diff options
author | Matt Caswell <matt@openssl.org> | 2021-01-08 13:48:13 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2021-01-14 17:30:46 +0000 |
commit | f5a50c2a07e288187c14b784be253b3a2a23483b (patch) | |
tree | 71ab229bb6194a7dde63dcf5fa904f5bef005158 /crypto/err | |
parent | 2c40421440d260ddb97a807b064033f61ae3b2b3 (diff) |
Enable locking on the primary DRBG when we create it
The primary DRBG may be shared across multiple threads and therefore
we must use locking to access it. Previously we were enabling that locking
lazily when we attempted to obtain one of the child DRBGs. Part of the
process of enabling the lock, is to create the lock. But if we create the
lock lazily then it is too late - we may race with other threads where each
thread is independently attempting to enable the locking. This results
in multiple locks being created - only one of which "sticks" and the rest
are leaked.
Instead we enable locking on the primary when we first create it. This is
already locked and therefore we cannot race.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13660)
Diffstat (limited to 'crypto/err')
-rw-r--r-- | crypto/err/openssl.txt | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt index bb200a7960..40f93ba0cd 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt @@ -2609,7 +2609,7 @@ EVP_R_PRIVATE_KEY_ENCODE_ERROR:146:private key encode error EVP_R_PUBLIC_KEY_NOT_RSA:106:public key not rsa EVP_R_SET_DEFAULT_PROPERTY_FAILURE:209:set default property failure EVP_R_TOO_MANY_RECORDS:183:too many records -EVP_R_UNABLE_TO_ENABLE_PARENT_LOCKING:212:unable to enable parent locking +EVP_R_UNABLE_TO_ENABLE_LOCKING:212:unable to enable locking EVP_R_UNABLE_TO_GET_MAXIMUM_REQUEST_SIZE:215:unable to get maximum request size EVP_R_UNABLE_TO_GET_RANDOM_STRENGTH:216:unable to get random strength EVP_R_UNABLE_TO_LOCK_CONTEXT:211:unable to lock context |