OLD | NEW |
| (Empty) |
1 diff -burN android-openssl.orig/crypto/conf/conf_api.c android-openssl-lhash/cry
pto/conf/conf_api.c | |
2 --- android-openssl.orig/crypto/conf/conf_api.c 2013-02-11 10:26:04.000000000 -0
500 | |
3 +++ android-openssl-lhash/crypto/conf/conf_api.c 2013-11-05 14:16:49.5000
27656 -0500 | |
4 @@ -225,9 +225,6 @@ | |
5 { | |
6 if (conf == NULL || conf->data == NULL) return; | |
7 | |
8 - lh_CONF_VALUE_down_load(conf->data)=0; /* evil thing to make | |
9 - * sure the 'OPENSSL_free()' works as | |
10 - * expected */ | |
11 lh_CONF_VALUE_doall_arg(conf->data, | |
12 LHASH_DOALL_ARG_FN(value_free_hash), | |
13 LHASH_OF(CONF_VALUE), conf->data); | |
14 diff -burN android-openssl.orig/crypto/lhash/lhash.c android-openssl-lhash/crypt
o/lhash/lhash.c | |
15 --- android-openssl.orig/crypto/lhash/lhash.c 2013-02-11 10:26:04.000000000 -0
500 | |
16 +++ android-openssl-lhash/crypto/lhash/lhash.c 2013-11-05 14:16:49.500027656 -0
500 | |
17 @@ -94,6 +94,7 @@ | |
18 * | |
19 * 1.0 eay - First version | |
20 */ | |
21 +#include <limits.h> | |
22 #include <stdio.h> | |
23 #include <string.h> | |
24 #include <stdlib.h> | |
25 @@ -107,6 +108,113 @@ | |
26 #define UP_LOAD (2*LH_LOAD_MULT) /* load times 256 (default 2)
*/ | |
27 #define DOWN_LOAD (LH_LOAD_MULT) /* load times 256 (default 1) */ | |
28 | |
29 +/* Maximum number of nodes to guarantee the load computations don't overflow */ | |
30 +#define MAX_LOAD_ITEMS (UINT_MAX / LH_LOAD_MULT) | |
31 + | |
32 +/* The field 'iteration_state' is used to hold data to ensure that a hash | |
33 + * table is not resized during an 'insert' or 'delete' operation performed | |
34 + * within a lh_doall/lh_doall_arg call. | |
35 + * | |
36 + * Conceptually, this records two things: | |
37 + * | |
38 + * - A 'depth' count, which is incremented at the start of lh_doall*, | |
39 + * and decremented just before it returns. | |
40 + * | |
41 + * - A 'mutated' boolean flag, which is set in lh_insert() or lh_delete() | |
42 + * when the operation is performed with a non-0 depth. | |
43 + * | |
44 + * The following are helper macros to handle this state in a more explicit | |
45 + * way. | |
46 + */ | |
47 + | |
48 +/* Reset the iteration state to its defaults. */ | |
49 +#define LH_ITERATION_RESET(lh) do { \ | |
50 + (lh)->iteration_state = 0; \ | |
51 + } while (0) | |
52 + | |
53 +/* Returns 1 if the hash table is currently being iterated on, 0 otherwise. */ | |
54 +#define LH_ITERATION_IS_ACTIVE(lh) ((lh)->iteration_state >= 2) | |
55 + | |
56 +/* Increment iteration depth. This should always be followed by a paired call | |
57 + * to LH_ITERATION_DECREMENT_DEPTH(). */ | |
58 +#define LH_ITERATION_INCREMENT_DEPTH(lh) do { \ | |
59 + (lh)->iteration_state += 2; \ | |
60 + } while (0) | |
61 + | |
62 +/* Decrement iteration depth. This should always be called after a paired call | |
63 + * to LH_ITERATION_INCREMENT_DEPTH(). */ | |
64 +#define LH_ITERATION_DECREMENT_DEPTH(lh) do { \ | |
65 + (lh)->iteration_state -= 2; \ | |
66 + } while (0) | |
67 + | |
68 +/* Return 1 if the iteration 'mutated' flag is set, 0 otherwise. */ | |
69 +#define LH_ITERATION_IS_MUTATED(lh) (((lh)->iteration_state & 1) != 0) | |
70 + | |
71 +/* Set the iteration 'mutated' flag to 1. LH_ITERATION_RESET() to reset it. */ | |
72 +#define LH_ITERATION_SET_MUTATED(lh) do { \ | |
73 + (lh)->iteration_state |= 1; \ | |
74 + } while (0) | |
75 + | |
76 +/* This macro returns 1 if the hash table should be expanded due to its current | |
77 + * load, or 0 otherwise. The exact comparison to be performed is expressed by | |
78 + * the mathematical expression (where '//' denotes division over real numbers): | |
79 + * | |
80 + * (num_items // num_nodes) >= (up_load // LOAD_MULT) or | |
81 + * (num_items * LOAD_MULT // num_nodes) >= up_load. | |
82 + * | |
83 + * Given that the C language operator '/' implements integer division, i.e: | |
84 + * a // b == (a / b) + epsilon (with 0 <= epsilon < 1, for positive a & b) | |
85 + * | |
86 + * This can be rewritten as: | |
87 + * (num_items * LOAD_MULT / num_nodes) + epsilon >= up_load | |
88 + * (num_items * LOAD_MULT / num_nodes) - up_load >= - epsilon | |
89 + * | |
90 + * Let's call 'A' the left-hand side of the equation above, it is an integer | |
91 + * and: | |
92 + * - If A >= 0, the expression is true for any value of epsilon. | |
93 + * - If A <= -1, the expression is also true for any value of epsilon. | |
94 + * | |
95 + * In other words, this is equivalent to 'A >= 0', or: | |
96 + * (num_items * LOAD_MULT / num_nodes) >= up_load | |
97 + */ | |
98 +#define LH_SHOULD_EXPAND(lh) \ | |
99 + ((lh)->num_items < MAX_LOAD_ITEMS && \ | |
100 + (((lh)->num_items*LH_LOAD_MULT/(lh)->num_nodes) >= (lh)->up_load)) | |
101 + | |
102 +/* This macro returns 1 if the hash table should be contracted due to its | |
103 + * current load, or 0 otherwise. Abbreviated computations are: | |
104 + * | |
105 + * (num_items // num_nodes) <= (down_load // LOAD_MULT) | |
106 + * (num_items * LOAD_MULT // num_nodes) <= down_load | |
107 + * (num_items * LOAD_MULT / num_nodes) + epsilon <= down_load | |
108 + * (num_items * LOAD_MULT / num_nodes) - down_load <= -epsilon | |
109 + * | |
110 + * Let's call 'B' the left-hand side of the equation above: | |
111 + * - If B <= -1, the expression is true for any value of epsilon. | |
112 + * - If B >= 1, the expression is false for any value of epsilon. | |
113 + * - If B == 0, the expression is true for 'epsilon == 0', and false | |
114 + * otherwise, which is problematic. | |
115 + * | |
116 + * To work around this problem, while keeping the code simple, just change | |
117 + * the initial expression to use a strict inequality, i.e.: | |
118 + * | |
119 + * (num_items // num_nodes) < (down_load // LOAD_MULT) | |
120 + * | |
121 + * Which leads to: | |
122 + * (num_items * LOAD_MULT / num_nodes) - down_load < -epsilon | |
123 + * | |
124 + * Then: | |
125 + * - If 'B <= -1', the expression is true for any value of epsilon. | |
126 + * - If 'B' >= 0, the expression is false for any value of epsilon, | |
127 + * | |
128 + * In other words, this is equivalent to 'B < 0', or: | |
129 + * (num_items * LOAD_MULT / num_nodes) < down_load | |
130 + */ | |
131 +#define LH_SHOULD_CONTRACT(lh) \ | |
132 + (((lh)->num_nodes > MIN_NODES) && \ | |
133 + ((lh)->num_items < MAX_LOAD_ITEMS && \ | |
134 + ((lh)->num_items*LH_LOAD_MULT/(lh)->num_nodes) < (lh)->down_load)) | |
135 + | |
136 static void expand(_LHASH *lh); | |
137 static void contract(_LHASH *lh); | |
138 static LHASH_NODE **getrn(_LHASH *lh, const void *data, unsigned long *rhash); | |
139 @@ -147,6 +255,7 @@ | |
140 ret->num_hash_comps=0; | |
141 | |
142 ret->error=0; | |
143 + LH_ITERATION_RESET(ret); | |
144 return(ret); | |
145 err1: | |
146 OPENSSL_free(ret); | |
147 @@ -183,7 +292,10 @@ | |
148 void *ret; | |
149 | |
150 lh->error=0; | |
151 - if (lh->up_load <= (lh->num_items*LH_LOAD_MULT/lh->num_nodes)) | |
152 + /* Do not expand the array if the table is being iterated on. */ | |
153 + if (LH_ITERATION_IS_ACTIVE(lh)) | |
154 + LH_ITERATION_SET_MUTATED(lh); | |
155 + else if (LH_SHOULD_EXPAND(lh)) | |
156 expand(lh); | |
157 | |
158 rn=getrn(lh,data,&hash); | |
159 @@ -238,8 +350,10 @@ | |
160 } | |
161 | |
162 lh->num_items--; | |
163 - if ((lh->num_nodes > MIN_NODES) && | |
164 - (lh->down_load >= (lh->num_items*LH_LOAD_MULT/lh->num_nodes))) | |
165 + /* Do not contract the array if the table is being iterated on. */ | |
166 + if (LH_ITERATION_IS_ACTIVE(lh)) | |
167 + LH_ITERATION_SET_MUTATED(lh); | |
168 + else if (LH_SHOULD_CONTRACT(lh)) | |
169 contract(lh); | |
170 | |
171 return(ret); | |
172 @@ -276,6 +390,7 @@ | |
173 if (lh == NULL) | |
174 return; | |
175 | |
176 + LH_ITERATION_INCREMENT_DEPTH(lh); | |
177 /* reverse the order so we search from 'top to bottom' | |
178 * We were having memory leaks otherwise */ | |
179 for (i=lh->num_nodes-1; i>=0; i--) | |
180 @@ -283,10 +398,7 @@ | |
181 a=lh->b[i]; | |
182 while (a != NULL) | |
183 { | |
184 - /* 28/05/91 - eay - n added so items can be deleted | |
185 - * via lh_doall */ | |
186 - /* 22/05/08 - ben - eh? since a is not passed, | |
187 - * this should not be needed */ | |
188 + /* note that 'a' can be deleted by the callback */ | |
189 n=a->next; | |
190 if(use_arg) | |
191 func_arg(a->data,arg); | |
192 @@ -295,6 +407,19 @@ | |
193 a=n; | |
194 } | |
195 } | |
196 + | |
197 + LH_ITERATION_DECREMENT_DEPTH(lh); | |
198 + if (!LH_ITERATION_IS_ACTIVE(lh) && LH_ITERATION_IS_MUTATED(lh)) | |
199 + { | |
200 + LH_ITERATION_RESET(lh); | |
201 + /* Resize the buckets array if necessary. Each expand() or | |
202 + * contract() call will double/halve the size of the array, | |
203 + * respectively, so call them in a loop. */ | |
204 + while (LH_SHOULD_EXPAND(lh)) | |
205 + expand(lh); | |
206 + while (LH_SHOULD_CONTRACT(lh)) | |
207 + contract(lh); | |
208 + } | |
209 } | |
210 | |
211 void lh_doall(_LHASH *lh, LHASH_DOALL_FN_TYPE func) | |
212 diff -burN android-openssl.orig/crypto/lhash/lhash.h android-openssl-lhash/crypt
o/lhash/lhash.h | |
213 --- android-openssl.orig/crypto/lhash/lhash.h 2013-02-11 10:26:04.000000000 -0
500 | |
214 +++ android-openssl-lhash/crypto/lhash/lhash.h 2013-11-05 14:16:49.500027656 -0
500 | |
215 @@ -163,6 +163,7 @@ | |
216 unsigned long num_hash_comps; | |
217 | |
218 int error; | |
219 + int iteration_state; | |
220 } _LHASH; /* Do not use _LHASH directly, use LHASH_OF | |
221 * and friends */ | |
222 | |
223 diff -burN android-openssl.orig/crypto/objects/o_names.c android-openssl-lhash/c
rypto/objects/o_names.c | |
224 --- android-openssl.orig/crypto/objects/o_names.c 2013-02-11 10:26:04.0000
00000 -0500 | |
225 +++ android-openssl-lhash/crypto/objects/o_names.c 2013-11-05 14:16:49.5000
27656 -0500 | |
226 @@ -350,13 +350,9 @@ | |
227 | |
228 void OBJ_NAME_cleanup(int type) | |
229 { | |
230 - unsigned long down_load; | |
231 - | |
232 if (names_lh == NULL) return; | |
233 | |
234 free_type=type; | |
235 - down_load=lh_OBJ_NAME_down_load(names_lh); | |
236 - lh_OBJ_NAME_down_load(names_lh)=0; | |
237 | |
238 lh_OBJ_NAME_doall(names_lh,LHASH_DOALL_FN(names_lh_free)); | |
239 if (type < 0) | |
240 @@ -366,7 +362,5 @@ | |
241 names_lh=NULL; | |
242 name_funcs_stack = NULL; | |
243 } | |
244 - else | |
245 - lh_OBJ_NAME_down_load(names_lh)=down_load; | |
246 } | |
247 | |
248 diff -burN android-openssl.orig/crypto/objects/obj_dat.c android-openssl-lhash/c
rypto/objects/obj_dat.c | |
249 --- android-openssl.orig/crypto/objects/obj_dat.c 2013-02-11 10:26:04.0000
00000 -0500 | |
250 +++ android-openssl-lhash/crypto/objects/obj_dat.c 2013-11-05 14:16:49.5000
27656 -0500 | |
251 @@ -227,7 +227,6 @@ | |
252 return ; | |
253 } | |
254 if (added == NULL) return; | |
255 - lh_ADDED_OBJ_down_load(added) = 0; | |
256 lh_ADDED_OBJ_doall(added,LHASH_DOALL_FN(cleanup1)); /* zero counters */ | |
257 lh_ADDED_OBJ_doall(added,LHASH_DOALL_FN(cleanup2)); /* set counters */ | |
258 lh_ADDED_OBJ_doall(added,LHASH_DOALL_FN(cleanup3)); /* free objects */ | |
259 diff -burN android-openssl.orig/include/openssl/lhash.h android-openssl-lhash/in
clude/openssl/lhash.h | |
260 --- android-openssl.orig/include/openssl/lhash.h 2013-11-05 14:11:20.9032
23251 -0500 | |
261 +++ android-openssl-lhash/include/openssl/lhash.h 2013-11-05 14:16:49.5000
27656 -0500 | |
262 @@ -163,6 +163,7 @@ | |
263 unsigned long num_hash_comps; | |
264 | |
265 int error; | |
266 + int iteration_state; | |
267 } _LHASH; /* Do not use _LHASH directly, use LHASH_OF | |
268 * and friends */ | |
269 | |
270 diff -burN android-openssl.orig/include/openssl/ssl.h android-openssl-lhash/incl
ude/openssl/ssl.h | |
271 --- android-openssl.orig/include/openssl/ssl.h 2013-11-05 14:11:21.013222124 -0
500 | |
272 +++ android-openssl-lhash/include/openssl/ssl.h 2013-11-05 14:16:49.500027656 -0
500 | |
273 @@ -1681,10 +1681,10 @@ | |
274 SSL_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh) | |
275 | |
276 /* SSL_enable_tls_channel_id either configures a TLS server to accept TLS clien
t | |
277 - * IDs from clients, or configure a client to send TLS client IDs to server. | |
278 + * IDs from clients, or configures a client to send TLS client IDs to server. | |
279 * Returns 1 on success. */ | |
280 -#define SSL_enable_tls_channel_id(s) \ | |
281 - SSL_ctrl(s,SSL_CTRL_CHANNEL_ID,0,NULL) | |
282 +#define SSL_enable_tls_channel_id(ssl) \ | |
283 + SSL_ctrl(ssl,SSL_CTRL_CHANNEL_ID,0,NULL) | |
284 /* SSL_set1_tls_channel_id configures a TLS client to send a TLS Channel ID to | |
285 * compatible servers. private_key must be a P-256 EVP_PKEY*. Returns 1 on | |
286 * success. */ | |
287 diff -burN android-openssl.orig/ssl/ssl.h android-openssl-lhash/ssl/ssl.h | |
288 --- android-openssl.orig/ssl/ssl.h 2013-11-05 14:11:18.363249269 -0500 | |
289 +++ android-openssl-lhash/ssl/ssl.h 2013-11-05 14:16:49.510027563 -0500 | |
290 @@ -1681,10 +1681,10 @@ | |
291 SSL_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh) | |
292 | |
293 /* SSL_enable_tls_channel_id either configures a TLS server to accept TLS clien
t | |
294 - * IDs from clients, or configure a client to send TLS client IDs to server. | |
295 + * IDs from clients, or configures a client to send TLS client IDs to server. | |
296 * Returns 1 on success. */ | |
297 -#define SSL_enable_tls_channel_id(s) \ | |
298 - SSL_ctrl(s,SSL_CTRL_CHANNEL_ID,0,NULL) | |
299 +#define SSL_enable_tls_channel_id(ssl) \ | |
300 + SSL_ctrl(ssl,SSL_CTRL_CHANNEL_ID,0,NULL) | |
301 /* SSL_set1_tls_channel_id configures a TLS client to send a TLS Channel ID to | |
302 * compatible servers. private_key must be a P-256 EVP_PKEY*. Returns 1 on | |
303 * success. */ | |
304 diff -burN android-openssl.orig/ssl/ssl_sess.c android-openssl-lhash/ssl/ssl_ses
s.c | |
305 --- android-openssl.orig/ssl/ssl_sess.c 2013-11-05 14:11:18.363249269 -0500 | |
306 +++ android-openssl-lhash/ssl/ssl_sess.c 2013-11-05 14:16:49.510027563 -0
500 | |
307 @@ -999,11 +999,8 @@ | |
308 if (tp.cache == NULL) return; | |
309 tp.time=t; | |
310 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); | |
311 - i=CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load; | |
312 - CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load=0; | |
313 lh_SSL_SESSION_doall_arg(tp.cache, LHASH_DOALL_ARG_FN(timeout), | |
314 TIMEOUT_PARAM, &tp); | |
315 - CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load=i; | |
316 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); | |
317 } | |
318 | |
OLD | NEW |