-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Updated S2N to add support for sharing openssl/libcrypto (#35)
* Updated to latest s2n revision, using s2n_crypto_disable_init() * Added aws_crt_crypto_share API * Updated to aws-c-common v0.6.9 * Separated out crypto init/shutdown * Employ s2n_disable_atexit() * updated s2n to get rand shutdown fix * Updated to s2n v1.0.17
- Loading branch information
Justin Boswell
authored
Aug 30, 2021
1 parent
94e82ef
commit aecdb91
Showing
8 changed files
with
97 additions
and
21 deletions.
There are no files selected for viewing
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
name: Lint | ||
|
||
on: | ||
push: | ||
branches: | ||
- '*' | ||
- '!main' | ||
|
||
jobs: | ||
clang-format: | ||
|
||
runs-on: ubuntu-latest | ||
|
||
steps: | ||
- name: Checkout Sources | ||
uses: actions/checkout@v1 | ||
|
||
- name: clang-format lint | ||
uses: DoozyX/clang-format-lint-action@v0.3.1 | ||
with: | ||
# List of extensions to check | ||
extensions: c,h | ||
|
||
check-submodules: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Checkout Source | ||
uses: actions/checkout@v2 | ||
with: | ||
submodules: true | ||
fetch-depth: 0 | ||
- name: Check Submodules | ||
uses: awslabs/aws-crt-builder/.github/actions/check-submodules@main |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Submodule aws-c-common
updated
392 files
Submodule s2n
updated
from 663457 to b5b313
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
|
||
#include "crt.h" | ||
|
||
#if defined(AWS_OS_LINUX) | ||
# include <openssl/crypto.h> | ||
# include <openssl/evp.h> | ||
# include <s2n.h> | ||
|
||
void aws_crt_crypto_share(void) { | ||
/* Prevent s2n from initializing or de-initializing crypto */ | ||
s2n_crypto_disable_init(); | ||
s2n_disable_atexit(); | ||
} | ||
|
||
# define AWS_OPENSSL_VERSION_AT_LEAST(major, minor, fix) \ | ||
(OPENSSL_VERSION_NUMBER >= ((major << 28) + (minor << 20) + (fix << 12))) | ||
|
||
void init_crypto(void) { | ||
/* | ||
* OpenSSL prior to 1.1.x has idempotency issues with initialization and shutdown. | ||
* We initialize it minimally ourselves here, since s2n has been told not to. | ||
* Cleanup is handled by OpenSSL's atexit handler | ||
*/ | ||
# if AWS_OPENSSL_VERSION_AT_LEAST(1, 1, 0) | ||
OPENSSL_init_crypto( | ||
OPENSSL_INIT_LOAD_CRYPTO_STRINGS | OPENSSL_INIT_ADD_ALL_CIPHERS | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL); | ||
# else | ||
OpenSSL_add_all_algorithms(); | ||
# endif | ||
} | ||
|
||
void shutdown_crypto(void) {} | ||
|
||
#else | ||
void aws_crt_crypto_share(void) {} | ||
void init_crypto(void) {} | ||
void shutdown_crypto(void) {} | ||
#endif |