diff options
author | Rich Salz <rsalz@akamai.com> | 2021-02-18 15:31:56 -0500 |
---|---|---|
committer | Pauli <ppzgs1@gmail.com> | 2021-03-14 15:33:34 +1000 |
commit | cd3f8c1b11b0b9f4163bc8c62cbae38aec1b4030 (patch) | |
tree | de59d50b2ff9b2bd73a1ebf08eedf78d8ba44aa3 /ssl/ssl_lib.c | |
parent | f62846b703d163265176fe960ec7d087b4c3fa96 (diff) |
Always check CRYPTO_LOCK_{read,write}_lock
Some functions that lock things are void, so we just return early.
Also make ossl_namemap_empty return 0 on error. Updated the docs, and added
some code to ossl_namemap_stored() to handle the failure, and updated the
tests to allow for failure.
Fixes: #14230
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14238)
Diffstat (limited to 'ssl/ssl_lib.c')
-rw-r--r-- | ssl/ssl_lib.c | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 348b507622..4cb40bd89b 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -893,7 +893,8 @@ int SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx, int SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb) { - CRYPTO_THREAD_write_lock(ctx->lock); + if (!CRYPTO_THREAD_write_lock(ctx->lock)) + return 0; ctx->generate_session_id = cb; CRYPTO_THREAD_unlock(ctx->lock); return 1; @@ -901,7 +902,8 @@ int SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb) int SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB cb) { - CRYPTO_THREAD_write_lock(ssl->lock); + if (!CRYPTO_THREAD_write_lock(ssl->lock)) + return 0; ssl->generate_session_id = cb; CRYPTO_THREAD_unlock(ssl->lock); return 1; @@ -926,7 +928,8 @@ int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id, r.session_id_length = id_len; memcpy(r.session_id, id, id_len); - CRYPTO_THREAD_read_lock(ssl->session_ctx->lock); + if (!CRYPTO_THREAD_read_lock(ssl->session_ctx->lock)) + return 0; p = lh_SSL_SESSION_retrieve(ssl->session_ctx->sessions, &r); CRYPTO_THREAD_unlock(ssl->session_ctx->lock); return (p != NULL); |