www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-08 15:02:10 +03:00
Code Activity

get rid of SSL_get_app_data2_idx() which had a race condition when

Browse Source 
writing to app_data2_idx, and another inside OpenSSL when calling
SSL_get_ex_new_index().
add SSL_init_app_data2_idx() to provide the same functionality but in
a safe place: called during ssl_init_Module
PR:
Obtained from:
Submitted by:
Reviewed by:


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@92110 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Doug MacEachern
2001-11-21 22:58:28 +00:00
parent 38ee9028fc
commit 5838049830
3 changed files with 26 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
modules/ssl/ssl_engine_init.c
View File

@@ -264,6 +264,7 @@ void ssl_init_Module(apr_pool_t *p, apr_pool_t *plog,
ap_add_version_component(p, ssl_var_lookup(p, s, NULL, NULL, "SSL_VERSION_INTERFACE")); ap_add_version_component(p, ssl_var_lookup(p, s, NULL, NULL, "SSL_VERSION_INTERFACE"));
ap_add_version_component(p, ssl_var_lookup(p, s, NULL, NULL, "SSL_VERSION_LIBRARY")); ap_add_version_component(p, ssl_var_lookup(p, s, NULL, NULL, "SSL_VERSION_LIBRARY"));
SSL_init_app_data2_idx(); /* for SSL_get_app_data2() at request time */
return; return;
} }

36
modules/ssl/ssl_util_ssl.c
View File

@@ -65,27 +65,39 @@
** _________________________________________________________________ ** _________________________________________________________________
*/ */
int SSL_get_app_data2_idx(void) /* we initialize this index at startup time
{ * and never write to it at request time,
static int app_data2_idx = -1; * so this static is thread safe.
* also note that OpenSSL increments at static variable when
* SSL_get_ex_new_index() is called, so we _must_ do this at startup.
*/
static int SSL_app_data2_idx = -1;
if (app_data2_idx < 0) { void SSL_init_app_data2_idx(void)
app_data2_idx = SSL_get_ex_new_index(0, {
"Second Application Data for SSL", NULL, NULL, NULL); int i;
app_data2_idx = SSL_get_ex_new_index(0,
"Second Application Data for SSL", NULL, NULL, NULL); if (SSL_app_data2_idx > -1) {
} return;
return(app_data2_idx); }
/* we _do_ need to call this twice */
for (i=0; i<=1; i++) {
SSL_app_data2_idx =
SSL_get_ex_new_index(0,
"Second Application Data for SSL",
NULL, NULL, NULL);
}
} }
void *SSL_get_app_data2(SSL *ssl) void *SSL_get_app_data2(SSL *ssl)
{ {
return (void *)SSL_get_ex_data(ssl, SSL_get_app_data2_idx()); return (void *)SSL_get_ex_data(ssl, SSL_app_data2_idx);
} }
void SSL_set_app_data2(SSL *ssl, void *arg) void SSL_set_app_data2(SSL *ssl, void *arg)
{ {
SSL_set_ex_data(ssl, SSL_get_app_data2_idx(), (char *)arg); SSL_set_ex_data(ssl, SSL_app_data2_idx, (char *)arg);
return; return;
} }

2
modules/ssl/ssl_util_ssl.h
View File

@@ -91,7 +91,7 @@
/* /*
* Additional Functions * Additional Functions
*/ */
int SSL_get_app_data2_idx(void); void SSL_init_app_data2_idx(void);
void *SSL_get_app_data2(SSL *); void *SSL_get_app_data2(SSL *);
void SSL_set_app_data2(SSL *, void *); void SSL_set_app_data2(SSL *, void *);
X509 *SSL_read_X509(char *, X509 **, int (*)(char*,int,int,void*)); X509 *SSL_read_X509(char *, X509 **, int (*)(char*,int,int,void*));