diff options
author | Matt Caswell <matt@openssl.org> | 2021-02-19 17:03:43 +0000 |
---|---|---|
committer | Pauli <ppzgs1@gmail.com> | 2021-02-25 08:37:22 +1000 |
commit | d84f5515faf3fe00ed5eeca7e7b8b041be863e90 (patch) | |
tree | b2e8245e0a152f16b5bb2c5260e47781a6261c9d | |
parent | 6be27456e1346121b1fed797e92353733b59e16e (diff) |
Don't hold a lock when calling a callback in ossl_namemap_doall_names
We don't want to hold a read lock when calling a user supplied callback.
That callback could do anything so the risk of a deadlock is high.
Instead we collect all the names first inside the read lock, and then
subsequently call the user callback outside the read lock.
Fixes #14225
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14250)
42 files changed, 445 insertions, 323 deletions
diff --git a/apps/list.c b/apps/list.c index 72c4205e9a..e16e2bf7bc 100644 --- a/apps/list.c +++ b/apps/list.c @@ -91,22 +91,23 @@ static void list_ciphers(void) continue; names = sk_OPENSSL_CSTRING_new(name_cmp); - EVP_CIPHER_names_do_all(c, collect_names, names); - BIO_printf(bio_out, " "); - print_names(bio_out, names); - sk_OPENSSL_CSTRING_free(names); - - BIO_printf(bio_out, " @ %s\n", - OSSL_PROVIDER_name(EVP_CIPHER_provider(c))); - - if (verbose) { - print_param_types("retrievable algorithm parameters", - EVP_CIPHER_gettable_params(c), 4); - print_param_types("retrievable operation parameters", - EVP_CIPHER_gettable_ctx_params(c), 4); - print_param_types("settable operation parameters", - EVP_CIPHER_settable_ctx_params(c), 4); + if (names != NULL && EVP_CIPHER_names_do_all(c, collect_names, names)) { + BIO_printf(bio_out, " "); + print_names(bio_out, names); + + BIO_printf(bio_out, " @ %s\n", + OSSL_PROVIDER_name(EVP_CIPHER_provider(c))); + + if (verbose) { + print_param_types("retrievable algorithm parameters", + EVP_CIPHER_gettable_params(c), 4); + print_param_types("retrievable operation parameters", + EVP_CIPHER_gettable_ctx_params(c), 4); + print_param_types("settable operation parameters", + EVP_CIPHER_settable_ctx_params(c), 4); + } } + sk_OPENSSL_CSTRING_free(names); } sk_EVP_CIPHER_pop_free(ciphers, EVP_CIPHER_free); } @@ -168,21 +169,22 @@ static void list_digests(void) continue; names = sk_OPENSSL_CSTRING_new(name_cmp); - EVP_MD_names_do_all(m, collect_names, names); - BIO_printf(bio_out, " "); - print_names(bio_out, names); - sk_OPENSSL_CSTRING_free(names); - - BIO_printf(bio_out, " @ %s\n", OSSL_PROVIDER_name(EVP_MD_provider(m))); - - if (verbose) { - print_param_types("retrievable algorithm parameters", - EVP_MD_gettable_params(m), 4); - print_param_types("retrievable operation parameters", - EVP_MD_gettable_ctx_params(m), 4); - print_param_types("settable operation parameters", - EVP_MD_settable_ctx_params(m), 4); + if (names != NULL && EVP_MD_names_do_all(m, collect_names, names)) { + BIO_printf(bio_out, " "); + print_names(bio_out, names); + + BIO_printf(bio_out, " @ %s\n", OSSL_PROVIDER_name(EVP_MD_provider(m))); + + if (verbose) { + print_param_types("retrievable algorithm parameters", + EVP_MD_gettable_params(m), 4); + print_param_types("retrievable operation parameters", + EVP_MD_gettable_ctx_params(m), 4); + print_param_types("settable operation parameters", + EVP_MD_settable_ctx_params(m), 4); + } } + sk_OPENSSL_CSTRING_free(names); } sk_EVP_MD_pop_free(digests, EVP_MD_free); } @@ -227,21 +229,22 @@ static void list_macs(void) continue; names = sk_OPENSSL_CSTRING_new(name_cmp); - EVP_MAC_names_do_all(m, collect_names, names); - BIO_printf(bio_out, " "); - print_names(bio_out, names); - sk_OPENSSL_CSTRING_free(names); - - BIO_printf(bio_out, " @ %s\n", OSSL_PROVIDER_name(EVP_MAC_provider(m))); - - if (verbose) { - print_param_types("retrievable algorithm parameters", - EVP_MAC_gettable_params(m), 4); - print_param_types("retrievable operation parameters", - EVP_MAC_gettable_ctx_params(m), 4); - print_param_types("settable operation parameters", - EVP_MAC_settable_ctx_params(m), 4); + if (names != NULL && EVP_MAC_names_do_all(m, collect_names, names)) { + BIO_printf(bio_out, " "); + print_names(bio_out, names); + + BIO_printf(bio_out, " @ %s\n", OSSL_PROVIDER_name(EVP_MAC_provider(m))); + + if (verbose) { + print_param_types("retrievable algorithm parameters", + EVP_MAC_gettable_params(m), 4); + print_param_types("retrievable operation parameters", + EVP_MAC_gettable_ctx_params(m), 4); + print_param_types("settable operation parameters", + EVP_MAC_settable_ctx_params(m), 4); + } } + sk_OPENSSL_CSTRING_free(names); } sk_EVP_MAC_pop_free(macs, EVP_MAC_free); } @@ -289,21 +292,22 @@ static void list_kdfs(void) continue; names = sk_OPENSSL_CSTRING_new(name_cmp); - EVP_KDF_names_do_all(k, collect_names, names); - BIO_printf(bio_out, " "); - print_names(bio_out, names); - sk_OPENSSL_CSTRING_free(names); - - BIO_printf(bio_out, " @ %s\n", OSSL_PROVIDER_name(EVP_KDF_provider(k))); - - if (verbose) { - print_param_types("retrievable algorithm parameters", - EVP_KDF_gettable_params(k), 4); - print_param_types("retrievable operation parameters", - EVP_KDF_gettable_ctx_params(k), 4); - print_param_types("settable operation parameters", - EVP_KDF_settable_ctx_params(k), 4); + if (names != NULL && EVP_KDF_names_do_all(k, collect_names, names)) { + BIO_printf(bio_out, " "); + print_names(bio_out, names); + + BIO_printf(bio_out, " @ %s\n", OSSL_PROVIDER_name(EVP_KDF_provider(k))); + + if (verbose) { + print_param_types("retrievable algorithm parameters", + EVP_KDF_gettable_params(k), 4); + print_param_types("retrievable operation parameters", + EVP_KDF_gettable_ctx_params(k), 4); + print_param_types("settable operation parameters", + EVP_KDF_settable_ctx_params(k), 4); + } } + sk_OPENSSL_CSTRING_free(names); } sk_EVP_KDF_pop_free(kdfs, EVP_KDF_free); } @@ -478,19 +482,20 @@ static void list_encoders(void) continue; names = sk_OPENSSL_CSTRING_new(name_cmp); - OSSL_ENCODER_names_do_all(k, collect_names, names); - BIO_printf(bio_out, " "); - print_names(bio_out, names); - sk_OPENSSL_CSTRING_free(names); + if (names != NULL && OSSL_ENCODER_names_do_all(k, collect_names, names)) { + BIO_printf(bio_out, " "); + print_names(bio_out, names); - BIO_printf(bio_out, " @ %s (%s)\n", - OSSL_PROVIDER_name(OSSL_ENCODER_provider(k)), - OSSL_ENCODER_properties(k)); + BIO_printf(bio_out, " @ %s (%s)\n", + OSSL_PROVIDER_name(OSSL_ENCODER_provider(k)), + OSSL_ENCODER_properties(k)); - if (verbose) { - print_param_types("settable operation parameters", - OSSL_ENCODER_settable_ctx_params(k), 4); + if (verbose) { + print_param_types("settable operation parameters", + OSSL_ENCODER_settable_ctx_params(k), 4); + } } + sk_OPENSSL_CSTRING_free(names); } sk_OSSL_ENCODER_pop_free(encoders, OSSL_ENCODER_free); } @@ -541,19 +546,20 @@ static void list_decoders(void) continue; names = sk_OPENSSL_CSTRING_new(name_cmp); - OSSL_DECODER_names_do_all(k, collect_names, names); - BIO_printf(bio_out, " "); - print_names(bio_out, names); - sk_OPENSSL_CSTRING_free(names); + if (names != NULL && OSSL_DECODER_names_do_all(k, collect_names, names)) { + BIO_printf(bio_out, " "); + print_names(bio_out, names); - BIO_printf(bio_out, " @ %s (%s)\n", - OSSL_PROVIDER_name(OSSL_DECODER_provider(k)), - OSSL_DECODER_properties(k)); + BIO_printf(bio_out, " @ %s (%s)\n", + OSSL_PROVIDER_name(OSSL_DECODER_provider(k)), + OSSL_DECODER_properties(k)); - if (verbose) { - print_param_types("settable operation parameters", - OSSL_DECODER_settable_ctx_params(k), 4); + if (verbose) { + print_param_types("settable operation parameters", + OSSL_DECODER_settable_ctx_params(k), 4); + } } + sk_OPENSSL_CSTRING_free(names); } sk_OSSL_DECODER_pop_free(decoders, OSSL_DECODER_free); } @@ -594,22 +600,23 @@ static void list_keymanagers(void) continue; names = sk_OPENSSL_CSTRING_new(name_cmp); - EVP_KEYMGMT_names_do_all(k, collect_names, names); - BIO_printf(bio_out, " "); - print_names(bio_out, names); - sk_OPENSSL_CSTRING_free(names); - - BIO_printf(bio_out, " @ %s\n", - OSSL_PROVIDER_name(EVP_KEYMGMT_provider(k))); - - if (verbose) { - print_param_types("settable key generation parameters", - EVP_KEYMGMT_gen_settable_params(k), 4); - print_param_types("settable operation parameters", - EVP_KEYMGMT_settable_params(k), 4); - print_param_types("retrievable operation parameters", - EVP_KEYMGMT_gettable_params(k), 4); + if (names != NULL && EVP_KEYMGMT_names_do_all(k, collect_names, names)) { + BIO_printf(bio_out, " "); + print_names(bio_out, names); + + BIO_printf(bio_out, " @ %s\n", + OSSL_PROVIDER_name(EVP_KEYMGMT_provider(k))); + + if (verbose) { + print_param_types("settable key generation parameters", + EVP_KEYMGMT_gen_settable_params(k), 4); + print_param_types("settable operation parameters", + EVP_KEYMGMT_settable_params(k), 4); + print_param_types("retrievable operation parameters", + EVP_KEYMGMT_gettable_params(k), 4); + } } + sk_OPENSSL_CSTRING_free(names); } sk_EVP_KEYMGMT_pop_free(km_stack, EVP_KEYMGMT_free); } @@ -650,21 +657,22 @@ static void list_signatures(void) continue; names = sk_OPENSSL_CSTRING_new(name_cmp); - EVP_SIGNATURE_names_do_all(k, collect_names, names); - count++; - BIO_printf(bio_out, " "); - print_names(bio_out, names); - sk_OPENSSL_CSTRING_free(names); - - BIO_printf(bio_out, " @ %s\n", - OSSL_PROVIDER_name(EVP_SIGNATURE_provider(k))); - - if (verbose) { - print_param_types("settable operation parameters", - EVP_SIGNATURE_settable_ctx_params(k), 4); - print_param_types("retrievable operation parameters", - EVP_SIGNATURE_gettable_ctx_params(k), 4); + if (names != NULL && EVP_SIGNATURE_names_do_all(k, collect_names, names)) { + count++; + BIO_printf(bio_out, " "); + print_names(bio_out, names); + + BIO_printf(bio_out, " @ %s\n", + OSSL_PROVIDER_name(EVP_SIGNATURE_provider(k))); + + if (verbose) { + print_param_types("settable operation parameters", + EVP_SIGNATURE_settable_ctx_params(k), 4); + print_param_types("retrievable operation parameters", + EVP_SIGNATURE_gettable_ctx_params(k), 4); + } } + sk_OPENSSL_CSTRING_free(names); } sk_EVP_SIGNATURE_pop_free(sig_stack, EVP_SIGNATURE_free); if (count == 0) @@ -707,20 +715,21 @@ static void list_kems(void) continue; names = sk_OPENSSL_CSTRING_new(name_cmp); - EVP_KEM_names_do_all(k, collect_names, names); - count++; - BIO_printf(bio_out, " "); - print_names(bio_out, names); - sk_OPENSSL_CSTRING_free(names); - - BIO_printf(bio_out, " @ %s\n", OSSL_PROVIDER_name(EVP_KEM_provider(k))); - - if (verbose) { - print_param_types("settable operation parameters", - EVP_KEM_settable_ctx_params(k), 4); - print_param_types("retrievable operation parameters", - EVP_KEM_gettable_ctx_params(k), 4); + if (names != NULL && EVP_KEM_names_do_all(k, collect_names, names)) { + count++; + BIO_printf(bio_out, " "); + print_names(bio_out, names); + + BIO_printf(bio_out, " @ %s\n", OSSL_PROVIDER_name(EVP_KEM_provider(k))); + + if (verbose) { + print_param_types("settable operation parameters", + EVP_KEM_settable_ctx_params(k), 4); + print_param_types("retrievable operation parameters", + EVP_KEM_gettable_ctx_params(k), 4); + } } + sk_OPENSSL_CSTRING_free(names); } sk_EVP_KEM_pop_free(kem_stack, EVP_KEM_free); if (count == 0) @@ -764,21 +773,23 @@ static void list_asymciphers(void) continue; names = sk_OPENSSL_CSTRING_new(name_cmp); - EVP_ASYM_CIPHER_names_do_all(k, collect_names, names); - count++; - BIO_printf(bio_out, " "); - print_names(bio_out, names); - sk_OPENSSL_CSTRING_free(names); - - BIO_printf(bio_out, " @ %s\n", - OSSL_PROVIDER_name(EVP_ASYM_CIPHER_provider(k))); - - if (verbose) { - print_param_types("settable operation parameters", - EVP_ASYM_CIPHER_settable_ctx_params(k), 4); - print_param_types("retrievable operation parameters", - EVP_ASYM_CIPHER_gettable_ctx_params(k), 4); + if (names != NULL + && EVP_ASYM_CIPHER_names_do_all(k, collect_names, names)) { + count++; + BIO_printf(bio_out, " "); + print_names(bio_out, names); + + BIO_printf(bio_out, " @ %s\n", + OSSL_PROVIDER_name(EVP_ASYM_CIPHER_provider(k))); + + if (verbose) { + print_param_types("settable operation parameters", + EVP_ASYM_CIPHER_settable_ctx_params(k), 4); + print_param_types("retrievable operation parameters", + EVP_ASYM_CIPHER_gettable_ctx_params(k), 4); + } } + sk_OPENSSL_CSTRING_free(names); } sk_EVP_ASYM_CIPHER_pop_free(asymciph_stack, EVP_ASYM_CIPHER_free); if (count == 0) @@ -821,21 +832,22 @@ static void list_keyexchanges(void) continue; names = sk_OPENSSL_CSTRING_new(name_cmp); - EVP_KEYEXCH_names_do_all(k, collect_names, names); - count++; - BIO_printf(bio_out, " "); - print_names(bio_out, names); - sk_OPENSSL_CSTRING_free(names); - - BIO_printf(bio_out, " @ %s\n", - OSSL_PROVIDER_name(EVP_KEYEXCH_provider(k))); - - if (verbose) { - print_param_types("settable operation parameters", - EVP_KEYEXCH_settable_ctx_params(k), 4); - print_param_types("retrievable operation parameters", - EVP_KEYEXCH_gettable_ctx_params(k), 4); + if (names != NULL && EVP_KEYEXCH_names_do_all(k, collect_names, names)) { + count++; + BIO_printf(bio_out, " "); + print_names(bio_out, names); + + BIO_printf(bio_out, " @ %s\n", + OSSL_PROVIDER_name(EVP_KEYEXCH_provider(k))); + + if (verbose) { + print_param_types("settable operation parameters", + EVP_KEYEXCH_settable_ctx_params(k), 4); + print_param_types("retrievable operation parameters", + EVP_KEYEXCH_gettable_ctx_params(k), 4); + } } + sk_OPENSSL_CSTRING_free(names); } sk_EVP_KEYEXCH_pop_free(kex_stack, EVP_KEYEXCH_free); if (count == 0) diff --git a/crypto/core_namemap.c b/crypto/core_namemap.c index 0cde909fc4..a81c2dec96 100644 --- a/crypto/core_namemap.c +++ b/crypto/core_namemap.c @@ -116,31 +116,60 @@ int ossl_namemap_empty(OSSL_NAMEMAP *namemap) typedef struct doall_names_data_st { int number; - void (*fn)(const char *name, void *data); - void *data; + const char **names; + int found; } DOALL_NAMES_DATA; static void do_name(const NAMENUM_ENTRY *namenum, DOALL_NAMES_DATA *data) { if (namenum->number == data->number) - data->fn(namenum->name, data->data); + data->names[data->found++] = namenum->name; } IMPLEMENT_LHASH_DOALL_ARG_CONST(NAMENUM_ENTRY, DOALL_NAMES_DATA); -void ossl_namemap_doall_names(const OSSL_NAMEMAP *namemap, int number, - void (*fn)(const char *name, void *data), - void *data) +/* + * Call the callback for all names in the namemap with the given number. + * A return value 1 means that the callback was called for all names. A + * return value of 0 means that the callback was not called for any names. + */ +int ossl_namemap_doall_names(const OSSL_NAMEMAP *namemap, int number, + void (*fn)(const char *name, void *data), + void *data) { DOALL_NAMES_DATA cbdata; + size_t num_names; + int i; cbdata.number = number; - cbdata.fn = fn; - cbdata.data = data; + cbdata.found = 0; + + /* + * We collect all the names first under a read lock. Subsequently we call + * the user function, so that we're not holding the read lock when in user + * code. This could lead to deadlocks. + */ CRYPTO_THREAD_read_lock(namemap->lock); + num_names = lh_NAMENUM_ENTRY_num_items(namemap->namenum); + + if (num_names == 0) { + CRYPTO_THREAD_unlock(namemap->lock); + return 0; + } + cbdata.names = OPENSSL_malloc(sizeof(*cbdata.names) * num_names); + if (cbdata.names == NULL) { + CRYPTO_THREAD_unlock(namemap->lock); + return 0; + } lh_NAMENUM_ENTRY_doall_DOALL_NAMES_DATA(namemap->namenum, do_name, &cbdata); CRYPTO_THREAD_unlock(namemap->lock); + + for (i = 0; i < cbdata.found; i++) + fn(cbdata.names[i], data); + + OPENSSL_free(cbdata.names); + return 1; } static int namemap_name2num_n(const OSSL_NAMEMAP *namemap, @@ -207,7 +236,8 @@ const char *ossl_namemap_num2name(const OSSL_NAMEMAP *namemap, int number, data.idx = idx; data.name = NULL; - ossl_namemap_doall_names(namemap, number, do_num2name, &data); + if (!ossl_namemap_doall_names(namemap, number, do_num2name, &data)) + return NULL; return data.name; } diff --git a/crypto/encode_decode/decoder_meth.c b/crypto/encode_decode/decoder_meth.c index 2f2f401b8c..6baf5836e8 100644 --- a/crypto/encode_decode/decoder_meth.c +++ b/crypto/encode_decode/decoder_meth.c @@ -473,19 +473,21 @@ void OSSL_DECODER_do_all_provided(OSSL_LIB_CTX *libctx, &data); } -void OSSL_DECODER_names_do_all(const OSSL_DECODER *decoder, - void (*fn)(const char *name, void *data), - void *data) +int OSSL_DECODER_names_do_all(const OSSL_DECODER *decoder, + void (*fn)(const char *name, void *data), + void *data) { if (decoder == NULL) - return; + return 0; if (decoder->base.prov != NULL) { OSSL_LIB_CTX *libctx = ossl_provider_libctx(decoder->base.prov); OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx); - ossl_namemap_doall_names(namemap, decoder->base.id, fn, data); + return ossl_namemap_doall_names(namemap, decoder->base.id, fn, data); } + + return 1; } const OSSL_PARAM * diff --git a/crypto/encode_decode/decoder_pkey.c b/crypto/encode_decode/decoder_pkey.c index ca9c507582..0fff6823bd 100644 --- a/crypto/encode_decode/decoder_pkey.c +++ b/crypto/encode_decode/decoder_pkey.c @@ -302,8 +302,12 @@ int ossl_decoder_ctx_setup_for_pkey(OSSL_DECODER_CTX *ctx, * If the key type is given by the caller, we only use the matching * KEYMGMTs, otherwise we use them all. */ - if (keytype == NULL || EVP_KEYMGMT_is_a(keymgmt, keytype)) - EVP_KEYMGMT_names_do_all(keymgmt, collect_name, names); + if (keytype == NULL || EVP_KEYMGMT_is_a(keymgmt, keytype)) { + if (!EVP_KEYMGMT_names_do_all(keymgmt, collect_name, names)) { + ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_INTERNAL_ERROR); + goto err; + } + } EVP_KEYMGMT_free(keymgmt); } diff --git a/crypto/encode_decode/encoder_meth.c b/crypto/encode_decode/encoder_meth.c index f1a6e89b83..191ca8640f 100644 --- a/crypto/encode_decode/encoder_meth.c +++ b/crypto/encode_decode/encoder_meth.c @@ -490,19 +490,21 @@ void OSSL_ENCODER_do_all_provided(OSSL_LIB_CTX *libctx, encoder_do_one, NULL, &data); } -void OSSL_ENCODER_names_do_all(const OSSL_ENCODER *encoder, - void (*fn)(const char *name, void *data), - void *data) +int OSSL_ENCODER_names_do_all(const OSSL_ENCODER *encoder, + void (*fn)(const char *name, void *data), + void *data) { if (encoder == NULL) - return; + return 0; if (encoder->base.prov != NULL) { OSSL_LIB_CTX *libctx = ossl_provider_libctx(encoder->base.prov); OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx); - ossl_namemap_doall_names(namemap, encoder->base.id, fn, data); + return ossl_namemap_doall_names(namemap, encoder->base.id, fn, data); } + + return 1; } const OSSL_PARAM * diff --git a/crypto/evp/asymcipher.c b/crypto/evp/asymcipher.c index 6ff49a0526..f096c19345 100644 --- a/crypto/evp/asymcipher.c +++ b/crypto/evp/asymcipher.c @@ -434,12 +434,14 @@ void EVP_ASYM_CIPHER_do_all_provided(OSSL_LIB_CTX *libctx, } -void EVP_ASYM_CIPHER_names_do_all(const EVP_ASYM_CIPHER *cipher, - void (*fn)(const char *name, void *data), - void *data) +int EVP_ASYM_CIPHER_names_do_all(const EVP_ASYM_CIPHER *cipher, + void (*fn)(const char *name, void *data), + void *data) { if (cipher->prov != NULL) - evp_names_do_all(cipher->prov, cipher->name_id, fn, data); + return evp_names_do_all(cipher->prov, cipher->name_id, fn, data); + + return 1; } const OSSL_PARAM *EVP_ASYM_CIPHER_gettable_ctx_params(const EVP_ASYM_CIPHER *cip) diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index 7346169be6..e322654241 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -881,8 +881,8 @@ static void *evp_md_from_dispatch(int name_id, #ifndef FIPS_MODULE /* TODO(3.x) get rid of the need for legacy NIDs */ md->type = NID_undef; - evp_names_do_all(prov, name_id, set_legacy_nid, &md->type); - if (md->type == -1) { + if (!evp_names_do_all(prov, name_id, set_legacy_nid, &md->type) + || md->type == -1) { ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR); EVP_MD_free(md); return NULL; diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c index b6aa36c5c2..ebb876a8dc 100644 --- a/crypto/evp/evp_enc.c +++ b/crypto/evp/evp_enc.c @@ -1395,8 +1395,8 @@ static void *evp_cipher_from_dispatch(const int name_id, #ifndef FIPS_MODULE /* TODO(3.x) get rid of the need for legacy NIDs */ cipher->nid = NID_undef; - evp_names_do_all(prov, name_id, set_legacy_nid, &cipher->nid); - if (cipher->nid == -1) { + if (!evp_names_do_all(prov, name_id, set_legacy_nid, &cipher->nid) + || cipher->nid == -1) { ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR); EVP_CIPHER_free(cipher); return NULL; diff --git a/crypto/evp/evp_fetch.c b/crypto/evp/evp_fetch.c index 2f0d0e15b0..589c15fb1e 100644 --- a/crypto/evp/evp_fetch.c +++ b/crypto/evp/evp_fetch.c @@ -530,12 +530,12 @@ int evp_is_a(OSSL_PROVIDER *prov, int number, return ossl_namemap_name2num(namemap, name) == number; } -void evp_names_do_all(OSSL_PROVIDER *prov, int number, - void (*fn)(const char *name, void *data), - void *data) +int evp_names_do_all(OSSL_PROVIDER *prov, int number, + |