| blob | f96a51781ab065549a42dc8ece88aeaf551e836d |
1 /* crypto/ex_data.c */
3 /*
4 * Overhaul notes;
5 *
6 * This code is now *mostly* thread-safe. It is now easier to understand in what
7 * ways it is safe and in what ways it is not, which is an improvement. Firstly,
8 * all per-class stacks and index-counters for ex_data are stored in the same
9 * global LHASH table (keyed by class). This hash table uses locking for all
10 * access with the exception of CRYPTO_cleanup_all_ex_data(), which must only be
11 * called when no other threads can possibly race against it (even if it was
12 * locked, the race would mean it's possible the hash table might have been
13 * recreated after the cleanup). As classes can only be added to the hash table,
14 * and within each class, the stack of methods can only be incremented, the
15 * locking mechanics are simpler than they would otherwise be. For example, the
16 * new/dup/free ex_data functions will lock the hash table, copy the method
17 * pointers it needs from the relevant class, then unlock the hash table before
18 * actually applying those method pointers to the task of the new/dup/free
19 * operations. As they can't be removed from the method-stack, only
20 * supplemented, there's no race conditions associated with using them outside
21 * the lock. The get/set_ex_data functions are not locked because they do not
22 * involve this global state at all - they operate directly with a previously
23 * obtained per-class method index and a particular "ex_data" variable. These
24 * variables are usually instantiated per-context (eg. each RSA structure has
25 * one) so locking on read/write access to that variable can be locked locally
26 * if required (eg. using the "RSA" lock to synchronise access to a
27 * per-RSA-structure ex_data variable if required).
28 * [Geoff]
29 */
31 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
32 * All rights reserved.
33 *
34 * This package is an SSL implementation written
35 * by Eric Young (eay@cryptsoft.com).
36 * The implementation was written so as to conform with Netscapes SSL.
37 *
38 * This library is free for commercial and non-commercial use as long as
39 * the following conditions are aheared to. The following conditions
40 * apply to all code found in this distribution, be it the RC4, RSA,
41 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
42 * included with this distribution is covered by the same copyright terms
43 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
44 *
45 * Copyright remains Eric Young's, and as such any Copyright notices in
46 * the code are not to be removed.
47 * If this package is used in a product, Eric Young should be given attribution
48 * as the author of the parts of the library used.
49 * This can be in the form of a textual message at program startup or
50 * in documentation (online or textual) provided with the package.
51 *
52 * Redistribution and use in source and binary forms, with or without
53 * modification, are permitted provided that the following conditions
54 * are met:
55 * 1. Redistributions of source code must retain the copyright
56 * notice, this list of conditions and the following disclaimer.
57 * 2. Redistributions in binary form must reproduce the above copyright
58 * notice, this list of conditions and the following disclaimer in the
59 * documentation and/or other materials provided with the distribution.
60 * 3. All advertising materials mentioning features or use of this software
61 * must display the following acknowledgement:
62 * "This product includes cryptographic software written by
63 * Eric Young (eay@cryptsoft.com)"
64 * The word 'cryptographic' can be left out if the rouines from the library
65 * being used are not cryptographic related :-).
66 * 4. If you include any Windows specific code (or a derivative thereof) from
67 * the apps directory (application code) you must include an acknowledgement:
68 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
69 *
70 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
71 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
72 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
73 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
74 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
75 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
76 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
77 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
78 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
79 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
80 * SUCH DAMAGE.
81 *
82 * The licence and distribution terms for any publically available version or
83 * derivative of this code cannot be changed. i.e. this code cannot simply be
84 * copied and put under another distribution licence
85 * [including the GNU Public Licence.]
86 */
87 /* ====================================================================
88 * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
89 *
90 * Redistribution and use in source and binary forms, with or without
91 * modification, are permitted provided that the following conditions
92 * are met:
93 *
94 * 1. Redistributions of source code must retain the above copyright
95 * notice, this list of conditions and the following disclaimer.
96 *
97 * 2. Redistributions in binary form must reproduce the above copyright
98 * notice, this list of conditions and the following disclaimer in
99 * the documentation and/or other materials provided with the
100 * distribution.
101 *
102 * 3. All advertising materials mentioning features or use of this
103 * software must display the following acknowledgment:
104 * "This product includes software developed by the OpenSSL Project
105 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
106 *
107 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
108 * endorse or promote products derived from this software without
109 * prior written permission. For written permission, please contact
110 * openssl-core@openssl.org.
111 *
112 * 5. Products derived from this software may not be called "OpenSSL"
113 * nor may "OpenSSL" appear in their names without prior written
114 * permission of the OpenSSL Project.
115 *
116 * 6. Redistributions of any form whatsoever must retain the following
117 * acknowledgment:
118 * "This product includes software developed by the OpenSSL Project
119 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
120 *
121 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
122 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
123 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
124 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
125 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
126 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
127 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
128 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
129 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
130 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
131 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
132 * OF THE POSSIBILITY OF SUCH DAMAGE.
133 * ====================================================================
134 *
135 * This product includes cryptographic software written by Eric Young
136 * (eay@cryptsoft.com). This product includes software written by Tim
137 * Hudson (tjh@cryptsoft.com).
138 *
139 */
142 #include <openssl/lhash.h>
144 /* What an "implementation of ex_data functionality" looks like */
146 /*********************/
147 /* GLOBAL OPERATIONS */
148 /* Return a new class index */
150 /* Cleanup all state used by the implementation */
152 /************************/
153 /* PER-CLASS OPERATIONS */
154 /* Get a new method index within a class */
158 /* Initialise a new CRYPTO_EX_DATA of a given class */
160 /* Duplicate a CRYPTO_EX_DATA of a given class onto a copy */
163 /* Cleanup a CRYPTO_EX_DATA of a given class */
165 };
167 /* The implementation we use at run-time */
170 /*
171 * To call "impl" functions, use this macro rather than referring to 'impl'
172 * directly, eg. EX_IMPL(get_new_index)(...);
173 */
174 #define EX_IMPL(a) impl->cb_##a
176 /* Predeclare the "default" ex_data implementation */
187 int_new_class,
188 int_cleanup,
189 int_get_new_index,
190 int_new_ex_data,
191 int_dup_ex_data,
192 int_free_ex_data
193 };
195 /*
196 * Internal function that checks whether "impl" is set and if not, sets it to
197 * the default.
198 */
200 {
205 }
207 /*
208 * A macro wrapper for impl_check that first uses a non-locked test before
209 * invoking the function (which checks again inside a lock).
210 */
211 #define IMPL_CHECK if(!impl) impl_check();
213 /* API functions to get/set the "ex_data" implementation */
215 {
217 }
220 {
226 }
229 }
231 /****************************************************************************/
232 /*
233 * Interal (default) implementation of "ex_data" support. API functions are
234 * further down.
235 */
237 /*
238 * The type that represents what each "class" used to implement locally. A
239 * STACK of CRYPTO_EX_DATA_FUNCS plus a index-counter. The 'class_index' is
240 * the global value representing the class that is used to distinguish these
241 * items.
242 */
249 /* When assigning new class indexes, this is our counter */
252 /* The global hash table of EX_CLASS_ITEM items */
256 /* The callbacks required in the "ex_data" hash table */
258 {
260 }
265 {
267 }
271 /*
272 * Internal functions used by the "impl_default" implementation to access the
273 * state
274 */
276 {
283 }
285 /*
286 * This macros helps reduce the locking from repeated checks because the
287 * ex_data_check() function checks ex_data again inside a lock.
288 */
289 #define EX_DATA_CHECK(iffail) if(!ex_data && !ex_data_check()) {iffail}
291 /* This "inner" callback is used by the callback function that follows it */
293 {
295 }
297 /*
298 * This callback is used in lh_doall to destroy all EX_CLASS_ITEM values from
299 * "ex_data" prior to the ex_data hash table being itself destroyed. Doesn't
300 * do any locking.
301 */
303 {
307 }
309 /*
310 * Return the EX_CLASS_ITEM from the "ex_data" hash table that corresponds to
311 * a given class. Handles locking.
312 */
314 {
329 /*
330 * Because we're inside the ex_data lock, the return value
331 * from the insert will be NULL
332 */
335 }
336 }
337 }
342 }
344 /*
345 * Add a new method to the given EX_CLASS_ITEM and return the corresponding
346 * index (or -1 for error). Handles locking.
347 */
351 {
358 }
370 }
371 }
374 err:
377 }
379 /**************************************************************/
380 /* The functions in the default CRYPTO_EX_DATA_IMPL structure */
383 {
389 }
392 {
398 }
403 {
408 }
410 /*
411 * Thread-safe by copying a class's array of "CRYPTO_EX_DATA_FUNCS" entries
412 * in the lock, then using them outside the lock. NB: Thread-safety only
413 * applies to the global "ex_data" state (ie. class definitions), not
414 * thread-safe on 'ad' itself.
415 */
417 {
423 /* error is already set */
434 }
435 skip:
440 }
446 }
447 }
451 }
453 /* Same thread-safety notes as for "int_new_ex_data" */
456 {
462 /* 'to' should be "blank" which *is* just like 'from' */
477 }
478 skip:
483 }
490 }
494 }
496 /* Same thread-safety notes as for "int_new_ex_data" */
498 {
515 }
516 skip:
521 }
527 }
528 }
534 }
535 }
537 /********************************************************************/
538 /*
539 * API functions that defer all "state" operations to the "ex_data"
540 * implementation we have set.
541 */
543 /*
544 * Obtain an index for a new class (not the same as getting a new index
545 * within an existing class - this is actually getting a new *class*)
546 */
548 {
550 }
552 /*
553 * Release all "ex_data" state to prevent memory leaks. This can't be made
554 * thread-safe without overhauling a lot of stuff, and shouldn't really be
555 * called under potential race-conditions anyway (it's for program shutdown
556 * after all).
557 */
559 {
561 }
563 /* Inside an existing class, get/register a new index. */
567 {
570 IMPL_CHECK
573 free_func);
575 }
577 /*
578 * Initialise a new CRYPTO_EX_DATA for use in a particular class - including
579 * calling new() callbacks for each index in the class used by this variable
580 */
582 {
584 }
586 /*
587 * Duplicate a CRYPTO_EX_DATA variable - including calling dup() callbacks
588 * for each index in the class used by this variable
589 */
592 {
594 }
596 /*
597 * Cleanup a CRYPTO_EX_DATA variable - including calling free() callbacks for
598 * each index in the class used by this variable
599 */
601 {
603 }
605 /*
606 * For a given CRYPTO_EX_DATA variable, set the value corresponding to a
607 * particular index in the class used by this variable
608 */
610 {
617 }
618 }
625 }
626 i++;
627 }
630 }
632 /*
633 * For a given CRYPTO_EX_DATA_ variable, get the value corresponding to a
634 * particular index in the class used by this variable
635 */
637 {
642 else
644 }