Include support for an add_lock callback to tiny FIPS locking API.
authorDr. Stephen Henson <steve@openssl.org>
Mon, 14 Feb 2011 17:05:42 +0000 (17:05 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Mon, 14 Feb 2011 17:05:42 +0000 (17:05 +0000)
crypto/lock.c
fips/fips.h
fips/utl/fips_lck.c
util/libeay.num

index bbce52a..6f6681d 100644 (file)
@@ -384,7 +384,7 @@ void CRYPTO_set_dynlock_lock_callback(void (*func)(int mode,
        struct CRYPTO_dynlock_value *l, const char *file, int line))
        {
 #ifdef OPENSSL_FIPS
-       FIPS_set_locking_callback(CRYPTO_lock);
+       FIPS_set_locking_callbacks(CRYPTO_lock, CRYPTO_add_lock);
 #endif
        dynlock_lock_callback=func;
        }
@@ -412,7 +412,7 @@ void CRYPTO_set_locking_callback(void (*func)(int mode,int type,
                                              const char *file,int line))
        {
 #ifdef OPENSSL_FIPS
-       FIPS_set_locking_callback(CRYPTO_lock);
+       FIPS_set_locking_callbacks(CRYPTO_lock, CRYPTO_add_lock);
 #endif
        locking_callback=func;
        }
index facdbc7..97fab1d 100644 (file)
@@ -109,14 +109,17 @@ int fips_cipher_test(struct evp_cipher_ctx_st *ctx,
 void fips_set_selftest_fail(void);
 int fips_check_rsa(struct rsa_st *rsa);
 
-void FIPS_set_locking_callback(void (*func)(int mode, int type,
-                               const char *file,int line));
+void FIPS_set_locking_callbacks(void (*func)(int mode, int type,
+                               const char *file,int line),
+                               int (*add_cb)(int *pointer, int amount,
+                                       int type, const char *file, int line));
 
 /* Where necessary redirect standard OpenSSL APIs to FIPS versions */
 
 #if defined(OPENSSL_FIPSCANISTER) && defined(OPENSSL_FIPSAPI)
 
 #define CRYPTO_lock FIPS_lock
+#define CRYPTO_add_lock FIPS_add_lock
 #define CRYPTO_malloc FIPS_malloc
 #define CRYPTO_free FIPS_free
 
index 32a4443..7cb10bc 100644 (file)
@@ -59,6 +59,8 @@
 /* FIPS locking callbacks */
 
 static void (*fips_lck_cb)(int mode, int type,const char *file,int line) = 0;
+static int (*fips_add_cb)(int *pointer, int amount, int type, const char *file,
+            int line);
 
 void FIPS_lock(int mode, int type,const char *file,int line)
        {
@@ -66,8 +68,20 @@ void FIPS_lock(int mode, int type,const char *file,int line)
                fips_lck_cb(mode, type, file, line);
        }
 
-void FIPS_set_locking_callback (void (*func)(int mode, int type,
-                               const char *file,int line))
+void FIPS_set_locking_callbacks(void (*func)(int mode, int type,
+                               const char *file,int line),
+                               int (*add_cb)(int *pointer, int amount,
+                                       int type, const char *file, int line))
        {
        fips_lck_cb = func;
+       fips_add_cb = add_cb;
+       }
+
+int FIPS_add_lock(int *pointer, int amount, int type, const char *file,
+            int line)
+       {
+       if (fips_add_cb)
+               return fips_add_cb(pointer, amount, type, file, line);
+       *pointer += amount;
+       return *pointer;
        }
index 1aa599f..531b50f 100755 (executable)
@@ -4251,7 +4251,7 @@ ASN1_SCTX_new                           4621      EXIST::FUNCTION:
 EC_GFp_nistp224_method                  4622   EXIST:!WIN32:FUNCTION:EC
 FIPS_rsa_verify_ctx                     4623   EXIST:OPENSSL_FIPS:FUNCTION:RSA
 FIPS_selftest                           4624   EXIST:OPENSSL_FIPS:FUNCTION:
-FIPS_set_locking_callback               4625   EXIST:OPENSSL_FIPS:FUNCTION:
+FIPS_set_locking_callbacks              4625   EXIST:OPENSSL_FIPS:FUNCTION:
 fips_set_selftest_fail                  4626   EXIST:OPENSSL_FIPS:FUNCTION:
 fips_check_rsa                          4627   EXIST:OPENSSL_FIPS:FUNCTION:
 FIPS_check_incore_fingerprint           4628   EXIST:OPENSSL_FIPS:FUNCTION: