2
0

ex_data.c 13 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468
  1. /*
  2. * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include "internal/cryptlib_int.h"
  10. #include "internal/thread_once.h"
  11. int do_ex_data_init(OPENSSL_CTX *ctx)
  12. {
  13. OSSL_EX_DATA_GLOBAL *global = openssl_ctx_get_ex_data_global(ctx);
  14. if (global == NULL)
  15. return 0;
  16. global->ex_data_lock = CRYPTO_THREAD_lock_new();
  17. return global->ex_data_lock != NULL;
  18. }
  19. /*
  20. * Return the EX_CALLBACKS from the |ex_data| array that corresponds to
  21. * a given class. On success, *holds the lock.*
  22. */
  23. static EX_CALLBACKS *get_and_lock(OPENSSL_CTX *ctx, int class_index)
  24. {
  25. EX_CALLBACKS *ip;
  26. OSSL_EX_DATA_GLOBAL *global = NULL;
  27. if (class_index < 0 || class_index >= CRYPTO_EX_INDEX__COUNT) {
  28. CRYPTOerr(CRYPTO_F_GET_AND_LOCK, ERR_R_PASSED_INVALID_ARGUMENT);
  29. return NULL;
  30. }
  31. global = openssl_ctx_get_ex_data_global(ctx);
  32. if (global->ex_data_lock == NULL) {
  33. /*
  34. * This can happen in normal operation when using CRYPTO_mem_leaks().
  35. * The CRYPTO_mem_leaks() function calls OPENSSL_cleanup() which cleans
  36. * up the locks. Subsequently the BIO that CRYPTO_mem_leaks() uses gets
  37. * freed, which also attempts to free the ex_data. However
  38. * CRYPTO_mem_leaks() ensures that the ex_data is freed early (i.e.
  39. * before OPENSSL_cleanup() is called), so if we get here we can safely
  40. * ignore this operation. We just treat it as an error.
  41. */
  42. return NULL;
  43. }
  44. ip = &global->ex_data[class_index];
  45. CRYPTO_THREAD_write_lock(global->ex_data_lock);
  46. return ip;
  47. }
  48. static void cleanup_cb(EX_CALLBACK *funcs)
  49. {
  50. OPENSSL_free(funcs);
  51. }
  52. /*
  53. * Release all "ex_data" state to prevent memory leaks. This can't be made
  54. * thread-safe without overhauling a lot of stuff, and shouldn't really be
  55. * called under potential race-conditions anyway (it's for program shutdown
  56. * after all).
  57. */
  58. void crypto_cleanup_all_ex_data_int(OPENSSL_CTX *ctx)
  59. {
  60. int i;
  61. OSSL_EX_DATA_GLOBAL *global = openssl_ctx_get_ex_data_global(ctx);
  62. if (global == NULL)
  63. return;
  64. for (i = 0; i < CRYPTO_EX_INDEX__COUNT; ++i) {
  65. EX_CALLBACKS *ip = &global->ex_data[i];
  66. sk_EX_CALLBACK_pop_free(ip->meth, cleanup_cb);
  67. ip->meth = NULL;
  68. }
  69. CRYPTO_THREAD_lock_free(global->ex_data_lock);
  70. global->ex_data_lock = NULL;
  71. }
  72. /*
  73. * Unregister a new index by replacing the callbacks with no-ops.
  74. * Any in-use instances are leaked.
  75. */
  76. static void dummy_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx,
  77. long argl, void *argp)
  78. {
  79. }
  80. static void dummy_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx,
  81. long argl, void *argp)
  82. {
  83. }
  84. static int dummy_dup(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from,
  85. void *from_d, int idx,
  86. long argl, void *argp)
  87. {
  88. return 1;
  89. }
  90. int crypto_free_ex_index_ex(OPENSSL_CTX *ctx, int class_index, int idx)
  91. {
  92. EX_CALLBACKS *ip = get_and_lock(ctx, class_index);
  93. EX_CALLBACK *a;
  94. int toret = 0;
  95. OSSL_EX_DATA_GLOBAL *global = openssl_ctx_get_ex_data_global(ctx);
  96. if (global == NULL)
  97. return 0;
  98. ip = get_and_lock(ctx, class_index);
  99. if (ip == NULL)
  100. return 0;
  101. if (idx < 0 || idx >= sk_EX_CALLBACK_num(ip->meth))
  102. goto err;
  103. a = sk_EX_CALLBACK_value(ip->meth, idx);
  104. if (a == NULL)
  105. goto err;
  106. a->new_func = dummy_new;
  107. a->dup_func = dummy_dup;
  108. a->free_func = dummy_free;
  109. toret = 1;
  110. err:
  111. CRYPTO_THREAD_unlock(global->ex_data_lock);
  112. return toret;
  113. }
  114. int CRYPTO_free_ex_index(int class_index, int idx)
  115. {
  116. return crypto_free_ex_index_ex(NULL, class_index, idx);
  117. }
  118. /*
  119. * Register a new index.
  120. */
  121. int crypto_get_ex_new_index_ex(OPENSSL_CTX *ctx, int class_index, long argl,
  122. void *argp, CRYPTO_EX_new *new_func,
  123. CRYPTO_EX_dup *dup_func,
  124. CRYPTO_EX_free *free_func)
  125. {
  126. int toret = -1;
  127. EX_CALLBACK *a;
  128. EX_CALLBACKS *ip;
  129. OSSL_EX_DATA_GLOBAL *global = openssl_ctx_get_ex_data_global(ctx);
  130. if (global == NULL)
  131. return -1;
  132. ip = get_and_lock(ctx, class_index);
  133. if (ip == NULL)
  134. return -1;
  135. if (ip->meth == NULL) {
  136. ip->meth = sk_EX_CALLBACK_new_null();
  137. /* We push an initial value on the stack because the SSL
  138. * "app_data" routines use ex_data index zero. See RT 3710. */
  139. if (ip->meth == NULL
  140. || !sk_EX_CALLBACK_push(ip->meth, NULL)) {
  141. CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX_EX, ERR_R_MALLOC_FAILURE);
  142. goto err;
  143. }
  144. }
  145. a = (EX_CALLBACK *)OPENSSL_malloc(sizeof(*a));
  146. if (a == NULL) {
  147. CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX_EX, ERR_R_MALLOC_FAILURE);
  148. goto err;
  149. }
  150. a->argl = argl;
  151. a->argp = argp;
  152. a->new_func = new_func;
  153. a->dup_func = dup_func;
  154. a->free_func = free_func;
  155. if (!sk_EX_CALLBACK_push(ip->meth, NULL)) {
  156. CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX_EX, ERR_R_MALLOC_FAILURE);
  157. OPENSSL_free(a);
  158. goto err;
  159. }
  160. toret = sk_EX_CALLBACK_num(ip->meth) - 1;
  161. (void)sk_EX_CALLBACK_set(ip->meth, toret, a);
  162. err:
  163. CRYPTO_THREAD_unlock(global->ex_data_lock);
  164. return toret;
  165. }
  166. int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp,
  167. CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
  168. CRYPTO_EX_free *free_func)
  169. {
  170. return crypto_get_ex_new_index_ex(NULL, class_index, argl, argp, new_func,
  171. dup_func, free_func);
  172. }
  173. /*
  174. * Initialise a new CRYPTO_EX_DATA for use in a particular class - including
  175. * calling new() callbacks for each index in the class used by this variable
  176. * Thread-safe by copying a class's array of "EX_CALLBACK" entries
  177. * in the lock, then using them outside the lock. Note this only applies
  178. * to the global "ex_data" state (ie. class definitions), not 'ad' itself.
  179. */
  180. int crypto_new_ex_data_ex(OPENSSL_CTX *ctx, int class_index, void *obj,
  181. CRYPTO_EX_DATA *ad)
  182. {
  183. int mx, i;
  184. void *ptr;
  185. EX_CALLBACK **storage = NULL;
  186. EX_CALLBACK *stack[10];
  187. EX_CALLBACKS *ip;
  188. OSSL_EX_DATA_GLOBAL *global = openssl_ctx_get_ex_data_global(ctx);
  189. if (global == NULL)
  190. return 0;
  191. ip = get_and_lock(ctx, class_index);
  192. if (ip == NULL)
  193. return 0;
  194. ad->ctx = ctx;
  195. ad->sk = NULL;
  196. mx = sk_EX_CALLBACK_num(ip->meth);
  197. if (mx > 0) {
  198. if (mx < (int)OSSL_NELEM(stack))
  199. storage = stack;
  200. else
  201. storage = OPENSSL_malloc(sizeof(*storage) * mx);
  202. if (storage != NULL)
  203. for (i = 0; i < mx; i++)
  204. storage[i] = sk_EX_CALLBACK_value(ip->meth, i);
  205. }
  206. CRYPTO_THREAD_unlock(global->ex_data_lock);
  207. if (mx > 0 && storage == NULL) {
  208. CRYPTOerr(CRYPTO_F_CRYPTO_NEW_EX_DATA_EX, ERR_R_MALLOC_FAILURE);
  209. return 0;
  210. }
  211. for (i = 0; i < mx; i++) {
  212. if (storage[i] != NULL && storage[i]->new_func != NULL) {
  213. ptr = CRYPTO_get_ex_data(ad, i);
  214. storage[i]->new_func(obj, ptr, ad, i,
  215. storage[i]->argl, storage[i]->argp);
  216. }
  217. }
  218. if (storage != stack)
  219. OPENSSL_free(storage);
  220. return 1;
  221. }
  222. int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
  223. {
  224. return crypto_new_ex_data_ex(NULL, class_index, obj, ad);
  225. }
  226. /*
  227. * Duplicate a CRYPTO_EX_DATA variable - including calling dup() callbacks
  228. * for each index in the class used by this variable
  229. */
  230. int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to,
  231. const CRYPTO_EX_DATA *from)
  232. {
  233. int mx, j, i;
  234. void *ptr;
  235. EX_CALLBACK *stack[10];
  236. EX_CALLBACK **storage = NULL;
  237. EX_CALLBACKS *ip;
  238. int toret = 0;
  239. OSSL_EX_DATA_GLOBAL *global = openssl_ctx_get_ex_data_global(from->ctx);
  240. if (global == NULL)
  241. return 0;
  242. to->ctx = from->ctx;
  243. if (from->sk == NULL)
  244. /* Nothing to copy over */
  245. return 1;
  246. if ((ip = get_and_lock(from->ctx, class_index)) == NULL)
  247. return 0;
  248. mx = sk_EX_CALLBACK_num(ip->meth);
  249. j = sk_void_num(from->sk);
  250. if (j < mx)
  251. mx = j;
  252. if (mx > 0) {
  253. if (mx < (int)OSSL_NELEM(stack))
  254. storage = stack;
  255. else
  256. storage = OPENSSL_malloc(sizeof(*storage) * mx);
  257. if (storage != NULL)
  258. for (i = 0; i < mx; i++)
  259. storage[i] = sk_EX_CALLBACK_value(ip->meth, i);
  260. }
  261. CRYPTO_THREAD_unlock(global->ex_data_lock);
  262. if (mx == 0)
  263. return 1;
  264. if (storage == NULL) {
  265. CRYPTOerr(CRYPTO_F_CRYPTO_DUP_EX_DATA, ERR_R_MALLOC_FAILURE);
  266. return 0;
  267. }
  268. /*
  269. * Make sure the ex_data stack is at least |mx| elements long to avoid
  270. * issues in the for loop that follows; so go get the |mx|'th element
  271. * (if it does not exist CRYPTO_get_ex_data() returns NULL), and assign
  272. * to itself. This is normally a no-op; but ensures the stack is the
  273. * proper size
  274. */
  275. if (!CRYPTO_set_ex_data(to, mx - 1, CRYPTO_get_ex_data(to, mx - 1)))
  276. goto err;
  277. for (i = 0; i < mx; i++) {
  278. ptr = CRYPTO_get_ex_data(from, i);
  279. if (storage[i] != NULL && storage[i]->dup_func != NULL)
  280. if (!storage[i]->dup_func(to, from, &ptr, i,
  281. storage[i]->argl, storage[i]->argp))
  282. goto err;
  283. CRYPTO_set_ex_data(to, i, ptr);
  284. }
  285. toret = 1;
  286. err:
  287. if (storage != stack)
  288. OPENSSL_free(storage);
  289. return toret;
  290. }
  291. /*
  292. * Cleanup a CRYPTO_EX_DATA variable - including calling free() callbacks for
  293. * each index in the class used by this variable
  294. */
  295. void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
  296. {
  297. int mx, i;
  298. EX_CALLBACKS *ip;
  299. void *ptr;
  300. EX_CALLBACK *f;
  301. EX_CALLBACK *stack[10];
  302. EX_CALLBACK **storage = NULL;
  303. OSSL_EX_DATA_GLOBAL *global;
  304. if ((ip = get_and_lock(ad->ctx, class_index)) == NULL)
  305. goto err;
  306. global = openssl_ctx_get_ex_data_global(ad->ctx);
  307. if (global == NULL)
  308. goto err;
  309. mx = sk_EX_CALLBACK_num(ip->meth);
  310. if (mx > 0) {
  311. if (mx < (int)OSSL_NELEM(stack))
  312. storage = stack;
  313. else
  314. storage = OPENSSL_malloc(sizeof(*storage) * mx);
  315. if (storage != NULL)
  316. for (i = 0; i < mx; i++)
  317. storage[i] = sk_EX_CALLBACK_value(ip->meth, i);
  318. }
  319. CRYPTO_THREAD_unlock(global->ex_data_lock);
  320. for (i = 0; i < mx; i++) {
  321. if (storage != NULL)
  322. f = storage[i];
  323. else {
  324. CRYPTO_THREAD_write_lock(global->ex_data_lock);
  325. f = sk_EX_CALLBACK_value(ip->meth, i);
  326. CRYPTO_THREAD_unlock(global->ex_data_lock);
  327. }
  328. if (f != NULL && f->free_func != NULL) {
  329. ptr = CRYPTO_get_ex_data(ad, i);
  330. f->free_func(obj, ptr, ad, i, f->argl, f->argp);
  331. }
  332. }
  333. if (storage != stack)
  334. OPENSSL_free(storage);
  335. err:
  336. sk_void_free(ad->sk);
  337. ad->sk = NULL;
  338. ad->ctx = NULL;
  339. }
  340. /*
  341. * Allocate a given CRYPTO_EX_DATA item using the class specific allocation
  342. * function
  343. */
  344. int CRYPTO_alloc_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad,
  345. int idx)
  346. {
  347. EX_CALLBACK *f;
  348. EX_CALLBACKS *ip;
  349. void *curval;
  350. OSSL_EX_DATA_GLOBAL *global = openssl_ctx_get_ex_data_global(ad->ctx);
  351. if (global == NULL)
  352. return 0;
  353. curval = CRYPTO_get_ex_data(ad, idx);
  354. /* Already there, no need to allocate */
  355. if (curval != NULL)
  356. return 1;
  357. ip = get_and_lock(ad->ctx, class_index);
  358. if (ip == NULL)
  359. return 0;
  360. f = sk_EX_CALLBACK_value(ip->meth, idx);
  361. CRYPTO_THREAD_unlock(global->ex_data_lock);
  362. /*
  363. * This should end up calling CRYPTO_set_ex_data(), which allocates
  364. * everything necessary to support placing the new data in the right spot.
  365. */
  366. if (f->new_func == NULL)
  367. return 0;
  368. f->new_func(obj, curval, ad, idx, f->argl, f->argp);
  369. return 1;
  370. }
  371. /*
  372. * For a given CRYPTO_EX_DATA variable, set the value corresponding to a
  373. * particular index in the class used by this variable
  374. */
  375. int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val)
  376. {
  377. int i;
  378. if (ad->sk == NULL) {
  379. if ((ad->sk = sk_void_new_null()) == NULL) {
  380. CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA, ERR_R_MALLOC_FAILURE);
  381. return 0;
  382. }
  383. }
  384. for (i = sk_void_num(ad->sk); i <= idx; ++i) {
  385. if (!sk_void_push(ad->sk, NULL)) {
  386. CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA, ERR_R_MALLOC_FAILURE);
  387. return 0;
  388. }
  389. }
  390. sk_void_set(ad->sk, idx, val);
  391. return 1;
  392. }
  393. /*
  394. * For a given CRYPTO_EX_DATA_ variable, get the value corresponding to a
  395. * particular index in the class used by this variable
  396. */
  397. void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad, int idx)
  398. {
  399. if (ad->sk == NULL || idx >= sk_void_num(ad->sk))
  400. return NULL;
  401. return sk_void_value(ad->sk, idx);
  402. }
  403. OPENSSL_CTX *crypto_ex_data_get_openssl_ctx(const CRYPTO_EX_DATA *ad)
  404. {
  405. return ad->ctx;
  406. }