diff options
author | Matt Caswell <matt@openssl.org> | 2021-02-19 17:03:43 +0000 |
---|---|---|
committer | Pauli <ppzgs1@gmail.com> | 2021-02-25 08:37:22 +1000 |
commit | d84f5515faf3fe00ed5eeca7e7b8b041be863e90 (patch) | |
tree | b2e8245e0a152f16b5bb2c5260e47781a6261c9d /apps/list.c | |
parent | 6be27456e1346121b1fed797e92353733b59e16e (diff) |
Don't hold a lock when calling a callback in ossl_namemap_doall_names
We don't want to hold a read lock when calling a user supplied callback.
That callback could do anything so the risk of a deadlock is high.
Instead we collect all the names first inside the read lock, and then
subsequently call the user callback outside the read lock.
Fixes #14225
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14250)
Diffstat (limited to 'apps/list.c')
-rw-r--r-- | apps/list.c | 306 |
1 files changed, 159 insertions, 147 deletions
diff --git a/apps/list.c b/apps/list.c index 72c4205e9a..e16e2bf7bc 100644 --- a/apps/list.c +++ b/apps/list.c @@ -91,22 +91,23 @@ static void list_ciphers(void) continue; names = sk_OPENSSL_CSTRING_new(name_cmp); - EVP_CIPHER_names_do_all(c, collect_names, names); - BIO_printf(bio_out, " "); - print_names(bio_out, names); - sk_OPENSSL_CSTRING_free(names); - - BIO_printf(bio_out, " @ %s\n", - OSSL_PROVIDER_name(EVP_CIPHER_provider(c))); - - if (verbose) { - print_param_types("retrievable algorithm parameters", - EVP_CIPHER_gettable_params(c), 4); - print_param_types("retrievable operation parameters", - EVP_CIPHER_gettable_ctx_params(c), 4); - print_param_types("settable operation parameters", - EVP_CIPHER_settable_ctx_params(c), 4); + if (names != NULL && EVP_CIPHER_names_do_all(c, collect_names, names)) { + BIO_printf(bio_out, " "); + print_names(bio_out, names); + + BIO_printf(bio_out, " @ %s\n", + OSSL_PROVIDER_name(EVP_CIPHER_provider(c))); + + if (verbose) { + print_param_types("retrievable algorithm parameters", + EVP_CIPHER_gettable_params(c), 4); + print_param_types("retrievable operation parameters", + EVP_CIPHER_gettable_ctx_params(c), 4); + print_param_types("settable operation parameters", + EVP_CIPHER_settable_ctx_params(c), 4); + } } + sk_OPENSSL_CSTRING_free(names); } sk_EVP_CIPHER_pop_free(ciphers, EVP_CIPHER_free); } @@ -168,21 +169,22 @@ static void list_digests(void) continue; names = sk_OPENSSL_CSTRING_new(name_cmp); - EVP_MD_names_do_all(m, collect_names, names); - BIO_printf(bio_out, " "); - print_names(bio_out, names); - sk_OPENSSL_CSTRING_free(names); - - BIO_printf(bio_out, " @ %s\n", OSSL_PROVIDER_name(EVP_MD_provider(m))); - - if (verbose) { - print_param_types("retrievable algorithm parameters", - EVP_MD_gettable_params(m), 4); - print_param_types("retrievable operation parameters", - EVP_MD_gettable_ctx_params(m), 4); - print_param_types("settable operation parameters", - EVP_MD_settable_ctx_params(m), 4); + if (names != NULL && EVP_MD_names_do_all(m, collect_names, names)) { + BIO_printf(bio_out, " "); + print_names(bio_out, names); + + BIO_printf(bio_out, " @ %s\n", OSSL_PROVIDER_name(EVP_MD_provider(m))); + + if (verbose) { + print_param_types("retrievable algorithm parameters", + EVP_MD_gettable_params(m), 4); + print_param_types("retrievable operation parameters", + EVP_MD_gettable_ctx_params(m), 4); + print_param_types("settable operation parameters", + EVP_MD_settable_ctx_params(m), 4); + } } + sk_OPENSSL_CSTRING_free(names); } sk_EVP_MD_pop_free(digests, EVP_MD_free); } @@ -227,21 +229,22 @@ static void list_macs(void) continue; names = sk_OPENSSL_CSTRING_new(name_cmp); - EVP_MAC_names_do_all(m, collect_names, names); - BIO_printf(bio_out, " "); - print_names(bio_out, names); - sk_OPENSSL_CSTRING_free(names); - - BIO_printf(bio_out, " @ %s\n", OSSL_PROVIDER_name(EVP_MAC_provider(m))); - - if (verbose) { - print_param_types("retrievable algorithm parameters", - EVP_MAC_gettable_params(m), 4); - print_param_types("retrievable operation parameters", - EVP_MAC_gettable_ctx_params(m), 4); - print_param_types("settable operation parameters", - EVP_MAC_settable_ctx_params(m), 4); + if (names != NULL && EVP_MAC_names_do_all(m, collect_names, names)) { + BIO_printf(bio_out, " "); + print_names(bio_out, names); + + BIO_printf(bio_out, " @ %s\n", OSSL_PROVIDER_name(EVP_MAC_provider(m))); + + if (verbose) { + print_param_types("retrievable algorithm parameters", + EVP_MAC_gettable_params(m), 4); + print_param_types("retrievable operation parameters", + EVP_MAC_gettable_ctx_params(m), 4); + print_param_types("settable operation parameters", + EVP_MAC_settable_ctx_params(m), 4); + } } + sk_OPENSSL_CSTRING_free(names); } sk_EVP_MAC_pop_free(macs, EVP_MAC_free); } @@ -289,21 +292,22 @@ static void list_kdfs(void) continue; names = sk_OPENSSL_CSTRING_new(name_cmp); - EVP_KDF_names_do_all(k, collect_names, names); - BIO_printf(bio_out, " "); - print_names(bio_out, names); - sk_OPENSSL_CSTRING_free(names); - - BIO_printf(bio_out, " @ %s\n", OSSL_PROVIDER_name(EVP_KDF_provider(k))); - - if (verbose) { - print_param_types("retrievable algorithm parameters", - EVP_KDF_gettable_params(k), 4); - print_param_types("retrievable operation parameters", - EVP_KDF_gettable_ctx_params(k), 4); - print_param_types("settable operation parameters", - EVP_KDF_settable_ctx_params(k), 4); + if (names != NULL && EVP_KDF_names_do_all(k, collect_names, names)) { + BIO_printf(bio_out, " "); + print_names(bio_out, names); + + BIO_printf(bio_out, " @ %s\n", OSSL_PROVIDER_name(EVP_KDF_provider(k))); + + if (verbose) { + print_param_types("retrievable algorithm parameters", + EVP_KDF_gettable_params(k), 4); + print_param_types("retrievable operation parameters", + EVP_KDF_gettable_ctx_params(k), 4); + print_param_types("settable operation parameters", + EVP_KDF_settable_ctx_params(k), 4); + } } + sk_OPENSSL_CSTRING_free(names); } sk_EVP_KDF_pop_free(kdfs, EVP_KDF_free); } @@ -478,19 +482,20 @@ static void list_encoders(void) continue; names = sk_OPENSSL_CSTRING_new(name_cmp); - OSSL_ENCODER_names_do_all(k, collect_names, names); - BIO_printf(bio_out, " "); - print_names(bio_out, names); - sk_OPENSSL_CSTRING_free(names); + if (names != NULL && OSSL_ENCODER_names_do_all(k, collect_names, names)) { + BIO_printf(bio_out, " "); + print_names(bio_out, names); - BIO_printf(bio_out, " @ %s (%s)\n", - OSSL_PROVIDER_name(OSSL_ENCODER_provider(k)), - OSSL_ENCODER_properties(k)); + BIO_printf(bio_out, " @ %s (%s)\n", + OSSL_PROVIDER_name(OSSL_ENCODER_provider(k)), + OSSL_ENCODER_properties(k)); - if (verbose) { - print_param_types("settable operation parameters", - OSSL_ENCODER_settable_ctx_params(k), 4); + if (verbose) { + print_param_types("settable operation parameters", + OSSL_ENCODER_settable_ctx_params(k), 4); + } } + sk_OPENSSL_CSTRING_free(names); } sk_OSSL_ENCODER_pop_free(encoders, OSSL_ENCODER_free); } @@ -541,19 +546,20 @@ static void list_decoders(void) continue; names = sk_OPENSSL_CSTRING_new(name_cmp); - OSSL_DECODER_names_do_all(k, collect_names, names); - BIO_printf(bio_out, " "); - print_names(bio_out, names); - sk_OPENSSL_CSTRING_free(names); + if (names != NULL && OSSL_DECODER_names_do_all(k, collect_names, names)) { + BIO_printf(bio_out, " "); + print_names(bio_out, names); - BIO_printf(bio_out, " @ %s (%s)\n", - OSSL_PROVIDER_name(OSSL_DECODER_provider(k)), - OSSL_DECODER_properties(k)); + BIO_printf(bio_out, " @ %s (%s)\n", + OSSL_PROVIDER_name(OSSL_DECODER_provider(k)), + OSSL_DECODER_properties(k)); - if (verbose) { - print_param_types("settable operation parameters", - OSSL_DECODER_settable_ctx_params(k), 4); + if (verbose) { + print_param_types("settable operation parameters", + OSSL_DECODER_settable_ctx_params(k), 4); + } } + sk_OPENSSL_CSTRING_free(names); } sk_OSSL_DECODER_pop_free(decoders, OSSL_DECODER_free); } @@ -594,22 +600,23 @@ static void list_keymanagers(void) continue; names = sk_OPENSSL_CSTRING_new(name_cmp); - EVP_KEYMGMT_names_do_all(k, collect_names, names); - BIO_printf(bio_out, " "); - print_names(bio_out, names); - sk_OPENSSL_CSTRING_free(names); - - BIO_printf(bio_out, " @ %s\n", - OSSL_PROVIDER_name(EVP_KEYMGMT_provider(k))); - - if (verbose) { - print_param_types("settable key generation parameters", - EVP_KEYMGMT_gen_settable_params(k), 4); - print_param_types("settable operation parameters", - EVP_KEYMGMT_settable_params(k), 4); - print_param_types("retrievable operation parameters", - EVP_KEYMGMT_gettable_params(k), 4); + if (names != NULL && EVP_KEYMGMT_names_do_all(k, collect_names, names)) { + BIO_printf(bio_out, " "); + print_names(bio_out, names); + + BIO_printf(bio_out, " @ %s\n", + OSSL_PROVIDER_name(EVP_KEYMGMT_provider(k))); + + if (verbose) { + print_param_types("settable key generation parameters", + EVP_KEYMGMT_gen_settable_params(k), 4); + print_param_types("settable operation parameters", + EVP_KEYMGMT_settable_params(k), 4); + print_param_types("retrievable operation parameters", + EVP_KEYMGMT_gettable_params(k), 4); + } } + sk_OPENSSL_CSTRING_free(names); } sk_EVP_KEYMGMT_pop_free(km_stack, EVP_KEYMGMT_free); } @@ -650,21 +657,22 @@ static void list_signatures(void) continue; names = sk_OPENSSL_CSTRING_new(name_cmp); - EVP_SIGNATURE_names_do_all(k, collect_names, names); - count++; - BIO_printf(bio_out, " "); - print_names(bio_out, names); - sk_OPENSSL_CSTRING_free(names); - - BIO_printf(bio_out, " @ %s\n", - OSSL_PROVIDER_name(EVP_SIGNATURE_provider(k))); - - if (verbose) { - print_param_types("settable operation parameters", - EVP_SIGNATURE_settable_ctx_params(k), 4); - print_param_types("retrievable operation parameters", - EVP_SIGNATURE_gettable_ctx_params(k), 4); + if (names != NULL && EVP_SIGNATURE_names_do_all(k, collect_names, names)) { + count++; + BIO_printf(bio_out, " "); + print_names(bio_out, names); + + BIO_printf(bio_out, " @ %s\n", + OSSL_PROVIDER_name(EVP_SIGNATURE_provider(k))); + + if (verbose) { + print_param_types("settable operation parameters", + EVP_SIGNATURE_settable_ctx_params(k), 4); + print_param_types("retrievable operation parameters", + EVP_SIGNATURE_gettable_ctx_params(k), 4); + } } + sk_OPENSSL_CSTRING_free(names); } sk_EVP_SIGNATURE_pop_free(sig_stack, EVP_SIGNATURE_free); if (count == 0) @@ -707,20 +715,21 @@ static void list_kems(void) continue; names = sk_OPENSSL_CSTRING_new(name_cmp); - EVP_KEM_names_do_all(k, collect_names, names); - count++; - BIO_printf(bio_out, " "); - print_names(bio_out, names); - sk_OPENSSL_CSTRING_free(names); - - BIO_printf(bio_out, " @ %s\n", OSSL_PROVIDER_name(EVP_KEM_provider(k))); - - if (verbose) { - print_param_types("settable operation parameters", - EVP_KEM_settable_ctx_params(k), 4); - print_param_types("retrievable operation parameters", - EVP_KEM_gettable_ctx_params(k), 4); + if (names != NULL && EVP_KEM_names_do_all(k, collect_names, names)) { + count++; + BIO_printf(bio_out, " "); + print_names(bio_out, names); + + BIO_printf(bio_out, " @ %s\n", OSSL_PROVIDER_name(EVP_KEM_provider(k))); + + if (verbose) { + print_param_types("settable operation parameters", + EVP_KEM_settable_ctx_params(k), 4); + print_param_types("retrievable operation parameters", + EVP_KEM_gettable_ctx_params(k), 4); + } } + sk_OPENSSL_CSTRING_free(names); } sk_EVP_KEM_pop_free(kem_stack, EVP_KEM_free); if (count == 0) @@ -764,21 +773,23 @@ static void list_asymciphers(void) continue; names = sk_OPENSSL_CSTRING_new(name_cmp); - EVP_ASYM_CIPHER_names_do_all(k, collect_names, names); - count++; - BIO_printf(bio_out, " "); - print_names(bio_out, names); - sk_OPENSSL_CSTRING_free(names); - - BIO_printf(bio_out, " @ %s\n", - OSSL_PROVIDER_name(EVP_ASYM_CIPHER_provider(k))); - - if (verbose) { - print_param_types("settable operation parameters", - EVP_ASYM_CIPHER_settable_ctx_params(k), 4); - print_param_types("retrievable operation parameters", - EVP_ASYM_CIPHER_gettable_ctx_params(k), 4); + if (names != NULL + && EVP_ASYM_CIPHER_names_do_all(k, collect_names, names)) { + count++; + BIO_printf(bio_out, " "); + print_names(bio_out, names); + + BIO_printf(bio_out, " @ %s\n", + OSSL_PROVIDER_name(EVP_ASYM_CIPHER_provider(k))); + + if (verbose) { + print_param_types("settable operation parameters", + EVP_ASYM_CIPHER_settable_ctx_params(k), 4); + print_param_types("retrievable operation parameters", + EVP_ASYM_CIPHER_gettable_ctx_params(k), 4); + } } + sk_OPENSSL_CSTRING_free(names); } sk_EVP_ASYM_CIPHER_pop_free(asymciph_stack, EVP_ASYM_CIPHER_free); if (count == 0) @@ -821,21 +832,22 @@ static void list_keyexchanges(void) continue; names = sk_OPENSSL_CSTRING_new(name_cmp); - EVP_KEYEXCH_names_do_all(k, collect_names, names); - count++; - BIO_printf(bio_out, " "); - print_names(bio_out, names); - sk_OPENSSL_CSTRING_free(names); - - BIO_printf(bio_out, " @ %s\n", - OSSL_PROVIDER_name(EVP_KEYEXCH_provider(k))); - - if (verbose) { - print_param_types("settable operation parameters", - EVP_KEYEXCH_settable_ctx_params(k), 4); - print_param_types("retrievable operation parameters", - EVP_KEYEXCH_gettable_ctx_params(k), 4); + if (names != NULL && EVP_KEYEXCH_names_do_all(k, collect_names, names)) { + count++; + BIO_printf(bio_out, " "); + print_names(bio_out, names); + + BIO_printf(bio_out, " @ %s\n", + OSSL_PROVIDER_name(EVP_KEYEXCH_provider(k))); + + if (verbose) { + print_param_types("settable operation parameters", + EVP_KEYEXCH_settable_ctx_params(k), 4); + print_param_types("retrievable operation parameters", + EVP_KEYEXCH_gettable_ctx_params(k), 4); + } } + sk_OPENSSL_CSTRING_free(names); } sk_EVP_KEYEXCH_pop_free(kex_stack, EVP_KEYEXCH_free); if (count == 0) |