ex_data.c 13 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470
  1. /*
  2. * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include "crypto/cryptlib.h"
  10. #include "internal/thread_once.h"
  11. int do_ex_data_init(OPENSSL_CTX *ctx)
  12. {
  13. OSSL_EX_DATA_GLOBAL *global = openssl_ctx_get_ex_data_global(ctx);
  14. if (global == NULL)
  15. return 0;
  16. global->ex_data_lock = CRYPTO_THREAD_lock_new();
  17. return global->ex_data_lock != NULL;
  18. }
  19. /*
  20. * Return the EX_CALLBACKS from the |ex_data| array that corresponds to
  21. * a given class. On success, *holds the lock.*
  22. * The |global| parameter is assumed to be non null (checked by the caller).
  23. */
  24. static EX_CALLBACKS *get_and_lock(OSSL_EX_DATA_GLOBAL *global, int class_index)
  25. {
  26. EX_CALLBACKS *ip;
  27. if (class_index < 0 || class_index >= CRYPTO_EX_INDEX__COUNT) {
  28. CRYPTOerr(CRYPTO_F_GET_AND_LOCK, ERR_R_PASSED_INVALID_ARGUMENT);
  29. return NULL;
  30. }
  31. if (global->ex_data_lock == NULL) {
  32. /*
  33. * If we get here, someone (who?) cleaned up the lock, so just
  34. * treat it as an error.
  35. */
  36. return NULL;
  37. }
  38. CRYPTO_THREAD_write_lock(global->ex_data_lock);
  39. ip = &global->ex_data[class_index];
  40. return ip;
  41. }
  42. static void cleanup_cb(EX_CALLBACK *funcs)
  43. {
  44. OPENSSL_free(funcs);
  45. }
  46. /*
  47. * Release all "ex_data" state to prevent memory leaks. This can't be made
  48. * thread-safe without overhauling a lot of stuff, and shouldn't really be
  49. * called under potential race-conditions anyway (it's for program shutdown
  50. * after all).
  51. */
  52. void crypto_cleanup_all_ex_data_int(OPENSSL_CTX *ctx)
  53. {
  54. int i;
  55. OSSL_EX_DATA_GLOBAL *global = openssl_ctx_get_ex_data_global(ctx);
  56. if (global == NULL)
  57. return;
  58. for (i = 0; i < CRYPTO_EX_INDEX__COUNT; ++i) {
  59. EX_CALLBACKS *ip = &global->ex_data[i];
  60. sk_EX_CALLBACK_pop_free(ip->meth, cleanup_cb);
  61. ip->meth = NULL;
  62. }
  63. CRYPTO_THREAD_lock_free(global->ex_data_lock);
  64. global->ex_data_lock = NULL;
  65. }
  66. /*
  67. * Unregister a new index by replacing the callbacks with no-ops.
  68. * Any in-use instances are leaked.
  69. */
  70. static void dummy_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx,
  71. long argl, void *argp)
  72. {
  73. }
  74. static void dummy_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx,
  75. long argl, void *argp)
  76. {
  77. }
  78. static int dummy_dup(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from,
  79. void **from_d, int idx,
  80. long argl, void *argp)
  81. {
  82. return 1;
  83. }
  84. int crypto_free_ex_index_ex(OPENSSL_CTX *ctx, int class_index, int idx)
  85. {
  86. EX_CALLBACKS *ip;
  87. EX_CALLBACK *a;
  88. int toret = 0;
  89. OSSL_EX_DATA_GLOBAL *global = openssl_ctx_get_ex_data_global(ctx);
  90. if (global == NULL)
  91. return 0;
  92. ip = get_and_lock(global, class_index);
  93. if (ip == NULL)
  94. return 0;
  95. if (idx < 0 || idx >= sk_EX_CALLBACK_num(ip->meth))
  96. goto err;
  97. a = sk_EX_CALLBACK_value(ip->meth, idx);
  98. if (a == NULL)
  99. goto err;
  100. a->new_func = dummy_new;
  101. a->dup_func = dummy_dup;
  102. a->free_func = dummy_free;
  103. toret = 1;
  104. err:
  105. CRYPTO_THREAD_unlock(global->ex_data_lock);
  106. return toret;
  107. }
  108. int CRYPTO_free_ex_index(int class_index, int idx)
  109. {
  110. return crypto_free_ex_index_ex(NULL, class_index, idx);
  111. }
  112. /*
  113. * Register a new index.
  114. */
  115. int crypto_get_ex_new_index_ex(OPENSSL_CTX *ctx, int class_index, long argl,
  116. void *argp, CRYPTO_EX_new *new_func,
  117. CRYPTO_EX_dup *dup_func,
  118. CRYPTO_EX_free *free_func)
  119. {
  120. int toret = -1;
  121. EX_CALLBACK *a;
  122. EX_CALLBACKS *ip;
  123. OSSL_EX_DATA_GLOBAL *global = openssl_ctx_get_ex_data_global(ctx);
  124. if (global == NULL)
  125. return -1;
  126. ip = get_and_lock(global, class_index);
  127. if (ip == NULL)
  128. return -1;
  129. if (ip->meth == NULL) {
  130. ip->meth = sk_EX_CALLBACK_new_null();
  131. /* We push an initial value on the stack because the SSL
  132. * "app_data" routines use ex_data index zero. See RT 3710. */
  133. if (ip->meth == NULL
  134. || !sk_EX_CALLBACK_push(ip->meth, NULL)) {
  135. CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX_EX, ERR_R_MALLOC_FAILURE);
  136. goto err;
  137. }
  138. }
  139. a = (EX_CALLBACK *)OPENSSL_malloc(sizeof(*a));
  140. if (a == NULL) {
  141. CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX_EX, ERR_R_MALLOC_FAILURE);
  142. goto err;
  143. }
  144. a->argl = argl;
  145. a->argp = argp;
  146. a->new_func = new_func;
  147. a->dup_func = dup_func;
  148. a->free_func = free_func;
  149. if (!sk_EX_CALLBACK_push(ip->meth, NULL)) {
  150. CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX_EX, ERR_R_MALLOC_FAILURE);
  151. OPENSSL_free(a);
  152. goto err;
  153. }
  154. toret = sk_EX_CALLBACK_num(ip->meth) - 1;
  155. (void)sk_EX_CALLBACK_set(ip->meth, toret, a);
  156. err:
  157. CRYPTO_THREAD_unlock(global->ex_data_lock);
  158. return toret;
  159. }
  160. int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp,
  161. CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
  162. CRYPTO_EX_free *free_func)
  163. {
  164. return crypto_get_ex_new_index_ex(NULL, class_index, argl, argp, new_func,
  165. dup_func, free_func);
  166. }
  167. /*
  168. * Initialise a new CRYPTO_EX_DATA for use in a particular class - including
  169. * calling new() callbacks for each index in the class used by this variable
  170. * Thread-safe by copying a class's array of "EX_CALLBACK" entries
  171. * in the lock, then using them outside the lock. Note this only applies
  172. * to the global "ex_data" state (ie. class definitions), not 'ad' itself.
  173. */
  174. int crypto_new_ex_data_ex(OPENSSL_CTX *ctx, int class_index, void *obj,
  175. CRYPTO_EX_DATA *ad)
  176. {
  177. int mx, i;
  178. void *ptr;
  179. EX_CALLBACK **storage = NULL;
  180. EX_CALLBACK *stack[10];
  181. EX_CALLBACKS *ip;
  182. OSSL_EX_DATA_GLOBAL *global = openssl_ctx_get_ex_data_global(ctx);
  183. if (global == NULL)
  184. return 0;
  185. ip = get_and_lock(global, class_index);
  186. if (ip == NULL)
  187. return 0;
  188. ad->ctx = ctx;
  189. ad->sk = NULL;
  190. mx = sk_EX_CALLBACK_num(ip->meth);
  191. if (mx > 0) {
  192. if (mx < (int)OSSL_NELEM(stack))
  193. storage = stack;
  194. else
  195. storage = OPENSSL_malloc(sizeof(*storage) * mx);
  196. if (storage != NULL)
  197. for (i = 0; i < mx; i++)
  198. storage[i] = sk_EX_CALLBACK_value(ip->meth, i);
  199. }
  200. CRYPTO_THREAD_unlock(global->ex_data_lock);
  201. if (mx > 0 && storage == NULL) {
  202. CRYPTOerr(CRYPTO_F_CRYPTO_NEW_EX_DATA_EX, ERR_R_MALLOC_FAILURE);
  203. return 0;
  204. }
  205. for (i = 0; i < mx; i++) {
  206. if (storage[i] != NULL && storage[i]->new_func != NULL) {
  207. ptr = CRYPTO_get_ex_data(ad, i);
  208. storage[i]->new_func(obj, ptr, ad, i,
  209. storage[i]->argl, storage[i]->argp);
  210. }
  211. }
  212. if (storage != stack)
  213. OPENSSL_free(storage);
  214. return 1;
  215. }
  216. int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
  217. {
  218. return crypto_new_ex_data_ex(NULL, class_index, obj, ad);
  219. }
  220. /*
  221. * Duplicate a CRYPTO_EX_DATA variable - including calling dup() callbacks
  222. * for each index in the class used by this variable
  223. */
  224. int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to,
  225. const CRYPTO_EX_DATA *from)
  226. {
  227. int mx, j, i;
  228. void *ptr;
  229. EX_CALLBACK *stack[10];
  230. EX_CALLBACK **storage = NULL;
  231. EX_CALLBACKS *ip;
  232. int toret = 0;
  233. OSSL_EX_DATA_GLOBAL *global;
  234. to->ctx = from->ctx;
  235. if (from->sk == NULL)
  236. /* Nothing to copy over */
  237. return 1;
  238. global = openssl_ctx_get_ex_data_global(from->ctx);
  239. if (global == NULL)
  240. return 0;
  241. ip = get_and_lock(global, class_index);
  242. if (ip == NULL)
  243. return 0;
  244. mx = sk_EX_CALLBACK_num(ip->meth);
  245. j = sk_void_num(from->sk);
  246. if (j < mx)
  247. mx = j;
  248. if (mx > 0) {
  249. if (mx < (int)OSSL_NELEM(stack))
  250. storage = stack;
  251. else
  252. storage = OPENSSL_malloc(sizeof(*storage) * mx);
  253. if (storage != NULL)
  254. for (i = 0; i < mx; i++)
  255. storage[i] = sk_EX_CALLBACK_value(ip->meth, i);
  256. }
  257. CRYPTO_THREAD_unlock(global->ex_data_lock);
  258. if (mx == 0)
  259. return 1;
  260. if (storage == NULL) {
  261. CRYPTOerr(CRYPTO_F_CRYPTO_DUP_EX_DATA, ERR_R_MALLOC_FAILURE);
  262. return 0;
  263. }
  264. /*
  265. * Make sure the ex_data stack is at least |mx| elements long to avoid
  266. * issues in the for loop that follows; so go get the |mx|'th element
  267. * (if it does not exist CRYPTO_get_ex_data() returns NULL), and assign
  268. * to itself. This is normally a no-op; but ensures the stack is the
  269. * proper size
  270. */
  271. if (!CRYPTO_set_ex_data(to, mx - 1, CRYPTO_get_ex_data(to, mx - 1)))
  272. goto err;
  273. for (i = 0; i < mx; i++) {
  274. ptr = CRYPTO_get_ex_data(from, i);
  275. if (storage[i] != NULL && storage[i]->dup_func != NULL)
  276. if (!storage[i]->dup_func(to, from, &ptr, i,
  277. storage[i]->argl, storage[i]->argp))
  278. goto err;
  279. CRYPTO_set_ex_data(to, i, ptr);
  280. }
  281. toret = 1;
  282. err:
  283. if (storage != stack)
  284. OPENSSL_free(storage);
  285. return toret;
  286. }
  287. /*
  288. * Cleanup a CRYPTO_EX_DATA variable - including calling free() callbacks for
  289. * each index in the class used by this variable
  290. */
  291. void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
  292. {
  293. int mx, i;
  294. EX_CALLBACKS *ip;
  295. void *ptr;
  296. EX_CALLBACK *f;
  297. EX_CALLBACK *stack[10];
  298. EX_CALLBACK **storage = NULL;
  299. OSSL_EX_DATA_GLOBAL *global = openssl_ctx_get_ex_data_global(ad->ctx);
  300. if (global == NULL)
  301. goto err;
  302. ip = get_and_lock(global, class_index);
  303. if (ip == NULL)
  304. goto err;
  305. mx = sk_EX_CALLBACK_num(ip->meth);
  306. if (mx > 0) {
  307. if (mx < (int)OSSL_NELEM(stack))
  308. storage = stack;
  309. else
  310. storage = OPENSSL_malloc(sizeof(*storage) * mx);
  311. if (storage != NULL)
  312. for (i = 0; i < mx; i++)
  313. storage[i] = sk_EX_CALLBACK_value(ip->meth, i);
  314. }
  315. CRYPTO_THREAD_unlock(global->ex_data_lock);
  316. for (i = 0; i < mx; i++) {
  317. if (storage != NULL)
  318. f = storage[i];
  319. else {
  320. CRYPTO_THREAD_write_lock(global->ex_data_lock);
  321. f = sk_EX_CALLBACK_value(ip->meth, i);
  322. CRYPTO_THREAD_unlock(global->ex_data_lock);
  323. }
  324. if (f != NULL && f->free_func != NULL) {
  325. ptr = CRYPTO_get_ex_data(ad, i);
  326. f->free_func(obj, ptr, ad, i, f->argl, f->argp);
  327. }
  328. }
  329. if (storage != stack)
  330. OPENSSL_free(storage);
  331. err:
  332. sk_void_free(ad->sk);
  333. ad->sk = NULL;
  334. ad->ctx = NULL;
  335. }
  336. /*
  337. * Allocate a given CRYPTO_EX_DATA item using the class specific allocation
  338. * function
  339. */
  340. int CRYPTO_alloc_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad,
  341. int idx)
  342. {
  343. EX_CALLBACK *f;
  344. EX_CALLBACKS *ip;
  345. void *curval;
  346. OSSL_EX_DATA_GLOBAL *global;
  347. curval = CRYPTO_get_ex_data(ad, idx);
  348. /* Already there, no need to allocate */
  349. if (curval != NULL)
  350. return 1;
  351. global = openssl_ctx_get_ex_data_global(ad->ctx);
  352. if (global == NULL)
  353. return 0;
  354. ip = get_and_lock(global, class_index);
  355. if (ip == NULL)
  356. return 0;
  357. f = sk_EX_CALLBACK_value(ip->meth, idx);
  358. CRYPTO_THREAD_unlock(global->ex_data_lock);
  359. /*
  360. * This should end up calling CRYPTO_set_ex_data(), which allocates
  361. * everything necessary to support placing the new data in the right spot.
  362. */
  363. if (f->new_func == NULL)
  364. return 0;
  365. f->new_func(obj, NULL, ad, idx, f->argl, f->argp);
  366. return 1;
  367. }
  368. /*
  369. * For a given CRYPTO_EX_DATA variable, set the value corresponding to a
  370. * particular index in the class used by this variable
  371. */
  372. int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val)
  373. {
  374. int i;
  375. if (ad->sk == NULL) {
  376. if ((ad->sk = sk_void_new_null()) == NULL) {
  377. CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA, ERR_R_MALLOC_FAILURE);
  378. return 0;
  379. }
  380. }
  381. for (i = sk_void_num(ad->sk); i <= idx; ++i) {
  382. if (!sk_void_push(ad->sk, NULL)) {
  383. CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA, ERR_R_MALLOC_FAILURE);
  384. return 0;
  385. }
  386. }
  387. if (sk_void_set(ad->sk, idx, val) != val) {
  388. /* Probably the index is out of bounds */
  389. CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA, ERR_R_PASSED_INVALID_ARGUMENT);
  390. return 0;
  391. }
  392. return 1;
  393. }
  394. /*
  395. * For a given CRYPTO_EX_DATA_ variable, get the value corresponding to a
  396. * particular index in the class used by this variable
  397. */
  398. void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad, int idx)
  399. {
  400. if (ad->sk == NULL || idx >= sk_void_num(ad->sk))
  401. return NULL;
  402. return sk_void_value(ad->sk, idx);
  403. }
  404. OPENSSL_CTX *crypto_ex_data_get_openssl_ctx(const CRYPTO_EX_DATA *ad)
  405. {
  406. return ad->ctx;
  407. }