1 files changed, 39 insertions, 13 deletions
diff --git a/src/lib/libcrypto/x509/x509_issuer_cache.c b/src/lib/libcrypto/x509/x509_issuer_cache.c
index 26cde17239..4f78e1e69b 100644
--- a/src/lib/libcrypto/x509/x509_issuer_cache.c
+++ b/src/lib/libcrypto/x509/x509_issuer_cache.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_issuer_cache.c,v 1.2 2020/11/18 17:00:59 tb Exp $ */
+/* $OpenBSD: x509_issuer_cache.c,v 1.3 2022/06/27 14:23:40 beck Exp $ */
 /*
 * Copyright (c) 2020 Bob Beck <beck@openbsd.org>
 *
@@ -74,6 +74,40 @@ x509_issuer_cache_set_max(size_t max)
 }
 /*
+ * Free the oldest entry in the issuer cache. Returns 1
+ * if an entry was successfuly freed, 0 otherwise. Must
+ * be called with x509_issuer_tree_mutex held.
+ */
+void
+x509_issuer_cache_free_oldest()
+{
+        struct x509_issuer *old;
+        if (x509_issuer_cache_count == 0)
+                return;
+        old = TAILQ_LAST(&x509_issuer_lru, lruqueue);
+        TAILQ_REMOVE(&x509_issuer_lru, old, queue);
+        RB_REMOVE(x509_issuer_tree, &x509_issuer_cache, old);
+        free(old->parent_md);
+        free(old->child_md);
+        free(old);
+        x509_issuer_cache_count--;
+}
+/*
+ * Free the entire issuer cache, discarding all entries.
+ */
+void
+x509_issuer_cache_free()
+{
+        if (pthread_mutex_lock(&x509_issuer_tree_mutex) != 0)
+                return;
+        while (x509_issuer_cache_count > 0)
+                x509_issuer_cache_free_oldest();
+        (void) pthread_mutex_unlock(&x509_issuer_tree_mutex);
+}
+/*
 * Find a previous result of checking if parent signed child
 *
 * Returns:
@@ -140,24 +174,16 @@ x509_issuer_cache_add(unsigned char *parent_md, unsigned char *child_md,
        if (pthread_mutex_lock(&x509_issuer_tree_mutex) != 0)
                goto err;
-        while (x509_issuer_cache_count >= x509_issuer_cache_max) {
+        while (x509_issuer_cache_count >= x509_issuer_cache_max)
-                struct x509_issuer *old;
+                x509_issuer_cache_free_oldest();
-                if ((old = TAILQ_LAST(&x509_issuer_lru, lruqueue)) == NULL)
-                        goto err;
-                TAILQ_REMOVE(&x509_issuer_lru, old, queue);
-                RB_REMOVE(x509_issuer_tree, &x509_issuer_cache, old);
-                free(old->parent_md);
-                free(old->child_md);
-                free(old);
-                x509_issuer_cache_count--;
-        }
        if (RB_INSERT(x509_issuer_tree, &x509_issuer_cache, new) == NULL) {
                TAILQ_INSERT_HEAD(&x509_issuer_lru, new, queue);
                x509_issuer_cache_count++;
                new = NULL;
        }
- err:
        (void) pthread_mutex_unlock(&x509_issuer_tree_mutex);
+ err:
        if (new != NULL) {
                free(new->parent_md);
                free(new->child_md);

diff --git a/src/lib/libcrypto/x509/x509_issuer_cache.c b/src/lib/libcrypto/x509/x509_issuer_cache.c index 26cde17239..4f78e1e69b 100644 --- a/src/lib/libcrypto/x509/x509_issuer_cache.c +++ b/src/lib/libcrypto/x509/x509_issuer_cache.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: x509_issuer_cache.c,v 1.2 2020/11/18 17:00:59 tb Exp $ */	1	/* $OpenBSD: x509_issuer_cache.c,v 1.3 2022/06/27 14:23:40 beck Exp $ */
2	/*	2	/*
3	* Copyright (c) 2020 Bob Beck <beck@openbsd.org>	3	* Copyright (c) 2020 Bob Beck <beck@openbsd.org>
4	*	4	*
@@ -74,6 +74,40 @@ x509_issuer_cache_set_max(size_t max)
74	}	74	}
75		75
76	/*	76	/*
		77	* Free the oldest entry in the issuer cache. Returns 1
		78	* if an entry was successfuly freed, 0 otherwise. Must
		79	* be called with x509_issuer_tree_mutex held.
		80	*/
		81	void
		82	x509_issuer_cache_free_oldest()
		83	{
		84	struct x509_issuer *old;
		85
		86	if (x509_issuer_cache_count == 0)
		87	return;
		88	old = TAILQ_LAST(&x509_issuer_lru, lruqueue);
		89	TAILQ_REMOVE(&x509_issuer_lru, old, queue);
		90	RB_REMOVE(x509_issuer_tree, &x509_issuer_cache, old);
		91	free(old->parent_md);
		92	free(old->child_md);
		93	free(old);
		94	x509_issuer_cache_count--;
		95	}
		96
		97	/*
		98	* Free the entire issuer cache, discarding all entries.
		99	*/
		100	void
		101	x509_issuer_cache_free()
		102	{
		103	if (pthread_mutex_lock(&x509_issuer_tree_mutex) != 0)
		104	return;
		105	while (x509_issuer_cache_count > 0)
		106	x509_issuer_cache_free_oldest();
		107	(void) pthread_mutex_unlock(&x509_issuer_tree_mutex);
		108	}
		109
		110	/*
77	* Find a previous result of checking if parent signed child	111	* Find a previous result of checking if parent signed child
78	*	112	*
79	* Returns:	113	* Returns:
@@ -140,24 +174,16 @@ x509_issuer_cache_add(unsigned char parent_md, unsigned char child_md,
140		174
141	if (pthread_mutex_lock(&x509_issuer_tree_mutex) != 0)	175	if (pthread_mutex_lock(&x509_issuer_tree_mutex) != 0)
142	goto err;	176	goto err;
143	while (x509_issuer_cache_count >= x509_issuer_cache_max) {	177	while (x509_issuer_cache_count >= x509_issuer_cache_max)
144	struct x509_issuer *old;	178	x509_issuer_cache_free_oldest();
145	if ((old = TAILQ_LAST(&x509_issuer_lru, lruqueue)) == NULL)
146	goto err;
147	TAILQ_REMOVE(&x509_issuer_lru, old, queue);
148	RB_REMOVE(x509_issuer_tree, &x509_issuer_cache, old);
149	free(old->parent_md);
150	free(old->child_md);
151	free(old);
152	x509_issuer_cache_count--;
153	}
154	if (RB_INSERT(x509_issuer_tree, &x509_issuer_cache, new) == NULL) {	179	if (RB_INSERT(x509_issuer_tree, &x509_issuer_cache, new) == NULL) {
155	TAILQ_INSERT_HEAD(&x509_issuer_lru, new, queue);	180	TAILQ_INSERT_HEAD(&x509_issuer_lru, new, queue);
156	x509_issuer_cache_count++;	181	x509_issuer_cache_count++;
157	new = NULL;	182	new = NULL;
158	}	183	}
159	err:
160	(void) pthread_mutex_unlock(&x509_issuer_tree_mutex);	184	(void) pthread_mutex_unlock(&x509_issuer_tree_mutex);
		185
		186	err:
161	if (new != NULL) {	187	if (new != NULL) {
162	free(new->parent_md);	188	free(new->parent_md);
163	free(new->child_md);	189	free(new->child_md);