diff options
| author | Adam Langley <agl@google.com> | 2016-07-12 20:39:20 +0300 |
|---|---|---|
| committer | David Benjamin <davidben@google.com> | 2016-07-12 20:55:41 +0300 |
| commit | 310d3f63f38cf8a82fa9ae5032e343ba5159eb4d (patch) | |
| tree | 18b60b1a10d16a7771c2c7f36bc991d65fa5d307 | |
| parent | 27516f7c9762c2b21ff4add87aa5b7ac41237575 (diff) | |
Change |EVP_PKEY_up_ref| to return int.
Upstream have added |EVP_PKEY_up_ref|, but their version returns an int.
Having this function with a different signature like that is dangerous
so this change aligns BoringSSL with upstream. Users of this function in
Chromium and internally should already have been updated.
Change-Id: I0a7aeaf1a1ca3b0f0c635e2ee3826aa100b18157
Reviewed-on: https://boringssl-review.googlesource.com/8736
Reviewed-by: David Benjamin <davidben@google.com>
| -rw-r--r-- | crypto/evp/evp.c | 4 | ||||
| -rw-r--r-- | crypto/evp/evp_ctx.c | 9 | ||||
| -rw-r--r-- | crypto/x509/x_pubkey.c | 6 | ||||
| -rw-r--r-- | include/openssl/evp.h | 4 | ||||
| -rw-r--r-- | ssl/ssl_cert.c | 3 | ||||
| -rw-r--r-- | ssl/ssl_lib.c | 10 | ||||
| -rw-r--r-- | ssl/ssl_rsa.c | 3 |
7 files changed, 24 insertions, 15 deletions
diff --git a/crypto/evp/evp.c b/crypto/evp/evp.c index ee207f9b..3b4b05bb 100644 --- a/crypto/evp/evp.c +++ b/crypto/evp/evp.c @@ -108,9 +108,9 @@ void EVP_PKEY_free(EVP_PKEY *pkey) { OPENSSL_free(pkey); } -EVP_PKEY *EVP_PKEY_up_ref(EVP_PKEY *pkey) { +int EVP_PKEY_up_ref(EVP_PKEY *pkey) { CRYPTO_refcount_inc(&pkey->references); - return pkey; + return 1; } int EVP_PKEY_is_opaque(const EVP_PKEY *pkey) { diff --git a/crypto/evp/evp_ctx.c b/crypto/evp/evp_ctx.c index f510f6c7..f7d4b41b 100644 --- a/crypto/evp/evp_ctx.c +++ b/crypto/evp/evp_ctx.c @@ -112,7 +112,8 @@ static EVP_PKEY_CTX *evp_pkey_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id) { ret->operation = EVP_PKEY_OP_UNDEFINED; if (pkey) { - ret->pkey = EVP_PKEY_up_ref(pkey); + EVP_PKEY_up_ref(pkey); + ret->pkey = pkey; } if (pmeth->init) { @@ -165,14 +166,16 @@ EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx) { rctx->operation = pctx->operation; if (pctx->pkey) { - rctx->pkey = EVP_PKEY_up_ref(pctx->pkey); + EVP_PKEY_up_ref(pctx->pkey); + rctx->pkey = pctx->pkey; if (rctx->pkey == NULL) { goto err; } } if (pctx->peerkey) { - rctx->peerkey = EVP_PKEY_up_ref(pctx->peerkey); + EVP_PKEY_up_ref(pctx->peerkey); + rctx->peerkey = pctx->peerkey; if (rctx->peerkey == NULL) { goto err; } diff --git a/crypto/x509/x_pubkey.c b/crypto/x509/x_pubkey.c index 23534b2b..3d07d661 100644 --- a/crypto/x509/x_pubkey.c +++ b/crypto/x509/x_pubkey.c @@ -141,7 +141,8 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) CRYPTO_STATIC_MUTEX_lock_read(&g_pubkey_lock); if (key->pkey != NULL) { CRYPTO_STATIC_MUTEX_unlock_read(&g_pubkey_lock); - return EVP_PKEY_up_ref(key->pkey); + EVP_PKEY_up_ref(key->pkey); + return key->pkey; } CRYPTO_STATIC_MUTEX_unlock_read(&g_pubkey_lock); @@ -170,7 +171,8 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) } OPENSSL_free(spki); - return EVP_PKEY_up_ref(ret); + EVP_PKEY_up_ref(ret); + return ret; error: OPENSSL_free(spki); diff --git a/include/openssl/evp.h b/include/openssl/evp.h index 54074073..e4f812a3 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -89,8 +89,8 @@ OPENSSL_EXPORT EVP_PKEY *EVP_PKEY_new(void); * itself. */ OPENSSL_EXPORT void EVP_PKEY_free(EVP_PKEY *pkey); -/* EVP_PKEY_up_ref increments the reference count of |pkey| and returns it. */ -OPENSSL_EXPORT EVP_PKEY *EVP_PKEY_up_ref(EVP_PKEY *pkey); +/* EVP_PKEY_up_ref increments the reference count of |pkey| and returns one. */ +OPENSSL_EXPORT int EVP_PKEY_up_ref(EVP_PKEY *pkey); /* EVP_PKEY_is_opaque returns one if |pkey| is opaque. Opaque keys are backed by * custom implementations which do not expose key material and parameters. It is diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index d61f9f53..dead3ba7 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -174,7 +174,8 @@ CERT *ssl_cert_dup(CERT *cert) { } if (cert->privatekey != NULL) { - ret->privatekey = EVP_PKEY_up_ref(cert->privatekey); + EVP_PKEY_up_ref(cert->privatekey); + ret->privatekey = cert->privatekey; } if (cert->chain) { diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index e0cba62b..ca522335 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -456,8 +456,8 @@ SSL *SSL_new(SSL_CTX *ctx) { ssl->tlsext_channel_id_enabled = ctx->tlsext_channel_id_enabled; if (ctx->tlsext_channel_id_private) { - ssl->tlsext_channel_id_private = - EVP_PKEY_up_ref(ctx->tlsext_channel_id_private); + EVP_PKEY_up_ref(ctx->tlsext_channel_id_private); + ssl->tlsext_channel_id_private = ctx->tlsext_channel_id_private; } ssl->signed_cert_timestamps_enabled = @@ -1834,7 +1834,8 @@ int SSL_CTX_set1_tls_channel_id(SSL_CTX *ctx, EVP_PKEY *private_key) { } EVP_PKEY_free(ctx->tlsext_channel_id_private); - ctx->tlsext_channel_id_private = EVP_PKEY_up_ref(private_key); + EVP_PKEY_up_ref(private_key); + ctx->tlsext_channel_id_private = private_key; ctx->tlsext_channel_id_enabled = 1; return 1; @@ -1847,7 +1848,8 @@ int SSL_set1_tls_channel_id(SSL *ssl, EVP_PKEY *private_key) { } EVP_PKEY_free(ssl->tlsext_channel_id_private); - ssl->tlsext_channel_id_private = EVP_PKEY_up_ref(private_key); + EVP_PKEY_up_ref(private_key); + ssl->tlsext_channel_id_private = private_key; ssl->tlsext_channel_id_enabled = 1; return 1; diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c index cfa4cda2..6dcbcc95 100644 --- a/ssl/ssl_rsa.c +++ b/ssl/ssl_rsa.c @@ -143,7 +143,8 @@ static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey) { } EVP_PKEY_free(c->privatekey); - c->privatekey = EVP_PKEY_up_ref(pkey); + EVP_PKEY_up_ref(pkey); + c->privatekey = pkey; return 1; } |