diff options
author | Richard Levitte <levitte@openssl.org> | 2022-04-22 16:44:51 +0200 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2022-05-05 15:05:55 +0200 |
commit | 2e4d0677ea858c619a33235265dbee19520a9d35 (patch) | |
tree | 9d8df904bc5e2c15919065c7fe0e7f85c88d76a6 /crypto/provider_core.c | |
parent | 60640d79ca7ea0980dc09c71fe6a297b5f8588a2 (diff) | |
download | openssl-new-2e4d0677ea858c619a33235265dbee19520a9d35.tar.gz |
Make it possible to remove methods by the provider that provides them
This adds ossl_method_store_remove_all_provided(), which selectively
removes methods from the given store that are provided by the given
provider.
This also adds the EVP specific evp_method_store_remove_all_provided(),
which matches ossl_method_store_remove_all_provided() but can also
retrieve the correct store to manipulate for EVP functions.
This allows us to modify ossl_provider_self_test() to do the job it's
supposed to do, but through clearly defined functions instead of a
cache flushing call that previously did more than that.
ossl_provider_deactivate() is also modified to remove methods associated
with the deactivated provider, and not just clearing the cache.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18151)
Diffstat (limited to 'crypto/provider_core.c')
-rw-r--r-- | crypto/provider_core.c | 28 |
1 files changed, 26 insertions, 2 deletions
diff --git a/crypto/provider_core.c b/crypto/provider_core.c index ef0c156a34..8e7ed6265e 100644 --- a/crypto/provider_core.c +++ b/crypto/provider_core.c @@ -1156,6 +1156,30 @@ static int provider_flush_store_cache(const OSSL_PROVIDER *prov) return 1; } +static int provider_remove_store_methods(OSSL_PROVIDER *prov) +{ + struct provider_store_st *store; + int freeing; + + if ((store = get_provider_store(prov->libctx)) == NULL) + return 0; + + if (!CRYPTO_THREAD_read_lock(store->lock)) + return 0; + freeing = store->freeing; + CRYPTO_THREAD_unlock(store->lock); + + if (!freeing) { + OPENSSL_free(prov->operation_bits); + prov->operation_bits = NULL; + prov->operation_bits_sz = 0; + CRYPTO_THREAD_unlock(prov->opbits_lock); + + return evp_method_store_remove_all_provided(prov); + } + return 1; +} + int ossl_provider_activate(OSSL_PROVIDER *prov, int upcalls, int aschild) { int count; @@ -1183,7 +1207,7 @@ int ossl_provider_deactivate(OSSL_PROVIDER *prov, int removechildren) if (prov == NULL || (count = provider_deactivate(prov, 1, removechildren)) < 0) return 0; - return count == 0 ? provider_flush_store_cache(prov) : 1; + return count == 0 ? provider_remove_store_methods(prov) : 1; } void *ossl_provider_ctx(const OSSL_PROVIDER *prov) @@ -1482,7 +1506,7 @@ int ossl_provider_self_test(const OSSL_PROVIDER *prov) return 1; ret = prov->self_test(prov->provctx); if (ret == 0) - (void)provider_flush_store_cache(prov); + (void)provider_remove_store_methods((OSSL_PROVIDER *)prov); return ret; } |