[openssl] master update
Matt Caswell
matt at openssl.org
Sat May 15 09:46:25 UTC 2021
The branch master has been updated
via 522827160936319841f3f83fd246f92da96f5686 (commit)
via 36a89c04390f2d98e740b9c53a1eead9dcb5f188 (commit)
from 773f1c3320f546a53906bd377b2c9d385ece3c39 (commit)
- Log -----------------------------------------------------------------
commit 522827160936319841f3f83fd246f92da96f5686
Author: Matt Caswell <matt at openssl.org>
Date: Thu May 13 15:52:19 2021 +0100
Load the default provider into the p_test provider later
Loading it earlier causes some of the later testing to pass when it should
fail and masked a bug.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15270)
commit 36a89c04390f2d98e740b9c53a1eead9dcb5f188
Author: Matt Caswell <matt at openssl.org>
Date: Thu May 13 15:35:42 2021 +0100
Init the child providers immediately on creation of the child libctx
We were deferring the initial creation of the child providers until the
first fetch. This is a carry over from an earlier iteration of the child
lib ctx development and is no longer necessary. In fact we need to init
the child providers immediately otherwise not all providers quite init
correctly.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15270)
-----------------------------------------------------------------------
Summary of changes:
crypto/provider_child.c | 46 +++++--------------------
crypto/provider_core.c | 6 ----
doc/internal/man3/ossl_provider_new.pod | 7 +---
include/internal/provider.h | 1 -
test/p_test.c | 59 +++++++++++++++++----------------
5 files changed, 39 insertions(+), 80 deletions(-)
diff --git a/crypto/provider_child.c b/crypto/provider_child.c
index 0ca61c0686..2487d43fd7 100644
--- a/crypto/provider_child.c
+++ b/crypto/provider_child.c
@@ -198,44 +198,6 @@ static int provider_remove_child_cb(const OSSL_CORE_HANDLE *prov, void *cbdata)
return 1;
}
-int ossl_provider_init_child_providers(OSSL_LIB_CTX *ctx)
-{
- struct child_prov_globals *gbl;
-
- /* Should never happen */
- if (ctx == NULL)
- return 0;
-
- gbl = ossl_lib_ctx_get_data(ctx, OSSL_LIB_CTX_CHILD_PROVIDER_INDEX,
- &child_prov_ossl_ctx_method);
- if (gbl == NULL)
- return 0;
-
- if (!CRYPTO_THREAD_read_lock(gbl->lock))
- return 0;
- if (gbl->isinited) {
- CRYPTO_THREAD_unlock(gbl->lock);
- return 1;
- }
- CRYPTO_THREAD_unlock(gbl->lock);
-
- if (!CRYPTO_THREAD_write_lock(gbl->lock))
- return 0;
- if (!gbl->isinited) {
- if (!gbl->c_provider_register_child_cb(gbl->handle,
- provider_create_child_cb,
- provider_remove_child_cb,
- ctx)) {
- CRYPTO_THREAD_unlock(gbl->lock);
- return 0;
- }
- gbl->isinited = 1;
- }
- CRYPTO_THREAD_unlock(gbl->lock);
-
- return 1;
-}
-
int ossl_provider_init_as_child(OSSL_LIB_CTX *ctx,
const OSSL_CORE_HANDLE *handle,
const OSSL_DISPATCH *in)
@@ -300,6 +262,14 @@ int ossl_provider_init_as_child(OSSL_LIB_CTX *ctx,
if (gbl->lock == NULL)
return 0;
+ if (!gbl->c_provider_register_child_cb(gbl->handle,
+ provider_create_child_cb,
+ provider_remove_child_cb,
+ ctx))
+ return 0;
+
+ gbl->isinited = 1;
+
return 1;
}
diff --git a/crypto/provider_core.c b/crypto/provider_core.c
index f0b429d986..b384f74fd2 100644
--- a/crypto/provider_core.c
+++ b/crypto/provider_core.c
@@ -276,9 +276,6 @@ OSSL_PROVIDER *ossl_provider_find(OSSL_LIB_CTX *libctx, const char *name,
if (!noconfig) {
if (ossl_lib_ctx_is_default(libctx))
OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL);
- if (ossl_lib_ctx_is_child(libctx)
- && !ossl_provider_init_child_providers(libctx))
- return NULL;
}
#endif
@@ -1007,9 +1004,6 @@ int ossl_provider_doall_activated(OSSL_LIB_CTX *ctx,
*/
if (ossl_lib_ctx_is_default(ctx))
OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL);
- if (ossl_lib_ctx_is_child(ctx)
- && !ossl_provider_init_child_providers(ctx))
- return 0;
#endif
if (store == NULL)
diff --git a/doc/internal/man3/ossl_provider_new.pod b/doc/internal/man3/ossl_provider_new.pod
index ff347bad3f..7ab60eb3a5 100644
--- a/doc/internal/man3/ossl_provider_new.pod
+++ b/doc/internal/man3/ossl_provider_new.pod
@@ -7,7 +7,7 @@ ossl_provider_free,
ossl_provider_set_fallback, ossl_provider_set_module_path,
ossl_provider_add_parameter, ossl_provider_set_child, ossl_provider_get_parent,
ossl_provider_up_ref_parent, ossl_provider_free_parent,
-ossl_provider_get0_dispatch, ossl_provider_init_child_providers,
+ossl_provider_get0_dispatch,
ossl_provider_init_as_child,
ossl_provider_activate, ossl_provider_deactivate, ossl_provider_available,
ossl_provider_ctx,
@@ -95,7 +95,6 @@ ossl_provider_get_capabilities
int *result);
int ossl_provider_clear_all_operation_bits(OSSL_LIB_CTX *libctx);
- int ossl_provider_init_child_providers(OSSL_LIB_CTX *ctx);
int ossl_provider_init_as_child(OSSL_LIB_CTX *ctx,
const OSSL_CORE_HANDLE *handle,
const OSSL_DISPATCH *in);
@@ -291,10 +290,6 @@ I<*result> to 1 or 0 accorddingly.
ossl_provider_clear_all_operation_bits() clears all of the operation bits
to (0) for all providers in the library context I<libctx>.
-ossl_provider_init_child_providers() registers the callbacks required to
-receive notifications about loading and unloading of providers in the parent
-library context.
-
ossl_provider_init_as_child() stores in the library context I<ctx> references to
the necessary upcalls for managing child providers. The I<handle> and I<in>
parameters are the B<OSSL_CORE_HANDLE> and B<OSSL_DISPATCH> pointers that were
diff --git a/include/internal/provider.h b/include/internal/provider.h
index 5b0af7a335..020cbc8a9e 100644
--- a/include/internal/provider.h
+++ b/include/internal/provider.h
@@ -108,7 +108,6 @@ int ossl_provider_clear_all_operation_bits(OSSL_LIB_CTX *libctx);
void ossl_provider_add_conf_module(void);
/* Child providers */
-int ossl_provider_init_child_providers(OSSL_LIB_CTX *ctx);
int ossl_provider_init_as_child(OSSL_LIB_CTX *ctx,
const OSSL_CORE_HANDLE *handle,
const OSSL_DISPATCH *in);
diff --git a/test/p_test.c b/test/p_test.c
index 8c7bdaf7b8..22bf8648fe 100644
--- a/test/p_test.c
+++ b/test/p_test.c
@@ -39,7 +39,6 @@ typedef struct p_test_ctx {
char *thisfunc;
const OSSL_CORE_HANDLE *handle;
OSSL_LIB_CTX *libctx;
- OSSL_PROVIDER *deflt;
} P_TEST_CTX;
static OSSL_FUNC_core_gettable_params_fn *c_gettable_params = NULL;
@@ -61,6 +60,18 @@ static OSSL_FUNC_provider_get_params_fn p_get_params;
static OSSL_FUNC_provider_get_reason_strings_fn p_get_reason_strings;
static OSSL_FUNC_provider_teardown_fn p_teardown;
+static void p_set_error(int lib, int reason, const char *file, int line,
+ const char *func, const char *fmt, ...)
+{
+ va_list ap;
+
+ va_start(ap, fmt);
+ c_new_error(NULL);
+ c_set_error_debug(NULL, file, line, func);
+ c_vset_error(NULL, ERR_PACK(lib, 0, reason), fmt, ap);
+ va_end(ap);
+}
+
static const OSSL_PARAM *p_gettable_params(void *_)
{
return p_param_types;
@@ -128,6 +139,20 @@ static int p_get_params(void *provctx, OSSL_PARAM params[])
EVP_MD_CTX *mdctx = EVP_MD_CTX_new();
const char *msg = "Hello world";
unsigned char out[16];
+ OSSL_PROVIDER *deflt;
+
+ /*
+ * "default" has not been loaded into the parent libctx. We should be able
+ * to explicitly load it as a non-child provider.
+ */
+ deflt = OSSL_PROVIDER_load(ctx->libctx, "default");
+ if (deflt == NULL
+ || !OSSL_PROVIDER_available(ctx->libctx, "default")) {
+ /* We set error "3" for a failure to load the default provider */
+ p_set_error(ERR_LIB_PROV, 3, ctx->thisfile, OPENSSL_LINE,
+ ctx->thisfunc, NULL);
+ ok = 0;
+ }
/*
* We should have the default provider available that we loaded
@@ -135,7 +160,8 @@ static int p_get_params(void *provctx, OSSL_PARAM params[])
* from the parent libctx. We should also have "this" provider
* available.
*/
- if (OSSL_PROVIDER_available(ctx->libctx, "default")
+ if (ok
+ && OSSL_PROVIDER_available(ctx->libctx, "default")
&& OSSL_PROVIDER_available(ctx->libctx, "base")
&& OSSL_PROVIDER_available(ctx->libctx, "legacy")
&& OSSL_PROVIDER_available(ctx->libctx, "p_test")
@@ -144,11 +170,12 @@ static int p_get_params(void *provctx, OSSL_PARAM params[])
if (EVP_DigestInit_ex(mdctx, md4, NULL)
&& EVP_DigestUpdate(mdctx, (const unsigned char *)msg,
strlen(msg))
- &&EVP_DigestFinal(mdctx, out, NULL))
+ && EVP_DigestFinal(mdctx, out, NULL))
digestsuccess = 1;
}
EVP_MD_CTX_free(mdctx);
EVP_MD_free(md4);
+ OSSL_PROVIDER_unload(deflt);
#endif
if (p->data_size >= sizeof(digestsuccess)) {
*(unsigned int *)p->data = digestsuccess;
@@ -161,18 +188,6 @@ static int p_get_params(void *provctx, OSSL_PARAM params[])
return ok;
}
-static void p_set_error(int lib, int reason, const char *file, int line,
- const char *func, const char *fmt, ...)
-{
- va_list ap;
-
- va_start(ap, fmt);
- c_new_error(NULL);
- c_set_error_debug(NULL, file, line, func);
- c_vset_error(NULL, ERR_PACK(lib, 0, reason), fmt, ap);
- va_end(ap);
-}
-
static const OSSL_ITEM *p_get_reason_strings(void *_)
{
static const OSSL_ITEM reason_strings[] = {
@@ -251,19 +266,6 @@ int OSSL_provider_init(const OSSL_CORE_HANDLE *handle,
p_teardown(ctx);
return 0;
}
- /*
- * "default" has not been loaded into the parent libctx. We should be able
- * to explicitly load it as a non-child provider.
- */
- ctx->deflt = OSSL_PROVIDER_load(ctx->libctx, "default");
- if (ctx->deflt == NULL
- || !OSSL_PROVIDER_available(ctx->libctx, "default")) {
- /* We set error "3" for a failure to load the default provider */
- p_set_error(ERR_LIB_PROV, 3, ctx->thisfile, OPENSSL_LINE, ctx->thisfunc,
- NULL);
- p_teardown(ctx);
- return 0;
- }
#endif
/*
@@ -282,7 +284,6 @@ static void p_teardown(void *provctx)
P_TEST_CTX *ctx = (P_TEST_CTX *)provctx;
#ifdef PROVIDER_INIT_FUNCTION_NAME
- OSSL_PROVIDER_unload(ctx->deflt);
OSSL_LIB_CTX_free(ctx->libctx);
#endif
free(ctx->thisfile);
More information about the openssl-commits
mailing list