static void fips_teardown(void *provctx)
{
OPENSSL_CTX_free(PROV_LIBRARY_CONTEXT_OF(provctx));
+ PROV_CTX_free(provctx);
+}
+
+static void fips_intern_teardown(void *provctx)
+{
+ /*
+ * We know that the library context is the same as for the outer provider,
+ * so no need to destroy it here.
+ */
+ PROV_CTX_free(provctx);
}
/* Functions we provide to the core */
/* Functions we provide to ourself */
static const OSSL_DISPATCH intern_dispatch_table[] = {
+ { OSSL_FUNC_PROVIDER_TEARDOWN, (void (*)(void))fips_intern_teardown },
{ OSSL_FUNC_PROVIDER_QUERY_OPERATION, (void (*)(void))fips_query },
{ 0, NULL }
};
void **provctx)
{
FIPS_GLOBAL *fgbl;
- OPENSSL_CTX *libctx;
+ OPENSSL_CTX *libctx = NULL;
OSSL_self_test_cb_fn *stcbfn = NULL;
OSSL_core_get_library_context_fn *c_get_libctx = NULL;
return 0;
/* Create a context. */
- if ((libctx = OPENSSL_CTX_new()) == NULL)
- return 0;
- *provctx = libctx;
+ if ((*provctx = PROV_CTX_new()) == NULL
+ || (libctx = OPENSSL_CTX_new()) == NULL) {
+ /*
+ * We free libctx separately here and only here because it hasn't
+ * been attached to *provctx. All other error paths below rely
+ * solely on fips_teardown.
+ */
+ OPENSSL_CTX_free(libctx);
+ goto err;
+ }
+ PROV_CTX_set0_library_context(*provctx, libctx);
+ PROV_CTX_set0_provider(*provctx, provider);
if ((fgbl = openssl_ctx_get_data(libctx, OPENSSL_CTX_FIPS_PROV_INDEX,
&fips_prov_ossl_ctx_method)) == NULL)
if (c_get_libctx == NULL)
return 0;
- *provctx = c_get_libctx(provider);
-
- /*
- * Safety measure... we should get the library context that was
- * created up in OSSL_provider_init().
- */
- if (*provctx == NULL)
+ if ((*provctx = PROV_CTX_new()) == NULL)
return 0;
+ PROV_CTX_set0_library_context(*provctx, c_get_libctx(provider));
+ PROV_CTX_set0_provider(*provctx, provider);
*out = intern_dispatch_table;
return 1;