2 * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include "internal/cryptlib.h"
11 #include "internal/thread_once.h"
13 struct openssl_ctx_onfree_list_st {
14 openssl_ctx_onfree_fn *fn;
15 struct openssl_ctx_onfree_list_st *next;
18 struct openssl_ctx_st {
23 * For most data in the OPENSSL_CTX we just use ex_data to store it. But
24 * that doesn't work for ex_data itself - so we store that directly.
26 OSSL_EX_DATA_GLOBAL global;
28 /* Map internal static indexes to dynamically created indexes */
29 int dyn_indexes[OPENSSL_CTX_MAX_INDEXES];
31 CRYPTO_RWLOCK *oncelock;
32 int run_once_done[OPENSSL_CTX_MAX_RUN_ONCE];
33 int run_once_ret[OPENSSL_CTX_MAX_RUN_ONCE];
34 struct openssl_ctx_onfree_list_st *onfreelist;
38 static OPENSSL_CTX default_context_int;
40 /* Always points at default_context_int if it has been initialised */
41 static OPENSSL_CTX *default_context = NULL;
44 static int context_init(OPENSSL_CTX *ctx)
48 ctx->lock = CRYPTO_THREAD_lock_new();
49 if (ctx->lock == NULL)
52 ctx->oncelock = CRYPTO_THREAD_lock_new();
53 if (ctx->oncelock == NULL)
56 for (i = 0; i < OPENSSL_CTX_MAX_INDEXES; i++)
57 ctx->dyn_indexes[i] = -1;
59 if (!do_ex_data_init(ctx))
62 if (!crypto_new_ex_data_ex(ctx, CRYPTO_EX_INDEX_OPENSSL_CTX, NULL,
64 crypto_cleanup_all_ex_data_int(ctx);
70 CRYPTO_THREAD_lock_free(ctx->oncelock);
71 CRYPTO_THREAD_lock_free(ctx->lock);
76 static int context_deinit(OPENSSL_CTX *ctx)
78 struct openssl_ctx_onfree_list_st *tmp, *onfree;
83 onfree = ctx->onfreelist;
84 while (onfree != NULL) {
87 onfree = onfree->next;
90 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_OPENSSL_CTX, NULL, &ctx->data);
91 crypto_cleanup_all_ex_data_int(ctx);
92 CRYPTO_THREAD_lock_free(ctx->oncelock);
93 CRYPTO_THREAD_lock_free(ctx->lock);
99 void openssl_ctx_default_deinit(void)
101 context_deinit(default_context);
104 static CRYPTO_ONCE default_context_init = CRYPTO_ONCE_STATIC_INIT;
105 DEFINE_RUN_ONCE_STATIC(do_default_context_init)
107 if (context_init(&default_context_int))
108 default_context = &default_context_int;
114 OPENSSL_CTX *OPENSSL_CTX_new(void)
116 OPENSSL_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx));
118 if (ctx != NULL && !context_init(ctx)) {
119 OPENSSL_CTX_free(ctx);
125 void OPENSSL_CTX_free(OPENSSL_CTX *ctx)
132 static void openssl_ctx_generic_new(void *parent_ign, void *ptr_ign,
133 CRYPTO_EX_DATA *ad, int index,
134 long argl_ign, void *argp)
136 const OPENSSL_CTX_METHOD *meth = argp;
137 void *ptr = meth->new_func(crypto_ex_data_get_openssl_ctx(ad));
140 CRYPTO_set_ex_data(ad, index, ptr);
142 static void openssl_ctx_generic_free(void *parent_ign, void *ptr,
143 CRYPTO_EX_DATA *ad, int index,
144 long argl_ign, void *argp)
146 const OPENSSL_CTX_METHOD *meth = argp;
148 meth->free_func(ptr);
151 /* Non-static so we can use it in context_internal_test */
152 static int openssl_ctx_init_index(OPENSSL_CTX *ctx, int static_index,
153 const OPENSSL_CTX_METHOD *meth)
159 if (!RUN_ONCE(&default_context_init, do_default_context_init))
161 ctx = default_context;
167 idx = crypto_get_ex_new_index_ex(ctx, CRYPTO_EX_INDEX_OPENSSL_CTX, 0,
169 openssl_ctx_generic_new,
170 NULL, openssl_ctx_generic_free);
174 ctx->dyn_indexes[static_index] = idx;
178 void *openssl_ctx_get_data(OPENSSL_CTX *ctx, int index,
179 const OPENSSL_CTX_METHOD *meth)
185 if (!RUN_ONCE(&default_context_init, do_default_context_init))
187 ctx = default_context;
193 CRYPTO_THREAD_read_lock(ctx->lock);
195 if (ctx->dyn_indexes[index] == -1
196 && !openssl_ctx_init_index(ctx, index, meth)) {
197 CRYPTO_THREAD_unlock(ctx->lock);
201 /* The alloc call ensures there's a value there */
202 if (CRYPTO_alloc_ex_data(CRYPTO_EX_INDEX_OPENSSL_CTX, NULL,
203 &ctx->data, ctx->dyn_indexes[index]))
204 data = CRYPTO_get_ex_data(&ctx->data, ctx->dyn_indexes[index]);
206 CRYPTO_THREAD_unlock(ctx->lock);
211 OSSL_EX_DATA_GLOBAL *openssl_ctx_get_ex_data_global(OPENSSL_CTX *ctx)
214 * The default context code is not needed in FIPS_MODE and ctx should never
215 * be NULL in the FIPS provider. However we compile this code out to ensure
216 * we fail immediately if ctx == NULL in FIPS_MODE
220 if (!RUN_ONCE(&default_context_init, do_default_context_init))
222 ctx = default_context;
230 int openssl_ctx_run_once(OPENSSL_CTX *ctx, unsigned int idx,
231 openssl_ctx_run_once_fn run_once_fn)
233 int done = 0, ret = 0;
237 if (!RUN_ONCE(&default_context_init, do_default_context_init))
239 ctx = default_context;
245 CRYPTO_THREAD_read_lock(ctx->oncelock);
246 done = ctx->run_once_done[idx];
248 ret = ctx->run_once_ret[idx];
249 CRYPTO_THREAD_unlock(ctx->oncelock);
254 CRYPTO_THREAD_write_lock(ctx->oncelock);
255 if (ctx->run_once_done[idx]) {
256 ret = ctx->run_once_ret[idx];
257 CRYPTO_THREAD_unlock(ctx->oncelock);
261 ret = run_once_fn(ctx);
262 ctx->run_once_done[idx] = 1;
263 ctx->run_once_ret[idx] = ret;
264 CRYPTO_THREAD_unlock(ctx->oncelock);
269 int openssl_ctx_onfree(OPENSSL_CTX *ctx, openssl_ctx_onfree_fn onfreefn)
271 struct openssl_ctx_onfree_list_st *newonfree
272 = OPENSSL_malloc(sizeof(*newonfree));
274 if (newonfree == NULL)
277 newonfree->fn = onfreefn;
278 newonfree->next = ctx->onfreelist;
279 ctx->onfreelist = newonfree;