diff options
Diffstat (limited to 'src/ssl/ssl_cert.c')
-rw-r--r-- | src/ssl/ssl_cert.c | 42 |
1 files changed, 14 insertions, 28 deletions
diff --git a/src/ssl/ssl_cert.c b/src/ssl/ssl_cert.c index 770912b..f1fd675 100644 --- a/src/ssl/ssl_cert.c +++ b/src/ssl/ssl_cert.c @@ -128,33 +128,22 @@ #include "../crypto/dh/internal.h" #include "../crypto/directory.h" +#include "../crypto/internal.h" #include "internal.h" -int SSL_get_ex_data_X509_STORE_CTX_idx(void) { - static int ssl_x509_store_ctx_idx = -1; - int got_write_lock = 0; - - CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX); - - if (ssl_x509_store_ctx_idx < 0) { - CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX); - CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); - got_write_lock = 1; - - if (ssl_x509_store_ctx_idx < 0) { - ssl_x509_store_ctx_idx = X509_STORE_CTX_get_ex_new_index( - 0, "SSL for verify callback", NULL, NULL, NULL); - } - } +static CRYPTO_once_t g_x509_store_ex_data_index_once; +static int g_x509_store_ex_data_index; - if (got_write_lock) { - CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); - } else { - CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX); - } +static void ssl_x509_store_ex_data_index_init(void) { + g_x509_store_ex_data_index = X509_STORE_CTX_get_ex_new_index( + 0, "SSL for verify callback", NULL, NULL, NULL); +} - return ssl_x509_store_ctx_idx; +int SSL_get_ex_data_X509_STORE_CTX_idx(void) { + CRYPTO_once(&g_x509_store_ex_data_index_once, + ssl_x509_store_ex_data_index_init); + return g_x509_store_ex_data_index; } CERT *ssl_cert_new(void) { @@ -269,12 +258,12 @@ CERT *ssl_cert_dup(CERT *cert) { ret->cert_cb_arg = cert->cert_cb_arg; if (cert->verify_store) { - CRYPTO_add(&cert->verify_store->references, 1, CRYPTO_LOCK_X509_STORE); + CRYPTO_refcount_inc(&cert->verify_store->references); ret->verify_store = cert->verify_store; } if (cert->chain_store) { - CRYPTO_add(&cert->chain_store->references, 1, CRYPTO_LOCK_X509_STORE); + CRYPTO_refcount_inc(&cert->chain_store->references); ret->chain_store = cert->chain_store; } @@ -731,8 +720,6 @@ int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, const char *filename; int ret = 0; - CRYPTO_w_lock(CRYPTO_LOCK_READDIR); - /* Note that a side effect is that the CAs will be sorted by name */ while ((filename = OPENSSL_DIR_read(&d, dir))) { char buf[1024]; @@ -763,7 +750,6 @@ err: if (d) { OPENSSL_DIR_end(&d); } - CRYPTO_w_unlock(CRYPTO_LOCK_READDIR); return ret; } @@ -977,7 +963,7 @@ int ssl_cert_set_cert_store(CERT *c, X509_STORE *store, int chain, int ref) { *pstore = store; if (ref && store) { - CRYPTO_add(&store->references, 1, CRYPTO_LOCK_X509_STORE); + CRYPTO_refcount_inc(&store->references); } return 1; } |