diff options
author | Matt Caswell <matt@openssl.org> | 2021-11-09 14:20:31 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2021-11-15 14:22:41 +0000 |
commit | 5ab06d33e6b3be15c8784f1e1fd6c3d845b5cc3a (patch) | |
tree | 8cb9e572c0d860c73f7c559b394a45d4d632c8f9 /crypto/provider_conf.c | |
parent | fc205cedd7b9f12a70117c5f9167ba689ec35a28 (diff) |
Correctly activate the provider in OSSL_PROVIDER_try_load
If during OSSL_PROVIDER_try_load() we attempt to load a provider, but
adding to the store gives back a different provider, then we need to
ensure this different provider has its activation count increased.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17018)
Diffstat (limited to 'crypto/provider_conf.c')
-rw-r--r-- | crypto/provider_conf.c | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/crypto/provider_conf.c b/crypto/provider_conf.c index 7acfe49564..c13c887c3d 100644 --- a/crypto/provider_conf.c +++ b/crypto/provider_conf.c @@ -224,11 +224,22 @@ static int provider_conf_load(OSSL_LIB_CTX *libctx, const char *name, } else if (!ossl_provider_add_to_store(prov, &actual, 0)) { ossl_provider_deactivate(prov, 1); ok = 0; + } else if (actual != prov + && !ossl_provider_activate(actual, 1, 0)) { + ossl_provider_free(actual); + ok = 0; } else { if (pcgbl->activated_providers == NULL) pcgbl->activated_providers = sk_OSSL_PROVIDER_new_null(); - sk_OSSL_PROVIDER_push(pcgbl->activated_providers, actual); - ok = 1; + if (pcgbl->activated_providers == NULL + || !sk_OSSL_PROVIDER_push(pcgbl->activated_providers, + actual)) { + ossl_provider_deactivate(actual, 1); + ossl_provider_free(actual); + ok = 0; + } else { + ok = 1; + } } } if (!ok) |