diff options
| author | Matt Caswell <matt@openssl.org> | 2021-04-12 16:22:56 +0200 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2021-04-16 15:27:28 +0200 |
| commit | 7b9f02798f68d9108623f5879f3fc73c06f9a2c7 (patch) | |
| tree | a7325b21a9c4a94a0cec7ed6b46d4aa2fe25c0a9 /providers/legacyprov.c | |
| parent | Store some FIPS global variables in the FIPS_GLOBAL structure (diff) | |
| download | openssl-7b9f02798f68d9108623f5879f3fc73c06f9a2c7.tar.xz openssl-7b9f02798f68d9108623f5879f3fc73c06f9a2c7.zip | |
Sanity check provider up-calls
When we store references to up-calls for future reference we run a sanity
check to make sure we either previously haven't set these values or they
are the same as last time. We don't support the scenario where an
application is linked against multiple versions of libcrypto but using a
shared fips.so file. This would result in different up-calls for different
calls to OSSL_provider_init(), which we currently can't handle.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14814)
Diffstat (limited to '')
| -rw-r--r-- | providers/legacyprov.c | 28 |
1 files changed, 4 insertions, 24 deletions
diff --git a/providers/legacyprov.c b/providers/legacyprov.c index f4e0bc9278..e3690e0559 100644 --- a/providers/legacyprov.c +++ b/providers/legacyprov.c @@ -32,10 +32,6 @@ OSSL_provider_init_fn ossl_legacy_provider_init; # define OSSL_provider_init ossl_legacy_provider_init #endif -/* Functions provided by the core */ -static OSSL_FUNC_core_gettable_params_fn *c_gettable_params = NULL; -static OSSL_FUNC_core_get_params_fn *c_get_params = NULL; - /* Parameters we provide to the core */ static const OSSL_PARAM legacy_param_types[] = { OSSL_PARAM_DEFN(OSSL_PROV_PARAM_NAME, OSSL_PARAM_UTF8_PTR, NULL, 0), @@ -179,28 +175,12 @@ int OSSL_provider_init(const OSSL_CORE_HANDLE *handle, const OSSL_DISPATCH **out, void **provctx) { - OSSL_FUNC_core_get_libctx_fn *c_get_libctx = NULL; OSSL_LIB_CTX *libctx = NULL; - for (; in->function_id != 0; in++) { - switch (in->function_id) { - case OSSL_FUNC_CORE_GETTABLE_PARAMS: - c_gettable_params = OSSL_FUNC_core_gettable_params(in); - break; - case OSSL_FUNC_CORE_GET_PARAMS: - c_get_params = OSSL_FUNC_core_get_params(in); - break; - case OSSL_FUNC_CORE_GET_LIBCTX: - c_get_libctx = OSSL_FUNC_core_get_libctx(in); - break; - /* Just ignore anything we don't understand */ - default: - break; - } - } - - if (c_get_libctx == NULL) - return 0; + /* + * We do not need to use any up-calls provided by libcrypto, so we ignore + * the "in" dispatch table. + */ if ((*provctx = ossl_prov_ctx_new()) == NULL || (libctx = OSSL_LIB_CTX_new()) == NULL) { |