diff options
author | Matt Caswell <matt@openssl.org> | 2019-08-07 10:46:26 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2019-08-08 10:11:16 +0100 |
commit | 5c5cdcd8157c0ce0fdf3793217883c435cdf57bb (patch) | |
tree | ce3a2bbfb2c6d381cb40993612e32f6bf709c94f /crypto/provider_core.c | |
parent | b9a758060dfe8f1bd11265b1c1550a27cd2c0783 (diff) |
Avoid holding a lock when calling OPENSSL_init_crypto
We move an OPENSSL_init_crypto call slightly earlier in the process to
avoid calling it while holding the store lock. This can lead to deadlocks.
Fixes the no-engine build.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9547)
Diffstat (limited to 'crypto/provider_core.c')
-rw-r--r-- | crypto/provider_core.c | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/crypto/provider_core.c b/crypto/provider_core.c index 76d526eaf0..a821d17e46 100644 --- a/crypto/provider_core.c +++ b/crypto/provider_core.c @@ -566,14 +566,6 @@ static int provider_forall_loaded(struct provider_store_st *store, int ret = 1; int num_provs; -#ifndef FIPS_MODE - /* - * Make sure any providers are loaded from config before we try to use - * them. - */ - OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL); -#endif - num_provs = sk_OSSL_PROVIDER_num(store->providers); if (found_activated != NULL) @@ -638,6 +630,14 @@ int ossl_provider_forall_loaded(OPENSSL_CTX *ctx, int ret = 1; struct provider_store_st *store = get_provider_store(ctx); +#ifndef FIPS_MODE + /* + * Make sure any providers are loaded from config before we try to use + * them. + */ + OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL); +#endif + if (store != NULL) { CRYPTO_THREAD_read_lock(store->lock); |