"ssl_session",
"ssl_sess_cert",
"ssl",
+ "ssl_method",
"rand",
"rand2",
"debug_malloc",
"dynlock",
"engine",
"ui",
- "ecdsa",
- "ec",
-#if CRYPTO_NUM_LOCKS != 33
+ "hwcrhk", /* This is a HACK which will disappear in 0.9.8 */
+ "fips",
+ "fips2",
+#if CRYPTO_NUM_LOCKS != 35
# error "Inconsistency between crypto.h and cryptlib.c"
#endif
};
i=sk_CRYPTO_dynlock_find(dyn_locks,NULL);
/* If there was none, push, thereby creating a new one */
if (i == -1)
- i=sk_CRYPTO_dynlock_push(dyn_locks,pointer);
+ /* Since sk_push() returns the number of items on the
+ stack, not the location of the pushed item, we need
+ to transform the returned number into a position,
+ by decreasing it. */
+ i=sk_CRYPTO_dynlock_push(dyn_locks,pointer) - 1;
+ else
+ /* If we found a place with a NULL pointer, put our pointer
+ in it. */
+ sk_CRYPTO_dynlock_set(dyn_locks,i,pointer);
CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
- if (!i)
+ if (i == -1)
{
dynlock_destroy_callback(pointer->data,__FILE__,__LINE__);
OPENSSL_free(pointer);
#endif
if (type < 0)
{
- struct CRYPTO_dynlock_value *pointer
- = CRYPTO_get_dynlock_value(type);
-
- if (pointer && dynlock_lock_callback)
+ if (dynlock_lock_callback != NULL)
{
+ struct CRYPTO_dynlock_value *pointer
+ = CRYPTO_get_dynlock_value(type);
+
+ OPENSSL_assert(pointer != NULL);
+
dynlock_lock_callback(mode, pointer, file, line);
- }
- CRYPTO_destroy_dynlockid(type);
+ CRYPTO_destroy_dynlockid(type);
+ }
}
else
if (locking_callback != NULL)
return("dynamic");
else if (type < CRYPTO_NUM_LOCKS)
return(lock_names[type]);
- else if (type-CRYPTO_NUM_LOCKS >= sk_num(app_locks))
+ else if (type-CRYPTO_NUM_LOCKS > sk_num(app_locks))
return("ERROR");
else
return(sk_value(app_locks,type-CRYPTO_NUM_LOCKS));
#endif
void OpenSSLDie(const char *file,int line,const char *assertion)
- {
- fprintf(stderr,"%s(%d): OpenSSL internal error, assertion failed: %s\n",
- file,line,assertion);
- abort();
- }
+ {
+ fprintf(stderr,
+ "%s(%d): OpenSSL internal error, assertion failed: %s\n",
+ file,line,assertion);
+ abort();
+ }
+
+#ifdef OPENSSL_FIPS
+static int fips_started = 0;
+static int fips_mode = 0;
+static void *fips_rand_check = 0;
+static unsigned long fips_thread = 0;
+
+void fips_set_started(void)
+ {
+ fips_started = 1;
+ }
+
+int fips_is_started(void)
+ {
+ return fips_started;
+ }
+
+int fips_is_owning_thread(void)
+ {
+ int ret = 0;
+
+ if (fips_is_started())
+ {
+ CRYPTO_r_lock(CRYPTO_LOCK_FIPS2);
+ if (fips_thread != 0 && fips_thread == CRYPTO_thread_id())
+ ret = 1;
+ CRYPTO_r_unlock(CRYPTO_LOCK_FIPS2);
+ }
+ return ret;
+ }
+
+int fips_set_owning_thread(void)
+ {
+ int ret = 0;
+
+ if (fips_is_started())
+ {
+ CRYPTO_w_lock(CRYPTO_LOCK_FIPS2);
+ if (fips_thread == 0)
+ {
+ fips_thread = CRYPTO_thread_id();
+ ret = 1;
+ }
+ CRYPTO_w_unlock(CRYPTO_LOCK_FIPS2);
+ }
+ return ret;
+ }
+
+int fips_clear_owning_thread(void)
+ {
+ int ret = 0;
+
+ if (fips_is_started())
+ {
+ CRYPTO_w_lock(CRYPTO_LOCK_FIPS2);
+ if (fips_thread == CRYPTO_thread_id())
+ {
+ fips_thread = 0;
+ ret = 1;
+ }
+ CRYPTO_w_unlock(CRYPTO_LOCK_FIPS2);
+ }
+ return ret;
+ }
+
+void fips_set_mode(int onoff)
+ {
+ int owning_thread = fips_is_owning_thread();
+
+ if (fips_is_started())
+ {
+ if (!owning_thread) CRYPTO_w_lock(CRYPTO_LOCK_FIPS);
+ fips_mode = onoff;
+ if (!owning_thread) CRYPTO_w_unlock(CRYPTO_LOCK_FIPS);
+ }
+ }
+
+void fips_set_rand_check(void *rand_check)
+ {
+ int owning_thread = fips_is_owning_thread();
+
+ if (fips_is_started())
+ {
+ if (!owning_thread) CRYPTO_w_lock(CRYPTO_LOCK_FIPS);
+ fips_rand_check = rand_check;
+ if (!owning_thread) CRYPTO_w_unlock(CRYPTO_LOCK_FIPS);
+ }
+ }
+
+int FIPS_mode(void)
+ {
+ int ret = 0;
+ int owning_thread = fips_is_owning_thread();
+
+ if (fips_is_started())
+ {
+ if (!owning_thread) CRYPTO_r_lock(CRYPTO_LOCK_FIPS);
+ ret = fips_mode;
+ if (!owning_thread) CRYPTO_r_unlock(CRYPTO_LOCK_FIPS);
+ }
+ return ret;
+ }
+
+void *FIPS_rand_check(void)
+ {
+ void *ret = 0;
+ int owning_thread = fips_is_owning_thread();
+
+ if (fips_is_started())
+ {
+ if (!owning_thread) CRYPTO_r_lock(CRYPTO_LOCK_FIPS);
+ ret = fips_rand_check;
+ if (!owning_thread) CRYPTO_r_unlock(CRYPTO_LOCK_FIPS);
+ }
+ return ret;
+ }
+
+#endif /* OPENSSL_FIPS */