[openssl-dev] [openssl.org #4602] Missing accessors
Richard Levitte via RT
rt at openssl.org
Thu Jul 7 20:07:33 UTC 2016
On Sat Jul 02 10:59:38 2016, kurt at roeckx.be wrote:
> Hi,
>
> I received the following bug in debian:
> https://bugs.debian.org/829272
>
>
> I got a lot of bugs filed about packages FTBFS with openssl 1.1.0.
> I started to look at some of them, and many of them are due too
> structures having been made opaque. In many cases accessors already
> exists, but definitely not for all.
>
> Here is a list of accessors I so far have identified as missing. The
> filenames given in the "Add to ..." comments below are suggestions
> based on where similar functions are defined and implemented.
>
>
> /* Add to include/openssl/x509_vfy.h : */
>
> typedef int (*X509_STORE_CTX_get_issuer)(X509 **issuer, X509_STORE_CTX
> *ctx, X509 *x);
> typedef int (*X509_STORE_CTX_check_issued)(X509_STORE_CTX *ctx, X509
> *x, X509 *issuer);
>
> void X509_STORE_CTX_set_get_issuer(X509_STORE_CTX *ctx,
> X509_STORE_CTX_get_issuer
> get_issuer);
> X509_STORE_CTX_get_issuer X509_STORE_CTX_get_get_issuer(X509_STORE_CTX
> *ctx);
> void X509_STORE_CTX_set_check_issued(X509_STORE_CTX *ctx,
> X509_STORE_CTX_check_issued
> check_issued);
> X509_STORE_CTX_check_issued
> X509_STORE_CTX_get_check_issued(X509_STORE_CTX *ctx);
And I suppose that was only those that particular submitter needed. Looking at
crypto/include/internal/x509_int.h, I can see a whole lot more function
pointers that are unreachable.
> Regarding the new locking. Do I understand it correctly that e.g.
>
> CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
>
> should be replaced by something like
>
> CRYPTO_THREAD_write_lock(X509_STORE_get_lock(ctx));
>
> But then the accessors to get hold of the lock objects in the opaque
> structs are missing. E.g.
>
> /* Add to some header file */
>
> CRYPTO_RWLOCK *X509_STORE_get_lock(X509_STORE *ctx);
>
> /* Add to some implementation file */
>
> /* Add to crypto/x509/x509_lu.c */
>
> CRYPTO_RWLOCK *X509_STORE_get_lock(X509_STORE *v)
> {
> return v->lock;
> }
>
> Repeat for other relevant classes with locks.
I'll look into all of this.
Cheers,
Richard
--
Richard Levitte
levitte at openssl.org
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4602
Please log in as guest with password guest if prompted
More information about the openssl-dev
mailing list