diff options
50 files changed, 537 insertions, 788 deletions
@@ -151,6 +151,10 @@ output file readable only by the owner. This behavior change might be noticeable when interacting with other software. + *) Documented all exdata functions. Added CRYPTO_free_ex_index. + Added a test. + [Rich Salz] + *) Added HTTP GET support to the ocsp command. [Rich Salz] diff --git a/crypto/bio/bio_lib.c b/crypto/bio/bio_lib.c index 0e3469d..d8d01c7 100644 --- a/crypto/bio/bio_lib.c +++ b/crypto/bio/bio_lib.c @@ -561,13 +561,6 @@ void BIO_copy_next_retry(BIO *b) b->retry_reason = b->next_bio->retry_reason; } -int BIO_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) -{ - return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_BIO, argl, argp, - new_func, dup_func, free_func); -} - int BIO_set_ex_data(BIO *bio, int idx, void *data) { return (CRYPTO_set_ex_data(&(bio->ex_data), idx, data)); diff --git a/crypto/cpt_err.c b/crypto/cpt_err.c index 9f029cc..b8d3fa4 100644 --- a/crypto/cpt_err.c +++ b/crypto/cpt_err.c @@ -78,8 +78,9 @@ static ERR_STRING_DATA CRYPTO_str_functs[] = { {ERR_FUNC(CRYPTO_F_CRYPTO_NEW_EX_DATA), "CRYPTO_new_ex_data"}, {ERR_FUNC(CRYPTO_F_CRYPTO_SET_EX_DATA), "CRYPTO_set_ex_data"}, {ERR_FUNC(CRYPTO_F_DEF_ADD_INDEX), "DEF_ADD_INDEX"}, - {ERR_FUNC(CRYPTO_F_DEF_GET_CLASS), "def_get_class"}, + {ERR_FUNC(CRYPTO_F_DEF_GET_CLASS), "DEF_GET_CLASS"}, {ERR_FUNC(CRYPTO_F_FIPS_MODE_SET), "FIPS_mode_set"}, + {ERR_FUNC(CRYPTO_F_GET_AND_LOCK), "get_and_lock"}, {ERR_FUNC(CRYPTO_F_INT_DUP_EX_DATA), "INT_DUP_EX_DATA"}, {ERR_FUNC(CRYPTO_F_INT_FREE_EX_DATA), "INT_FREE_EX_DATA"}, {ERR_FUNC(CRYPTO_F_INT_NEW_EX_DATA), "INT_NEW_EX_DATA"}, diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c index 49f82d8..08aaa1d 100644 --- a/crypto/dh/dh_lib.c +++ b/crypto/dh/dh_lib.c @@ -205,13 +205,6 @@ int DH_up_ref(DH *r) return ((i > 1) ? 1 : 0); } -int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) -{ - return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DH, argl, argp, - new_func, dup_func, free_func); -} - int DH_set_ex_data(DH *d, int idx, void *arg) { return (CRYPTO_set_ex_data(&d->ex_data, idx, arg)); diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c index b78a2bf..4b02d77 100644 --- a/crypto/dsa/dsa_lib.c +++ b/crypto/dsa/dsa_lib.c @@ -234,13 +234,6 @@ int DSA_size(const DSA *r) return (ret); } -int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) -{ - return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DSA, argl, argp, - new_func, dup_func, free_func); -} - int DSA_set_ex_data(DSA *d, int idx, void *arg) { return (CRYPTO_set_ex_data(&d->ex_data, idx, arg)); diff --git a/crypto/ecdh/ech_lib.c b/crypto/ecdh/ech_lib.c index 363d2fe..f402caf 100644 --- a/crypto/ecdh/ech_lib.c +++ b/crypto/ecdh/ech_lib.c @@ -200,13 +200,6 @@ ECDH_DATA *ecdh_check(EC_KEY *key) return ecdh_data; } -int ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) -{ - return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ECDH, argl, argp, - new_func, dup_func, free_func); -} - int ECDH_set_ex_data(EC_KEY *d, int idx, void *arg) { ECDH_DATA *ecdh; diff --git a/crypto/ecdsa/ecs_lib.c b/crypto/ecdsa/ecs_lib.c index 4e1c63a..ae516e7 100644 --- a/crypto/ecdsa/ecs_lib.c +++ b/crypto/ecdsa/ecs_lib.c @@ -222,13 +222,6 @@ int ECDSA_size(const EC_KEY *r) return (ret); } -int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) -{ - return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ECDSA, argl, argp, - new_func, dup_func, free_func); -} - int ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg) { ECDSA_DATA *ecdsa; diff --git a/crypto/engine/eng_lib.c b/crypto/engine/eng_lib.c index 9ebb694..ed1034d 100644 --- a/crypto/engine/eng_lib.c +++ b/crypto/engine/eng_lib.c @@ -212,14 +212,6 @@ void ENGINE_cleanup(void) /* Now the "ex_data" support */ -int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, - CRYPTO_EX_free *free_func) -{ - return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ENGINE, argl, argp, - new_func, dup_func, free_func); -} - int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg) { return (CRYPTO_set_ex_data(&e->ex_data, idx, arg)); diff --git a/crypto/ex_data.c b/crypto/ex_data.c index 29d8071..5bf8e1e 100644 --- a/crypto/ex_data.c +++ b/crypto/ex_data.c @@ -112,48 +112,53 @@ #include <openssl/lhash.h> -typedef struct { + +/* + * Each structure type (sometimes called a class), that supports + * exdata has a stack of callbacks for each instance. + */ +typedef struct ex_callback_st { long argl; /* Arbitary long */ void *argp; /* Arbitary void * */ CRYPTO_EX_new *new_func; CRYPTO_EX_free *free_func; CRYPTO_EX_dup *dup_func; -} CRYPTO_EX_DATA_FUNCS; +} EX_CALLBACK; -DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS) +DECLARE_STACK_OF(EX_CALLBACK) /* - * State for each class; could just be a typedef, but this allows future - * changes. + * The state for each class. This could just be a typedef, but + * a structure allows future changes. */ -typedef struct { - STACK_OF(CRYPTO_EX_DATA_FUNCS) *meth; -} EX_CLASS_ITEM; +typedef struct ex_callbacks_st { + STACK_OF(EX_CALLBACK) *meth; +} EX_CALLBACKS; -static EX_CLASS_ITEM ex_data[CRYPTO_EX_INDEX__COUNT]; +static EX_CALLBACKS ex_data[CRYPTO_EX_INDEX__COUNT]; /* - * Return the EX_CLASS_ITEM from the "ex_data" array that corresponds to + * Return the EX_CALLBACKS from the |ex_data| array that corresponds to * a given class. On success, *holds the lock.* */ -static EX_CLASS_ITEM *def_get_class(int class_index) +static EX_CALLBACKS *get_and_lock(int class_index) { - EX_CLASS_ITEM *ip; + EX_CALLBACKS *ip; if (class_index < 0 || class_index >= CRYPTO_EX_INDEX__COUNT) { - CRYPTOerr(CRYPTO_F_DEF_GET_CLASS, ERR_R_MALLOC_FAILURE); + CRYPTOerr(CRYPTO_F_GET_AND_LOCK, ERR_R_MALLOC_FAILURE); return NULL; } ip = &ex_data[class_index]; CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA); if (ip->meth == NULL) { - ip->meth = sk_CRYPTO_EX_DATA_FUNCS_new_null(); + ip->meth = sk_EX_CALLBACK_new_null(); /* We push an initial value on the stack because the SSL * "app_data" routines use ex_data index zero. See RT 3710. */ if (ip->meth == NULL - || !sk_CRYPTO_EX_DATA_FUNCS_push(ip->meth, NULL)) { - CRYPTOerr(CRYPTO_F_DEF_GET_CLASS, ERR_R_MALLOC_FAILURE); + || !sk_EX_CALLBACK_push(ip->meth, NULL)) { + CRYPTOerr(CRYPTO_F_GET_AND_LOCK, ERR_R_MALLOC_FAILURE); CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA); return NULL; } @@ -161,7 +166,7 @@ static EX_CLASS_ITEM *def_get_class(int class_index) return ip; } -static void cleanup_cb(CRYPTO_EX_DATA_FUNCS *funcs) +static void cleanup_cb(EX_CALLBACK *funcs) { OPENSSL_free(funcs); } @@ -177,27 +182,71 @@ void CRYPTO_cleanup_all_ex_data(void) int i; for (i = 0; i < CRYPTO_EX_INDEX__COUNT; ++i) { - EX_CLASS_ITEM *ip = &ex_data[i]; + EX_CALLBACKS *ip = &ex_data[i]; - sk_CRYPTO_EX_DATA_FUNCS_pop_free(ip->meth, cleanup_cb); + sk_EX_CALLBACK_pop_free(ip->meth, cleanup_cb); ip->meth = NULL; } } + +/* + * Unregister a new index by replacing the callbacks with no-ops. + * Any in-use instances are leaked. + */ +static void dummy_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx, + long argl, void *argp) +{ +} + +static void dummy_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx, + long argl, void *argp) +{ +} + +static int dummy_dup(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, + void *from_d, int idx, + long argl, void *argp) +{ + return 0; +} + +int CRYPTO_free_ex_index(int class_index, int idx) +{ + EX_CALLBACKS *ip = get_and_lock(class_index); + EX_CALLBACK *a; + int toret = 0; + + if (ip == NULL) + return 0; + if (idx < 0 || idx >= sk_EX_CALLBACK_num(ip->meth)) + goto err; + a = sk_EX_CALLBACK_value(ip->meth, idx); + if (a == NULL) + goto err; + a->new_func = dummy_new; + a->dup_func = dummy_dup; + a->free_func = dummy_free; + toret = 1; +err: + CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA); + return toret; +} + /* - * Inside an existing class, get/register a new index. + * Register a new index. */ int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) { int toret = -1; - CRYPTO_EX_DATA_FUNCS *a; - EX_CLASS_ITEM *ip = def_get_class(class_index); + EX_CALLBACK *a; + EX_CALLBACKS *ip = get_and_lock(class_index); - if (!ip) + if (ip == NULL) return -1; - a = (CRYPTO_EX_DATA_FUNCS *)OPENSSL_malloc(sizeof(*a)); + a = (EX_CALLBACK *)OPENSSL_malloc(sizeof(*a)); if (a == NULL) { CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX, ERR_R_MALLOC_FAILURE); goto err; @@ -208,13 +257,13 @@ int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp, a->dup_func = dup_func; a->free_func = free_func; - if (!sk_CRYPTO_EX_DATA_FUNCS_push(ip->meth, NULL)) { + if (!sk_EX_CALLBACK_push(ip->meth, NULL)) { CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX, ERR_R_MALLOC_FAILURE); OPENSSL_free(a); goto err; } - toret = sk_CRYPTO_EX_DATA_FUNCS_num(ip->meth) - 1; - (void)sk_CRYPTO_EX_DATA_FUNCS_set(ip->meth, toret, a); + toret = sk_EX_CALLBACK_num(ip->meth) - 1; + (void)sk_EX_CALLBACK_set(ip->meth, toret, a); err: CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA); @@ -224,7 +273,7 @@ int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp, /* * Initialise a new CRYPTO_EX_DATA for use in a particular class - including * calling new() callbacks for each index in the class used by this variable - * Thread-safe by copying a class's array of "CRYPTO_EX_DATA_FUNCS" entries + * Thread-safe by copying a class's array of "EX_CALLBACK" entries * in the lock, then using them outside the lock. Note this only applies * to the global "ex_data" state (ie. class definitions), not 'ad' itself. */ @@ -232,16 +281,16 @@ int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad) { int mx, i; void *ptr; - CRYPTO_EX_DATA_FUNCS **storage = NULL; - CRYPTO_EX_DATA_FUNCS *stack[10]; - EX_CLASS_ITEM *ip = def_get_class(class_index); + EX_CALLBACK **storage = NULL; + EX_CALLBACK *stack[10]; + EX_CALLBACKS *ip = get_and_lock(class_index); - if (!ip) + if (ip == NULL) return 0; ad->sk = NULL; - mx = sk_CRYPTO_EX_DATA_FUNCS_num(ip->meth); + mx = sk_EX_CALLBACK_num(ip->meth); if (mx > 0) { if (mx < (int)OSSL_NELEM(stack)) storage = stack; @@ -249,7 +298,7 @@ int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad) storage = OPENSSL_malloc(sizeof(*storage) * mx); if (storage != NULL) for (i = 0; i < mx; i++) - storage[i] = sk_CRYPTO_EX_DATA_FUNCS_value(ip->meth, i); + storage[i] = sk_EX_CALLBACK_value(ip->meth, i); } CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA); @@ -278,17 +327,17 @@ int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to, { int mx, j, i; char *ptr; - CRYPTO_EX_DATA_FUNCS *stack[10]; - CRYPTO_EX_DATA_FUNCS **storage = NULL; - EX_CLASS_ITEM *ip; + EX_CALLBACK *stack[10]; + EX_CALLBACK **storage = NULL; + EX_CALLBACKS *ip; if (from->sk == NULL) /* Nothing to copy over */ return 1; - if ((ip = def_get_class(class_index)) == NULL) + if ((ip = get_and_lock(class_index)) == NULL) return 0; - mx = sk_CRYPTO_EX_DATA_FUNCS_num(ip->meth); + mx = sk_EX_CALLBACK_num(ip->meth); j = sk_void_num(from->sk); if (j < mx) mx = j; @@ -299,7 +348,7 @@ int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to, storage = OPENSSL_malloc(sizeof(*storage) * mx); if (storage != NULL) for (i = 0; i < mx; i++) - storage[i] = sk_CRYPTO_EX_DATA_FUNCS_value(ip->meth, i); + storage[i] = sk_EX_CALLBACK_value(ip->meth, i); } CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA); @@ -328,15 +377,15 @@ int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to, void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad) { int mx, i; - EX_CLASS_ITEM *ip; + EX_CALLBACKS *ip; void *ptr; - CRYPTO_EX_DATA_FUNCS *stack[10]; - CRYPTO_EX_DATA_FUNCS **storage = NULL; + EX_CALLBACK *stack[10]; + EX_CALLBACK **storage = NULL; - if ((ip = def_get_class(class_index)) == NULL) + if ((ip = get_and_lock(class_index)) == NULL) return; - mx = sk_CRYPTO_EX_DATA_FUNCS_num(ip->meth); + mx = sk_EX_CALLBACK_num(ip->meth); if (mx > 0) { if (mx < (int)OSSL_NELEM(stack)) storage = stack; @@ -344,7 +393,7 @@ void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad) storage = OPENSSL_malloc(sizeof(*storage) * mx); if (storage != NULL) for (i = 0; i < mx; i++) - storage[i] = sk_CRYPTO_EX_DATA_FUNCS_value(ip->meth, i); + storage[i] = sk_EX_CALLBACK_value(ip->meth, i); } CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA); diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c index 594722b..c9249ef 100644 --- a/crypto/rsa/rsa_lib.c +++ b/crypto/rsa/rsa_lib.c @@ -234,13 +234,6 @@ int RSA_up_ref(RSA *r) return ((i > 1) ? 1 : 0); } -int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) -{ - return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_RSA, argl, argp, - new_func, dup_func, free_func); -} - int RSA_set_ex_data(RSA *r, int idx, void *arg) { return (CRYPTO_set_ex_data(&r->ex_data, idx, arg)); diff --git a/crypto/store/str_lib.c b/crypto/store/str_lib.c index c2e6b8e..d5ecdbd 100644 --- a/crypto/store/str_lib.c +++ b/crypto/store/str_lib.c @@ -187,13 +187,6 @@ int STORE_ctrl(STORE *store, int cmd, long i, void *p, void (*f) (void)) return 0; } -int STORE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) -{ - return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_STORE, argl, argp, - new_func, dup_func, free_func); -} - int STORE_set_ex_data(STORE *r, int idx, void *arg) { return (CRYPTO_set_ex_data(&r->ex_data, idx, arg)); diff --git a/crypto/ui/ui_lib.c b/crypto/ui/ui_lib.c index 9440a85..d2ac28b 100644 --- a/crypto/ui/ui_lib.c +++ b/crypto/ui/ui_lib.c @@ -536,13 +536,6 @@ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f) (void)) return -1; } -int UI_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) -{ - return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_UI, argl, argp, - new_func, dup_func, free_func); -} - int UI_set_ex_data(UI *r, int idx, void *arg) { return (CRYPTO_set_ex_data(&r->ex_data, idx, arg)); diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index 0a47d4d..3156e04 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -2110,19 +2110,6 @@ X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer, return NULL; } -int X509_STORE_CTX_get_ex_new_index(long argl, void *argp, - CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, - CRYPTO_EX_free *free_func) -{ - /* - * This function is (usually) called only once, by - * SSL_get_ex_data_X509_STORE_CTX_idx (ssl/ssl_cert.c). - */ - return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE_CTX, argl, argp, - new_func, dup_func, free_func); -} - int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data) { return CRYPTO_set_ex_data(&ctx->ex_data, idx, data); diff --git a/crypto/x509/x_x509.c b/crypto/x509/x_x509.c index cab17dd..4733321 100644 --- a/crypto/x509/x_x509.c +++ b/crypto/x509/x_x509.c @@ -142,13 +142,6 @@ IMPLEMENT_ASN1_FUNCTIONS(X509) IMPLEMENT_ASN1_DUP_FUNCTION(X509) -int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) -{ - return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509, argl, argp, - new_func, dup_func, free_func); -} - int X509_set_ex_data(X509 *r, int idx, void *arg) { return (CRYPTO_set_ex_data(&r->ex_data, idx, arg)); diff --git a/doc/crypto/BIO_get_ex_new_index.pod b/doc/crypto/BIO_get_ex_new_index.pod new file mode 100644 index 0000000..4824b5d --- /dev/null +++ b/doc/crypto/BIO_get_ex_new_index.pod @@ -0,0 +1,45 @@ +=pod + +=head1 NAME + +BIO_get_ex_new_index, BIO_set_ex_data, BIO_get_ex_data, +ENGINE_get_ex_new_index, ENGINE_set_ex_data, ENGINE_get_ex_data, +UI_get_ex_new_index, UI_set_ex_data, UI_get_ex_data, +X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data, +X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data, +X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data, +DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data, +DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data, +ECDH_get_ex_new_index, ECDH_set_ex_data, ECDH_get_ex_data, +ECDSA_get_ex_new_index, ECDSA_set_ex_data, ECDSA_get_ex_data, +RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data +- application-specific data + +=head1 SYNOPSIS + +The synopsis below is for the X509 structure, but is the same for all +crypto structures: + + #include <openssl/x509.h> + + int X509_get_ex_new_index(long argl, void *argp, + CRYPTO_EX_new *new_func, + CRYPTO_EX_dup *dup_func, + CRYPTO_EX_free *free_func); + + int X509_set_ex_data(X509 *d, int idx, void *arg); + + void *X509_get_ex_data(X509 *d, int idx); + +=head1 DESCRIPTION + +These functions handle application-specific data for OpenSSL crypto +structures. + +For details, see L<CRYPTO_get_ex_new_index(3)>. + +=head1 SEE ALSO + +L<CRYPTO_get_ex_new_index(3)>. + +=cut diff --git a/doc/crypto/CRYPTO_get_ex_new_index.pod b/doc/crypto/CRYPTO_get_ex_new_index.pod new file mode 100644 index 0000000..9d047a4 --- /dev/null +++ b/doc/crypto/CRYPTO_get_ex_new_index.pod @@ -0,0 +1,145 @@ +=pod + +=head1 NAME + +CRYPTO_free_ex_index, CRYPTO_get_ex_new_index, CRYPTO_set_ex_data, +CRYPTO_get_ex_data, CRYPTO_free_ex_data +- functions supporting application-specific data + +=head1 SYNOPSIS + + #include <openssl/crypto.h> + + int CRYPTO_get_ex_new_index(int class_index, + long argl, void *argp, + CRYPTO_EX_new *new_func, + CRYPTO_EX_dup *dup_func, + CRYPTO_EX_free *free_func); + + typedef int CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad, + int idx, long argl, void *argp); + typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad, + int idx, long argl, void *argp); + typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, + void *from_d, int idx, long argl, void *argp); + + int CRYPTO_set_ex_data(CRYPTO_EX_DATA *r, int idx, void *arg); + + void *CRYPTO_get_ex_data(CRYPTO_EX_DATA *r, int idx); + + void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *r); + + int CRYPTO_free_ex_index(int class_index, int idx); + +=head1 DESCRIPTION + +Several OpenSSL structures can have application-specific data attached to them, +known as "exdata." +The specific structures are: + + SSL + SSL_CTX + SSL_SESSION + X509 + X509_STORE + X509_STORE_CTX + DH + DSA + ECDH + ECDSA + RSA + ENGINE + UI + BIO + +Each is identified by an B<CRYPTO_EX_INDEX_xxx> define in the B<crypto.h> +header file. In addition, B<CRYPTO_EX_INDEX_APP> is reserved for +applications to use this facility for their own structures. + +The API described here is used by OpenSSL to manipulate exdata for specific +structures. Since the application data can be anything at all it is passed +and retrieved as a B<void *> type. + +Exdata types are identified by an B<index>, an integer guaranteed to be +unique within structures for the lifetime of the program. Applications +using exdata typically call B<CRYPTO_get_ex_new_index> at startup, and +store the result in a global variable, or write a wrapper function to +provide lazy evaluation. The B<class_index> should be one of the +B<CRYPTO_EX_INDEX_xxx> values. The B<argl> and B<argp> parameters are saved +to be passed to the callbacks but are otherwise not used. In order to +transparently manipulate exdata, three callbacks must be provided. The +semantics of those callbacks are described below. + +When copying or releasing objects with exdata, the callback functions +are called in increasing order of their B<index> value. + +If a dynamic library can be unloaded, it should call CRYPTO_free_ex_index() +when this is done. +This will replace the callbacks with no-ops +so that applications don't crash. Any existing exdata will be leaked. + +To set or get the exdata on an object, the appropriate type-specific +routine must be used. This is because the containing structure is opaque +and the B<CRYPTO_EX_DATA> field is not accessible. In both API's, the +B<idx> parameter should be an already-created index value. + +When setting exdata, the pointer specified with a particular index is saved, +and returned on a subsequent "get" call. If the application is going to +release the data, it must make sure to set a B<NULL> value at the index, +to avoid likely double-free crash. + +The function B<CRYPTO_free_ex_data> is used to free all exdata attached +to a structure. The appropriate type-specific routine must be used. +The B<class_index> identifies the structure type, the B<obj> is +be the pointer to the actual structure, and B<r> is a pointer to the +structure's exdata field. + +=head2 Callback Functions + +This section describes how the callback functions are used. Applications +that are defining their own exdata using B<CYPRTO_EX_INDEX_APP> must +call them as described here. + +When a structure is initially allocated (such as RSA_new()) then the +new_func() is called for every defined index. There is no requirement +that the entire parent, or containing, structure has been set up. +The new_func() is typically used only to allocate memory to store the +exdata, and perhaps an "initialized" flag within that memory. +The exdata value should be set by calling CRYPTO_set_ex_data(). + +When a structure is free'd (such as SSL_CTX_free()) then the +free_func() is called for every defined index. Again, the state of the +parent structure is not guaranteed. The free_func() may be called with a +NULL pointer. + +Both new_func() and free_func() take the same parameters. +The B<parent> is the pointer to the structure that contains the exdata. +The B<ptr> is the current exdata item; for new_func() this will typically +be NULL. The B<r> parameter is a pointer to the exdata field of the object. +The B<idx> is the index and is the value returned when the callbacks were +initially registered via CRYPTO_get_ex_new_index() and can be used if +the same callback handles different types of exdata. + +dup_func() is called when a structure is being copied. This is only done +for B<SSL> and B<SSL_SESSION> objects. The B<to> and B<from> parameters +are pointers to the destination and source B<CRYPTO_EX_DATA> structures, +respectively. The B<srcp> parameter is a pointer to the source exdata. +When the dup_func() returns, the value in B<srcp> is copied to the +destination ex_data. If the pointer contained in B<srcp> is not modified, +then both B<to> and B<from> will point to the same data. The B<idx>, +B<argl> and B<argp> parameters are as described for the other two callbacks. + +=head1 RETURN VALUES + +CRYPTO_get_ex_new_index() returns a new index or -1 on failure; the +value B<0> is reserved for the legacy "app_data" API's. + +CRYPTO_free_ex_index() and +CRYPTO_set_ex_data() return 1 on success or 0 on failure. + +CRYPTO_get_ex_data() returns the application data or NULL on failure; +note that NULL may be a valid value. + +dup_func() should return 0 for failure and 1 for success. + +=cut diff --git a/doc/crypto/CRYPTO_set_ex_data.pod b/doc/crypto/CRYPTO_set_ex_data.pod deleted file mode 100644 index 68ac6fa..0000000 --- a/doc/crypto/CRYPTO_set_ex_data.pod +++ /dev/null @@ -1,49 +0,0 @@ -=pod - -=head1 NAME - -CRYPTO_set_ex_data, CRYPTO_get_ex_data - internal application specific data functions - -=head1 SYNOPSIS - - #include <openssl/crypto.h> - - int CRYPTO_set_ex_data(CRYPTO_EX_DATA *r, int idx, void *arg); - - void *CRYPTO_get_ex_data(CRYPTO_EX_DATA *r, int idx); - -=head1 DESCRIPTION - -Several OpenSSL structures can have application specific data attached to them. -These functions are used internally by OpenSSL to manipulate application -specific data attached to a specific structure. - -These functions should only be used by applications to manipulate -B<CRYPTO_EX_DATA> structures passed to the new_func(), free_func() and -dup_func() callbacks: as passed to RSA_get_ex_new_index() for example. - -CRYPTO_set_ex_data() is used to set application specific data, the data is -supplied in the B<arg> parameter and its precise meaning is up to the -application. - -CRYPTO_get_ex_data() is used to retrieve application specific data. The data -is returned to the application, this will be the same value as supplied to -a previous CRYPTO_set_ex_data() call. - -=head1 RETURN VALUES - -CRYPTO_set_ex_data() returns 1 on success or 0 on failure. - -CRYPTO_get_ex_data() returns the application data or 0 on failure. 0 may also -be valid application data but currently it can only fail if given an invalid B<idx> -parameter. - -On failure an error code can be obtained from L<ERR_get_error(3)>. - -=head1 SEE ALSO - -L<RSA_get_ex_new_index(3)>, -L<DSA_get_ex_new_index(3)>, -L<DH_get_ex_new_index(3)> - -=cut diff --git a/doc/crypto/DH_get_ex_new_index.pod b/doc/crypto/DH_get_ex_new_index.pod deleted file mode 100644 index 0c113c7..0000000 --- a/doc/crypto/DH_get_ex_new_index.pod +++ /dev/null @@ -1,31 +0,0 @@ -=pod - -=head1 NAME - -DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data - add application specific data to DH structures - -=head1 SYNOPSIS - - #include <openssl/dh.h> - - int DH_get_ex_new_index(long argl, void *argp, - CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, - CRYPTO_EX_free *free_func); - - int DH_set_ex_data(DH *d, int idx, void *arg); - - char *DH_get_ex_data(DH *d, int idx); - -=head1 DESCRIPTION - -These functions handle application specific data in DH -structures. Their usage is identical to that of -RSA_get_ex_new_index(), RSA_set_ex_data() and RSA_get_ex_data() -as described in L<RSA_get_ex_new_index(3)>. - -=head1 SEE ALSO - -L<RSA_get_ex_new_index(3)>, L<dh(3)> - -=cut diff --git a/doc/crypto/DSA_get_ex_new_index.pod b/doc/crypto/DSA_get_ex_new_index.pod deleted file mode 100644 index b9ed01b..0000000 --- a/doc/crypto/DSA_get_ex_new_index.pod +++ /dev/null @@ -1,31 +0,0 @@ -=pod - -=head1 NAME - -DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data - add application specific data to DSA structures - -=head1 SYNOPSIS - - #include <openssl/dsa.h> - - int DSA_get_ex_new_index(long argl, void *argp, - CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, - CRYPTO_EX_free *free_func); - - int DSA_set_ex_data(DSA *d, int idx, void *arg); - - char *DSA_get_ex_data(DSA *d, int idx); - -=head1 DESCRIPTION - -These functions handle application specific data in DSA -structures. Their usage is identical to that of -RSA_get_ex_new_index(), RSA_set_ex_data() and RSA_get_ex_data() -as described in L<RSA_get_ex_new_index(3)>. - -=head1 SEE ALSO - -L<RSA_get_ex_new_index(3)>, L<dsa(3)> - -=cut diff --git a/doc/crypto/RSA_get_ex_new_index.pod b/doc/crypto/RSA_get_ex_new_index.pod deleted file mode 100644 index 7022459..0000000 --- a/doc/crypto/RSA_get_ex_new_index.pod +++ /dev/null @@ -1,115 +0,0 @@ -=pod - -=head1 NAME - -RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - add application specific data to RSA structures - -=head1 SYNOPSIS - - #include <openssl/rsa.h> - - int RSA_get_ex_new_index(long argl, void *argp, - CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, - CRYPTO_EX_free *free_func); - - int RSA_set_ex_data(RSA *r, int idx, void *arg); - - void *RSA_get_ex_data(RSA *r, int idx); - - typedef int CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad, - int idx, long argl, void *argp); - typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad, - int idx, long argl, void *argp); - typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d, - int idx, long argl, void *argp); - -=head1 DESCRIPTION - -Several OpenSSL structures can have application specific data attached to them. -This has several potential uses, it can be used to cache data associated with -a structure (for example the hash of some part of the structure) or some -additional data (for example a handle to the data in an external library). - -Since the application data can be anything at all it is passed and retrieved -as a B<void *> type. - -The RSA_get_ex_new_index() function is initially called to "register" some -new application specific data. It takes three optional function pointers which -are called when the parent structure (in this case an RSA structure) is -initially created, when it is copied and when it is freed up. If any or all of -these function pointer arguments are not used they should be set to NULL. The -precise manner in which these function pointers are called is described in more -detail below. RSA_get_ex_new_index() also takes additional long and pointer -parameters which will be passed to the supplied functions but which otherwise -have no special meaning. It returns an B<index> which should be stored -(typically in a static variable) and passed used in the B<idx> parameter in -the remaining functions. Each successful call to RSA_get_ex_new_index() -will return an index greater than any previously returned, this is important -because the optional functions are called in order of increasing index value. - -RSA_set_ex_data() is used to set application specific data, the data is -supplied in the B<arg> parameter and its precise meaning is up to the -application. - -RSA_get_ex_data() is used to retrieve application specific data. The data -is returned to the application, this will be the same value as supplied to -a previous RSA_set_ex_data() call. - -new_func() is called when a structure is initially allocated (for example -with RSA_new(). The parent structure members will not have any meaningful -values at this point. This function will typically be used to allocate any -application specific structure. - -free_func() is called when a structure is being freed up. The dynamic parent -structure members should not be accessed because they will be freed up when -this function is called. - -new_func() and free_func() take the same parameters. B<parent> is a -pointer to the parent RSA structure. B<ptr> is a the application specific data -(this wont be of much use in new_func(). B<ad> is a pointer to the -B<CRYPTO_EX_DATA> structure from the parent RSA structure: the functions -CRYPTO_get_ex_data() and CRYPTO_set_ex_data() can be called to manipulate -it. The B<idx> parameter is the index: this will be the same value returned by -RSA_get_ex_new_index() when the functions were initially registered. Finally -the B<argl> and B<argp> parameters are the values originally passed to the same -corresponding parameters when RSA_get_ex_new_index() was called. - -dup_func() is called when a structure is being copied. Pointers to the -destination and source B<CRYPTO_EX_DATA> structures are passed in the B<to> and -B<from> parameters respectively. The B<from_d> parameter is passed a pointer to -the source application data when the function is called, when the function returns -the value is copied to the destination: the application can thus modify the data -pointed to by B<from_d> and have different values in the source and destination. -The B<idx>, B<argl> and B<argp> parameters are the same as those in new_func() -and free_func(). - -=head1 RETURN VALUES - -RSA_get_ex_new_index() returns a new index or -1 on failure (note 0 is a valid -index value). - -RSA_set_ex_data() returns 1 on success or 0 on failure. - -RSA_get_ex_data() returns the application data or 0 on failure. 0 may also -be valid application data but currently it can only fail if given an invalid B<idx> -parameter. - -new_func() and dup_func() should return 0 for failure and 1 for success. - -On failure an error code can be obtained from L<ERR_get_error(3)>. - -=head1 BUGS - -dup_func() is currently never called. - -The return value of new_func() is ignored. - -The new_func() function isn't very useful because no meaningful values are -present in the parent RSA structure when it is called. - -=head1 SEE ALSO - -L<rsa(3)>, L<CRYPTO_set_ex_data(3)> - -=cut diff --git a/doc/crypto/X509_STORE_CTX_get_ex_new_index.pod b/doc/crypto/X509_STORE_CTX_get_ex_new_index.pod deleted file mode 100644 index f708329..0000000 --- a/doc/crypto/X509_STORE_CTX_get_ex_new_index.pod +++ /dev/null @@ -1,36 +0,0 @@ -=pod - -=head1 NAME - -X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data - add application specific data to X509_STORE_CTX structures - -=head1 SYNOPSIS - - #include <openssl/x509_vfy.h> - - int X509_STORE_CTX_get_ex_new_index(long argl, void *argp, - CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, - CRYPTO_EX_free *free_func); - - int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *d, int idx, void *arg); - - void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *d, int idx); - -=head1 DESCRIPTION - -These functions handle application specific data in X509_STORE_CTX structures. -Their usage is identical to that of RSA_get_ex_new_index(), RSA_set_ex_data() -and RSA_get_ex_data() as described in L<RSA_get_ex_new_index(3)>. - -=head1 NOTES - -This mechanism is used internally by the B<ssl> library to store the B<SSL> -structure associated with a verification operation in an B<X509_STORE_CTX> -structure. - -=head1 SEE ALSO - -L<RSA_get_ex_new_index(3)> - -=cut diff --git a/doc/crypto/dh.pod b/doc/crypto/dh.pod index 6115e8c..ce6a110 100644 --- a/doc/crypto/dh.pod +++ b/doc/crypto/dh.pod @@ -25,11 +25,6 @@ dh - Diffie-Hellman key agreement DH *DH_new_method(ENGINE *engine); const DH_METHOD *DH_OpenSSL(void); - int DH_get_ex_new_index(long argl, char *argp, int (*new_func)(), - int (*dup_func)(), void (*free_func)()); - int DH_set_ex_data(DH *d, int idx, char *arg); - char *DH_get_ex_data(DH *d, int idx); - DH * d2i_DHparams(DH **a, unsigned char **pp, long length); int i2d_DHparams(const DH *a, unsigned char **pp); diff --git a/doc/crypto/dsa.pod b/doc/crypto/dsa.pod index f0b74c1..9cf1c49 100644 --- a/doc/crypto/dsa.pod +++ b/doc/crypto/dsa.pod @@ -35,11 +35,6 @@ dsa - Digital Signature Algorithm DSA *DSA_new_method(ENGINE *engine); const DSA_METHOD *DSA_OpenSSL(void); - int DSA_get_ex_new_index(long argl, char *argp, int (*new_func)(), - int (*dup_func)(), void (*free_func)()); - int DSA_set_ex_data(DSA *d, int idx, char *arg); - char *DSA_get_ex_data(DSA *d, int idx); - DSA_SIG *DSA_SIG_new(void); void DSA_SIG_free(DSA_SIG *a); int i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp); diff --git a/doc/crypto/ecdsa.pod b/doc/crypto/ecdsa.pod index 1af4feb..be0f482 100644 --- a/doc/crypto/ecdsa.pod +++ b/doc/crypto/ecdsa.pod @@ -40,13 +40,6 @@ ECDSA_SIG_new, ECDSA_SIG_free, i2d_ECDSA_SIG, d2i_ECDSA_SIG, ECDSA_size, ECDSA_s const ECDSA_METHOD* ECDSA_get_default_method(void); int ECDSA_set_method(EC_KEY *eckey,const ECDSA_METHOD *meth); - int ECDSA_get_ex_new_index(long argl, void *argp, - CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, - CRYPTO_EX_free *free_func); - int ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg); - void* ECDSA_get_ex_data(EC_KEY *d, int idx); - =head1 DESCRIPTION The B<ECDSA_SIG> structure consists of two BIGNUMs for the diff --git a/doc/crypto/engine.pod b/doc/crypto/engine.pod index 4d11b4a..7d2d5d8 100644 --- a/doc/crypto/engine.pod +++ b/doc/crypto/engine.pod @@ -94,12 +94,6 @@ engine - ENGINE cryptographic module support int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg, int cmd_optional); - int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg); - void *ENGINE_get_ex_data(const ENGINE *e, int idx); - - int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); - ENGINE *ENGINE_new(void); int ENGINE_free(ENGINE *e); int ENGINE_up_ref(ENGINE *e); diff --git a/doc/crypto/rsa.pod b/doc/crypto/rsa.pod index ac32415..9c42923 100644 --- a/doc/crypto/rsa.pod +++ b/doc/crypto/rsa.pod @@ -46,11 +46,6 @@ rsa - RSA public key cryptosystem int RSA_print(BIO *bp, RSA *x, int offset); int RSA_print_fp(FILE *fp, RSA *x, int offset); - int RSA_get_ex_new_index(long argl, char *argp, int (*new_func)(), - int (*dup_func)(), void (*free_func)()); - int RSA_set_ex_data(RSA *r,int idx,char *arg); - char *RSA_get_ex_data(RSA *r, int idx); - int RSA_sign_ASN1_OCTET_STRING(int dummy, unsigned char *m, unsigned int m_len, unsigned char *sigret, unsigned int *siglen, RSA *rsa); diff --git a/doc/ssl/SSL_CTX_get_ex_new_index.pod b/doc/ssl/SSL_CTX_get_ex_new_index.pod deleted file mode 100644 index fc72837..0000000 --- a/doc/ssl/SSL_CTX_get_ex_new_index.pod +++ /dev/null @@ -1,53 +0,0 @@ -=pod - -=head1 NAME - -SSL_CTX_get_ex_new_index, SSL_CTX_set_ex_data, SSL_CTX_get_ex_data - internal application specific data functions - -=head1 SYNOPSIS - - #include <openssl/ssl.h> - - int SSL_CTX_get_ex_new_index(long argl, void *argp, - CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, - CRYPTO_EX_free *free_func); - - int SSL_CTX_set_ex_data(SSL_CTX *ctx, int idx, void *arg); - - void *SSL_CTX_get_ex_data(const SSL_CTX *ctx, int idx); - - typedef int new_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad, - int idx, long argl, void *argp); - typedef void free_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad, - int idx, long argl, void *argp); - typedef int dup_func(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d, - int idx, long argl, void *argp); - -=head1 DESCRIPTION - -Several OpenSSL structures can have application specific data attached to them. -These functions are used internally by OpenSSL to manipulate application -specific data attached to a specific structure. - -SSL_CTX_get_ex_new_index() is used to register a new index for application -specific data. - -SSL_CTX_set_ex_data() is used to store application data at B<arg> for B<idx> -into the B<ctx> object. - -SSL_CTX_get_ex_data() is used to retrieve the information for B<idx> from -B<ctx>. - -A detailed description for the B<*_get_ex_new_index()> functionality -can be found in L<RSA_get_ex_new_index(3)>. -The B<*_get_ex_data()> and B<*_set_ex_data()> functionality is described in -L<CRYPTO_set_ex_data(3)>. - -=head1 SEE ALSO - -L<ssl(3)>, -L<RSA_get_ex_new_index(3)>, -L<CRYPTO_set_ex_data(3)> - -=cut diff --git a/doc/ssl/SSL_SESSION_get_ex_new_index.pod b/doc/ssl/SSL_SESSION_get_ex_new_index.pod deleted file mode 100644 index f5390c1..0000000 --- a/doc/ssl/SSL_SESSION_get_ex_new_index.pod +++ /dev/null @@ -1,61 +0,0 @@ -=pod - -=head1 NAME - -SSL_SESSION_get_ex_new_index, SSL_SESSION_set_ex_data, SSL_SESSION_get_ex_data - internal application specific data functions - -=head1 SYNOPSIS - - #include <openssl/ssl.h> - - int SSL_SESSION_get_ex_new_index(long argl, void *argp, - CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, - CRYPTO_EX_free *free_func); - - int SSL_SESSION_set_ex_data(SSL_SESSION *session, int idx, void *arg); - - void *SSL_SESSION_get_ex_data(const SSL_SESSION *session, int idx); - - typedef int new_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad, - int idx, long argl, void *argp); - typedef void free_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad, - int idx, long argl, void *argp); - typedef int dup_func(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d, - int idx, long argl, void *argp); - -=head1 DESCRIPTION - -Several OpenSSL structures can have application specific data attached to them. -These functions are used internally by OpenSSL to manipulate application -specific data attached to a specific structure. - -SSL_SESSION_get_ex_new_index() is used to register a new index for application -specific data. - -SSL_SESSION_set_ex_data() is used to store application data at B<arg> for B<idx> -into the B<session> object. - -SSL_SESSION_get_ex_data() is used to retrieve the information for B<idx> from -B<session>. - -A detailed description for the B<*_get_ex_new_index()> functionality -can be found in L<RSA_get_ex_new_index(3)>. -The B<*_get_ex_data()> and B<*_set_ex_data()> functionality is described in -L<CRYPTO_set_ex_data(3)>. - -=head1 WARNINGS - -The application data is only maintained for sessions held in memory. The -application data is not included when dumping the session with -i2d_SSL_SESSION() (and all functions indirectly calling the dump functions -like PEM_write_SSL_SESSION() and PEM_write_bio_SSL_SESSION()) and can -therefore not be restored. - -=head1 SEE ALSO - -L<ssl(3)>, -L<RSA_get_ex_new_index(3)>, -L<CRYPTO_set_ex_data(3)> - -=cut diff --git a/doc/ssl/SSL_get_ex_data_X509_STORE_CTX_idx.pod b/doc/ssl/SSL_get_ex_data_X509_STORE_CTX_idx.pod deleted file mode 100644 index 2957a2a..0000000 --- a/doc/ssl/SSL_get_ex_data_X509_STORE_CTX_idx.pod +++ /dev/null @@ -1,61 +0,0 @@ -=pod - -=head1 NAME - -SSL_get_ex_data_X509_STORE_CTX_idx - get ex_data index to access SSL structure -from X509_STORE_CTX - -=head1 SYNOPSIS - - #include <openssl/ssl.h> - - int SSL_get_ex_data_X509_STORE_CTX_idx(void); - -=head1 DESCRIPTION - -SSL_get_ex_data_X509_STORE_CTX_idx() returns the index number under which -the pointer to the SSL object is stored into the X509_STORE_CTX object. - -=head1 NOTES - -Whenever a X509_STORE_CTX object is created for the verification of the -peers certificate during a handshake, a pointer to the SSL object is -stored into the X509_STORE_CTX object to identify the connection affected. -To retrieve this pointer the X509_STORE_CTX_get_ex_data() function can -be used with the correct index. This index is globally the same for all -X509_STORE_CTX objects and can be retrieved using -SSL_get_ex_data_X509_STORE_CTX_idx(). The index value is set when -SSL_get_ex_data_X509_STORE_CTX_idx() is first called either by the application -program directly or indirectly during other SSL setup functions or during -the handshake. - -The value depends on other index values defined for X509_STORE_CTX objects -before the SSL index is created. - -=head1 RETURN VALUES - -=over 4 - -=item E<gt>=0 - -The index value to access the pointer. - -=item E<lt>0 - -An error occurred, check the error stack for a detailed error message. - -=back - -=head1 EXAMPLES - -The index returned from SSL_get_ex_data_X509_STORE_CTX_idx() allows to -access the SSL object for the connection to be accessed during the -verify_callback() when checking the peers certificate. Please check -the example in L<SSL_CTX_set_verify(3)>, - -=head1 SEE ALSO - -L<ssl(3)>, L<SSL_CTX_set_verify(3)>, -L<CRYPTO_set_ex_data(3)> - -=cut diff --git a/doc/ssl/SSL_get_ex_new_index.pod b/doc/ssl/SSL_get_ex_new_index.pod deleted file mode 100644 index 6c2e919..0000000 --- a/doc/ssl/SSL_get_ex_new_index.pod +++ /dev/null @@ -1,59 +0,0 @@ -=pod - -=head1 NAME - -SSL_get_ex_new_index, SSL_set_ex_data, SSL_get_ex_data - internal application specific data functions - -=head1 SYNOPSIS - - #include <openssl/ssl.h> - - int SSL_get_ex_new_index(long argl, void *argp, - CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, - CRYPTO_EX_free *free_func); - - int SSL_set_ex_data(SSL *ssl, int idx, void *arg); - - void *SSL_get_ex_data(const SSL *ssl, int idx); - - typedef int new_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad, - int idx, long argl, void *argp); - typedef void free_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad, - int idx, long argl, void *argp); - typedef int dup_func(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d, - int idx, long argl, void *argp); - -=head1 DESCRIPTION - -Several OpenSSL structures can have application specific data attached to them. -These functions are used internally by OpenSSL to manipulate application -specific data attached to a specific structure. - -SSL_get_ex_new_index() is used to register a new index for application -specific data. - -SSL_set_ex_data() is used to store application data at B<arg> for B<idx> into -the B<ssl> object. - -SSL_get_ex_data() is used to retrieve the information for B<idx> from -B<ssl>. - -A detailed description for the B<*_get_ex_new_index()> functionality -can be found in L<RSA_get_ex_new_index(3)>. -The B<*_get_ex_data()> and B<*_set_ex_data()> functionality is described in -L<CRYPTO_set_ex_data(3)>. - -=head1 EXAMPLES - -An example on how to use the functionality is included in the example -verify_callback() in L<SSL_CTX_set_verify(3)>. - -=head1 SEE ALSO - -L<ssl(3)>, -L<RSA_get_ex_new_index(3)>, -L<CRYPTO_set_ex_data(3)>, -L<SSL_CTX_set_verify(3)> - -=cut diff --git a/include/openssl/bio.h b/include/openssl/bio.h index 09a9510..a0a799b 100644 --- a/include/openssl/bio.h +++ b/include/openssl/bio.h @@ -602,13 +602,10 @@ int BIO_ctrl_reset_read_request(BIO *b); # define BIO_dgram_get_mtu_overhead(b) \ (unsigned int)BIO_ctrl((b), BIO_CTRL_DGRAM_GET_MTU_OVERHEAD, 0, NULL) -/* These two aren't currently implemented */ -/* int BIO_get_ex_num(BIO *bio); */ -/* void BIO_set_ex_free_func(BIO *bio,int idx,void (*cb)()); */ +#define BIO_get_ex_new_index(l, p, newf, dupf, freef) \ + CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_BIO, l, p, newf, dupf, freef) int BIO_set_ex_data(BIO *bio, int idx, void *data); void *BIO_get_ex_data(BIO *bio, int idx); -int BIO_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); uint64_t BIO_number_read(BIO *bio); uint64_t BIO_number_written(BIO *bio); diff --git a/include/openssl/crypto.h b/include/openssl/crypto.h index 5d15515..78d86b1 100644 --- a/include/openssl/crypto.h +++ b/include/openssl/crypto.h @@ -256,33 +256,29 @@ typedef struct bio_st BIO_dummy; struct crypto_ex_data_st { STACK_OF(void) *sk; - /* gcc is screwing up this data structure :-( */ - int dummy; }; DECLARE_STACK_OF(void) /* - * Per class, we have a STACK of CRYPTO_EX_DATA_FUNCS for each CRYPTO_EX_DATA - * entry. + * Per class, we have a STACK of function pointers. */ -# define CRYPTO_EX_INDEX_BIO 0 -# define CRYPTO_EX_INDEX_SSL 1 -# define CRYPTO_EX_INDEX_SSL_CTX 2 -# define CRYPTO_EX_INDEX_SSL_SESSION 3 -# define CRYPTO_EX_INDEX_X509_STORE 4 -# define CRYPTO_EX_INDEX_X509_STORE_CTX 5 -# define CRYPTO_EX_INDEX_RSA 6 -# define CRYPTO_EX_INDEX_DSA 7 -# define CRYPTO_EX_INDEX_DH 8 -# define CRYPTO_EX_INDEX_ENGINE 9 -# define CRYPTO_EX_INDEX_X509 10 -# define CRYPTO_EX_INDEX_UI 11 -# define CRYPTO_EX_INDEX_ECDSA 12 -# define CRYPTO_EX_INDEX_ECDH 13 -# define CRYPTO_EX_INDEX_COMP 14 -# define CRYPTO_EX_INDEX_STORE 15 -# define CRYPTO_EX_INDEX_APP 16 -# define CRYPTO_EX_INDEX__COUNT 17 +# define CRYPTO_EX_INDEX_SSL 0 +# define CRYPTO_EX_INDEX_SSL_CTX 1 +# define CRYPTO_EX_INDEX_SSL_SESSION 2 +# define CRYPTO_EX_INDEX_X509 3 +# define CRYPTO_EX_INDEX_X509_STORE 4 +# define CRYPTO_EX_INDEX_X509_STORE_CTX 5 +# define CRYPTO_EX_INDEX_DH 6 +# define CRYPTO_EX_INDEX_DSA 7 +# define CRYPTO_EX_INDEX_ECDH 8 +# define CRYPTO_EX_INDEX_ECDSA 9 +# define CRYPTO_EX_INDEX_RSA 10 +# define CRYPTO_EX_INDEX_ENGINE 11 +# define CRYPTO_EX_INDEX_UI 12 +# define CRYPTO_EX_INDEX_BIO 13 +# define CRYPTO_EX_INDEX_STORE 14 +# define CRYPTO_EX_INDEX_APP 15 +# define CRYPTO_EX_INDEX__COUNT 16 /* * This is the default callbacks, but we can have others as well: this is @@ -347,10 +343,18 @@ const char *OpenSSL_version(int type); int OPENSSL_issetugid(void); -/* Within a given class, get/register a new index */ -int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp, +typedef void CRYPTO_EX_new (void *parent, void *ptr, CRYPTO_EX_DATA *ad, + int idx, long argl, void *argp); +typedef void CRYPTO_EX_free (void *parent, void *ptr, CRYPTO_EX_DATA *ad, + int idx, long argl, void *argp); +typedef int CRYPTO_EX_dup (CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, + void *srcp, int idx, long argl, void *argp); +__owur int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); +/* No longer use an index. */ +int CRYPTO_free_ex_index(int class_index, int idx); + /* * Initialise/duplicate/free CRYPTO_EX_DATA variables corresponding to a * given class (invokes whatever per-class callbacks are applicable) @@ -358,7 +362,9 @@ int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp, int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad); int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from); + void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad); + /* * Get/set data in a CRYPTO_EX_DATA variable corresponding to a particular * index (relative to the class type involved) @@ -584,6 +590,7 @@ void ERR_load_CRYPTO_strings(void); # define CRYPTO_F_DEF_ADD_INDEX 104 # define CRYPTO_F_DEF_GET_CLASS 105 # define CRYPTO_F_FIPS_MODE_SET 109 +# define CRYPTO_F_GET_AND_LOCK 113 # define CRYPTO_F_INT_DUP_EX_DATA 106 # define CRYPTO_F_INT_FREE_EX_DATA 107 # define CRYPTO_F_INT_NEW_EX_DATA 108 diff --git a/include/openssl/dh.h b/include/openssl/dh.h index f5b03d3..816b1eb 100644 --- a/include/openssl/dh.h +++ b/include/openssl/dh.h @@ -203,8 +203,8 @@ int DH_up_ref(DH *dh); int DH_bits(const DH *dh); int DH_size(const DH *dh); int DH_security_bits(const DH *dh); -int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); +#define DH_get_ex_new_index(l, p, newf, dupf, freef) \ + CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DH, l, p, newf, dupf, freef) int DH_set_ex_data(DH *d, int idx, void *arg); void *DH_get_ex_data(DH *d, int idx); diff --git a/include/openssl/dsa.h b/include/openssl/dsa.h index 8e69e2e..824faae 100644 --- a/include/openssl/dsa.h +++ b/include/openssl/dsa.h @@ -212,8 +212,8 @@ int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig, unsigned int *siglen, DSA *dsa); int DSA_verify(int type, const unsigned char *dgst, int dgst_len, const unsigned char *sigbuf, int siglen, DSA *dsa); -int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); +#define DSA_get_ex_new_index(l, p, newf, dupf, freef) \ + CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DSA, l, p, newf, dupf, freef) int DSA_set_ex_data(DSA *d, int idx, void *arg); void *DSA_get_ex_data(DSA *d, int idx); diff --git a/include/openssl/ecdh.h b/include/openssl/ecdh.h index 8a48b12..ca4e653 100644 --- a/include/openssl/ecdh.h +++ b/include/openssl/ecdh.h @@ -97,9 +97,8 @@ int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, void *(*KDF) (const void *in, size_t inlen, void *out, size_t *outlen)); -int ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new - *new_func, CRYPTO_EX_dup *dup_func, - CRYPTO_EX_free *free_func); +#define ECDH_get_ex_new_index(l, p, newf, dupf, freef) \ + CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ECDH, l, p, newf, dupf, freef) int ECDH_set_ex_data(EC_KEY *d, int idx, void *arg); void *ECDH_get_ex_data(EC_KEY *d, int idx); diff --git a/include/openssl/ecdsa.h b/include/openssl/ecdsa.h index 4a02a01..bb84236 100644 --- a/include/openssl/ecdsa.h +++ b/include/openssl/ecdsa.h @@ -222,9 +222,8 @@ int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen, const unsigned char *sig, int siglen, EC_KEY *eckey); /* the standard ex_data functions */ -int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new - *new_func, CRYPTO_EX_dup *dup_func, - CRYPTO_EX_free *free_func); +#define ECDSA_get_ex_new_index(l, p, newf, dupf, freef) \ + CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ECDSA, l, p, newf, dupf, freef) int ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg); void *ECDSA_get_ex_data(EC_KEY *d, int idx); diff --git a/include/openssl/engine.h b/include/openssl/engine.h index 7a9b495..1b11e3e 100644 --- a/include/openssl/engine.h +++ b/include/openssl/engine.h @@ -575,9 +575,8 @@ int ENGINE_set_pkey_asn1_meths(ENGINE *e, ENGINE_PKEY_ASN1_METHS_PTR f); int ENGINE_set_flags(ENGINE *e, int flags); int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns); /* These functions allow control over any per-structure ENGINE data. */ -int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, - CRYPTO_EX_free *free_func); +#define ENGINE_get_ex_new_index(l, p, newf, dupf, freef) \ + CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ENGINE, l, p, newf, dupf, freef) int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg); void *ENGINE_get_ex_data(const ENGINE *e, int idx); diff --git a/include/openssl/ossl_typ.h b/include/openssl/ossl_typ.h index 4384345..02749dd 100644 --- a/include/openssl/ossl_typ.h +++ b/include/openssl/ossl_typ.h @@ -190,13 +190,6 @@ typedef struct ISSUING_DIST_POINT_st ISSUING_DIST_POINT; typedef struct NAME_CONSTRAINTS_st NAME_CONSTRAINTS; typedef struct crypto_ex_data_st CRYPTO_EX_DATA; -/* Callback types for crypto.h */ -typedef int CRYPTO_EX_new (void *parent, void *ptr, CRYPTO_EX_DATA *ad, - int idx, long argl, void *argp); -typedef void CRYPTO_EX_free (void *parent, void *ptr, CRYPTO_EX_DATA *ad, - int idx, long argl, void *argp); -typedef int CRYPTO_EX_dup (CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, - void *from_d, int idx, long argl, void *argp); typedef struct ocsp_req_ctx_st OCSP_REQ_CTX; typedef struct ocsp_response_st OCSP_RESPONSE; diff --git a/include/openssl/rsa.h b/include/openssl/rsa.h index 2498ff5..734a327 100644 --- a/include/openssl/rsa.h +++ b/include/openssl/rsa.h @@ -478,8 +478,8 @@ int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, const EVP_MD *Hash, const EVP_MD *mgf1Hash, int sLen); -int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); +#define RSA_get_ex_new_index(l, p, newf, dupf, freef) \ + CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_RSA, l, p, newf, dupf, freef) int RSA_set_ex_data(RSA *r, int idx, void *arg); void *RSA_get_ex_data(const RSA *r, int idx); diff --git a/include/openssl/safestack.h b/include/openssl/safestack.h index f2fa57c..cce3afd 100644 --- a/include/openssl/safestack.h +++ b/include/openssl/safestack.h @@ -688,29 +688,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_BLOCK, void) # define sk_CONF_VALUE_sort(st) SKM_sk_sort(CONF_VALUE, (st)) # define sk_CONF_VALUE_is_sorted(st) SKM_sk_is_sorted(CONF_VALUE, (st)) -# define sk_CRYPTO_EX_DATA_FUNCS_new(cmp) SKM_sk_new(CRYPTO_EX_DATA_FUNCS, (cmp)) -# define sk_CRYPTO_EX_DATA_FUNCS_new_null() SKM_sk_new_null(CRYPTO_EX_DATA_FUNCS) -# define sk_CRYPTO_EX_DATA_FUNCS_free(st) SKM_sk_free(CRYPTO_EX_DATA_FUNCS, (st)) -# define sk_CRYPTO_EX_DATA_FUNCS_num(st) SKM_sk_num(CRYPTO_EX_DATA_FUNCS, (st)) -# define sk_CRYPTO_EX_DATA_FUNCS_value(st, i) SKM_sk_value(CRYPTO_EX_DATA_FUNCS, (st), (i)) -# define sk_CRYPTO_EX_DATA_FUNCS_set(st, i, val) SKM_sk_set(CRYPTO_EX_DATA_FUNCS, (st), (i), (val)) -# define sk_CRYPTO_EX_DATA_FUNCS_zero(st) SKM_sk_zero(CRYPTO_EX_DATA_FUNCS, (st)) -# define sk_CRYPTO_EX_DATA_FUNCS_push(st, val) SKM_sk_push(CRYPTO_EX_DATA_FUNCS, (st), (val)) -# define sk_CRYPTO_EX_DATA_FUNCS_unshift(st, val) SKM_sk_unshift(CRYPTO_EX_DATA_FUNCS, (st), (val)) -# define sk_CRYPTO_EX_DATA_FUNCS_find(st, val) SKM_sk_find(CRYPTO_EX_DATA_FUNCS, (st), (val)) -# define sk_CRYPTO_EX_DATA_FUNCS_find_ex(st, val) SKM_sk_find_ex(CRYPTO_EX_DATA_FUNCS, (st), (val)) -# define sk_CRYPTO_EX_DATA_FUNCS_delete(st, i) SKM_sk_delete(CRYPTO_EX_DATA_FUNCS, (st), (i)) -# define sk_CRYPTO_EX_DATA_FUNCS_delete_ptr(st, ptr) SKM_sk_delete_ptr(CRYPTO_EX_DATA_FUNCS, (st), (ptr)) -# define sk_CRYPTO_EX_DATA_FUNCS_insert(st, val, i) SKM_sk_insert(CRYPTO_EX_DATA_FUNCS, (st), (val), (i)) -# define sk_CRYPTO_EX_DATA_FUNCS_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CRYPTO_EX_DATA_FUNCS, (st), (cmp)) -# define sk_CRYPTO_EX_DATA_FUNCS_dup(st) SKM_sk_dup(CRYPTO_EX_DATA_FUNCS, st) -# define sk_CRYPTO_EX_DATA_FUNCS_pop_free(st, free_func) SKM_sk_pop_free(CRYPTO_EX_DATA_FUNCS, (st), (free_func)) -# define sk_CRYPTO_EX_DATA_FUNCS_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CRYPTO_EX_DATA_FUNCS, (st), (copy_func), (free_func)) -# define sk_CRYPTO_EX_DATA_FUNCS_shift(st) SKM_sk_shift(CRYPTO_EX_DATA_FUNCS, (st)) -# define sk_CRYPTO_EX_DATA_FUNCS_pop(st) SKM_sk_pop(CRYPTO_EX_DATA_FUNCS, (st)) -# define sk_CRYPTO_EX_DATA_FUNCS_sort(st) SKM_sk_sort(CRYPTO_EX_DATA_FUNCS, (st)) -# define sk_CRYPTO_EX_DATA_FUNCS_is_sorted(st) SKM_sk_is_sorted(CRYPTO_EX_DATA_FUNCS, (st)) - # define sk_CRYPTO_dynlock_new(cmp) SKM_sk_new(CRYPTO_dynlock, (cmp)) # define sk_CRYPTO_dynlock_new_null() SKM_sk_new_null(CRYPTO_dynlock) # define sk_CRYPTO_dynlock_free(st) SKM_sk_free(CRYPTO_dynlock, (st)) @@ -918,6 +895,29 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_BLOCK, void) # define sk_EVP_PKEY_METHOD_sort(st) SKM_sk_sort(EVP_PKEY_METHOD, (st)) # define sk_EVP_PKEY_METHOD_is_sorted(st) SKM_sk_is_sorted(EVP_PKEY_METHOD, (st)) +# define sk_EX_CALLBACK_new(cmp) SKM_sk_new(EX_CALLBACK, (cmp)) +# define sk_EX_CALLBACK_new_null() SKM_sk_new_null(EX_CALLBACK) +# define sk_EX_CALLBACK_free(st) SKM_sk_free(EX_CALLBACK, (st)) +# define sk_EX_CALLBACK_num(st) SKM_sk_num(EX_CALLBACK, (st)) +# define sk_EX_CALLBACK_value(st, i) SKM_sk_value(EX_CALLBACK, (st), (i)) +# define sk_EX_CALLBACK_set(st, i, val) SKM_sk_set(EX_CALLBACK, (st), (i), (val)) +# define sk_EX_CALLBACK_zero(st) SKM_sk_zero(EX_CALLBACK, (st)) +# define sk_EX_CALLBACK_push(st, val) SKM_sk_push(EX_CALLBACK, (st), (val)) +# define sk_EX_CALLBACK_unshift(st, val) SKM_sk_unshift(EX_CALLBACK, (st), (val)) +# define sk_EX_CALLBACK_find(st, val) SKM_sk_find(EX_CALLBACK, (st), (val)) +# define sk_EX_CALLBACK_find_ex(st, val) SKM_sk_find_ex(EX_CALLBACK, (st), (val)) +# define sk_EX_CALLBACK_delete(st, i) SKM_sk_delete(EX_CALLBACK, (st), (i)) +# define sk_EX_CALLBACK_delete_ptr(st, ptr) SKM_sk_delete_ptr(EX_CALLBACK, (st), (ptr)) +# define sk_EX_CALLBACK_insert(st, val, i) SKM_sk_insert(EX_CALLBACK, (st), (val), (i)) +# define sk_EX_CALLBACK_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EX_CALLBACK, (st), (cmp)) +# define sk_EX_CALLBACK_dup(st) SKM_sk_dup(EX_CALLBACK, st) +# define sk_EX_CALLBACK_pop_free(st, free_func) SKM_sk_pop_free(EX_CALLBACK, (st), (free_func)) +# define sk_EX_CALLBACK_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(EX_CALLBACK, (st), (copy_func), (free_func)) +# define sk_EX_CALLBACK_shift(st) SKM_sk_shift(EX_CALLBACK, (st)) +# define sk_EX_CALLBACK_pop(st) SKM_sk_pop(EX_CALLBACK, (st)) +# define sk_EX_CALLBACK_sort(st) SKM_sk_sort(EX_CALLBACK, (st)) +# define sk_EX_CALLBACK_is_sorted(st) SKM_sk_is_sorted(EX_CALLBACK, (st)) + # define sk_GENERAL_NAME_new(cmp) SKM_sk_new(GENERAL_NAME, (cmp)) # define sk_GENERAL_NAME_new_null() SKM_sk_new_null(GENERAL_NAME) # define sk_GENERAL_NAME_free(st) SKM_sk_free(GENERAL_NAME, (st)) diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index c959156..e3072e7 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h @@ -1710,23 +1710,18 @@ __owur size_t SSL_get_server_random(const SSL *ssl, unsigned char *out, __owur size_t SSL_SESSION_get_master_key(const SSL_SESSION *ssl, unsigned char *out, size_t outlen); +#define SSL_get_ex_new_index(l, p, newf, dupf, freef) \ + CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_SESSION, l, p, newf, dupf, freef) __owur int SSL_set_ex_data(SSL *ssl, int idx, void *data); void *SSL_get_ex_data(const SSL *ssl, int idx); -__owur int SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); - +#define SSL_SESSION_get_ex_new_index(l, p, newf, dupf, freef) \ + CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, l, p, newf, dupf, freef) __owur int SSL_SESSION_set_ex_data(SSL_SESSION *ss, int idx, void *data); void *SSL_SESSION_get_ex_data(const SSL_SESSION *ss, int idx); -__owur int SSL_SESSION_get_ex_new_index(long argl, void *argp, - CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, - CRYPTO_EX_free *free_func); - +#define SSL_CTX_get_ex_new_index(l, p, newf, dupf, freef) \ + CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, l, p, newf, dupf, freef) __owur int SSL_CTX_set_ex_data(SSL_CTX *ssl, int idx, void *data); void *SSL_CTX_get_ex_data(const SSL_CTX *ssl, int idx); -__owur int SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, - CRYPTO_EX_free *free_func); __owur int SSL_get_ex_data_X509_STORE_CTX_idx(void); diff --git a/include/openssl/store.h b/include/openssl/store.h index 4f88f99..6711d88 100644 --- a/include/openssl/store.h +++ b/include/openssl/store.h @@ -122,9 +122,9 @@ int STORE_ctrl(STORE *store, int cmd, long i, void *p, void (*f) (void)); /* Some methods may use extra data */ # define STORE_set_app_data(s,arg) STORE_set_ex_data(s,0,arg) # define STORE_get_app_data(s) STORE_get_ex_data(s,0) -int STORE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, - CRYPTO_EX_free *free_func); + +#define STORE_get_ex_new_index(l, p, newf, dupf, freef) \ + CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_STORE, l, p, newf, dupf, freef) int STORE_set_ex_data(STORE *r, int idx, void *arg); void *STORE_get_ex_data(STORE *r, int idx); diff --git a/include/openssl/ui.h b/include/openssl/ui.h index 2afc58d..9a72ce2 100644 --- a/include/openssl/ui.h +++ b/include/openssl/ui.h @@ -240,8 +240,9 @@ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f) (void)); /* Some methods may use extra data */ # define UI_set_app_data(s,arg) UI_set_ex_data(s,0,arg) # define UI_get_app_data(s) UI_get_ex_data(s,0) -int UI_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); + +#define UI_get_ex_new_index(l, p, newf, dupf, freef) \ + CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_UI, l, p, newf, dupf, freef) int UI_set_ex_data(UI *r, int idx, void *arg); void *UI_get_ex_data(UI *r, int idx); diff --git a/include/openssl/x509.h b/include/openssl/x509.h index 8ba055f..c48abe3 100644 --- a/include/openssl/x509.h +++ b/include/openssl/x509.h @@ -615,8 +615,8 @@ DECLARE_ASN1_FUNCTIONS(X509_CINF) DECLARE_ASN1_FUNCTIONS(X509) DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX) -int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); +#define X509_new_index(l, p, newf, dupf, freef) \ + CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509, l, p, newf, dupf, freef) int X509_set_ex_data(X509 *r, int idx, void *arg); void *X509_get_ex_data(X509 *r, int idx); int i2d_X509_AUX(X509 *a, unsigned char **pp); diff --git a/include/openssl/x509_vfy.h b/include/openssl/x509_vfy.h index c595c09..f949bd9 100644 --- a/include/openssl/x509_vfy.h +++ b/include/openssl/x509_vfy.h @@ -494,10 +494,8 @@ int X509_STORE_load_locations(X509_STORE *ctx, const char *file, const char *dir); int X509_STORE_set_default_paths(X509_STORE *ctx); -int X509_STORE_CTX_get_ex_new_index(long argl, void *argp, - CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, - CRYPTO_EX_free *free_func); +#define X509_STORE_CTX_get_ex_new_index(l, p, newf, dupf, freef) \ + CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE_CTX, l, p, newf, dupf, freef) int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data); void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx); int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx); diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 12ae35c..cac692d 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -3042,13 +3042,6 @@ size_t SSL_SESSION_get_master_key(const SSL_SESSION *session, return outlen; } -int SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) -{ - return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, argl, argp, - new_func, dup_func, free_func); -} - int SSL_set_ex_data(SSL *s, int idx, void *arg) { return (CRYPTO_set_ex_data(&s->ex_data, idx, arg)); @@ -3059,14 +3052,6 @@ void *SSL_get_ex_data(const SSL *s, int idx) return (CRYPTO_get_ex_data(&s->ex_data, idx)); } -int SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, - CRYPTO_EX_free *free_func) -{ - return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, argl, argp, - new_func, dup_func, free_func); -} - int SSL_CTX_set_ex_data(SSL_CTX *s, int idx, void *arg) { return (CRYPTO_set_ex_data(&s->ex_data, idx, arg)); diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index 0984445..5265b15 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -170,15 +170,6 @@ SSL_SESSION *SSL_get1_session(SSL *ssl) return (sess); } -int SSL_SESSION_get_ex_new_index(long argl, void *argp, - CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, - CRYPTO_EX_free *free_func) -{ - return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_SESSION, argl, argp, - new_func, dup_func, free_func); -} - int SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, void *arg) { return (CRYPTO_set_ex_data(&s->ex_data, idx, arg)); diff --git a/test/exdatatest.c b/test/exdatatest.c new file mode 100644 index 0000000..96105bb --- /dev/null +++ b/test/exdatatest.c @@ -0,0 +1,148 @@ +/* ==================================================================== + * Copyright (c) 2015 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ +#include <stdio.h> +#include <assert.h> +#include <string.h> +#include <stdlib.h> +#include <openssl/crypto.h> + +static long sargl; +static void *sargp; +static int sidx; + +static void exnew(void *parent, void *ptr, CRYPTO_EX_DATA *ad, + int idx, long argl, void *argp) +{ + assert(idx == sidx); + assert(argl == sargl); + assert(argp == sargp); +} + +static int exdup(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, + void *from_d, int idx, long argl, void *argp) +{ + assert(idx == sidx); + assert(argl == sargl); + assert(argp == sargp); + return 0; +} + +static void exfree(void *parent, void *ptr, CRYPTO_EX_DATA *ad, + int idx, long argl, void *argp) +{ + assert(idx == sidx); + assert(argl == sargl); + assert(argp == sargp); +} + +typedef struct myobj_st { + CRYPTO_EX_DATA ex_data; + int id; +} MYOBJ; + +static MYOBJ *MYOBJ_new() +{ + static int count = 0; + MYOBJ *obj = OPENSSL_malloc(sizeof(*obj)); + int st; + + obj->id = ++count; + st = CRYPTO_new_ex_data(CRYPTO_EX_INDEX_APP, obj, &obj->ex_data); + assert(st != 0); + return obj; +} + +static void MYOBJ_sethello(MYOBJ *obj, char *cp) +{ + int st; + + st = CRYPTO_set_ex_data(&obj->ex_data, sidx, cp); + assert(st != 0); +} + +static char *MYOBJ_gethello(MYOBJ *obj) +{ + return CRYPTO_get_ex_data(&obj->ex_data, sidx); +} + +static void MYOBJ_free(MYOBJ *obj) +{ + CRYPTO_free_ex_data(CRYPTO_EX_INDEX_APP, obj, &obj->ex_data); + OPENSSL_free(obj); +} + +int main() +{ + MYOBJ *t1, *t2; + const char *cp; + char *p; + + p = strdup("hello world"); + sargl = 21; + sargp = malloc(1); + sidx = CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_APP, sargl, sargp, + exnew, exdup, exfree); + t1 = MYOBJ_new(); + t2 = MYOBJ_new(); + MYOBJ_sethello(t1, p); + cp = MYOBJ_gethello(t1); + assert(cp == p); + cp = MYOBJ_gethello(t2); + assert(cp == NULL); + MYOBJ_free(t1); + MYOBJ_free(t2); + free(sargp); + free(p); + return 0; +} diff --git a/util/libeay.num b/util/libeay.num index 5119769..4e2ac48 100755 --- a/util/libeay.num +++ b/util/libeay.num @@ -1004,7 +1004,7 @@ CRYPTO_get_new_lockid 1026 EXIST::FUNCTION: CRYPTO_new_ex_data 1027 EXIST::FUNCTION: RSA_set_ex_data 1028 EXIST::FUNCTION:RSA RSA_get_ex_data 1029 EXIST::FUNCTION:RSA -RSA_get_ex_new_index 1030 EXIST::FUNCTION:RSA +RSA_get_ex_new_index 1030 NOEXIST::FUNCTION: RSA_padding_add_PKCS1_type_1 1031 EXIST::FUNCTION:RSA RSA_padding_add_PKCS1_type_2 1032 EXIST::FUNCTION:RSA RSA_padding_add_SSLv23 1033 EXIST::FUNCTION:RSA @@ -1033,7 +1033,7 @@ BN_mpi2bn 1059 EXIST::FUNCTION: ASN1_BIT_STRING_get_bit 1060 EXIST::FUNCTION: ASN1_BIT_STRING_set_bit 1061 EXIST::FUNCTION: BIO_get_ex_data 1062 EXIST::FUNCTION: -BIO_get_ex_new_index 1063 EXIST::FUNCTION: +BIO_get_ex_new_index 1063 NOEXIST::FUNCTION: BIO_set_ex_data 1064 EXIST::FUNCTION: X509v3_get_key_usage 1066 NOEXIST::FUNCTION: X509v3_set_key_usage 1067 NOEXIST::FUNCTION: @@ -1069,7 +1069,7 @@ COMP_CTX_new 1096 EXIST::FUNCTION: COMP_CTX_free 1097 EXIST::FUNCTION: COMP_CTX_compress_block 1098 NOEXIST::FUNCTION: COMP_CTX_expand_block 1099 NOEXIST::FUNCTION: -X509_STORE_CTX_get_ex_new_index 1100 EXIST::FUNCTION: +X509_STORE_CTX_get_ex_new_index 1100 NOEXIST::FUNCTION: OBJ_NAME_add 1101 EXIST::FUNCTION: BIO_socket_nbio 1102 EXIST::FUNCTION: EVP_rc2_64_cbc 1103 EXIST::FUNCTION:RC2 @@ -1484,11 +1484,11 @@ DH_set_ex_data 1883 EXIST::FUNCTION:DH DH_set_method 1884 EXIST::FUNCTION:DH DSA_OpenSSL 1885 EXIST::FUNCTION:DSA DH_get_ex_data 1886 EXIST::FUNCTION:DH -DH_get_ex_new_index 1887 EXIST::FUNCTION:DH +DH_get_ex_new_index 1887 NOEXIST::FUNCTION: DSA_new_method 1888 EXIST::FUNCTION:DSA DH_new_method 1889 EXIST::FUNCTION:DH DH_OpenSSL 1890 EXIST::FUNCTION:DH -DSA_get_ex_new_index 1891 EXIST::FUNCTION:DSA +DSA_get_ex_new_index 1891 NOEXIST::FUNCTION: DH_get_default_method 1892 EXIST::FUNCTION:DH DSA_set_ex_data 1893 EXIST::FUNCTION:DSA DH_set_default_method 1894 EXIST::FUNCTION:DH @@ -1580,7 +1580,7 @@ i2d_DSA_PUBKEY_bio 2014 EXIST::FUNCTION:DSA i2d_OTHERNAME 2015 EXIST::FUNCTION: ASN1_OCTET_STRING_free 2016 EXIST::FUNCTION: ASN1_BIT_STRING_set_asc 2017 EXIST::FUNCTION: -X509_get_ex_new_index 2019 EXIST::FUNCTION: +X509_get_ex_new_index 2019 NOEXIST::FUNCTION: ASN1_STRING_TABLE_cleanup 2020 EXIST::FUNCTION: X509_TRUST_get_by_id 2021 EXIST::FUNCTION: X509_PURPOSE_get_trust 2022 EXIST::FUNCTION: @@ -2311,7 +2311,7 @@ d2i_ASN1_GENERALSTRING 2822 EXIST::FUNCTION: X509_CRL_set_version 2823 EXIST::FUNCTION: BN_mod_sub 2824 EXIST::FUNCTION: OCSP_SINGLERESP_get_ext_by_NID 2825 EXIST::FUNCTION: -ENGINE_get_ex_new_index 2826 EXIST::FUNCTION:ENGINE +ENGINE_get_ex_new_index 2826 NOEXIST::FUNCTION: OCSP_REQUEST_free 2827 EXIST::FUNCTION: OCSP_REQUEST_add1_ext_i2d 2828 EXIST::FUNCTION: X509_VAL_it 2829 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: @@ -2435,7 +2435,7 @@ EC_POINT_free 2929 EXIST::FUNCTION:EC DH_up_ref 2930 EXIST::FUNCTION:DH X509_NAME_ENTRY_it 2931 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: X509_NAME_ENTRY_it 2931 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -UI_get_ex_new_index 2932 EXIST::FUNCTION: +UI_get_ex_new_index 2932 NOEXIST::FUNCTION: BN_mod_sub_quick 2933 EXIST::FUNCTION: OCSP_ONEREQ_add_ext 2934 EXIST::FUNCTION: OCSP_request_sign 2935 EXIST::FUNCTION: @@ -3173,7 +3173,7 @@ BIO_dgram_non_fatal_error 3586 EXIST::FUNCTION: EC_GROUP_get_asn1_flag 3587 EXIST::FUNCTION:EC STORE_ATTR_INFO_in_ex 3588 NOEXIST::FUNCTION: STORE_list_crl_start 3589 NOEXIST::FUNCTION: -ECDH_get_ex_new_index 3590 EXIST::FUNCTION:EC +ECDH_get_ex_new_index 3590 NOEXIST::FUNCTION: STORE_meth_get_modify_fn 3591 NOEXIST::FUNCTION: STORE_method_get_modify_function 3591 NOEXIST::FUNCTION: v2i_ASN1_BIT_STRING 3592 EXIST::FUNCTION: @@ -3341,7 +3341,7 @@ PKCS7_set_digest 3741 EXIST::FUNCTION: EC_KEY_print 3742 EXIST::FUNCTION:EC STORE_meth_set_lock_store_fn 3743 NOEXIST::FUNCTION: STORE_method_set_lock_store_function 3743 NOEXIST::FUNCTION: -ECDSA_get_ex_new_index 3744 EXIST::FUNCTION:EC +ECDSA_get_ex_new_index 3744 NOEXIST::FUNCTION: SHA384 3745 EXIST:!VMSVAX:FUNCTION: POLICY_MAPPING_new 3746 EXIST::FUNCTION: STORE_list_certificate_endp 3747 NOEXIST::FUNCTION: @@ -4665,3 +4665,4 @@ ASYNC_cleanup 5024 EXIST::FUNCTION: ASYNC_init 5025 EXIST::FUNCTION: EVP_MD_CTX_ctrl 5026 EXIST::FUNCTION: EVP_md5_sha1 5027 EXIST::FUNCTION:MD5 +CRYPTO_free_ex_index 5028 EXIST::FUNCTION: diff --git a/util/ssleay.num b/util/ssleay.num index a63fd41..f737aac 100755 --- a/util/ssleay.num +++ b/util/ssleay.num @@ -146,9 +146,9 @@ SSL_set_verify_result 163 EXIST::FUNCTION: SSL_version 164 EXIST::FUNCTION: SSL_get_info_callback 165 EXIST::FUNCTION: SSL_state 166 NOEXIST::FUNCTION: -SSL_CTX_get_ex_new_index 167 EXIST::FUNCTION: -SSL_SESSION_get_ex_new_index 168 EXIST::FUNCTION: -SSL_get_ex_new_index 169 EXIST::FUNCTION: +SSL_CTX_get_ex_new_index 167 NOEXIST::FUNCTION: +SSL_SESSION_get_ex_new_index 168 NOEXIST::FUNCTION: +SSL_get_ex_new_index 169 NOEXIST::FUNCTION: TLSv1_method 170 EXIST::FUNCTION: TLSv1_server_method 171 EXIST::FUNCTION: TLSv1_client_method 172 EXIST::FUNCTION: |