From: Rich Salz <rsalz@akamai.com>
Date: Tue, 25 May 2021 18:48:41 +0000 (-0400)
Subject: Add NCONF_get0_libctx()
X-Git-Tag: openssl-3.0.0-beta1~271
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=6b750b89ee9ad3952b1b25e47b848abc8b60e7dd;p=thirdparty%2Fopenssl.git

Add NCONF_get0_libctx()

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15466)
---

diff --git a/crypto/conf/conf_api.c b/crypto/conf/conf_api.c
index e4e305c714f..2d72a6ab32f 100644
--- a/crypto/conf/conf_api.c
+++ b/crypto/conf/conf_api.c
@@ -20,6 +20,11 @@
 static void value_free_hash(const CONF_VALUE *a, LHASH_OF(CONF_VALUE) *conf);
 static void value_free_stack_doall(CONF_VALUE *a);
 
+OSSL_LIB_CTX *NCONF_get0_libctx(CONF *conf)
+{
+    return conf->libctx;
+}
+
 CONF_VALUE *_CONF_get_section(const CONF *conf, const char *section)
 {
     CONF_VALUE vv;
diff --git a/crypto/evp/evp_cnf.c b/crypto/evp/evp_cnf.c
index c13652ca0f0..415712dffa6 100644
--- a/crypto/evp/evp_cnf.c
+++ b/crypto/evp/evp_cnf.c
@@ -46,12 +46,14 @@ static int alg_module_init(CONF_IMODULE *md, const CONF *cnf)
              * fips_mode is deprecated and should not be used in new
              * configurations.
              */
-            if (!EVP_default_properties_enable_fips(cnf->libctx, m > 0)) {
+            if (!EVP_default_properties_enable_fips(NCONF_get0_libctx((CONF *)cnf),
+                        m > 0)) {
                 ERR_raise(ERR_LIB_EVP, EVP_R_SET_DEFAULT_PROPERTY_FAILURE);
                 return 0;
             }
         } else if (strcmp(oval->name, "default_properties") == 0) {
-            if (!evp_set_default_properties_int(cnf->libctx, oval->value, 0, 0)) {
+            if (!evp_set_default_properties_int(NCONF_get0_libctx((CONF *)cnf),
+                        oval->value, 0, 0)) {
                 ERR_raise(ERR_LIB_EVP, EVP_R_SET_DEFAULT_PROPERTY_FAILURE);
                 return 0;
             }
diff --git a/crypto/provider_conf.c b/crypto/provider_conf.c
index 5725ef3c639..977d469808f 100644
--- a/crypto/provider_conf.c
+++ b/crypto/provider_conf.c
@@ -199,7 +199,8 @@ static int provider_conf_init(CONF_IMODULE *md, const CONF *cnf)
 
     for (i = 0; i < sk_CONF_VALUE_num(elist); i++) {
         cval = sk_CONF_VALUE_value(elist, i);
-        if (!provider_conf_load(cnf->libctx, cval->name, cval->value, cnf))
+        if (!provider_conf_load(NCONF_get0_libctx((CONF *)cnf),
+                    cval->name, cval->value, cnf))
             return 0;
     }
 
diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c
index a7a8c705237..a3305b76b4e 100644
--- a/crypto/rand/rand_lib.c
+++ b/crypto/rand/rand_lib.c
@@ -746,7 +746,7 @@ static int random_conf_init(CONF_IMODULE *md, const CONF *cnf)
 {
     STACK_OF(CONF_VALUE) *elist;
     CONF_VALUE *cval;
-    RAND_GLOBAL *dgbl = rand_get_global(cnf->libctx);
+    RAND_GLOBAL *dgbl = rand_get_global(NCONF_get0_libctx((CONF *)cnf));
     int i, r = 1;
 
     OSSL_TRACE1(CONF, "Loading random module: section %s\n",
diff --git a/doc/man3/NCONF_new_ex.pod b/doc/man3/NCONF_new_ex.pod
index 46c2e8c466b..e03c801ce5c 100644
--- a/doc/man3/NCONF_new_ex.pod
+++ b/doc/man3/NCONF_new_ex.pod
@@ -2,7 +2,8 @@
 
 =head1 NAME
 
-NCONF_new_ex, NCONF_new, NCONF_free, NCONF_default, NCONF_load
+NCONF_new_ex, NCONF_new, NCONF_free, NCONF_default, NCONF_load,
+NCONF_get0_libctx
 - functionality to Load and parse configuration files manually
 
 =head1 SYNOPSIS
@@ -14,6 +15,7 @@ NCONF_new_ex, NCONF_new, NCONF_free, NCONF_default, NCONF_load
  void NCONF_free(CONF *conf);
  CONF_METHOD *NCONF_default(void);
  int NCONF_load(CONF *conf, const char *file, long *eline);
+ OSSL_LIB_CTX *NCONF_get0_libctx(CONF *conf);
 
 =head1 DESCRIPTION
 
@@ -32,6 +34,9 @@ the load failed on if they are not NULL.
 
 NCONF_default() gets the default method table for processing a configuration file.
 
+NCONF_get0_libctx() gets the library context associated with the I<conf>
+parameter.
+
 =head1 RETURN VALUES
 
 NCONF_load() returns 1 on success or 0 on error.
diff --git a/include/openssl/conf.h.in b/include/openssl/conf.h.in
index 928b14c28fb..02c15588713 100644
--- a/include/openssl/conf.h.in
+++ b/include/openssl/conf.h.in
@@ -106,6 +106,7 @@ OSSL_DEPRECATEDIN_1_1_0 void OPENSSL_config(const char *config_name);
  */
 
 CONF *NCONF_new_ex(OSSL_LIB_CTX *libctx, CONF_METHOD *meth);
+OSSL_LIB_CTX *NCONF_get0_libctx(CONF *conf);
 CONF *NCONF_new(CONF_METHOD *meth);
 CONF_METHOD *NCONF_default(void);
 #ifndef OPENSSL_NO_DEPRECATED_3_0
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 3d44181f227..b086a829f99 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -5418,3 +5418,4 @@ EVP_MAC_CTX_get_block_size              5545	3_0_0	EXIST::FUNCTION:
 BIO_debug_callback_ex                   5546	3_0_0	EXIST::FUNCTION:
 b2i_PVK_bio_ex                          5547	3_0_0	EXIST::FUNCTION:
 i2b_PVK_bio_ex                          5548	3_0_0	EXIST::FUNCTION:
+NCONF_get0_libctx                       5547	3_0_0	EXIST::FUNCTION: