diff options
author | Matt Caswell <matt@openssl.org> | 2021-02-19 17:03:43 +0000 |
---|---|---|
committer | Pauli <ppzgs1@gmail.com> | 2021-02-25 08:37:22 +1000 |
commit | d84f5515faf3fe00ed5eeca7e7b8b041be863e90 (patch) | |
tree | b2e8245e0a152f16b5bb2c5260e47781a6261c9d /include | |
parent | 6be27456e1346121b1fed797e92353733b59e16e (diff) |
Don't hold a lock when calling a callback in ossl_namemap_doall_names
We don't want to hold a read lock when calling a user supplied callback.
That callback could do anything so the risk of a deadlock is high.
Instead we collect all the names first inside the read lock, and then
subsequently call the user callback outside the read lock.
Fixes #14225
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14250)
Diffstat (limited to 'include')
-rw-r--r-- | include/internal/namemap.h | 6 | ||||
-rw-r--r-- | include/openssl/decoder.h | 6 | ||||
-rw-r--r-- | include/openssl/encoder.h | 6 | ||||
-rw-r--r-- | include/openssl/evp.h | 58 | ||||
-rw-r--r-- | include/openssl/kdf.h | 6 | ||||
-rw-r--r-- | include/openssl/store.h | 6 |
6 files changed, 44 insertions, 44 deletions
diff --git a/include/internal/namemap.h b/include/internal/namemap.h index 685ccb41c1..bbdc041173 100644 --- a/include/internal/namemap.h +++ b/include/internal/namemap.h @@ -31,9 +31,9 @@ int ossl_namemap_name2num_n(const OSSL_NAMEMAP *namemap, const char *name, size_t name_len); const char *ossl_namemap_num2name(const OSSL_NAMEMAP *namemap, int number, size_t idx); -void ossl_namemap_doall_names(const OSSL_NAMEMAP *namemap, int number, - void (*fn)(const char *name, void *data), - void *data); +int ossl_namemap_doall_names(const OSSL_NAMEMAP *namemap, int number, + void (*fn)(const char *name, void *data), + void *data); /* * A utility that handles several names in a string, divided by a given diff --git a/include/openssl/decoder.h b/include/openssl/decoder.h index 9f58cb2b39..fd7e7b52c7 100644 --- a/include/openssl/decoder.h +++ b/include/openssl/decoder.h @@ -39,9 +39,9 @@ int OSSL_DECODER_is_a(const OSSL_DECODER *encoder, const char *name); void OSSL_DECODER_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(OSSL_DECODER *encoder, void *arg), void *arg); -void OSSL_DECODER_names_do_all(const OSSL_DECODER *encoder, - void (*fn)(const char *name, void *data), - void *data); +int OSSL_DECODER_names_do_all(const OSSL_DECODER *encoder, + void (*fn)(const char *name, void *data), + void *data); const OSSL_PARAM *OSSL_DECODER_gettable_params(OSSL_DECODER *decoder); int OSSL_DECODER_get_params(OSSL_DECODER *decoder, OSSL_PARAM params[]); diff --git a/include/openssl/encoder.h b/include/openssl/encoder.h index bf212f9f80..c533efa3ec 100644 --- a/include/openssl/encoder.h +++ b/include/openssl/encoder.h @@ -39,9 +39,9 @@ int OSSL_ENCODER_is_a(const OSSL_ENCODER *encoder, const char *name); void OSSL_ENCODER_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(OSSL_ENCODER *encoder, void *arg), void *arg); -void OSSL_ENCODER_names_do_all(const OSSL_ENCODER *encoder, - void (*fn)(const char *name, void *data), - void *data); +int OSSL_ENCODER_names_do_all(const OSSL_ENCODER *encoder, + void (*fn)(const char *name, void *data), + void *data); const OSSL_PARAM *OSSL_ENCODER_gettable_params(OSSL_ENCODER *encoder); int OSSL_ENCODER_get_params(OSSL_ENCODER *encoder, OSSL_PARAM params[]); diff --git a/include/openssl/evp.h b/include/openssl/evp.h index 1bf244322e..38cfefd10b 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -524,9 +524,9 @@ int EVP_MD_type(const EVP_MD *md); const char *EVP_MD_name(const EVP_MD *md); int EVP_MD_number(const EVP_MD *md); int EVP_MD_is_a(const EVP_MD *md, const char *name); -void EVP_MD_names_do_all(const EVP_MD *md, - void (*fn)(const char *name, void *data), - void *data); +int EVP_MD_names_do_all(const EVP_MD *md, + void (*fn)(const char *name, void *data), + void *data); const OSSL_PROVIDER *EVP_MD_provider(const EVP_MD *md); int EVP_MD_pkey_type(const EVP_MD *md); int EVP_MD_size(const EVP_MD *md); @@ -555,9 +555,9 @@ int EVP_CIPHER_nid(const EVP_CIPHER *cipher); const char *EVP_CIPHER_name(const EVP_CIPHER *cipher); int EVP_CIPHER_number(const EVP_CIPHER *cipher); int EVP_CIPHER_is_a(const EVP_CIPHER *cipher, const char *name); -void EVP_CIPHER_names_do_all(const EVP_CIPHER *cipher, - void (*fn)(const char *name, void *data), - void *data); +int EVP_CIPHER_names_do_all(const EVP_CIPHER *cipher, + void (*fn)(const char *name, void *data), + void *data); const OSSL_PROVIDER *EVP_CIPHER_provider(const EVP_CIPHER *cipher); int EVP_CIPHER_block_size(const EVP_CIPHER *cipher); int EVP_CIPHER_impl_ctx_size(const EVP_CIPHER *cipher); @@ -1153,9 +1153,9 @@ const OSSL_PARAM *EVP_MAC_settable_ctx_params(const EVP_MAC *mac); void EVP_MAC_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_MAC *mac, void *arg), void *arg); -void EVP_MAC_names_do_all(const EVP_MAC *mac, - void (*fn)(const char *name, void *data), - void *data); +int EVP_MAC_names_do_all(const EVP_MAC *mac, + void (*fn)(const char *name, void *data), + void *data); /* RAND stuff */ EVP_RAND *EVP_RAND_fetch(OSSL_LIB_CTX *libctx, const char *algorithm, @@ -1180,9 +1180,9 @@ const OSSL_PARAM *EVP_RAND_settable_ctx_params(const EVP_RAND *rand); void EVP_RAND_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_RAND *rand, void *arg), void *arg); -void EVP_RAND_names_do_all(const EVP_RAND *rand, - void (*fn)(const char *name, void *data), - void *data); +int EVP_RAND_names_do_all(const EVP_RAND *rand, + void (*fn)(const char *name, void *data), + void *data); __owur int EVP_RAND_instantiate(EVP_RAND_CTX *ctx, unsigned int strength, int prediction_resistance, @@ -1217,9 +1217,9 @@ OSSL_DEPRECATEDIN_3_0 int EVP_PKEY_encrypt_old(unsigned char *enc_key, int key_len, EVP_PKEY *pub_key); #endif int EVP_PKEY_is_a(const EVP_PKEY *pkey, const char *name); -void EVP_PKEY_typenames_do_all(const EVP_PKEY *pkey, - void (*fn)(const char *name, void *data), - void *data); +int EVP_PKEY_typenames_do_all(const EVP_PKEY *pkey, + void (*fn)(const char *name, void *data), + void *data); int EVP_PKEY_type(int type); int EVP_PKEY_id(const EVP_PKEY *pkey); int EVP_PKEY_base_id(const EVP_PKEY *pkey); @@ -1633,9 +1633,9 @@ int EVP_KEYMGMT_is_a(const EVP_KEYMGMT *keymgmt, const char *name); void EVP_KEYMGMT_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_KEYMGMT *keymgmt, void *arg), void *arg); -void EVP_KEYMGMT_names_do_all(const EVP_KEYMGMT *keymgmt, - void (*fn)(const char *name, void *data), - void *data); +int EVP_KEYMGMT_names_do_all(const EVP_KEYMGMT *keymgmt, + void (*fn)(const char *name, void *data), + void *data); const OSSL_PARAM *EVP_KEYMGMT_gettable_params(const EVP_KEYMGMT *keymgmt); const OSSL_PARAM *EVP_KEYMGMT_settable_params(const EVP_KEYMGMT *keymgmt); const OSSL_PARAM *EVP_KEYMGMT_gen_settable_params(const EVP_KEYMGMT *keymgmt); @@ -1716,9 +1716,9 @@ void EVP_SIGNATURE_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_SIGNATURE *signature, void *data), void *data); -void EVP_SIGNATURE_names_do_all(const EVP_SIGNATURE *signature, - void (*fn)(const char *name, void *data), - void *data); +int EVP_SIGNATURE_names_do_all(const EVP_SIGNATURE *signature, + void (*fn)(const char *name, void *data), + void *data); const OSSL_PARAM *EVP_SIGNATURE_gettable_ctx_params(const EVP_SIGNATURE *sig); const OSSL_PARAM *EVP_SIGNATURE_settable_ctx_params(const EVP_SIGNATURE *sig); @@ -1733,9 +1733,9 @@ void EVP_ASYM_CIPHER_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_ASYM_CIPHER *cipher, void *arg), void *arg); -void EVP_ASYM_CIPHER_names_do_all(const EVP_ASYM_CIPHER *cipher, - void (*fn)(const char *name, void *data), - void *data); +int EVP_ASYM_CIPHER_names_do_all(const EVP_ASYM_CIPHER *cipher, + void (*fn)(const char *name, void *data), + void *data); const OSSL_PARAM *EVP_ASYM_CIPHER_gettable_ctx_params(const EVP_ASYM_CIPHER *ciph); const OSSL_PARAM *EVP_ASYM_CIPHER_settable_ctx_params(const EVP_ASYM_CIPHER *ciph); @@ -1748,8 +1748,8 @@ int EVP_KEM_is_a(const EVP_KEM *wrap, const char *name); int EVP_KEM_number(const EVP_KEM *wrap); void EVP_KEM_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_KEM *wrap, void *arg), void *arg); -void EVP_KEM_names_do_all(const EVP_KEM *wrap, - void (*fn)(const char *name, void *data), void *data); +int EVP_KEM_names_do_all(const EVP_KEM *wrap, + void (*fn)(const char *name, void *data), void *data); const OSSL_PARAM *EVP_KEM_gettable_ctx_params(const EVP_KEM *kem); const OSSL_PARAM *EVP_KEM_settable_ctx_params(const EVP_KEM *kem); @@ -1996,9 +1996,9 @@ int EVP_KEYEXCH_number(const EVP_KEYEXCH *keyexch); void EVP_KEYEXCH_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_KEYEXCH *keyexch, void *data), void *data); -void EVP_KEYEXCH_names_do_all(const EVP_KEYEXCH *keyexch, - void (*fn)(const char *name, void *data), - void *data); +int EVP_KEYEXCH_names_do_all(const EVP_KEYEXCH *keyexch, + void (*fn)(const char *name, void *data), + void *data); const OSSL_PARAM *EVP_KEYEXCH_gettable_ctx_params(const EVP_KEYEXCH *keyexch); const OSSL_PARAM *EVP_KEYEXCH_settable_ctx_params(const EVP_KEYEXCH *keyexch); diff --git a/include/openssl/kdf.h b/include/openssl/kdf.h index eada3cf1ac..37c1736a8c 100644 --- a/include/openssl/kdf.h +++ b/include/openssl/kdf.h @@ -52,9 +52,9 @@ const OSSL_PARAM *EVP_KDF_settable_ctx_params(const EVP_KDF *kdf); void EVP_KDF_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_KDF *kdf, void *arg), void *arg); -void EVP_KDF_names_do_all(const EVP_KDF *kdf, - void (*fn)(const char *name, void *data), - void *data); +int EVP_KDF_names_do_all(const EVP_KDF *kdf, + void (*fn)(const char *name, void *data), + void *data); # define EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND 0 # define EVP_KDF_HKDF_MODE_EXTRACT_ONLY 1 diff --git a/include/openssl/store.h b/include/openssl/store.h index ae0aaa26d1..304532bde3 100644 --- a/include/openssl/store.h +++ b/include/openssl/store.h @@ -266,9 +266,9 @@ void OSSL_STORE_LOADER_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(OSSL_STORE_LOADER *loader, void *arg), void *arg); -void OSSL_STORE_LOADER_names_do_all(const OSSL_STORE_LOADER *loader, - void (*fn)(const char *name, void *data), - void *data); +int OSSL_STORE_LOADER_names_do_all(const OSSL_STORE_LOADER *loader, + void (*fn)(const char *name, void *data), + void *data); /*- * Function to register a loader for the given URI scheme. |