Handle multiple libraries in the same process using s2n-tls / calling s2n_init

[maddeleine]

Security issue notifications

If you discover a potential security issue in s2n we ask that you notify
AWS Security via our vulnerability reporting page. Please do not create a public github issue.

Problem:

Users currently have difficulties when trying to use two libraries that both attempt to initialize s2n-tls in the same process. What occurs is that the second call to s2n_init will error. Right now people do things like ignore failures from the s2n_init call, which is unsafe.

Solution:

One solution is to make s2n_is_initialized() public so users can check if they need to call s2n_init. Another solution is to make s2n_init() idempotent. This should be safe because all of our APIs that configure s2n_init behavior error if the library is already initialized. I'm not exactly sure how cleanup would work in this situation though so we might need an investigation if there are any issues that might arise from this. Probably the safest thing here is to not clean up s2n-tls in this situation?

Requirements / Acceptance Criteria:

Out of scope:

[maddeleine]

I guess another way of currently dealing with this issue is to gate the call to s2n_init like:

if (s2n_init() ==  -1 && s2n_errno != S2N_ERR_INITIALIZED) {
    // Fail for any s2n_init error that isn't the already initialized error
}

But I don't think the errors are public so I don't think users can actually branch on them.