diff options
author | jpierre%netscape.com <devnull@localhost> | 2004-06-19 03:19:46 +0000 |
---|---|---|
committer | jpierre%netscape.com <devnull@localhost> | 2004-06-19 03:19:46 +0000 |
commit | 45f098ed782b2b43295b313768cc04c39609c783 (patch) | |
tree | 5675fb701a0adf14ab8ddd38d8e2966f38f29016 | |
parent | d1961e5872f855399cf0517dfec097b66f9eb474 (diff) | |
download | nss-hg-45f098ed782b2b43295b313768cc04c39609c783.tar.gz |
Fix for 237934 - nss_InitLock not atomic. r=nelson
-rw-r--r-- | security/nss/lib/ssl/ssl3con.c | 13 | ||||
-rw-r--r-- | security/nss/lib/ssl/sslimpl.h | 4 | ||||
-rw-r--r-- | security/nss/lib/ssl/sslnonce.c | 16 | ||||
-rw-r--r-- | security/nss/lib/ssl/sslsnce.c | 6 |
4 files changed, 28 insertions, 11 deletions
diff --git a/security/nss/lib/ssl/ssl3con.c b/security/nss/lib/ssl/ssl3con.c index daed7453d..6db9a7641 100644 --- a/security/nss/lib/ssl/ssl3con.c +++ b/security/nss/lib/ssl/ssl3con.c @@ -3333,7 +3333,7 @@ typedef struct { PK11SymKey * symWrapKey[kt_kea_size]; } ssl3SymWrapKey; -static PZLock * symWrapKeysLock; +static PZLock * symWrapKeysLock = NULL; static ssl3SymWrapKey symWrapKeys[SSL_NUM_WRAP_MECHS]; SECStatus @@ -3360,6 +3360,13 @@ SSL3_ShutdownServerCache(void) return SECSuccess; } +void ssl_InitSymWrapKeysLock(void) +{ + /* atomically initialize the lock */ + if (!symWrapKeysLock) + nss_InitLock(&symWrapKeysLock, nssILockOther); +} + /* Try to get wrapping key for mechanism from in-memory array. * If that fails, look for one on disk. * If that fails, generate a new one, put the new one on disk, @@ -3397,9 +3404,7 @@ getWrappingKey( sslSocket * ss, pSymWrapKey = &symWrapKeys[symWrapMechIndex].symWrapKey[exchKeyType]; - /* atomically initialize the lock */ - if (!symWrapKeysLock) - nss_InitLock(&symWrapKeysLock, nssILockOther); + ssl_InitSymWrapKeysLock(); PZ_Lock(symWrapKeysLock); diff --git a/security/nss/lib/ssl/sslimpl.h b/security/nss/lib/ssl/sslimpl.h index 90a99100e..b17c40672 100644 --- a/security/nss/lib/ssl/sslimpl.h +++ b/security/nss/lib/ssl/sslimpl.h @@ -1264,6 +1264,10 @@ ssl_SetWrappingKey(SSLWrappedSymWrappingKey *wswk); /* get rid of the symmetric wrapping key references. */ extern SECStatus SSL3_ShutdownServerCache(void); +extern void ssl_InitClientSessionCacheLock(void); + +extern void ssl_InitSymWrapKeysLock(void); + /********************** misc calls *********************/ extern int ssl_MapLowLevelError(int hiLevelError); diff --git a/security/nss/lib/ssl/sslnonce.c b/security/nss/lib/ssl/sslnonce.c index ac79c6d66..9ae45de1a 100644 --- a/security/nss/lib/ssl/sslnonce.c +++ b/security/nss/lib/ssl/sslnonce.c @@ -51,8 +51,8 @@ PRUint32 ssl_sid_timeout = 100; PRUint32 ssl3_sid_timeout = 86400L; /* 24 hours */ -static sslSessionID *cache; -static PZLock * cacheLock; +static sslSessionID *cache = NULL; +static PZLock * cacheLock = NULL; /* sids can be in one of 4 states: * @@ -65,14 +65,16 @@ static PZLock * cacheLock; #define LOCK_CACHE lock_cache() #define UNLOCK_CACHE PZ_Unlock(cacheLock) -static void -lock_cache(void) +void ssl_InitClientSessionCacheLock(void) { - /* XXX Since the client session cache has no init function, we must - * XXX init the cacheLock on the first call. Fix in NSS 3.0. - */ if (!cacheLock) nss_InitLock(&cacheLock, nssILockCache); +} + +static void +lock_cache(void) +{ + ssl_InitClientSessionCacheLock(); PZ_Lock(cacheLock); } diff --git a/security/nss/lib/ssl/sslsnce.c b/security/nss/lib/ssl/sslsnce.c index 6604c2896..8d5a853b1 100644 --- a/security/nss/lib/ssl/sslsnce.c +++ b/security/nss/lib/ssl/sslsnce.c @@ -1169,6 +1169,8 @@ SSL_ConfigServerSessionIDCache( int maxCacheEntries, PRUint32 ssl3_timeout, const char * directory) { + ssl_InitClientSessionCacheLock(); + ssl_InitSymWrapKeysLock(); return SSL_ConfigServerSessionIDCacheInstance(&globalCache, maxCacheEntries, ssl2_timeout, ssl3_timeout, directory, PR_FALSE); } @@ -1276,6 +1278,10 @@ SSL_InheritMPServerSIDCacheInstance(cacheDesc *cache, const char * envString) } return SECSuccess; /* already done. */ } + + ssl_InitClientSessionCacheLock(); + ssl_InitSymWrapKeysLock(); + ssl_sid_lookup = ServerSessionIDLookup; ssl_sid_cache = ServerSessionIDCache; ssl_sid_uncache = ServerSessionIDUncache; |