git.ipfire.org Git - thirdparty/openssl.git/commit

author	Matt Caswell <matt@openssl.org>
	Thu, 7 Aug 2025 16:50:17 +0000 (17:50 +0100)
committer	Tomas Mraz <tomas@openssl.org>
	Thu, 21 Aug 2025 12:42:17 +0000 (14:42 +0200)
commit	2374efa321a6bdfc9ca2e5982ea4b96cf6e0799e
tree	0d88a2a68c118e563fce5d8e334d55b5518c6f78	tree \| snapshot
parent	f015c74c56f818d0bdf1e721e2ebec1345f9a232	commit \| diff

Don't keep the store open in by_store_ctrl_ex

Previously #27529 made a change to `by_store_ctrl_ex` in order to open
the OSSL_STORE early. The reason given in that PR is:

"This way, we can call OSSL_STORE_open_ex() in by_store_ctrl_ex(), and
get to see possible errors when the URI is loaded"

That PR then kept the store open until cache_objects is called and then
reused it. Unfortunately by the time cache_objects() is called we could be
in a multi-threaded scenario where the X509_STORE is being shared by
multiple threads. We then get a race condition where multiple threads are
all using (and ultimately closing) the same `OSSL_STORE_CTX`.

The purpose of keeping the `OSSL_STORE` object between by_store_ctrl_ex()
and `cache_objects` is presumably an optimisation to avoid having to open
the store twice. But this does not work because of the above issue.

We just take the hit and open it again.

Fixes #28171

Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28198)

(cherry picked from commit 08951fb27306ad9b4365103b8616b8545658ffcc)