From 1886cc190cfbd37daf047194fd1a2f5c13a15d64 Mon Sep 17 00:00:00 2001
From: Sebastian Harl <sh@tokkee.org>
Date: Mon, 9 Feb 2015 18:43:39 +0100
Subject: [PATCH] SSL utils: Added init() and shutdown() functions for global
 setup/shutdown.

Use those functions in sysdb and sysdbd instead of calling the OpenSSL
functions directly.
---
 src/include/utils/ssl.h | 10 ++++++++++
 src/tools/sysdb/main.c  | 10 +++-------
 src/tools/sysdbd/main.c | 11 +++--------
 src/utils/ssl.c         | 13 +++++++++++++
 4 files changed, 29 insertions(+), 15 deletions(-)

diff --git a/src/include/utils/ssl.h b/src/include/utils/ssl.h
index 5379bc9..f15d3fa 100644
--- a/src/include/utils/ssl.h
+++ b/src/include/utils/ssl.h
@@ -67,6 +67,16 @@ typedef struct sdb_ssl_server sdb_ssl_server_t;
 struct sdb_ssl_session;
 typedef struct sdb_ssl_session sdb_ssl_session_t;
 
+/*
+ * sdb_ssl_init, sdb_ssl_shutdown:
+ * Global setup and shutdown of SSL/TLS. This is required before any other
+ * function can be used.
+ */
+void
+sdb_ssl_init(void);
+void
+sdb_ssl_shutdown(void);
+
 /*
  * sdb_ssl_client_create:
  * Allocate and initialize a TLS/SSL client using the specified options. If no
diff --git a/src/tools/sysdb/main.c b/src/tools/sysdb/main.c
index e9e2202..c58c735 100644
--- a/src/tools/sysdb/main.c
+++ b/src/tools/sysdb/main.c
@@ -38,6 +38,7 @@
 #include "utils/llist.h"
 #include "utils/strbuf.h"
 #include "utils/os.h"
+#include "utils/ssl.h"
 
 #include <errno.h>
 
@@ -77,9 +78,6 @@
 #	endif
 #endif /* READLINEs */
 
-#include <openssl/ssl.h>
-#include <openssl/err.h>
-
 #ifndef DEFAULT_SOCKET
 #	define DEFAULT_SOCKET "unix:"LOCALSTATEDIR"/run/sysdbd.sock"
 #endif
@@ -299,8 +297,7 @@ main(int argc, char **argv)
 	if (! input.user)
 		exit(1);
 
-	SSL_load_error_strings();
-	OpenSSL_add_ssl_algorithms();
+	sdb_ssl_init();
 
 	input.client = sdb_client_create(host);
 	if (! input.client) {
@@ -372,8 +369,7 @@ main(int argc, char **argv)
 	}
 
 	sdb_input_reset(&input);
-
-	ERR_free_strings();
+	sdb_ssl_shutdown();
 	return 0;
 } /* main */
 
diff --git a/src/tools/sysdbd/main.c b/src/tools/sysdbd/main.c
index 25f6499..179ec79 100644
--- a/src/tools/sysdbd/main.c
+++ b/src/tools/sysdbd/main.c
@@ -33,6 +33,7 @@
 #include "core/plugin.h"
 #include "core/store.h"
 #include "utils/error.h"
+#include "utils/ssl.h"
 
 #include "frontend/connection.h"
 #include "frontend/sock.h"
@@ -60,9 +61,6 @@
 
 #include <pthread.h>
 
-#include <openssl/ssl.h>
-#include <openssl/err.h>
-
 #ifndef CONFIGFILE
 #	define CONFIGFILE SYSCONFDIR"/sysdb/sysdbd.conf"
 #endif
@@ -370,9 +368,7 @@ main(int argc, char **argv)
 		if (daemonize())
 			exit(1);
 
-	SSL_load_error_strings();
-	OpenSSL_add_ssl_algorithms();
-
+	sdb_ssl_init();
 	sdb_plugin_init_all();
 	plugin_main_loop.default_interval = SECS_TO_SDB_TIME(60);
 
@@ -397,8 +393,7 @@ main(int argc, char **argv)
 			SDB_VERSION_EXTRA" (pid %i)", (int)getpid());
 	sdb_plugin_shutdown_all();
 	sdb_plugin_unregister_all();
-
-	ERR_free_strings();
+	sdb_ssl_shutdown();
 	return status;
 } /* main */
 
diff --git a/src/utils/ssl.c b/src/utils/ssl.c
index 723df21..fe509d0 100644
--- a/src/utils/ssl.c
+++ b/src/utils/ssl.c
@@ -171,6 +171,19 @@ copy_options(sdb_ssl_options_t *dst, const sdb_ssl_options_t *src)
  * public API
  */
 
+void
+sdb_ssl_init(void)
+{
+	SSL_load_error_strings();
+	OpenSSL_add_ssl_algorithms();
+} /* sdb_ssl_init */
+
+void
+sdb_ssl_shutdown(void)
+{
+	ERR_free_strings();
+} /* sdb_ssl_shutdown */
+
 sdb_ssl_client_t *
 sdb_ssl_client_create(const sdb_ssl_options_t *opts)
 {
-- 
2.30.2