提交 2a82c7cf 编写于 作者: B Bodo Möller

Various bugfixes: Uses locking for some more of the stuff that is not

thread-safe (where thread-safe counterparts are not available on all
platforms), and don't memcpy to NULL-pointers
Submitted by: Anonymous
Reviewed by: Bodo Moeller

Also, clean up htons vs. ntohs confusions.
上级 d36bcdf5
...@@ -150,8 +150,12 @@ int BIO_get_port(const char *str, unsigned short *port_ptr) ...@@ -150,8 +150,12 @@ int BIO_get_port(const char *str, unsigned short *port_ptr)
*port_ptr=(unsigned short)i; *port_ptr=(unsigned short)i;
else else
{ {
s=getservbyname(str,"tcp"); CRYPTO_w_lock(CRYPTO_LOCK_GETSERVBYNAME);
if (s == NULL) s=getservbyname(str,"tcp");
if(s != NULL)
*port_ptr=ntohs((unsigned short)s->s_port);
CRYPTO_w_unlock(CRYPTO_LOCK_GETSERVBYNAME);
if(s == NULL)
{ {
if (strcmp(str,"http") == 0) if (strcmp(str,"http") == 0)
*port_ptr=80; *port_ptr=80;
...@@ -177,9 +181,7 @@ int BIO_get_port(const char *str, unsigned short *port_ptr) ...@@ -177,9 +181,7 @@ int BIO_get_port(const char *str, unsigned short *port_ptr)
ERR_add_error_data(3,"service='",str,"'"); ERR_add_error_data(3,"service='",str,"'");
return(0); return(0);
} }
return(1);
} }
*port_ptr=htons((unsigned short)s->s_port);
} }
return(1); return(1);
} }
...@@ -253,16 +255,18 @@ static struct hostent *ghbn_dup(struct hostent *a) ...@@ -253,16 +255,18 @@ static struct hostent *ghbn_dup(struct hostent *a)
for (i=0; a->h_aliases[i] != NULL; i++) for (i=0; a->h_aliases[i] != NULL; i++)
; ;
i++; i++;
ret->h_aliases=(char **)Malloc(sizeof(char *)*i); ret->h_aliases = (char **)Malloc(i*sizeof(char *));
memset(ret->h_aliases,0,sizeof(char *)*i); if (ret->h_aliases == NULL)
if (ret == NULL) goto err; goto err;
memset(ret->h_aliases, 0, i*sizeof(char *));
for (i=0; a->h_addr_list[i] != NULL; i++) for (i=0; a->h_addr_list[i] != NULL; i++)
; ;
i++; i++;
ret->h_addr_list=(char **)Malloc(sizeof(char *)*i); ret->h_addr_list=(char **)Malloc(i*sizeof(char *));
memset(ret->h_addr_list,0,sizeof(char *)*i); if (ret->h_addr_list == NULL)
if (ret->h_addr_list == NULL) goto err; goto err;
memset(ret->h_addr_list, 0, i*sizeof(char *));
j=strlen(a->h_name)+1; j=strlen(a->h_name)+1;
if ((ret->h_name=Malloc(j)) == NULL) goto err; if ((ret->h_name=Malloc(j)) == NULL) goto err;
...@@ -323,7 +327,7 @@ struct hostent *BIO_gethostbyname(const char *name) ...@@ -323,7 +327,7 @@ struct hostent *BIO_gethostbyname(const char *name)
/* return(gethostbyname(name)); */ /* return(gethostbyname(name)); */
CRYPTO_w_lock(CRYPTO_LOCK_BIO_GETHOSTBYNAME); CRYPTO_w_lock(CRYPTO_LOCK_GETHOSTBYNAME);
j=strlen(name); j=strlen(name);
if (j < 128) if (j < 128)
{ {
...@@ -349,15 +353,25 @@ struct hostent *BIO_gethostbyname(const char *name) ...@@ -349,15 +353,25 @@ struct hostent *BIO_gethostbyname(const char *name)
BIO_ghbn_miss++; BIO_ghbn_miss++;
ret=gethostbyname(name); ret=gethostbyname(name);
if (ret == NULL) return(NULL); if (ret == NULL)
if (j > 128) return(ret); /* too big to cache */ goto end;
if (j > 128) /* too big to cache */
{
ret = NULL;
goto end;
}
/* else add to cache */ /* else add to cache */
if (ghbn_cache[lowi].ent != NULL) if (ghbn_cache[lowi].ent != NULL)
ghbn_free(ghbn_cache[lowi].ent); ghbn_free(ghbn_cache[lowi].ent);
ghbn_cache[lowi].name[0] = '\0';
if((ret=ghbn_cache[lowi].ent=ghbn_dup(ret)) == NULL)
{
BIOerr(BIO_F_BIO_GETHOSTBYNAME,ERR_R_MALLOC_FAILURE);
goto end;
}
strncpy(ghbn_cache[lowi].name,name,128); strncpy(ghbn_cache[lowi].name,name,128);
ghbn_cache[lowi].ent=ghbn_dup(ret);
ghbn_cache[lowi].order=BIO_ghbn_miss+BIO_ghbn_hits; ghbn_cache[lowi].order=BIO_ghbn_miss+BIO_ghbn_hits;
} }
else else
...@@ -366,7 +380,8 @@ struct hostent *BIO_gethostbyname(const char *name) ...@@ -366,7 +380,8 @@ struct hostent *BIO_gethostbyname(const char *name)
ret= ghbn_cache[i].ent; ret= ghbn_cache[i].ent;
ghbn_cache[i].order=BIO_ghbn_miss+BIO_ghbn_hits; ghbn_cache[i].order=BIO_ghbn_miss+BIO_ghbn_hits;
} }
CRYPTO_w_unlock(CRYPTO_LOCK_BIO_GETHOSTBYNAME); end:
CRYPTO_w_unlock(CRYPTO_LOCK_GETHOSTBYNAME);
return(ret); return(ret);
} }
......
...@@ -546,6 +546,7 @@ int BIO_printf(BIO *bio, ...); ...@@ -546,6 +546,7 @@ int BIO_printf(BIO *bio, ...);
#define BIO_F_BIO_ACCEPT 101 #define BIO_F_BIO_ACCEPT 101
#define BIO_F_BIO_BER_GET_HEADER 102 #define BIO_F_BIO_BER_GET_HEADER 102
#define BIO_F_BIO_CTRL 103 #define BIO_F_BIO_CTRL 103
#define BIO_F_BIO_GETHOSTBYNAME 120
#define BIO_F_BIO_GETS 104 #define BIO_F_BIO_GETS 104
#define BIO_F_BIO_GET_ACCEPT_SOCKET 105 #define BIO_F_BIO_GET_ACCEPT_SOCKET 105
#define BIO_F_BIO_GET_HOST_IP 106 #define BIO_F_BIO_GET_HOST_IP 106
......
...@@ -69,6 +69,7 @@ static ERR_STRING_DATA BIO_str_functs[]= ...@@ -69,6 +69,7 @@ static ERR_STRING_DATA BIO_str_functs[]=
{ERR_PACK(0,BIO_F_BIO_ACCEPT,0), "BIO_accept"}, {ERR_PACK(0,BIO_F_BIO_ACCEPT,0), "BIO_accept"},
{ERR_PACK(0,BIO_F_BIO_BER_GET_HEADER,0), "BIO_BER_GET_HEADER"}, {ERR_PACK(0,BIO_F_BIO_BER_GET_HEADER,0), "BIO_BER_GET_HEADER"},
{ERR_PACK(0,BIO_F_BIO_CTRL,0), "BIO_ctrl"}, {ERR_PACK(0,BIO_F_BIO_CTRL,0), "BIO_ctrl"},
{ERR_PACK(0,BIO_F_BIO_GETHOSTBYNAME,0), "BIO_gethostbyname"},
{ERR_PACK(0,BIO_F_BIO_GETS,0), "BIO_gets"}, {ERR_PACK(0,BIO_F_BIO_GETS,0), "BIO_gets"},
{ERR_PACK(0,BIO_F_BIO_GET_ACCEPT_SOCKET,0), "BIO_get_accept_socket"}, {ERR_PACK(0,BIO_F_BIO_GET_ACCEPT_SOCKET,0), "BIO_get_accept_socket"},
{ERR_PACK(0,BIO_F_BIO_GET_HOST_IP,0), "BIO_get_host_ip"}, {ERR_PACK(0,BIO_F_BIO_GET_HOST_IP,0), "BIO_get_host_ip"},
......
...@@ -89,10 +89,12 @@ static const char* lock_names[CRYPTO_NUM_LOCKS] = ...@@ -89,10 +89,12 @@ static const char* lock_names[CRYPTO_NUM_LOCKS] =
"rand", "rand",
"debug_malloc", "debug_malloc",
"BIO", "BIO",
"bio_gethostbyname", "gethostbyname",
"getservbyname",
"readdir",
"RSA_blinding", "RSA_blinding",
#if CRYPTO_NUM_LOCKS != 22 #if CRYPTO_NUM_LOCKS != 24
# error "Inconsistency between crypto.h and cryptlic.c" # error "Inconsistency between crypto.h and cryptlib.c"
#endif #endif
}; };
......
...@@ -103,9 +103,11 @@ extern "C" { ...@@ -103,9 +103,11 @@ extern "C" {
#define CRYPTO_LOCK_RAND 17 #define CRYPTO_LOCK_RAND 17
#define CRYPTO_LOCK_MALLOC 18 #define CRYPTO_LOCK_MALLOC 18
#define CRYPTO_LOCK_BIO 19 #define CRYPTO_LOCK_BIO 19
#define CRYPTO_LOCK_BIO_GETHOSTBYNAME 20 #define CRYPTO_LOCK_GETHOSTBYNAME 20
#define CRYPTO_LOCK_RSA_BLINDING 21 #define CRYPTO_LOCK_GETSERVBYNAME 21
#define CRYPTO_NUM_LOCKS 22 #define CRYPTO_LOCK_READDIR 22
#define CRYPTO_LOCK_RSA_BLINDING 23
#define CRYPTO_NUM_LOCKS 24
#define CRYPTO_LOCK 1 #define CRYPTO_LOCK 1
#define CRYPTO_UNLOCK 2 #define CRYPTO_UNLOCK 2
......
...@@ -673,14 +673,18 @@ err: ...@@ -673,14 +673,18 @@ err:
int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
const char *dir) const char *dir)
{ {
DIR *d=opendir(dir); DIR *d;
struct dirent *dstruct; struct dirent *dstruct;
int ret = 0;
CRYPTO_w_lock(CRYPTO_LOCK_READDIR);
d = opendir(dir);
/* Note that a side effect is that the CAs will be sorted by name */ /* Note that a side effect is that the CAs will be sorted by name */
if(!d) if(!d)
{ {
SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,ERR_R_MALLOC_FAILURE); SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,ERR_R_MALLOC_FAILURE);
return 0; goto err;
} }
while((dstruct=readdir(d))) while((dstruct=readdir(d)))
...@@ -690,15 +694,18 @@ int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, ...@@ -690,15 +694,18 @@ int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
if(strlen(dir)+strlen(dstruct->d_name)+2 > sizeof buf) if(strlen(dir)+strlen(dstruct->d_name)+2 > sizeof buf)
{ {
SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,SSL_R_PATH_TOO_LONG); SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,SSL_R_PATH_TOO_LONG);
return 0; goto err;
} }
sprintf(buf,"%s/%s",dir,dstruct->d_name); sprintf(buf,"%s/%s",dir,dstruct->d_name);
if(!SSL_add_file_cert_subjects_to_stack(stack,buf)) if(!SSL_add_file_cert_subjects_to_stack(stack,buf))
return 0; goto err;
} }
ret = 1;
return 1; err:
CRYPTO_w_unlock(CRYPTO_LOCK_READDIR);
return ret;
} }
#endif #endif
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册