From: Dmitry Belyavskiy <beldmit@gmail.com>
Date: Wed, 5 Feb 2025 19:58:06 +0000 (+0100)
Subject: Filter provider should return proper provctx
X-Git-Tag: openssl-3.5.0-alpha1~634
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=29d02206f387cdc1f9c3091239c0bdfc23fe3610;p=thirdparty%2Fopenssl.git

Filter provider should return proper provctx

...instead of the default one
Signed-off-by: Dmitry Belyavskiy <beldmit@gmail.com>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26542)
---

diff --git a/test/build.info b/test/build.info
index fdc03b2f53d..13431580d13 100644
--- a/test/build.info
+++ b/test/build.info
@@ -546,7 +546,7 @@ IF[{- !$disabled{tests} -}]
   DEPEND[param_build_test]=../libcrypto.a libtestutil.a
 
   SOURCE[sslapitest]=sslapitest.c helpers/ssltestlib.c filterprov.c tls-provider.c
-  INCLUDE[sslapitest]=../include ../apps/include ..
+  INCLUDE[sslapitest]=../include ../apps/include ../providers/common/include ..
   DEPEND[sslapitest]=../libcrypto.a ../libssl.a libtestutil.a
 
   SOURCE[ssl_handshake_rtt_test]=ssl_handshake_rtt_test.c helpers/ssltestlib.c
diff --git a/test/filterprov.c b/test/filterprov.c
index ea6583be1b5..140ff71a86a 100644
--- a/test/filterprov.c
+++ b/test/filterprov.c
@@ -14,10 +14,12 @@
 
 #include <string.h>
 #include <openssl/core.h>
+#include <openssl/core_dispatch.h>
 #include <openssl/provider.h>
 #include <openssl/crypto.h>
 #include "testutil.h"
 #include "filterprov.h"
+#include "prov/bio.h"
 
 #define MAX_FILTERS     10
 #define MAX_ALG_FILTERS 5
@@ -118,6 +120,8 @@ static void filter_teardown(void *provctx)
     OSSL_PROVIDER_unload(globs->deflt);
     OSSL_LIB_CTX_free(globs->libctx);
     memset(globs, 0, sizeof(*globs));
+    BIO_meth_free(ossl_prov_ctx_get0_core_bio_method(provctx));
+    ossl_prov_ctx_free(provctx);
 }
 
 /* Functions we provide to the core */
@@ -136,6 +140,25 @@ int filter_provider_init(const OSSL_CORE_HANDLE *handle,
                          const OSSL_DISPATCH **out,
                          void **provctx)
 {
+    OSSL_FUNC_core_get_libctx_fn *c_get_libctx = NULL;
+    BIO_METHOD *corebiometh;
+
+    if (!ossl_prov_bio_from_dispatch(in))
+        return 0;
+    for (; in->function_id != 0; in++) {
+        switch (in->function_id) {
+        case OSSL_FUNC_CORE_GET_LIBCTX:
+            c_get_libctx = OSSL_FUNC_core_get_libctx(in);
+            break;
+        default:
+            /* Just ignore anything we don't understand */
+            break;
+        }
+    }
+
+    if (c_get_libctx == NULL)
+        return 0;
+
     memset(&ourglobals, 0, sizeof(ourglobals));
     ourglobals.libctx = OSSL_LIB_CTX_new();
     if (ourglobals.libctx == NULL)
@@ -145,7 +168,23 @@ int filter_provider_init(const OSSL_CORE_HANDLE *handle,
     if (ourglobals.deflt == NULL)
         goto err;
 
-    *provctx = OSSL_PROVIDER_get0_provider_ctx(ourglobals.deflt);
+    /*
+     * We want to make sure that all calls from this provider that requires
+     * a library context use the same context as the one used to call our
+     * functions.  We do that by passing it along in the provider context.
+     *
+     * This only works for built-in providers.  Most providers should
+     * create their own library context.
+     */
+    if ((*provctx = ossl_prov_ctx_new()) == NULL
+            || (corebiometh = ossl_bio_prov_init_bio_method()) == NULL) {
+        ossl_prov_ctx_free(*provctx);
+        *provctx = NULL;
+        goto err;
+    }
+    ossl_prov_ctx_set0_libctx(*provctx, (OSSL_LIB_CTX *)c_get_libctx(handle));
+    ossl_prov_ctx_set0_handle(*provctx, handle);
+    ossl_prov_ctx_set0_core_bio_method(*provctx, corebiometh);
     *out = filter_dispatch_table;
     return 1;