diff options
| author | Matt Caswell <matt@openssl.org> | 2021-01-26 15:23:19 +0000 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2021-02-02 12:21:21 +0000 |
| commit | b233ea82765e80038e4884564153f9c8543d9396 (patch) | |
| tree | 85bc23683d1165916623957b68f3da16c83b8cba /providers/fips | |
| parent | cd4e6a351201270cd2769e1e2af7e9fb875a3f80 (diff) | |
| download | openssl-new-b233ea82765e80038e4884564153f9c8543d9396.tar.gz | |
Avoid races by caching exported ciphers in the init function
TSAN was reporting a race of the exported ciphers cache that we create in
the default and fips providers. This was because we cached it in the query
function rather than the init function, so this would cause a race if multiple
threads queried at the same time. In practice it probably wouldn't make much
difference since different threads should come up with the same answer.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13987)
Diffstat (limited to 'providers/fips')
| -rw-r--r-- | providers/fips/fipsprov.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c index deffb88ba6..dc1bd7b472 100644 --- a/providers/fips/fipsprov.c +++ b/providers/fips/fipsprov.c @@ -434,8 +434,6 @@ static const OSSL_ALGORITHM *fips_query(void *provctx, int operation_id, case OSSL_OP_DIGEST: return fips_digests; case OSSL_OP_CIPHER: - ossl_prov_cache_exported_algorithms(fips_ciphers, - exported_fips_ciphers); return exported_fips_ciphers; case OSSL_OP_MAC: return fips_macs; @@ -626,6 +624,8 @@ int OSSL_provider_init(const OSSL_CORE_HANDLE *handle, fgbl->handle = handle; + ossl_prov_cache_exported_algorithms(fips_ciphers, exported_fips_ciphers); + selftest_params.libctx = libctx; if (!SELF_TEST_post(&selftest_params, 0)) { ERR_raise(ERR_LIB_PROV, PROV_R_SELF_TEST_POST_FAILURE); |