[openssl] OpenSSL_1_1_0-stable update
shane.lontis at oracle.com
shane.lontis at oracle.com
Mon Jul 15 02:08:51 UTC 2019
The branch OpenSSL_1_1_0-stable has been updated
via 69ae4153af5a6e62369611b694748c846a461d02 (commit)
from 04151456b9d896a7825a5ac77c0310c97fa5f650 (commit)
- Log -----------------------------------------------------------------
commit 69ae4153af5a6e62369611b694748c846a461d02
Author: Krists Krilovs <krists.krilovs at gmail.com>
Date: Mon Jul 8 13:43:09 2019 -0700
Fix wrong lock claimed in x509 dir lookup.
x509 store's objects cache can get corrupted when using dir lookup
method in multithreaded application. Claim x509 store's lock when
accessing objects cache.
CLA: trivial
Reviewed-by: Richard Levitte <levitte at openssl.org>
Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger at hotmail.de>
Reviewed-by: Paul Dale <paul.dale at oracle.com>
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9326)
-----------------------------------------------------------------------
Summary of changes:
crypto/x509/by_dir.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c
index 4fa1dd3..c3ab362 100644
--- a/crypto/x509/by_dir.c
+++ b/crypto/x509/by_dir.c
@@ -322,13 +322,13 @@ static int get_cert_by_subject(X509_LOOKUP *xl, X509_LOOKUP_TYPE type,
/*
* we have added it to the cache so now pull it out again
*/
- CRYPTO_THREAD_write_lock(ctx->lock);
+ X509_STORE_lock(xl->store_ctx);
j = sk_X509_OBJECT_find(xl->store_ctx->objs, &stmp);
if (j != -1)
tmp = sk_X509_OBJECT_value(xl->store_ctx->objs, j);
else
tmp = NULL;
- CRYPTO_THREAD_unlock(ctx->lock);
+ X509_STORE_unlock(xl->store_ctx);
/* If a CRL, update the last file suffix added for this */
More information about the openssl-commits
mailing list