Commit 9553d969 authored by Andy Polyakov's avatar Andy Polyakov
Browse files

x509v3/v3_purp.c: re-implement lock-free check for extensions cache validity. 



Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6891)

(back-ported from commit f21b5b64)
parent 80158ae4

crypto/include/internal/x509_int.h

+1 −0
Original line number Diff line number Diff line
@@ -166,6 +166,7 @@ struct x509_st { 
    unsigned char sha1_hash[SHA_DIGEST_LENGTH];

    X509_CERT_AUX *aux;

    CRYPTO_RWLOCK *lock;

    volatile int ex_cached;

} /* X509 */ ;



/*

crypto/x509v3/v3_purp.c

+10 −0
Original line number Diff line number Diff line
@@ -352,6 +352,10 @@ static void x509v3_cache_extensions(X509 *x) 
    X509_EXTENSION *ex;

    int i;



    /* fast lock-free check, see end of the function for details. */

    if (x->ex_cached)

        return;



    CRYPTO_THREAD_write_lock(x->lock);

    if (x->ex_flags & EXFLAG_SET) {

        CRYPTO_THREAD_unlock(x->lock);
@@ -492,6 +496,12 @@ static void x509v3_cache_extensions(X509 *x) 
    }

    x->ex_flags |= EXFLAG_SET;

    CRYPTO_THREAD_unlock(x->lock);

    /*

     * It has to be placed after memory barrier, which is implied by unlock.

     * Worst thing that can happen is that another thread proceeds to lock

     * and checks x->ex_flags & EXFLAGS_SET. See beginning of the function.

     */

    x->ex_cached = 1;

}



/*-