projects / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 41cfbcc)
Convert CRYPTO_LOCK_X509_* to new multi-threading API
authorAlessandro Ghedini <alessandro@ghedini.me>
Tue, 1 Mar 2016 18:06:15 +0000 (18:06 +0000)
committerRich Salz <rsalz@openssl.org>
Tue, 8 Mar 2016 16:10:34 +0000 (11:10 -0500)
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
20 files changed:
crypto/asn1/tasn_utl.c patch | blob | history
crypto/asn1/x_info.c patch | blob | history
crypto/asn1/x_pkey.c patch | blob | history
crypto/ec/ec_kmeth.c patch | blob | history
crypto/include/internal/x509_int.h patch | blob | history
crypto/x509/x509_lu.c patch | blob | history
crypto/x509/x509_set.c patch | blob | history
crypto/x509/x509_vfy.c patch | blob | history
crypto/x509/x509cset.c patch | blob | history
crypto/x509/x_crl.c patch | blob | history
crypto/x509/x_req.c patch | blob | history
crypto/x509/x_x509.c patch | blob | history
crypto/x509v3/pcy_cache.c patch | blob | history
crypto/x509v3/v3_purp.c patch | blob | history
doc/crypto/X509_STORE_new.pod [new file with mode: 0644] patch | blob
include/openssl/asn1t.h patch | blob | history
include/openssl/crypto.h patch | blob | history
include/openssl/x509.h patch | blob | history
include/openssl/x509_vfy.h patch | blob | history
ssl/ssl_cert.c patch | blob | history

diff --git a/crypto/asn1/tasn_utl.c b/crypto/asn1/tasn_utl.c
index c840047cdf6576fcf380374ded078591b56e5e54..41f2fc24a0fe3bbd9e708dc60606e583e5be1bb7 100644 (file)
--- a/crypto/asn1/tasn_utl.c
+++ b/crypto/asn1/tasn_utl.c
@@ -105,6 +105,7 @@ int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it)
 {
     const ASN1_AUX *aux;
     int *lck, ret;
 {
     const ASN1_AUX *aux;
     int *lck, ret;
+    CRYPTO_RWLOCK **lock;
     if ((it->itype != ASN1_ITYPE_SEQUENCE)
         && (it->itype != ASN1_ITYPE_NDEF_SEQUENCE))
         return 0;
     if ((it->itype != ASN1_ITYPE_SEQUENCE)
         && (it->itype != ASN1_ITYPE_NDEF_SEQUENCE))
         return 0;
@@ -112,15 +113,21 @@ int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it)
     if (!aux || !(aux->flags & ASN1_AFLG_REFCOUNT))
         return 0;
     lck = offset2ptr(*pval, aux->ref_offset);
     if (!aux || !(aux->flags & ASN1_AFLG_REFCOUNT))
         return 0;
     lck = offset2ptr(*pval, aux->ref_offset);
+    lock = offset2ptr(*pval, aux->ref_lock);
     if (op == 0) {
         *lck = 1;
     if (op == 0) {
         *lck = 1;
+        *lock = CRYPTO_THREAD_lock_new();
+        if (*lock == NULL)
+            return 0;
         return 1;
     }
         return 1;
     }
-    ret = CRYPTO_add(lck, op, aux->ref_lock);
+    CRYPTO_atomic_add(lck, op, &ret, *lock);
 #ifdef REF_PRINT
     fprintf(stderr, "%p:%4d:%s\n", it, *lck, it->sname);
 #endif
     REF_ASSERT_ISNT(ret < 0);
 #ifdef REF_PRINT
     fprintf(stderr, "%p:%4d:%s\n", it, *lck, it->sname);
 #endif
     REF_ASSERT_ISNT(ret < 0);
+    if (ret == 0)
+        CRYPTO_THREAD_lock_free(*lock);
     return ret;
 }
 
     return ret;
 }
 
diff --git a/crypto/asn1/x_info.c b/crypto/asn1/x_info.c
index adee224699bc0b360e9110c2657b81b24841d509..4b3b7de870ebe735450be03d40deb9a81cb23d0d 100644 (file)
--- a/crypto/asn1/x_info.c
+++ b/crypto/asn1/x_info.c
@@ -68,10 +68,18 @@ X509_INFO *X509_INFO_new(void)
     ret = OPENSSL_zalloc(sizeof(*ret));
     if (ret == NULL) {
         ASN1err(ASN1_F_X509_INFO_NEW, ERR_R_MALLOC_FAILURE);
     ret = OPENSSL_zalloc(sizeof(*ret));
     if (ret == NULL) {
         ASN1err(ASN1_F_X509_INFO_NEW, ERR_R_MALLOC_FAILURE);
-        return (NULL);
+        return NULL;
     }
     }
+
     ret->references = 1;
     ret->references = 1;
-    return (ret);
+
+    ret->lock = CRYPTO_THREAD_lock_new();
+    if (ret->lock == NULL) {
+        X509_INFO_free(ret);
+        return NULL;
+    }
+
+    return ret;
 }
 
 void X509_INFO_free(X509_INFO *x)
 }
 
 void X509_INFO_free(X509_INFO *x)
@@ -81,7 +89,7 @@ void X509_INFO_free(X509_INFO *x)
     if (x == NULL)
         return;
 
     if (x == NULL)
         return;
 
-    i = CRYPTO_add(&x->references, -1, CRYPTO_LOCK_X509_INFO);
+    CRYPTO_atomic_add(&x->references, -1, &i, x->lock);
     REF_PRINT_COUNT("X509_INFO", x);
     if (i > 0)
         return;
     REF_PRINT_COUNT("X509_INFO", x);
     if (i > 0)
         return;
@@ -91,5 +99,6 @@ void X509_INFO_free(X509_INFO *x)
     X509_CRL_free(x->crl);
     X509_PKEY_free(x->x_pkey);
     OPENSSL_free(x->enc_data);
     X509_CRL_free(x->crl);
     X509_PKEY_free(x->x_pkey);
     OPENSSL_free(x->enc_data);
+    CRYPTO_THREAD_lock_free(x->lock);
     OPENSSL_free(x);
 }
     OPENSSL_free(x);
 }
diff --git a/crypto/asn1/x_pkey.c b/crypto/asn1/x_pkey.c
index 6e09d2923999c60db121b68ebc32f6cf3ff3977c..d8960d1541347e8799aada19cc0f42ac5e326ff8 100644 (file)
--- a/crypto/asn1/x_pkey.c
+++ b/crypto/asn1/x_pkey.c
@@ -70,6 +70,11 @@ X509_PKEY *X509_PKEY_new(void)
         goto err;
 
     ret->references = 1;
         goto err;
 
     ret->references = 1;
+    ret->lock = CRYPTO_THREAD_lock_new();
+    if (ret->lock == NULL) {
+        OPENSSL_free(ret);
+        return NULL;
+    }
     ret->enc_algor = X509_ALGOR_new();
     ret->enc_pkey = ASN1_OCTET_STRING_new();
     if (ret->enc_algor == NULL || ret->enc_pkey == NULL)
     ret->enc_algor = X509_ALGOR_new();
     ret->enc_pkey = ASN1_OCTET_STRING_new();
     if (ret->enc_algor == NULL || ret->enc_pkey == NULL)
@@ -89,7 +94,7 @@ void X509_PKEY_free(X509_PKEY *x)
     if (x == NULL)
         return;
 
     if (x == NULL)
         return;
 
-    i = CRYPTO_add(&x->references, -1, CRYPTO_LOCK_X509_PKEY);
+    CRYPTO_atomic_add(&x->references, -1, &i, x->lock);
     REF_PRINT_COUNT("X509_PKEY", x);
     if (i > 0)
         return;
     REF_PRINT_COUNT("X509_PKEY", x);
     if (i > 0)
         return;
@@ -100,5 +105,6 @@ void X509_PKEY_free(X509_PKEY *x)
     EVP_PKEY_free(x->dec_pkey);
     if (x->key_free)
         OPENSSL_free(x->key_data);
     EVP_PKEY_free(x->dec_pkey);
     if (x->key_free)
         OPENSSL_free(x->key_data);
+    CRYPTO_THREAD_lock_free(x->lock);
     OPENSSL_free(x);
 }
     OPENSSL_free(x);
 }
diff --git a/crypto/ec/ec_kmeth.c b/crypto/ec/ec_kmeth.c
index c656cc96deca044eaad524be6cb2f026cd5ec51e..dc097ce0dc4e4e5d45e5d92095afe7e68612f3eb 100644 (file)
--- a/crypto/ec/ec_kmeth.c
+++ b/crypto/ec/ec_kmeth.c
@@ -143,6 +143,7 @@ EC_KEY *EC_KEY_new_method(ENGINE *engine)
         if (!ENGINE_init(engine)) {
             ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_ENGINE_LIB);
             CRYPTO_free_ex_data(CRYPTO_EX_INDEX_EC_KEY, ret, &ret->ex_data);
         if (!ENGINE_init(engine)) {
             ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_ENGINE_LIB);
             CRYPTO_free_ex_data(CRYPTO_EX_INDEX_EC_KEY, ret, &ret->ex_data);
+            CRYPTO_THREAD_lock_free(ret->lock);
             OPENSSL_free(ret);
             return NULL;
         }
             OPENSSL_free(ret);
             return NULL;
         }
@@ -155,6 +156,7 @@ EC_KEY *EC_KEY_new_method(ENGINE *engine)
             ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_ENGINE_LIB);
             ENGINE_finish(ret->engine);
             CRYPTO_free_ex_data(CRYPTO_EX_INDEX_EC_KEY, ret, &ret->ex_data);
             ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_ENGINE_LIB);
             ENGINE_finish(ret->engine);
             CRYPTO_free_ex_data(CRYPTO_EX_INDEX_EC_KEY, ret, &ret->ex_data);
+            CRYPTO_THREAD_lock_free(ret->lock);
             OPENSSL_free(ret);
             return NULL;
         }
             OPENSSL_free(ret);
             return NULL;
         }
diff --git a/crypto/include/internal/x509_int.h b/crypto/include/internal/x509_int.h
index e6e7ed141a52c83c21ec49b997749ddada5fe2c6..eec024c95d45cbdeeae1585f11774d1f8ffcc062 100644 (file)
--- a/crypto/include/internal/x509_int.h
+++ b/crypto/include/internal/x509_int.h
@@ -104,6 +104,7 @@ struct X509_req_st {
     X509_ALGOR sig_alg;         /* signature algorithm */
     ASN1_BIT_STRING *signature; /* signature */
     int references;
     X509_ALGOR sig_alg;         /* signature algorithm */
     ASN1_BIT_STRING *signature; /* signature */
     int references;
+    CRYPTO_RWLOCK *lock;
 };
 
 struct X509_crl_info_st {
 };
 
 struct X509_crl_info_st {
@@ -141,6 +142,7 @@ struct X509_crl_st {
     /* alternative method to handle this CRL */
     const X509_CRL_METHOD *meth;
     void *meth_data;
     /* alternative method to handle this CRL */
     const X509_CRL_METHOD *meth;
     void *meth_data;
+    CRYPTO_RWLOCK *lock;
 };
 
 struct x509_revoked_st {
 };
 
 struct x509_revoked_st {
@@ -212,6 +214,7 @@ struct x509_st {
 # endif
     unsigned char sha1_hash[SHA_DIGEST_LENGTH];
     X509_CERT_AUX *aux;
 # endif
     unsigned char sha1_hash[SHA_DIGEST_LENGTH];
     X509_CERT_AUX *aux;
+    CRYPTO_RWLOCK *lock;
 } /* X509 */ ;
 
 /* PKCS#8 private key info structure */
 } /* X509 */ ;
 
 /* PKCS#8 private key info structure */
diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c
index b53ec480327df6d38174b6dd92bcb0fd183827f8..3b0daf12697b609e6ea3aa736d0b71fe14223269 100644 (file)
--- a/crypto/x509/x509_lu.c
+++ b/crypto/x509/x509_lu.c
@@ -194,8 +194,13 @@ X509_STORE *X509_STORE_new(void)
     if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data))
         goto err;
 
     if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data))
         goto err;
 
+    ret->lock = CRYPTO_THREAD_lock_new();
+    if (ret->lock == NULL)
+        goto err;
+
     ret->references = 1;
     return ret;
     ret->references = 1;
     return ret;
+
 err:
     X509_VERIFY_PARAM_free(ret->param);
     sk_X509_OBJECT_free(ret->objs);
 err:
     X509_VERIFY_PARAM_free(ret->param);
     sk_X509_OBJECT_free(ret->objs);
@@ -228,7 +233,7 @@ void X509_STORE_free(X509_STORE *vfy)
     if (vfy == NULL)
         return;
 
     if (vfy == NULL)
         return;
 
-    i = CRYPTO_add(&vfy->references, -1, CRYPTO_LOCK_X509_STORE);
+    CRYPTO_atomic_add(&vfy->references, -1, &i, vfy->lock);
     REF_PRINT_COUNT("X509_STORE", vfy);
     if (i > 0)
         return;
     REF_PRINT_COUNT("X509_STORE", vfy);
     if (i > 0)
         return;
@@ -245,9 +250,22 @@ void X509_STORE_free(X509_STORE *vfy)
 
     CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE, vfy, &vfy->ex_data);
     X509_VERIFY_PARAM_free(vfy->param);
 
     CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE, vfy, &vfy->ex_data);
     X509_VERIFY_PARAM_free(vfy->param);
+    CRYPTO_THREAD_lock_free(vfy->lock);
     OPENSSL_free(vfy);
 }
 
     OPENSSL_free(vfy);
 }
 
+int X509_STORE_up_ref(X509_STORE *vfy)
+{
+    int i;
+
+    if (CRYPTO_atomic_add(&vfy->references, 1, &i, vfy->lock) <= 0)
+        return 0;
+
+    REF_PRINT_COUNT("X509_STORE", a);
+    REF_ASSERT_ISNT(i < 2);
+    return ((i > 1) ? 1 : 0);
+}
+
 X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m)
 {
     int i;
 X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m)
 {
     int i;
@@ -284,9 +302,9 @@ int X509_STORE_get_by_subject(X509_STORE_CTX *vs, X509_LOOKUP_TYPE type,
     X509_OBJECT stmp, *tmp;
     int i, j;
 
     X509_OBJECT stmp, *tmp;
     int i, j;
 
-    CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
+    CRYPTO_THREAD_write_lock(ctx->lock);
     tmp = X509_OBJECT_retrieve_by_subject(ctx->objs, type, name);
     tmp = X509_OBJECT_retrieve_by_subject(ctx->objs, type, name);
-    CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+    CRYPTO_THREAD_unlock(ctx->lock);
 
     if (tmp == NULL || type == X509_LU_CRL) {
         for (i = vs->current_method;
 
     if (tmp == NULL || type == X509_LU_CRL) {
         for (i = vs->current_method;
@@ -332,7 +350,7 @@ int X509_STORE_add_cert(X509_STORE *ctx, X509 *x)
     obj->type = X509_LU_X509;
     obj->data.x509 = x;
 
     obj->type = X509_LU_X509;
     obj->data.x509 = x;
 
-    CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
+    CRYPTO_THREAD_write_lock(ctx->lock);
 
     X509_OBJECT_up_ref_count(obj);
 
 
     X509_OBJECT_up_ref_count(obj);
 
@@ -345,7 +363,7 @@ int X509_STORE_add_cert(X509_STORE *ctx, X509 *x)
     } else
         sk_X509_OBJECT_push(ctx->objs, obj);
 
     } else
         sk_X509_OBJECT_push(ctx->objs, obj);
 
-    CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+    CRYPTO_THREAD_unlock(ctx->lock);
 
     return ret;
 }
 
     return ret;
 }
@@ -365,7 +383,7 @@ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x)
     obj->type = X509_LU_CRL;
     obj->data.crl = x;
 
     obj->type = X509_LU_CRL;
     obj->data.crl = x;
 
-    CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
+    CRYPTO_THREAD_write_lock(ctx->lock);
 
     X509_OBJECT_up_ref_count(obj);
 
 
     X509_OBJECT_up_ref_count(obj);
 
@@ -377,7 +395,7 @@ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x)
     } else
         sk_X509_OBJECT_push(ctx->objs, obj);
 
     } else
         sk_X509_OBJECT_push(ctx->objs, obj);
 
-    CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+    CRYPTO_THREAD_unlock(ctx->lock);
 
     return ret;
 }
 
     return ret;
 }
@@ -474,7 +492,7 @@ STACK_OF(X509) *X509_STORE_get1_certs(X509_STORE_CTX *ctx, X509_NAME *nm)
     X509 *x;
     X509_OBJECT *obj;
     sk = sk_X509_new_null();
     X509 *x;
     X509_OBJECT *obj;
     sk = sk_X509_new_null();
-    CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
+    CRYPTO_THREAD_write_lock(ctx->ctx->lock);
     idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_X509, nm, &cnt);
     if (idx < 0) {
         /*
     idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_X509, nm, &cnt);
     if (idx < 0) {
         /*
@@ -482,16 +500,16 @@ STACK_OF(X509) *X509_STORE_get1_certs(X509_STORE_CTX *ctx, X509_NAME *nm)
          * cache
          */
         X509_OBJECT xobj;
          * cache
          */
         X509_OBJECT xobj;
-        CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+        CRYPTO_THREAD_unlock(ctx->ctx->lock);
         if (!X509_STORE_get_by_subject(ctx, X509_LU_X509, nm, &xobj)) {
             sk_X509_free(sk);
             return NULL;
         }
         X509_OBJECT_free_contents(&xobj);
         if (!X509_STORE_get_by_subject(ctx, X509_LU_X509, nm, &xobj)) {
             sk_X509_free(sk);
             return NULL;
         }
         X509_OBJECT_free_contents(&xobj);
-        CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
+        CRYPTO_THREAD_write_lock(ctx->ctx->lock);
         idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_X509, nm, &cnt);
         if (idx < 0) {
         idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_X509, nm, &cnt);
         if (idx < 0) {
-            CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+            CRYPTO_THREAD_unlock(ctx->ctx->lock);
             sk_X509_free(sk);
             return NULL;
         }
             sk_X509_free(sk);
             return NULL;
         }
@@ -501,13 +519,13 @@ STACK_OF(X509) *X509_STORE_get1_certs(X509_STORE_CTX *ctx, X509_NAME *nm)
         x = obj->data.x509;
         X509_up_ref(x);
         if (!sk_X509_push(sk, x)) {
         x = obj->data.x509;
         X509_up_ref(x);
         if (!sk_X509_push(sk, x)) {
-            CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+            CRYPTO_THREAD_unlock(ctx->ctx->lock);
             X509_free(x);
             sk_X509_pop_free(sk, X509_free);
             return NULL;
         }
     }
             X509_free(x);
             sk_X509_pop_free(sk, X509_free);
             return NULL;
         }
     }
-    CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+    CRYPTO_THREAD_unlock(ctx->ctx->lock);
     return sk;
 
 }
     return sk;
 
 }
@@ -528,10 +546,10 @@ STACK_OF(X509_CRL) *X509_STORE_get1_crls(X509_STORE_CTX *ctx, X509_NAME *nm)
         return NULL;
     }
     X509_OBJECT_free_contents(&xobj);
         return NULL;
     }
     X509_OBJECT_free_contents(&xobj);
-    CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
+    CRYPTO_THREAD_write_lock(ctx->ctx->lock);
     idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_CRL, nm, &cnt);
     if (idx < 0) {
     idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_CRL, nm, &cnt);
     if (idx < 0) {
-        CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+        CRYPTO_THREAD_unlock(ctx->ctx->lock);
         sk_X509_CRL_free(sk);
         return NULL;
     }
         sk_X509_CRL_free(sk);
         return NULL;
     }
@@ -541,13 +559,13 @@ STACK_OF(X509_CRL) *X509_STORE_get1_crls(X509_STORE_CTX *ctx, X509_NAME *nm)
         x = obj->data.crl;
         X509_CRL_up_ref(x);
         if (!sk_X509_CRL_push(sk, x)) {
         x = obj->data.crl;
         X509_CRL_up_ref(x);
         if (!sk_X509_CRL_push(sk, x)) {
-            CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+            CRYPTO_THREAD_unlock(ctx->ctx->lock);
             X509_CRL_free(x);
             sk_X509_CRL_pop_free(sk, X509_CRL_free);
             return NULL;
         }
     }
             X509_CRL_free(x);
             sk_X509_CRL_pop_free(sk, X509_CRL_free);
             return NULL;
         }
     }
-    CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+    CRYPTO_THREAD_unlock(ctx->ctx->lock);
     return sk;
 }
 
     return sk;
 }
 
@@ -621,7 +639,7 @@ int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
 
     /* Else find index of first cert accepted by 'check_issued' */
     ret = 0;
 
     /* Else find index of first cert accepted by 'check_issued' */
     ret = 0;
-    CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
+    CRYPTO_THREAD_write_lock(ctx->ctx->lock);
     idx = X509_OBJECT_idx_by_subject(ctx->ctx->objs, X509_LU_X509, xn);
     if (idx != -1) {            /* should be true as we've had at least one
                                  * match */
     idx = X509_OBJECT_idx_by_subject(ctx->ctx->objs, X509_LU_X509, xn);
     if (idx != -1) {            /* should be true as we've had at least one
                                  * match */
@@ -648,7 +666,7 @@ int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
             }
         }
     }
             }
         }
     }
-    CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+    CRYPTO_THREAD_unlock(ctx->ctx->lock);
     if (*issuer)
         X509_up_ref(*issuer);
     return ret;
     if (*issuer)
         X509_up_ref(*issuer);
     return ret;
diff --git a/crypto/x509/x509_set.c b/crypto/x509/x509_set.c
index 9330a544bda8d5e61d7dc78ff1664722fe5fd163..360ead87d3ff9533816a2fb5da956e6f0b9ccf10 100644 (file)
--- a/crypto/x509/x509_set.c
+++ b/crypto/x509/x509_set.c
@@ -148,7 +148,8 @@ int X509_set_pubkey(X509 *x, EVP_PKEY *pkey)
 
 void X509_up_ref(X509 *x)
 {
 
 void X509_up_ref(X509 *x)
 {
-    CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
+    int i;
+    CRYPTO_atomic_add(&x->references, 1, &i, x->lock);
 }
 
 long X509_get_version(X509 *x)
 }
 
 long X509_get_version(X509 *x)
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index ae07f37f36d27c2fcf0d72eb5280831fab516f26..e2b1b9654bc8f3d3a24d020bd5c722f42ec9ce87 100644 (file)
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -2160,8 +2160,9 @@ X509_STORE_CTX *X509_STORE_CTX_new(void)
 
 void X509_STORE_CTX_free(X509_STORE_CTX *ctx)
 {
 
 void X509_STORE_CTX_free(X509_STORE_CTX *ctx)
 {
-    if (!ctx)
+    if (ctx == NULL)
         return;
         return;
+
     X509_STORE_CTX_cleanup(ctx);
     OPENSSL_free(ctx);
 }
     X509_STORE_CTX_cleanup(ctx);
     OPENSSL_free(ctx);
 }
diff --git a/crypto/x509/x509cset.c b/crypto/x509/x509cset.c
index bc14374d0614e41c2489abdc8bbebf6eca5a4a68..ab5f192a15d77e12bb3bd6f0ac77d6333b6ec78f 100644 (file)
--- a/crypto/x509/x509cset.c
+++ b/crypto/x509/x509cset.c
@@ -134,7 +134,8 @@ int X509_CRL_sort(X509_CRL *c)
 
 void X509_CRL_up_ref(X509_CRL *crl)
 {
 
 void X509_CRL_up_ref(X509_CRL *crl)
 {
-    CRYPTO_add(&crl->references, 1, CRYPTO_LOCK_X509_CRL);
+    int i;
+    CRYPTO_atomic_add(&crl->references, 1, &i, crl->lock);
 }
 
 long X509_CRL_get_version(X509_CRL *crl)
 }
 
 long X509_CRL_get_version(X509_CRL *crl)
diff --git a/crypto/x509/x_crl.c b/crypto/x509/x_crl.c
index af4927109cd0c22fb69922e0a6d2ca1da261a27a..0be84057ab8e6fb644c75d2baf44d6d972996864 100644 (file)
--- a/crypto/x509/x_crl.c
+++ b/crypto/x509/x_crl.c
@@ -329,7 +329,7 @@ static void setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp)
     DIST_POINT_set_dpname(idp->distpoint, X509_CRL_get_issuer(crl));
 }
 
     DIST_POINT_set_dpname(idp->distpoint, X509_CRL_get_issuer(crl));
 }
 
-ASN1_SEQUENCE_ref(X509_CRL, crl_cb, CRYPTO_LOCK_X509_CRL) = {
+ASN1_SEQUENCE_ref(X509_CRL, crl_cb) = {
         ASN1_EMBED(X509_CRL, crl, X509_CRL_INFO),
         ASN1_EMBED(X509_CRL, sig_alg, X509_ALGOR),
         ASN1_EMBED(X509_CRL, signature, ASN1_BIT_STRING)
         ASN1_EMBED(X509_CRL, crl, X509_CRL_INFO),
         ASN1_EMBED(X509_CRL, sig_alg, X509_ALGOR),
         ASN1_EMBED(X509_CRL, signature, ASN1_BIT_STRING)
@@ -435,9 +435,9 @@ static int def_crl_lookup(X509_CRL *crl,
      * under a lock to avoid race condition.
      */
     if (!sk_X509_REVOKED_is_sorted(crl->crl.revoked)) {
      * under a lock to avoid race condition.
      */
     if (!sk_X509_REVOKED_is_sorted(crl->crl.revoked)) {
-        CRYPTO_w_lock(CRYPTO_LOCK_X509_CRL);
+        CRYPTO_THREAD_write_lock(crl->lock);
         sk_X509_REVOKED_sort(crl->crl.revoked);
         sk_X509_REVOKED_sort(crl->crl.revoked);
-        CRYPTO_w_unlock(CRYPTO_LOCK_X509_CRL);
+        CRYPTO_THREAD_unlock(crl->lock);
     }
     idx = sk_X509_REVOKED_find(crl->crl.revoked, &rtmp);
     if (idx < 0)
     }
     idx = sk_X509_REVOKED_find(crl->crl.revoked, &rtmp);
     if (idx < 0)
diff --git a/crypto/x509/x_req.c b/crypto/x509/x_req.c
index c1caf09c674bacef4192db59080ad92fab4be62e..2fdf0150038fe1b39f8915bbbfae4b75e7dc9289 100644 (file)
--- a/crypto/x509/x_req.c
+++ b/crypto/x509/x_req.c
@@ -105,7 +105,7 @@ ASN1_SEQUENCE_enc(X509_REQ_INFO, enc, rinf_cb) = {
 
 IMPLEMENT_ASN1_FUNCTIONS(X509_REQ_INFO)
 
 
 IMPLEMENT_ASN1_FUNCTIONS(X509_REQ_INFO)
 
-ASN1_SEQUENCE_ref(X509_REQ, 0, CRYPTO_LOCK_X509_REQ) = {
+ASN1_SEQUENCE_ref(X509_REQ, 0) = {
         ASN1_EMBED(X509_REQ, req_info, X509_REQ_INFO),
         ASN1_EMBED(X509_REQ, sig_alg, X509_ALGOR),
         ASN1_SIMPLE(X509_REQ, signature, ASN1_BIT_STRING)
         ASN1_EMBED(X509_REQ, req_info, X509_REQ_INFO),
         ASN1_EMBED(X509_REQ, sig_alg, X509_ALGOR),
         ASN1_SIMPLE(X509_REQ, signature, ASN1_BIT_STRING)
diff --git a/crypto/x509/x_x509.c b/crypto/x509/x_x509.c
index 09004ef604bcdcc8b275bb023a66f87b0ba9d9f0..34639555baae981ffc39ead5e9dd382670a39171 100644 (file)
--- a/crypto/x509/x_x509.c
+++ b/crypto/x509/x_x509.c
@@ -123,7 +123,7 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
 
 }
 
 
 }
 
-ASN1_SEQUENCE_ref(X509, x509_cb, CRYPTO_LOCK_X509) = {
+ASN1_SEQUENCE_ref(X509, x509_cb) = {
         ASN1_EMBED(X509, cert_info, X509_CINF),
         ASN1_EMBED(X509, sig_alg, X509_ALGOR),
         ASN1_EMBED(X509, signature, ASN1_BIT_STRING)
         ASN1_EMBED(X509, cert_info, X509_CINF),
         ASN1_EMBED(X509, sig_alg, X509_ALGOR),
         ASN1_EMBED(X509, signature, ASN1_BIT_STRING)
diff --git a/crypto/x509v3/pcy_cache.c b/crypto/x509v3/pcy_cache.c
index 64fe3bc598b245f7f8cd0378e261c9193ee10f2b..bdce5a83bbd57ad7f7dc40d98d90612131287f91 100644 (file)
--- a/crypto/x509v3/pcy_cache.c
+++ b/crypto/x509v3/pcy_cache.c
@@ -224,9 +224,9 @@ const X509_POLICY_CACHE *policy_cache_set(X509 *x)
 {
 
     if (x->policy_cache == NULL) {
 {
 
     if (x->policy_cache == NULL) {
-        CRYPTO_w_lock(CRYPTO_LOCK_X509);
+        CRYPTO_THREAD_write_lock(x->lock);
         policy_cache_new(x);
         policy_cache_new(x);
-        CRYPTO_w_unlock(CRYPTO_LOCK_X509);
+        CRYPTO_THREAD_unlock(x->lock);
     }
 
     return x->policy_cache;
     }
 
     return x->policy_cache;
diff --git a/crypto/x509v3/v3_purp.c b/crypto/x509v3/v3_purp.c
index e5231b3231518c9048591de1deab2a7162124122..ae82fd181cd0245ac7dd2c60b79ef87e6034ab6d 100644 (file)
--- a/crypto/x509v3/v3_purp.c
+++ b/crypto/x509v3/v3_purp.c
@@ -128,9 +128,9 @@ int X509_check_purpose(X509 *x, int id, int ca)
     int idx;
     const X509_PURPOSE *pt;
     if (!(x->ex_flags & EXFLAG_SET)) {
     int idx;
     const X509_PURPOSE *pt;
     if (!(x->ex_flags & EXFLAG_SET)) {
-        CRYPTO_w_lock(CRYPTO_LOCK_X509);
+        CRYPTO_THREAD_write_lock(x->lock);
         x509v3_cache_extensions(x);
         x509v3_cache_extensions(x);
-        CRYPTO_w_unlock(CRYPTO_LOCK_X509);
+        CRYPTO_THREAD_unlock(x->lock);
     }
     /* Return if side-effect only call */
     if (id == -1)
     }
     /* Return if side-effect only call */
     if (id == -1)
@@ -576,9 +576,9 @@ static int check_ca(const X509 *x)
 int X509_check_ca(X509 *x)
 {
     if (!(x->ex_flags & EXFLAG_SET)) {
 int X509_check_ca(X509 *x)
 {
     if (!(x->ex_flags & EXFLAG_SET)) {
-        CRYPTO_w_lock(CRYPTO_LOCK_X509);
+        CRYPTO_THREAD_write_lock(x->lock);
         x509v3_cache_extensions(x);
         x509v3_cache_extensions(x);
-        CRYPTO_w_unlock(CRYPTO_LOCK_X509);
+        CRYPTO_THREAD_unlock(x->lock);
     }
 
     return check_ca(x);
     }
 
     return check_ca(x);
diff --git a/doc/crypto/X509_STORE_new.pod b/doc/crypto/X509_STORE_new.pod
new file mode 100644 (file)
index 0000000..37cabb5
--- /dev/null
+++ b/doc/crypto/X509_STORE_new.pod
@@ -0,0 +1,36 @@
+=pod
+
+=head1 NAME
+
+X509_STORE_new, X509_STORE_up_ref, X509_STORE_free - X509_STORE allocation and freeing functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509_vfy.h>
+
+ X509_STORE *X509_STORE_new(void);
+ void X509_STORE_free(X509_STORE *v);
+ int X509_STORE_up_ref(X509_STORE *v);
+
+=head1 DESCRIPTION
+
+The X509_STORE_new() function returns a new X509_STORE.
+
+X509_STORE_up_ref() increments the reference count associated with the
+X509_STORE object.
+
+X509_STORE_free() frees up a single X509_STORE object.
+
+=head1 RETURN VALUES
+
+X509_STORE_new() returns a newly created X509_STORE or NULL if the call fails.
+
+X509_STORE_up_ref() returns 1 for success and 0 for failure.
+
+X509_STORE_free() does not return values.
+
+=head1 SEE ALSO
+
+L<X509_STORE_set_verify_cb_func(3)>
+
+=cut
diff --git a/include/openssl/asn1t.h b/include/openssl/asn1t.h
index 1a17ee95fb91140f2ad1aef73496463af458539b..455efffbab3b142985138fc281f1e2f121de37bc 100644 (file)
--- a/include/openssl/asn1t.h
+++ b/include/openssl/asn1t.h
@@ -207,8 +207,8 @@ extern "C" {
         static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_BROKEN, 0, 0, 0, 0}; \
         ASN1_SEQUENCE(tname)
 
         static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_BROKEN, 0, 0, 0, 0}; \
         ASN1_SEQUENCE(tname)
 
-# define ASN1_SEQUENCE_ref(tname, cb, lck) \
-        static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), lck, cb, 0}; \
+# define ASN1_SEQUENCE_ref(tname, cb) \
+        static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), offsetof(tname, lock), cb, 0}; \
         ASN1_SEQUENCE(tname)
 
 # define ASN1_SEQUENCE_enc(tname, enc, cb) \
         ASN1_SEQUENCE(tname)
 
 # define ASN1_SEQUENCE_enc(tname, enc, cb) \
diff --git a/include/openssl/crypto.h b/include/openssl/crypto.h
index ca3eb3c298fb8d4f50a90a70c089cef5b9927fa4..41eac25a094e7c2abbcd4dfb9cce07b763e5b3e3 100644 (file)
--- a/include/openssl/crypto.h
+++ b/include/openssl/crypto.h
@@ -165,11 +165,6 @@ extern "C" {
  * names in cryptlib.c
  */
 
  * names in cryptlib.c
  */
 
-# define CRYPTO_LOCK_X509                3
-# define CRYPTO_LOCK_X509_INFO           4
-# define CRYPTO_LOCK_X509_PKEY           5
-# define CRYPTO_LOCK_X509_CRL            6
-# define CRYPTO_LOCK_X509_REQ            7
 # define CRYPTO_LOCK_X509_STORE          11
 # define CRYPTO_LOCK_SSL_CTX             12
 # define CRYPTO_LOCK_SSL_CERT            13
 # define CRYPTO_LOCK_X509_STORE          11
 # define CRYPTO_LOCK_SSL_CTX             12
 # define CRYPTO_LOCK_SSL_CERT            13
diff --git a/include/openssl/x509.h b/include/openssl/x509.h
index 294ab83b0ec78724687ff475c7b9345d691bffaf..fe60dc82a276f11ecb0c90a33e7149b9249103a4 100644 (file)
--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h
@@ -312,6 +312,7 @@ typedef struct private_key_st {
     /* expanded version of 'enc_algor' */
     EVP_CIPHER_INFO cipher;
     int references;
     /* expanded version of 'enc_algor' */
     EVP_CIPHER_INFO cipher;
     int references;
+    CRYPTO_RWLOCK *lock;
 } X509_PKEY;
 
 typedef struct X509_info_st {
 } X509_PKEY;
 
 typedef struct X509_info_st {
@@ -322,6 +323,7 @@ typedef struct X509_info_st {
     int enc_len;
     char *enc_data;
     int references;
     int enc_len;
     char *enc_data;
     int references;
+    CRYPTO_RWLOCK *lock;
 } X509_INFO;
 
 DEFINE_STACK_OF(X509_INFO)
 } X509_INFO;
 
 DEFINE_STACK_OF(X509_INFO)
diff --git a/include/openssl/x509_vfy.h b/include/openssl/x509_vfy.h
index f2bd0736b94f3172216ed567f0749d628224cbd9..e883349d3481722c41c1b353049e311015333bd3 100644 (file)
--- a/include/openssl/x509_vfy.h
+++ b/include/openssl/x509_vfy.h
@@ -179,6 +179,7 @@ struct x509_store_st {
     int (*cleanup) (X509_STORE_CTX *ctx);
     CRYPTO_EX_DATA ex_data;
     int references;
     int (*cleanup) (X509_STORE_CTX *ctx);
     CRYPTO_EX_DATA ex_data;
     int references;
+    CRYPTO_RWLOCK *lock;
 } /* X509_STORE */ ;
 
 int X509_STORE_set_depth(X509_STORE *store, int depth);
 } /* X509_STORE */ ;
 
 int X509_STORE_set_depth(X509_STORE *store, int depth);
@@ -430,6 +431,7 @@ void X509_OBJECT_up_ref_count(X509_OBJECT *a);
 void X509_OBJECT_free_contents(X509_OBJECT *a);
 X509_STORE *X509_STORE_new(void);
 void X509_STORE_free(X509_STORE *v);
 void X509_OBJECT_free_contents(X509_OBJECT *a);
 X509_STORE *X509_STORE_new(void);
 void X509_STORE_free(X509_STORE *v);
+int X509_STORE_up_ref(X509_STORE *v);
 
 STACK_OF(X509) *X509_STORE_get1_certs(X509_STORE_CTX *st, X509_NAME *nm);
 STACK_OF(X509_CRL) *X509_STORE_get1_crls(X509_STORE_CTX *st, X509_NAME *nm);
 
 STACK_OF(X509) *X509_STORE_get1_certs(X509_STORE_CTX *st, X509_NAME *nm);
 STACK_OF(X509_CRL) *X509_STORE_get1_crls(X509_STORE_CTX *st, X509_NAME *nm);
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index faa7a95dddfdb31dbf2cb18ed6c8cf8bb58a6392..e8044125eba13d0a2b907d1c12fd2a00917bbfe1 100644 (file)
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -273,13 +273,12 @@ CERT *ssl_cert_dup(CERT *cert)
     ret->cert_cb_arg = cert->cert_cb_arg;
 
     if (cert->verify_store) {
     ret->cert_cb_arg = cert->cert_cb_arg;
 
     if (cert->verify_store) {
-        CRYPTO_add(&cert->verify_store->references, 1,
-                   CRYPTO_LOCK_X509_STORE);
+        X509_STORE_up_ref(cert->verify_store);
         ret->verify_store = cert->verify_store;
     }
 
     if (cert->chain_store) {
         ret->verify_store = cert->verify_store;
     }
 
     if (cert->chain_store) {
-        CRYPTO_add(&cert->chain_store->references, 1, CRYPTO_LOCK_X509_STORE);
+        X509_STORE_up_ref(cert->chain_store);
         ret->chain_store = cert->chain_store;
     }
 
         ret->chain_store = cert->chain_store;
     }
 
@@ -1056,7 +1055,7 @@ int ssl_cert_set_cert_store(CERT *c, X509_STORE *store, int chain, int ref)
     X509_STORE_free(*pstore);
     *pstore = store;
     if (ref && store)
     X509_STORE_free(*pstore);
     *pstore = store;
     if (ref && store)
-        CRYPTO_add(&store->references, 1, CRYPTO_LOCK_X509_STORE);
+        X509_STORE_up_ref(store);
     return 1;
 }
 
     return 1;
 }
 
Unnamed repository; edit this file 'description' to name the repository.