| OLD | NEW |
|---|
| (Empty) |
| 1 diff -burN android-openssl.orig/crypto/conf/conf_api.c android-openssl-lhash/cry
pto/conf/conf_api.c | |
| 2 --- android-openssl.orig/crypto/conf/conf_api.c 2013-02-11 10:26:04.000000000 -0
500 | |
| 3 +++ android-openssl-lhash/crypto/conf/conf_api.c 2013-11-05 14:16:49.5000
27656 -0500 | |
| 4 @@ -225,9 +225,6 @@ | |
| 5 { | |
| 6 if (conf == NULL || conf->data == NULL) return; | |
| 7 | |
| 8 - lh_CONF_VALUE_down_load(conf->data)=0; /* evil thing to make | |
| 9 - * sure the 'OPENSSL_free()' works as | |
| 10 - * expected */ | |
| 11 lh_CONF_VALUE_doall_arg(conf->data, | |
| 12 LHASH_DOALL_ARG_FN(value_free_hash), | |
| 13 LHASH_OF(CONF_VALUE), conf->data); | |
| 14 diff -burN android-openssl.orig/crypto/lhash/lhash.c android-openssl-lhash/crypt
o/lhash/lhash.c | |
| 15 --- android-openssl.orig/crypto/lhash/lhash.c 2013-02-11 10:26:04.000000000 -0
500 | |
| 16 +++ android-openssl-lhash/crypto/lhash/lhash.c 2013-11-05 14:16:49.500027656 -0
500 | |
| 17 @@ -94,6 +94,7 @@ | |
| 18 * | |
| 19 * 1.0 eay - First version | |
| 20 */ | |
| 21 +#include <limits.h> | |
| 22 #include <stdio.h> | |
| 23 #include <string.h> | |
| 24 #include <stdlib.h> | |
| 25 @@ -107,6 +108,113 @@ | |
| 26 #define UP_LOAD (2*LH_LOAD_MULT) /* load times 256 (default 2)
*/ | |
| 27 #define DOWN_LOAD (LH_LOAD_MULT) /* load times 256 (default 1) */ | |
| 28 | |
| 29 +/* Maximum number of nodes to guarantee the load computations don't overflow */ | |
| 30 +#define MAX_LOAD_ITEMS (UINT_MAX / LH_LOAD_MULT) | |
| 31 + | |
| 32 +/* The field 'iteration_state' is used to hold data to ensure that a hash | |
| 33 + * table is not resized during an 'insert' or 'delete' operation performed | |
| 34 + * within a lh_doall/lh_doall_arg call. | |
| 35 + * | |
| 36 + * Conceptually, this records two things: | |
| 37 + * | |
| 38 + * - A 'depth' count, which is incremented at the start of lh_doall*, | |
| 39 + * and decremented just before it returns. | |
| 40 + * | |
| 41 + * - A 'mutated' boolean flag, which is set in lh_insert() or lh_delete() | |
| 42 + * when the operation is performed with a non-0 depth. | |
| 43 + * | |
| 44 + * The following are helper macros to handle this state in a more explicit | |
| 45 + * way. | |
| 46 + */ | |
| 47 + | |
| 48 +/* Reset the iteration state to its defaults. */ | |
| 49 +#define LH_ITERATION_RESET(lh) do { \ | |
| 50 + (lh)->iteration_state = 0; \ | |
| 51 + } while (0) | |
| 52 + | |
| 53 +/* Returns 1 if the hash table is currently being iterated on, 0 otherwise. */ | |
| 54 +#define LH_ITERATION_IS_ACTIVE(lh) ((lh)->iteration_state >= 2) | |
| 55 + | |
| 56 +/* Increment iteration depth. This should always be followed by a paired call | |
| 57 + * to LH_ITERATION_DECREMENT_DEPTH(). */ | |
| 58 +#define LH_ITERATION_INCREMENT_DEPTH(lh) do { \ | |
| 59 + (lh)->iteration_state += 2; \ | |
| 60 + } while (0) | |
| 61 + | |
| 62 +/* Decrement iteration depth. This should always be called after a paired call | |
| 63 + * to LH_ITERATION_INCREMENT_DEPTH(). */ | |
| 64 +#define LH_ITERATION_DECREMENT_DEPTH(lh) do { \ | |
| 65 + (lh)->iteration_state -= 2; \ | |
| 66 + } while (0) | |
| 67 + | |
| 68 +/* Return 1 if the iteration 'mutated' flag is set, 0 otherwise. */ | |
| 69 +#define LH_ITERATION_IS_MUTATED(lh) (((lh)->iteration_state & 1) != 0) | |
| 70 + | |
| 71 +/* Set the iteration 'mutated' flag to 1. LH_ITERATION_RESET() to reset it. */ | |
| 72 +#define LH_ITERATION_SET_MUTATED(lh) do { \ | |
| 73 + (lh)->iteration_state |= 1; \ | |
| 74 + } while (0) | |
| 75 + | |
| 76 +/* This macro returns 1 if the hash table should be expanded due to its current | |
| 77 + * load, or 0 otherwise. The exact comparison to be performed is expressed by | |
| 78 + * the mathematical expression (where '//' denotes division over real numbers): | |
| 79 + * | |
| 80 + * (num_items // num_nodes) >= (up_load // LOAD_MULT) or | |
| 81 + * (num_items * LOAD_MULT // num_nodes) >= up_load. | |
| 82 + * | |
| 83 + * Given that the C language operator '/' implements integer division, i.e: | |
| 84 + * a // b == (a / b) + epsilon (with 0 <= epsilon < 1, for positive a & b) | |
| 85 + * | |
| 86 + * This can be rewritten as: | |
| 87 + * (num_items * LOAD_MULT / num_nodes) + epsilon >= up_load | |
| 88 + * (num_items * LOAD_MULT / num_nodes) - up_load >= - epsilon | |
| 89 + * | |
| 90 + * Let's call 'A' the left-hand side of the equation above, it is an integer | |
| 91 + * and: | |
| 92 + * - If A >= 0, the expression is true for any value of epsilon. | |
| 93 + * - If A <= -1, the expression is also true for any value of epsilon. | |
| 94 + * | |
| 95 + * In other words, this is equivalent to 'A >= 0', or: | |
| 96 + * (num_items * LOAD_MULT / num_nodes) >= up_load | |
| 97 + */ | |
| 98 +#define LH_SHOULD_EXPAND(lh) \ | |
| 99 + ((lh)->num_items < MAX_LOAD_ITEMS && \ | |
| 100 + (((lh)->num_items*LH_LOAD_MULT/(lh)->num_nodes) >= (lh)->up_load)) | |
| 101 + | |
| 102 +/* This macro returns 1 if the hash table should be contracted due to its | |
| 103 + * current load, or 0 otherwise. Abbreviated computations are: | |
| 104 + * | |
| 105 + * (num_items // num_nodes) <= (down_load // LOAD_MULT) | |
| 106 + * (num_items * LOAD_MULT // num_nodes) <= down_load | |
| 107 + * (num_items * LOAD_MULT / num_nodes) + epsilon <= down_load | |
| 108 + * (num_items * LOAD_MULT / num_nodes) - down_load <= -epsilon | |
| 109 + * | |
| 110 + * Let's call 'B' the left-hand side of the equation above: | |
| 111 + * - If B <= -1, the expression is true for any value of epsilon. | |
| 112 + * - If B >= 1, the expression is false for any value of epsilon. | |
| 113 + * - If B == 0, the expression is true for 'epsilon == 0', and false | |
| 114 + * otherwise, which is problematic. | |
| 115 + * | |
| 116 + * To work around this problem, while keeping the code simple, just change | |
| 117 + * the initial expression to use a strict inequality, i.e.: | |
| 118 + * | |
| 119 + * (num_items // num_nodes) < (down_load // LOAD_MULT) | |
| 120 + * | |
| 121 + * Which leads to: | |
| 122 + * (num_items * LOAD_MULT / num_nodes) - down_load < -epsilon | |
| 123 + * | |
| 124 + * Then: | |
| 125 + * - If 'B <= -1', the expression is true for any value of epsilon. | |
| 126 + * - If 'B' >= 0, the expression is false for any value of epsilon, | |
| 127 + * | |
| 128 + * In other words, this is equivalent to 'B < 0', or: | |
| 129 + * (num_items * LOAD_MULT / num_nodes) < down_load | |
| 130 + */ | |
| 131 +#define LH_SHOULD_CONTRACT(lh) \ | |
| 132 + (((lh)->num_nodes > MIN_NODES) && \ | |
| 133 + ((lh)->num_items < MAX_LOAD_ITEMS && \ | |
| 134 + ((lh)->num_items*LH_LOAD_MULT/(lh)->num_nodes) < (lh)->down_load)) | |
| 135 + | |
| 136 static void expand(_LHASH *lh); | |
| 137 static void contract(_LHASH *lh); | |
| 138 static LHASH_NODE **getrn(_LHASH *lh, const void *data, unsigned long *rhash); | |
| 139 @@ -147,6 +255,7 @@ | |
| 140 ret->num_hash_comps=0; | |
| 141 | |
| 142 ret->error=0; | |
| 143 + LH_ITERATION_RESET(ret); | |
| 144 return(ret); | |
| 145 err1: | |
| 146 OPENSSL_free(ret); | |
| 147 @@ -183,7 +292,10 @@ | |
| 148 void *ret; | |
| 149 | |
| 150 lh->error=0; | |
| 151 - if (lh->up_load <= (lh->num_items*LH_LOAD_MULT/lh->num_nodes)) | |
| 152 + /* Do not expand the array if the table is being iterated on. */ | |
| 153 + if (LH_ITERATION_IS_ACTIVE(lh)) | |
| 154 + LH_ITERATION_SET_MUTATED(lh); | |
| 155 + else if (LH_SHOULD_EXPAND(lh)) | |
| 156 expand(lh); | |
| 157 | |
| 158 rn=getrn(lh,data,&hash); | |
| 159 @@ -238,8 +350,10 @@ | |
| 160 } | |
| 161 | |
| 162 lh->num_items--; | |
| 163 - if ((lh->num_nodes > MIN_NODES) && | |
| 164 - (lh->down_load >= (lh->num_items*LH_LOAD_MULT/lh->num_nodes))) | |
| 165 + /* Do not contract the array if the table is being iterated on. */ | |
| 166 + if (LH_ITERATION_IS_ACTIVE(lh)) | |
| 167 + LH_ITERATION_SET_MUTATED(lh); | |
| 168 + else if (LH_SHOULD_CONTRACT(lh)) | |
| 169 contract(lh); | |
| 170 | |
| 171 return(ret); | |
| 172 @@ -276,6 +390,7 @@ | |
| 173 if (lh == NULL) | |
| 174 return; | |
| 175 | |
| 176 + LH_ITERATION_INCREMENT_DEPTH(lh); | |
| 177 /* reverse the order so we search from 'top to bottom' | |
| 178 * We were having memory leaks otherwise */ | |
| 179 for (i=lh->num_nodes-1; i>=0; i--) | |
| 180 @@ -283,10 +398,7 @@ | |
| 181 a=lh->b[i]; | |
| 182 while (a != NULL) | |
| 183 { | |
| 184 - /* 28/05/91 - eay - n added so items can be deleted | |
| 185 - * via lh_doall */ | |
| 186 - /* 22/05/08 - ben - eh? since a is not passed, | |
| 187 - * this should not be needed */ | |
| 188 + /* note that 'a' can be deleted by the callback */ | |
| 189 n=a->next; | |
| 190 if(use_arg) | |
| 191 func_arg(a->data,arg); | |
| 192 @@ -295,6 +407,19 @@ | |
| 193 a=n; | |
| 194 } | |
| 195 } | |
| 196 + | |
| 197 + LH_ITERATION_DECREMENT_DEPTH(lh); | |
| 198 + if (!LH_ITERATION_IS_ACTIVE(lh) && LH_ITERATION_IS_MUTATED(lh)) | |
| 199 + { | |
| 200 + LH_ITERATION_RESET(lh); | |
| 201 + /* Resize the buckets array if necessary. Each expand() or | |
| 202 + * contract() call will double/halve the size of the array, | |
| 203 + * respectively, so call them in a loop. */ | |
| 204 + while (LH_SHOULD_EXPAND(lh)) | |
| 205 + expand(lh); | |
| 206 + while (LH_SHOULD_CONTRACT(lh)) | |
| 207 + contract(lh); | |
| 208 + } | |
| 209 } | |
| 210 | |
| 211 void lh_doall(_LHASH *lh, LHASH_DOALL_FN_TYPE func) | |
| 212 diff -burN android-openssl.orig/crypto/lhash/lhash.h android-openssl-lhash/crypt
o/lhash/lhash.h | |
| 213 --- android-openssl.orig/crypto/lhash/lhash.h 2013-02-11 10:26:04.000000000 -0
500 | |
| 214 +++ android-openssl-lhash/crypto/lhash/lhash.h 2013-11-05 14:16:49.500027656 -0
500 | |
| 215 @@ -163,6 +163,7 @@ | |
| 216 unsigned long num_hash_comps; | |
| 217 | |
| 218 int error; | |
| 219 + int iteration_state; | |
| 220 } _LHASH; /* Do not use _LHASH directly, use LHASH_OF | |
| 221 * and friends */ | |
| 222 | |
| 223 diff -burN android-openssl.orig/crypto/objects/o_names.c android-openssl-lhash/c
rypto/objects/o_names.c | |
| 224 --- android-openssl.orig/crypto/objects/o_names.c 2013-02-11 10:26:04.0000
00000 -0500 | |
| 225 +++ android-openssl-lhash/crypto/objects/o_names.c 2013-11-05 14:16:49.5000
27656 -0500 | |
| 226 @@ -350,13 +350,9 @@ | |
| 227 | |
| 228 void OBJ_NAME_cleanup(int type) | |
| 229 { | |
| 230 - unsigned long down_load; | |
| 231 - | |
| 232 if (names_lh == NULL) return; | |
| 233 | |
| 234 free_type=type; | |
| 235 - down_load=lh_OBJ_NAME_down_load(names_lh); | |
| 236 - lh_OBJ_NAME_down_load(names_lh)=0; | |
| 237 | |
| 238 lh_OBJ_NAME_doall(names_lh,LHASH_DOALL_FN(names_lh_free)); | |
| 239 if (type < 0) | |
| 240 @@ -366,7 +362,5 @@ | |
| 241 names_lh=NULL; | |
| 242 name_funcs_stack = NULL; | |
| 243 } | |
| 244 - else | |
| 245 - lh_OBJ_NAME_down_load(names_lh)=down_load; | |
| 246 } | |
| 247 | |
| 248 diff -burN android-openssl.orig/crypto/objects/obj_dat.c android-openssl-lhash/c
rypto/objects/obj_dat.c | |
| 249 --- android-openssl.orig/crypto/objects/obj_dat.c 2013-02-11 10:26:04.0000
00000 -0500 | |
| 250 +++ android-openssl-lhash/crypto/objects/obj_dat.c 2013-11-05 14:16:49.5000
27656 -0500 | |
| 251 @@ -227,7 +227,6 @@ | |
| 252 return ; | |
| 253 } | |
| 254 if (added == NULL) return; | |
| 255 - lh_ADDED_OBJ_down_load(added) = 0; | |
| 256 lh_ADDED_OBJ_doall(added,LHASH_DOALL_FN(cleanup1)); /* zero counters */ | |
| 257 lh_ADDED_OBJ_doall(added,LHASH_DOALL_FN(cleanup2)); /* set counters */ | |
| 258 lh_ADDED_OBJ_doall(added,LHASH_DOALL_FN(cleanup3)); /* free objects */ | |
| 259 diff -burN android-openssl.orig/include/openssl/lhash.h android-openssl-lhash/in
clude/openssl/lhash.h | |
| 260 --- android-openssl.orig/include/openssl/lhash.h 2013-11-05 14:11:20.9032
23251 -0500 | |
| 261 +++ android-openssl-lhash/include/openssl/lhash.h 2013-11-05 14:16:49.5000
27656 -0500 | |
| 262 @@ -163,6 +163,7 @@ | |
| 263 unsigned long num_hash_comps; | |
| 264 | |
| 265 int error; | |
| 266 + int iteration_state; | |
| 267 } _LHASH; /* Do not use _LHASH directly, use LHASH_OF | |
| 268 * and friends */ | |
| 269 | |
| 270 diff -burN android-openssl.orig/include/openssl/ssl.h android-openssl-lhash/incl
ude/openssl/ssl.h | |
| 271 --- android-openssl.orig/include/openssl/ssl.h 2013-11-05 14:11:21.013222124 -0
500 | |
| 272 +++ android-openssl-lhash/include/openssl/ssl.h 2013-11-05 14:16:49.500027656 -0
500 | |
| 273 @@ -1681,10 +1681,10 @@ | |
| 274 SSL_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh) | |
| 275 | |
| 276 /* SSL_enable_tls_channel_id either configures a TLS server to accept TLS clien
t | |
| 277 - * IDs from clients, or configure a client to send TLS client IDs to server. | |
| 278 + * IDs from clients, or configures a client to send TLS client IDs to server. | |
| 279 * Returns 1 on success. */ | |
| 280 -#define SSL_enable_tls_channel_id(s) \ | |
| 281 - SSL_ctrl(s,SSL_CTRL_CHANNEL_ID,0,NULL) | |
| 282 +#define SSL_enable_tls_channel_id(ssl) \ | |
| 283 + SSL_ctrl(ssl,SSL_CTRL_CHANNEL_ID,0,NULL) | |
| 284 /* SSL_set1_tls_channel_id configures a TLS client to send a TLS Channel ID to | |
| 285 * compatible servers. private_key must be a P-256 EVP_PKEY*. Returns 1 on | |
| 286 * success. */ | |
| 287 diff -burN android-openssl.orig/ssl/ssl.h android-openssl-lhash/ssl/ssl.h | |
| 288 --- android-openssl.orig/ssl/ssl.h 2013-11-05 14:11:18.363249269 -0500 | |
| 289 +++ android-openssl-lhash/ssl/ssl.h 2013-11-05 14:16:49.510027563 -0500 | |
| 290 @@ -1681,10 +1681,10 @@ | |
| 291 SSL_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh) | |
| 292 | |
| 293 /* SSL_enable_tls_channel_id either configures a TLS server to accept TLS clien
t | |
| 294 - * IDs from clients, or configure a client to send TLS client IDs to server. | |
| 295 + * IDs from clients, or configures a client to send TLS client IDs to server. | |
| 296 * Returns 1 on success. */ | |
| 297 -#define SSL_enable_tls_channel_id(s) \ | |
| 298 - SSL_ctrl(s,SSL_CTRL_CHANNEL_ID,0,NULL) | |
| 299 +#define SSL_enable_tls_channel_id(ssl) \ | |
| 300 + SSL_ctrl(ssl,SSL_CTRL_CHANNEL_ID,0,NULL) | |
| 301 /* SSL_set1_tls_channel_id configures a TLS client to send a TLS Channel ID to | |
| 302 * compatible servers. private_key must be a P-256 EVP_PKEY*. Returns 1 on | |
| 303 * success. */ | |
| 304 diff -burN android-openssl.orig/ssl/ssl_sess.c android-openssl-lhash/ssl/ssl_ses
s.c | |
| 305 --- android-openssl.orig/ssl/ssl_sess.c 2013-11-05 14:11:18.363249269 -0500 | |
| 306 +++ android-openssl-lhash/ssl/ssl_sess.c 2013-11-05 14:16:49.510027563 -0
500 | |
| 307 @@ -999,11 +999,8 @@ | |
| 308 if (tp.cache == NULL) return; | |
| 309 tp.time=t; | |
| 310 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); | |
| 311 - i=CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load; | |
| 312 - CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load=0; | |
| 313 lh_SSL_SESSION_doall_arg(tp.cache, LHASH_DOALL_ARG_FN(timeout), | |
| 314 TIMEOUT_PARAM, &tp); | |
| 315 - CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load=i; | |
| 316 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); | |
| 317 } | |
| 318 | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2072073002:
Delete bundled copy of OpenSSL and replace with README. (Closed)
Base URL: https://chromium.googlesource.com/chromium/deps/openssl@master