]> git.ipfire.org Git - thirdparty/openssl.git/blob - crypto/cryptlib.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security fixes brought forward from 0.9.7.
[thirdparty/openssl.git] / crypto / cryptlib.c
1 /* crypto/cryptlib.c */
2 /* ====================================================================
3 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@openssl.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
56 * All rights reserved.
57 *
58 * This package is an SSL implementation written
59 * by Eric Young (eay@cryptsoft.com).
60 * The implementation was written so as to conform with Netscapes SSL.
61 *
62 * This library is free for commercial and non-commercial use as long as
63 * the following conditions are aheared to. The following conditions
64 * apply to all code found in this distribution, be it the RC4, RSA,
65 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
66 * included with this distribution is covered by the same copyright terms
67 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
68 *
69 * Copyright remains Eric Young's, and as such any Copyright notices in
70 * the code are not to be removed.
71 * If this package is used in a product, Eric Young should be given attribution
72 * as the author of the parts of the library used.
73 * This can be in the form of a textual message at program startup or
74 * in documentation (online or textual) provided with the package.
75 *
76 * Redistribution and use in source and binary forms, with or without
77 * modification, are permitted provided that the following conditions
78 * are met:
79 * 1. Redistributions of source code must retain the copyright
80 * notice, this list of conditions and the following disclaimer.
81 * 2. Redistributions in binary form must reproduce the above copyright
82 * notice, this list of conditions and the following disclaimer in the
83 * documentation and/or other materials provided with the distribution.
84 * 3. All advertising materials mentioning features or use of this software
85 * must display the following acknowledgement:
86 * "This product includes cryptographic software written by
87 * Eric Young (eay@cryptsoft.com)"
88 * The word 'cryptographic' can be left out if the rouines from the library
89 * being used are not cryptographic related :-).
90 * 4. If you include any Windows specific code (or a derivative thereof) from
91 * the apps directory (application code) you must include an acknowledgement:
92 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
93 *
94 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
95 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
96 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
97 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
98 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
99 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
100 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
101 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
102 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
103 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
104 * SUCH DAMAGE.
105 *
106 * The licence and distribution terms for any publically available version or
107 * derivative of this code cannot be changed. i.e. this code cannot simply be
108 * copied and put under another distribution licence
109 * [including the GNU Public Licence.]
110 */
111 /* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113 * ECDH support in OpenSSL originally developed by
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115 */
116
117 #include <stdio.h>
118 #include <string.h>
119 #include "cryptlib.h"
120 #include <openssl/crypto.h>
121 #include <openssl/safestack.h>
122
123 #if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16)
124 static double SSLeay_MSVC5_hack=0.0; /* and for VC1.5 */
125 #endif
126
127 DECLARE_STACK_OF(CRYPTO_dynlock)
128 IMPLEMENT_STACK_OF(CRYPTO_dynlock)
129
130 /* real #defines in crypto.h, keep these upto date */
131 static const char* lock_names[CRYPTO_NUM_LOCKS] =
132 {
133 "<<ERROR>>",
134 "err",
135 "ex_data",
136 "x509",
137 "x509_info",
138 "x509_pkey",
139 "x509_crl",
140 "x509_req",
141 "dsa",
142 "rsa",
143 "evp_pkey",
144 "x509_store",
145 "ssl_ctx",
146 "ssl_cert",
147 "ssl_session",
148 "ssl_sess_cert",
149 "ssl",
150 "ssl_method",
151 "rand",
152 "rand2",
153 "debug_malloc",
154 "BIO",
155 "gethostbyname",
156 "getservbyname",
157 "readdir",
158 "RSA_blinding",
159 "dh",
160 "debug_malloc2",
161 "dso",
162 "dynlock",
163 "engine",
164 "ui",
165 "ecdsa",
166 "ec",
167 "ecdh",
168 "bn",
169 #if CRYPTO_NUM_LOCKS != 36
170 # error "Inconsistency between crypto.h and cryptlib.c"
171 #endif
172 };
173
174 /* This is for applications to allocate new type names in the non-dynamic
175 array of lock names. These are numbered with positive numbers. */
176 static STACK *app_locks=NULL;
177
178 /* For applications that want a more dynamic way of handling threads, the
179 following stack is used. These are externally numbered with negative
180 numbers. */
181 static STACK_OF(CRYPTO_dynlock) *dyn_locks=NULL;
182
183
184 static void (MS_FAR *locking_callback)(int mode,int type,
185 const char *file,int line)=NULL;
186 static int (MS_FAR *add_lock_callback)(int *pointer,int amount,
187 int type,const char *file,int line)=NULL;
188 static unsigned long (MS_FAR *id_callback)(void)=NULL;
189 static struct CRYPTO_dynlock_value *(MS_FAR *dynlock_create_callback)
190 (const char *file,int line)=NULL;
191 static void (MS_FAR *dynlock_lock_callback)(int mode,
192 struct CRYPTO_dynlock_value *l, const char *file,int line)=NULL;
193 static void (MS_FAR *dynlock_destroy_callback)(struct CRYPTO_dynlock_value *l,
194 const char *file,int line)=NULL;
195
196 int CRYPTO_get_new_lockid(char *name)
197 {
198 char *str;
199 int i;
200
201 #if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16)
202 /* A hack to make Visual C++ 5.0 work correctly when linking as
203 * a DLL using /MT. Without this, the application cannot use
204 * and floating point printf's.
205 * It also seems to be needed for Visual C 1.5 (win16) */
206 SSLeay_MSVC5_hack=(double)name[0]*(double)name[1];
207 #endif
208
209 if ((app_locks == NULL) && ((app_locks=sk_new_null()) == NULL))
210 {
211 CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID,ERR_R_MALLOC_FAILURE);
212 return(0);
213 }
214 if ((str=BUF_strdup(name)) == NULL)
215 {
216 CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID,ERR_R_MALLOC_FAILURE);
217 return(0);
218 }
219 i=sk_push(app_locks,str);
220 if (!i)
221 OPENSSL_free(str);
222 else
223 i+=CRYPTO_NUM_LOCKS; /* gap of one :-) */
224 return(i);
225 }
226
227 int CRYPTO_num_locks(void)
228 {
229 return CRYPTO_NUM_LOCKS;
230 }
231
232 int CRYPTO_get_new_dynlockid(void)
233 {
234 int i = 0;
235 CRYPTO_dynlock *pointer = NULL;
236
237 if (dynlock_create_callback == NULL)
238 {
239 CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK);
240 return(0);
241 }
242 CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
243 if ((dyn_locks == NULL)
244 && ((dyn_locks=sk_CRYPTO_dynlock_new_null()) == NULL))
245 {
246 CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
247 CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE);
248 return(0);
249 }
250 CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
251
252 pointer = (CRYPTO_dynlock *)OPENSSL_malloc(sizeof(CRYPTO_dynlock));
253 if (pointer == NULL)
254 {
255 CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE);
256 return(0);
257 }
258 pointer->references = 1;
259 pointer->data = dynlock_create_callback(__FILE__,__LINE__);
260 if (pointer->data == NULL)
261 {
262 OPENSSL_free(pointer);
263 CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE);
264 return(0);
265 }
266
267 CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
268 /* First, try to find an existing empty slot */
269 i=sk_CRYPTO_dynlock_find(dyn_locks,NULL);
270 /* If there was none, push, thereby creating a new one */
271 if (i == -1)
272 i=sk_CRYPTO_dynlock_push(dyn_locks,pointer);
273 CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
274
275 if (!i)
276 {
277 dynlock_destroy_callback(pointer->data,__FILE__,__LINE__);
278 OPENSSL_free(pointer);
279 }
280 else
281 i += 1; /* to avoid 0 */
282 return -i;
283 }
284
285 void CRYPTO_destroy_dynlockid(int i)
286 {
287 CRYPTO_dynlock *pointer = NULL;
288 if (i)
289 i = -i-1;
290 if (dynlock_destroy_callback == NULL)
291 return;
292
293 CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
294
295 if (dyn_locks == NULL || i >= sk_CRYPTO_dynlock_num(dyn_locks))
296 {
297 CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
298 return;
299 }
300 pointer = sk_CRYPTO_dynlock_value(dyn_locks, i);
301 if (pointer != NULL)
302 {
303 --pointer->references;
304 #ifdef REF_CHECK
305 if (pointer->references < 0)
306 {
307 fprintf(stderr,"CRYPTO_destroy_dynlockid, bad reference count\n");
308 abort();
309 }
310 else
311 #endif
312 if (pointer->references <= 0)
313 {
314 sk_CRYPTO_dynlock_set(dyn_locks, i, NULL);
315 }
316 else
317 pointer = NULL;
318 }
319 CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
320
321 if (pointer)
322 {
323 dynlock_destroy_callback(pointer->data,__FILE__,__LINE__);
324 OPENSSL_free(pointer);
325 }
326 }
327
328 struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i)
329 {
330 CRYPTO_dynlock *pointer = NULL;
331 if (i)
332 i = -i-1;
333
334 CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
335
336 if (dyn_locks != NULL && i < sk_CRYPTO_dynlock_num(dyn_locks))
337 pointer = sk_CRYPTO_dynlock_value(dyn_locks, i);
338 if (pointer)
339 pointer->references++;
340
341 CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
342
343 if (pointer)
344 return pointer->data;
345 return NULL;
346 }
347
348 struct CRYPTO_dynlock_value *(*CRYPTO_get_dynlock_create_callback(void))
349 (const char *file,int line)
350 {
351 return(dynlock_create_callback);
352 }
353
354 void (*CRYPTO_get_dynlock_lock_callback(void))(int mode,
355 struct CRYPTO_dynlock_value *l, const char *file,int line)
356 {
357 return(dynlock_lock_callback);
358 }
359
360 void (*CRYPTO_get_dynlock_destroy_callback(void))
361 (struct CRYPTO_dynlock_value *l, const char *file,int line)
362 {
363 return(dynlock_destroy_callback);
364 }
365
366 void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *(*func)
367 (const char *file, int line))
368 {
369 dynlock_create_callback=func;
370 }
371
372 void CRYPTO_set_dynlock_lock_callback(void (*func)(int mode,
373 struct CRYPTO_dynlock_value *l, const char *file, int line))
374 {
375 dynlock_lock_callback=func;
376 }
377
378 void CRYPTO_set_dynlock_destroy_callback(void (*func)
379 (struct CRYPTO_dynlock_value *l, const char *file, int line))
380 {
381 dynlock_destroy_callback=func;
382 }
383
384
385 void (*CRYPTO_get_locking_callback(void))(int mode,int type,const char *file,
386 int line)
387 {
388 return(locking_callback);
389 }
390
391 int (*CRYPTO_get_add_lock_callback(void))(int *num,int mount,int type,
392 const char *file,int line)
393 {
394 return(add_lock_callback);
395 }
396
397 void CRYPTO_set_locking_callback(void (*func)(int mode,int type,
398 const char *file,int line))
399 {
400 locking_callback=func;
401 }
402
403 void CRYPTO_set_add_lock_callback(int (*func)(int *num,int mount,int type,
404 const char *file,int line))
405 {
406 add_lock_callback=func;
407 }
408
409 unsigned long (*CRYPTO_get_id_callback(void))(void)
410 {
411 return(id_callback);
412 }
413
414 void CRYPTO_set_id_callback(unsigned long (*func)(void))
415 {
416 id_callback=func;
417 }
418
419 unsigned long CRYPTO_thread_id(void)
420 {
421 unsigned long ret=0;
422
423 if (id_callback == NULL)
424 {
425 #ifdef OPENSSL_SYS_WIN16
426 ret=(unsigned long)GetCurrentTask();
427 #elif defined(OPENSSL_SYS_WIN32)
428 ret=(unsigned long)GetCurrentThreadId();
429 #elif defined(GETPID_IS_MEANINGLESS)
430 ret=1L;
431 #else
432 ret=(unsigned long)getpid();
433 #endif
434 }
435 else
436 ret=id_callback();
437 return(ret);
438 }
439
440 void CRYPTO_lock(int mode, int type, const char *file, int line)
441 {
442 #ifdef LOCK_DEBUG
443 {
444 char *rw_text,*operation_text;
445
446 if (mode & CRYPTO_LOCK)
447 operation_text="lock ";
448 else if (mode & CRYPTO_UNLOCK)
449 operation_text="unlock";
450 else
451 operation_text="ERROR ";
452
453 if (mode & CRYPTO_READ)
454 rw_text="r";
455 else if (mode & CRYPTO_WRITE)
456 rw_text="w";
457 else
458 rw_text="ERROR";
459
460 fprintf(stderr,"lock:%08lx:(%s)%s %-18s %s:%d\n",
461 CRYPTO_thread_id(), rw_text, operation_text,
462 CRYPTO_get_lock_name(type), file, line);
463 }
464 #endif
465 if (type < 0)
466 {
467 struct CRYPTO_dynlock_value *pointer
468 = CRYPTO_get_dynlock_value(type);
469
470 if (pointer && dynlock_lock_callback)
471 {
472 dynlock_lock_callback(mode, pointer, file, line);
473 }
474
475 CRYPTO_destroy_dynlockid(type);
476 }
477 else
478 if (locking_callback != NULL)
479 locking_callback(mode,type,file,line);
480 }
481
482 int CRYPTO_add_lock(int *pointer, int amount, int type, const char *file,
483 int line)
484 {
485 int ret = 0;
486
487 if (add_lock_callback != NULL)
488 {
489 #ifdef LOCK_DEBUG
490 int before= *pointer;
491 #endif
492
493 ret=add_lock_callback(pointer,amount,type,file,line);
494 #ifdef LOCK_DEBUG
495 fprintf(stderr,"ladd:%08lx:%2d+%2d->%2d %-18s %s:%d\n",
496 CRYPTO_thread_id(),
497 before,amount,ret,
498 CRYPTO_get_lock_name(type),
499 file,line);
500 #endif
501 }
502 else
503 {
504 CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,file,line);
505
506 ret= *pointer+amount;
507 #ifdef LOCK_DEBUG
508 fprintf(stderr,"ladd:%08lx:%2d+%2d->%2d %-18s %s:%d\n",
509 CRYPTO_thread_id(),
510 *pointer,amount,ret,
511 CRYPTO_get_lock_name(type),
512 file,line);
513 #endif
514 *pointer=ret;
515 CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,file,line);
516 }
517 return(ret);
518 }
519
520 const char *CRYPTO_get_lock_name(int type)
521 {
522 if (type < 0)
523 return("dynamic");
524 else if (type < CRYPTO_NUM_LOCKS)
525 return(lock_names[type]);
526 else if (type-CRYPTO_NUM_LOCKS > sk_num(app_locks))
527 return("ERROR");
528 else
529 return(sk_value(app_locks,type-CRYPTO_NUM_LOCKS));
530 }
531
532 #ifdef _DLL
533 #ifdef OPENSSL_SYS_WIN32
534
535 /* All we really need to do is remove the 'error' state when a thread
536 * detaches */
537
538 BOOL WINAPI DLLEntryPoint(HINSTANCE hinstDLL, DWORD fdwReason,
539 LPVOID lpvReserved)
540 {
541 switch(fdwReason)
542 {
543 case DLL_PROCESS_ATTACH:
544 break;
545 case DLL_THREAD_ATTACH:
546 break;
547 case DLL_THREAD_DETACH:
548 ERR_remove_state(0);
549 break;
550 case DLL_PROCESS_DETACH:
551 break;
552 }
553 return(TRUE);
554 }
555 #endif
556
557 #endif
558
559 void OpenSSLDie(const char *file,int line,const char *assertion)
560 {
561 fprintf(stderr,
562 "%s(%d): OpenSSL internal error, assertion failed: %s\n",
563 file,line,assertion);
564 abort();
565 }
A mirror of the official openssl repository