diff options
| author | Nick Mathewson <nickm@torproject.org> | 2005-10-25 19:01:48 +0000 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2005-10-25 19:01:48 +0000 |
| commit | 9492424d3fa009011bfb10d6afe2a1b5e6190173 (patch) | |
| tree | d6f77a9542c9de823364e2d23ed815dca13b37b6 | |
| parent | b39d03116b56d8e8af94480c1d5fb279310d4cc3 (diff) | |
| download | tor-9492424d3fa009011bfb10d6afe2a1b5e6190173.tar.gz tor-9492424d3fa009011bfb10d6afe2a1b5e6190173.zip | |
Per comments at the bottom of openssl/FAQ, call even more functions to
clean up OpenSSL's toys when it's done playing. (Why isn't there an
OpenSSL_free_everything() function?)
svn:r5321
| -rw-r--r-- | src/common/crypto.c | 11 | ||||
| -rw-r--r-- | src/common/crypto.h | 1 | ||||
| -rw-r--r-- | src/or/cpuworker.c | 1 | ||||
| -rw-r--r-- | src/or/dns.c | 3 |
4 files changed, 16 insertions, 0 deletions
diff --git a/src/common/crypto.c b/src/common/crypto.c index 4857175e74..249be113ce 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -32,6 +32,7 @@ const char crypto_c_id[] = "$Id$"; #include <openssl/dh.h> #include <openssl/rsa.h> #include <openssl/dh.h> +#include <openssl/conf.h> #include <stdlib.h> #include <assert.h> @@ -220,16 +221,26 @@ crypto_global_init(int useAccel) return 0; } +/** Free crypto resources held by this thread. */ +void +crypto_thread_cleanup(void) +{ + ERR_remove_state(0); +} + /** Uninitialize the crypto library. Return 0 on success, -1 on failure. */ int crypto_global_cleanup(void) { EVP_cleanup(); + //ERR_remove_state(0); ERR_free_strings(); #ifndef NO_ENGINES ENGINE_cleanup(); #endif + CONF_modules_unload(1); + CRYPTO_cleanup_all_ex_data(); #ifdef TOR_IS_MULTITHREADED if (_n_openssl_mutexes) { int n = _n_openssl_mutexes; diff --git a/src/common/crypto.h b/src/common/crypto.h index 4eb57e88e4..6b128fda63 100644 --- a/src/common/crypto.h +++ b/src/common/crypto.h @@ -53,6 +53,7 @@ typedef struct crypto_dh_env_t crypto_dh_env_t; /* global state */ int crypto_global_init(int hardwareAccel); +void crypto_thread_cleanup(void); int crypto_global_cleanup(void); /* environment setup */ diff --git a/src/or/cpuworker.c b/src/or/cpuworker.c index cfd578e492..bc31faaf8d 100644 --- a/src/or/cpuworker.c +++ b/src/or/cpuworker.c @@ -290,6 +290,7 @@ cpuworker_main(void *data) if (last_onion_key) crypto_free_pk_env(last_onion_key); tor_close_socket(fd); + crypto_thread_cleanup(); spawn_exit(); return 0; /* windows wants this function to return an int */ } diff --git a/src/or/dns.c b/src/or/dns.c index da51ec57be..2534f3875f 100644 --- a/src/or/dns.c +++ b/src/or/dns.c @@ -793,12 +793,14 @@ dnsworker_main(void *data) info(LD_EXIT,"(Error on %d was %s)", fd, tor_socket_strerror(tor_socket_errno(fd))); } tor_close_socket(fd); + crypto_thread_cleanup(); spawn_exit(); } if (address_len && read_all(fd, address, address_len, 1) != address_len) { err(LD_BUG,"read hostname failed. Child exiting."); tor_close_socket(fd); + crypto_thread_cleanup(); spawn_exit(); } address[address_len] = 0; /* null terminate it */ @@ -826,6 +828,7 @@ dnsworker_main(void *data) if (write_all(fd, answer, 5, 1) != 5) { err(LD_NET,"writing answer failed. Child exiting."); tor_close_socket(fd); + crypto_thread_cleanup(); spawn_exit(); } } |