| #
e077455e |
| 29-Sep-2022 |
Richard Levitte |
Stop raising ERR_R_MALLOC_FAILURE in most places
Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and
at least handle the file name and line number they are called from,
Stop raising ERR_R_MALLOC_FAILURE in most places
Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and
at least handle the file name and line number they are called from,
there's no need to report ERR_R_MALLOC_FAILURE where they are called
directly, or when SSLfatal() and RLAYERfatal() is used, the reason
`ERR_R_MALLOC_FAILURE` is changed to `ERR_R_CRYPTO_LIB`.
There were a number of places where `ERR_R_MALLOC_FAILURE` was reported
even though it was a function from a different sub-system that was
called. Those places are changed to report ERR_R_{lib}_LIB, where
{lib} is the name of that sub-system.
Some of them are tricky to get right, as we have a lot of functions
that belong in the ASN1 sub-system, and all the `sk_` calls or from
the CRYPTO sub-system.
Some extra adaptation was necessary where there were custom OPENSSL_malloc()
wrappers, and some bugs are fixed alongside these changes.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19301)
show more ...
|
| #
e1eafe8c |
| 14-Apr-2022 |
Richard Levitte |
"Reserve" the method store when constructing methods
Introducing the concept of reserving the store where a number of
provided operation methods are to be stored.
This avoids ra
"Reserve" the method store when constructing methods
Introducing the concept of reserving the store where a number of
provided operation methods are to be stored.
This avoids racing when constructing provided methods, which is
especially pertinent when multiple threads are trying to fetch the
same method, or even any implementation for the same given operation
type.
This introduces a |biglock| in OSSL_METHOD_STORE, which is separate
from the |lock| which is used for more internal and finer grained
locking.
Fixes #18152
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18153)
show more ...
|
| #
10937d58 |
| 20-Apr-2022 |
Richard Levitte |
Refactor method construction pre- and post-condition
The existing pre- and post-condition functions are supposed to check if
methods have already been created and stored, using provider
Refactor method construction pre- and post-condition
The existing pre- and post-condition functions are supposed to check if
methods have already been created and stored, using provider operation
bits. This is supposed to only be done for "permanent" method stores.
However, the way the pre-condition was called, it could not know if the
set of implementations to be stored is likely to end up in a "permanent"
or a temporary store. It needs access to the |no_store| flag returned
by the provider's operation query function, because that call was done
after the pre-condition was called.
This requires a bit of refactoring, primarly of |algorithm_do_this()|,
but also of |ossl_method_construct_precondition()|.
Fixes #18150
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18151)
show more ...
|
| #
cfce50f7 |
| 30-Sep-2021 |
Richard Levitte |
CORE: add a provider argument to ossl_method_construct()
This makes it possible to limit the search of methods to that
particular provider. This uses already available possibilities in
CORE: add a provider argument to ossl_method_construct()
This makes it possible to limit the search of methods to that
particular provider. This uses already available possibilities in
ossl_algorithm_do_all().
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16725)
show more ...
|
|
Revision tags: openssl-3.0.0-alpha17 |
|
| #
d7970dd9 |
| 15-May-2021 |
Petr Gotthard |
Fix pointer passed to provider_unquery_operation
Walking through the `map` modifies the pointer passed to the `unquery`
operation.
Reviewed-by: Matt Caswell <matt@openssl.org>
Fix pointer passed to provider_unquery_operation
Walking through the `map` modifies the pointer passed to the `unquery`
operation.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15295)
show more ...
|
|
Revision tags: openssl-3.0.0-alpha16, openssl-3.0.0-alpha15 |
|
| #
6c9bc258 |
| 16-Apr-2021 |
Tomas Mraz |
Add type_name member to provided methods and use it
Fixes #14701
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14898)
|
|
Revision tags: openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13 |
|
| #
8f089576 |
| 10-Mar-2021 |
Pauli |
rename ossl_provider_forall_loaded to ossl_provider_doall_activated
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14489)
|
| #
8020d79b |
| 11-Mar-2021 |
Matt Caswell |
Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14512)
|
|
Revision tags: openssl-3.0.0-alpha12, OpenSSL_1_1_1j, openssl-3.0.0-alpha11, openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8, openssl-3.0.0-alpha7 |
|
| #
b0001d0c |
| 25-Sep-2020 |
Pauli |
provider: add an unquery function to allow providers to clean up.
Without this, a provider has no way to know that an application
has finished with the array it returned earlier. A non
provider: add an unquery function to allow providers to clean up.
Without this, a provider has no way to know that an application
has finished with the array it returned earlier. A non-caching provider
requires this information.
Fixes #12974
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12974)
show more ...
|
| #
b4250010 |
| 15-Oct-2020 |
Dr. Matthias St. Pierre |
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX
Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix,
e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER.
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX
Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix,
e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER.
The OPENSSL_CTX type stands out a little by using a different prefix.
For consistency reasons, this type is renamed to OSSL_LIB_CTX.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12621)
show more ...
|
|
Revision tags: OpenSSL_1_1_1h |
|
| #
1010e4ac |
| 01-Sep-2020 |
Todd Short |
Fix post-condition in algorithm_do_this
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Me
Fix post-condition in algorithm_do_this
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/12760)
show more ...
|
|
Revision tags: openssl-3.0.0-alpha6, openssl-3.0.0-alpha5 |
|
| #
dd76b90e |
| 03-Jul-2020 |
Richard Levitte |
CORE: perform post-condition in algorithm_do_this() under all circumstances
When ossl_provider_query_operation() returned NULL, the post-condition
callback wasn't called, and could make
CORE: perform post-condition in algorithm_do_this() under all circumstances
When ossl_provider_query_operation() returned NULL, the post-condition
callback wasn't called, and could make algorithm_do_this() falsely
tell the caller that there was an error. Because of this, a provider
that answered with NULL for a particular operation identity would
effectively block the same query on all following providers.
Fixes #12293
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12365)
show more ...
|
|
Revision tags: openssl-3.0.0-alpha4 |
|
| #
23c48d94 |
| 20-Jun-2020 |
Dr. Matthias St. Pierre |
Rename <openssl/core_numbers.h> -> <openssl/core_dispatch.h>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12222)
|
|
Revision tags: openssl-3.0.0-alpha3 |
|
| #
00c405b3 |
| 04-Jun-2020 |
Matt Caswell |
Update copyright year
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12043)
|
| #
5a29b628 |
| 15-May-2020 |
Richard Levitte |
CORE: query for operations only once per provider (unless no_store is true)
When a desired algorithm wasn't available, we didn't register anywhere
that an attempt had been made, with the
CORE: query for operations only once per provider (unless no_store is true)
When a desired algorithm wasn't available, we didn't register anywhere
that an attempt had been made, with the result that next time the same
attempt was made, the whole process would be done again.
To avoid this churn, we register a bit for each operation that has
been queried in the libcrypto provider object, and test it before
trying the same query and method construction loop again.
If course, if the provider has told us not to cache, we don't register
this bit.
Fixes #11814
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11842)
show more ...
|
|
Revision tags: openssl-3.0.0-alpha2 |
|
| #
827f04d5 |
| 15-May-2020 |
Richard Levitte |
CORE: Fix a couple of bugs in algorithm_do_this()
The call of ossl_provider_query_operation() used |data->operation_id|,
when |cur_operation| should be used.
If any ossl_provide
CORE: Fix a couple of bugs in algorithm_do_this()
The call of ossl_provider_query_operation() used |data->operation_id|,
when |cur_operation| should be used.
If any ossl_provider_query_operation() call returned NULL, the loop
was stopped, when it should just continue on to the next operation.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11837)
show more ...
|
|
Revision tags: openssl-3.0.0-alpha1, OpenSSL_1_1_1g, OpenSSL_1_1_1f, OpenSSL_1_1_1e, OpenSSL_1_0_2u, OpenSSL_1_0_2t, OpenSSL_1_1_0l, OpenSSL_1_1_1d, OpenSSL_1_1_1c, OpenSSL_1_1_0k, OpenSSL_1_0_2s |
|
| #
695d195b |
| 23-May-2019 |
Richard Levitte |
Replumbing: make it possible for providers to specify multiple names
This modifies the treatment of algorithm name strings to allow
multiple names separated with colons.
Reviewe
Replumbing: make it possible for providers to specify multiple names
This modifies the treatment of algorithm name strings to allow
multiple names separated with colons.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/8985)
show more ...
|
| #
a883c02f |
| 10-Jul-2019 |
Richard Levitte |
Add internal function ossl_algorithm_do_all()
This function is used to traverse all the implementations provided by
one provider, or all implementation for a specific operation across
Add internal function ossl_algorithm_do_all()
This function is used to traverse all the implementations provided by
one provider, or all implementation for a specific operation across
all loaded providers, or both, and execute a given function for each
occurence.
This will be used by ossl_method_construct(), but also by information
processing functions.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9356)
show more ...
|
