fix more race conditions

Submitted by: "Patrick McCormick" <patrick@tellme.com>
PR: 262

diff --git a/CHANGES b/CHANGES
index 2443971bba9929ddb4ec050f9328b9b6bfa394c6..feba2200e7f61c4afd57b5e1684233c477589927 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1928,10 +1928,10 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
      [Bodo Moeller]
 
   *) Fix initialization code race conditions in
-        SSLv23_client_method(),   SSLv23_server_method(),
-        SSLv2_client_method(),    SSLv2_server_method(),
-        SSLv3_client_method(),    SSLv3_server_method(),
-        TLSv1_client_method(),    TLSv1_server_method(),
+        SSLv23_method(),  SSLv23_client_method(),   SSLv23_server_method(),
+        SSLv2_method(),   SSLv2_client_method(),    SSLv2_server_method(),
+        SSLv3_method(),   SSLv3_client_method(),    SSLv3_server_method(),
+        TLSv1_method(),   TLSv1_client_method(),    TLSv1_server_method(),
         ssl2_get_cipher_by_char(),
         ssl3_get_cipher_by_char().
      [Patrick McCormick <patrick@tellme.com>, Bodo Moeller]

diff --git a/ssl/s23_meth.c b/ssl/s23_meth.c
index 40684311db30e3421ba39fcf4f8e4a6d3986e989..f207140835f8680741db3e4ad3de83f69b1b0712 100644 (file)
--- a/ssl/s23_meth.c
+++ b/ssl/s23_meth.c
@@ -80,12 +80,19 @@ SSL_METHOD *SSLv23_method(void)
 
        if (init)
                {
-               memcpy((char *)&SSLv23_data,(char *)sslv23_base_method(),
-                       sizeof(SSL_METHOD));
-               SSLv23_data.ssl_connect=ssl23_connect;
-               SSLv23_data.ssl_accept=ssl23_accept;
-               SSLv23_data.get_ssl_method=ssl23_get_method;
-               init=0;
+               CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
+               
+               if (init)
+                       {
+                       memcpy((char *)&SSLv23_data,(char *)sslv23_base_method(),
+                               sizeof(SSL_METHOD));
+                       SSLv23_data.ssl_connect=ssl23_connect;
+                       SSLv23_data.ssl_accept=ssl23_accept;
+                       SSLv23_data.get_ssl_method=ssl23_get_method;
+                       init=0;
+                       }
+               
+               CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
                }
        return(&SSLv23_data);
        }

diff --git a/ssl/s2_meth.c b/ssl/s2_meth.c
index d30b7179f7cfe0d74c799eab0068ff98a764ef9d..8b6cbd086e2ab7ba84886ee52a49fe0758022870 100644 (file)
--- a/ssl/s2_meth.c
+++ b/ssl/s2_meth.c
@@ -77,12 +77,19 @@ SSL_METHOD *SSLv2_method(void)
 
        if (init)
                {
-               memcpy((char *)&SSLv2_data,(char *)sslv2_base_method(),
-                       sizeof(SSL_METHOD));
-               SSLv2_data.ssl_connect=ssl2_connect;
-               SSLv2_data.ssl_accept=ssl2_accept;
-               SSLv2_data.get_ssl_method=ssl2_get_method;
-               init=0;
+               CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
+               
+               if (init)
+                       {
+                       memcpy((char *)&SSLv2_data,(char *)sslv2_base_method(),
+                               sizeof(SSL_METHOD));
+                       SSLv2_data.ssl_connect=ssl2_connect;
+                       SSLv2_data.ssl_accept=ssl2_accept;
+                       SSLv2_data.get_ssl_method=ssl2_get_method;
+                       init=0;
+                       }
+               
+               CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
                }
        return(&SSLv2_data);
        }

diff --git a/ssl/s3_meth.c b/ssl/s3_meth.c
index 81bcad89c52f7f0fa1c24c3c85d1e9de4201592e..1fd7a96f87ba23ce91c57d14f428c4fb839f7122 100644 (file)
--- a/ssl/s3_meth.c
+++ b/ssl/s3_meth.c
@@ -76,12 +76,19 @@ SSL_METHOD *SSLv3_method(void)
 
        if (init)
                {
-               memcpy((char *)&SSLv3_data,(char *)sslv3_base_method(),
-                       sizeof(SSL_METHOD));
-               SSLv3_data.ssl_connect=ssl3_connect;
-               SSLv3_data.ssl_accept=ssl3_accept;
-               SSLv3_data.get_ssl_method=ssl3_get_method;
-               init=0;
+               CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
+               
+               if (init)
+                       {
+                       memcpy((char *)&SSLv3_data,(char *)sslv3_base_method(),
+                               sizeof(SSL_METHOD));
+                       SSLv3_data.ssl_connect=ssl3_connect;
+                       SSLv3_data.ssl_accept=ssl3_accept;
+                       SSLv3_data.get_ssl_method=ssl3_get_method;
+                       init=0;
+                       }
+
+               CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
                }
        return(&SSLv3_data);
        }

diff --git a/ssl/t1_meth.c b/ssl/t1_meth.c
index 9bb36a7d1ca97cb8661480bd9d006f0d5b7c4054..fcc243f782643d5cdb3c015d90390a442562208f 100644 (file)
--- a/ssl/t1_meth.c
+++ b/ssl/t1_meth.c
@@ -76,13 +76,21 @@ SSL_METHOD *TLSv1_method(void)
 
        if (init)
                {
-               memcpy((char *)&TLSv1_data,(char *)tlsv1_base_method(),
-                       sizeof(SSL_METHOD));
-               TLSv1_data.ssl_connect=ssl3_connect;
-               TLSv1_data.ssl_accept=ssl3_accept;
-               TLSv1_data.get_ssl_method=tls1_get_method;
-               init=0;
+               CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
+               
+               if (init)
+                       {
+                       memcpy((char *)&TLSv1_data,(char *)tlsv1_base_method(),
+                               sizeof(SSL_METHOD));
+                       TLSv1_data.ssl_connect=ssl3_connect;
+                       TLSv1_data.ssl_accept=ssl3_accept;
+                       TLSv1_data.get_ssl_method=tls1_get_method;
+                       init=0;
+                       }
+
+               CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
                }
+       
        return(&TLSv1_data);
        }