From bc695581c6f7f8d0cdb907740c8f56b20a8c419a Mon Sep 17 00:00:00 2001
From: Razvan Becheriu <razvan@isc.org>
Date: Tue, 20 Feb 2024 10:46:26 +0200
Subject: [PATCH] [#3193] fixed double free when using botan

---
 src/lib/cryptolink/botan_link.cc | 2 --
 src/lib/cryptolink/crypto_rng.cc | 3 +--
 src/lib/cryptolink/crypto_rng.h  | 2 +-
 src/lib/cryptolink/cryptolink.cc | 4 ++--
 src/lib/cryptolink/cryptolink.h  | 2 +-
 5 files changed, 5 insertions(+), 8 deletions(-)

diff --git a/src/lib/cryptolink/botan_link.cc b/src/lib/cryptolink/botan_link.cc
index 5eb0e342f0..80fe28fd86 100644
--- a/src/lib/cryptolink/botan_link.cc
+++ b/src/lib/cryptolink/botan_link.cc
@@ -70,8 +70,6 @@ CryptoLink::initialize(CryptoLink& c) {
             isc_throw(InitializationError, "Botan error: " << ex.what());
         }
     }
-    // A not yet fixed bug makes RNG to be destroyed after memory pool...
-    atexit([]{ getCryptoLink().getRNG().reset(); });
 }
 
 std::string
diff --git a/src/lib/cryptolink/crypto_rng.cc b/src/lib/cryptolink/crypto_rng.cc
index 54dacce408..b67f2afb97 100644
--- a/src/lib/cryptolink/crypto_rng.cc
+++ b/src/lib/cryptolink/crypto_rng.cc
@@ -23,8 +23,7 @@ RNG::~RNG() {
 }
 
 std::vector<uint8_t>
-random(size_t len)
-{
+random(size_t len) {
     RNGPtr rng(CryptoLink::getCryptoLink().getRNG());
     return (rng->random(len));
 }
diff --git a/src/lib/cryptolink/crypto_rng.h b/src/lib/cryptolink/crypto_rng.h
index 916321e7ca..d840637dfb 100644
--- a/src/lib/cryptolink/crypto_rng.h
+++ b/src/lib/cryptolink/crypto_rng.h
@@ -42,7 +42,7 @@ class RNG : private boost::noncopyable {
     virtual std::vector<uint8_t> random(size_t len) = 0;
 
 private:
-    friend RNGPtr& CryptoLink::getRNG();
+    friend RNGPtr const& CryptoLink::getRNG() const;
 };
 
 /// \brief Generate random value. 
diff --git a/src/lib/cryptolink/cryptolink.cc b/src/lib/cryptolink/cryptolink.cc
index 3e238b29e0..8d4e2505e8 100644
--- a/src/lib/cryptolink/cryptolink.cc
+++ b/src/lib/cryptolink/cryptolink.cc
@@ -30,8 +30,8 @@ CryptoLink::createHMAC(const void* secret, size_t secret_len,
     return (new HMAC(secret, secret_len, hash_algorithm));
 }
 
-RNGPtr&
-CryptoLink::getRNG() {
+RNGPtr const&
+CryptoLink::getRNG() const {
     return (rng_);
 }
 
diff --git a/src/lib/cryptolink/cryptolink.h b/src/lib/cryptolink/cryptolink.h
index 366fa5be6d..a702dc8da9 100644
--- a/src/lib/cryptolink/cryptolink.h
+++ b/src/lib/cryptolink/cryptolink.h
@@ -211,7 +211,7 @@ class CryptoLink : private boost::noncopyable {
     ///                           in a derived class
     /// \exception LibraryError if there was any unexpected exception
     ///                         in the underlying library
-    virtual RNGPtr& getRNG();
+    virtual RNGPtr const& getRNG() const;
 
 private:
     /// \brief Initialize the library