Unload error strings in OpenSSL shutdown. (lsh123#292)

SvenPStarFinanz · web-flow · commit 51dc3abd575d · 2020-06-18T09:07:25.000-07:00
diff --git a/src/openssl/crypto.c b/src/openssl/crypto.c
@@ -34,6 +34,7 @@
 #include <xmlsec/openssl/x509.h>
 
 static int              xmlSecOpenSSLErrorsInit                 (void);
+static void             xmlSecOpenSSLErrorsShutdown             (void);
 
 static xmlSecCryptoDLFunctionsPtr gXmlSecOpenSSLFunctions = NULL;
 static xmlChar* gXmlSecOpenSSLTrustedCertsFolder = NULL;
@@ -357,6 +358,7 @@ xmlSecOpenSSLInit (void)  {
 int
 xmlSecOpenSSLShutdown(void) {
     xmlSecOpenSSLSetDefaultTrustedCertsFolder(NULL);
+	xmlSecOpenSSLErrorsShutdown();
     return(0);
 }
 
@@ -452,18 +454,21 @@ xmlSecOpenSSLErrorsDefaultCallback(const char* file, int line, const char* func,
                 reason, msg);
 }
 
+#ifndef OPENSSL_IS_BORINGSSL
+static ERR_STRING_DATA xmlSecOpenSSLStrReasons[XMLSEC_ERRORS_MAX_NUMBER + 1];
+static ERR_STRING_DATA xmlSecOpenSSLStrLib[] = {
+    { ERR_PACK(XMLSEC_OPENSSL_ERRORS_LIB,0,0),      "xmlsec routines"},
+    { 0,                                            NULL}
+};
+static ERR_STRING_DATA xmlSecOpenSSLStrDefReason[]= {
+    { XMLSEC_OPENSSL_ERRORS_LIB,                    "xmlsec lib"},
+    { 0,                                            NULL}
+};
+#endif /* OPENSSL_IS_BORINGSSL */
+
 static int
 xmlSecOpenSSLErrorsInit(void) {
 #ifndef OPENSSL_IS_BORINGSSL
-    static ERR_STRING_DATA xmlSecOpenSSLStrReasons[XMLSEC_ERRORS_MAX_NUMBER + 1];
-    static ERR_STRING_DATA xmlSecOpenSSLStrLib[]= {
-        { ERR_PACK(XMLSEC_OPENSSL_ERRORS_LIB,0,0),      "xmlsec routines"},
-        { 0,                                            NULL}
-    };
-    static ERR_STRING_DATA xmlSecOpenSSLStrDefReason[]= {
-        { XMLSEC_OPENSSL_ERRORS_LIB,                    "xmlsec lib"},
-        { 0,                                            NULL}
-    };
     xmlSecSize pos;
 
     /* initialize reasons array */
@@ -473,7 +478,7 @@ xmlSecOpenSSLErrorsInit(void) {
         xmlSecOpenSSLStrReasons[pos].string = xmlSecErrorsGetMsg(pos);
     }
 
-    /* finally load xmlsec strings in OpenSSL */
+    /* load xmlsec strings in OpenSSL */
     ERR_load_strings(XMLSEC_OPENSSL_ERRORS_LIB, xmlSecOpenSSLStrLib); /* define xmlsec lib name */
     ERR_load_strings(XMLSEC_OPENSSL_ERRORS_LIB, xmlSecOpenSSLStrDefReason); /* define default reason */
     ERR_load_strings(XMLSEC_OPENSSL_ERRORS_LIB, xmlSecOpenSSLStrReasons);
@@ -485,6 +490,20 @@ xmlSecOpenSSLErrorsInit(void) {
     return(0);
 }
 
+
+static void
+xmlSecOpenSSLErrorsShutdown(void) {
+    /* remove callback */
+    xmlSecErrorsSetCallback(NULL);
+
+#ifndef OPENSSL_IS_BORINGSSL
+    /* unload xmlsec strings from OpenSSL */
+    ERR_unload_strings(XMLSEC_OPENSSL_ERRORS_LIB, xmlSecOpenSSLStrLib);
+    ERR_unload_strings(XMLSEC_OPENSSL_ERRORS_LIB, xmlSecOpenSSLStrDefReason);
+    ERR_unload_strings(XMLSEC_OPENSSL_ERRORS_LIB, xmlSecOpenSSLStrReasons);
+#endif /* OPENSSL_IS_BORINGSSL */
+}
+
 /**
  * xmlSecOpenSSLSetDefaultTrustedCertsFolder:
  * @path:       the default trusted certs path.
