From b2dc1d7ec76d86a640b70dea0e92a81e1990f019 Mon Sep 17 00:00:00 2001 From: Dimitri Staessens Date: Mon, 25 May 2026 14:52:21 +0200 Subject: irmd: Reorder init/fini Application-level OpenSSL objects (X509_STORE held by irm/OAP) must be released before OPENSSL_cleanup() tears down libcrypto's globals, otherwise their destructors run against half-finalised state. Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders --- src/irmd/main.c | 29 +++++++++++++++++++---------- 1 file changed, 19 insertions(+), 10 deletions(-) diff --git a/src/irmd/main.c b/src/irmd/main.c index 4808934f..f91e23fc 100644 --- a/src/irmd/main.c +++ b/src/irmd/main.c @@ -2394,26 +2394,31 @@ int main(int argc, goto fail_irm_init; } - if (irm_init() < 0) + if (crypt_secure_malloc_init(IRMD_SECMEM_MAX) < 0) { + log_err("Failed to initialize secure memory allocation."); + goto fail_secmem; + } + + if (irm_init() < 0) { + log_err("Failed to initialize IRMd."); goto fail_irm_init; + } if (reg_init() < 0) { log_err("Failed to initialize registry."); goto fail_reg; } - if (crypt_secure_malloc_init(IRMD_SECMEM_MAX) < 0) { - log_err("Failed to initialize secure memory allocation."); - goto fail_reg; - } - pthread_sigmask(SIG_BLOCK, &sigset, NULL); - if (irm_start() < 0) + if (irm_start() < 0) { + log_err("Failed to start IRMd."); goto fail_irm_start; + } #ifdef HAVE_TOML if (irm_configure(irmd.cfg_file) < 0) { + log_err("Failed to load IRMd configuration."); irmd_set_state(IRMD_SHUTDOWN); ret = EXIT_FAILURE; } @@ -2426,15 +2431,16 @@ int main(int argc, pthread_sigmask(SIG_UNBLOCK, &sigset, NULL); - crypt_secure_malloc_fini(); - crypt_cleanup(); - reg_clear(); reg_fini(); irm_fini(); + crypt_secure_malloc_fini(); + + crypt_cleanup(); + log_info("Ouroboros IPC Resource Manager daemon exited. Bye."); log_fini(); @@ -2446,5 +2452,8 @@ int main(int argc, fail_reg: irm_fini(); fail_irm_init: + crypt_secure_malloc_fini(); + crypt_cleanup(); + fail_secmem: exit(EXIT_FAILURE); } -- cgit v1.2.3