git.openssl.org Git - openssl.git/commit

author	Matt Caswell <matt@openssl.org>
	Fri, 8 Jan 2021 13:48:13 +0000 (13:48 +0000)
committer	Matt Caswell <matt@openssl.org>
	Thu, 14 Jan 2021 17:30:46 +0000 (17:30 +0000)
commit	f5a50c2a07e288187c14b784be253b3a2a23483b
tree	71ab229bb6194a7dde63dcf5fa904f5bef005158	tree \| snapshot
parent	2c40421440d260ddb97a807b064033f61ae3b2b3	commit \| diff

Enable locking on the primary DRBG when we create it

The primary DRBG may be shared across multiple threads and therefore
we must use locking to access it. Previously we were enabling that locking
lazily when we attempted to obtain one of the child DRBGs. Part of the
process of enabling the lock, is to create the lock. But if we create the
lock lazily then it is too late - we may race with other threads where each
thread is independently attempting to enable the locking. This results
in multiple locks being created - only one of which "sticks" and the rest
are leaked.

Instead we enable locking on the primary when we first create it. This is
already locked and therefore we cannot race.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13660)

crypto/err/openssl.txt		diff \| blob \| history
crypto/evp/evp_err.c		diff \| blob \| history
crypto/evp/evp_rand.c		diff \| blob \| history
crypto/rand/rand_lib.c		diff \| blob \| history
doc/man3/EVP_RAND.pod		diff \| blob \| history
include/openssl/evperr.h		diff \| blob \| history