Add NCONF_get0_libctx()

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15466)

diff --git a/crypto/conf/conf_api.c b/crypto/conf/conf_api.c
index e4e305c714f0d8bf4789a6e19e282efe66b5d44a..2d72a6ab32fb6275d734c83e4521c93b266d9c1d 100644 (file)
--- a/crypto/conf/conf_api.c
+++ b/crypto/conf/conf_api.c
@@ -20,6 +20,11 @@
 static void value_free_hash(const CONF_VALUE *a, LHASH_OF(CONF_VALUE) *conf);
 static void value_free_stack_doall(CONF_VALUE *a);
 
+OSSL_LIB_CTX *NCONF_get0_libctx(CONF *conf)
+{
+    return conf->libctx;
+}
+
 CONF_VALUE *_CONF_get_section(const CONF *conf, const char *section)
 {
     CONF_VALUE vv;

diff --git a/crypto/evp/evp_cnf.c b/crypto/evp/evp_cnf.c
index c13652ca0f0e7f5656af167c58a20170baa6af68..415712dffa684a8ee51722ad5519d0891d74442f 100644 (file)
--- a/crypto/evp/evp_cnf.c
+++ b/crypto/evp/evp_cnf.c
@@ -46,12 +46,14 @@ static int alg_module_init(CONF_IMODULE *md, const CONF *cnf)
              * fips_mode is deprecated and should not be used in new
              * configurations.
              */
-            if (!EVP_default_properties_enable_fips(cnf->libctx, m > 0)) {
+            if (!EVP_default_properties_enable_fips(NCONF_get0_libctx((CONF *)cnf),
+                        m > 0)) {
                 ERR_raise(ERR_LIB_EVP, EVP_R_SET_DEFAULT_PROPERTY_FAILURE);
                 return 0;
             }
         } else if (strcmp(oval->name, "default_properties") == 0) {
-            if (!evp_set_default_properties_int(cnf->libctx, oval->value, 0, 0)) {
+            if (!evp_set_default_properties_int(NCONF_get0_libctx((CONF *)cnf),
+                        oval->value, 0, 0)) {
                 ERR_raise(ERR_LIB_EVP, EVP_R_SET_DEFAULT_PROPERTY_FAILURE);
                 return 0;
             }

diff --git a/crypto/provider_conf.c b/crypto/provider_conf.c
index 5725ef3c639f735ed62a33166196938a5ab0f7d4..977d469808f5a0346e58b748d402cacfce63197d 100644 (file)
--- a/crypto/provider_conf.c
+++ b/crypto/provider_conf.c
@@ -199,7 +199,8 @@ static int provider_conf_init(CONF_IMODULE *md, const CONF *cnf)
 
     for (i = 0; i < sk_CONF_VALUE_num(elist); i++) {
         cval = sk_CONF_VALUE_value(elist, i);
-        if (!provider_conf_load(cnf->libctx, cval->name, cval->value, cnf))
+        if (!provider_conf_load(NCONF_get0_libctx((CONF *)cnf),
+                    cval->name, cval->value, cnf))
             return 0;
     }
 

diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c
index a7a8c70523784f8b923180f53450943cf28ed564..a3305b76b4e4a7b9ccfac7499c092af433405412 100644 (file)
--- a/crypto/rand/rand_lib.c
+++ b/crypto/rand/rand_lib.c
@@ -746,7 +746,7 @@ static int random_conf_init(CONF_IMODULE *md, const CONF *cnf)
 {
     STACK_OF(CONF_VALUE) *elist;
     CONF_VALUE *cval;
-    RAND_GLOBAL *dgbl = rand_get_global(cnf->libctx);
+    RAND_GLOBAL *dgbl = rand_get_global(NCONF_get0_libctx((CONF *)cnf));
     int i, r = 1;
 
     OSSL_TRACE1(CONF, "Loading random module: section %s\n",

diff --git a/doc/man3/NCONF_new_ex.pod b/doc/man3/NCONF_new_ex.pod
index 46c2e8c466b038f40c3c2f6b552c420f2fffebca..e03c801ce5c4fbc03d23c2d5b721db3669c17f23 100644 (file)
--- a/doc/man3/NCONF_new_ex.pod
+++ b/doc/man3/NCONF_new_ex.pod
@@ -2,7 +2,8 @@
 
 =head1 NAME
 
-NCONF_new_ex, NCONF_new, NCONF_free, NCONF_default, NCONF_load
+NCONF_new_ex, NCONF_new, NCONF_free, NCONF_default, NCONF_load,
+NCONF_get0_libctx
 - functionality to Load and parse configuration files manually
 
 =head1 SYNOPSIS
@@ -14,6 +15,7 @@ NCONF_new_ex, NCONF_new, NCONF_free, NCONF_default, NCONF_load
  void NCONF_free(CONF *conf);
  CONF_METHOD *NCONF_default(void);
  int NCONF_load(CONF *conf, const char *file, long *eline);
+ OSSL_LIB_CTX *NCONF_get0_libctx(CONF *conf);
 
 =head1 DESCRIPTION
 
@@ -32,6 +34,9 @@ the load failed on if they are not NULL.
 
 NCONF_default() gets the default method table for processing a configuration file.
 
+NCONF_get0_libctx() gets the library context associated with the I<conf>
+parameter.
+
 =head1 RETURN VALUES
 
 NCONF_load() returns 1 on success or 0 on error.

diff --git a/include/openssl/conf.h.in b/include/openssl/conf.h.in
index 928b14c28fb1ec6bf3ebabb4e9b3fef2ce59c8b6..02c1558871383dae65e7c16f632674b8e8154df6 100644 (file)
--- a/include/openssl/conf.h.in
+++ b/include/openssl/conf.h.in
@@ -106,6 +106,7 @@ OSSL_DEPRECATEDIN_1_1_0 void OPENSSL_config(const char *config_name);
  */
 
 CONF *NCONF_new_ex(OSSL_LIB_CTX *libctx, CONF_METHOD *meth);
+OSSL_LIB_CTX *NCONF_get0_libctx(CONF *conf);
 CONF *NCONF_new(CONF_METHOD *meth);
 CONF_METHOD *NCONF_default(void);
 #ifndef OPENSSL_NO_DEPRECATED_3_0

diff --git a/util/libcrypto.num b/util/libcrypto.num
index 3d44181f227cfc9fe1a12ae41a755f485ff78b21..b086a829f99bcc468730ceb9e2f5a50753d72f6d 100644 (file)
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -5418,3 +5418,4 @@ EVP_MAC_CTX_get_block_size              5545      3_0_0   EXIST::FUNCTION:
 BIO_debug_callback_ex                   5546   3_0_0   EXIST::FUNCTION:
 b2i_PVK_bio_ex                          5547   3_0_0   EXIST::FUNCTION:
 i2b_PVK_bio_ex                          5548   3_0_0   EXIST::FUNCTION:
+NCONF_get0_libctx                       5547   3_0_0   EXIST::FUNCTION: