Update contrib/restricted/aws/s2n to 1.3.19

10 files changed, 201 insertions, 42 deletions

diff --git a/contrib/restricted/aws/s2n/CMakeLists.darwin.txt b/contrib/restricted/aws/s2n/CMakeLists.darwin.txt
index be70332991..42a21ce0ff 100644
--- a/contrib/restricted/aws/s2n/CMakeLists.darwin.txt
+++ b/contrib/restricted/aws/s2n/CMakeLists.darwin.txt
@@ -62,6 +62,7 @@ target_sources(restricted-aws-s2n PRIVATE
   ${CMAKE_SOURCE_DIR}/contrib/restricted/aws/s2n/crypto/s2n_hkdf.c
   ${CMAKE_SOURCE_DIR}/contrib/restricted/aws/s2n/crypto/s2n_hmac.c
   ${CMAKE_SOURCE_DIR}/contrib/restricted/aws/s2n/crypto/s2n_libcrypto.c
+  ${CMAKE_SOURCE_DIR}/contrib/restricted/aws/s2n/crypto/s2n_locking.c
   ${CMAKE_SOURCE_DIR}/contrib/restricted/aws/s2n/crypto/s2n_openssl_x509.c
   ${CMAKE_SOURCE_DIR}/contrib/restricted/aws/s2n/crypto/s2n_pkey.c
   ${CMAKE_SOURCE_DIR}/contrib/restricted/aws/s2n/crypto/s2n_rsa.c
diff --git a/contrib/restricted/aws/s2n/CMakeLists.linux.txt b/contrib/restricted/aws/s2n/CMakeLists.linux.txt
index 9e1457d333..b10cb01d54 100644
--- a/contrib/restricted/aws/s2n/CMakeLists.linux.txt
+++ b/contrib/restricted/aws/s2n/CMakeLists.linux.txt
@@ -63,6 +63,7 @@ target_sources(restricted-aws-s2n PRIVATE
   ${CMAKE_SOURCE_DIR}/contrib/restricted/aws/s2n/crypto/s2n_hkdf.c
   ${CMAKE_SOURCE_DIR}/contrib/restricted/aws/s2n/crypto/s2n_hmac.c
   ${CMAKE_SOURCE_DIR}/contrib/restricted/aws/s2n/crypto/s2n_libcrypto.c
+  ${CMAKE_SOURCE_DIR}/contrib/restricted/aws/s2n/crypto/s2n_locking.c
   ${CMAKE_SOURCE_DIR}/contrib/restricted/aws/s2n/crypto/s2n_openssl_x509.c
   ${CMAKE_SOURCE_DIR}/contrib/restricted/aws/s2n/crypto/s2n_pkey.c
   ${CMAKE_SOURCE_DIR}/contrib/restricted/aws/s2n/crypto/s2n_rsa.c
diff --git a/contrib/restricted/aws/s2n/api/s2n.h b/contrib/restricted/aws/s2n/api/s2n.h
index 11df0c5f99..e1d4c587bd 100644
--- a/contrib/restricted/aws/s2n/api/s2n.h
+++ b/contrib/restricted/aws/s2n/api/s2n.h
@@ -496,7 +496,7 @@ S2N_API
 extern int s2n_config_set_cache_delete_callback(struct s2n_config *config, s2n_cache_delete_callback cache_delete_callback, void *data);
 
 /**
- * A function that will be called when s2n-tls is initialized.
+ * Called when `s2n_init` is executed.
  */
 typedef int (*s2n_mem_init_callback)(void);
 
@@ -506,8 +506,9 @@ typedef int (*s2n_mem_init_callback)(void);
 typedef int (*s2n_mem_cleanup_callback)(void);
 
 /**
- * A function that can allocate at least `requested` bytes of memory and
- * store the location of that memory in **\*ptr**, and the size of the allocated
+ * A function that can allocate at least `requested` bytes of memory.
+ *
+ * It stores the location of that memory in **\*ptr** and the size of the allocated
  * data in **\*allocated**. The function may choose to allocate more memory
  * than was requested. s2n-tls will consider all allocated memory available for
  * use, and will attempt to free all allocated memory when able.
@@ -515,12 +516,12 @@ typedef int (*s2n_mem_cleanup_callback)(void);
 typedef int (*s2n_mem_malloc_callback)(void **ptr, uint32_t requested, uint32_t *allocated);
 
 /**
- * A function that can free memory.
+ * Frees memory allocated by s2n_mem_malloc_callback.
  */
 typedef int (*s2n_mem_free_callback)(void *ptr, uint32_t size);
 
 /**
- * Allows the caller to over-ride s2n-tls's internal memory handling functions.
+ * Allows the caller to override s2n-tls's internal memory handling functions.
  * 
  * @warning This function must be called before s2n_init().
  * 
@@ -557,7 +558,7 @@ typedef int (*s2n_rand_seed_callback)(void *data, uint32_t size);
 typedef int (*s2n_rand_mix_callback)(void *data, uint32_t size);
 
 /**
- * Allows the caller to over-ride s2n-tls's entropy functions.
+ * Allows the caller to override s2n-tls's entropy functions.
  * 
  * @warning This function must be called before s2n_init().
  * 
@@ -880,22 +881,21 @@ extern int s2n_config_wipe_trust_store(struct s2n_config *config);
  * of the X.509 validation will succeed.
  *
  * If no hostname results in a 1 being returned, the certificate will be untrusted and the
- * validation will terminate immediately. The default behavior is to reject all host names
- * found in a certificate if client mode or client authentication is being used.
+ * validation will terminate immediately.
  *
- * Data is a opaque user context set in s2n_config_set_verify_host_callback().
+ * Data is a opaque user context set in s2n_config_set_verify_host_callback() or s2n_connection_set_verify_host_callback().
  */
 typedef uint8_t (*s2n_verify_host_fn) (const char *host_name, size_t host_name_len, void *data);
 
 /**
  * Sets the callback to use for verifying that a hostname from an X.509 certificate is trusted.
- * By default, no certificate will be trusted. To override this behavior, set this callback.
  *
- * This change will be inherited by s2n_connections using this config. If s2n_connection specifies
- * a callback, that callback will be used for that connection.
+ * The default behavior is to require that the hostname match the server name set with s2n_set_server_name().
+ * This will likely lead to all client certificates being rejected, so the callback will need to be overriden when using
+ *  client authentication.
  *
- * If a separate callback for different connections using the same config is desired,
- * see s2n_connection_set_verify_host_callback().
+ * This change will be inherited by s2n_connections using this config. If a separate callback for different connections
+ * using the same config is desired, see s2n_connection_set_verify_host_callback().
  *
  * @param config The configuration object being updated
  * @param data A user supplied opaque context to pass back to the callback
@@ -1035,6 +1035,7 @@ extern int s2n_config_set_ct_support_level(struct s2n_config *config, s2n_ct_sup
  * - `S2N_ALERT_IGNORE_WARNINGS` - with the exception of `close_notify` s2n-tls will ignore all WARNING alerts and keep communicating with its peer. This setting is ignored in TLS1.3
  *
  * @note TLS1.3 terminates a connection for all alerts except user_canceled.
+ * @warning S2N_ALERT_FAIL_ON_WARNINGS is the recommended behavior. Past TLS protocol vulnerabilities have involved downgrading alerts to warnings.
  */
 typedef enum { S2N_ALERT_FAIL_ON_WARNINGS = 0, S2N_ALERT_IGNORE_WARNINGS = 1 } s2n_alert_behavior;
 
@@ -1071,6 +1072,8 @@ extern int s2n_config_set_extension_data(struct s2n_config *config, s2n_tls_exte
  * length overrides the preference set by the `s2n_connection_prefer_throughput` and
  * `s2n_connection_prefer_low_latency`.
  *
+ * @note Some TLS implementations do not respect their peer's max fragment length extension.
+ *
  * @param config The configuration object being updated
  * @param mfl_code The selected MFL size
  * @returns S2N_SUCCESS on success. S2N_FAILURE on failure
@@ -1083,6 +1086,8 @@ extern int s2n_config_send_max_fragment_length(struct s2n_config *config, s2n_ma
  * requests. If this API is not called, and client requests the extension, server will ignore
  * the request and continue TLS handshake with default maximum fragment length of 8k bytes
  *
+ * @note Some TLS implementations do not respect their peer's max fragment length extension.
+ *
  * @param config The configuration object being updated
  * @returns S2N_SUCCESS on success. S2N_FAILURE on failure
  */
@@ -1618,21 +1623,20 @@ S2N_API
 extern int s2n_connection_set_dynamic_record_threshold(struct s2n_connection *conn, uint32_t resize_threshold, uint16_t timeout_threshold);
 
 /** 
- * Sets the callback to use for verifying that a hostname from an X.509 certificate is trusted. By default, 
- * no certificate will be trusted. To override this behavior, set this callback. See s2n_verify_host_fn()
- * for details. This configuration will be inherited by default to new instances of `s2n_connection`. 
+ * Sets the callback to use for verifying that a hostname from an X.509 certificate is trusted.
  *
- * If a separate callback for different connections using the same config is desired, see s2n_connection_set_verify_host_callback()
+ * The default behavior is to require that the hostname match the server name set with s2n_set_server_name(). This will
+ * likely lead to all client certificates being rejected, so the callback will need to be overriden when using client authentication.
  *
- * @note If you don't want to use the configuration wide callback, you can set this per connection and it will be honored.
+ * If a single callback for different connections using the same config is desired, see s2n_config_set_verify_host_callback().
  *
- * @param config A pointer to a s2n_config object
+ * @param conn A pointer to a s2n_connection object
  * @param host_fn A pointer to a callback function that s2n will invoke in order to verify the hostname of an X.509 certificate
  * @param data Opaque pointer to data that the verify host function will be invoked with
  * @returns S2N_SUCCESS on success. S2N_FAILURE on failure
  */
 S2N_API
-extern int s2n_connection_set_verify_host_callback(struct s2n_connection *config, s2n_verify_host_fn host_fn, void *data);
+extern int s2n_connection_set_verify_host_callback(struct s2n_connection *conn, s2n_verify_host_fn host_fn, void *data);
 
 /**
  * Used to opt-out of s2n-tls's built-in blinding. Blinding is a
diff --git a/contrib/restricted/aws/s2n/crypto/s2n_ecc_evp.c b/contrib/restricted/aws/s2n/crypto/s2n_ecc_evp.c
index fa137ee1f0..4d1a72c408 100644
--- a/contrib/restricted/aws/s2n/crypto/s2n_ecc_evp.c
+++ b/contrib/restricted/aws/s2n/crypto/s2n_ecc_evp.c
@@ -23,6 +23,8 @@
 
 #include <stdint.h>
 
+#include "tls/s2n_connection.h"
+#include "tls/s2n_ecc_preferences.h"
 #include "tls/s2n_tls_parameters.h"
 #include "utils/s2n_mem.h"
 #include "utils/s2n_safety.h"
@@ -478,21 +480,26 @@ int s2n_ecc_evp_parse_params_point(struct s2n_blob *point_blob, struct s2n_ecc_e
     return 0;
 }
 
-int s2n_ecc_evp_parse_params(struct s2n_ecdhe_raw_server_params *raw_server_ecc_params,
-                             struct s2n_ecc_evp_params *ecc_evp_params) {
-    S2N_ERROR_IF(
-        s2n_ecc_evp_find_supported_curve(&raw_server_ecc_params->curve_blob, &ecc_evp_params->negotiated_curve) != 0,
-        S2N_ERR_ECDHE_UNSUPPORTED_CURVE);
+int s2n_ecc_evp_parse_params(struct s2n_connection* conn,
+                             struct s2n_ecdhe_raw_server_params* raw_server_ecc_params,
+                             struct s2n_ecc_evp_params* ecc_evp_params) {
+    POSIX_ENSURE(
+            s2n_ecc_evp_find_supported_curve(conn, &raw_server_ecc_params->curve_blob, &ecc_evp_params->negotiated_curve) == 0,
+            S2N_ERR_ECDHE_UNSUPPORTED_CURVE);
     return s2n_ecc_evp_parse_params_point(&raw_server_ecc_params->point_blob, ecc_evp_params);
 }
 
-int s2n_ecc_evp_find_supported_curve(struct s2n_blob *iana_ids, const struct s2n_ecc_named_curve **found) {
+int s2n_ecc_evp_find_supported_curve(struct s2n_connection* conn, struct s2n_blob *iana_ids, const struct s2n_ecc_named_curve **found) {
+    const struct s2n_ecc_preferences* ecc_prefs = NULL;
+    POSIX_GUARD(s2n_connection_get_ecc_preferences(conn, &ecc_prefs));
+    POSIX_ENSURE_REF(ecc_prefs);
+
     struct s2n_stuffer iana_ids_in = {0};
 
     POSIX_GUARD(s2n_stuffer_init(&iana_ids_in, iana_ids));
     POSIX_GUARD(s2n_stuffer_write(&iana_ids_in, iana_ids));
-    for (size_t i = 0; i < s2n_all_supported_curves_list_len; i++) {
-        const struct s2n_ecc_named_curve *supported_curve = s2n_all_supported_curves_list[i];
+    for (size_t i = 0; i < ecc_prefs->count; i++) {
+        const struct s2n_ecc_named_curve *supported_curve = ecc_prefs->ecc_curves[i];
         for (uint32_t j = 0; j < iana_ids->size / 2; j++) {
             uint16_t iana_id;
             POSIX_GUARD(s2n_stuffer_read_uint16(&iana_ids_in, &iana_id));
diff --git a/contrib/restricted/aws/s2n/crypto/s2n_ecc_evp.h b/contrib/restricted/aws/s2n/crypto/s2n_ecc_evp.h
index f9b8c8f7e2..1d09e2c89d 100644
--- a/contrib/restricted/aws/s2n/crypto/s2n_ecc_evp.h
+++ b/contrib/restricted/aws/s2n/crypto/s2n_ecc_evp.h
@@ -70,10 +70,7 @@ int s2n_ecc_evp_compute_shared_secret_from_params(struct s2n_ecc_evp_params *pri
                                                   struct s2n_blob *shared_key);
 int s2n_ecc_evp_write_params_point(struct s2n_ecc_evp_params *ecc_evp_params, struct s2n_stuffer *out);
 int s2n_ecc_evp_read_params_point(struct s2n_stuffer *in, int point_size, struct s2n_blob *point_blob);
-int s2n_ecc_evp_compute_shared_secret_from_params(struct s2n_ecc_evp_params *private_ecc_evp_params,
-                                                  struct s2n_ecc_evp_params *public_ecc_evp_params,
-                                                  struct s2n_blob *shared_key);
-int s2n_ecc_evp_compute_shared_secret_as_server(struct s2n_ecc_evp_params *server_ecc_evp_params, 
+int s2n_ecc_evp_compute_shared_secret_as_server(struct s2n_ecc_evp_params *server_ecc_evp_params,
                                             struct s2n_stuffer *Yc_in, struct s2n_blob *shared_key);
 int s2n_ecc_evp_compute_shared_secret_as_client(struct s2n_ecc_evp_params *server_ecc_evp_params, 
                                             struct s2n_stuffer *Yc_out, struct s2n_blob *shared_key); 
@@ -82,8 +79,9 @@ int s2n_ecc_evp_write_params(struct s2n_ecc_evp_params *ecc_evp_params, struct s
                              struct s2n_blob *written);
 int s2n_ecc_evp_read_params(struct s2n_stuffer *in, struct s2n_blob *data_to_verify,
                             struct s2n_ecdhe_raw_server_params *raw_server_ecc_params);
-int s2n_ecc_evp_parse_params(struct s2n_ecdhe_raw_server_params *raw_server_ecc_params,
-                             struct s2n_ecc_evp_params *ecc_evp_params);
-int s2n_ecc_evp_find_supported_curve(struct s2n_blob *iana_ids, const struct s2n_ecc_named_curve **found);
+int s2n_ecc_evp_parse_params(struct s2n_connection *conn,
+                             struct s2n_ecdhe_raw_server_params *raw_server_ecc_params,
+                             struct s2n_ecc_evp_params* ecc_evp_params);
+int s2n_ecc_evp_find_supported_curve(struct s2n_connection* conn, struct s2n_blob *iana_ids, const struct s2n_ecc_named_curve **found);
 int s2n_ecc_evp_params_free(struct s2n_ecc_evp_params *ecc_evp_params);
 int s2n_is_evp_apis_supported();
diff --git a/contrib/restricted/aws/s2n/crypto/s2n_locking.c b/contrib/restricted/aws/s2n/crypto/s2n_locking.c
new file mode 100644
index 0000000000..84f4b263ae
--- /dev/null
+++ b/contrib/restricted/aws/s2n/crypto/s2n_locking.c
@@ -0,0 +1,116 @@
+/*
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License").
+ * You may not use this file except in compliance with the License.
+ * A copy of the License is located at
+ *
+ *  http://aws.amazon.com/apache2.0
+ *
+ * or in the "license" file accompanying this file. This file is distributed
+ * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing
+ * permissions and limitations under the License.
+ */
+
+#include <openssl/crypto.h>
+#include <pthread.h>
+
+#include "crypto/s2n_locking.h"
+#include "crypto/s2n_openssl.h"
+#include "utils/s2n_mem.h"
+#include "utils/s2n_safety.h"
+
+/* Writing multithreaded applications using Openssl-1.0.2
+ * requires calling CRYPTO_set_locking_callback.
+ * If the callback is not set, locks are no-ops and unexpected
+ * behavior may occur, particularly for RSA and X509.
+ *
+ * In the past s2n-tls relied on customers setting the callback
+ * themselves, but that seems unnecessary since other parts of
+ * the library (like fork detection) already rely on the pthreads library.
+ *
+ * For more information:
+ * https://www.openssl.org/blog/blog/2017/02/21/threads/
+ * https://www.openssl.org/docs/man1.0.2/man3/threads.html
+ */
+
+#define S2N_MUTEXES(mem) ((pthread_mutex_t *) (void*) (mem).data)
+
+/* While the locking-related APIs "exist" in later versions of
+ * Openssl, they tend to be placeholders or hardcoded values like:
+ * #define CRYPTO_get_locking_callback() (NULL)
+ * So the code will compile with strange warnings / errors like
+ * loop conditions always being false.
+ */
+#if !(S2N_OPENSSL_VERSION_AT_LEAST(1, 1, 0))
+
+static struct s2n_blob mutexes_mem = { 0 };
+static size_t mutexes_count = 0;
+
+static void s2n_locking_cb(int mode, int n, char *file, int line)
+{
+    pthread_mutex_t *mutexes = S2N_MUTEXES(mutexes_mem);
+    if (!mutexes_mem.data || n >= mutexes_count) {
+        return;
+    }
+
+    if (mode & CRYPTO_LOCK) {
+        pthread_mutex_lock(&(mutexes[n]));
+    } else {
+        pthread_mutex_unlock(&(mutexes[n]));
+    }
+}
+
+S2N_RESULT s2n_locking_init(void)
+{
+    if (CRYPTO_get_locking_callback() != NULL) {
+        return S2N_RESULT_OK;
+    }
+
+    int num_locks = CRYPTO_num_locks();
+
+    RESULT_GUARD_POSIX(s2n_realloc(&mutexes_mem, num_locks * sizeof(pthread_mutex_t)));
+
+    pthread_mutex_t *mutexes = S2N_MUTEXES(mutexes_mem);
+    mutexes_count = 0;
+    for (size_t i = 0; i < num_locks; i++) {
+        RESULT_ENSURE_EQ(pthread_mutex_init(&(mutexes[i]), NULL), 0);
+        mutexes_count++;
+    }
+
+    CRYPTO_set_locking_callback((void (*)()) s2n_locking_cb);
+    return S2N_RESULT_OK;
+}
+
+S2N_RESULT s2n_locking_cleanup(void)
+{
+    if (CRYPTO_get_locking_callback() == (void (*)()) s2n_locking_cb) {
+        CRYPTO_set_locking_callback(NULL);
+    }
+
+    pthread_mutex_t *mutexes = S2N_MUTEXES(mutexes_mem);
+    if (mutexes) {
+        while(mutexes_count > 0) {
+            RESULT_ENSURE_EQ(pthread_mutex_destroy(&(mutexes[mutexes_count - 1])), 0);
+            mutexes_count--;
+        }
+        RESULT_GUARD_POSIX(s2n_free(&mutexes_mem));
+    }
+
+    return S2N_RESULT_OK;
+}
+
+#else
+
+S2N_RESULT s2n_locking_init(void)
+{
+    return S2N_RESULT_OK;
+}
+
+S2N_RESULT s2n_locking_cleanup(void)
+{
+    return S2N_RESULT_OK;
+}
+
+#endif
diff --git a/contrib/restricted/aws/s2n/crypto/s2n_locking.h b/contrib/restricted/aws/s2n/crypto/s2n_locking.h
new file mode 100644
index 0000000000..3ad817ceb4
--- /dev/null
+++ b/contrib/restricted/aws/s2n/crypto/s2n_locking.h
@@ -0,0 +1,21 @@
+/*
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License").
+ * You may not use this file except in compliance with the License.
+ * A copy of the License is located at
+ *
+ *  http://aws.amazon.com/apache2.0
+ *
+ * or in the "license" file accompanying this file. This file is distributed
+ * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing
+ * permissions and limitations under the License.
+ */
+
+#pragma once
+
+#include "utils/s2n_result.h"
+
+S2N_RESULT s2n_locking_init(void);
+S2N_RESULT s2n_locking_cleanup(void);
diff --git a/contrib/restricted/aws/s2n/tls/extensions/s2n_client_ems.c b/contrib/restricted/aws/s2n/tls/extensions/s2n_client_ems.c
index 36ec3d339f..0fd8d83c5d 100644
--- a/contrib/restricted/aws/s2n/tls/extensions/s2n_client_ems.c
+++ b/contrib/restricted/aws/s2n/tls/extensions/s2n_client_ems.c
@@ -52,6 +52,16 @@ static int s2n_client_ems_recv(struct s2n_connection *conn, struct s2n_stuffer *
     return S2N_SUCCESS;
 }
 
+/**
+ *= https://www.rfc-editor.org/rfc/rfc7627#section-5.3
+ *= type=exception
+ *# When offering an abbreviated handshake, the client MUST send the
+ *# "extended_master_secret" extension in its ClientHello.
+ *
+ *  We added an exception here in order to prevent a drop in 
+ *  session resumption rates during deployment. Eventually clients
+ *  will be forced to do a full handshake as sessions expire and pick up EMS at that point.
+ **/
 static bool s2n_client_ems_should_send(struct s2n_connection *conn)
 {
     /* Don't send this extension if the previous session did not negotiate EMS */
diff --git a/contrib/restricted/aws/s2n/tls/s2n_server_key_exchange.c b/contrib/restricted/aws/s2n/tls/s2n_server_key_exchange.c
index fc60767bb6..0d3f05b2c9 100644
--- a/contrib/restricted/aws/s2n/tls/s2n_server_key_exchange.c
+++ b/contrib/restricted/aws/s2n/tls/s2n_server_key_exchange.c
@@ -100,7 +100,7 @@ int s2n_ecdhe_server_key_recv_read_data(struct s2n_connection *conn, struct s2n_
 
 int s2n_ecdhe_server_key_recv_parse_data(struct s2n_connection *conn, struct s2n_kex_raw_server_data *raw_server_data)
 {
-    POSIX_GUARD(s2n_ecc_evp_parse_params(&raw_server_data->ecdhe_data, &conn->kex_params.server_ecc_evp_params));
+    POSIX_GUARD(s2n_ecc_evp_parse_params(conn, &raw_server_data->ecdhe_data, &conn->kex_params.server_ecc_evp_params));
 
     return 0;
 }
diff --git a/contrib/restricted/aws/s2n/utils/s2n_init.c b/contrib/restricted/aws/s2n/utils/s2n_init.c
index 48596ffab6..7ea035ded2 100644
--- a/contrib/restricted/aws/s2n/utils/s2n_init.c
+++ b/contrib/restricted/aws/s2n/utils/s2n_init.c
@@ -14,6 +14,7 @@
  */
 #include "crypto/s2n_fips.h"
 #include "crypto/s2n_libcrypto.h"
+#include "crypto/s2n_locking.h"
 
 #include "error/s2n_errno.h"
 
@@ -52,6 +53,7 @@ int s2n_init(void)
     POSIX_GUARD(s2n_fips_init());
     POSIX_GUARD(s2n_mem_init());
     POSIX_GUARD_RESULT(s2n_rand_init());
+    POSIX_GUARD_RESULT(s2n_locking_init());
     POSIX_GUARD(s2n_cipher_suites_init());
     POSIX_GUARD(s2n_security_policies_init());
     POSIX_GUARD(s2n_config_defaults_init());
@@ -80,11 +82,10 @@ static bool s2n_cleanup_atexit_impl(void)
     /* the configs need to be wiped before resetting the memory callbacks */
     s2n_wipe_static_configs();
 
-    bool a = s2n_result_is_ok(s2n_rand_cleanup_thread());
-    bool b = s2n_result_is_ok(s2n_rand_cleanup());
-    bool c = s2n_mem_cleanup() == 0;
-
-    return a && b && c;
+    return s2n_result_is_ok(s2n_locking_cleanup()) &&
+           s2n_result_is_ok(s2n_rand_cleanup_thread()) &&
+           s2n_result_is_ok(s2n_rand_cleanup()) &&
+           (s2n_mem_cleanup() == S2N_SUCCESS);
 }
 
 int s2n_cleanup(void)