{
const ASN1_AUX *aux;
int *lck, ret;
+ CRYPTO_RWLOCK **lock;
if ((it->itype != ASN1_ITYPE_SEQUENCE)
&& (it->itype != ASN1_ITYPE_NDEF_SEQUENCE))
return 0;
if (!aux || !(aux->flags & ASN1_AFLG_REFCOUNT))
return 0;
lck = offset2ptr(*pval, aux->ref_offset);
+ lock = offset2ptr(*pval, aux->ref_lock);
if (op == 0) {
*lck = 1;
+ *lock = CRYPTO_THREAD_lock_new();
+ if (*lock == NULL)
+ return 0;
return 1;
}
- ret = CRYPTO_add(lck, op, aux->ref_lock);
+ CRYPTO_atomic_add(lck, op, &ret, *lock);
#ifdef REF_PRINT
fprintf(stderr, "%p:%4d:%s\n", it, *lck, it->sname);
#endif
REF_ASSERT_ISNT(ret < 0);
+ if (ret == 0)
+ CRYPTO_THREAD_lock_free(*lock);
return ret;
}
ret = OPENSSL_zalloc(sizeof(*ret));
if (ret == NULL) {
ASN1err(ASN1_F_X509_INFO_NEW, ERR_R_MALLOC_FAILURE);
- return (NULL);
+ return NULL;
}
+
ret->references = 1;
- return (ret);
+
+ ret->lock = CRYPTO_THREAD_lock_new();
+ if (ret->lock == NULL) {
+ X509_INFO_free(ret);
+ return NULL;
+ }
+
+ return ret;
}
void X509_INFO_free(X509_INFO *x)
if (x == NULL)
return;
- i = CRYPTO_add(&x->references, -1, CRYPTO_LOCK_X509_INFO);
+ CRYPTO_atomic_add(&x->references, -1, &i, x->lock);
REF_PRINT_COUNT("X509_INFO", x);
if (i > 0)
return;
X509_CRL_free(x->crl);
X509_PKEY_free(x->x_pkey);
OPENSSL_free(x->enc_data);
+ CRYPTO_THREAD_lock_free(x->lock);
OPENSSL_free(x);
}
goto err;
ret->references = 1;
+ ret->lock = CRYPTO_THREAD_lock_new();
+ if (ret->lock == NULL) {
+ OPENSSL_free(ret);
+ return NULL;
+ }
ret->enc_algor = X509_ALGOR_new();
ret->enc_pkey = ASN1_OCTET_STRING_new();
if (ret->enc_algor == NULL || ret->enc_pkey == NULL)
if (x == NULL)
return;
- i = CRYPTO_add(&x->references, -1, CRYPTO_LOCK_X509_PKEY);
+ CRYPTO_atomic_add(&x->references, -1, &i, x->lock);
REF_PRINT_COUNT("X509_PKEY", x);
if (i > 0)
return;
EVP_PKEY_free(x->dec_pkey);
if (x->key_free)
OPENSSL_free(x->key_data);
+ CRYPTO_THREAD_lock_free(x->lock);
OPENSSL_free(x);
}
if (!ENGINE_init(engine)) {
ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_ENGINE_LIB);
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_EC_KEY, ret, &ret->ex_data);
+ CRYPTO_THREAD_lock_free(ret->lock);
OPENSSL_free(ret);
return NULL;
}
ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_ENGINE_LIB);
ENGINE_finish(ret->engine);
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_EC_KEY, ret, &ret->ex_data);
+ CRYPTO_THREAD_lock_free(ret->lock);
OPENSSL_free(ret);
return NULL;
}
X509_ALGOR sig_alg; /* signature algorithm */
ASN1_BIT_STRING *signature; /* signature */
int references;
+ CRYPTO_RWLOCK *lock;
};
struct X509_crl_info_st {
/* alternative method to handle this CRL */
const X509_CRL_METHOD *meth;
void *meth_data;
+ CRYPTO_RWLOCK *lock;
};
struct x509_revoked_st {
# endif
unsigned char sha1_hash[SHA_DIGEST_LENGTH];
X509_CERT_AUX *aux;
+ CRYPTO_RWLOCK *lock;
} /* X509 */ ;
/* PKCS#8 private key info structure */
if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data))
goto err;
+ ret->lock = CRYPTO_THREAD_lock_new();
+ if (ret->lock == NULL)
+ goto err;
+
ret->references = 1;
return ret;
+
err:
X509_VERIFY_PARAM_free(ret->param);
sk_X509_OBJECT_free(ret->objs);
if (vfy == NULL)
return;
- i = CRYPTO_add(&vfy->references, -1, CRYPTO_LOCK_X509_STORE);
+ CRYPTO_atomic_add(&vfy->references, -1, &i, vfy->lock);
REF_PRINT_COUNT("X509_STORE", vfy);
if (i > 0)
return;
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE, vfy, &vfy->ex_data);
X509_VERIFY_PARAM_free(vfy->param);
+ CRYPTO_THREAD_lock_free(vfy->lock);
OPENSSL_free(vfy);
}
+int X509_STORE_up_ref(X509_STORE *vfy)
+{
+ int i;
+
+ if (CRYPTO_atomic_add(&vfy->references, 1, &i, vfy->lock) <= 0)
+ return 0;
+
+ REF_PRINT_COUNT("X509_STORE", a);
+ REF_ASSERT_ISNT(i < 2);
+ return ((i > 1) ? 1 : 0);
+}
+
X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m)
{
int i;
X509_OBJECT stmp, *tmp;
int i, j;
- CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
+ CRYPTO_THREAD_write_lock(ctx->lock);
tmp = X509_OBJECT_retrieve_by_subject(ctx->objs, type, name);
- CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+ CRYPTO_THREAD_unlock(ctx->lock);
if (tmp == NULL || type == X509_LU_CRL) {
for (i = vs->current_method;
obj->type = X509_LU_X509;
obj->data.x509 = x;
- CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
+ CRYPTO_THREAD_write_lock(ctx->lock);
X509_OBJECT_up_ref_count(obj);
} else
sk_X509_OBJECT_push(ctx->objs, obj);
- CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+ CRYPTO_THREAD_unlock(ctx->lock);
return ret;
}
obj->type = X509_LU_CRL;
obj->data.crl = x;
- CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
+ CRYPTO_THREAD_write_lock(ctx->lock);
X509_OBJECT_up_ref_count(obj);
} else
sk_X509_OBJECT_push(ctx->objs, obj);
- CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+ CRYPTO_THREAD_unlock(ctx->lock);
return ret;
}
X509 *x;
X509_OBJECT *obj;
sk = sk_X509_new_null();
- CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
+ CRYPTO_THREAD_write_lock(ctx->ctx->lock);
idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_X509, nm, &cnt);
if (idx < 0) {
/*
* cache
*/
X509_OBJECT xobj;
- CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+ CRYPTO_THREAD_unlock(ctx->ctx->lock);
if (!X509_STORE_get_by_subject(ctx, X509_LU_X509, nm, &xobj)) {
sk_X509_free(sk);
return NULL;
}
X509_OBJECT_free_contents(&xobj);
- CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
+ CRYPTO_THREAD_write_lock(ctx->ctx->lock);
idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_X509, nm, &cnt);
if (idx < 0) {
- CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+ CRYPTO_THREAD_unlock(ctx->ctx->lock);
sk_X509_free(sk);
return NULL;
}
x = obj->data.x509;
X509_up_ref(x);
if (!sk_X509_push(sk, x)) {
- CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+ CRYPTO_THREAD_unlock(ctx->ctx->lock);
X509_free(x);
sk_X509_pop_free(sk, X509_free);
return NULL;
}
}
- CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+ CRYPTO_THREAD_unlock(ctx->ctx->lock);
return sk;
}
return NULL;
}
X509_OBJECT_free_contents(&xobj);
- CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
+ CRYPTO_THREAD_write_lock(ctx->ctx->lock);
idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_CRL, nm, &cnt);
if (idx < 0) {
- CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+ CRYPTO_THREAD_unlock(ctx->ctx->lock);
sk_X509_CRL_free(sk);
return NULL;
}
x = obj->data.crl;
X509_CRL_up_ref(x);
if (!sk_X509_CRL_push(sk, x)) {
- CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+ CRYPTO_THREAD_unlock(ctx->ctx->lock);
X509_CRL_free(x);
sk_X509_CRL_pop_free(sk, X509_CRL_free);
return NULL;
}
}
- CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+ CRYPTO_THREAD_unlock(ctx->ctx->lock);
return sk;
}
/* Else find index of first cert accepted by 'check_issued' */
ret = 0;
- CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
+ CRYPTO_THREAD_write_lock(ctx->ctx->lock);
idx = X509_OBJECT_idx_by_subject(ctx->ctx->objs, X509_LU_X509, xn);
if (idx != -1) { /* should be true as we've had at least one
* match */
}
}
}
- CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+ CRYPTO_THREAD_unlock(ctx->ctx->lock);
if (*issuer)
X509_up_ref(*issuer);
return ret;
void X509_up_ref(X509 *x)
{
- CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
+ int i;
+ CRYPTO_atomic_add(&x->references, 1, &i, x->lock);
}
long X509_get_version(X509 *x)
void X509_STORE_CTX_free(X509_STORE_CTX *ctx)
{
- if (!ctx)
+ if (ctx == NULL)
return;
+
X509_STORE_CTX_cleanup(ctx);
OPENSSL_free(ctx);
}
void X509_CRL_up_ref(X509_CRL *crl)
{
- CRYPTO_add(&crl->references, 1, CRYPTO_LOCK_X509_CRL);
+ int i;
+ CRYPTO_atomic_add(&crl->references, 1, &i, crl->lock);
}
long X509_CRL_get_version(X509_CRL *crl)
DIST_POINT_set_dpname(idp->distpoint, X509_CRL_get_issuer(crl));
}
-ASN1_SEQUENCE_ref(X509_CRL, crl_cb, CRYPTO_LOCK_X509_CRL) = {
+ASN1_SEQUENCE_ref(X509_CRL, crl_cb) = {
ASN1_EMBED(X509_CRL, crl, X509_CRL_INFO),
ASN1_EMBED(X509_CRL, sig_alg, X509_ALGOR),
ASN1_EMBED(X509_CRL, signature, ASN1_BIT_STRING)
* under a lock to avoid race condition.
*/
if (!sk_X509_REVOKED_is_sorted(crl->crl.revoked)) {
- CRYPTO_w_lock(CRYPTO_LOCK_X509_CRL);
+ CRYPTO_THREAD_write_lock(crl->lock);
sk_X509_REVOKED_sort(crl->crl.revoked);
- CRYPTO_w_unlock(CRYPTO_LOCK_X509_CRL);
+ CRYPTO_THREAD_unlock(crl->lock);
}
idx = sk_X509_REVOKED_find(crl->crl.revoked, &rtmp);
if (idx < 0)
IMPLEMENT_ASN1_FUNCTIONS(X509_REQ_INFO)
-ASN1_SEQUENCE_ref(X509_REQ, 0, CRYPTO_LOCK_X509_REQ) = {
+ASN1_SEQUENCE_ref(X509_REQ, 0) = {
ASN1_EMBED(X509_REQ, req_info, X509_REQ_INFO),
ASN1_EMBED(X509_REQ, sig_alg, X509_ALGOR),
ASN1_SIMPLE(X509_REQ, signature, ASN1_BIT_STRING)
}
-ASN1_SEQUENCE_ref(X509, x509_cb, CRYPTO_LOCK_X509) = {
+ASN1_SEQUENCE_ref(X509, x509_cb) = {
ASN1_EMBED(X509, cert_info, X509_CINF),
ASN1_EMBED(X509, sig_alg, X509_ALGOR),
ASN1_EMBED(X509, signature, ASN1_BIT_STRING)
{
if (x->policy_cache == NULL) {
- CRYPTO_w_lock(CRYPTO_LOCK_X509);
+ CRYPTO_THREAD_write_lock(x->lock);
policy_cache_new(x);
- CRYPTO_w_unlock(CRYPTO_LOCK_X509);
+ CRYPTO_THREAD_unlock(x->lock);
}
return x->policy_cache;
int idx;
const X509_PURPOSE *pt;
if (!(x->ex_flags & EXFLAG_SET)) {
- CRYPTO_w_lock(CRYPTO_LOCK_X509);
+ CRYPTO_THREAD_write_lock(x->lock);
x509v3_cache_extensions(x);
- CRYPTO_w_unlock(CRYPTO_LOCK_X509);
+ CRYPTO_THREAD_unlock(x->lock);
}
/* Return if side-effect only call */
if (id == -1)
int X509_check_ca(X509 *x)
{
if (!(x->ex_flags & EXFLAG_SET)) {
- CRYPTO_w_lock(CRYPTO_LOCK_X509);
+ CRYPTO_THREAD_write_lock(x->lock);
x509v3_cache_extensions(x);
- CRYPTO_w_unlock(CRYPTO_LOCK_X509);
+ CRYPTO_THREAD_unlock(x->lock);
}
return check_ca(x);
--- /dev/null
+=pod
+
+=head1 NAME
+
+X509_STORE_new, X509_STORE_up_ref, X509_STORE_free - X509_STORE allocation and freeing functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509_vfy.h>
+
+ X509_STORE *X509_STORE_new(void);
+ void X509_STORE_free(X509_STORE *v);
+ int X509_STORE_up_ref(X509_STORE *v);
+
+=head1 DESCRIPTION
+
+The X509_STORE_new() function returns a new X509_STORE.
+
+X509_STORE_up_ref() increments the reference count associated with the
+X509_STORE object.
+
+X509_STORE_free() frees up a single X509_STORE object.
+
+=head1 RETURN VALUES
+
+X509_STORE_new() returns a newly created X509_STORE or NULL if the call fails.
+
+X509_STORE_up_ref() returns 1 for success and 0 for failure.
+
+X509_STORE_free() does not return values.
+
+=head1 SEE ALSO
+
+L<X509_STORE_set_verify_cb_func(3)>
+
+=cut
static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_BROKEN, 0, 0, 0, 0}; \
ASN1_SEQUENCE(tname)
-# define ASN1_SEQUENCE_ref(tname, cb, lck) \
- static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), lck, cb, 0}; \
+# define ASN1_SEQUENCE_ref(tname, cb) \
+ static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), offsetof(tname, lock), cb, 0}; \
ASN1_SEQUENCE(tname)
# define ASN1_SEQUENCE_enc(tname, enc, cb) \
* names in cryptlib.c
*/
-# define CRYPTO_LOCK_X509 3
-# define CRYPTO_LOCK_X509_INFO 4
-# define CRYPTO_LOCK_X509_PKEY 5
-# define CRYPTO_LOCK_X509_CRL 6
-# define CRYPTO_LOCK_X509_REQ 7
# define CRYPTO_LOCK_X509_STORE 11
# define CRYPTO_LOCK_SSL_CTX 12
# define CRYPTO_LOCK_SSL_CERT 13
/* expanded version of 'enc_algor' */
EVP_CIPHER_INFO cipher;
int references;
+ CRYPTO_RWLOCK *lock;
} X509_PKEY;
typedef struct X509_info_st {
int enc_len;
char *enc_data;
int references;
+ CRYPTO_RWLOCK *lock;
} X509_INFO;
DEFINE_STACK_OF(X509_INFO)
int (*cleanup) (X509_STORE_CTX *ctx);
CRYPTO_EX_DATA ex_data;
int references;
+ CRYPTO_RWLOCK *lock;
} /* X509_STORE */ ;
int X509_STORE_set_depth(X509_STORE *store, int depth);
void X509_OBJECT_free_contents(X509_OBJECT *a);
X509_STORE *X509_STORE_new(void);
void X509_STORE_free(X509_STORE *v);
+int X509_STORE_up_ref(X509_STORE *v);
STACK_OF(X509) *X509_STORE_get1_certs(X509_STORE_CTX *st, X509_NAME *nm);
STACK_OF(X509_CRL) *X509_STORE_get1_crls(X509_STORE_CTX *st, X509_NAME *nm);
ret->cert_cb_arg = cert->cert_cb_arg;
if (cert->verify_store) {
- CRYPTO_add(&cert->verify_store->references, 1,
- CRYPTO_LOCK_X509_STORE);
+ X509_STORE_up_ref(cert->verify_store);
ret->verify_store = cert->verify_store;
}
if (cert->chain_store) {
- CRYPTO_add(&cert->chain_store->references, 1, CRYPTO_LOCK_X509_STORE);
+ X509_STORE_up_ref(cert->chain_store);
ret->chain_store = cert->chain_store;
}
X509_STORE_free(*pstore);
*pstore = store;
if (ref && store)
- CRYPTO_add(&store->references, 1, CRYPTO_LOCK_X509_STORE);
+ X509_STORE_up_ref(store);
return 1;
}
projects / oweals / openssl.git / commitdiff