From: Alessandro Ghedini Date: Fri, 26 Feb 2016 12:21:15 +0000 (+0000) Subject: Convert CRYPTO_LOCK_EVP_PKEY to new multi-threading API X-Git-Tag: OpenSSL_1_1_0-pre4~236 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=03273d61e742b02485831ce739e4a6c9b197e3f3;p=oweals%2Fopenssl.git Convert CRYPTO_LOCK_EVP_PKEY to new multi-threading API Reviewed-by: Matt Caswell Reviewed-by: Rich Salz --- diff --git a/crypto/asn1/x_pubkey.c b/crypto/asn1/x_pubkey.c index 1d65b20ed6..7c88291e80 100644 --- a/crypto/asn1/x_pubkey.c +++ b/crypto/asn1/x_pubkey.c @@ -72,8 +72,15 @@ static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) { + if (operation == ASN1_OP_NEW_POST) { + X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval; + pubkey->lock = CRYPTO_THREAD_lock_new(); + if (pubkey->lock == NULL) + return 0; + } if (operation == ASN1_OP_FREE_POST) { X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval; + CRYPTO_THREAD_lock_free(pubkey->lock); EVP_PKEY_free(pubkey->pkey); } return 1; @@ -155,14 +162,14 @@ EVP_PKEY *X509_PUBKEY_get0(X509_PUBKEY *key) } /* Check to see if another thread set key->pkey first */ - CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY); + CRYPTO_THREAD_write_lock(key->lock); if (key->pkey) { - CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY); + CRYPTO_THREAD_unlock(key->lock); EVP_PKEY_free(ret); ret = key->pkey; } else { key->pkey = ret; - CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY); + CRYPTO_THREAD_unlock(key->lock); } return ret; diff --git a/crypto/cms/cms_env.c b/crypto/cms/cms_env.c index 3b065ae250..c54667f5df 100644 --- a/crypto/cms/cms_env.c +++ b/crypto/cms/cms_env.c @@ -200,7 +200,8 @@ static int cms_RecipientInfo_ktri_init(CMS_RecipientInfo *ri, X509 *recip, return 0; X509_up_ref(recip); - CRYPTO_add(&pk->references, 1, CRYPTO_LOCK_EVP_PKEY); + EVP_PKEY_up_ref(pk); + ktri->pkey = pk; ktri->recip = recip; diff --git a/crypto/cms/cms_sd.c b/crypto/cms/cms_sd.c index 2757aa9392..151f40f9a5 100644 --- a/crypto/cms/cms_sd.c +++ b/crypto/cms/cms_sd.c @@ -283,8 +283,8 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms, /* Call for side-effect of computing hash and caching extensions */ X509_check_purpose(signer, -1, -1); - CRYPTO_add(&pk->references, 1, CRYPTO_LOCK_EVP_PKEY); X509_up_ref(signer); + EVP_PKEY_up_ref(pk); si->pkey = pk; si->signer = signer; diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index b34a268c89..a7d624427e 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -190,18 +190,25 @@ EVP_PKEY *EVP_PKEY_new(void) if (ret == NULL) { EVPerr(EVP_F_EVP_PKEY_NEW, ERR_R_MALLOC_FAILURE); - return (NULL); + return NULL; } ret->type = EVP_PKEY_NONE; ret->save_type = EVP_PKEY_NONE; ret->references = 1; ret->save_parameters = 1; - return (ret); + ret->lock = CRYPTO_THREAD_lock_new(); + if (ret->lock == NULL) { + EVPerr(EVP_F_EVP_PKEY_NEW, ERR_R_MALLOC_FAILURE); + OPENSSL_free(ret); + return NULL; + } + return ret; } void EVP_PKEY_up_ref(EVP_PKEY *pkey) { - CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY); + int i; + CRYPTO_atomic_add(&pkey->references, 1, &i, pkey->lock); } /* @@ -416,7 +423,7 @@ void EVP_PKEY_free(EVP_PKEY *x) if (x == NULL) return; - i = CRYPTO_add(&x->references, -1, CRYPTO_LOCK_EVP_PKEY); + CRYPTO_atomic_add(&x->references, -1, &i, x->lock); REF_PRINT_COUNT("EVP_PKEY", x); if (i > 0) return; @@ -437,6 +444,7 @@ static void EVP_PKEY_free_it(EVP_PKEY *x) ENGINE_finish(x->engine); x->engine = NULL; #endif + CRYPTO_THREAD_lock_free(x->lock); } static int unsup_alg(BIO *out, const EVP_PKEY *pkey, int indent, diff --git a/crypto/evp/pmeth_fn.c b/crypto/evp/pmeth_fn.c index 11c319dd41..872947a6aa 100644 --- a/crypto/evp/pmeth_fn.c +++ b/crypto/evp/pmeth_fn.c @@ -324,7 +324,7 @@ int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer) return ret; } - CRYPTO_add(&peer->references, 1, CRYPTO_LOCK_EVP_PKEY); + EVP_PKEY_up_ref(peer); return 1; } diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index 9ae61cf22e..26bec9a64b 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -175,7 +175,7 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id) ret->operation = EVP_PKEY_OP_UNDEFINED; ret->pkey = pkey; if (pkey) - CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY); + EVP_PKEY_up_ref(pkey); if (pmeth->init) { if (pmeth->init(ret) <= 0) { @@ -288,12 +288,12 @@ EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx) #endif if (pctx->pkey) - CRYPTO_add(&pctx->pkey->references, 1, CRYPTO_LOCK_EVP_PKEY); + EVP_PKEY_up_ref(pctx->pkey); rctx->pkey = pctx->pkey; if (pctx->peerkey) - CRYPTO_add(&pctx->peerkey->references, 1, CRYPTO_LOCK_EVP_PKEY); + EVP_PKEY_up_ref(pctx->peerkey); rctx->peerkey = pctx->peerkey; diff --git a/crypto/include/internal/evp_int.h b/crypto/include/internal/evp_int.h index cccc1e10fe..f5811c1d10 100644 --- a/crypto/include/internal/evp_int.h +++ b/crypto/include/internal/evp_int.h @@ -416,6 +416,7 @@ struct evp_pkey_st { } pkey; int save_parameters; STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */ + CRYPTO_RWLOCK *lock; } /* EVP_PKEY */ ; diff --git a/include/openssl/crypto.h b/include/openssl/crypto.h index a36d7175e1..4af6f72b0c 100644 --- a/include/openssl/crypto.h +++ b/include/openssl/crypto.h @@ -170,7 +170,6 @@ extern "C" { # define CRYPTO_LOCK_X509_PKEY 5 # define CRYPTO_LOCK_X509_CRL 6 # define CRYPTO_LOCK_X509_REQ 7 -# define CRYPTO_LOCK_EVP_PKEY 10 # define CRYPTO_LOCK_X509_STORE 11 # define CRYPTO_LOCK_SSL_CTX 12 # define CRYPTO_LOCK_SSL_CERT 13 diff --git a/include/openssl/x509.h b/include/openssl/x509.h index fc77886d20..294ab83b0e 100644 --- a/include/openssl/x509.h +++ b/include/openssl/x509.h @@ -133,6 +133,7 @@ struct X509_pubkey_st { X509_ALGOR *algor; ASN1_BIT_STRING *public_key; EVP_PKEY *pkey; + CRYPTO_RWLOCK *lock; }; typedef struct X509_sig_st {