diff options
| author | jsing <> | 2018-11-28 15:51:32 +0000 |
|---|---|---|
| committer | jsing <> | 2018-11-28 15:51:32 +0000 |
| commit | 9929fb92ec5eef94190c43b92a4901712953b553 (patch) | |
| tree | 89f569e7886b1100fcaafc0b6975a9aec0badcd4 /src/lib/libcrypto/crypto_lock.c | |
| parent | 1ea05fdbfec108dafe131398c5f4f7d549fe0fda (diff) | |
| download | openbsd-9929fb92ec5eef94190c43b92a4901712953b553.tar.gz openbsd-9929fb92ec5eef94190c43b92a4901712953b553.tar.bz2 openbsd-9929fb92ec5eef94190c43b92a4901712953b553.zip | |
Correct lock initialisation for libcrypto.
The current crypto_lock_init() function is not called early enough, meaning
that locks are already in use before it gets called. Worse, locks could be
in use when they are then initialised. Furthermore, since functions like
CRYPTO_lock() are public API, these could be called directly bypassing
initialisation.
Avoid these issues by using static initialisers.
ok bcook@
Diffstat (limited to 'src/lib/libcrypto/crypto_lock.c')
| -rw-r--r-- | src/lib/libcrypto/crypto_lock.c | 66 |
1 files changed, 53 insertions, 13 deletions
diff --git a/src/lib/libcrypto/crypto_lock.c b/src/lib/libcrypto/crypto_lock.c index 3d615cf485..5d317a81c0 100644 --- a/src/lib/libcrypto/crypto_lock.c +++ b/src/lib/libcrypto/crypto_lock.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: crypto_lock.c,v 1.1 2018/11/11 06:41:28 bcook Exp $ */ | 1 | /* $OpenBSD: crypto_lock.c,v 1.2 2018/11/28 15:51:32 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2018 Brent Cook <bcook@openbsd.org> | 3 | * Copyright (c) 2018 Brent Cook <bcook@openbsd.org> |
| 4 | * | 4 | * |
| @@ -19,16 +19,54 @@ | |||
| 19 | 19 | ||
| 20 | #include <openssl/crypto.h> | 20 | #include <openssl/crypto.h> |
| 21 | 21 | ||
| 22 | static pthread_mutex_t locks[CRYPTO_NUM_LOCKS]; | 22 | static pthread_mutex_t locks[] = { |
| 23 | PTHREAD_MUTEX_INITIALIZER, | ||
| 24 | PTHREAD_MUTEX_INITIALIZER, | ||
| 25 | PTHREAD_MUTEX_INITIALIZER, | ||
| 26 | PTHREAD_MUTEX_INITIALIZER, | ||
| 27 | PTHREAD_MUTEX_INITIALIZER, | ||
| 28 | PTHREAD_MUTEX_INITIALIZER, | ||
| 29 | PTHREAD_MUTEX_INITIALIZER, | ||
| 30 | PTHREAD_MUTEX_INITIALIZER, | ||
| 31 | PTHREAD_MUTEX_INITIALIZER, | ||
| 32 | PTHREAD_MUTEX_INITIALIZER, | ||
| 33 | PTHREAD_MUTEX_INITIALIZER, | ||
| 34 | PTHREAD_MUTEX_INITIALIZER, | ||
| 35 | PTHREAD_MUTEX_INITIALIZER, | ||
| 36 | PTHREAD_MUTEX_INITIALIZER, | ||
| 37 | PTHREAD_MUTEX_INITIALIZER, | ||
| 38 | PTHREAD_MUTEX_INITIALIZER, | ||
| 39 | PTHREAD_MUTEX_INITIALIZER, | ||
| 40 | PTHREAD_MUTEX_INITIALIZER, | ||
| 41 | PTHREAD_MUTEX_INITIALIZER, | ||
| 42 | PTHREAD_MUTEX_INITIALIZER, | ||
| 43 | PTHREAD_MUTEX_INITIALIZER, | ||
| 44 | PTHREAD_MUTEX_INITIALIZER, | ||
| 45 | PTHREAD_MUTEX_INITIALIZER, | ||
| 46 | PTHREAD_MUTEX_INITIALIZER, | ||
| 47 | PTHREAD_MUTEX_INITIALIZER, | ||
| 48 | PTHREAD_MUTEX_INITIALIZER, | ||
| 49 | PTHREAD_MUTEX_INITIALIZER, | ||
| 50 | PTHREAD_MUTEX_INITIALIZER, | ||
| 51 | PTHREAD_MUTEX_INITIALIZER, | ||
| 52 | PTHREAD_MUTEX_INITIALIZER, | ||
| 53 | PTHREAD_MUTEX_INITIALIZER, | ||
| 54 | PTHREAD_MUTEX_INITIALIZER, | ||
| 55 | PTHREAD_MUTEX_INITIALIZER, | ||
| 56 | PTHREAD_MUTEX_INITIALIZER, | ||
| 57 | PTHREAD_MUTEX_INITIALIZER, | ||
| 58 | PTHREAD_MUTEX_INITIALIZER, | ||
| 59 | PTHREAD_MUTEX_INITIALIZER, | ||
| 60 | PTHREAD_MUTEX_INITIALIZER, | ||
| 61 | PTHREAD_MUTEX_INITIALIZER, | ||
| 62 | PTHREAD_MUTEX_INITIALIZER, | ||
| 63 | PTHREAD_MUTEX_INITIALIZER, | ||
| 64 | }; | ||
| 23 | 65 | ||
| 24 | void | 66 | #define CTASSERT(x) extern char _ctassert[(x) ? 1 : -1 ] \ |
| 25 | crypto_init_locks(void) | 67 | __attribute__((__unused__)) |
| 26 | { | ||
| 27 | int i; | ||
| 28 | 68 | ||
| 29 | for (i = 0; i < CRYPTO_NUM_LOCKS; i++) | 69 | CTASSERT((sizeof(locks) / sizeof(*locks)) == CRYPTO_NUM_LOCKS); |
| 30 | pthread_mutex_init(&locks[i], NULL); | ||
| 31 | } | ||
| 32 | 70 | ||
| 33 | void | 71 | void |
| 34 | CRYPTO_lock(int mode, int type, const char *file, int line) | 72 | CRYPTO_lock(int mode, int type, const char *file, int line) |
| @@ -37,19 +75,21 @@ CRYPTO_lock(int mode, int type, const char *file, int line) | |||
| 37 | return; | 75 | return; |
| 38 | 76 | ||
| 39 | if (mode & CRYPTO_LOCK) | 77 | if (mode & CRYPTO_LOCK) |
| 40 | pthread_mutex_lock(&locks[type]); | 78 | (void) pthread_mutex_lock(&locks[type]); |
| 41 | else | 79 | else if (mode & CRYPTO_UNLOCK) |
| 42 | pthread_mutex_unlock(&locks[type]); | 80 | (void) pthread_mutex_unlock(&locks[type]); |
| 43 | } | 81 | } |
| 44 | 82 | ||
| 45 | int | 83 | int |
| 46 | CRYPTO_add_lock(int *pointer, int amount, int type, const char *file, | 84 | CRYPTO_add_lock(int *pointer, int amount, int type, const char *file, |
| 47 | int line) | 85 | int line) |
| 48 | { | 86 | { |
| 49 | int ret = 0; | 87 | int ret; |
| 88 | |||
| 50 | CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE, type, file, line); | 89 | CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE, type, file, line); |
| 51 | ret = *pointer + amount; | 90 | ret = *pointer + amount; |
| 52 | *pointer = ret; | 91 | *pointer = ret; |
| 53 | CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE, type, file, line); | 92 | CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE, type, file, line); |
| 93 | |||
| 54 | return (ret); | 94 | return (ret); |
| 55 | } | 95 | } |