGSUSED */ 197 static void 198 solaris_locking_callback(int mode, int type, char *file, int line) 199 { 200 if (mode & CRYPTO_LOCK) { 201 (void) mutex_lock(&(lock_cs[type])); 202 lock_count[type]++; 203 } else { 204 (void) mutex_unlock(&(lock_cs[type])); 205 } 206 } 207 208 static unsigned long 209 solaris_thread_id(void) 210 { 211 unsigned long ret; 212 213 ret = (unsigned long)thr_self(); 214 return (ret); 215 } 216 217 void 218 print_asn1_name(FILE *file, const unsigned char *buf, long buflen) 219 { 220 libssl_load(); 221 222 if (libssl_loaded) { 223 X509_NAME *x509 = NULL; 224 const unsigned char *p; 225 226 /* Make an effort to decode the ASN1 encoded name */ 227 SSL_load_error_strings_fn(); 228 229 /* temporary variable is mandatory per openssl docs */ 230 p = buf; 231 232 x509 = d2i_X509_NAME_fn(NULL, &p, buflen); 233 if (x509 != NULL) { 234 (void) X509_NAME_print_ex_fp_fn(file, x509, 0, 235 (ASN1_STRFLGS_RFC2253 | ASN1_STRFLGS_ESC_QUOTE | 236 XN_FLAG_SEP_CPLUS_SPC | XN_FLAG_FN_SN)); 237 (void) fprintf(file, "\n"); 238 } else { 239 char errbuf[80]; 240 241 (void) fprintf(file, "\n# %s\n", 242 ERR_error_string_fn(ERR_get_error_fn(), errbuf)); 243 (void) fprintf(file, dgettext(TEXT_DOMAIN, 244 "<cannot interpret>\n")); 245 } 246 ERR_free_strings_fn(); 247 } else { 248 (void) fprintf(file, dgettext(TEXT_DOMAIN, "<cannot print>\n")); 249 } 250 } 251