diff options
| author | Ben Wiederhake <BenWiederhake.GitHub@gmx.de> | 2016-02-18 13:14:21 +0300 |
|---|---|---|
| committer | Ben Wiederhake <BenWiederhake.GitHub@gmx.de> | 2016-04-14 23:18:44 +0300 |
| commit | a96d4ba045135aaee582a340f4648c3c81757e52 (patch) | |
| tree | a99e1917c5730a60eeaca1245b84cdaab9203eff | |
| parent | 5a3d2b98c1d492dbeaa34492ca8507516a34bf12 (diff) | |
Properly initialize libgcrypt on start
| -rw-r--r-- | crypto/err.h | 6 | ||||
| -rw-r--r-- | crypto/err_altern.c | 41 | ||||
| -rw-r--r-- | crypto/err_openssl.c | 6 | ||||
| -rw-r--r-- | tgl.c | 7 |
4 files changed, 59 insertions, 1 deletions
diff --git a/crypto/err.h b/crypto/err.h index ec6c6f6..efee156 100644 --- a/crypto/err.h +++ b/crypto/err.h @@ -25,4 +25,10 @@ void TGLC_err_print_errors_fp (FILE *fp); +// Don't want to include tgl.h just for this +struct tgl_state; + +// Init crypto backend, log to TLS +int TGLC_init (struct tgl_state *TLS); + #endif diff --git a/crypto/err_altern.c b/crypto/err_altern.c index 219b161..610e205 100644 --- a/crypto/err_altern.c +++ b/crypto/err_altern.c @@ -24,6 +24,8 @@ #include <gcrypt.h> +#include "../tgl.h" +#include "../tgl-inner.h" #include "err.h" void TGLC_err_print_errors_fp (FILE *fp) { @@ -31,4 +33,43 @@ void TGLC_err_print_errors_fp (FILE *fp) { (void) fp; } +int TGLC_init (struct tgl_state *TLS) { + vlogprintf (E_NOTICE, "Init gcrypt\n"); + // https://gnupg.org/documentation/manuals/gcrypt/Initializing-the-library.html + // https://lists.gnupg.org/pipermail/gcrypt-devel/2003-August/000458.html + + if (gcry_control (GCRYCTL_INITIALIZATION_FINISHED_P)) { + // Someone else already *completed* it. + vlogprintf (E_NOTICE, "Init gcrypt: already initialized -- good\n"); + return 0; + } + + if (gcry_control (GCRYCTL_ANY_INITIALIZATION_P)) { + // Someone else already *started* it without *completing*. + vlogprintf (E_WARNING, "Init gcrypt: already started *but not completed* by third party -- bad\n"); + vlogprintf (E_WARNING, "Init gcrypt: ... not trying to init gcrypt then.\n"); + return 0; + } + + if (!gcry_check_version (GCRYPT_VERSION)) { + vlogprintf (E_ERROR, "Init gcrypt: version mismatch!\n"); + return -1; + } + + gcry_error_t err = gcry_control (GCRYCTL_DISABLE_SECMEM, NULL, 0); + if (err != GPG_ERR_NO_ERROR) { + vlogprintf (E_ERROR, "Init gcrypt: secmem failed?!\n"); + return -1; + } + + /* Tell Libgcrypt that initialization has completed. */ + err = gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0); + if (err != GPG_ERR_NO_ERROR) { + vlogprintf (E_ERROR, "Init gcrypt: init failed?!\n"); + return -1; + } + + return 0; +} + #endif diff --git a/crypto/err_openssl.c b/crypto/err_openssl.c index b9dab5c..74b61df 100644 --- a/crypto/err_openssl.c +++ b/crypto/err_openssl.c @@ -30,4 +30,10 @@ void TGLC_err_print_errors_fp (FILE *fp) { ERR_print_errors_fp (fp); } +int TGLC_init (void) { + // Doesn't seem to need any initialization. + vlogprintf (E_DEBUG, "Init OpenSSL (no-op)\n"); + return !0; +} + #endif @@ -22,6 +22,7 @@ #include "config.h" #endif +#include "crypto/err.h" #include "crypto/rsa_pem.h" #include "tgl.h" #include "tools.h" @@ -82,10 +83,14 @@ int tgl_init (struct tgl_state *TLS) { TLS->message_list.next_use = &TLS->message_list; TLS->message_list.prev_use = &TLS->message_list; + if (TGLC_init (TLS) != 0) { + return -1; + } + if (tglmp_on_start (TLS) < 0) { return -1; } - + if (!TLS->app_id) { TLS->app_id = TG_APP_ID; TLS->app_hash = tstrdup (TG_APP_HASH); |