1 files changed, 14 insertions, 28 deletions

diff --git a/src/ssl/ssl_cert.c b/src/ssl/ssl_cert.c
index 770912b..f1fd675 100644
--- a/src/ssl/ssl_cert.c
+++ b/src/ssl/ssl_cert.c
@@ -128,33 +128,22 @@
 
 #include "../crypto/dh/internal.h"
 #include "../crypto/directory.h"
+#include "../crypto/internal.h"
 #include "internal.h"
 
 
-int SSL_get_ex_data_X509_STORE_CTX_idx(void) {
-  static int ssl_x509_store_ctx_idx = -1;
-  int got_write_lock = 0;
-
-  CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
-
-  if (ssl_x509_store_ctx_idx < 0) {
-    CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
-    CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
-    got_write_lock = 1;
-
-    if (ssl_x509_store_ctx_idx < 0) {
-      ssl_x509_store_ctx_idx = X509_STORE_CTX_get_ex_new_index(
-          0, "SSL for verify callback", NULL, NULL, NULL);
-    }
-  }
+static CRYPTO_once_t g_x509_store_ex_data_index_once;
+static int g_x509_store_ex_data_index;
 
-  if (got_write_lock) {
-    CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
-  } else {
-    CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
-  }
+static void ssl_x509_store_ex_data_index_init(void) {
+  g_x509_store_ex_data_index = X509_STORE_CTX_get_ex_new_index(
+      0, "SSL for verify callback", NULL, NULL, NULL);
+}
 
-  return ssl_x509_store_ctx_idx;
+int SSL_get_ex_data_X509_STORE_CTX_idx(void) {
+  CRYPTO_once(&g_x509_store_ex_data_index_once,
+              ssl_x509_store_ex_data_index_init);
+  return g_x509_store_ex_data_index;
 }
 
 CERT *ssl_cert_new(void) {
@@ -269,12 +258,12 @@ CERT *ssl_cert_dup(CERT *cert) {
   ret->cert_cb_arg = cert->cert_cb_arg;
 
   if (cert->verify_store) {
-    CRYPTO_add(&cert->verify_store->references, 1, CRYPTO_LOCK_X509_STORE);
+    CRYPTO_refcount_inc(&cert->verify_store->references);
     ret->verify_store = cert->verify_store;
   }
 
   if (cert->chain_store) {
-    CRYPTO_add(&cert->chain_store->references, 1, CRYPTO_LOCK_X509_STORE);
+    CRYPTO_refcount_inc(&cert->chain_store->references);
     ret->chain_store = cert->chain_store;
   }
 
@@ -731,8 +720,6 @@ int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
   const char *filename;
   int ret = 0;
 
-  CRYPTO_w_lock(CRYPTO_LOCK_READDIR);
-
   /* Note that a side effect is that the CAs will be sorted by name */
   while ((filename = OPENSSL_DIR_read(&d, dir))) {
     char buf[1024];
@@ -763,7 +750,6 @@ err:
   if (d) {
     OPENSSL_DIR_end(&d);
   }
-  CRYPTO_w_unlock(CRYPTO_LOCK_READDIR);
   return ret;
 }
 
@@ -977,7 +963,7 @@ int ssl_cert_set_cert_store(CERT *c, X509_STORE *store, int chain, int ref) {
   *pstore = store;
 
   if (ref && store) {
-    CRYPTO_add(&store->references, 1, CRYPTO_LOCK_X509_STORE);
+    CRYPTO_refcount_inc(&store->references);
   }
   return 1;
 }