openssl
/
openssl
mirror of https://github.com/openssl/openssl
1
0
Fork 0
Code Issues Releases Wiki Activity
openssl/crypto/ex_data.c

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

509 lines
14 KiB
C
Raw Permalink Normal View History

Copyright consolidation 05/10 Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-17 19:38:09 +00:00
/*
Copyright year updates Reviewed-by: Richard Levitte <levitte@openssl.org> Release: yes
2023-09-07 08:59:15 +00:00
* Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
OpenSSL copyright notices ...
2001-09-04 11:02:23 +00:00
*
Following the license change, modify the boilerplates in crypto/ [skip ci] Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7827)
2018-12-06 13:03:01 +00:00
* Licensed under the Apache License 2.0 (the "License"). You may not use
Copyright consolidation 05/10 Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-17 19:38:09 +00:00
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
OpenSSL copyright notices ...
2001-09-04 11:02:23 +00:00
*/
Import of old SSLeay release: SSLeay 0.9.0b
1998-12-21 10:56:39 +00:00
Add the ability for ex_data to have a priority Where an object has multiple ex_data associated with it, then we free that ex_data in order of priority (high priority first). Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14991)
2021-04-26 10:35:17 +00:00
#include <stdlib.h>
Reorganize private crypto header files Currently, there are two different directories which contain internal header files of libcrypto which are meant to be shared internally: While header files in 'include/internal' are intended to be shared between libcrypto and libssl, the files in 'crypto/include/internal' are intended to be shared inside libcrypto only. To make things complicated, the include search path is set up in such a way that the directive #include "internal/file.h" could refer to a file in either of these two directoroes. This makes it necessary in some cases to add a '_int.h' suffix to some files to resolve this ambiguity: #include "internal/file.h" # located in 'include/internal' #include "internal/file_int.h" # located in 'crypto/include/internal' This commit moves the private crypto headers from 'crypto/include/internal' to 'include/crypto' As a result, the include directives become unambiguous #include "internal/file.h" # located in 'include/internal' #include "crypto/file.h" # located in 'include/crypto' hence the superfluous '_int.h' suffixes can be stripped. The files 'store_int.h' and 'store.h' need to be treated specially; they are joined into a single file. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9333)
2019-09-27 22:45:33 +00:00
#include "crypto/cryptlib.h"
Change all our uses of CRYPTO_THREAD_run_once to use RUN_ONCE instead That way, we have a way to check if the init function was successful or not. Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2016-07-19 17:42:11 +00:00
#include "internal/thread_once.h"
Import of old SSLeay release: SSLeay 0.9.0b
1998-12-21 10:56:39 +00:00
Fix external symbols for crypto_* Partial fix for #12964 This adds ossl_ names for symbols related to crypto_* Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14473)
2021-02-24 08:07:52 +00:00
int ossl_do_ex_data_init(OSSL_LIB_CTX *ctx)
Convert CRYPTO_LOCK_EX_DATA to new multi-threading API Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-05 21:54:02 +00:00
{
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix, e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER. The OPENSSL_CTX type stands out a little by using a different prefix. For consistency reasons, this type is renamed to OSSL_LIB_CTX. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12621)
2020-10-15 09:55:50 +00:00
OSSL_EX_DATA_GLOBAL *global = ossl_lib_ctx_get_ex_data_global(ctx);
Instead of global data store it in an OPENSSL_CTX Various core and property related code files used global data. We should store all of that in an OPENSSL_CTX instead. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8857)
2019-05-01 10:02:43 +00:00
if (global == NULL)
Ensure the thread keys are always allocated in the same order Fixes: #5899 Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5911)
2018-04-20 13:45:06 +00:00
return 0;
Instead of global data store it in an OPENSSL_CTX Various core and property related code files used global data. We should store all of that in an OPENSSL_CTX instead. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8857)
2019-05-01 10:02:43 +00:00
global->ex_data_lock = CRYPTO_THREAD_lock_new();
return global->ex_data_lock != NULL;
Ensure all locks are properly cleaned up Some locks were not being properly cleaned up during close down. Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-11 21:53:18 +00:00
}
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 03:40:55 +00:00
/*
ex_data part 2: doc fixes and CRYPTO_free_ex_index. Add CRYPTO_free_ex_index (for shared libraries) Unify and complete the documentation for all "ex_data" API's and objects. Replace xxx_get_ex_new_index functions with a macro. Added an exdata test. Renamed the ex_data internal datatypes. Reviewed-by: Matt Caswell <matt@openssl.org>
2015-07-21 14:06:03 +00:00
* Return the EX_CALLBACKS from the |ex_data| array that corresponds to
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
* a given class. On success, *holds the lock.*
Remove double fetch of "OSSL_EX_DATA_GLOBAL" for global lock Fetch once and just pass the global ex_data to the "get_and_lock" static function. Removed a redundant null pointer check within the "get_and_lock" static function (control already performed by the caller). Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11152)
2020-02-23 09:01:45 +00:00
* The |global| parameter is assumed to be non null (checked by the caller).
When we're just reading EX_CALLBACK data just get a read lock The crypto_ex_data code was always obtaining a write lock in all functions regardless of whether we were only reading EX_CALLBACK data or actually changing it. Changes to the EX_CALLBACK data are rare, with many reads so we should change to a read lock where we can. We hit this every time we create or free any object that can have ex_data associated with it (e.g. BIOs, SSL, etc) Partially fixes #20286 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20943)
2023-05-11 10:25:07 +00:00
* If |read| is 1 then a read lock is obtained. Otherwise it is a write lock.
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 03:40:55 +00:00
*/
When we're just reading EX_CALLBACK data just get a read lock The crypto_ex_data code was always obtaining a write lock in all functions regardless of whether we were only reading EX_CALLBACK data or actually changing it. Changes to the EX_CALLBACK data are rare, with many reads so we should change to a read lock where we can. We hit this every time we create or free any object that can have ex_data associated with it (e.g. BIOs, SSL, etc) Partially fixes #20286 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20943)
2023-05-11 10:25:07 +00:00
static EX_CALLBACKS *get_and_lock(OSSL_EX_DATA_GLOBAL *global, int class_index,
int read)
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
{
ex_data part 2: doc fixes and CRYPTO_free_ex_index. Add CRYPTO_free_ex_index (for shared libraries) Unify and complete the documentation for all "ex_data" API's and objects. Replace xxx_get_ex_new_index functions with a macro. Added an exdata test. Renamed the ex_data internal datatypes. Reviewed-by: Matt Caswell <matt@openssl.org>
2015-07-21 14:06:03 +00:00
EX_CALLBACKS *ip;
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
if (class_index < 0 || class_index >= CRYPTO_EX_INDEX__COUNT) {
Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call This includes error reporting for libcrypto sub-libraries in surprising places. This was done using util/err-to-raise Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13318)
2020-11-04 11:23:19 +00:00
ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_INVALID_ARGUMENT);
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
return NULL;
}
Remove double fetch of "OSSL_EX_DATA_GLOBAL" for global lock Fetch once and just pass the global ex_data to the "get_and_lock" static function. Removed a redundant null pointer check within the "get_and_lock" static function (control already performed by the caller). Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11152)
2020-02-23 09:01:45 +00:00
if (global->ex_data_lock == NULL) {
Fix ex_data locks issue Travis identified a problem with freeing the ex_data locks which wasn't quite right in ff2344052. Trying to fix it identified a further problem: the ex_data locks are cleaned up by OPENSSL_cleanup(), which is called explicitly by CRYPTO_mem_leaks(), but then later the BIO passed to CRYPTO_mem_leaks() is freed. An attempt is then made to use the ex_data lock already freed. Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-04-14 20:28:54 +00:00
/*
Deprecate most of debug-memory Fixes #8322 The leak-checking (and backtrace option, on some platforms) provided by crypto-mdebug and crypto-mdebug-backtrace have been mostly neutered; only the "make malloc fail" capability remains. OpenSSL recommends using the compiler's leak-detection instead. The OPENSSL_DEBUG_MEMORY environment variable is no longer used. CRYPTO_mem_ctrl(), CRYPTO_set_mem_debug(), CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return a failure code. CRYPTO_mem_debug_{malloc,realloc,free}() have been removed. All of the above are now deprecated. Merge (now really small) mem_dbg.c into mem.c Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10572)
2019-12-04 18:15:08 +00:00
* If we get here, someone (who?) cleaned up the lock, so just
* treat it as an error.
Fix ex_data locks issue Travis identified a problem with freeing the ex_data locks which wasn't quite right in ff2344052. Trying to fix it identified a further problem: the ex_data locks are cleaned up by OPENSSL_cleanup(), which is called explicitly by CRYPTO_mem_leaks(), but then later the BIO passed to CRYPTO_mem_leaks() is freed. An attempt is then made to use the ex_data lock already freed. Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-04-14 20:28:54 +00:00
*/
return NULL;
}
When we're just reading EX_CALLBACK data just get a read lock The crypto_ex_data code was always obtaining a write lock in all functions regardless of whether we were only reading EX_CALLBACK data or actually changing it. Changes to the EX_CALLBACK data are rare, with many reads so we should change to a read lock where we can. We hit this every time we create or free any object that can have ex_data associated with it (e.g. BIOs, SSL, etc) Partially fixes #20286 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20943)
2023-05-11 10:25:07 +00:00
if (read) {
if (!CRYPTO_THREAD_read_lock(global->ex_data_lock))
return NULL;
} else {
if (!CRYPTO_THREAD_write_lock(global->ex_data_lock))
return NULL;
}
Access data after obtaining the lock not before. It isn't completely clear that this constitutes a race condition, but it will always be conservative to access the locked data after getting the lock. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/9579)
2019-08-12 10:07:39 +00:00
ip = &global->ex_data[class_index];
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
return ip;
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
}
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 03:40:55 +00:00
ex_data part 2: doc fixes and CRYPTO_free_ex_index. Add CRYPTO_free_ex_index (for shared libraries) Unify and complete the documentation for all "ex_data" API's and objects. Replace xxx_get_ex_new_index functions with a macro. Added an exdata test. Renamed the ex_data internal datatypes. Reviewed-by: Matt Caswell <matt@openssl.org>
2015-07-21 14:06:03 +00:00
static void cleanup_cb(EX_CALLBACK *funcs)
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
{
Convert "max" to "mx" for variable names (brought to my attention by Steve Henson). Also, reverse a previous change that used an implicit function pointer cast rather than an explicit data pointer cast in the STACK cleanup code.
2001-09-02 20:41:34 +00:00
OPENSSL_free(funcs);
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
}
/*
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
* Release all "ex_data" state to prevent memory leaks. This can't be made
* thread-safe without overhauling a lot of stuff, and shouldn't really be
* called under potential race-conditions anyway (it's for program shutdown
* after all).
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
*/
Fix external symbols for crypto_* Partial fix for #12964 This adds ossl_ names for symbols related to crypto_* Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14473)
2021-02-24 08:07:52 +00:00
void ossl_crypto_cleanup_all_ex_data_int(OSSL_LIB_CTX *ctx)
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
{
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
int i;
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix, e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER. The OPENSSL_CTX type stands out a little by using a different prefix. For consistency reasons, this type is renamed to OSSL_LIB_CTX. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12621)
2020-10-15 09:55:50 +00:00
OSSL_EX_DATA_GLOBAL *global = ossl_lib_ctx_get_ex_data_global(ctx);
Instead of global data store it in an OPENSSL_CTX Various core and property related code files used global data. We should store all of that in an OPENSSL_CTX instead. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8857)
2019-05-01 10:02:43 +00:00
if (global == NULL)
return;
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 03:40:55 +00:00
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
for (i = 0; i < CRYPTO_EX_INDEX__COUNT; ++i) {
Instead of global data store it in an OPENSSL_CTX Various core and property related code files used global data. We should store all of that in an OPENSSL_CTX instead. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8857)
2019-05-01 10:02:43 +00:00
EX_CALLBACKS *ip = &global->ex_data[i];
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
ex_data part 2: doc fixes and CRYPTO_free_ex_index. Add CRYPTO_free_ex_index (for shared libraries) Unify and complete the documentation for all "ex_data" API's and objects. Replace xxx_get_ex_new_index functions with a macro. Added an exdata test. Renamed the ex_data internal datatypes. Reviewed-by: Matt Caswell <matt@openssl.org>
2015-07-21 14:06:03 +00:00
sk_EX_CALLBACK_pop_free(ip->meth, cleanup_cb);
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
ip->meth = NULL;
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
}
Fix ex_data locks issue Travis identified a problem with freeing the ex_data locks which wasn't quite right in ff2344052. Trying to fix it identified a further problem: the ex_data locks are cleaned up by OPENSSL_cleanup(), which is called explicitly by CRYPTO_mem_leaks(), but then later the BIO passed to CRYPTO_mem_leaks() is freed. An attempt is then made to use the ex_data lock already freed. Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-04-14 20:28:54 +00:00
Instead of global data store it in an OPENSSL_CTX Various core and property related code files used global data. We should store all of that in an OPENSSL_CTX instead. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8857)
2019-05-01 10:02:43 +00:00
CRYPTO_THREAD_lock_free(global->ex_data_lock);
global->ex_data_lock = NULL;
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
}
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 03:40:55 +00:00
ex_data part 2: doc fixes and CRYPTO_free_ex_index. Add CRYPTO_free_ex_index (for shared libraries) Unify and complete the documentation for all "ex_data" API's and objects. Replace xxx_get_ex_new_index functions with a macro. Added an exdata test. Renamed the ex_data internal datatypes. Reviewed-by: Matt Caswell <matt@openssl.org>
2015-07-21 14:06:03 +00:00
/*
* Unregister a new index by replacing the callbacks with no-ops.
* Any in-use instances are leaked.
*/
static void dummy_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx,
long argl, void *argp)
{
}
static void dummy_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx,
long argl, void *argp)
{
}
Const the ex data stuff too to fix warnings Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-07-31 10:04:48 +00:00
static int dummy_dup(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from,
Fix the parameter types of the CRYPTO_EX_dup function type. This fixes a strict aliasing issue in ui_dup_method_data. The parameter type of CRYPTO_EX_dup's from_d parameter is in fact void **, since it points to a pointer. This function is rarely used, therefore fix the param type although that may be considered an API breaking change. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2986)
2017-03-20 16:29:28 +00:00
void **from_d, int idx,
ex_data part 2: doc fixes and CRYPTO_free_ex_index. Add CRYPTO_free_ex_index (for shared libraries) Unify and complete the documentation for all "ex_data" API's and objects. Replace xxx_get_ex_new_index functions with a macro. Added an exdata test. Renamed the ex_data internal datatypes. Reviewed-by: Matt Caswell <matt@openssl.org>
2015-07-21 14:06:03 +00:00
long argl, void *argp)
{
Fix the error handling in CRYPTO_dup_ex_data. Fix a strict aliasing issue in ui_dup_method_data. Add test coverage for CRYPTO_dup_ex_data, use OPENSSL_assert. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2988)
2017-03-19 15:14:33 +00:00
return 1;
ex_data part 2: doc fixes and CRYPTO_free_ex_index. Add CRYPTO_free_ex_index (for shared libraries) Unify and complete the documentation for all "ex_data" API's and objects. Replace xxx_get_ex_new_index functions with a macro. Added an exdata test. Renamed the ex_data internal datatypes. Reviewed-by: Matt Caswell <matt@openssl.org>
2015-07-21 14:06:03 +00:00
}
Fix external symbols for crypto_* Partial fix for #12964 This adds ossl_ names for symbols related to crypto_* Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14473)
2021-02-24 08:07:52 +00:00
int ossl_crypto_free_ex_index_ex(OSSL_LIB_CTX *ctx, int class_index, int idx)
ex_data part 2: doc fixes and CRYPTO_free_ex_index. Add CRYPTO_free_ex_index (for shared libraries) Unify and complete the documentation for all "ex_data" API's and objects. Replace xxx_get_ex_new_index functions with a macro. Added an exdata test. Renamed the ex_data internal datatypes. Reviewed-by: Matt Caswell <matt@openssl.org>
2015-07-21 14:06:03 +00:00
{
Remove deadlock that was caused by calling pthread_rwlock_wrlock() on same thread twice. This can be reproduce only with musl. CLA: trivial Signed-off-by: Matus Kysel <mkysel@tachyum.com> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10501)
2019-11-22 09:44:02 +00:00
EX_CALLBACKS *ip;
ex_data part 2: doc fixes and CRYPTO_free_ex_index. Add CRYPTO_free_ex_index (for shared libraries) Unify and complete the documentation for all "ex_data" API's and objects. Replace xxx_get_ex_new_index functions with a macro. Added an exdata test. Renamed the ex_data internal datatypes. Reviewed-by: Matt Caswell <matt@openssl.org>
2015-07-21 14:06:03 +00:00
EX_CALLBACK *a;
int toret = 0;
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix, e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER. The OPENSSL_CTX type stands out a little by using a different prefix. For consistency reasons, this type is renamed to OSSL_LIB_CTX. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12621)
2020-10-15 09:55:50 +00:00
OSSL_EX_DATA_GLOBAL *global = ossl_lib_ctx_get_ex_data_global(ctx);
Instead of global data store it in an OPENSSL_CTX Various core and property related code files used global data. We should store all of that in an OPENSSL_CTX instead. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8857)
2019-05-01 10:02:43 +00:00
if (global == NULL)
Coverity CID 1444955: Null pointer dereferences Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8888)
2019-05-07 00:57:34 +00:00
return 0;
ex_data part 2: doc fixes and CRYPTO_free_ex_index. Add CRYPTO_free_ex_index (for shared libraries) Unify and complete the documentation for all "ex_data" API's and objects. Replace xxx_get_ex_new_index functions with a macro. Added an exdata test. Renamed the ex_data internal datatypes. Reviewed-by: Matt Caswell <matt@openssl.org>
2015-07-21 14:06:03 +00:00
When we're just reading EX_CALLBACK data just get a read lock The crypto_ex_data code was always obtaining a write lock in all functions regardless of whether we were only reading EX_CALLBACK data or actually changing it. Changes to the EX_CALLBACK data are rare, with many reads so we should change to a read lock where we can. We hit this every time we create or free any object that can have ex_data associated with it (e.g. BIOs, SSL, etc) Partially fixes #20286 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20943)
2023-05-11 10:25:07 +00:00
ip = get_and_lock(global, class_index, 0);
ex_data part 2: doc fixes and CRYPTO_free_ex_index. Add CRYPTO_free_ex_index (for shared libraries) Unify and complete the documentation for all "ex_data" API's and objects. Replace xxx_get_ex_new_index functions with a macro. Added an exdata test. Renamed the ex_data internal datatypes. Reviewed-by: Matt Caswell <matt@openssl.org>
2015-07-21 14:06:03 +00:00
if (ip == NULL)
return 0;
Remove double fetch of "OSSL_EX_DATA_GLOBAL" for global lock Fetch once and just pass the global ex_data to the "get_and_lock" static function. Removed a redundant null pointer check within the "get_and_lock" static function (control already performed by the caller). Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11152)
2020-02-23 09:01:45 +00:00
ex_data part 2: doc fixes and CRYPTO_free_ex_index. Add CRYPTO_free_ex_index (for shared libraries) Unify and complete the documentation for all "ex_data" API's and objects. Replace xxx_get_ex_new_index functions with a macro. Added an exdata test. Renamed the ex_data internal datatypes. Reviewed-by: Matt Caswell <matt@openssl.org>
2015-07-21 14:06:03 +00:00
if (idx < 0 || idx >= sk_EX_CALLBACK_num(ip->meth))
goto err;
a = sk_EX_CALLBACK_value(ip->meth, idx);
if (a == NULL)
goto err;
a->new_func = dummy_new;
a->dup_func = dummy_dup;
a->free_func = dummy_free;
toret = 1;
err:
Instead of global data store it in an OPENSSL_CTX Various core and property related code files used global data. We should store all of that in an OPENSSL_CTX instead. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8857)
2019-05-01 10:02:43 +00:00
CRYPTO_THREAD_unlock(global->ex_data_lock);
ex_data part 2: doc fixes and CRYPTO_free_ex_index. Add CRYPTO_free_ex_index (for shared libraries) Unify and complete the documentation for all "ex_data" API's and objects. Replace xxx_get_ex_new_index functions with a macro. Added an exdata test. Renamed the ex_data internal datatypes. Reviewed-by: Matt Caswell <matt@openssl.org>
2015-07-21 14:06:03 +00:00
return toret;
}
Instead of global data store it in an OPENSSL_CTX Various core and property related code files used global data. We should store all of that in an OPENSSL_CTX instead. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8857)
2019-05-01 10:02:43 +00:00
int CRYPTO_free_ex_index(int class_index, int idx)
{
Fix external symbols for crypto_* Partial fix for #12964 This adds ossl_ names for symbols related to crypto_* Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14473)
2021-02-24 08:07:52 +00:00
return ossl_crypto_free_ex_index_ex(NULL, class_index, idx);
Instead of global data store it in an OPENSSL_CTX Various core and property related code files used global data. We should store all of that in an OPENSSL_CTX instead. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8857)
2019-05-01 10:02:43 +00:00
}
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
/*
ex_data part 2: doc fixes and CRYPTO_free_ex_index. Add CRYPTO_free_ex_index (for shared libraries) Unify and complete the documentation for all "ex_data" API's and objects. Replace xxx_get_ex_new_index functions with a macro. Added an exdata test. Renamed the ex_data internal datatypes. Reviewed-by: Matt Caswell <matt@openssl.org>
2015-07-21 14:06:03 +00:00
* Register a new index.
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
*/
Fix external symbols for crypto_* Partial fix for #12964 This adds ossl_ names for symbols related to crypto_* Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14473)
2021-02-24 08:07:52 +00:00
int ossl_crypto_get_ex_new_index_ex(OSSL_LIB_CTX *ctx, int class_index,
long argl, void *argp,
CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func,
Add the ability for ex_data to have a priority Where an object has multiple ex_data associated with it, then we free that ex_data in order of priority (high priority first). Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14991)
2021-04-26 10:35:17 +00:00
CRYPTO_EX_free *free_func,
int priority)
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
{
int toret = -1;
ex_data part 2: doc fixes and CRYPTO_free_ex_index. Add CRYPTO_free_ex_index (for shared libraries) Unify and complete the documentation for all "ex_data" API's and objects. Replace xxx_get_ex_new_index functions with a macro. Added an exdata test. Renamed the ex_data internal datatypes. Reviewed-by: Matt Caswell <matt@openssl.org>
2015-07-21 14:06:03 +00:00
EX_CALLBACK *a;
Instead of global data store it in an OPENSSL_CTX Various core and property related code files used global data. We should store all of that in an OPENSSL_CTX instead. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8857)
2019-05-01 10:02:43 +00:00
EX_CALLBACKS *ip;
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix, e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER. The OPENSSL_CTX type stands out a little by using a different prefix. For consistency reasons, this type is renamed to OSSL_LIB_CTX. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12621)
2020-10-15 09:55:50 +00:00
OSSL_EX_DATA_GLOBAL *global = ossl_lib_ctx_get_ex_data_global(ctx);
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
Instead of global data store it in an OPENSSL_CTX Various core and property related code files used global data. We should store all of that in an OPENSSL_CTX instead. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8857)
2019-05-01 10:02:43 +00:00
if (global == NULL)
Coverity CID 1444951: Null pointer dereferences Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8888)
2019-05-07 01:07:41 +00:00
return -1;
Instead of global data store it in an OPENSSL_CTX Various core and property related code files used global data. We should store all of that in an OPENSSL_CTX instead. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8857)
2019-05-01 10:02:43 +00:00
When we're just reading EX_CALLBACK data just get a read lock The crypto_ex_data code was always obtaining a write lock in all functions regardless of whether we were only reading EX_CALLBACK data or actually changing it. Changes to the EX_CALLBACK data are rare, with many reads so we should change to a read lock where we can. We hit this every time we create or free any object that can have ex_data associated with it (e.g. BIOs, SSL, etc) Partially fixes #20286 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20943)
2023-05-11 10:25:07 +00:00
ip = get_and_lock(global, class_index, 0);
ex_data part 2: doc fixes and CRYPTO_free_ex_index. Add CRYPTO_free_ex_index (for shared libraries) Unify and complete the documentation for all "ex_data" API's and objects. Replace xxx_get_ex_new_index functions with a macro. Added an exdata test. Renamed the ex_data internal datatypes. Reviewed-by: Matt Caswell <matt@openssl.org>
2015-07-21 14:06:03 +00:00
if (ip == NULL)
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
return -1;
Fix memory leak in library deinit ENGINE_cleanup calls CRYPTO_free_ex_data and therefore, CRYPTO_cleanup_all_ex_data - which cleans up the method pointers - must run after ENGINE_cleanup. Additionally, don't needlessly initialize the EX_CALLBACKS stack during e.g. CRYPTO_free_ex_data. The only time this is actually needed is when reserving the first ex data index. Specifically, since sk_num returns -1 on NULL input, the rest of the code already handles a NULL method stack correctly. Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-12 19:46:13 +00:00
if (ip->meth == NULL) {
ip->meth = sk_EX_CALLBACK_new_null();
/* We push an initial value on the stack because the SSL
* "app_data" routines use ex_data index zero. See RT 3710. */
if (ip->meth == NULL
|| !sk_EX_CALLBACK_push(ip->meth, NULL)) {
Fix error handling in CRYPTO_get_ex_new_index If an out of memory error happens when the index zero is reserved in a newly created ip->meth stack object, that reservation is not done in a second attempt, which makes various X_set_ex_data overwrite the value of X_set_app_data. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22149)
2023-09-19 18:15:18 +00:00
sk_EX_CALLBACK_free(ip->meth);
ip->meth = NULL;
Stop raising ERR_R_MALLOC_FAILURE in most places Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and at least handle the file name and line number they are called from, there's no need to report ERR_R_MALLOC_FAILURE where they are called directly, or when SSLfatal() and RLAYERfatal() is used, the reason `ERR_R_MALLOC_FAILURE` is changed to `ERR_R_CRYPTO_LIB`. There were a number of places where `ERR_R_MALLOC_FAILURE` was reported even though it was a function from a different sub-system that was called. Those places are changed to report ERR_R_{lib}_LIB, where {lib} is the name of that sub-system. Some of them are tricky to get right, as we have a lot of functions that belong in the ASN1 sub-system, and all the `sk_` calls or from the CRYPTO sub-system. Some extra adaptation was necessary where there were custom OPENSSL_malloc() wrappers, and some bugs are fixed alongside these changes. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19301)
2022-09-29 11:57:34 +00:00
ERR_raise(ERR_LIB_CRYPTO, ERR_R_CRYPTO_LIB);
Fix memory leak in library deinit ENGINE_cleanup calls CRYPTO_free_ex_data and therefore, CRYPTO_cleanup_all_ex_data - which cleans up the method pointers - must run after ENGINE_cleanup. Additionally, don't needlessly initialize the EX_CALLBACKS stack during e.g. CRYPTO_free_ex_data. The only time this is actually needed is when reserving the first ex data index. Specifically, since sk_num returns -1 on NULL input, the rest of the code already handles a NULL method stack correctly. Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-12 19:46:13 +00:00
goto err;
}
}
ex_data part 2: doc fixes and CRYPTO_free_ex_index. Add CRYPTO_free_ex_index (for shared libraries) Unify and complete the documentation for all "ex_data" API's and objects. Replace xxx_get_ex_new_index functions with a macro. Added an exdata test. Renamed the ex_data internal datatypes. Reviewed-by: Matt Caswell <matt@openssl.org>
2015-07-21 14:06:03 +00:00
a = (EX_CALLBACK *)OPENSSL_malloc(sizeof(*a));
Stop raising ERR_R_MALLOC_FAILURE in most places Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and at least handle the file name and line number they are called from, there's no need to report ERR_R_MALLOC_FAILURE where they are called directly, or when SSLfatal() and RLAYERfatal() is used, the reason `ERR_R_MALLOC_FAILURE` is changed to `ERR_R_CRYPTO_LIB`. There were a number of places where `ERR_R_MALLOC_FAILURE` was reported even though it was a function from a different sub-system that was called. Those places are changed to report ERR_R_{lib}_LIB, where {lib} is the name of that sub-system. Some of them are tricky to get right, as we have a lot of functions that belong in the ASN1 sub-system, and all the `sk_` calls or from the CRYPTO sub-system. Some extra adaptation was necessary where there were custom OPENSSL_malloc() wrappers, and some bugs are fixed alongside these changes. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19301)
2022-09-29 11:57:34 +00:00
if (a == NULL)
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
goto err;
Import of old SSLeay release: SSLeay 0.9.0b
1998-12-21 10:56:39 +00:00
a->argl = argl;
a->argp = argp;
a->new_func = new_func;
a->dup_func = dup_func;
a->free_func = free_func;
Add the ability for ex_data to have a priority Where an object has multiple ex_data associated with it, then we free that ex_data in order of priority (high priority first). Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14991)
2021-04-26 10:35:17 +00:00
a->priority = priority;
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
ex_data part 2: doc fixes and CRYPTO_free_ex_index. Add CRYPTO_free_ex_index (for shared libraries) Unify and complete the documentation for all "ex_data" API's and objects. Replace xxx_get_ex_new_index functions with a macro. Added an exdata test. Renamed the ex_data internal datatypes. Reviewed-by: Matt Caswell <matt@openssl.org>
2015-07-21 14:06:03 +00:00
if (!sk_EX_CALLBACK_push(ip->meth, NULL)) {
Stop raising ERR_R_MALLOC_FAILURE in most places Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and at least handle the file name and line number they are called from, there's no need to report ERR_R_MALLOC_FAILURE where they are called directly, or when SSLfatal() and RLAYERfatal() is used, the reason `ERR_R_MALLOC_FAILURE` is changed to `ERR_R_CRYPTO_LIB`. There were a number of places where `ERR_R_MALLOC_FAILURE` was reported even though it was a function from a different sub-system that was called. Those places are changed to report ERR_R_{lib}_LIB, where {lib} is the name of that sub-system. Some of them are tricky to get right, as we have a lot of functions that belong in the ASN1 sub-system, and all the `sk_` calls or from the CRYPTO sub-system. Some extra adaptation was necessary where there were custom OPENSSL_malloc() wrappers, and some bugs are fixed alongside these changes. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19301)
2022-09-29 11:57:34 +00:00
ERR_raise(ERR_LIB_CRYPTO, ERR_R_CRYPTO_LIB);
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
OPENSSL_free(a);
goto err;
}
ex_data part 2: doc fixes and CRYPTO_free_ex_index. Add CRYPTO_free_ex_index (for shared libraries) Unify and complete the documentation for all "ex_data" API's and objects. Replace xxx_get_ex_new_index functions with a macro. Added an exdata test. Renamed the ex_data internal datatypes. Reviewed-by: Matt Caswell <matt@openssl.org>
2015-07-21 14:06:03 +00:00
toret = sk_EX_CALLBACK_num(ip->meth) - 1;
(void)sk_EX_CALLBACK_set(ip->meth, toret, a);
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
err:
Instead of global data store it in an OPENSSL_CTX Various core and property related code files used global data. We should store all of that in an OPENSSL_CTX instead. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8857)
2019-05-01 10:02:43 +00:00
CRYPTO_THREAD_unlock(global->ex_data_lock);
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
return toret;
}
Instead of global data store it in an OPENSSL_CTX Various core and property related code files used global data. We should store all of that in an OPENSSL_CTX instead. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8857)
2019-05-01 10:02:43 +00:00
int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp,
CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
CRYPTO_EX_free *free_func)
{
Fix external symbols for crypto_* Partial fix for #12964 This adds ossl_ names for symbols related to crypto_* Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14473)
2021-02-24 08:07:52 +00:00
return ossl_crypto_get_ex_new_index_ex(NULL, class_index, argl, argp,
Add the ability for ex_data to have a priority Where an object has multiple ex_data associated with it, then we free that ex_data in order of priority (high priority first). Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14991)
2021-04-26 10:35:17 +00:00
new_func, dup_func, free_func, 0);
Instead of global data store it in an OPENSSL_CTX Various core and property related code files used global data. We should store all of that in an OPENSSL_CTX instead. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8857)
2019-05-01 10:02:43 +00:00
}
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
/*
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
* Initialise a new CRYPTO_EX_DATA for use in a particular class - including
* calling new() callbacks for each index in the class used by this variable
ex_data part 2: doc fixes and CRYPTO_free_ex_index. Add CRYPTO_free_ex_index (for shared libraries) Unify and complete the documentation for all "ex_data" API's and objects. Replace xxx_get_ex_new_index functions with a macro. Added an exdata test. Renamed the ex_data internal datatypes. Reviewed-by: Matt Caswell <matt@openssl.org>
2015-07-21 14:06:03 +00:00
* Thread-safe by copying a class's array of "EX_CALLBACK" entries
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
* in the lock, then using them outside the lock. Note this only applies
* to the global "ex_data" state (ie. class definitions), not 'ad' itself.
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
*/
Fix external symbols for crypto_* Partial fix for #12964 This adds ossl_ names for symbols related to crypto_* Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14473)
2021-02-24 08:07:52 +00:00
int ossl_crypto_new_ex_data_ex(OSSL_LIB_CTX *ctx, int class_index, void *obj,
CRYPTO_EX_DATA *ad)
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
{
Convert "max" to "mx" for variable names (brought to my attention by Steve Henson). Also, reverse a previous change that used an implicit function pointer cast rather than an explicit data pointer cast in the STACK cleanup code.
2001-09-02 20:41:34 +00:00
int mx, i;
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
void *ptr;
ex_data part 2: doc fixes and CRYPTO_free_ex_index. Add CRYPTO_free_ex_index (for shared libraries) Unify and complete the documentation for all "ex_data" API's and objects. Replace xxx_get_ex_new_index functions with a macro. Added an exdata test. Renamed the ex_data internal datatypes. Reviewed-by: Matt Caswell <matt@openssl.org>
2015-07-21 14:06:03 +00:00
EX_CALLBACK **storage = NULL;
EX_CALLBACK *stack[10];
Instead of global data store it in an OPENSSL_CTX Various core and property related code files used global data. We should store all of that in an OPENSSL_CTX instead. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8857)
2019-05-01 10:02:43 +00:00
EX_CALLBACKS *ip;
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix, e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER. The OPENSSL_CTX type stands out a little by using a different prefix. For consistency reasons, this type is renamed to OSSL_LIB_CTX. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12621)
2020-10-15 09:55:50 +00:00
OSSL_EX_DATA_GLOBAL *global = ossl_lib_ctx_get_ex_data_global(ctx);
Instead of global data store it in an OPENSSL_CTX Various core and property related code files used global data. We should store all of that in an OPENSSL_CTX instead. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8857)
2019-05-01 10:02:43 +00:00
if (global == NULL)
return 0;
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
When we're just reading EX_CALLBACK data just get a read lock The crypto_ex_data code was always obtaining a write lock in all functions regardless of whether we were only reading EX_CALLBACK data or actually changing it. Changes to the EX_CALLBACK data are rare, with many reads so we should change to a read lock where we can. We hit this every time we create or free any object that can have ex_data associated with it (e.g. BIOs, SSL, etc) Partially fixes #20286 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20943)
2023-05-11 10:25:07 +00:00
ip = get_and_lock(global, class_index, 1);
ex_data part 2: doc fixes and CRYPTO_free_ex_index. Add CRYPTO_free_ex_index (for shared libraries) Unify and complete the documentation for all "ex_data" API's and objects. Replace xxx_get_ex_new_index functions with a macro. Added an exdata test. Renamed the ex_data internal datatypes. Reviewed-by: Matt Caswell <matt@openssl.org>
2015-07-21 14:06:03 +00:00
if (ip == NULL)
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
return 0;
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
Instead of global data store it in an OPENSSL_CTX Various core and property related code files used global data. We should store all of that in an OPENSSL_CTX instead. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8857)
2019-05-01 10:02:43 +00:00
ad->ctx = ctx;
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
ad->sk = NULL;
ex_data part 2: doc fixes and CRYPTO_free_ex_index. Add CRYPTO_free_ex_index (for shared libraries) Unify and complete the documentation for all "ex_data" API's and objects. Replace xxx_get_ex_new_index functions with a macro. Added an exdata test. Renamed the ex_data internal datatypes. Reviewed-by: Matt Caswell <matt@openssl.org>
2015-07-21 14:06:03 +00:00
mx = sk_EX_CALLBACK_num(ip->meth);
Convert "max" to "mx" for variable names (brought to my attention by Steve Henson). Also, reverse a previous change that used an implicit function pointer cast rather than an explicit data pointer cast in the STACK cleanup code.
2001-09-02 20:41:34 +00:00
if (mx > 0) {
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
if (mx < (int)OSSL_NELEM(stack))
storage = stack;
else
storage = OPENSSL_malloc(sizeof(*storage) * mx);
Continue standardising malloc style for libcrypto Continuing from previous commit ensure our style is consistent for malloc return checks. Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-10-30 11:12:26 +00:00
if (storage != NULL)
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
for (i = 0; i < mx; i++)
ex_data part 2: doc fixes and CRYPTO_free_ex_index. Add CRYPTO_free_ex_index (for shared libraries) Unify and complete the documentation for all "ex_data" API's and objects. Replace xxx_get_ex_new_index functions with a macro. Added an exdata test. Renamed the ex_data internal datatypes. Reviewed-by: Matt Caswell <matt@openssl.org>
2015-07-21 14:06:03 +00:00
storage[i] = sk_EX_CALLBACK_value(ip->meth, i);
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
}
Instead of global data store it in an OPENSSL_CTX Various core and property related code files used global data. We should store all of that in an OPENSSL_CTX instead. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8857)
2019-05-01 10:02:43 +00:00
CRYPTO_THREAD_unlock(global->ex_data_lock);
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
Stop raising ERR_R_MALLOC_FAILURE in most places Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and at least handle the file name and line number they are called from, there's no need to report ERR_R_MALLOC_FAILURE where they are called directly, or when SSLfatal() and RLAYERfatal() is used, the reason `ERR_R_MALLOC_FAILURE` is changed to `ERR_R_CRYPTO_LIB`. There were a number of places where `ERR_R_MALLOC_FAILURE` was reported even though it was a function from a different sub-system that was called. Those places are changed to report ERR_R_{lib}_LIB, where {lib} is the name of that sub-system. Some of them are tricky to get right, as we have a lot of functions that belong in the ASN1 sub-system, and all the `sk_` calls or from the CRYPTO sub-system. Some extra adaptation was necessary where there were custom OPENSSL_malloc() wrappers, and some bugs are fixed alongside these changes. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19301)
2022-09-29 11:57:34 +00:00
if (mx > 0 && storage == NULL)
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
return 0;
Convert "max" to "mx" for variable names (brought to my attention by Steve Henson). Also, reverse a previous change that used an implicit function pointer cast rather than an explicit data pointer cast in the STACK cleanup code.
2001-09-02 20:41:34 +00:00
for (i = 0; i < mx; i++) {
Coverity: fix two minor NPD issues. Found by Coverity. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8274)
2019-04-06 09:16:59 +00:00
if (storage[i] != NULL && storage[i]->new_func != NULL) {
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
ptr = CRYPTO_get_ex_data(ad, i);
storage[i]->new_func(obj, ptr, ad, i,
storage[i]->argl, storage[i]->argp);
}
}
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
if (storage != stack)
OPENSSL_free(storage);
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
return 1;
}
Instead of global data store it in an OPENSSL_CTX Various core and property related code files used global data. We should store all of that in an OPENSSL_CTX instead. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8857)
2019-05-01 10:02:43 +00:00
int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
{
Fix external symbols for crypto_* Partial fix for #12964 This adds ossl_ names for symbols related to crypto_* Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14473)
2021-02-24 08:07:52 +00:00
return ossl_crypto_new_ex_data_ex(NULL, class_index, obj, ad);
Instead of global data store it in an OPENSSL_CTX Various core and property related code files used global data. We should store all of that in an OPENSSL_CTX instead. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8857)
2019-05-01 10:02:43 +00:00
}
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
/*
* Duplicate a CRYPTO_EX_DATA variable - including calling dup() callbacks
* for each index in the class used by this variable
*/
int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to,
Const the ex data stuff too to fix warnings Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-07-31 10:04:48 +00:00
const CRYPTO_EX_DATA *from)
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
{
Convert "max" to "mx" for variable names (brought to my attention by Steve Henson). Also, reverse a previous change that used an implicit function pointer cast rather than an explicit data pointer cast in the STACK cleanup code.
2001-09-02 20:41:34 +00:00
int mx, j, i;
Fix the error handling in CRYPTO_dup_ex_data. Fix a strict aliasing issue in ui_dup_method_data. Add test coverage for CRYPTO_dup_ex_data, use OPENSSL_assert. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2988)
2017-03-19 15:14:33 +00:00
void *ptr;
ex_data part 2: doc fixes and CRYPTO_free_ex_index. Add CRYPTO_free_ex_index (for shared libraries) Unify and complete the documentation for all "ex_data" API's and objects. Replace xxx_get_ex_new_index functions with a macro. Added an exdata test. Renamed the ex_data internal datatypes. Reviewed-by: Matt Caswell <matt@openssl.org>
2015-07-21 14:06:03 +00:00
EX_CALLBACK *stack[10];
EX_CALLBACK **storage = NULL;
EX_CALLBACKS *ip;
Fix the error handling in CRYPTO_dup_ex_data. Fix a strict aliasing issue in ui_dup_method_data. Add test coverage for CRYPTO_dup_ex_data, use OPENSSL_assert. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2988)
2017-03-19 15:14:33 +00:00
int toret = 0;
Remove double fetch of "OSSL_EX_DATA_GLOBAL" for global lock Fetch once and just pass the global ex_data to the "get_and_lock" static function. Removed a redundant null pointer check within the "get_and_lock" static function (control already performed by the caller). Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11152)
2020-02-23 09:01:45 +00:00
OSSL_EX_DATA_GLOBAL *global;
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
Instead of global data store it in an OPENSSL_CTX Various core and property related code files used global data. We should store all of that in an OPENSSL_CTX instead. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8857)
2019-05-01 10:02:43 +00:00
to->ctx = from->ctx;
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
if (from->sk == NULL)
/* Nothing to copy over */
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
return 1;
Remove double fetch of "OSSL_EX_DATA_GLOBAL" for global lock Fetch once and just pass the global ex_data to the "get_and_lock" static function. Removed a redundant null pointer check within the "get_and_lock" static function (control already performed by the caller). Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11152)
2020-02-23 09:01:45 +00:00
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix, e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER. The OPENSSL_CTX type stands out a little by using a different prefix. For consistency reasons, this type is renamed to OSSL_LIB_CTX. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12621)
2020-10-15 09:55:50 +00:00
global = ossl_lib_ctx_get_ex_data_global(from->ctx);
Remove double fetch of "OSSL_EX_DATA_GLOBAL" for global lock Fetch once and just pass the global ex_data to the "get_and_lock" static function. Removed a redundant null pointer check within the "get_and_lock" static function (control already performed by the caller). Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11152)
2020-02-23 09:01:45 +00:00
if (global == NULL)
return 0;
When we're just reading EX_CALLBACK data just get a read lock The crypto_ex_data code was always obtaining a write lock in all functions regardless of whether we were only reading EX_CALLBACK data or actually changing it. Changes to the EX_CALLBACK data are rare, with many reads so we should change to a read lock where we can. We hit this every time we create or free any object that can have ex_data associated with it (e.g. BIOs, SSL, etc) Partially fixes #20286 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20943)
2023-05-11 10:25:07 +00:00
ip = get_and_lock(global, class_index, 1);
Remove double fetch of "OSSL_EX_DATA_GLOBAL" for global lock Fetch once and just pass the global ex_data to the "get_and_lock" static function. Removed a redundant null pointer check within the "get_and_lock" static function (control already performed by the caller). Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11152)
2020-02-23 09:01:45 +00:00
if (ip == NULL)
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
return 0;
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
ex_data part 2: doc fixes and CRYPTO_free_ex_index. Add CRYPTO_free_ex_index (for shared libraries) Unify and complete the documentation for all "ex_data" API's and objects. Replace xxx_get_ex_new_index functions with a macro. Added an exdata test. Renamed the ex_data internal datatypes. Reviewed-by: Matt Caswell <matt@openssl.org>
2015-07-21 14:06:03 +00:00
mx = sk_EX_CALLBACK_num(ip->meth);
More type-checking.
2008-06-04 11:01:43 +00:00
j = sk_void_num(from->sk);
Convert "max" to "mx" for variable names (brought to my attention by Steve Henson). Also, reverse a previous change that used an implicit function pointer cast rather than an explicit data pointer cast in the STACK cleanup code.
2001-09-02 20:41:34 +00:00
if (j < mx)
mx = j;
if (mx > 0) {
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
if (mx < (int)OSSL_NELEM(stack))
storage = stack;
else
storage = OPENSSL_malloc(sizeof(*storage) * mx);
Continue standardising malloc style for libcrypto Continuing from previous commit ensure our style is consistent for malloc return checks. Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-10-30 11:12:26 +00:00
if (storage != NULL)
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
for (i = 0; i < mx; i++)
ex_data part 2: doc fixes and CRYPTO_free_ex_index. Add CRYPTO_free_ex_index (for shared libraries) Unify and complete the documentation for all "ex_data" API's and objects. Replace xxx_get_ex_new_index functions with a macro. Added an exdata test. Renamed the ex_data internal datatypes. Reviewed-by: Matt Caswell <matt@openssl.org>
2015-07-21 14:06:03 +00:00
storage[i] = sk_EX_CALLBACK_value(ip->meth, i);
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
}
Instead of global data store it in an OPENSSL_CTX Various core and property related code files used global data. We should store all of that in an OPENSSL_CTX instead. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8857)
2019-05-01 10:02:43 +00:00
CRYPTO_THREAD_unlock(global->ex_data_lock);
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
Fix the error handling in CRYPTO_dup_ex_data. Fix a strict aliasing issue in ui_dup_method_data. Add test coverage for CRYPTO_dup_ex_data, use OPENSSL_assert. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2988)
2017-03-19 15:14:33 +00:00
if (mx == 0)
return 1;
Stop raising ERR_R_MALLOC_FAILURE in most places Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and at least handle the file name and line number they are called from, there's no need to report ERR_R_MALLOC_FAILURE where they are called directly, or when SSLfatal() and RLAYERfatal() is used, the reason `ERR_R_MALLOC_FAILURE` is changed to `ERR_R_CRYPTO_LIB`. There were a number of places where `ERR_R_MALLOC_FAILURE` was reported even though it was a function from a different sub-system that was called. Those places are changed to report ERR_R_{lib}_LIB, where {lib} is the name of that sub-system. Some of them are tricky to get right, as we have a lot of functions that belong in the ASN1 sub-system, and all the `sk_` calls or from the CRYPTO sub-system. Some extra adaptation was necessary where there were custom OPENSSL_malloc() wrappers, and some bugs are fixed alongside these changes. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19301)
2022-09-29 11:57:34 +00:00
if (storage == NULL)
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
return 0;
Fix ex_data and session_dup issues Code was added in commit b3c31a65 that overwrote the last ex_data value using CRYPTO_dup_ex_data() causing a memory leak, and potentially confusing the ex_data dup() callback. In ssl_session_dup(), fix error handling (properly reference and up-ref shared data) and new-up the ex_data before calling CRYPTO_dup_ex_data(); all other structures that dup ex_data have the destination ex_data new'd before the dup. Fix up some of the ex_data documentation. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3323)
2017-04-26 18:05:49 +00:00
/*
* Make sure the ex_data stack is at least |mx| elements long to avoid
* issues in the for loop that follows; so go get the |mx|'th element
* (if it does not exist CRYPTO_get_ex_data() returns NULL), and assign
* to itself. This is normally a no-op; but ensures the stack is the
* proper size
*/
if (!CRYPTO_set_ex_data(to, mx - 1, CRYPTO_get_ex_data(to, mx - 1)))
Fix the error handling in CRYPTO_dup_ex_data. Fix a strict aliasing issue in ui_dup_method_data. Add test coverage for CRYPTO_dup_ex_data, use OPENSSL_assert. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2988)
2017-03-19 15:14:33 +00:00
goto err;
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
Convert "max" to "mx" for variable names (brought to my attention by Steve Henson). Also, reverse a previous change that used an implicit function pointer cast rather than an explicit data pointer cast in the STACK cleanup code.
2001-09-02 20:41:34 +00:00
for (i = 0; i < mx; i++) {
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
ptr = CRYPTO_get_ex_data(from, i);
Coverity: fix two minor NPD issues. Found by Coverity. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8274)
2019-04-06 09:16:59 +00:00
if (storage[i] != NULL && storage[i]->dup_func != NULL)
Fix the error handling in CRYPTO_dup_ex_data. Fix a strict aliasing issue in ui_dup_method_data. Add test coverage for CRYPTO_dup_ex_data, use OPENSSL_assert. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2988)
2017-03-19 15:14:33 +00:00
if (!storage[i]->dup_func(to, from, &ptr, i,
storage[i]->argl, storage[i]->argp))
goto err;
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
CRYPTO_set_ex_data(to, i, ptr);
}
Fix the error handling in CRYPTO_dup_ex_data. Fix a strict aliasing issue in ui_dup_method_data. Add test coverage for CRYPTO_dup_ex_data, use OPENSSL_assert. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2988)
2017-03-19 15:14:33 +00:00
toret = 1;
err:
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
if (storage != stack)
OPENSSL_free(storage);
Fix the error handling in CRYPTO_dup_ex_data. Fix a strict aliasing issue in ui_dup_method_data. Add test coverage for CRYPTO_dup_ex_data, use OPENSSL_assert. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2988)
2017-03-19 15:14:33 +00:00
return toret;
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
}
Add the ability for ex_data to have a priority Where an object has multiple ex_data associated with it, then we free that ex_data in order of priority (high priority first). Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14991)
2021-04-26 10:35:17 +00:00
struct ex_callback_entry {
const EX_CALLBACK *excb;
int index;
};
static int ex_callback_compare(const void *a, const void *b)
{
const struct ex_callback_entry *ap = (const struct ex_callback_entry *)a;
const struct ex_callback_entry *bp = (const struct ex_callback_entry *)b;
if (ap->excb == bp->excb)
return 0;
if (ap->excb == NULL)
return 1;
if (bp->excb == NULL)
return -1;
if (ap->excb->priority == bp->excb->priority)
return 0;
return ap->excb->priority > bp->excb->priority ? -1 : 1;
}
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
/*
* Cleanup a CRYPTO_EX_DATA variable - including calling free() callbacks for
* each index in the class used by this variable
*/
void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
{
Convert "max" to "mx" for variable names (brought to my attention by Steve Henson). Also, reverse a previous change that used an implicit function pointer cast rather than an explicit data pointer cast in the STACK cleanup code.
2001-09-02 20:41:34 +00:00
int mx, i;
ex_data part 2: doc fixes and CRYPTO_free_ex_index. Add CRYPTO_free_ex_index (for shared libraries) Unify and complete the documentation for all "ex_data" API's and objects. Replace xxx_get_ex_new_index functions with a macro. Added an exdata test. Renamed the ex_data internal datatypes. Reviewed-by: Matt Caswell <matt@openssl.org>
2015-07-21 14:06:03 +00:00
EX_CALLBACKS *ip;
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
void *ptr;
Add the ability for ex_data to have a priority Where an object has multiple ex_data associated with it, then we free that ex_data in order of priority (high priority first). Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14991)
2021-04-26 10:35:17 +00:00
const EX_CALLBACK *f;
struct ex_callback_entry stack[10];
struct ex_callback_entry *storage = NULL;
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix, e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER. The OPENSSL_CTX type stands out a little by using a different prefix. For consistency reasons, this type is renamed to OSSL_LIB_CTX. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12621)
2020-10-15 09:55:50 +00:00
OSSL_EX_DATA_GLOBAL *global = ossl_lib_ctx_get_ex_data_global(ad->ctx);
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
Instead of global data store it in an OPENSSL_CTX Various core and property related code files used global data. We should store all of that in an OPENSSL_CTX instead. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8857)
2019-05-01 10:02:43 +00:00
if (global == NULL)
Combined patch against master branch for the following issues: Fixed a memory leak in ASN1_digest and ASN1_item_digest. Reworked error handling in asn1_item_embed_new. Fixed error handling in int_ctx_new and EVP_PKEY_CTX_dup. Fixed a memory leak in CRYPTO_free_ex_data. Reworked error handing in x509_name_ex_d2i, x509_name_encode and x509_name_canon. Check for null pointer in tls_process_cert_verify. Fixes #2103 #2104 #2105 #2109 #2111 #2115 Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2342)
2017-02-01 17:29:47 +00:00
goto err;
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
When we're just reading EX_CALLBACK data just get a read lock The crypto_ex_data code was always obtaining a write lock in all functions regardless of whether we were only reading EX_CALLBACK data or actually changing it. Changes to the EX_CALLBACK data are rare, with many reads so we should change to a read lock where we can. We hit this every time we create or free any object that can have ex_data associated with it (e.g. BIOs, SSL, etc) Partially fixes #20286 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20943)
2023-05-11 10:25:07 +00:00
ip = get_and_lock(global, class_index, 1);
Remove double fetch of "OSSL_EX_DATA_GLOBAL" for global lock Fetch once and just pass the global ex_data to the "get_and_lock" static function. Removed a redundant null pointer check within the "get_and_lock" static function (control already performed by the caller). Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11152)
2020-02-23 09:01:45 +00:00
if (ip == NULL)
goto err;
ex_data part 2: doc fixes and CRYPTO_free_ex_index. Add CRYPTO_free_ex_index (for shared libraries) Unify and complete the documentation for all "ex_data" API's and objects. Replace xxx_get_ex_new_index functions with a macro. Added an exdata test. Renamed the ex_data internal datatypes. Reviewed-by: Matt Caswell <matt@openssl.org>
2015-07-21 14:06:03 +00:00
mx = sk_EX_CALLBACK_num(ip->meth);
Convert "max" to "mx" for variable names (brought to my attention by Steve Henson). Also, reverse a previous change that used an implicit function pointer cast rather than an explicit data pointer cast in the STACK cleanup code.
2001-09-02 20:41:34 +00:00
if (mx > 0) {
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
if (mx < (int)OSSL_NELEM(stack))
storage = stack;
else
storage = OPENSSL_malloc(sizeof(*storage) * mx);
Continue standardising malloc style for libcrypto Continuing from previous commit ensure our style is consistent for malloc return checks. Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-10-30 11:12:26 +00:00
if (storage != NULL)
Add the ability for ex_data to have a priority Where an object has multiple ex_data associated with it, then we free that ex_data in order of priority (high priority first). Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14991)
2021-04-26 10:35:17 +00:00
for (i = 0; i < mx; i++) {
storage[i].excb = sk_EX_CALLBACK_value(ip->meth, i);
storage[i].index = i;
}
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
}
Instead of global data store it in an OPENSSL_CTX Various core and property related code files used global data. We should store all of that in an OPENSSL_CTX instead. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8857)
2019-05-01 10:02:43 +00:00
CRYPTO_THREAD_unlock(global->ex_data_lock);
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
Add the ability for ex_data to have a priority Where an object has multiple ex_data associated with it, then we free that ex_data in order of priority (high priority first). Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14991)
2021-04-26 10:35:17 +00:00
if (storage != NULL) {
/* Sort according to priority. High priority first */
qsort(storage, mx, sizeof(*storage), ex_callback_compare);
for (i = 0; i < mx; i++) {
f = storage[i].excb;
if (f != NULL && f->free_func != NULL) {
ptr = CRYPTO_get_ex_data(ad, storage[i].index);
f->free_func(obj, ptr, ad, storage[i].index, f->argl, f->argp);
}
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
}
}
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
if (storage != stack)
OPENSSL_free(storage);
Combined patch against master branch for the following issues: Fixed a memory leak in ASN1_digest and ASN1_item_digest. Reworked error handling in asn1_item_embed_new. Fixed error handling in int_ctx_new and EVP_PKEY_CTX_dup. Fixed a memory leak in CRYPTO_free_ex_data. Reworked error handing in x509_name_ex_d2i, x509_name_encode and x509_name_canon. Check for null pointer in tls_process_cert_verify. Fixes #2103 #2104 #2105 #2109 #2111 #2115 Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2342)
2017-02-01 17:29:47 +00:00
err:
free NULL cleanup -- coda After the finale, the "real" final part. :) Do a recursive grep with "-B1 -w [a-zA-Z0-9_]*_free" to see if any of the preceeding lines are an "if NULL" check that can be removed. Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-05-01 18:37:16 +00:00
sk_void_free(ad->sk);
ad->sk = NULL;
Instead of global data store it in an OPENSSL_CTX Various core and property related code files used global data. We should store all of that in an OPENSSL_CTX instead. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8857)
2019-05-01 10:02:43 +00:00
ad->ctx = NULL;
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
}
Add CRYPTO_alloc_ex_data() This allows allocation of items at indexes that were created after the CRYPTO_EX_DATA variable was initialized, using the exact same method that was used then. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8225)
2019-02-08 15:46:28 +00:00
/*
* Allocate a given CRYPTO_EX_DATA item using the class specific allocation
* function
*/
int CRYPTO_alloc_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad,
int idx)
{
void *curval;
curval = CRYPTO_get_ex_data(ad, idx);
/* Already there, no need to allocate */
if (curval != NULL)
return 1;
Always ensure we hold ctx->lock when calling CRYPTO_get_ex_data() Otherwise we can get data races. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13987)
2021-01-26 17:00:25 +00:00
return ossl_crypto_alloc_ex_data_intern(class_index, obj, ad, idx);
}
int ossl_crypto_alloc_ex_data_intern(int class_index, void *obj,
CRYPTO_EX_DATA *ad, int idx)
{
EX_CALLBACK *f;
EX_CALLBACKS *ip;
OSSL_EX_DATA_GLOBAL *global;
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix, e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER. The OPENSSL_CTX type stands out a little by using a different prefix. For consistency reasons, this type is renamed to OSSL_LIB_CTX. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12621)
2020-10-15 09:55:50 +00:00
global = ossl_lib_ctx_get_ex_data_global(ad->ctx);
Remove double fetch of "OSSL_EX_DATA_GLOBAL" for global lock Fetch once and just pass the global ex_data to the "get_and_lock" static function. Removed a redundant null pointer check within the "get_and_lock" static function (control already performed by the caller). Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11152)
2020-02-23 09:01:45 +00:00
if (global == NULL)
return 0;
When we're just reading EX_CALLBACK data just get a read lock The crypto_ex_data code was always obtaining a write lock in all functions regardless of whether we were only reading EX_CALLBACK data or actually changing it. Changes to the EX_CALLBACK data are rare, with many reads so we should change to a read lock where we can. We hit this every time we create or free any object that can have ex_data associated with it (e.g. BIOs, SSL, etc) Partially fixes #20286 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20943)
2023-05-11 10:25:07 +00:00
ip = get_and_lock(global, class_index, 1);
Coverity: fix two minor NPD issues. Found by Coverity. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8274)
2019-04-06 09:16:59 +00:00
if (ip == NULL)
return 0;
Add CRYPTO_alloc_ex_data() This allows allocation of items at indexes that were created after the CRYPTO_EX_DATA variable was initialized, using the exact same method that was used then. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8225)
2019-02-08 15:46:28 +00:00
f = sk_EX_CALLBACK_value(ip->meth, idx);
Instead of global data store it in an OPENSSL_CTX Various core and property related code files used global data. We should store all of that in an OPENSSL_CTX instead. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8857)
2019-05-01 10:02:43 +00:00
CRYPTO_THREAD_unlock(global->ex_data_lock);
Add CRYPTO_alloc_ex_data() This allows allocation of items at indexes that were created after the CRYPTO_EX_DATA variable was initialized, using the exact same method that was used then. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8225)
2019-02-08 15:46:28 +00:00
/*
* This should end up calling CRYPTO_set_ex_data(), which allocates
* everything necessary to support placing the new data in the right spot.
*/
Coverity: fix two minor NPD issues. Found by Coverity. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8274)
2019-04-06 09:16:59 +00:00
if (f->new_func == NULL)
return 0;
Use NULL as parameter when pointer can only be NULL. Code clarification. Reviewed-by: Paul Yang <kaishen.yy@antfin.com> (Merged from https://github.com/openssl/openssl/pull/9514)
2019-08-02 01:56:46 +00:00
f->new_func(obj, NULL, ad, idx, f->argl, f->argp);
Add CRYPTO_alloc_ex_data() This allows allocation of items at indexes that were created after the CRYPTO_EX_DATA variable was initialized, using the exact same method that was used then. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8225)
2019-02-08 15:46:28 +00:00
return 1;
}
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
/*
* For a given CRYPTO_EX_DATA variable, set the value corresponding to a
* particular index in the class used by this variable
*/
Tidy up CRYPTO_EX_DATA structures.
2000-01-23 23:41:49 +00:00
int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val)
Import of old SSLeay release: SSLeay 0.9.0b
1998-12-21 10:56:39 +00:00
{
int i;
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 03:40:55 +00:00
Import of old SSLeay release: SSLeay 0.9.0b
1998-12-21 10:56:39 +00:00
if (ad->sk == NULL) {
More type-checking.
2008-06-04 11:01:43 +00:00
if ((ad->sk = sk_void_new_null()) == NULL) {
Stop raising ERR_R_MALLOC_FAILURE in most places Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and at least handle the file name and line number they are called from, there's no need to report ERR_R_MALLOC_FAILURE where they are called directly, or when SSLfatal() and RLAYERfatal() is used, the reason `ERR_R_MALLOC_FAILURE` is changed to `ERR_R_CRYPTO_LIB`. There were a number of places where `ERR_R_MALLOC_FAILURE` was reported even though it was a function from a different sub-system that was called. Those places are changed to report ERR_R_{lib}_LIB, where {lib} is the name of that sub-system. Some of them are tricky to get right, as we have a lot of functions that belong in the ASN1 sub-system, and all the `sk_` calls or from the CRYPTO sub-system. Some extra adaptation was necessary where there were custom OPENSSL_malloc() wrappers, and some bugs are fixed alongside these changes. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19301)
2022-09-29 11:57:34 +00:00
ERR_raise(ERR_LIB_CRYPTO, ERR_R_CRYPTO_LIB);
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
return 0;
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 03:40:55 +00:00
}
Import of old SSLeay release: SSLeay 0.9.0b
1998-12-21 10:56:39 +00:00
}
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 03:40:55 +00:00
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
for (i = sk_void_num(ad->sk); i <= idx; ++i) {
More type-checking.
2008-06-04 11:01:43 +00:00
if (!sk_void_push(ad->sk, NULL)) {
Stop raising ERR_R_MALLOC_FAILURE in most places Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and at least handle the file name and line number they are called from, there's no need to report ERR_R_MALLOC_FAILURE where they are called directly, or when SSLfatal() and RLAYERfatal() is used, the reason `ERR_R_MALLOC_FAILURE` is changed to `ERR_R_CRYPTO_LIB`. There were a number of places where `ERR_R_MALLOC_FAILURE` was reported even though it was a function from a different sub-system that was called. Those places are changed to report ERR_R_{lib}_LIB, where {lib} is the name of that sub-system. Some of them are tricky to get right, as we have a lot of functions that belong in the ASN1 sub-system, and all the `sk_` calls or from the CRYPTO sub-system. Some extra adaptation was necessary where there were custom OPENSSL_malloc() wrappers, and some bugs are fixed alongside these changes. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19301)
2022-09-29 11:57:34 +00:00
ERR_raise(ERR_LIB_CRYPTO, ERR_R_CRYPTO_LIB);
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
return 0;
Import of old SSLeay release: SSLeay 0.9.0b
1998-12-21 10:56:39 +00:00
}
}
Ignore unused return values from some sk_*() macros Some compilers are very picky about unused return values. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12781)
2020-09-10 15:34:17 +00:00
if (sk_void_set(ad->sk, idx, val) != val) {
/* Probably the index is out of bounds */
Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call This includes error reporting for libcrypto sub-libraries in surprising places. This was done using util/err-to-raise Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13318)
2020-11-04 11:23:19 +00:00
ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_INVALID_ARGUMENT);
Ignore unused return values from some sk_*() macros Some compilers are very picky about unused return values. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12781)
2020-09-10 15:34:17 +00:00
return 0;
}
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
return 1;
Import of old SSLeay release: SSLeay 0.9.0b
1998-12-21 10:56:39 +00:00
}
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 03:40:55 +00:00
First step in fixing "ex_data" support. Warning: big commit log ... Currently, this change merely addresses where ex_data indexes are stored and managed, and thus fixes the thread-safety issues that existed at that level. "Class" code (eg. RSA, DSA, etc) no longer store their own STACKS and per-class index counters - all such data is stored inside ex_data.c. So rather than passing both STACK+counter to index-management ex_data functions, a 'class_index' is instead passed to indicate the class (eg. CRYPTO_EX_INDEX_RSA). New classes can be dynamically registered on-the-fly and this is also thread-safe inside ex_data.c (though whether the caller manages the return value in a thread-safe way is not addressed). This does not change the "get/set" functions on individual "ex_data" structures, and so thread-safety at that level isn't (yet) assured. Likewise, the method of getting and storing per-class indexes has not changed, so locking may still be required at the "caller" end but is nonetheless thread-safe inside "ex_data"'s internal implementation. Typically this occurs when code implements a new method of some kind and stores its own per-class index in a global variable without locking the setting and usage of that variable. If the code in question is likely to be used in multiple threads, locking the setting and use of that index is still up to the code in question. Possible fixes to this are being sketched, but definitely require more major changes to the API itself than this change undertakes. The underlying implementation in ex_data.c has also been modularised so that alternative "ex_data" implementations (that control all access to state) can be plugged in. Eg. a loaded module can have its implementation set to that of the application loaded it - the result being that thread-safety and consistency of "ex_data" classes and indexes can be maintained in the same place rather than the loaded module using its own copy of ex_data support code and state. Due to the centralisation of "state" with this change, cleanup of all "ex_data" state can now be performed properly. Previously all allocation of ex_data state was guaranteed to leak - and MemCheck_off() had been used to avoid it flagging up the memory debugging. A new function has been added to perfrom all this cleanup, CRYPTO_cleanup_all_ex_data(). The "openssl" command(s) have been changed to use this cleanup, as have the relevant test programs. External application code may want to do so too - failure to cleanup will not induce more memory leaking than was the case before, but the memory debugging is not tricked into hiding it any more so it may "appear" where it previously did not.
2001-09-01 19:56:46 +00:00
/*
* For a given CRYPTO_EX_DATA_ variable, get the value corresponding to a
* particular index in the class used by this variable
*/
Constification of CRYPTO_get_ex_data() needed for the sake of RSA_get_ext_data().
2000-11-06 23:24:59 +00:00
void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad, int idx)
Import of old SSLeay release: SSLeay 0.9.0b
1998-12-21 10:56:39 +00:00
{
Rewrite crypto/ex_data Removed ability to set ex_data impl at runtime. This removed these three functions: const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); int CRYPTO_ex_data_new_class(void); It is no longer possible to change the ex_data implementation at runtime. (Luckily those functions were never documented :) Also removed the ability to add new exdata "classes." We don't believe this received much (if any) use, since you can't add it to OpenSSL objects, and there are probably better (native) methods for developers to add their own extensible data, if they really need that. Replaced the internal hash table (of per-"class" stacks) with a simple indexed array. Reserved an index for "app" application. Each API used to take the lock twice; now it only locks once. Use local stack storage for function pointers, rather than malloc, if possible (i.e., number of ex_data items is under a dozen). Make CRYPTO_EX_DATA_FUNCS opaque/internal. Also fixes RT3710; index zero is reserved. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-24 20:33:34 +00:00
if (ad->sk == NULL || idx >= sk_void_num(ad->sk))
return NULL;
return sk_void_value(ad->sk, idx);
Import of old SSLeay release: SSLeay 0.9.0b
1998-12-21 10:56:39 +00:00
}
Instead of global data store it in an OPENSSL_CTX Various core and property related code files used global data. We should store all of that in an OPENSSL_CTX instead. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8857)
2019-05-01 10:02:43 +00:00
Fix external symbols for crypto_* Partial fix for #12964 This adds ossl_ names for symbols related to crypto_* Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14473)
2021-02-24 08:07:52 +00:00
OSSL_LIB_CTX *ossl_crypto_ex_data_get_ossl_lib_ctx(const CRYPTO_EX_DATA *ad)
Instead of global data store it in an OPENSSL_CTX Various core and property related code files used global data. We should store all of that in an OPENSSL_CTX instead. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8857)
2019-05-01 10:02:43 +00:00
{
return ad->ctx;
}