ex_data.c 13 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468
  1. /*
  2. * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include "crypto/cryptlib.h"
  10. #include "internal/thread_once.h"
  11. DEFINE_STACK_OF(void)
  12. int do_ex_data_init(OPENSSL_CTX *ctx)
  13. {
  14. OSSL_EX_DATA_GLOBAL *global = openssl_ctx_get_ex_data_global(ctx);
  15. if (global == NULL)
  16. return 0;
  17. global->ex_data_lock = CRYPTO_THREAD_lock_new();
  18. return global->ex_data_lock != NULL;
  19. }
  20. /*
  21. * Return the EX_CALLBACKS from the |ex_data| array that corresponds to
  22. * a given class. On success, *holds the lock.*
  23. * The |global| parameter is assumed to be non null (checked by the caller).
  24. */
  25. static EX_CALLBACKS *get_and_lock(OSSL_EX_DATA_GLOBAL *global, int class_index)
  26. {
  27. EX_CALLBACKS *ip;
  28. if (class_index < 0 || class_index >= CRYPTO_EX_INDEX__COUNT) {
  29. CRYPTOerr(CRYPTO_F_GET_AND_LOCK, ERR_R_PASSED_INVALID_ARGUMENT);
  30. return NULL;
  31. }
  32. if (global->ex_data_lock == NULL) {
  33. /*
  34. * If we get here, someone (who?) cleaned up the lock, so just
  35. * treat it as an error.
  36. */
  37. return NULL;
  38. }
  39. CRYPTO_THREAD_write_lock(global->ex_data_lock);
  40. ip = &global->ex_data[class_index];
  41. return ip;
  42. }
  43. static void cleanup_cb(EX_CALLBACK *funcs)
  44. {
  45. OPENSSL_free(funcs);
  46. }
  47. /*
  48. * Release all "ex_data" state to prevent memory leaks. This can't be made
  49. * thread-safe without overhauling a lot of stuff, and shouldn't really be
  50. * called under potential race-conditions anyway (it's for program shutdown
  51. * after all).
  52. */
  53. void crypto_cleanup_all_ex_data_int(OPENSSL_CTX *ctx)
  54. {
  55. int i;
  56. OSSL_EX_DATA_GLOBAL *global = openssl_ctx_get_ex_data_global(ctx);
  57. if (global == NULL)
  58. return;
  59. for (i = 0; i < CRYPTO_EX_INDEX__COUNT; ++i) {
  60. EX_CALLBACKS *ip = &global->ex_data[i];
  61. sk_EX_CALLBACK_pop_free(ip->meth, cleanup_cb);
  62. ip->meth = NULL;
  63. }
  64. CRYPTO_THREAD_lock_free(global->ex_data_lock);
  65. global->ex_data_lock = NULL;
  66. }
  67. /*
  68. * Unregister a new index by replacing the callbacks with no-ops.
  69. * Any in-use instances are leaked.
  70. */
  71. static void dummy_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx,
  72. long argl, void *argp)
  73. {
  74. }
  75. static void dummy_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx,
  76. long argl, void *argp)
  77. {
  78. }
  79. static int dummy_dup(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from,
  80. void **from_d, int idx,
  81. long argl, void *argp)
  82. {
  83. return 1;
  84. }
  85. int crypto_free_ex_index_ex(OPENSSL_CTX *ctx, int class_index, int idx)
  86. {
  87. EX_CALLBACKS *ip;
  88. EX_CALLBACK *a;
  89. int toret = 0;
  90. OSSL_EX_DATA_GLOBAL *global = openssl_ctx_get_ex_data_global(ctx);
  91. if (global == NULL)
  92. return 0;
  93. ip = get_and_lock(global, class_index);
  94. if (ip == NULL)
  95. return 0;
  96. if (idx < 0 || idx >= sk_EX_CALLBACK_num(ip->meth))
  97. goto err;
  98. a = sk_EX_CALLBACK_value(ip->meth, idx);
  99. if (a == NULL)
  100. goto err;
  101. a->new_func = dummy_new;
  102. a->dup_func = dummy_dup;
  103. a->free_func = dummy_free;
  104. toret = 1;
  105. err:
  106. CRYPTO_THREAD_unlock(global->ex_data_lock);
  107. return toret;
  108. }
  109. int CRYPTO_free_ex_index(int class_index, int idx)
  110. {
  111. return crypto_free_ex_index_ex(NULL, class_index, idx);
  112. }
  113. /*
  114. * Register a new index.
  115. */
  116. int crypto_get_ex_new_index_ex(OPENSSL_CTX *ctx, int class_index, long argl,
  117. void *argp, CRYPTO_EX_new *new_func,
  118. CRYPTO_EX_dup *dup_func,
  119. CRYPTO_EX_free *free_func)
  120. {
  121. int toret = -1;
  122. EX_CALLBACK *a;
  123. EX_CALLBACKS *ip;
  124. OSSL_EX_DATA_GLOBAL *global = openssl_ctx_get_ex_data_global(ctx);
  125. if (global == NULL)
  126. return -1;
  127. ip = get_and_lock(global, class_index);
  128. if (ip == NULL)
  129. return -1;
  130. if (ip->meth == NULL) {
  131. ip->meth = sk_EX_CALLBACK_new_null();
  132. /* We push an initial value on the stack because the SSL
  133. * "app_data" routines use ex_data index zero. See RT 3710. */
  134. if (ip->meth == NULL
  135. || !sk_EX_CALLBACK_push(ip->meth, NULL)) {
  136. CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX_EX, ERR_R_MALLOC_FAILURE);
  137. goto err;
  138. }
  139. }
  140. a = (EX_CALLBACK *)OPENSSL_malloc(sizeof(*a));
  141. if (a == NULL) {
  142. CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX_EX, ERR_R_MALLOC_FAILURE);
  143. goto err;
  144. }
  145. a->argl = argl;
  146. a->argp = argp;
  147. a->new_func = new_func;
  148. a->dup_func = dup_func;
  149. a->free_func = free_func;
  150. if (!sk_EX_CALLBACK_push(ip->meth, NULL)) {
  151. CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX_EX, ERR_R_MALLOC_FAILURE);
  152. OPENSSL_free(a);
  153. goto err;
  154. }
  155. toret = sk_EX_CALLBACK_num(ip->meth) - 1;
  156. (void)sk_EX_CALLBACK_set(ip->meth, toret, a);
  157. err:
  158. CRYPTO_THREAD_unlock(global->ex_data_lock);
  159. return toret;
  160. }
  161. int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp,
  162. CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
  163. CRYPTO_EX_free *free_func)
  164. {
  165. return crypto_get_ex_new_index_ex(NULL, class_index, argl, argp, new_func,
  166. dup_func, free_func);
  167. }
  168. /*
  169. * Initialise a new CRYPTO_EX_DATA for use in a particular class - including
  170. * calling new() callbacks for each index in the class used by this variable
  171. * Thread-safe by copying a class's array of "EX_CALLBACK" entries
  172. * in the lock, then using them outside the lock. Note this only applies
  173. * to the global "ex_data" state (ie. class definitions), not 'ad' itself.
  174. */
  175. int crypto_new_ex_data_ex(OPENSSL_CTX *ctx, int class_index, void *obj,
  176. CRYPTO_EX_DATA *ad)
  177. {
  178. int mx, i;
  179. void *ptr;
  180. EX_CALLBACK **storage = NULL;
  181. EX_CALLBACK *stack[10];
  182. EX_CALLBACKS *ip;
  183. OSSL_EX_DATA_GLOBAL *global = openssl_ctx_get_ex_data_global(ctx);
  184. if (global == NULL)
  185. return 0;
  186. ip = get_and_lock(global, class_index);
  187. if (ip == NULL)
  188. return 0;
  189. ad->ctx = ctx;
  190. ad->sk = NULL;
  191. mx = sk_EX_CALLBACK_num(ip->meth);
  192. if (mx > 0) {
  193. if (mx < (int)OSSL_NELEM(stack))
  194. storage = stack;
  195. else
  196. storage = OPENSSL_malloc(sizeof(*storage) * mx);
  197. if (storage != NULL)
  198. for (i = 0; i < mx; i++)
  199. storage[i] = sk_EX_CALLBACK_value(ip->meth, i);
  200. }
  201. CRYPTO_THREAD_unlock(global->ex_data_lock);
  202. if (mx > 0 && storage == NULL) {
  203. CRYPTOerr(CRYPTO_F_CRYPTO_NEW_EX_DATA_EX, ERR_R_MALLOC_FAILURE);
  204. return 0;
  205. }
  206. for (i = 0; i < mx; i++) {
  207. if (storage[i] != NULL && storage[i]->new_func != NULL) {
  208. ptr = CRYPTO_get_ex_data(ad, i);
  209. storage[i]->new_func(obj, ptr, ad, i,
  210. storage[i]->argl, storage[i]->argp);
  211. }
  212. }
  213. if (storage != stack)
  214. OPENSSL_free(storage);
  215. return 1;
  216. }
  217. int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
  218. {
  219. return crypto_new_ex_data_ex(NULL, class_index, obj, ad);
  220. }
  221. /*
  222. * Duplicate a CRYPTO_EX_DATA variable - including calling dup() callbacks
  223. * for each index in the class used by this variable
  224. */
  225. int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to,
  226. const CRYPTO_EX_DATA *from)
  227. {
  228. int mx, j, i;
  229. void *ptr;
  230. EX_CALLBACK *stack[10];
  231. EX_CALLBACK **storage = NULL;
  232. EX_CALLBACKS *ip;
  233. int toret = 0;
  234. OSSL_EX_DATA_GLOBAL *global;
  235. to->ctx = from->ctx;
  236. if (from->sk == NULL)
  237. /* Nothing to copy over */
  238. return 1;
  239. global = openssl_ctx_get_ex_data_global(from->ctx);
  240. if (global == NULL)
  241. return 0;
  242. ip = get_and_lock(global, class_index);
  243. if (ip == NULL)
  244. return 0;
  245. mx = sk_EX_CALLBACK_num(ip->meth);
  246. j = sk_void_num(from->sk);
  247. if (j < mx)
  248. mx = j;
  249. if (mx > 0) {
  250. if (mx < (int)OSSL_NELEM(stack))
  251. storage = stack;
  252. else
  253. storage = OPENSSL_malloc(sizeof(*storage) * mx);
  254. if (storage != NULL)
  255. for (i = 0; i < mx; i++)
  256. storage[i] = sk_EX_CALLBACK_value(ip->meth, i);
  257. }
  258. CRYPTO_THREAD_unlock(global->ex_data_lock);
  259. if (mx == 0)
  260. return 1;
  261. if (storage == NULL) {
  262. CRYPTOerr(CRYPTO_F_CRYPTO_DUP_EX_DATA, ERR_R_MALLOC_FAILURE);
  263. return 0;
  264. }
  265. /*
  266. * Make sure the ex_data stack is at least |mx| elements long to avoid
  267. * issues in the for loop that follows; so go get the |mx|'th element
  268. * (if it does not exist CRYPTO_get_ex_data() returns NULL), and assign
  269. * to itself. This is normally a no-op; but ensures the stack is the
  270. * proper size
  271. */
  272. if (!CRYPTO_set_ex_data(to, mx - 1, CRYPTO_get_ex_data(to, mx - 1)))
  273. goto err;
  274. for (i = 0; i < mx; i++) {
  275. ptr = CRYPTO_get_ex_data(from, i);
  276. if (storage[i] != NULL && storage[i]->dup_func != NULL)
  277. if (!storage[i]->dup_func(to, from, &ptr, i,
  278. storage[i]->argl, storage[i]->argp))
  279. goto err;
  280. CRYPTO_set_ex_data(to, i, ptr);
  281. }
  282. toret = 1;
  283. err:
  284. if (storage != stack)
  285. OPENSSL_free(storage);
  286. return toret;
  287. }
  288. /*
  289. * Cleanup a CRYPTO_EX_DATA variable - including calling free() callbacks for
  290. * each index in the class used by this variable
  291. */
  292. void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
  293. {
  294. int mx, i;
  295. EX_CALLBACKS *ip;
  296. void *ptr;
  297. EX_CALLBACK *f;
  298. EX_CALLBACK *stack[10];
  299. EX_CALLBACK **storage = NULL;
  300. OSSL_EX_DATA_GLOBAL *global = openssl_ctx_get_ex_data_global(ad->ctx);
  301. if (global == NULL)
  302. goto err;
  303. ip = get_and_lock(global, class_index);
  304. if (ip == NULL)
  305. goto err;
  306. mx = sk_EX_CALLBACK_num(ip->meth);
  307. if (mx > 0) {
  308. if (mx < (int)OSSL_NELEM(stack))
  309. storage = stack;
  310. else
  311. storage = OPENSSL_malloc(sizeof(*storage) * mx);
  312. if (storage != NULL)
  313. for (i = 0; i < mx; i++)
  314. storage[i] = sk_EX_CALLBACK_value(ip->meth, i);
  315. }
  316. CRYPTO_THREAD_unlock(global->ex_data_lock);
  317. for (i = 0; i < mx; i++) {
  318. if (storage != NULL)
  319. f = storage[i];
  320. else {
  321. CRYPTO_THREAD_write_lock(global->ex_data_lock);
  322. f = sk_EX_CALLBACK_value(ip->meth, i);
  323. CRYPTO_THREAD_unlock(global->ex_data_lock);
  324. }
  325. if (f != NULL && f->free_func != NULL) {
  326. ptr = CRYPTO_get_ex_data(ad, i);
  327. f->free_func(obj, ptr, ad, i, f->argl, f->argp);
  328. }
  329. }
  330. if (storage != stack)
  331. OPENSSL_free(storage);
  332. err:
  333. sk_void_free(ad->sk);
  334. ad->sk = NULL;
  335. ad->ctx = NULL;
  336. }
  337. /*
  338. * Allocate a given CRYPTO_EX_DATA item using the class specific allocation
  339. * function
  340. */
  341. int CRYPTO_alloc_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad,
  342. int idx)
  343. {
  344. EX_CALLBACK *f;
  345. EX_CALLBACKS *ip;
  346. void *curval;
  347. OSSL_EX_DATA_GLOBAL *global;
  348. curval = CRYPTO_get_ex_data(ad, idx);
  349. /* Already there, no need to allocate */
  350. if (curval != NULL)
  351. return 1;
  352. global = openssl_ctx_get_ex_data_global(ad->ctx);
  353. if (global == NULL)
  354. return 0;
  355. ip = get_and_lock(global, class_index);
  356. if (ip == NULL)
  357. return 0;
  358. f = sk_EX_CALLBACK_value(ip->meth, idx);
  359. CRYPTO_THREAD_unlock(global->ex_data_lock);
  360. /*
  361. * This should end up calling CRYPTO_set_ex_data(), which allocates
  362. * everything necessary to support placing the new data in the right spot.
  363. */
  364. if (f->new_func == NULL)
  365. return 0;
  366. f->new_func(obj, NULL, ad, idx, f->argl, f->argp);
  367. return 1;
  368. }
  369. /*
  370. * For a given CRYPTO_EX_DATA variable, set the value corresponding to a
  371. * particular index in the class used by this variable
  372. */
  373. int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val)
  374. {
  375. int i;
  376. if (ad->sk == NULL) {
  377. if ((ad->sk = sk_void_new_null()) == NULL) {
  378. CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA, ERR_R_MALLOC_FAILURE);
  379. return 0;
  380. }
  381. }
  382. for (i = sk_void_num(ad->sk); i <= idx; ++i) {
  383. if (!sk_void_push(ad->sk, NULL)) {
  384. CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA, ERR_R_MALLOC_FAILURE);
  385. return 0;
  386. }
  387. }
  388. sk_void_set(ad->sk, idx, val);
  389. return 1;
  390. }
  391. /*
  392. * For a given CRYPTO_EX_DATA_ variable, get the value corresponding to a
  393. * particular index in the class used by this variable
  394. */
  395. void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad, int idx)
  396. {
  397. if (ad->sk == NULL || idx >= sk_void_num(ad->sk))
  398. return NULL;
  399. return sk_void_value(ad->sk, idx);
  400. }
  401. OPENSSL_CTX *crypto_ex_data_get_openssl_ctx(const CRYPTO_EX_DATA *ad)
  402. {
  403. return ad->ctx;
  404. }