#include <openssl/crypto.h>
#include <openssl/core_numbers.h>
-#include "internal/cryptlib_int.h"
-#include "internal/providercommon.h"
+#include "crypto/cryptlib.h"
+#include "prov/providercommon.h"
+#include "internal/thread_once.h"
#ifdef FIPS_MODE
/*
* we have our own copy of ossl_init_thread_start, which cascades notifications
* about threads stopping from libcrypto to all the code in the FIPS provider
* that needs to know about it.
- *
+ *
* The FIPS provider tells libcrypto about which threads it is interested in
* by calling "c_thread_start" which is a function pointer created during
* provider initialisation (i.e. OSSL_init_provider).
typedef struct thread_event_handler_st THREAD_EVENT_HANDLER;
struct thread_event_handler_st {
+ const void *index;
void *arg;
OSSL_thread_stop_handler_fn handfn;
THREAD_EVENT_HANDLER *next;
};
-static void ossl_init_thread_stop(void *arg, THREAD_EVENT_HANDLER **hands);
+#ifndef FIPS_MODE
+DEFINE_SPECIAL_STACK_OF(THREAD_EVENT_HANDLER_PTR, THREAD_EVENT_HANDLER *)
+
+typedef struct global_tevent_register_st GLOBAL_TEVENT_REGISTER;
+struct global_tevent_register_st {
+ STACK_OF(THREAD_EVENT_HANDLER_PTR) *skhands;
+ CRYPTO_RWLOCK *lock;
+};
+
+static GLOBAL_TEVENT_REGISTER *glob_tevent_reg = NULL;
+
+static CRYPTO_ONCE tevent_register_runonce = CRYPTO_ONCE_STATIC_INIT;
+
+DEFINE_RUN_ONCE_STATIC(create_global_tevent_register)
+{
+ glob_tevent_reg = OPENSSL_zalloc(sizeof(*glob_tevent_reg));
+ if (glob_tevent_reg == NULL)
+ return 0;
+
+ glob_tevent_reg->skhands = sk_THREAD_EVENT_HANDLER_PTR_new_null();
+ glob_tevent_reg->lock = CRYPTO_THREAD_lock_new();
+ if (glob_tevent_reg->skhands == NULL || glob_tevent_reg->lock == NULL) {
+ sk_THREAD_EVENT_HANDLER_PTR_free(glob_tevent_reg->skhands);
+ CRYPTO_THREAD_lock_free(glob_tevent_reg->lock);
+ OPENSSL_free(glob_tevent_reg);
+ glob_tevent_reg = NULL;
+ return 0;
+ }
+
+ return 1;
+}
+
+static GLOBAL_TEVENT_REGISTER *get_global_tevent_register(void)
+{
+ if (!RUN_ONCE(&tevent_register_runonce, create_global_tevent_register))
+ return NULL;
+ return glob_tevent_reg;
+}
+#endif
+
+#ifndef FIPS_MODE
+static int init_thread_push_handlers(THREAD_EVENT_HANDLER **hands);
+static void init_thread_remove_handlers(THREAD_EVENT_HANDLER **handsin);
+static void init_thread_destructor(void *hands);
+static int init_thread_deregister(void *arg, int all);
+#endif
+static void init_thread_stop(void *arg, THREAD_EVENT_HANDLER **hands);
static THREAD_EVENT_HANDLER **
-ossl_init_get_thread_local(CRYPTO_THREAD_LOCAL *local, int alloc, int keep)
+init_get_thread_local(CRYPTO_THREAD_LOCAL *local, int alloc, int keep)
{
THREAD_EVENT_HANDLER **hands = CRYPTO_THREAD_get_local(local);
if (alloc) {
- if (hands == NULL
- && (hands = OPENSSL_zalloc(sizeof(*hands))) != NULL
- && !CRYPTO_THREAD_set_local(local, hands)) {
- OPENSSL_free(hands);
- return NULL;
+ if (hands == NULL) {
+
+ if ((hands = OPENSSL_zalloc(sizeof(*hands))) == NULL)
+ return NULL;
+
+ if (!CRYPTO_THREAD_set_local(local, hands)) {
+ OPENSSL_free(hands);
+ return NULL;
+ }
+
+#ifndef FIPS_MODE
+ if (!init_thread_push_handlers(hands)) {
+ CRYPTO_THREAD_set_local(local, NULL);
+ OPENSSL_free(hands);
+ return NULL;
+ }
+#endif
}
} else if (!keep) {
CRYPTO_THREAD_set_local(local, NULL);
* destructor for threads terminating before libcrypto is initialized or
* after it's de-initialized. Access to the key doesn't have to be
* serialized for the said threads, because they didn't use libcrypto
- * and it doesn't matter if they pick "impossible" or derefernce real
+ * and it doesn't matter if they pick "impossible" or dereference real
* key value and pull NULL past initialization in the first thread that
* intends to use libcrypto.
*/
CRYPTO_THREAD_LOCAL value;
} destructor_key = { -1 };
-static void ossl_init_thread_destructor(void *hands)
+/*
+ * The thread event handler list is a thread specific linked list
+ * of callback functions which are invoked in list order by the
+ * current thread in case of certain events. (Currently, there is
+ * only one type of event, the 'thread stop' event.)
+ *
+ * We also keep a global reference to that linked list, so that we
+ * can deregister handlers if necessary before all the threads are
+ * stopped.
+ */
+static int init_thread_push_handlers(THREAD_EVENT_HANDLER **hands)
+{
+ int ret;
+ GLOBAL_TEVENT_REGISTER *gtr;
+
+ gtr = get_global_tevent_register();
+ if (gtr == NULL)
+ return 0;
+
+ CRYPTO_THREAD_write_lock(gtr->lock);
+ ret = (sk_THREAD_EVENT_HANDLER_PTR_push(gtr->skhands, hands) != 0);
+ CRYPTO_THREAD_unlock(gtr->lock);
+
+ return ret;
+}
+
+static void init_thread_remove_handlers(THREAD_EVENT_HANDLER **handsin)
+{
+ GLOBAL_TEVENT_REGISTER *gtr;
+ int i;
+
+ gtr = get_global_tevent_register();
+ if (gtr == NULL)
+ return;
+ CRYPTO_THREAD_write_lock(gtr->lock);
+ for (i = 0; i < sk_THREAD_EVENT_HANDLER_PTR_num(gtr->skhands); i++) {
+ THREAD_EVENT_HANDLER **hands
+ = sk_THREAD_EVENT_HANDLER_PTR_value(gtr->skhands, i);
+
+ if (hands == handsin) {
+ hands = sk_THREAD_EVENT_HANDLER_PTR_delete(gtr->skhands, i);
+ CRYPTO_THREAD_unlock(gtr->lock);
+ return;
+ }
+ }
+ CRYPTO_THREAD_unlock(gtr->lock);
+ return;
+}
+
+static void init_thread_destructor(void *hands)
{
- ossl_init_thread_stop(NULL, (THREAD_EVENT_HANDLER **)hands);
+ init_thread_stop(NULL, (THREAD_EVENT_HANDLER **)hands);
+ init_thread_remove_handlers(hands);
OPENSSL_free(hands);
}
-int init_thread(void)
+int ossl_init_thread(void)
{
if (!CRYPTO_THREAD_init_local(&destructor_key.value,
- ossl_init_thread_destructor))
+ init_thread_destructor))
return 0;
return 1;
}
-void cleanup_thread(void)
+void ossl_cleanup_thread(void)
{
+ init_thread_deregister(NULL, 1);
CRYPTO_THREAD_cleanup_local(&destructor_key.value);
destructor_key.sane = -1;
}
+void OPENSSL_thread_stop_ex(OPENSSL_CTX *ctx)
+{
+ ctx = openssl_ctx_get_concrete(ctx);
+ /*
+ * TODO(3.0). It would be nice if we could figure out a way to do this on
+ * all threads that have used the OPENSSL_CTX when the OPENSSL_CTX is freed.
+ * This is currently not possible due to the use of thread local variables.
+ */
+ ossl_ctx_thread_stop(ctx);
+}
+
void OPENSSL_thread_stop(void)
{
if (destructor_key.sane != -1) {
THREAD_EVENT_HANDLER **hands
- = ossl_init_get_thread_local(&destructor_key.value, 0, 0);
- ossl_init_thread_stop(NULL, hands);
+ = init_get_thread_local(&destructor_key.value, 0, 0);
+ init_thread_stop(NULL, hands);
+
+ init_thread_remove_handlers(hands);
OPENSSL_free(hands);
}
}
{
if (destructor_key.sane != -1) {
THREAD_EVENT_HANDLER **hands
- = ossl_init_get_thread_local(&destructor_key.value, 0, 1);
- ossl_init_thread_stop(arg, hands);
+ = init_get_thread_local(&destructor_key.value, 0, 1);
+ init_thread_stop(arg, hands);
}
}
if (local == NULL)
return;
- hands = ossl_init_get_thread_local(local, 0, 0);
- ossl_init_thread_stop(arg, hands);
+ hands = init_get_thread_local(local, 0, 0);
+ init_thread_stop(arg, hands);
OPENSSL_free(hands);
}
#endif /* FIPS_MODE */
-static void ossl_init_thread_stop(void *arg, THREAD_EVENT_HANDLER **hands)
+static void init_thread_stop(void *arg, THREAD_EVENT_HANDLER **hands)
{
- THREAD_EVENT_HANDLER *curr, *prev = NULL;
+ THREAD_EVENT_HANDLER *curr, *prev = NULL, *tmp;
/* Can't do much about this */
if (hands == NULL)
curr = *hands;
while (curr != NULL) {
if (arg != NULL && curr->arg != arg) {
+ prev = curr;
curr = curr->next;
continue;
}
curr->handfn(curr->arg);
- prev = curr;
+ if (prev == NULL)
+ *hands = curr->next;
+ else
+ prev->next = curr->next;
+
+ tmp = curr;
curr = curr->next;
- if (prev == *hands)
- *hands = curr;
- OPENSSL_free(prev);
+
+ OPENSSL_free(tmp);
}
}
-int ossl_init_thread_start(void *arg, OSSL_thread_stop_handler_fn handfn)
+int ossl_init_thread_start(const void *index, void *arg,
+ OSSL_thread_stop_handler_fn handfn)
{
THREAD_EVENT_HANDLER **hands;
THREAD_EVENT_HANDLER *hand;
CRYPTO_THREAD_LOCAL *local = &destructor_key.value;
#endif
- hands = ossl_init_get_thread_local(local, 1, 0);
+ hands = init_get_thread_local(local, 1, 0);
if (hands == NULL)
return 0;
hand->handfn = handfn;
hand->arg = arg;
+ hand->index = index;
hand->next = *hands;
*hands = hand;
return 1;
}
+
+#ifndef FIPS_MODE
+static int init_thread_deregister(void *index, int all)
+{
+ GLOBAL_TEVENT_REGISTER *gtr;
+ int i;
+
+ gtr = get_global_tevent_register();
+ if (gtr == NULL)
+ return 0;
+ if (!all)
+ CRYPTO_THREAD_write_lock(gtr->lock);
+ for (i = 0; i < sk_THREAD_EVENT_HANDLER_PTR_num(gtr->skhands); i++) {
+ THREAD_EVENT_HANDLER **hands
+ = sk_THREAD_EVENT_HANDLER_PTR_value(gtr->skhands, i);
+ THREAD_EVENT_HANDLER *curr = *hands, *prev = NULL, *tmp;
+
+ if (hands == NULL) {
+ if (!all)
+ CRYPTO_THREAD_unlock(gtr->lock);
+ return 0;
+ }
+ while (curr != NULL) {
+ if (all || curr->index == index) {
+ if (prev != NULL)
+ prev->next = curr->next;
+ else
+ *hands = curr->next;
+ tmp = curr;
+ curr = curr->next;
+ OPENSSL_free(tmp);
+ continue;
+ }
+ prev = curr;
+ curr = curr->next;
+ }
+ if (all)
+ OPENSSL_free(hands);
+ }
+ if (all) {
+ CRYPTO_THREAD_lock_free(gtr->lock);
+ sk_THREAD_EVENT_HANDLER_PTR_free(gtr->skhands);
+ OPENSSL_free(gtr);
+ } else {
+ CRYPTO_THREAD_unlock(gtr->lock);
+ }
+ return 1;
+}
+
+int ossl_init_thread_deregister(void *index)
+{
+ return init_thread_deregister(index, 0);
+}
+#endif