6 * This code is now *mostly* thread-safe. It is now easier to understand in what
7 * ways it is safe and in what ways it is not, which is an improvement. Firstly,
8 * all per-class stacks and index-counters for ex_data are stored in the same
9 * global LHASH table (keyed by class). This hash table uses locking for all
10 * access with the exception of CRYPTO_cleanup_all_ex_data(), which must only be
11 * called when no other threads can possibly race against it (even if it was
12 * locked, the race would mean it's possible the hash table might have been
13 * recreated after the cleanup). As classes can only be added to the hash table,
14 * and within each class, the stack of methods can only be incremented, the
15 * locking mechanics are simpler than they would otherwise be. For example, the
16 * new/dup/free ex_data functions will lock the hash table, copy the method
17 * pointers it needs from the relevant class, then unlock the hash table before
18 * actually applying those method pointers to the task of the new/dup/free
19 * operations. As they can't be removed from the method-stack, only
20 * supplemented, there's no race conditions associated with using them outside
21 * the lock. The get/set_ex_data functions are not locked because they do not
22 * involve this global state at all - they operate directly with a previously
23 * obtained per-class method index and a particular "ex_data" variable. These
24 * variables are usually instantiated per-context (eg. each RSA structure has
25 * one) so locking on read/write access to that variable can be locked locally
26 * if required (eg. using the "RSA" lock to synchronise access to a
27 * per-RSA-structure ex_data variable if required).
31 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
32 * All rights reserved.
34 * This package is an SSL implementation written
35 * by Eric Young (eay@cryptsoft.com).
36 * The implementation was written so as to conform with Netscapes SSL.
38 * This library is free for commercial and non-commercial use as long as
39 * the following conditions are aheared to. The following conditions
40 * apply to all code found in this distribution, be it the RC4, RSA,
41 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
42 * included with this distribution is covered by the same copyright terms
43 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
45 * Copyright remains Eric Young's, and as such any Copyright notices in
46 * the code are not to be removed.
47 * If this package is used in a product, Eric Young should be given attribution
48 * as the author of the parts of the library used.
49 * This can be in the form of a textual message at program startup or
50 * in documentation (online or textual) provided with the package.
52 * Redistribution and use in source and binary forms, with or without
53 * modification, are permitted provided that the following conditions
55 * 1. Redistributions of source code must retain the copyright
56 * notice, this list of conditions and the following disclaimer.
57 * 2. Redistributions in binary form must reproduce the above copyright
58 * notice, this list of conditions and the following disclaimer in the
59 * documentation and/or other materials provided with the distribution.
60 * 3. All advertising materials mentioning features or use of this software
61 * must display the following acknowledgement:
62 * "This product includes cryptographic software written by
63 * Eric Young (eay@cryptsoft.com)"
64 * The word 'cryptographic' can be left out if the rouines from the library
65 * being used are not cryptographic related :-).
66 * 4. If you include any Windows specific code (or a derivative thereof) from
67 * the apps directory (application code) you must include an acknowledgement:
68 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
70 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
71 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
72 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
73 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
74 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
75 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
76 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
77 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
78 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
79 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
82 * The licence and distribution terms for any publically available version or
83 * derivative of this code cannot be changed. i.e. this code cannot simply be
84 * copied and put under another distribution licence
85 * [including the GNU Public Licence.]
87 /* ====================================================================
88 * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
90 * Redistribution and use in source and binary forms, with or without
91 * modification, are permitted provided that the following conditions
94 * 1. Redistributions of source code must retain the above copyright
95 * notice, this list of conditions and the following disclaimer.
97 * 2. Redistributions in binary form must reproduce the above copyright
98 * notice, this list of conditions and the following disclaimer in
99 * the documentation and/or other materials provided with the
102 * 3. All advertising materials mentioning features or use of this
103 * software must display the following acknowledgment:
104 * "This product includes software developed by the OpenSSL Project
105 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
107 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
108 * endorse or promote products derived from this software without
109 * prior written permission. For written permission, please contact
110 * openssl-core@openssl.org.
112 * 5. Products derived from this software may not be called "OpenSSL"
113 * nor may "OpenSSL" appear in their names without prior written
114 * permission of the OpenSSL Project.
116 * 6. Redistributions of any form whatsoever must retain the following
118 * "This product includes software developed by the OpenSSL Project
119 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
121 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
122 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
123 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
124 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
125 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
126 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
127 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
128 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
129 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
130 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
131 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
132 * OF THE POSSIBILITY OF SUCH DAMAGE.
133 * ====================================================================
135 * This product includes cryptographic software written by Eric Young
136 * (eay@cryptsoft.com). This product includes software written by Tim
137 * Hudson (tjh@cryptsoft.com).
141 #include "cryptlib.h"
142 #include <openssl/lhash.h>
144 /* What an "implementation of ex_data functionality" looks like */
145 struct st_CRYPTO_EX_DATA_IMPL
147 /*********************/
148 /* GLOBAL OPERATIONS */
149 /* Return a new class index */
150 int (*cb_new_class
)(void);
151 /* Cleanup all state used by the implementation */
152 void (*cb_cleanup
)(void);
153 /************************/
154 /* PER-CLASS OPERATIONS */
155 /* Get a new method index within a class */
156 int (*cb_get_new_index
)(int class_index
, long argl
, void *argp
,
157 CRYPTO_EX_new
*new_func
, CRYPTO_EX_dup
*dup_func
,
158 CRYPTO_EX_free
*free_func
);
159 /* Initialise a new CRYPTO_EX_DATA of a given class */
160 int (*cb_new_ex_data
)(int class_index
, void *obj
,
162 /* Duplicate a CRYPTO_EX_DATA of a given class onto a copy */
163 int (*cb_dup_ex_data
)(int class_index
, CRYPTO_EX_DATA
*to
,
164 CRYPTO_EX_DATA
*from
);
165 /* Cleanup a CRYPTO_EX_DATA of a given class */
166 void (*cb_free_ex_data
)(int class_index
, void *obj
,
170 /* The implementation we use at run-time */
171 static const CRYPTO_EX_DATA_IMPL
*impl
= NULL
;
173 /* To call "impl" functions, use this macro rather than referring to 'impl' directly, eg.
174 * EX_IMPL(get_new_index)(...); */
175 #define EX_IMPL(a) impl->cb_##a
177 /* Predeclare the "default" ex_data implementation */
178 static int int_new_class(void);
179 static void int_cleanup(void);
180 static int int_get_new_index(int class_index
, long argl
, void *argp
,
181 CRYPTO_EX_new
*new_func
, CRYPTO_EX_dup
*dup_func
,
182 CRYPTO_EX_free
*free_func
);
183 static int int_new_ex_data(int class_index
, void *obj
,
185 static int int_dup_ex_data(int class_index
, CRYPTO_EX_DATA
*to
,
186 CRYPTO_EX_DATA
*from
);
187 static void int_free_ex_data(int class_index
, void *obj
,
189 static CRYPTO_EX_DATA_IMPL impl_default
=
199 /* Internal function that checks whether "impl" is set and if not, sets it to
201 static void impl_check(void)
203 CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA
);
205 impl
= &impl_default
;
206 CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA
);
208 /* A macro wrapper for impl_check that first uses a non-locked test before
209 * invoking the function (which checks again inside a lock). */
210 #define IMPL_CHECK if(!impl) impl_check();
212 /* API functions to get/set the "ex_data" implementation */
213 const CRYPTO_EX_DATA_IMPL
*CRYPTO_get_ex_data_implementation(void)
218 int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL
*i
)
221 CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA
);
227 CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA
);
231 /****************************************************************************/
232 /* Interal (default) implementation of "ex_data" support. API functions are
235 /* The type that represents what each "class" used to implement locally. A STACK
236 * of CRYPTO_EX_DATA_FUNCS plus a index-counter. The 'class_index' is the global
237 * value representing the class that is used to distinguish these items. */
238 typedef struct st_ex_class_item
{
240 STACK_OF(CRYPTO_EX_DATA_FUNCS
) *meth
;
244 /* When assigning new class indexes, this is our counter */
245 static int ex_class
= CRYPTO_EX_INDEX_USER
;
247 /* The global hash table of EX_CLASS_ITEM items */
248 static LHASH
*ex_data
= NULL
;
250 /* The callbacks required in the "ex_data" hash table */
251 static unsigned long ex_hash_cb(const void *a_void
)
253 return ((const EX_CLASS_ITEM
*)a_void
)->class_index
;
255 static int ex_cmp_cb(const void *a_void
, const void *b_void
)
257 return (((const EX_CLASS_ITEM
*)a_void
)->class_index
-
258 ((const EX_CLASS_ITEM
*)b_void
)->class_index
);
261 /* Internal functions used by the "impl_default" implementation to access the
264 static int ex_data_check(void)
267 CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA
);
268 if(!ex_data
&& ((ex_data
= lh_new(ex_hash_cb
, ex_cmp_cb
)) == NULL
))
270 CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA
);
273 /* This macros helps reduce the locking from repeated checks because the
274 * ex_data_check() function checks ex_data again inside a lock. */
275 #define EX_DATA_CHECK(iffail) if(!ex_data && !ex_data_check()) {iffail}
277 /* This "inner" callback is used by the callback function that follows it */
278 static void def_cleanup_util_cb(CRYPTO_EX_DATA_FUNCS
*funcs
)
283 /* This callback is used in lh_doall to destroy all EX_CLASS_ITEM values from
284 * "ex_data" prior to the ex_data hash table being itself destroyed. Doesn't do
286 static void def_cleanup_cb(void *a_void
)
288 EX_CLASS_ITEM
*item
= (EX_CLASS_ITEM
*)a_void
;
289 sk_CRYPTO_EX_DATA_FUNCS_pop_free(item
->meth
, def_cleanup_util_cb
);
293 /* Return the EX_CLASS_ITEM from the "ex_data" hash table that corresponds to a
294 * given class. Handles locking. */
295 static EX_CLASS_ITEM
*def_get_class(int class_index
)
297 EX_CLASS_ITEM d
, *p
, *gen
;
298 EX_DATA_CHECK(return NULL
;)
299 d
.class_index
= class_index
;
300 CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA
);
301 p
= lh_retrieve(ex_data
, &d
);
304 gen
= OPENSSL_malloc(sizeof(EX_CLASS_ITEM
));
307 gen
->class_index
= class_index
;
309 gen
->meth
= sk_CRYPTO_EX_DATA_FUNCS_new_null();
314 /* Because we're inside the ex_data lock, the
315 * return value from the insert will be NULL */
316 lh_insert(ex_data
, gen
);
321 CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA
);
323 CRYPTOerr(CRYPTO_F_DEF_GET_CLASS
,ERR_R_MALLOC_FAILURE
);
327 /* Add a new method to the given EX_CLASS_ITEM and return the corresponding
328 * index (or -1 for error). Handles locking. */
329 static int def_add_index(EX_CLASS_ITEM
*item
, long argl
, void *argp
,
330 CRYPTO_EX_new
*new_func
, CRYPTO_EX_dup
*dup_func
,
331 CRYPTO_EX_free
*free_func
)
334 CRYPTO_EX_DATA_FUNCS
*a
= (CRYPTO_EX_DATA_FUNCS
*)OPENSSL_malloc(
335 sizeof(CRYPTO_EX_DATA_FUNCS
));
338 CRYPTOerr(CRYPTO_F_DEF_ADD_INDEX
,ERR_R_MALLOC_FAILURE
);
343 a
->new_func
=new_func
;
344 a
->dup_func
=dup_func
;
345 a
->free_func
=free_func
;
346 CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA
);
347 while (sk_CRYPTO_EX_DATA_FUNCS_num(item
->meth
) <= item
->meth_num
)
349 if (!sk_CRYPTO_EX_DATA_FUNCS_push(item
->meth
, NULL
))
351 CRYPTOerr(CRYPTO_F_DEF_ADD_INDEX
,ERR_R_MALLOC_FAILURE
);
356 toret
= item
->meth_num
++;
357 sk_CRYPTO_EX_DATA_FUNCS_set(item
->meth
, toret
, a
);
359 CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA
);
363 /**************************************************************/
364 /* The functions in the default CRYPTO_EX_DATA_IMPL structure */
366 static int int_new_class(void)
369 CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA
);
371 CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA
);
375 static void int_cleanup(void)
377 EX_DATA_CHECK(return;)
378 lh_doall(ex_data
, def_cleanup_cb
);
384 static int int_get_new_index(int class_index
, long argl
, void *argp
,
385 CRYPTO_EX_new
*new_func
, CRYPTO_EX_dup
*dup_func
,
386 CRYPTO_EX_free
*free_func
)
388 EX_CLASS_ITEM
*item
= def_get_class(class_index
);
391 return def_add_index(item
, argl
, argp
, new_func
, dup_func
, free_func
);
394 /* Thread-safe by copying a class's array of "CRYPTO_EX_DATA_FUNCS" entries in
395 * the lock, then using them outside the lock. NB: Thread-safety only applies to
396 * the global "ex_data" state (ie. class definitions), not thread-safe on 'ad'
398 static int int_new_ex_data(int class_index
, void *obj
,
403 CRYPTO_EX_DATA_FUNCS
**storage
= NULL
;
404 EX_CLASS_ITEM
*item
= def_get_class(class_index
);
406 /* error is already set */
409 CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA
);
410 mx
= sk_CRYPTO_EX_DATA_FUNCS_num(item
->meth
);
413 storage
= OPENSSL_malloc(mx
* sizeof(CRYPTO_EX_DATA_FUNCS
*));
416 for(i
= 0; i
< mx
; i
++)
417 storage
[i
] = sk_CRYPTO_EX_DATA_FUNCS_value(item
->meth
,i
);
420 CRYPTO_r_unlock(CRYPTO_LOCK_EX_DATA
);
421 if((mx
> 0) && !storage
)
423 CRYPTOerr(CRYPTO_F_INT_NEW_EX_DATA
,ERR_R_MALLOC_FAILURE
);
426 for(i
= 0; i
< mx
; i
++)
428 if(storage
[i
] && storage
[i
]->new_func
)
430 ptr
= CRYPTO_get_ex_data(ad
, i
);
431 storage
[i
]->new_func(obj
,ptr
,ad
,i
,
432 storage
[i
]->argl
,storage
[i
]->argp
);
436 OPENSSL_free(storage
);
440 /* Same thread-safety notes as for "int_new_ex_data" */
441 static int int_dup_ex_data(int class_index
, CRYPTO_EX_DATA
*to
,
442 CRYPTO_EX_DATA
*from
)
446 CRYPTO_EX_DATA_FUNCS
**storage
= NULL
;
449 /* 'to' should be "blank" which *is* just like 'from' */
451 if((item
= def_get_class(class_index
)) == NULL
)
453 CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA
);
454 mx
= sk_CRYPTO_EX_DATA_FUNCS_num(item
->meth
);
455 j
= sk_num(from
->sk
);
460 storage
= OPENSSL_malloc(mx
* sizeof(CRYPTO_EX_DATA_FUNCS
*));
463 for(i
= 0; i
< mx
; i
++)
464 storage
[i
] = sk_CRYPTO_EX_DATA_FUNCS_value(item
->meth
,i
);
467 CRYPTO_r_unlock(CRYPTO_LOCK_EX_DATA
);
468 if((mx
> 0) && !storage
)
470 CRYPTOerr(CRYPTO_F_INT_DUP_EX_DATA
,ERR_R_MALLOC_FAILURE
);
473 for(i
= 0; i
< mx
; i
++)
475 ptr
= CRYPTO_get_ex_data(from
, i
);
476 if(storage
[i
] && storage
[i
]->dup_func
)
477 storage
[i
]->dup_func(to
,from
,&ptr
,i
,
478 storage
[i
]->argl
,storage
[i
]->argp
);
479 CRYPTO_set_ex_data(to
,i
,ptr
);
482 OPENSSL_free(storage
);
486 /* Same thread-safety notes as for "int_new_ex_data" */
487 static void int_free_ex_data(int class_index
, void *obj
,
493 CRYPTO_EX_DATA_FUNCS
**storage
= NULL
;
494 if((item
= def_get_class(class_index
)) == NULL
)
496 CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA
);
497 mx
= sk_CRYPTO_EX_DATA_FUNCS_num(item
->meth
);
500 storage
= OPENSSL_malloc(mx
* sizeof(CRYPTO_EX_DATA_FUNCS
*));
503 for(i
= 0; i
< mx
; i
++)
504 storage
[i
] = sk_CRYPTO_EX_DATA_FUNCS_value(item
->meth
,i
);
507 CRYPTO_r_unlock(CRYPTO_LOCK_EX_DATA
);
508 if((mx
> 0) && !storage
)
510 CRYPTOerr(CRYPTO_F_INT_FREE_EX_DATA
,ERR_R_MALLOC_FAILURE
);
513 for(i
= 0; i
< mx
; i
++)
515 if(storage
[i
] && storage
[i
]->free_func
)
517 ptr
= CRYPTO_get_ex_data(ad
,i
);
518 storage
[i
]->free_func(obj
,ptr
,ad
,i
,
519 storage
[i
]->argl
,storage
[i
]->argp
);
523 OPENSSL_free(storage
);
531 /********************************************************************/
532 /* API functions that defer all "state" operations to the "ex_data"
533 * implementation we have set. */
535 /* Obtain an index for a new class (not the same as getting a new index within
536 * an existing class - this is actually getting a new *class*) */
537 int CRYPTO_ex_data_new_class(void)
540 return EX_IMPL(new_class
)();
543 /* Release all "ex_data" state to prevent memory leaks. This can't be made
544 * thread-safe without overhauling a lot of stuff, and shouldn't really be
545 * called under potential race-conditions anyway (it's for program shutdown
547 void CRYPTO_cleanup_all_ex_data(void)
553 /* Inside an existing class, get/register a new index. */
554 int CRYPTO_get_ex_new_index(int class_index
, long argl
, void *argp
,
555 CRYPTO_EX_new
*new_func
, CRYPTO_EX_dup
*dup_func
,
556 CRYPTO_EX_free
*free_func
)
561 ret
= EX_IMPL(get_new_index
)(class_index
,
562 argl
, argp
, new_func
, dup_func
, free_func
);
566 /* Initialise a new CRYPTO_EX_DATA for use in a particular class - including
567 * calling new() callbacks for each index in the class used by this variable */
568 int CRYPTO_new_ex_data(int class_index
, void *obj
, CRYPTO_EX_DATA
*ad
)
571 return EX_IMPL(new_ex_data
)(class_index
, obj
, ad
);
574 /* Duplicate a CRYPTO_EX_DATA variable - including calling dup() callbacks for
575 * each index in the class used by this variable */
576 int CRYPTO_dup_ex_data(int class_index
, CRYPTO_EX_DATA
*to
,
577 CRYPTO_EX_DATA
*from
)
580 return EX_IMPL(dup_ex_data
)(class_index
, to
, from
);
583 /* Cleanup a CRYPTO_EX_DATA variable - including calling free() callbacks for
584 * each index in the class used by this variable */
585 void CRYPTO_free_ex_data(int class_index
, void *obj
, CRYPTO_EX_DATA
*ad
)
588 EX_IMPL(free_ex_data
)(class_index
, obj
, ad
);
591 /* For a given CRYPTO_EX_DATA variable, set the value corresponding to a
592 * particular index in the class used by this variable */
593 int CRYPTO_set_ex_data(CRYPTO_EX_DATA
*ad
, int idx
, void *val
)
599 if ((ad
->sk
=sk_new_null()) == NULL
)
601 CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA
,ERR_R_MALLOC_FAILURE
);
609 if (!sk_push(ad
->sk
,NULL
))
611 CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA
,ERR_R_MALLOC_FAILURE
);
616 sk_set(ad
->sk
,idx
,val
);
620 /* For a given CRYPTO_EX_DATA_ variable, get the value corresponding to a
621 * particular index in the class used by this variable */
622 void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA
*ad
, int idx
)
626 else if (idx
>= sk_num(ad
->sk
))
629 return(sk_value(ad
->sk
,idx
));
632 IMPLEMENT_STACK_OF(CRYPTO_EX_DATA_FUNCS
)