[openssl-commits] [openssl] master update
Rich Salz
rsalz at openssl.org
Thu Apr 28 18:45:35 UTC 2016
The branch master has been updated
via 2bbf0baa9565cce937d85592f12d1279871dfaf6 (commit)
via 25a807bcb9509c6fccfbbd9d02119772ccb0f23e (commit)
from 8fdc99cb5dbf1a79b106cc635c82f59956e39108 (commit)
- Log -----------------------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
crypto/bio/bio_lib.c | 3 ++-
crypto/dh/dh_lib.c | 31 ++++++++++++++-----------------
crypto/dsa/dsa_lib.c | 35 ++++++++++++++++-------------------
crypto/engine/eng_lib.c | 5 ++++-
crypto/ui/ui_lib.c | 5 ++++-
crypto/x509/x_x509.c | 3 ++-
ssl/ssl_lib.c | 6 ++++--
ssl/ssl_sess.c | 7 +++++--
8 files changed, 51 insertions(+), 44 deletions(-)
diff --git a/crypto/bio/bio_lib.c b/crypto/bio/bio_lib.c
index 94c97da..6ddc19f 100644
--- a/crypto/bio/bio_lib.c
+++ b/crypto/bio/bio_lib.c
@@ -93,7 +93,8 @@ int BIO_set(BIO *bio, const BIO_METHOD *method)
bio->references = 1;
bio->num_read = 0L;
bio->num_write = 0L;
- CRYPTO_new_ex_data(CRYPTO_EX_INDEX_BIO, bio, &bio->ex_data);
+ if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_BIO, bio, &bio->ex_data))
+ return 0;
bio->lock = CRYPTO_THREAD_lock_new();
if (bio->lock == NULL) {
diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c
index 9db4576..650ca43 100644
--- a/crypto/dh/dh_lib.c
+++ b/crypto/dh/dh_lib.c
@@ -109,13 +109,20 @@ DH *DH_new_method(ENGINE *engine)
return NULL;
}
+ ret->references = 1;
+ ret->lock = CRYPTO_THREAD_lock_new();
+ if (ret->lock == NULL) {
+ OPENSSL_free(ret);
+ return NULL;
+ }
+
ret->meth = DH_get_default_method();
#ifndef OPENSSL_NO_ENGINE
+ ret->flags = ret->meth->flags; /* early default init */
if (engine) {
if (!ENGINE_init(engine)) {
DHerr(DH_F_DH_NEW_METHOD, ERR_R_ENGINE_LIB);
- OPENSSL_free(ret);
- return NULL;
+ goto err;
}
ret->engine = engine;
} else
@@ -124,29 +131,19 @@ DH *DH_new_method(ENGINE *engine)
ret->meth = ENGINE_get_DH(ret->engine);
if (ret->meth == NULL) {
DHerr(DH_F_DH_NEW_METHOD, ERR_R_ENGINE_LIB);
- ENGINE_finish(ret->engine);
- OPENSSL_free(ret);
- return NULL;
+ goto err;
}
}
#endif
- ret->references = 1;
ret->flags = ret->meth->flags;
- CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
-
- ret->lock = CRYPTO_THREAD_lock_new();
- if (ret->lock == NULL) {
-#ifndef OPENSSL_NO_ENGINE
- ENGINE_finish(ret->engine);
-#endif
- CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
- OPENSSL_free(ret);
- return NULL;
- }
+ if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data))
+ goto err;
if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
+ DHerr(DH_F_DH_NEW_METHOD, ERR_R_INIT_FAIL);
+err:
DH_free(ret);
ret = NULL;
}
diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c
index 7b751a9..96debeb 100644
--- a/crypto/dsa/dsa_lib.c
+++ b/crypto/dsa/dsa_lib.c
@@ -111,20 +111,27 @@ const DSA_METHOD *DSA_get_method(DSA *d)
DSA *DSA_new_method(ENGINE *engine)
{
- DSA *ret;
+ DSA *ret = OPENSSL_zalloc(sizeof(*ret));
- ret = OPENSSL_zalloc(sizeof(*ret));
if (ret == NULL) {
DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
return NULL;
}
+
+ ret->references = 1;
+ ret->lock = CRYPTO_THREAD_lock_new();
+ if (ret->lock == NULL) {
+ OPENSSL_free(ret);
+ return NULL;
+ }
+
ret->meth = DSA_get_default_method();
#ifndef OPENSSL_NO_ENGINE
+ ret->flags = ret->meth->flags & ~DSA_FLAG_NON_FIPS_ALLOW; /* early default init */
if (engine) {
if (!ENGINE_init(engine)) {
DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_ENGINE_LIB);
- OPENSSL_free(ret);
- return NULL;
+ goto err;
}
ret->engine = engine;
} else
@@ -133,29 +140,19 @@ DSA *DSA_new_method(ENGINE *engine)
ret->meth = ENGINE_get_DSA(ret->engine);
if (ret->meth == NULL) {
DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_ENGINE_LIB);
- ENGINE_finish(ret->engine);
- OPENSSL_free(ret);
- return NULL;
+ goto err;
}
}
#endif
- ret->references = 1;
ret->flags = ret->meth->flags & ~DSA_FLAG_NON_FIPS_ALLOW;
- CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
-
- ret->lock = CRYPTO_THREAD_lock_new();
- if (ret->lock == NULL) {
-#ifndef OPENSSL_NO_ENGINE
- ENGINE_finish(ret->engine);
-#endif
- CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
- OPENSSL_free(ret);
- return NULL;
- }
+ if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data))
+ goto err;
if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
+ DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_INIT_FAIL);
+err:
DSA_free(ret);
ret = NULL;
}
diff --git a/crypto/engine/eng_lib.c b/crypto/engine/eng_lib.c
index d0bc716..5bcd24b 100644
--- a/crypto/engine/eng_lib.c
+++ b/crypto/engine/eng_lib.c
@@ -83,7 +83,10 @@ ENGINE *ENGINE_new(void)
}
ret->struct_ref = 1;
engine_ref_debug(ret, 0, 1);
- CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ENGINE, ret, &ret->ex_data);
+ if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ENGINE, ret, &ret->ex_data)) {
+ OPENSSL_free(ret);
+ return NULL;
+ }
return ret;
}
diff --git a/crypto/ui/ui_lib.c b/crypto/ui/ui_lib.c
index 7b08107..cc5b5f1 100644
--- a/crypto/ui/ui_lib.c
+++ b/crypto/ui/ui_lib.c
@@ -92,7 +92,10 @@ UI *UI_new_method(const UI_METHOD *method)
else
ret->meth = method;
- CRYPTO_new_ex_data(CRYPTO_EX_INDEX_UI, ret, &ret->ex_data);
+ if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_UI, ret, &ret->ex_data)) {
+ OPENSSL_free(ret);
+ return NULL;
+ }
return ret;
}
diff --git a/crypto/x509/x_x509.c b/crypto/x509/x_x509.c
index 22a7e59..11e758b 100644
--- a/crypto/x509/x_x509.c
+++ b/crypto/x509/x_x509.c
@@ -99,7 +99,8 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
#endif
ret->aux = NULL;
ret->crldp = NULL;
- CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);
+ if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data))
+ return 0;
break;
case ASN1_OP_FREE_POST:
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 81c4b67..e00c119 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -751,7 +751,8 @@ SSL *SSL_new(SSL_CTX *ctx)
if (!SSL_clear(s))
goto err;
- CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
+ if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data))
+ goto err;
#ifndef OPENSSL_NO_PSK
s->psk_client_callback = ctx->psk_client_callback;
@@ -2441,7 +2442,8 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
if ((ret->client_CA = sk_X509_NAME_new_null()) == NULL)
goto err;
- CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data);
+ if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data))
+ goto err;
/* No compression for DTLS */
if (!(meth->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS))
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index d5b7fe3..3b9a9f7 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -198,8 +198,11 @@ SSL_SESSION *SSL_SESSION_new(void)
return NULL;
}
- CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
-
+ if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data)) {
+ CRYPTO_THREAD_lock_free(ss->lock);
+ OPENSSL_free(ss);
+ return NULL;
+ }
return ss;
}
More information about the openssl-commits
mailing list