mirror of
https://github.com/openssl/openssl.git
synced 2025-01-06 13:26:43 +08:00
dc9bc6c8e1
When OpenSSL has been compiled with no-cached-fetch we do not cache algorithms fetched from a provider. When we export an EVP_PKEY to a provider we cache the details of that export in the operation cache for that EVP_PKEY. Amoung the details we cache is the EVP_KEYMGMT that we used for the export. When we come to reuse the key in the same provider that we have previously exported the key to, we check the operation cache for the cached key data. However because the EVP_KEYMGMT instance was not cached then instance will be different every time and we were not recognising that we had already exported the key to the provider. This causes us to re-export the key to the same provider everytime the key is used. Since this consumes memory we end up with unbounded memory growth. The fix is to be more intelligent about recognising that we have already exported key data to a given provider even if the EVP_KEYMGMT instance is different. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> (Merged from https://github.com/openssl/openssl/pull/23841) |
||
|---|---|---|
| .. | ||
| asymcipher.c | ||
| bio_b64.c | ||
| bio_enc.c | ||
| bio_md.c | ||
| bio_ok.c | ||
| build.info | ||
| c_allc.c | ||
| c_alld.c | ||
| cmeth_lib.c | ||
| ctrl_params_translate.c | ||
| dh_ctrl.c | ||
| dh_support.c | ||
| digest.c | ||
| dsa_ctrl.c | ||
| e_aes_cbc_hmac_sha1.c | ||
| e_aes_cbc_hmac_sha256.c | ||
| e_aes.c | ||
| e_aria.c | ||
| e_bf.c | ||
| e_camellia.c | ||
| e_cast.c | ||
| e_chacha20_poly1305.c | ||
| e_des3.c | ||
| e_des.c | ||
| e_idea.c | ||
| e_null.c | ||
| e_old.c | ||
| e_rc2.c | ||
| e_rc4_hmac_md5.c | ||
| e_rc4.c | ||
| e_rc5.c | ||
| e_seed.c | ||
| e_sm4.c | ||
| e_xcbc_d.c | ||
| ec_ctrl.c | ||
| ec_support.c | ||
| encode.c | ||
| evp_cnf.c | ||
| evp_enc.c | ||
| evp_err.c | ||
| evp_fetch.c | ||
| evp_key.c | ||
| evp_lib.c | ||
| evp_local.h | ||
| evp_pbe.c | ||
| evp_pkey.c | ||
| evp_rand.c | ||
| evp_utils.c | ||
| exchange.c | ||
| kdf_lib.c | ||
| kdf_meth.c | ||
| kem.c | ||
| keymgmt_lib.c | ||
| keymgmt_meth.c | ||
| legacy_blake2.c | ||
| legacy_md2.c | ||
| legacy_md4.c | ||
| legacy_md5_sha1.c | ||
| legacy_md5.c | ||
| legacy_mdc2.c | ||
| legacy_meth.h | ||
| legacy_ripemd.c | ||
| legacy_sha.c | ||
| legacy_wp.c | ||
| m_null.c | ||
| m_sigver.c | ||
| mac_lib.c | ||
| mac_meth.c | ||
| names.c | ||
| p5_crpt2.c | ||
| p5_crpt.c | ||
| p_dec.c | ||
| p_enc.c | ||
| p_legacy.c | ||
| p_lib.c | ||
| p_open.c | ||
| p_seal.c | ||
| p_sign.c | ||
| p_verify.c | ||
| pbe_scrypt.c | ||
| pmeth_check.c | ||
| pmeth_gn.c | ||
| pmeth_lib.c | ||
| signature.c | ||