The branch master has been updated via ee203a87ff1ff1af46a5ff11f761bdd07a5503e4 (commit) via 978e323a4dbc9e790c13cc479b68c260677dc4c4 (commit) via 92b20fb8f742d50ca9eae8c28a855df94b9a3783 (commit) from 145a4c871d9632a6eb2145f8a2b417bec58e7ee5 (commit)
- Log ----------------------------------------------------------------- commit ee203a87ff1ff1af46a5ff11f761bdd07a5503e4 Author: Matt Caswell <m...@openssl.org> Date: Fri Apr 16 12:21:50 2021 +0100 Add a test for OSSL_LIB_CTX_set0_default Also includes testing for OSSL_LIB_CTX_get0_global_default(). Reviewed-by: Paul Dale <pa...@openssl.org> Reviewed-by: Tim Hudson <t...@openssl.org> Reviewed-by: Tomas Mraz <to...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14890) commit 978e323a4dbc9e790c13cc479b68c260677dc4c4 Author: Matt Caswell <m...@openssl.org> Date: Fri Apr 16 11:13:30 2021 +0100 Add the function OSSL_LIB_CTX_get0_global_default() An API function for obtaining the global default lib ctx. Reviewed-by: Paul Dale <pa...@openssl.org> Reviewed-by: Tim Hudson <t...@openssl.org> Reviewed-by: Tomas Mraz <to...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14890) commit 92b20fb8f742d50ca9eae8c28a855df94b9a3783 Author: Matt Caswell <m...@openssl.org> Date: Thu Apr 15 16:46:35 2021 +0100 Change the semantics of OSSL_LIB_CTX_set0_default() NULL handling Change things so that passing NULL to OSSL_LIB_CTX_set0_default() means keep the current library context unchanged. This has the advantage of simplifying error handling, e.g. you can call OSSL_LIB_CTX_set0_default in an error/finalisation block safe in the knowledge the if the "prevctx" was never set then it will be a no-op (like calling a "free" function with NULL). Fixes #14593 Reviewed-by: Paul Dale <pa...@openssl.org> Reviewed-by: Tim Hudson <t...@openssl.org> Reviewed-by: Tomas Mraz <to...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14890) ----------------------------------------------------------------------- Summary of changes: crypto/context.c | 18 +++++++++++---- doc/man3/OSSL_LIB_CTX.pod | 22 +++++++++++++----- include/openssl/crypto.h.in | 1 + test/context_internal_test.c | 55 ++++++++++++++++++++++++++++++++++++++++++++ util/libcrypto.num | 1 + 5 files changed, 87 insertions(+), 10 deletions(-) diff --git a/crypto/context.c b/crypto/context.c index 6c088e6628..d7671d66a8 100644 --- a/crypto/context.c +++ b/crypto/context.c @@ -199,18 +199,28 @@ void OSSL_LIB_CTX_free(OSSL_LIB_CTX *ctx) OPENSSL_free(ctx); } +#ifndef FIPS_MODULE +OSSL_LIB_CTX *OSSL_LIB_CTX_get0_global_default(void) +{ + if (!RUN_ONCE(&default_context_init, default_context_do_init)) + return NULL; + + return &default_context_int; +} + OSSL_LIB_CTX *OSSL_LIB_CTX_set0_default(OSSL_LIB_CTX *libctx) { -#ifndef FIPS_MODULE OSSL_LIB_CTX *current_defctx; - if ((current_defctx = get_default_context()) != NULL - && set_default_context(libctx)) + if ((current_defctx = get_default_context()) != NULL) { + if (libctx != NULL) + set_default_context(libctx); return current_defctx; -#endif + } return NULL; } +#endif OSSL_LIB_CTX *ossl_lib_ctx_get_concrete(OSSL_LIB_CTX *ctx) { diff --git a/doc/man3/OSSL_LIB_CTX.pod b/doc/man3/OSSL_LIB_CTX.pod index 01b6a47b48..f2bf3d9de6 100644 --- a/doc/man3/OSSL_LIB_CTX.pod +++ b/doc/man3/OSSL_LIB_CTX.pod @@ -3,7 +3,7 @@ =head1 NAME OSSL_LIB_CTX, OSSL_LIB_CTX_new, OSSL_LIB_CTX_free, OSSL_LIB_CTX_load_config, -OSSL_LIB_CTX_set0_default +OSSL_LIB_CTX_get0_global_default, OSSL_LIB_CTX_set0_default - OpenSSL library context =head1 SYNOPSIS @@ -15,6 +15,7 @@ OSSL_LIB_CTX_set0_default OSSL_LIB_CTX *OSSL_LIB_CTX_new(void); int OSSL_LIB_CTX_load_config(OSSL_LIB_CTX *ctx, const char *config_file); void OSSL_LIB_CTX_free(OSSL_LIB_CTX *ctx); + OSSL_LIB_CTX *OSSL_LIB_CTX_get0_global_default(void); OSSL_LIB_CTX *OSSL_LIB_CTX_set0_default(OSSL_LIB_CTX *ctx); =head1 DESCRIPTION @@ -38,10 +39,17 @@ from a configuration. OSSL_LIB_CTX_free() frees the given I<ctx>, unless it happens to be the default OpenSSL library context. +OSSL_LIB_CTX_get0_global_default() returns a concrete (non NULL) reference to +the global default library context. + OSSL_LIB_CTX_set0_default() sets the default OpenSSL library context to be I<ctx> in the current thread. The previous default library context is returned. Care should be taken by the caller to restore the previous -default library context with a subsequent call of this function. +default library context with a subsequent call of this function. If I<ctx> is +NULL then no change is made to the default library context, but a pointer to +the current library context is still returned. On a successful call of this +function the returned value will always be a concrete (non NULL) library +context. Care should be taken when changing the default library context and starting async jobs (see L<ASYNC_start_job(3)>), as the default library context when @@ -53,15 +61,17 @@ that job has finished. =head1 RETURN VALUES -OSSL_LIB_CTX_new() and OSSL_LIB_CTX_set0_default() return a library context -pointer on success, or NULL on error. +OSSL_LIB_CTX_new(), OSSL_LIB_CTX_get0_global_default() and +OSSL_LIB_CTX_set0_default() return a library context pointer on success, or NULL +on error. OSSL_LIB_CTX_free() doesn't return any value. =head1 HISTORY -OSSL_LIB_CTX, OSSL_LIB_CTX_new(), OSSL_LIB_CTX_load_config(), OSSL_LIB_CTX_free() -and OSSL_LIB_CTX_set0_default() were added in OpenSSL 3.0. +OSSL_LIB_CTX, OSSL_LIB_CTX_new(), OSSL_LIB_CTX_load_config(), +OSSL_LIB_CTX_free(), OSSL_LIB_CTX_get0_global_default() and +OSSL_LIB_CTX_set0_default() were added in OpenSSL 3.0. =head1 COPYRIGHT diff --git a/include/openssl/crypto.h.in b/include/openssl/crypto.h.in index adceb0c103..f25b997e32 100644 --- a/include/openssl/crypto.h.in +++ b/include/openssl/crypto.h.in @@ -519,6 +519,7 @@ int CRYPTO_THREAD_compare_id(CRYPTO_THREAD_ID a, CRYPTO_THREAD_ID b); OSSL_LIB_CTX *OSSL_LIB_CTX_new(void); int OSSL_LIB_CTX_load_config(OSSL_LIB_CTX *ctx, const char *config_file); void OSSL_LIB_CTX_free(OSSL_LIB_CTX *); +OSSL_LIB_CTX *OSSL_LIB_CTX_get0_global_default(void); OSSL_LIB_CTX *OSSL_LIB_CTX_set0_default(OSSL_LIB_CTX *libctx); # ifdef __cplusplus diff --git a/test/context_internal_test.c b/test/context_internal_test.c index 0b786adf67..a875908469 100644 --- a/test/context_internal_test.c +++ b/test/context_internal_test.c @@ -73,9 +73,64 @@ static int test_def_context(void) return test_context(NULL); } +static int test_set0_default(void) +{ + OSSL_LIB_CTX *global = OSSL_LIB_CTX_get0_global_default(); + OSSL_LIB_CTX *local = OSSL_LIB_CTX_new(); + OSSL_LIB_CTX *prev; + int testresult = 0; + FOO *data = NULL; + + if (!TEST_ptr(global) + || !TEST_ptr(local) + || !TEST_ptr_eq(global, OSSL_LIB_CTX_set0_default(NULL)) + || !TEST_ptr(data = ossl_lib_ctx_get_data(local, 0, &foo_method))) + goto err; + + /* Set local "i" value to 43. Global "i" should be 42 */ + data->i++; + if (!TEST_int_eq(data->i, 43)) + goto err; + + /* The default context should still be the "global" default */ + if (!TEST_ptr(data = ossl_lib_ctx_get_data(NULL, 0, &foo_method)) + || !TEST_int_eq(data->i, 42)) + goto err; + + /* Check we can change the local default context */ + if (!TEST_ptr(prev = OSSL_LIB_CTX_set0_default(local)) + || !TEST_ptr_eq(global, prev) + || !TEST_ptr(data = ossl_lib_ctx_get_data(NULL, 0, &foo_method)) + || !TEST_int_eq(data->i, 43)) + goto err; + + /* Calling OSSL_LIB_CTX_set0_default() with a NULL should be a no-op */ + if (!TEST_ptr_eq(local, OSSL_LIB_CTX_set0_default(NULL)) + || !TEST_ptr(data = ossl_lib_ctx_get_data(NULL, 0, &foo_method)) + || !TEST_int_eq(data->i, 43)) + goto err; + + /* Global default should be unchanged */ + if (!TEST_ptr_eq(global, OSSL_LIB_CTX_get0_global_default())) + goto err; + + /* Check we can swap back to the global default */ + if (!TEST_ptr(prev = OSSL_LIB_CTX_set0_default(global)) + || !TEST_ptr_eq(local, prev) + || !TEST_ptr(data = ossl_lib_ctx_get_data(NULL, 0, &foo_method)) + || !TEST_int_eq(data->i, 42)) + goto err; + + testresult = 1; + err: + OSSL_LIB_CTX_free(local); + return testresult; +} + int setup_tests(void) { ADD_TEST(test_app_context); ADD_TEST(test_def_context); + ADD_TEST(test_set0_default); return 1; } diff --git a/util/libcrypto.num b/util/libcrypto.num index 1ec8ee6fd9..a059aecd5e 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -5356,3 +5356,4 @@ EVP_MD_CTX_get0_md ? 3_0_0 EXIST::FUNCTION: EVP_MD_CTX_get1_md ? 3_0_0 EXIST::FUNCTION: EVP_CIPHER_CTX_get0_cipher ? 3_0_0 EXIST::FUNCTION: EVP_CIPHER_CTX_get1_cipher ? 3_0_0 EXIST::FUNCTION: +OSSL_LIB_CTX_get0_global_default ? 3_0_0 EXIST::FUNCTION: