diff options
author | Rich Salz <rsalz@akamai.com> | 2021-02-18 15:31:56 -0500 |
---|---|---|
committer | Pauli <ppzgs1@gmail.com> | 2021-03-14 15:33:34 +1000 |
commit | cd3f8c1b11b0b9f4163bc8c62cbae38aec1b4030 (patch) | |
tree | de59d50b2ff9b2bd73a1ebf08eedf78d8ba44aa3 /crypto/engine/eng_pkey.c | |
parent | f62846b703d163265176fe960ec7d087b4c3fa96 (diff) |
Always check CRYPTO_LOCK_{read,write}_lock
Some functions that lock things are void, so we just return early.
Also make ossl_namemap_empty return 0 on error. Updated the docs, and added
some code to ossl_namemap_stored() to handle the failure, and updated the
tests to allow for failure.
Fixes: #14230
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14238)
Diffstat (limited to 'crypto/engine/eng_pkey.c')
-rw-r--r-- | crypto/engine/eng_pkey.c | 25 |
1 files changed, 14 insertions, 11 deletions
diff --git a/crypto/engine/eng_pkey.c b/crypto/engine/eng_pkey.c index 9feb52d83b..8ba39a46b7 100644 --- a/crypto/engine/eng_pkey.c +++ b/crypto/engine/eng_pkey.c @@ -60,23 +60,24 @@ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id, if (e == NULL) { ERR_raise(ERR_LIB_ENGINE, ERR_R_PASSED_NULL_PARAMETER); - return 0; + return NULL; } - CRYPTO_THREAD_write_lock(global_engine_lock); + if (!CRYPTO_THREAD_write_lock(global_engine_lock)) + return NULL; if (e->funct_ref == 0) { CRYPTO_THREAD_unlock(global_engine_lock); ERR_raise(ERR_LIB_ENGINE, ENGINE_R_NOT_INITIALISED); - return 0; + return NULL; } CRYPTO_THREAD_unlock(global_engine_lock); if (!e->load_privkey) { ERR_raise(ERR_LIB_ENGINE, ENGINE_R_NO_LOAD_FUNCTION); - return 0; + return NULL; } pkey = e->load_privkey(e, key_id, ui_method, callback_data); if (pkey == NULL) { ERR_raise(ERR_LIB_ENGINE, ENGINE_R_FAILED_LOADING_PRIVATE_KEY); - return 0; + return NULL; } return pkey; } @@ -88,23 +89,24 @@ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id, if (e == NULL) { ERR_raise(ERR_LIB_ENGINE, ERR_R_PASSED_NULL_PARAMETER); - return 0; + return NULL; } - CRYPTO_THREAD_write_lock(global_engine_lock); + if (!CRYPTO_THREAD_write_lock(global_engine_lock)) + return NULL; if (e->funct_ref == 0) { CRYPTO_THREAD_unlock(global_engine_lock); ERR_raise(ERR_LIB_ENGINE, ENGINE_R_NOT_INITIALISED); - return 0; + return NULL; } CRYPTO_THREAD_unlock(global_engine_lock); if (!e->load_pubkey) { ERR_raise(ERR_LIB_ENGINE, ENGINE_R_NO_LOAD_FUNCTION); - return 0; + return NULL; } pkey = e->load_pubkey(e, key_id, ui_method, callback_data); if (pkey == NULL) { ERR_raise(ERR_LIB_ENGINE, ENGINE_R_FAILED_LOADING_PUBLIC_KEY); - return 0; + return NULL; } return pkey; } @@ -119,7 +121,8 @@ int ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s, ERR_raise(ERR_LIB_ENGINE, ERR_R_PASSED_NULL_PARAMETER); return 0; } - CRYPTO_THREAD_write_lock(global_engine_lock); + if (!CRYPTO_THREAD_write_lock(global_engine_lock)) + return 0; if (e->funct_ref == 0) { CRYPTO_THREAD_unlock(global_engine_lock); ERR_raise(ERR_LIB_ENGINE, ENGINE_R_NOT_INITIALISED); |