Commit e78f1378 authored by Bodo Möller's avatar Bodo Möller
Browse files

really fix race condition 

PR: 262
parent 40e66398

CHANGES

+6 −2
Original line number Diff line number Diff line
@@ -1927,8 +1927,12 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k 
     (the SSL 3.0 and TLS 1.0 specifications allow any length up to 32 bytes).

     [Bodo Moeller]



  *) Fix race condition in SSLv3_client_method().

     [Bodo Moeller]

  *) Fix initialization code race conditions in

        SSLv23_client_method(),   SSLv23_server_method(),

        SSLv2_client_method(),    SSLv2_server_method(),

        SSLv3_client_method(),    SSLv3_server_method(),

        TLSv1_client_method(),    TLSv1_server_method().

     [Patrick McCormick <patrick@tellme.com>, Bodo Moeller]



  *) Reorder cleanup sequence in SSL_CTX_free(): only remove the ex_data after

     the cached sessions are flushed, as the remove_cb() might use ex_data

crypto/cryptlib.c

+2 −1
Original line number Diff line number Diff line
@@ -94,6 +94,7 @@ static const char* lock_names[CRYPTO_NUM_LOCKS] = 
	"ssl_session",

	"ssl_sess_cert",

	"ssl",

	"ssl_method",

	"rand",

	"rand2",

	"debug_malloc",
@@ -111,7 +112,7 @@ static const char* lock_names[CRYPTO_NUM_LOCKS] = 
	"ecdsa",

	"ec",

	"ecdh",

#if CRYPTO_NUM_LOCKS != 34

#if CRYPTO_NUM_LOCKS != 35

# error "Inconsistency between crypto.h and cryptlib.c"

#endif

	};

crypto/crypto.h

+26 −25
Original line number Diff line number Diff line
@@ -117,24 +117,25 @@ extern "C" { 
#define CRYPTO_LOCK_SSL_SESSION		14

#define CRYPTO_LOCK_SSL_SESS_CERT	15

#define CRYPTO_LOCK_SSL			16

#define	CRYPTO_LOCK_RAND		17

#define	CRYPTO_LOCK_RAND2		18

#define	CRYPTO_LOCK_MALLOC		19

#define	CRYPTO_LOCK_BIO			20

#define	CRYPTO_LOCK_GETHOSTBYNAME	21

#define	CRYPTO_LOCK_GETSERVBYNAME	22

#define	CRYPTO_LOCK_READDIR		23

#define	CRYPTO_LOCK_RSA_BLINDING	24

#define	CRYPTO_LOCK_DH			25

#define	CRYPTO_LOCK_MALLOC2		26

#define	CRYPTO_LOCK_DSO			27

#define	CRYPTO_LOCK_DYNLOCK		28

#define	CRYPTO_LOCK_ENGINE		29

#define	CRYPTO_LOCK_UI			30

#define CRYPTO_LOCK_ECDSA               31

#define CRYPTO_LOCK_EC			32

#define CRYPTO_LOCK_ECDH			33

#define	CRYPTO_NUM_LOCKS		34

#define CRYPTO_LOCK_SSL_METHOD		17

#define CRYPTO_LOCK_RAND		18

#define CRYPTO_LOCK_RAND2		19

#define CRYPTO_LOCK_MALLOC		20

#define CRYPTO_LOCK_BIO			21

#define CRYPTO_LOCK_GETHOSTBYNAME	22

#define CRYPTO_LOCK_GETSERVBYNAME	23

#define CRYPTO_LOCK_READDIR		24

#define CRYPTO_LOCK_RSA_BLINDING	25

#define CRYPTO_LOCK_DH			26

#define CRYPTO_LOCK_MALLOC2		27

#define CRYPTO_LOCK_DSO			28

#define CRYPTO_LOCK_DYNLOCK		29

#define CRYPTO_LOCK_ENGINE		30

#define CRYPTO_LOCK_UI			31

#define CRYPTO_LOCK_ECDSA               32

#define CRYPTO_LOCK_EC			33

#define CRYPTO_LOCK_ECDH		34

#define CRYPTO_NUM_LOCKS		35



#define CRYPTO_LOCK		1

#define CRYPTO_UNLOCK		2

ssl/s23_clnt.c

+4 −0
Original line number Diff line number Diff line
@@ -87,11 +87,15 @@ SSL_METHOD *SSLv23_client_method(void) 


	if (init)

		{

		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);



		memcpy((char *)&SSLv23_client_data,

			(char *)sslv23_base_method(),sizeof(SSL_METHOD));

		SSLv23_client_data.ssl_connect=ssl23_connect;

		SSLv23_client_data.get_ssl_method=ssl23_get_client_method;

		init=0;



		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);

		}

	return(&SSLv23_client_data);

	}

ssl/s23_srvr.c

+4 −0
Original line number Diff line number Diff line
@@ -139,11 +139,15 @@ SSL_METHOD *SSLv23_server_method(void) 


	if (init)

		{

		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);



		memcpy((char *)&SSLv23_server_data,

			(char *)sslv23_base_method(),sizeof(SSL_METHOD));

		SSLv23_server_data.ssl_accept=ssl23_accept;

		SSLv23_server_data.get_ssl_method=ssl23_get_server_method;

		init=0;



		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);

		}

	return(&SSLv23_server_data);

	}