lazy init SSL

Signed-off-by: Abilio Marques <[email protected]>
eclipse · Jul 23, 2020 · d5aae3e · d5aae3e
1 parent 1608151
commit d5aae3e
Show file tree

Hide file tree

Showing 3 changed files with 38 additions and 18 deletions.
diff --git a/lib/net_mosq.c b/lib/net_mosq.c
@@ -79,6 +79,8 @@ and the Eclipse Distribution License is available at
 int tls_ex_index_mosq = -1;
 UI_METHOD *_ui_method = NULL;
 
+static bool is_tls_initialized = false;
+
 /* Functions taken from OpenSSL s_server/s_client */
 static int ui_open(UI *ui)
 {
@@ -121,6 +123,7 @@ UI_METHOD *net__get_ui_method(void)
 {
  return _ui_method;
 }
+
 #endif
 
 int net__init(void)
@@ -136,24 +139,6 @@ int net__init(void)
  ares_library_init(ARES_LIB_INIT_ALL);
 #endif
 
-#ifdef WITH_TLS
-# if OPENSSL_VERSION_NUMBER < 0x10100000L
- SSL_load_error_strings();
- SSL_library_init();
- OpenSSL_add_all_algorithms();
-# else
- OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \
- | OPENSSL_INIT_ADD_ALL_DIGESTS \
- | OPENSSL_INIT_LOAD_CONFIG, NULL);
-# endif
-#if !defined(OPENSSL_NO_ENGINE)
- ENGINE_load_builtin_engines();
-#endif
- setup_ui_method();
- if(tls_ex_index_mosq == -1){
- tls_ex_index_mosq = SSL_get_ex_new_index(0, "client context", NULL, NULL, NULL);
- }
-#endif
  return MOSQ_ERR_SUCCESS;
 }
 
@@ -169,6 +154,7 @@ void net__cleanup(void)
 # if !defined(OPENSSL_NO_ENGINE)
  ENGINE_cleanup();
 # endif
+ is_tls_initialized = false;
 # endif
 
  CONF_modules_unload(1);
@@ -184,6 +170,31 @@ void net__cleanup(void)
 #endif
 }
 
+#ifdef WITH_TLS
+void net__init_tls(void)
+{
+ if(is_tls_initialized) return;
+
+# if OPENSSL_VERSION_NUMBER < 0x10100000L
+ SSL_load_error_strings();
+ SSL_library_init();
+ OpenSSL_add_all_algorithms();
+# else
+ OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \
+ | OPENSSL_INIT_ADD_ALL_DIGESTS \
+ | OPENSSL_INIT_LOAD_CONFIG, NULL);
+# endif
+#if !defined(OPENSSL_NO_ENGINE)
+ ENGINE_load_builtin_engines();
+#endif
+ setup_ui_method();
+ if(tls_ex_index_mosq == -1){
+ tls_ex_index_mosq = SSL_get_ex_new_index(0, "client context", NULL, NULL, NULL);
+ }
+
+ is_tls_initialized = true;
+}
+#endif
 
 /* Close a socket associated with a context and set it to -1.
  * Returns 1 on failure (context is NULL)
@@ -606,6 +617,8 @@ static int net__init_ssl_ctx(struct mosquitto *mosq)
  * MOSQ_OPT_SSL_CTX_WITH_DEFAULTS are set. */
  if(mosq->tls_cafile || mosq->tls_capath || mosq->tls_psk){
  if(!mosq->ssl_ctx){
+ net__init_tls();
+
 #if OPENSSL_VERSION_NUMBER < 0x10100000L
  mosq->ssl_ctx = SSL_CTX_new(SSLv23_client_method());
 #else

diff --git a/lib/net_mosq.h b/lib/net_mosq.h
@@ -55,6 +55,10 @@ struct mosquitto_db;
 int net__init(void);
 void net__cleanup(void);
 
+#ifdef WITH_TLS
+void net__init_tls(void);
+#endif
+
 int net__socket_connect(struct mosquitto *mosq, const char *host, uint16_t port, const char *bind_address, bool blocking);
 #ifdef WITH_BROKER
 int net__socket_close(struct mosquitto_db *db, struct mosquitto *mosq);

diff --git a/src/net.c b/src/net.c
@@ -72,6 +72,9 @@ void net__broker_init(void)
 {
  spare_sock = socket(AF_INET, SOCK_STREAM, 0);
  net__init();
+#ifdef WITH_TLS
+ net__init_tls();
+#endif
 }