diff options
author | Richard Levitte <levitte@openssl.org> | 2022-05-04 09:15:29 +0200 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2022-05-05 15:06:12 +0200 |
commit | 32e3c071373280b69be02ba91fc3204495e2e1bf (patch) | |
tree | 2d2c6b36aec2a7bb3073cd1de29e72a9b78490ab /crypto | |
parent | For child libctx / provider, don't count self-references in parent (diff) | |
download | openssl-32e3c071373280b69be02ba91fc3204495e2e1bf.tar.xz openssl-32e3c071373280b69be02ba91fc3204495e2e1bf.zip |
Add method store cache flush and method removal to non-EVP operations
evp_method_store_flush() and evp_method_store_remove_all_provided()
only cover EVP operations, but not encoders, decoders and store loaders.
This adds corresponding methods for those as well. Without this, their
method stores are never cleaned up when the corresponding providers are
deactivated or otherwise modified.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18151)
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/encode_decode/decoder_meth.c | 19 | ||||
-rw-r--r-- | crypto/encode_decode/encoder_meth.c | 19 | ||||
-rw-r--r-- | crypto/provider_core.c | 39 | ||||
-rw-r--r-- | crypto/store/store_meth.c | 19 |
4 files changed, 93 insertions, 3 deletions
diff --git a/crypto/encode_decode/decoder_meth.c b/crypto/encode_decode/decoder_meth.c index 06a6bdaa2d..d622fffb2f 100644 --- a/crypto/encode_decode/decoder_meth.c +++ b/crypto/encode_decode/decoder_meth.c @@ -427,6 +427,25 @@ OSSL_DECODER *ossl_decoder_fetch_by_number(OSSL_LIB_CTX *libctx, int id, return method; } +int ossl_decoder_store_cache_flush(OSSL_LIB_CTX *libctx) +{ + OSSL_METHOD_STORE *store = get_decoder_store(libctx); + + if (store != NULL) + return ossl_method_store_cache_flush_all(store); + return 1; +} + +int ossl_decoder_store_remove_all_provided(const OSSL_PROVIDER *prov) +{ + OSSL_LIB_CTX *libctx = ossl_provider_libctx(prov); + OSSL_METHOD_STORE *store = get_decoder_store(libctx); + + if (store != NULL) + return ossl_method_store_remove_all_provided(store, prov); + return 1; +} + /* * Library of basic method functions */ diff --git a/crypto/encode_decode/encoder_meth.c b/crypto/encode_decode/encoder_meth.c index aa5fb13e00..ad7df22544 100644 --- a/crypto/encode_decode/encoder_meth.c +++ b/crypto/encode_decode/encoder_meth.c @@ -436,6 +436,25 @@ OSSL_ENCODER *ossl_encoder_fetch_by_number(OSSL_LIB_CTX *libctx, int id, return method; } +int ossl_encoder_store_cache_flush(OSSL_LIB_CTX *libctx) +{ + OSSL_METHOD_STORE *store = get_encoder_store(libctx); + + if (store != NULL) + return ossl_method_store_cache_flush_all(store); + return 1; +} + +int ossl_encoder_store_remove_all_provided(const OSSL_PROVIDER *prov) +{ + OSSL_LIB_CTX *libctx = ossl_provider_libctx(prov); + OSSL_METHOD_STORE *store = get_encoder_store(libctx); + + if (store != NULL) + return ossl_method_store_remove_all_provided(store, prov); + return 1; +} + /* * Library of basic method functions */ diff --git a/crypto/provider_core.c b/crypto/provider_core.c index 8e7ed6265e..3e2738fb32 100644 --- a/crypto/provider_core.c +++ b/crypto/provider_core.c @@ -15,7 +15,10 @@ #include <openssl/params.h> #include <openssl/opensslv.h> #include "crypto/cryptlib.h" +#include "crypto/decoder.h" /* ossl_decoder_store_cache_flush */ +#include "crypto/encoder.h" /* ossl_encoder_store_cache_flush */ #include "crypto/evp.h" /* evp_method_store_cache_flush */ +#include "crypto/store.h" /* ossl_store_loader_store_cache_flush */ #include "crypto/rand.h" #include "internal/nelem.h" #include "internal/thread_once.h" @@ -1151,8 +1154,22 @@ static int provider_flush_store_cache(const OSSL_PROVIDER *prov) freeing = store->freeing; CRYPTO_THREAD_unlock(store->lock); - if (!freeing) - return evp_method_store_cache_flush(prov->libctx); + if (!freeing) { + int acc + = evp_method_store_cache_flush(prov->libctx) +#ifndef FIPS_MODULE + + ossl_encoder_store_cache_flush(prov->libctx) + + ossl_decoder_store_cache_flush(prov->libctx) + + ossl_store_loader_store_cache_flush(prov->libctx) +#endif + ; + +#ifndef FIPS_MODULE + return acc == 4; +#else + return acc == 1; +#endif + } return 1; } @@ -1170,12 +1187,28 @@ static int provider_remove_store_methods(OSSL_PROVIDER *prov) CRYPTO_THREAD_unlock(store->lock); if (!freeing) { + int acc; + + if (!CRYPTO_THREAD_read_lock(prov->opbits_lock)) + return 0; OPENSSL_free(prov->operation_bits); prov->operation_bits = NULL; prov->operation_bits_sz = 0; CRYPTO_THREAD_unlock(prov->opbits_lock); - return evp_method_store_remove_all_provided(prov); + acc = evp_method_store_remove_all_provided(prov) +#ifndef FIPS_MODULE + + ossl_encoder_store_remove_all_provided(prov) + + ossl_decoder_store_remove_all_provided(prov) + + ossl_store_loader_store_remove_all_provided(prov) +#endif + ; + +#ifndef FIPS_MODULE + return acc == 4; +#else + return acc == 1; +#endif } return 1; } diff --git a/crypto/store/store_meth.c b/crypto/store/store_meth.c index 51af5a056e..fc9f1e60e4 100644 --- a/crypto/store/store_meth.c +++ b/crypto/store/store_meth.c @@ -376,6 +376,25 @@ OSSL_STORE_LOADER *ossl_store_loader_fetch_by_number(OSSL_LIB_CTX *libctx, return method; } +int ossl_store_loader_store_cache_flush(OSSL_LIB_CTX *libctx) +{ + OSSL_METHOD_STORE *store = get_loader_store(libctx); + + if (store != NULL) + return ossl_method_store_cache_flush_all(store); + return 1; +} + +int ossl_store_loader_store_remove_all_provided(const OSSL_PROVIDER *prov) +{ + OSSL_LIB_CTX *libctx = ossl_provider_libctx(prov); + OSSL_METHOD_STORE *store = get_loader_store(libctx); + + if (store != NULL) + return ossl_method_store_remove_all_provided(store, prov); + return 1; +} + /* * Library of basic method functions */ |