Commit Graph

21 Commits

Author SHA1 Message Date
Matt Caswell
c59fc87b33 Don't attempt to deactive child providers if we don't need to
If a provider doesn't have any child providers then there is no need
to attempt to remove them - so we should not do so. This removes some
potentialy thread races.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16980)
2021-11-12 17:16:14 +00:00
Matt Caswell
814c2018e1 Merge ossl_provider_activate() and ossl_provider_activate_child()
These 2 functions have become so close to each other that they may as well
be just one function.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15854)
2021-06-24 14:48:14 +01:00
Matt Caswell
eb2263da9a Set use_fallbacks to zero when we add a provider to the store
Update use_fallbacks to zero when we add a provider to the store rather
than when we activate it. Its only at the point that we add it to the store
that it is actually usable and visible to other threads.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15854)
2021-06-24 14:48:14 +01:00
Tomas Mraz
c4e9167437 Rename also the OSSL_PROVIDER_name() function
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15405)
2021-06-01 12:43:57 +02:00
Tomas Mraz
ed576acdf5 Rename all getters to use get/get0 in name
For functions that exist in 1.1.1 provide a simple aliases via #define.

Fixes #15236

Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_,
EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_,
EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_,
EVP_MD_, and EVP_CIPHER_ prefixes are renamed.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15405)
2021-06-01 12:40:00 +02:00
Matt Caswell
18cb5c31e1 Test that properties are mirrored as we expect
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15242)
2021-05-20 09:32:42 +01:00
Matt Caswell
8c62707565 Add support for child provider to up_ref/free their parent
If the ref counts on a child provider change, then this needs to be
reflected in the parent so we add callbacks to do this.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14991)
2021-05-11 14:59:43 +01:00
Pauli
ced7df2638 test: add a provider load/unload cache flush test.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15042)
2021-05-07 23:53:18 +10:00
Matt Caswell
8020d79b40 Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14512)
2021-03-11 13:27:36 +00:00
Pauli
299f5ff3b5 provider: add option to load a provider without disabling the fallbacks.
Add an argument to PROVIDER_try_load() that permits a provider to be
loaded without changing the fallback status.  This is useful when an
additional provider needs to be loaded without perturbing any other setup.
E.g. adding mock providers as part of unit testing.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13652)
2021-02-23 23:24:41 +10:00
Richard Levitte
390f9bad69 CORE: Separate OSSL_PROVIDER activation from OSSL_PROVIDER reference
This introduces a separate activation counter, and the function
ossl_provider_deactivate() for provider deactivation.

Something to be noted is that if the reference count goes down to
zero, we don't care if the activation count is non-zero (i.e. someone
forgot to call ossl_provider_deactivate()).  Since there are no more
references to the provider, it doesn't matter.
The important thing is that deactivation doesn't remove the provider
as long as there are references to it, for example because there are
live methods associated with that provider, but still makes the
provider unavailable to create new methods from.

Fixes #13503
Fixes #12157

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13661)
2020-12-17 12:02:08 +01:00
Matt Caswell
29dc6e00f2 Load the config file by default
Previously we only loaded the config file by default for libssl. Now we do
it for libcrypto too.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9492)
2019-08-01 09:59:20 +01:00
Pauli
4e7991b497 Change OSSL_PARAM return size to not be a pointer.
Instead of referencing the return size from the OSSL_PARAM structure, make the
size a field within the structure.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9135)
2019-06-24 14:43:55 +10:00
Richard Levitte
2a2bc6fc12 For provider tests, don't define a OPENSSL_NO_ macro
Since the macro to indicate if the test provider module is available
is local to the test programs, it's better to use a name that isn't
as easily confused with a library feature disabling macro that one
would expect to find in opensslconf.h.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8664)
2019-04-04 13:39:33 +02:00
Richard Levitte
e4e91084d6 replaced snprintf with BIO version (for windows builds)
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8651)
2019-04-03 15:44:17 +02:00
Richard Levitte
6d872a838d Add test for the provider configuration module
We reuse test/provider_internal_test.c and test/p_test.c,
and get it loaded one more time via the configuration file
test/provider_internal_test.conf

To support different platform standards regarding module
extensions, we generate test/provider_internal_test.conf

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8549)
2019-04-03 11:42:48 +02:00
Richard Levitte
521b7cb388 Correct the checks of module availability in provider test programs
Previously, the macro OPENSSL_NO_SHARED was defined of the test/p_test
module wasn't built, but the provider test programs didn't check that
macro.  We rename it to OPENSSL_NO_MODULE, since that name describes
the situation more than OPENSSL_NO_SHARED does, and use it.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8623)
2019-04-02 07:30:07 +02:00
Shane Lontis
f4b4574f4b replaced snprintf with BIO version (for windows builds)
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8571)
2019-03-25 11:37:24 +10:00
Matt Caswell
80889e41a7 Fix no-dso
Don't try to load external provider modules in tests if we don't have DSO
capability

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8459)
2019-03-13 10:03:54 +00:00
Richard Levitte
8c4412ed8f Rename 'buffer' to 'data' in OSSL_PARAM
The OSSL_PARAM attribute names |buffer| and |buffer_size| may lead to
confusion, as they may make some think that the memory pointed at is
an intermediate memory are.  This is not generally the case, so we
rename |buffer| and |buffer_size| to |data| and |data_size|

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8451)
2019-03-12 18:56:42 +01:00
Richard Levitte
021a655277 Add provider tests
Two tests are added, one that tests the internal API, the other tests
the public API.  Those two tests both test the same provider, which
acts both as a built-in provider and as a loadable provider module.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8287)
2019-03-11 20:40:13 +01:00