commit 922ce7fefb250da0e8532c5c5c1679d5facde497
parent 4a9c7efda704db04ba59b20a463cb5fa5238c615
Author: Joris Vink <joris@coders.se>
Date: Thu, 5 Jan 2023 19:23:24 +0100
Force OpenSSL to use Kore allocators.
LibreSSL does not support this, which is fair as its designed
for OpenBSD which has malloc and friends that do nice things.
Diffstat:
1 file changed, 33 insertions(+), 0 deletions(-)
diff --git a/src/tls_openssl.c b/src/tls_openssl.c
@@ -76,6 +76,12 @@ static int tls_keymgr_rsa_finish(RSA *);
static int tls_keymgr_rsa_privenc(int, const unsigned char *,
unsigned char *, RSA *, int);
+#if !defined(LIBRESSL_VERSION_NUMBER)
+static void tls_free(void *, const char *, int);
+static void *tls_malloc(size_t, const char *, int);
+static void *tls_realloc(void *, size_t, const char *, int);
+#endif
+
static DH *dh_params = NULL;
static RSA_METHOD *keymgr_rsa_meth = NULL;
static int tls_version = KORE_TLS_VERSION_BOTH;
@@ -102,6 +108,13 @@ kore_tls_supported(void)
void
kore_tls_init(void)
{
+#if !defined(LIBRESSL_VERSION_NUMBER)
+ if (!CRYPTO_set_mem_functions(tls_malloc, tls_realloc, tls_free))
+ fatalx("CRYPTO_set_mem_functions failed");
+#else
+ kore_log(LOG_NOTICE, "libressl does not support malloc-wrappers");
+#endif
+
SSL_library_init();
SSL_load_error_strings();
ERR_load_crypto_strings();
@@ -1144,6 +1157,26 @@ tls_privsep_private_key(EVP_PKEY *pub, struct kore_domain *dom)
return (pkey);
}
+#if !defined(LIBRESSL_VERSION_NUMBER)
+static void *
+tls_malloc(size_t len, const char *file, int line)
+{
+ return (kore_malloc(len));
+}
+
+static void *
+tls_realloc(void *ptr, size_t len, const char *file, int line)
+{
+ return (kore_realloc(ptr, len));
+}
+
+static void
+tls_free(void *ptr, const char *file, int line)
+{
+ kore_free(ptr);
+}
+#endif
+
#if defined(KORE_USE_ACME)
static int
tls_acme_alpn(SSL *ssl, const unsigned char **out, unsigned char *outlen,
