[tor-commits] [tor/master] On shutdown, mark openssl as uninitialized.

nickm at torproject.org nickm at torproject.org
Thu Jan 11 18:00:44 UTC 2018 

commit 42751e2123f6dcc87f3992d38c1889f7da981a7b
Author: Nick Mathewson <nickm at torproject.org>
Date:   Thu Jan 11 12:49:28 2018 -0500

    On shutdown, mark openssl as uninitialized.
    
    This causes openssl to get completely reinitialized on startup,
    which is probably a good idea.
---
 src/common/crypto.c | 9 ++++++++-
 src/ext/csiphash.c  | 6 ++++++
 src/ext/siphash.h   | 1 +
 3 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/src/common/crypto.c b/src/common/crypto.c
index 85bed538e..b519caed0 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -283,11 +283,12 @@ crypto_force_rand_ssleay(void)
   return 0;
 }
 
+static int have_seeded_siphash = 0;
+
 /** Set up the siphash key if we haven't already done so. */
 int
 crypto_init_siphash_key(void)
 {
-  static int have_seeded_siphash = 0;
   struct sipkey key;
   if (have_seeded_siphash)
     return 0;
@@ -3495,6 +3496,12 @@ crypto_global_cleanup(void)
 
   tor_free(crypto_openssl_version_str);
   tor_free(crypto_openssl_header_version_str);
+
+  crypto_early_initialized_ = 0;
+  crypto_global_initialized_ = 0;
+  have_seeded_siphash = 0;
+  siphash_unset_global_key();
+
   return 0;
 }
 
diff --git a/src/ext/csiphash.c b/src/ext/csiphash.c
index 508e4f6ce..0427c8795 100644
--- a/src/ext/csiphash.c
+++ b/src/ext/csiphash.c
@@ -123,3 +123,9 @@ void siphash_set_global_key(const struct sipkey *key)
 	the_siphash_key.k1 = key->k1;
 	the_siphash_key_is_set = 1;
 }
+
+void siphash_unset_global_key(void)
+{
+	the_siphash_key_is_set = 0;
+	memset(&the_siphash_key, 0, sizeof(the_siphash_key));
+}
diff --git a/src/ext/siphash.h b/src/ext/siphash.h
index d9b34b898..730e49937 100644
--- a/src/ext/siphash.h
+++ b/src/ext/siphash.h
@@ -9,5 +9,6 @@ uint64_t siphash24(const void *src, unsigned long src_sz, const struct sipkey *k
 
 void siphash_set_global_key(const struct sipkey *key);
 uint64_t siphash24g(const void *src, unsigned long src_sz);
+void siphash_unset_global_key(void);
 
 #endif

More information about the tor-commits mailing list