wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

ex_data part 2: doc fixes and CRYPTO_free_ex_index.

Browse source 
Add CRYPTO_free_ex_index (for shared libraries)
Unify and complete the documentation for all "ex_data" API's and objects.
Replace xxx_get_ex_new_index functions with a macro.
Added an exdata test.
Renamed the ex_data internal datatypes.

Reviewed-by: Matt Caswell <matt@openssl.org>
This commit is contained in:
Rich Salz 2015-07-21 10:06:03 -04:00 committed by Rich Salz
parent d59c7c81e3
commit e6390acac9
50 changed files with 537 additions and 788 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
CHANGES
View file

@ -151,6 +151,10 @@
output file readable only by the owner. This behavior change might
be noticeable when interacting with other software.
*) Documented all exdata functions. Added CRYPTO_free_ex_index.
Added a test.
[Rich Salz]
*) Added HTTP GET support to the ocsp command.
[Rich Salz]

7
crypto/bio/bio_lib.c
View file

@ -561,13 +561,6 @@ void BIO_copy_next_retry(BIO *b)
b->retry_reason = b->next_bio->retry_reason;
}
int BIO_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
{
return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_BIO, argl, argp,
new_func, dup_func, free_func);
}
int BIO_set_ex_data(BIO *bio, int idx, void *data)
{
return (CRYPTO_set_ex_data(&(bio->ex_data), idx, data));

3
crypto/cpt_err.c
View file

@ -78,8 +78,9 @@ static ERR_STRING_DATA CRYPTO_str_functs[] = {
{ERR_FUNC(CRYPTO_F_CRYPTO_NEW_EX_DATA), "CRYPTO_new_ex_data"},
{ERR_FUNC(CRYPTO_F_CRYPTO_SET_EX_DATA), "CRYPTO_set_ex_data"},
{ERR_FUNC(CRYPTO_F_DEF_ADD_INDEX), "DEF_ADD_INDEX"},
{ERR_FUNC(CRYPTO_F_DEF_GET_CLASS), "def_get_class"},
{ERR_FUNC(CRYPTO_F_DEF_GET_CLASS), "DEF_GET_CLASS"},
{ERR_FUNC(CRYPTO_F_FIPS_MODE_SET), "FIPS_mode_set"},
{ERR_FUNC(CRYPTO_F_GET_AND_LOCK), "get_and_lock"},
{ERR_FUNC(CRYPTO_F_INT_DUP_EX_DATA), "INT_DUP_EX_DATA"},
{ERR_FUNC(CRYPTO_F_INT_FREE_EX_DATA), "INT_FREE_EX_DATA"},
{ERR_FUNC(CRYPTO_F_INT_NEW_EX_DATA), "INT_NEW_EX_DATA"},

7
crypto/dh/dh_lib.c
View file

@ -205,13 +205,6 @@ int DH_up_ref(DH *r)
return ((i > 1) ? 1 : 0);
}
int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
{
return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DH, argl, argp,
new_func, dup_func, free_func);
}
int DH_set_ex_data(DH *d, int idx, void *arg)
{
return (CRYPTO_set_ex_data(&d->ex_data, idx, arg));

7
crypto/dsa/dsa_lib.c
View file

@ -234,13 +234,6 @@ int DSA_size(const DSA *r)
return (ret);
}
int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
{
return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DSA, argl, argp,
new_func, dup_func, free_func);
}
int DSA_set_ex_data(DSA *d, int idx, void *arg)
{
return (CRYPTO_set_ex_data(&d->ex_data, idx, arg));

7
crypto/ecdh/ech_lib.c
View file

@ -200,13 +200,6 @@ ECDH_DATA *ecdh_check(EC_KEY *key)
return ecdh_data;
}
int ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
{
return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ECDH, argl, argp,
new_func, dup_func, free_func);
}
int ECDH_set_ex_data(EC_KEY *d, int idx, void *arg)
{
ECDH_DATA *ecdh;

7
crypto/ecdsa/ecs_lib.c
View file

@ -222,13 +222,6 @@ int ECDSA_size(const EC_KEY *r)
return (ret);
}
int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
{
return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ECDSA, argl, argp,
new_func, dup_func, free_func);
}
int ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg)
{
ECDSA_DATA *ecdsa;

8
crypto/engine/eng_lib.c
View file

@ -212,14 +212,6 @@ void ENGINE_cleanup(void)
/* Now the "ex_data" support */
int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func,
CRYPTO_EX_free *free_func)
{
return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ENGINE, argl, argp,
new_func, dup_func, free_func);
}
int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg)
{
return (CRYPTO_set_ex_data(&e->ex_data, idx, arg));

141
crypto/ex_data.c
View file

@ -112,48 +112,53 @@
#include <openssl/lhash.h>
typedef struct {
/*
* Each structure type (sometimes called a class), that supports
* exdata has a stack of callbacks for each instance.
*/
typedef struct ex_callback_st {
long argl; /* Arbitary long */
void *argp; /* Arbitary void * */
CRYPTO_EX_new *new_func;
CRYPTO_EX_free *free_func;
CRYPTO_EX_dup *dup_func;
} CRYPTO_EX_DATA_FUNCS;
} EX_CALLBACK;
DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS)
DECLARE_STACK_OF(EX_CALLBACK)
/*
* State for each class; could just be a typedef, but this allows future
* changes.
* The state for each class. This could just be a typedef, but
* a structure allows future changes.
*/
typedef struct {
STACK_OF(CRYPTO_EX_DATA_FUNCS) *meth;
} EX_CLASS_ITEM;
typedef struct ex_callbacks_st {
STACK_OF(EX_CALLBACK) *meth;
} EX_CALLBACKS;
static EX_CLASS_ITEM ex_data[CRYPTO_EX_INDEX__COUNT];
static EX_CALLBACKS ex_data[CRYPTO_EX_INDEX__COUNT];
/*
* Return the EX_CLASS_ITEM from the "ex_data" array that corresponds to
* Return the EX_CALLBACKS from the |ex_data| array that corresponds to
* a given class. On success, *holds the lock.*
*/
static EX_CLASS_ITEM *def_get_class(int class_index)
static EX_CALLBACKS *get_and_lock(int class_index)
{
EX_CLASS_ITEM *ip;
EX_CALLBACKS *ip;
if (class_index < 0 || class_index >= CRYPTO_EX_INDEX__COUNT) {
CRYPTOerr(CRYPTO_F_DEF_GET_CLASS, ERR_R_MALLOC_FAILURE);
CRYPTOerr(CRYPTO_F_GET_AND_LOCK, ERR_R_MALLOC_FAILURE);
return NULL;
}
ip = &ex_data[class_index];
CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA);
if (ip->meth == NULL) {
ip->meth = sk_CRYPTO_EX_DATA_FUNCS_new_null();
ip->meth = sk_EX_CALLBACK_new_null();
/* We push an initial value on the stack because the SSL
* "app_data" routines use ex_data index zero. See RT 3710. */
if (ip->meth == NULL
|| !sk_CRYPTO_EX_DATA_FUNCS_push(ip->meth, NULL)) {
CRYPTOerr(CRYPTO_F_DEF_GET_CLASS, ERR_R_MALLOC_FAILURE);
|| !sk_EX_CALLBACK_push(ip->meth, NULL)) {
CRYPTOerr(CRYPTO_F_GET_AND_LOCK, ERR_R_MALLOC_FAILURE);
CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA);
return NULL;
}
@ -161,7 +166,7 @@ static EX_CLASS_ITEM *def_get_class(int class_index)
return ip;
}
static void cleanup_cb(CRYPTO_EX_DATA_FUNCS *funcs)
static void cleanup_cb(EX_CALLBACK *funcs)
{
OPENSSL_free(funcs);
}
@ -177,27 +182,71 @@ void CRYPTO_cleanup_all_ex_data(void)
int i;
for (i = 0; i < CRYPTO_EX_INDEX__COUNT; ++i) {
EX_CLASS_ITEM *ip = &ex_data[i];
EX_CALLBACKS *ip = &ex_data[i];
sk_CRYPTO_EX_DATA_FUNCS_pop_free(ip->meth, cleanup_cb);
sk_EX_CALLBACK_pop_free(ip->meth, cleanup_cb);
ip->meth = NULL;
}
}
/*
* Inside an existing class, get/register a new index.
* Unregister a new index by replacing the callbacks with no-ops.
* Any in-use instances are leaked.
*/
static void dummy_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx,
long argl, void *argp)
{
}
static void dummy_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx,
long argl, void *argp)
{
}
static int dummy_dup(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from,
void *from_d, int idx,
long argl, void *argp)
{
return 0;
}
int CRYPTO_free_ex_index(int class_index, int idx)
{
EX_CALLBACKS *ip = get_and_lock(class_index);
EX_CALLBACK *a;
int toret = 0;
if (ip == NULL)
return 0;
if (idx < 0 || idx >= sk_EX_CALLBACK_num(ip->meth))
goto err;
a = sk_EX_CALLBACK_value(ip->meth, idx);
if (a == NULL)
goto err;
a->new_func = dummy_new;
a->dup_func = dummy_dup;
a->free_func = dummy_free;
toret = 1;
err:
CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA);
return toret;
}
/*
* Register a new index.
*/
int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp,
CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
CRYPTO_EX_free *free_func)
{
int toret = -1;
CRYPTO_EX_DATA_FUNCS *a;
EX_CLASS_ITEM *ip = def_get_class(class_index);
EX_CALLBACK *a;
EX_CALLBACKS *ip = get_and_lock(class_index);
if (!ip)
if (ip == NULL)
return -1;
a = (CRYPTO_EX_DATA_FUNCS *)OPENSSL_malloc(sizeof(*a));
a = (EX_CALLBACK *)OPENSSL_malloc(sizeof(*a));
if (a == NULL) {
CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX, ERR_R_MALLOC_FAILURE);
goto err;
@ -208,13 +257,13 @@ int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp,
a->dup_func = dup_func;
a->free_func = free_func;
if (!sk_CRYPTO_EX_DATA_FUNCS_push(ip->meth, NULL)) {
if (!sk_EX_CALLBACK_push(ip->meth, NULL)) {
CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX, ERR_R_MALLOC_FAILURE);
OPENSSL_free(a);
goto err;
}
toret = sk_CRYPTO_EX_DATA_FUNCS_num(ip->meth) - 1;
(void)sk_CRYPTO_EX_DATA_FUNCS_set(ip->meth, toret, a);
toret = sk_EX_CALLBACK_num(ip->meth) - 1;
(void)sk_EX_CALLBACK_set(ip->meth, toret, a);
err:
CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA);
@ -224,7 +273,7 @@ int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp,
/*
* Initialise a new CRYPTO_EX_DATA for use in a particular class - including
* calling new() callbacks for each index in the class used by this variable
* Thread-safe by copying a class's array of "CRYPTO_EX_DATA_FUNCS" entries
* Thread-safe by copying a class's array of "EX_CALLBACK" entries
* in the lock, then using them outside the lock. Note this only applies
* to the global "ex_data" state (ie. class definitions), not 'ad' itself.
*/
@ -232,16 +281,16 @@ int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
{
int mx, i;
void *ptr;
CRYPTO_EX_DATA_FUNCS **storage = NULL;
CRYPTO_EX_DATA_FUNCS *stack[10];
EX_CLASS_ITEM *ip = def_get_class(class_index);
EX_CALLBACK **storage = NULL;
EX_CALLBACK *stack[10];
EX_CALLBACKS *ip = get_and_lock(class_index);
if (!ip)
if (ip == NULL)
return 0;
ad->sk = NULL;
mx = sk_CRYPTO_EX_DATA_FUNCS_num(ip->meth);
mx = sk_EX_CALLBACK_num(ip->meth);
if (mx > 0) {
if (mx < (int)OSSL_NELEM(stack))
storage = stack;
@ -249,7 +298,7 @@ int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
storage = OPENSSL_malloc(sizeof(*storage) * mx);
if (storage != NULL)
for (i = 0; i < mx; i++)
storage[i] = sk_CRYPTO_EX_DATA_FUNCS_value(ip->meth, i);
storage[i] = sk_EX_CALLBACK_value(ip->meth, i);
}
CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA);
@ -278,17 +327,17 @@ int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to,
{
int mx, j, i;
char *ptr;
CRYPTO_EX_DATA_FUNCS *stack[10];
CRYPTO_EX_DATA_FUNCS **storage = NULL;
EX_CLASS_ITEM *ip;
EX_CALLBACK *stack[10];
EX_CALLBACK **storage = NULL;
EX_CALLBACKS *ip;
if (from->sk == NULL)
/* Nothing to copy over */
return 1;
if ((ip = def_get_class(class_index)) == NULL)
if ((ip = get_and_lock(class_index)) == NULL)
return 0;
mx = sk_CRYPTO_EX_DATA_FUNCS_num(ip->meth);
mx = sk_EX_CALLBACK_num(ip->meth);
j = sk_void_num(from->sk);
if (j < mx)
mx = j;
@ -299,7 +348,7 @@ int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to,
storage = OPENSSL_malloc(sizeof(*storage) * mx);
if (storage != NULL)
for (i = 0; i < mx; i++)
storage[i] = sk_CRYPTO_EX_DATA_FUNCS_value(ip->meth, i);
storage[i] = sk_EX_CALLBACK_value(ip->meth, i);
}
CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA);
@ -328,15 +377,15 @@ int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to,
void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
{
int mx, i;
EX_CLASS_ITEM *ip;
EX_CALLBACKS *ip;
void *ptr;
CRYPTO_EX_DATA_FUNCS *stack[10];
CRYPTO_EX_DATA_FUNCS **storage = NULL;
EX_CALLBACK *stack[10];
EX_CALLBACK **storage = NULL;
if ((ip = def_get_class(class_index)) == NULL)
if ((ip = get_and_lock(class_index)) == NULL)
return;
mx = sk_CRYPTO_EX_DATA_FUNCS_num(ip->meth);
mx = sk_EX_CALLBACK_num(ip->meth);
if (mx > 0) {
if (mx < (int)OSSL_NELEM(stack))
storage = stack;
@ -344,7 +393,7 @@ void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
storage = OPENSSL_malloc(sizeof(*storage) * mx);
if (storage != NULL)
for (i = 0; i < mx; i++)
storage[i] = sk_CRYPTO_EX_DATA_FUNCS_value(ip->meth, i);
storage[i] = sk_EX_CALLBACK_value(ip->meth, i);
}
CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA);

7
crypto/rsa/rsa_lib.c
View file

@ -234,13 +234,6 @@ int RSA_up_ref(RSA *r)
return ((i > 1) ? 1 : 0);
}
int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
{
return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_RSA, argl, argp,
new_func, dup_func, free_func);
}
int RSA_set_ex_data(RSA *r, int idx, void *arg)
{
return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));

7
crypto/store/str_lib.c
View file

@ -187,13 +187,6 @@ int STORE_ctrl(STORE *store, int cmd, long i, void *p, void (*f) (void))
return 0;
}
int STORE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
{
return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_STORE, argl, argp,
new_func, dup_func, free_func);
}
int STORE_set_ex_data(STORE *r, int idx, void *arg)
{
return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));

7
crypto/ui/ui_lib.c
View file

@ -536,13 +536,6 @@ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f) (void))
return -1;
}
int UI_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
{
return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_UI, argl, argp,
new_func, dup_func, free_func);
}
int UI_set_ex_data(UI *r, int idx, void *arg)
{
return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));

13
crypto/x509/x509_vfy.c
View file

@ -2110,19 +2110,6 @@ X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer,
return NULL;
}
int X509_STORE_CTX_get_ex_new_index(long argl, void *argp,
CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func,
CRYPTO_EX_free *free_func)
{
/*
* This function is (usually) called only once, by
* SSL_get_ex_data_X509_STORE_CTX_idx (ssl/ssl_cert.c).
*/
return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE_CTX, argl, argp,
new_func, dup_func, free_func);
}
int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data)
{
return CRYPTO_set_ex_data(&ctx->ex_data, idx, data);

7
crypto/x509/x_x509.c
View file

@ -142,13 +142,6 @@ IMPLEMENT_ASN1_FUNCTIONS(X509)
IMPLEMENT_ASN1_DUP_FUNCTION(X509)
int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
{
return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509, argl, argp,
new_func, dup_func, free_func);
}
int X509_set_ex_data(X509 *r, int idx, void *arg)
{
return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));

45
doc/crypto/BIO_get_ex_new_index.pod Normal file
View file

@ -0,0 +1,45 @@
=pod
=head1 NAME
BIO_get_ex_new_index, BIO_set_ex_data, BIO_get_ex_data,
ENGINE_get_ex_new_index, ENGINE_set_ex_data, ENGINE_get_ex_data,
UI_get_ex_new_index, UI_set_ex_data, UI_get_ex_data,
X509_get_ex_new_index, X509_set_ex_data, X509_get_ex_data,
X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data,
X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data,
DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data,
DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data,
ECDH_get_ex_new_index, ECDH_set_ex_data, ECDH_get_ex_data,
ECDSA_get_ex_new_index, ECDSA_set_ex_data, ECDSA_get_ex_data,
RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data
- application-specific data
=head1 SYNOPSIS
The synopsis below is for the X509 structure, but is the same for all
crypto structures:
#include <openssl/x509.h>
int X509_get_ex_new_index(long argl, void *argp,
CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func,
CRYPTO_EX_free *free_func);
int X509_set_ex_data(X509 *d, int idx, void *arg);
void *X509_get_ex_data(X509 *d, int idx);
=head1 DESCRIPTION
These functions handle application-specific data for OpenSSL crypto
structures.
For details, see L<CRYPTO_get_ex_new_index(3)>.
=head1 SEE ALSO
L<CRYPTO_get_ex_new_index(3)>.
=cut

145
doc/crypto/CRYPTO_get_ex_new_index.pod Normal file
View file

@ -0,0 +1,145 @@
=pod
=head1 NAME
CRYPTO_free_ex_index, CRYPTO_get_ex_new_index, CRYPTO_set_ex_data,
CRYPTO_get_ex_data, CRYPTO_free_ex_data
- functions supporting application-specific data
=head1 SYNOPSIS
#include <openssl/crypto.h>
int CRYPTO_get_ex_new_index(int class_index,
long argl, void *argp,
CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func,
CRYPTO_EX_free *free_func);
typedef int CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
int idx, long argl, void *argp);
typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
int idx, long argl, void *argp);
typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from,
void *from_d, int idx, long argl, void *argp);
int CRYPTO_set_ex_data(CRYPTO_EX_DATA *r, int idx, void *arg);
void *CRYPTO_get_ex_data(CRYPTO_EX_DATA *r, int idx);
void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *r);
int CRYPTO_free_ex_index(int class_index, int idx);
=head1 DESCRIPTION
Several OpenSSL structures can have application-specific data attached to them,
known as "exdata."
The specific structures are:
SSL
SSL_CTX
SSL_SESSION
X509
X509_STORE
X509_STORE_CTX
DH
DSA
ECDH
ECDSA
RSA
ENGINE
UI
BIO
Each is identified by an B<CRYPTO_EX_INDEX_xxx> define in the B<crypto.h>
header file. In addition, B<CRYPTO_EX_INDEX_APP> is reserved for
applications to use this facility for their own structures.
The API described here is used by OpenSSL to manipulate exdata for specific
structures. Since the application data can be anything at all it is passed
and retrieved as a B<void *> type.
Exdata types are identified by an B<index>, an integer guaranteed to be
unique within structures for the lifetime of the program. Applications
using exdata typically call B<CRYPTO_get_ex_new_index> at startup, and
store the result in a global variable, or write a wrapper function to
provide lazy evaluation. The B<class_index> should be one of the
B<CRYPTO_EX_INDEX_xxx> values. The B<argl> and B<argp> parameters are saved
to be passed to the callbacks but are otherwise not used. In order to
transparently manipulate exdata, three callbacks must be provided. The
semantics of those callbacks are described below.
When copying or releasing objects with exdata, the callback functions
are called in increasing order of their B<index> value.
If a dynamic library can be unloaded, it should call CRYPTO_free_ex_index()
when this is done.
This will replace the callbacks with no-ops
so that applications don't crash. Any existing exdata will be leaked.
To set or get the exdata on an object, the appropriate type-specific
routine must be used. This is because the containing structure is opaque
and the B<CRYPTO_EX_DATA> field is not accessible. In both API's, the
B<idx> parameter should be an already-created index value.
When setting exdata, the pointer specified with a particular index is saved,
and returned on a subsequent "get" call. If the application is going to
release the data, it must make sure to set a B<NULL> value at the index,
to avoid likely double-free crash.
The function B<CRYPTO_free_ex_data> is used to free all exdata attached
to a structure. The appropriate type-specific routine must be used.
The B<class_index> identifies the structure type, the B<obj> is
be the pointer to the actual structure, and B<r> is a pointer to the
structure's exdata field.
=head2 Callback Functions
This section describes how the callback functions are used. Applications
that are defining their own exdata using B<CYPRTO_EX_INDEX_APP> must
call them as described here.
When a structure is initially allocated (such as RSA_new()) then the
new_func() is called for every defined index. There is no requirement
that the entire parent, or containing, structure has been set up.
The new_func() is typically used only to allocate memory to store the
exdata, and perhaps an "initialized" flag within that memory.
The exdata value should be set by calling CRYPTO_set_ex_data().
When a structure is free'd (such as SSL_CTX_free()) then the
free_func() is called for every defined index. Again, the state of the
parent structure is not guaranteed. The free_func() may be called with a
NULL pointer.
Both new_func() and free_func() take the same parameters.
The B<parent> is the pointer to the structure that contains the exdata.
The B<ptr> is the current exdata item; for new_func() this will typically
be NULL. The B<r> parameter is a pointer to the exdata field of the object.
The B<idx> is the index and is the value returned when the callbacks were
initially registered via CRYPTO_get_ex_new_index() and can be used if
the same callback handles different types of exdata.
dup_func() is called when a structure is being copied. This is only done
for B<SSL> and B<SSL_SESSION> objects. The B<to> and B<from> parameters
are pointers to the destination and source B<CRYPTO_EX_DATA> structures,
respectively. The B<srcp> parameter is a pointer to the source exdata.
When the dup_func() returns, the value in B<srcp> is copied to the
destination ex_data. If the pointer contained in B<srcp> is not modified,
then both B<to> and B<from> will point to the same data. The B<idx>,
B<argl> and B<argp> parameters are as described for the other two callbacks.
=head1 RETURN VALUES
CRYPTO_get_ex_new_index() returns a new index or -1 on failure; the
value B<0> is reserved for the legacy "app_data" API's.
CRYPTO_free_ex_index() and
CRYPTO_set_ex_data() return 1 on success or 0 on failure.
CRYPTO_get_ex_data() returns the application data or NULL on failure;
note that NULL may be a valid value.
dup_func() should return 0 for failure and 1 for success.
=cut

49
doc/crypto/CRYPTO_set_ex_data.pod
View file

@ -1,49 +0,0 @@
=pod
=head1 NAME
CRYPTO_set_ex_data, CRYPTO_get_ex_data - internal application specific data functions
=head1 SYNOPSIS
#include <openssl/crypto.h>
int CRYPTO_set_ex_data(CRYPTO_EX_DATA *r, int idx, void *arg);
void *CRYPTO_get_ex_data(CRYPTO_EX_DATA *r, int idx);
=head1 DESCRIPTION
Several OpenSSL structures can have application specific data attached to them.
These functions are used internally by OpenSSL to manipulate application
specific data attached to a specific structure.
These functions should only be used by applications to manipulate
B<CRYPTO_EX_DATA> structures passed to the new_func(), free_func() and
dup_func() callbacks: as passed to RSA_get_ex_new_index() for example.
CRYPTO_set_ex_data() is used to set application specific data, the data is
supplied in the B<arg> parameter and its precise meaning is up to the
application.
CRYPTO_get_ex_data() is used to retrieve application specific data. The data
is returned to the application, this will be the same value as supplied to
a previous CRYPTO_set_ex_data() call.
=head1 RETURN VALUES
CRYPTO_set_ex_data() returns 1 on success or 0 on failure.
CRYPTO_get_ex_data() returns the application data or 0 on failure. 0 may also
be valid application data but currently it can only fail if given an invalid B<idx>
parameter.
On failure an error code can be obtained from L<ERR_get_error(3)>.
=head1 SEE ALSO
L<RSA_get_ex_new_index(3)>,
L<DSA_get_ex_new_index(3)>,
L<DH_get_ex_new_index(3)>
=cut

31
doc/crypto/DH_get_ex_new_index.pod
View file

@ -1,31 +0,0 @@
=pod
=head1 NAME
DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data - add application specific data to DH structures
=head1 SYNOPSIS
#include <openssl/dh.h>
int DH_get_ex_new_index(long argl, void *argp,
CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func,
CRYPTO_EX_free *free_func);
int DH_set_ex_data(DH *d, int idx, void *arg);
char *DH_get_ex_data(DH *d, int idx);
=head1 DESCRIPTION
These functions handle application specific data in DH
structures. Their usage is identical to that of
RSA_get_ex_new_index(), RSA_set_ex_data() and RSA_get_ex_data()
as described in L<RSA_get_ex_new_index(3)>.
=head1 SEE ALSO
L<RSA_get_ex_new_index(3)>, L<dh(3)>
=cut

31
doc/crypto/DSA_get_ex_new_index.pod
View file

@ -1,31 +0,0 @@
=pod
=head1 NAME
DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data - add application specific data to DSA structures
=head1 SYNOPSIS
#include <openssl/dsa.h>
int DSA_get_ex_new_index(long argl, void *argp,
CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func,
CRYPTO_EX_free *free_func);
int DSA_set_ex_data(DSA *d, int idx, void *arg);
char *DSA_get_ex_data(DSA *d, int idx);
=head1 DESCRIPTION
These functions handle application specific data in DSA
structures. Their usage is identical to that of
RSA_get_ex_new_index(), RSA_set_ex_data() and RSA_get_ex_data()
as described in L<RSA_get_ex_new_index(3)>.
=head1 SEE ALSO
L<RSA_get_ex_new_index(3)>, L<dsa(3)>
=cut

115
doc/crypto/RSA_get_ex_new_index.pod
View file

@ -1,115 +0,0 @@
=pod
=head1 NAME
RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - add application specific data to RSA structures
=head1 SYNOPSIS
#include <openssl/rsa.h>
int RSA_get_ex_new_index(long argl, void *argp,
CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func,
CRYPTO_EX_free *free_func);
int RSA_set_ex_data(RSA *r, int idx, void *arg);
void *RSA_get_ex_data(RSA *r, int idx);
typedef int CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
int idx, long argl, void *argp);
typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
int idx, long argl, void *argp);
typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d,
int idx, long argl, void *argp);
=head1 DESCRIPTION
Several OpenSSL structures can have application specific data attached to them.
This has several potential uses, it can be used to cache data associated with
a structure (for example the hash of some part of the structure) or some
additional data (for example a handle to the data in an external library).
Since the application data can be anything at all it is passed and retrieved
as a B<void *> type.
The RSA_get_ex_new_index() function is initially called to "register" some
new application specific data. It takes three optional function pointers which
are called when the parent structure (in this case an RSA structure) is
initially created, when it is copied and when it is freed up. If any or all of
these function pointer arguments are not used they should be set to NULL. The
precise manner in which these function pointers are called is described in more
detail below. RSA_get_ex_new_index() also takes additional long and pointer
parameters which will be passed to the supplied functions but which otherwise
have no special meaning. It returns an B<index> which should be stored
(typically in a static variable) and passed used in the B<idx> parameter in
the remaining functions. Each successful call to RSA_get_ex_new_index()
will return an index greater than any previously returned, this is important
because the optional functions are called in order of increasing index value.
RSA_set_ex_data() is used to set application specific data, the data is
supplied in the B<arg> parameter and its precise meaning is up to the
application.
RSA_get_ex_data() is used to retrieve application specific data. The data
is returned to the application, this will be the same value as supplied to
a previous RSA_set_ex_data() call.
new_func() is called when a structure is initially allocated (for example
with RSA_new(). The parent structure members will not have any meaningful
values at this point. This function will typically be used to allocate any
application specific structure.
free_func() is called when a structure is being freed up. The dynamic parent
structure members should not be accessed because they will be freed up when
this function is called.
new_func() and free_func() take the same parameters. B<parent> is a
pointer to the parent RSA structure. B<ptr> is a the application specific data
(this wont be of much use in new_func(). B<ad> is a pointer to the
B<CRYPTO_EX_DATA> structure from the parent RSA structure: the functions
CRYPTO_get_ex_data() and CRYPTO_set_ex_data() can be called to manipulate
it. The B<idx> parameter is the index: this will be the same value returned by
RSA_get_ex_new_index() when the functions were initially registered. Finally
the B<argl> and B<argp> parameters are the values originally passed to the same
corresponding parameters when RSA_get_ex_new_index() was called.
dup_func() is called when a structure is being copied. Pointers to the
destination and source B<CRYPTO_EX_DATA> structures are passed in the B<to> and
B<from> parameters respectively. The B<from_d> parameter is passed a pointer to
the source application data when the function is called, when the function returns
the value is copied to the destination: the application can thus modify the data
pointed to by B<from_d> and have different values in the source and destination.
The B<idx>, B<argl> and B<argp> parameters are the same as those in new_func()
and free_func().
=head1 RETURN VALUES
RSA_get_ex_new_index() returns a new index or -1 on failure (note 0 is a valid
index value).
RSA_set_ex_data() returns 1 on success or 0 on failure.
RSA_get_ex_data() returns the application data or 0 on failure. 0 may also
be valid application data but currently it can only fail if given an invalid B<idx>
parameter.
new_func() and dup_func() should return 0 for failure and 1 for success.
On failure an error code can be obtained from L<ERR_get_error(3)>.
=head1 BUGS
dup_func() is currently never called.
The return value of new_func() is ignored.
The new_func() function isn't very useful because no meaningful values are
present in the parent RSA structure when it is called.
=head1 SEE ALSO
L<rsa(3)>, L<CRYPTO_set_ex_data(3)>
=cut

36
doc/crypto/X509_STORE_CTX_get_ex_new_index.pod
View file

@ -1,36 +0,0 @@
=pod
=head1 NAME
X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data - add application specific data to X509_STORE_CTX structures
=head1 SYNOPSIS
#include <openssl/x509_vfy.h>
int X509_STORE_CTX_get_ex_new_index(long argl, void *argp,
CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func,
CRYPTO_EX_free *free_func);
int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *d, int idx, void *arg);
void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *d, int idx);
=head1 DESCRIPTION
These functions handle application specific data in X509_STORE_CTX structures.
Their usage is identical to that of RSA_get_ex_new_index(), RSA_set_ex_data()
and RSA_get_ex_data() as described in L<RSA_get_ex_new_index(3)>.
=head1 NOTES
This mechanism is used internally by the B<ssl> library to store the B<SSL>
structure associated with a verification operation in an B<X509_STORE_CTX>
structure.
=head1 SEE ALSO
L<RSA_get_ex_new_index(3)>
=cut

5
doc/crypto/dh.pod
View file

@ -25,11 +25,6 @@ dh - Diffie-Hellman key agreement
DH *DH_new_method(ENGINE *engine);
const DH_METHOD *DH_OpenSSL(void);
int DH_get_ex_new_index(long argl, char *argp, int (*new_func)(),
int (*dup_func)(), void (*free_func)());
int DH_set_ex_data(DH *d, int idx, char *arg);
char *DH_get_ex_data(DH *d, int idx);
DH * d2i_DHparams(DH **a, unsigned char **pp, long length);
int i2d_DHparams(const DH *a, unsigned char **pp);

5
doc/crypto/dsa.pod
View file

@ -35,11 +35,6 @@ dsa - Digital Signature Algorithm
DSA *DSA_new_method(ENGINE *engine);
const DSA_METHOD *DSA_OpenSSL(void);
int DSA_get_ex_new_index(long argl, char *argp, int (*new_func)(),
int (*dup_func)(), void (*free_func)());
int DSA_set_ex_data(DSA *d, int idx, char *arg);
char *DSA_get_ex_data(DSA *d, int idx);
DSA_SIG *DSA_SIG_new(void);
void DSA_SIG_free(DSA_SIG *a);
int i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp);

7
doc/crypto/ecdsa.pod
View file

@ -40,13 +40,6 @@ ECDSA_SIG_new, ECDSA_SIG_free, i2d_ECDSA_SIG, d2i_ECDSA_SIG, ECDSA_size, ECDSA_s
const ECDSA_METHOD* ECDSA_get_default_method(void);
int ECDSA_set_method(EC_KEY *eckey,const ECDSA_METHOD *meth);
int ECDSA_get_ex_new_index(long argl, void *argp,
CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func,
CRYPTO_EX_free *free_func);
int ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg);
void* ECDSA_get_ex_data(EC_KEY *d, int idx);
=head1 DESCRIPTION
The B<ECDSA_SIG> structure consists of two BIGNUMs for the

6
doc/crypto/engine.pod
View file

@ -94,12 +94,6 @@ engine - ENGINE cryptographic module support
int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
int cmd_optional);
int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg);
void *ENGINE_get_ex_data(const ENGINE *e, int idx);
int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
ENGINE *ENGINE_new(void);
int ENGINE_free(ENGINE *e);
int ENGINE_up_ref(ENGINE *e);

5
doc/crypto/rsa.pod
View file

@ -46,11 +46,6 @@ rsa - RSA public key cryptosystem
int RSA_print(BIO *bp, RSA *x, int offset);
int RSA_print_fp(FILE *fp, RSA *x, int offset);
int RSA_get_ex_new_index(long argl, char *argp, int (*new_func)(),
int (*dup_func)(), void (*free_func)());
int RSA_set_ex_data(RSA *r,int idx,char *arg);
char *RSA_get_ex_data(RSA *r, int idx);
int RSA_sign_ASN1_OCTET_STRING(int dummy, unsigned char *m,
unsigned int m_len, unsigned char *sigret, unsigned int *siglen,
RSA *rsa);

53
doc/ssl/SSL_CTX_get_ex_new_index.pod
View file

@ -1,53 +0,0 @@
=pod
=head1 NAME
SSL_CTX_get_ex_new_index, SSL_CTX_set_ex_data, SSL_CTX_get_ex_data - internal application specific data functions
=head1 SYNOPSIS
#include <openssl/ssl.h>
int SSL_CTX_get_ex_new_index(long argl, void *argp,
CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func,
CRYPTO_EX_free *free_func);
int SSL_CTX_set_ex_data(SSL_CTX *ctx, int idx, void *arg);
void *SSL_CTX_get_ex_data(const SSL_CTX *ctx, int idx);
typedef int new_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
int idx, long argl, void *argp);
typedef void free_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
int idx, long argl, void *argp);
typedef int dup_func(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d,
int idx, long argl, void *argp);
=head1 DESCRIPTION
Several OpenSSL structures can have application specific data attached to them.
These functions are used internally by OpenSSL to manipulate application
specific data attached to a specific structure.
SSL_CTX_get_ex_new_index() is used to register a new index for application
specific data.
SSL_CTX_set_ex_data() is used to store application data at B<arg> for B<idx>
into the B<ctx> object.
SSL_CTX_get_ex_data() is used to retrieve the information for B<idx> from
B<ctx>.
A detailed description for the B<*_get_ex_new_index()> functionality
can be found in L<RSA_get_ex_new_index(3)>.
The B<*_get_ex_data()> and B<*_set_ex_data()> functionality is described in
L<CRYPTO_set_ex_data(3)>.
=head1 SEE ALSO
L<ssl(3)>,
L<RSA_get_ex_new_index(3)>,
L<CRYPTO_set_ex_data(3)>
=cut

61
doc/ssl/SSL_SESSION_get_ex_new_index.pod
View file

@ -1,61 +0,0 @@
=pod
=head1 NAME
SSL_SESSION_get_ex_new_index, SSL_SESSION_set_ex_data, SSL_SESSION_get_ex_data - internal application specific data functions
=head1 SYNOPSIS
#include <openssl/ssl.h>
int SSL_SESSION_get_ex_new_index(long argl, void *argp,
CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func,
CRYPTO_EX_free *free_func);
int SSL_SESSION_set_ex_data(SSL_SESSION *session, int idx, void *arg);
void *SSL_SESSION_get_ex_data(const SSL_SESSION *session, int idx);
typedef int new_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
int idx, long argl, void *argp);
typedef void free_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
int idx, long argl, void *argp);
typedef int dup_func(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d,
int idx, long argl, void *argp);
=head1 DESCRIPTION
Several OpenSSL structures can have application specific data attached to them.
These functions are used internally by OpenSSL to manipulate application
specific data attached to a specific structure.
SSL_SESSION_get_ex_new_index() is used to register a new index for application
specific data.
SSL_SESSION_set_ex_data() is used to store application data at B<arg> for B<idx>
into the B<session> object.
SSL_SESSION_get_ex_data() is used to retrieve the information for B<idx> from
B<session>.
A detailed description for the B<*_get_ex_new_index()> functionality
can be found in L<RSA_get_ex_new_index(3)>.
The B<*_get_ex_data()> and B<*_set_ex_data()> functionality is described in
L<CRYPTO_set_ex_data(3)>.
=head1 WARNINGS
The application data is only maintained for sessions held in memory. The
application data is not included when dumping the session with
i2d_SSL_SESSION() (and all functions indirectly calling the dump functions
like PEM_write_SSL_SESSION() and PEM_write_bio_SSL_SESSION()) and can
therefore not be restored.
=head1 SEE ALSO
L<ssl(3)>,
L<RSA_get_ex_new_index(3)>,
L<CRYPTO_set_ex_data(3)>
=cut

61
doc/ssl/SSL_get_ex_data_X509_STORE_CTX_idx.pod
View file

@ -1,61 +0,0 @@
=pod
=head1 NAME
SSL_get_ex_data_X509_STORE_CTX_idx - get ex_data index to access SSL structure
from X509_STORE_CTX
=head1 SYNOPSIS
#include <openssl/ssl.h>
int SSL_get_ex_data_X509_STORE_CTX_idx(void);
=head1 DESCRIPTION
SSL_get_ex_data_X509_STORE_CTX_idx() returns the index number under which
the pointer to the SSL object is stored into the X509_STORE_CTX object.
=head1 NOTES
Whenever a X509_STORE_CTX object is created for the verification of the
peers certificate during a handshake, a pointer to the SSL object is
stored into the X509_STORE_CTX object to identify the connection affected.
To retrieve this pointer the X509_STORE_CTX_get_ex_data() function can
be used with the correct index. This index is globally the same for all
X509_STORE_CTX objects and can be retrieved using
SSL_get_ex_data_X509_STORE_CTX_idx(). The index value is set when
SSL_get_ex_data_X509_STORE_CTX_idx() is first called either by the application
program directly or indirectly during other SSL setup functions or during
the handshake.
The value depends on other index values defined for X509_STORE_CTX objects
before the SSL index is created.
=head1 RETURN VALUES
=over 4
=item E<gt>=0
The index value to access the pointer.
=item E<lt>0
An error occurred, check the error stack for a detailed error message.
=back
=head1 EXAMPLES
The index returned from SSL_get_ex_data_X509_STORE_CTX_idx() allows to
access the SSL object for the connection to be accessed during the
verify_callback() when checking the peers certificate. Please check
the example in L<SSL_CTX_set_verify(3)>,
=head1 SEE ALSO
L<ssl(3)>, L<SSL_CTX_set_verify(3)>,
L<CRYPTO_set_ex_data(3)>
=cut

59
doc/ssl/SSL_get_ex_new_index.pod
View file

@ -1,59 +0,0 @@
=pod
=head1 NAME
SSL_get_ex_new_index, SSL_set_ex_data, SSL_get_ex_data - internal application specific data functions
=head1 SYNOPSIS
#include <openssl/ssl.h>
int SSL_get_ex_new_index(long argl, void *argp,
CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func,
CRYPTO_EX_free *free_func);
int SSL_set_ex_data(SSL *ssl, int idx, void *arg);
void *SSL_get_ex_data(const SSL *ssl, int idx);
typedef int new_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
int idx, long argl, void *argp);
typedef void free_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
int idx, long argl, void *argp);
typedef int dup_func(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d,
int idx, long argl, void *argp);
=head1 DESCRIPTION
Several OpenSSL structures can have application specific data attached to them.
These functions are used internally by OpenSSL to manipulate application
specific data attached to a specific structure.
SSL_get_ex_new_index() is used to register a new index for application
specific data.
SSL_set_ex_data() is used to store application data at B<arg> for B<idx> into
the B<ssl> object.
SSL_get_ex_data() is used to retrieve the information for B<idx> from
B<ssl>.
A detailed description for the B<*_get_ex_new_index()> functionality
can be found in L<RSA_get_ex_new_index(3)>.
The B<*_get_ex_data()> and B<*_set_ex_data()> functionality is described in
L<CRYPTO_set_ex_data(3)>.
=head1 EXAMPLES
An example on how to use the functionality is included in the example
verify_callback() in L<SSL_CTX_set_verify(3)>.
=head1 SEE ALSO
L<ssl(3)>,
L<RSA_get_ex_new_index(3)>,
L<CRYPTO_set_ex_data(3)>,
L<SSL_CTX_set_verify(3)>
=cut

7
include/openssl/bio.h
View file

@ -602,13 +602,10 @@ int BIO_ctrl_reset_read_request(BIO *b);
# define BIO_dgram_get_mtu_overhead(b) \
(unsigned int)BIO_ctrl((b), BIO_CTRL_DGRAM_GET_MTU_OVERHEAD, 0, NULL)
/* These two aren't currently implemented */
/* int BIO_get_ex_num(BIO *bio); */
/* void BIO_set_ex_free_func(BIO *bio,int idx,void (*cb)()); */
#define BIO_get_ex_new_index(l, p, newf, dupf, freef) \
CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_BIO, l, p, newf, dupf, freef)
int BIO_set_ex_data(BIO *bio, int idx, void *data);
void *BIO_get_ex_data(BIO *bio, int idx);
int BIO_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
uint64_t BIO_number_read(BIO *bio);
uint64_t BIO_number_written(BIO *bio);

49
include/openssl/crypto.h
View file

@ -256,33 +256,29 @@ typedef struct bio_st BIO_dummy;
struct crypto_ex_data_st {
STACK_OF(void) *sk;
/* gcc is screwing up this data structure :-( */
int dummy;
};
DECLARE_STACK_OF(void)
/*
* Per class, we have a STACK of CRYPTO_EX_DATA_FUNCS for each CRYPTO_EX_DATA
* entry.
* Per class, we have a STACK of function pointers.
*/
# define CRYPTO_EX_INDEX_BIO 0
# define CRYPTO_EX_INDEX_SSL 1
# define CRYPTO_EX_INDEX_SSL_CTX 2
# define CRYPTO_EX_INDEX_SSL_SESSION 3
# define CRYPTO_EX_INDEX_SSL 0
# define CRYPTO_EX_INDEX_SSL_CTX 1
# define CRYPTO_EX_INDEX_SSL_SESSION 2
# define CRYPTO_EX_INDEX_X509 3
# define CRYPTO_EX_INDEX_X509_STORE 4
# define CRYPTO_EX_INDEX_X509_STORE_CTX 5
# define CRYPTO_EX_INDEX_RSA 6
# define CRYPTO_EX_INDEX_DH 6
# define CRYPTO_EX_INDEX_DSA 7
# define CRYPTO_EX_INDEX_DH 8
# define CRYPTO_EX_INDEX_ENGINE 9
# define CRYPTO_EX_INDEX_X509 10
# define CRYPTO_EX_INDEX_UI 11
# define CRYPTO_EX_INDEX_ECDSA 12
# define CRYPTO_EX_INDEX_ECDH 13
# define CRYPTO_EX_INDEX_COMP 14
# define CRYPTO_EX_INDEX_STORE 15
# define CRYPTO_EX_INDEX_APP 16
# define CRYPTO_EX_INDEX__COUNT 17
# define CRYPTO_EX_INDEX_ECDH 8
# define CRYPTO_EX_INDEX_ECDSA 9
# define CRYPTO_EX_INDEX_RSA 10
# define CRYPTO_EX_INDEX_ENGINE 11
# define CRYPTO_EX_INDEX_UI 12
# define CRYPTO_EX_INDEX_BIO 13
# define CRYPTO_EX_INDEX_STORE 14
# define CRYPTO_EX_INDEX_APP 15
# define CRYPTO_EX_INDEX__COUNT 16
/*
* This is the default callbacks, but we can have others as well: this is
@ -347,10 +343,18 @@ const char *OpenSSL_version(int type);
int OPENSSL_issetugid(void);
/* Within a given class, get/register a new index */
int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp,
typedef void CRYPTO_EX_new (void *parent, void *ptr, CRYPTO_EX_DATA *ad,
int idx, long argl, void *argp);
typedef void CRYPTO_EX_free (void *parent, void *ptr, CRYPTO_EX_DATA *ad,
int idx, long argl, void *argp);
typedef int CRYPTO_EX_dup (CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from,
void *srcp, int idx, long argl, void *argp);
__owur int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp,
CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
CRYPTO_EX_free *free_func);
/* No longer use an index. */
int CRYPTO_free_ex_index(int class_index, int idx);
/*
* Initialise/duplicate/free CRYPTO_EX_DATA variables corresponding to a
* given class (invokes whatever per-class callbacks are applicable)
@ -358,7 +362,9 @@ int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp,
int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad);
int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to,
CRYPTO_EX_DATA *from);
void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad);
/*
* Get/set data in a CRYPTO_EX_DATA variable corresponding to a particular
* index (relative to the class type involved)
@ -584,6 +590,7 @@ void ERR_load_CRYPTO_strings(void);
# define CRYPTO_F_DEF_ADD_INDEX 104
# define CRYPTO_F_DEF_GET_CLASS 105
# define CRYPTO_F_FIPS_MODE_SET 109
# define CRYPTO_F_GET_AND_LOCK 113
# define CRYPTO_F_INT_DUP_EX_DATA 106
# define CRYPTO_F_INT_FREE_EX_DATA 107
# define CRYPTO_F_INT_NEW_EX_DATA 108

4
include/openssl/dh.h
View file

@ -203,8 +203,8 @@ int DH_up_ref(DH *dh);
int DH_bits(const DH *dh);
int DH_size(const DH *dh);
int DH_security_bits(const DH *dh);
int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
#define DH_get_ex_new_index(l, p, newf, dupf, freef) \
CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DH, l, p, newf, dupf, freef)
int DH_set_ex_data(DH *d, int idx, void *arg);
void *DH_get_ex_data(DH *d, int idx);

4
include/openssl/dsa.h
View file

@ -212,8 +212,8 @@ int DSA_sign(int type, const unsigned char *dgst, int dlen,
unsigned char *sig, unsigned int *siglen, DSA *dsa);
int DSA_verify(int type, const unsigned char *dgst, int dgst_len,
const unsigned char *sigbuf, int siglen, DSA *dsa);
int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
#define DSA_get_ex_new_index(l, p, newf, dupf, freef) \
CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DSA, l, p, newf, dupf, freef)
int DSA_set_ex_data(DSA *d, int idx, void *arg);
void *DSA_get_ex_data(DSA *d, int idx);

5
include/openssl/ecdh.h
View file

@ -97,9 +97,8 @@ int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
EC_KEY *ecdh, void *(*KDF) (const void *in, size_t inlen,
void *out, size_t *outlen));
int ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new
*new_func, CRYPTO_EX_dup *dup_func,
CRYPTO_EX_free *free_func);
#define ECDH_get_ex_new_index(l, p, newf, dupf, freef) \
CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ECDH, l, p, newf, dupf, freef)
int ECDH_set_ex_data(EC_KEY *d, int idx, void *arg);
void *ECDH_get_ex_data(EC_KEY *d, int idx);

5
include/openssl/ecdsa.h
View file

@ -222,9 +222,8 @@ int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
const unsigned char *sig, int siglen, EC_KEY *eckey);
/* the standard ex_data functions */
int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new
*new_func, CRYPTO_EX_dup *dup_func,
CRYPTO_EX_free *free_func);
#define ECDSA_get_ex_new_index(l, p, newf, dupf, freef) \
CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ECDSA, l, p, newf, dupf, freef)
int ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg);
void *ECDSA_get_ex_data(EC_KEY *d, int idx);

5
include/openssl/engine.h
View file

@ -575,9 +575,8 @@ int ENGINE_set_pkey_asn1_meths(ENGINE *e, ENGINE_PKEY_ASN1_METHS_PTR f);
int ENGINE_set_flags(ENGINE *e, int flags);
int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
/* These functions allow control over any per-structure ENGINE data. */
int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func,
CRYPTO_EX_free *free_func);
#define ENGINE_get_ex_new_index(l, p, newf, dupf, freef) \
CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ENGINE, l, p, newf, dupf, freef)
int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg);
void *ENGINE_get_ex_data(const ENGINE *e, int idx);

7
include/openssl/ossl_typ.h
View file

@ -190,13 +190,6 @@ typedef struct ISSUING_DIST_POINT_st ISSUING_DIST_POINT;
typedef struct NAME_CONSTRAINTS_st NAME_CONSTRAINTS;
typedef struct crypto_ex_data_st CRYPTO_EX_DATA;
/* Callback types for crypto.h */
typedef int CRYPTO_EX_new (void *parent, void *ptr, CRYPTO_EX_DATA *ad,
int idx, long argl, void *argp);
typedef void CRYPTO_EX_free (void *parent, void *ptr, CRYPTO_EX_DATA *ad,
int idx, long argl, void *argp);
typedef int CRYPTO_EX_dup (CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from,
void *from_d, int idx, long argl, void *argp);
typedef struct ocsp_req_ctx_st OCSP_REQ_CTX;
typedef struct ocsp_response_st OCSP_RESPONSE;

4
include/openssl/rsa.h
View file

@ -478,8 +478,8 @@ int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
const EVP_MD *Hash, const EVP_MD *mgf1Hash,
int sLen);
int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
#define RSA_get_ex_new_index(l, p, newf, dupf, freef) \
CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_RSA, l, p, newf, dupf, freef)
int RSA_set_ex_data(RSA *r, int idx, void *arg);
void *RSA_get_ex_data(const RSA *r, int idx);

46
include/openssl/safestack.h
View file

@ -688,29 +688,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_BLOCK, void)
# define sk_CONF_VALUE_sort(st) SKM_sk_sort(CONF_VALUE, (st))
# define sk_CONF_VALUE_is_sorted(st) SKM_sk_is_sorted(CONF_VALUE, (st))
# define sk_CRYPTO_EX_DATA_FUNCS_new(cmp) SKM_sk_new(CRYPTO_EX_DATA_FUNCS, (cmp))
# define sk_CRYPTO_EX_DATA_FUNCS_new_null() SKM_sk_new_null(CRYPTO_EX_DATA_FUNCS)
# define sk_CRYPTO_EX_DATA_FUNCS_free(st) SKM_sk_free(CRYPTO_EX_DATA_FUNCS, (st))
# define sk_CRYPTO_EX_DATA_FUNCS_num(st) SKM_sk_num(CRYPTO_EX_DATA_FUNCS, (st))
# define sk_CRYPTO_EX_DATA_FUNCS_value(st, i) SKM_sk_value(CRYPTO_EX_DATA_FUNCS, (st), (i))
# define sk_CRYPTO_EX_DATA_FUNCS_set(st, i, val) SKM_sk_set(CRYPTO_EX_DATA_FUNCS, (st), (i), (val))
# define sk_CRYPTO_EX_DATA_FUNCS_zero(st) SKM_sk_zero(CRYPTO_EX_DATA_FUNCS, (st))
# define sk_CRYPTO_EX_DATA_FUNCS_push(st, val) SKM_sk_push(CRYPTO_EX_DATA_FUNCS, (st), (val))
# define sk_CRYPTO_EX_DATA_FUNCS_unshift(st, val) SKM_sk_unshift(CRYPTO_EX_DATA_FUNCS, (st), (val))
# define sk_CRYPTO_EX_DATA_FUNCS_find(st, val) SKM_sk_find(CRYPTO_EX_DATA_FUNCS, (st), (val))
# define sk_CRYPTO_EX_DATA_FUNCS_find_ex(st, val) SKM_sk_find_ex(CRYPTO_EX_DATA_FUNCS, (st), (val))
# define sk_CRYPTO_EX_DATA_FUNCS_delete(st, i) SKM_sk_delete(CRYPTO_EX_DATA_FUNCS, (st), (i))
# define sk_CRYPTO_EX_DATA_FUNCS_delete_ptr(st, ptr) SKM_sk_delete_ptr(CRYPTO_EX_DATA_FUNCS, (st), (ptr))
# define sk_CRYPTO_EX_DATA_FUNCS_insert(st, val, i) SKM_sk_insert(CRYPTO_EX_DATA_FUNCS, (st), (val), (i))
# define sk_CRYPTO_EX_DATA_FUNCS_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CRYPTO_EX_DATA_FUNCS, (st), (cmp))
# define sk_CRYPTO_EX_DATA_FUNCS_dup(st) SKM_sk_dup(CRYPTO_EX_DATA_FUNCS, st)
# define sk_CRYPTO_EX_DATA_FUNCS_pop_free(st, free_func) SKM_sk_pop_free(CRYPTO_EX_DATA_FUNCS, (st), (free_func))
# define sk_CRYPTO_EX_DATA_FUNCS_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CRYPTO_EX_DATA_FUNCS, (st), (copy_func), (free_func))
# define sk_CRYPTO_EX_DATA_FUNCS_shift(st) SKM_sk_shift(CRYPTO_EX_DATA_FUNCS, (st))
# define sk_CRYPTO_EX_DATA_FUNCS_pop(st) SKM_sk_pop(CRYPTO_EX_DATA_FUNCS, (st))
# define sk_CRYPTO_EX_DATA_FUNCS_sort(st) SKM_sk_sort(CRYPTO_EX_DATA_FUNCS, (st))
# define sk_CRYPTO_EX_DATA_FUNCS_is_sorted(st) SKM_sk_is_sorted(CRYPTO_EX_DATA_FUNCS, (st))
# define sk_CRYPTO_dynlock_new(cmp) SKM_sk_new(CRYPTO_dynlock, (cmp))
# define sk_CRYPTO_dynlock_new_null() SKM_sk_new_null(CRYPTO_dynlock)
# define sk_CRYPTO_dynlock_free(st) SKM_sk_free(CRYPTO_dynlock, (st))
@ -918,6 +895,29 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_BLOCK, void)
# define sk_EVP_PKEY_METHOD_sort(st) SKM_sk_sort(EVP_PKEY_METHOD, (st))
# define sk_EVP_PKEY_METHOD_is_sorted(st) SKM_sk_is_sorted(EVP_PKEY_METHOD, (st))
# define sk_EX_CALLBACK_new(cmp) SKM_sk_new(EX_CALLBACK, (cmp))
# define sk_EX_CALLBACK_new_null() SKM_sk_new_null(EX_CALLBACK)
# define sk_EX_CALLBACK_free(st) SKM_sk_free(EX_CALLBACK, (st))
# define sk_EX_CALLBACK_num(st) SKM_sk_num(EX_CALLBACK, (st))
# define sk_EX_CALLBACK_value(st, i) SKM_sk_value(EX_CALLBACK, (st), (i))
# define sk_EX_CALLBACK_set(st, i, val) SKM_sk_set(EX_CALLBACK, (st), (i), (val))
# define sk_EX_CALLBACK_zero(st) SKM_sk_zero(EX_CALLBACK, (st))
# define sk_EX_CALLBACK_push(st, val) SKM_sk_push(EX_CALLBACK, (st), (val))
# define sk_EX_CALLBACK_unshift(st, val) SKM_sk_unshift(EX_CALLBACK, (st), (val))
# define sk_EX_CALLBACK_find(st, val) SKM_sk_find(EX_CALLBACK, (st), (val))
# define sk_EX_CALLBACK_find_ex(st, val) SKM_sk_find_ex(EX_CALLBACK, (st), (val))
# define sk_EX_CALLBACK_delete(st, i) SKM_sk_delete(EX_CALLBACK, (st), (i))
# define sk_EX_CALLBACK_delete_ptr(st, ptr) SKM_sk_delete_ptr(EX_CALLBACK, (st), (ptr))
# define sk_EX_CALLBACK_insert(st, val, i) SKM_sk_insert(EX_CALLBACK, (st), (val), (i))
# define sk_EX_CALLBACK_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EX_CALLBACK, (st), (cmp))
# define sk_EX_CALLBACK_dup(st) SKM_sk_dup(EX_CALLBACK, st)
# define sk_EX_CALLBACK_pop_free(st, free_func) SKM_sk_pop_free(EX_CALLBACK, (st), (free_func))
# define sk_EX_CALLBACK_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(EX_CALLBACK, (st), (copy_func), (free_func))
# define sk_EX_CALLBACK_shift(st) SKM_sk_shift(EX_CALLBACK, (st))
# define sk_EX_CALLBACK_pop(st) SKM_sk_pop(EX_CALLBACK, (st))
# define sk_EX_CALLBACK_sort(st) SKM_sk_sort(EX_CALLBACK, (st))
# define sk_EX_CALLBACK_is_sorted(st) SKM_sk_is_sorted(EX_CALLBACK, (st))
# define sk_GENERAL_NAME_new(cmp) SKM_sk_new(GENERAL_NAME, (cmp))
# define sk_GENERAL_NAME_new_null() SKM_sk_new_null(GENERAL_NAME)
# define sk_GENERAL_NAME_free(st) SKM_sk_free(GENERAL_NAME, (st))

17
include/openssl/ssl.h
View file

@ -1710,23 +1710,18 @@ __owur size_t SSL_get_server_random(const SSL *ssl, unsigned char *out,
__owur size_t SSL_SESSION_get_master_key(const SSL_SESSION *ssl,
unsigned char *out, size_t outlen);
#define SSL_get_ex_new_index(l, p, newf, dupf, freef) \
CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_SESSION, l, p, newf, dupf, freef)
__owur int SSL_set_ex_data(SSL *ssl, int idx, void *data);
void *SSL_get_ex_data(const SSL *ssl, int idx);
__owur int SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
#define SSL_SESSION_get_ex_new_index(l, p, newf, dupf, freef) \
CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, l, p, newf, dupf, freef)
__owur int SSL_SESSION_set_ex_data(SSL_SESSION *ss, int idx, void *data);
void *SSL_SESSION_get_ex_data(const SSL_SESSION *ss, int idx);
__owur int SSL_SESSION_get_ex_new_index(long argl, void *argp,
CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func,
CRYPTO_EX_free *free_func);
#define SSL_CTX_get_ex_new_index(l, p, newf, dupf, freef) \
CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, l, p, newf, dupf, freef)
__owur int SSL_CTX_set_ex_data(SSL_CTX *ssl, int idx, void *data);
void *SSL_CTX_get_ex_data(const SSL_CTX *ssl, int idx);
__owur int SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func,
CRYPTO_EX_free *free_func);
__owur int SSL_get_ex_data_X509_STORE_CTX_idx(void);

6
include/openssl/store.h
View file

@ -122,9 +122,9 @@ int STORE_ctrl(STORE *store, int cmd, long i, void *p, void (*f) (void));
/* Some methods may use extra data */
# define STORE_set_app_data(s,arg) STORE_set_ex_data(s,0,arg)
# define STORE_get_app_data(s) STORE_get_ex_data(s,0)
int STORE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func,
CRYPTO_EX_free *free_func);
#define STORE_get_ex_new_index(l, p, newf, dupf, freef) \
CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_STORE, l, p, newf, dupf, freef)
int STORE_set_ex_data(STORE *r, int idx, void *arg);
void *STORE_get_ex_data(STORE *r, int idx);

5
include/openssl/ui.h
View file

@ -240,8 +240,9 @@ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f) (void));
/* Some methods may use extra data */
# define UI_set_app_data(s,arg) UI_set_ex_data(s,0,arg)
# define UI_get_app_data(s) UI_get_ex_data(s,0)
int UI_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
#define UI_get_ex_new_index(l, p, newf, dupf, freef) \
CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_UI, l, p, newf, dupf, freef)
int UI_set_ex_data(UI *r, int idx, void *arg);
void *UI_get_ex_data(UI *r, int idx);

4
include/openssl/x509.h
View file

@ -615,8 +615,8 @@ DECLARE_ASN1_FUNCTIONS(X509_CINF)
DECLARE_ASN1_FUNCTIONS(X509)
DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX)
int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
#define X509_new_index(l, p, newf, dupf, freef) \
CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509, l, p, newf, dupf, freef)
int X509_set_ex_data(X509 *r, int idx, void *arg);
void *X509_get_ex_data(X509 *r, int idx);
int i2d_X509_AUX(X509 *a, unsigned char **pp);

6
include/openssl/x509_vfy.h
View file

@ -494,10 +494,8 @@ int X509_STORE_load_locations(X509_STORE *ctx,
const char *file, const char *dir);
int X509_STORE_set_default_paths(X509_STORE *ctx);
int X509_STORE_CTX_get_ex_new_index(long argl, void *argp,
CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func,
CRYPTO_EX_free *free_func);
#define X509_STORE_CTX_get_ex_new_index(l, p, newf, dupf, freef) \
CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE_CTX, l, p, newf, dupf, freef)
int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data);
void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx);
int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);

15
ssl/ssl_lib.c
View file

@ -3042,13 +3042,6 @@ size_t SSL_SESSION_get_master_key(const SSL_SESSION *session,
return outlen;
}
int SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
{
return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, argl, argp,
new_func, dup_func, free_func);
}
int SSL_set_ex_data(SSL *s, int idx, void *arg)
{
return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
@ -3059,14 +3052,6 @@ void *SSL_get_ex_data(const SSL *s, int idx)
return (CRYPTO_get_ex_data(&s->ex_data, idx));
}
int SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func,
CRYPTO_EX_free *free_func)
{
return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, argl, argp,
new_func, dup_func, free_func);
}
int SSL_CTX_set_ex_data(SSL_CTX *s, int idx, void *arg)
{
return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));

9
ssl/ssl_sess.c
View file

@ -170,15 +170,6 @@ SSL_SESSION *SSL_get1_session(SSL *ssl)
return (sess);
}
int SSL_SESSION_get_ex_new_index(long argl, void *argp,
CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func,
CRYPTO_EX_free *free_func)
{
return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_SESSION, argl, argp,
new_func, dup_func, free_func);
}
int SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, void *arg)
{
return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));

148
test/exdatatest.c Normal file
View file

@ -0,0 +1,148 @@
/* ====================================================================
* Copyright (c) 2015 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <stdio.h>
#include <assert.h>
#include <string.h>
#include <stdlib.h>
#include <openssl/crypto.h>
static long sargl;
static void *sargp;
static int sidx;
static void exnew(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
int idx, long argl, void *argp)
{
assert(idx == sidx);
assert(argl == sargl);
assert(argp == sargp);
}
static int exdup(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from,
void *from_d, int idx, long argl, void *argp)
{
assert(idx == sidx);
assert(argl == sargl);
assert(argp == sargp);
return 0;
}
static void exfree(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
int idx, long argl, void *argp)
{
assert(idx == sidx);
assert(argl == sargl);
assert(argp == sargp);
}
typedef struct myobj_st {
CRYPTO_EX_DATA ex_data;
int id;
} MYOBJ;
static MYOBJ *MYOBJ_new()
{
static int count = 0;
MYOBJ *obj = OPENSSL_malloc(sizeof(*obj));
int st;
obj->id = ++count;
st = CRYPTO_new_ex_data(CRYPTO_EX_INDEX_APP, obj, &obj->ex_data);
assert(st != 0);
return obj;
}
static void MYOBJ_sethello(MYOBJ *obj, char *cp)
{
int st;
st = CRYPTO_set_ex_data(&obj->ex_data, sidx, cp);
assert(st != 0);
}
static char *MYOBJ_gethello(MYOBJ *obj)
{
return CRYPTO_get_ex_data(&obj->ex_data, sidx);
}
static void MYOBJ_free(MYOBJ *obj)
{
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_APP, obj, &obj->ex_data);
OPENSSL_free(obj);
}
int main()
{
MYOBJ *t1, *t2;
const char *cp;
char *p;
p = strdup("hello world");
sargl = 21;
sargp = malloc(1);
sidx = CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_APP, sargl, sargp,
exnew, exdup, exfree);
t1 = MYOBJ_new();
t2 = MYOBJ_new();
MYOBJ_sethello(t1, p);
cp = MYOBJ_gethello(t1);
assert(cp == p);
cp = MYOBJ_gethello(t2);
assert(cp == NULL);
MYOBJ_free(t1);
MYOBJ_free(t2);
free(sargp);
free(p);
return 0;
}

21
util/libeay.num
View file

@ -1004,7 +1004,7 @@ CRYPTO_get_new_lockid 1026 EXIST::FUNCTION:
CRYPTO_new_ex_data 1027 EXIST::FUNCTION:
RSA_set_ex_data 1028 EXIST::FUNCTION:RSA
RSA_get_ex_data 1029 EXIST::FUNCTION:RSA
RSA_get_ex_new_index 1030 EXIST::FUNCTION:RSA
RSA_get_ex_new_index 1030 NOEXIST::FUNCTION:
RSA_padding_add_PKCS1_type_1 1031 EXIST::FUNCTION:RSA
RSA_padding_add_PKCS1_type_2 1032 EXIST::FUNCTION:RSA
RSA_padding_add_SSLv23 1033 EXIST::FUNCTION:RSA
@ -1033,7 +1033,7 @@ BN_mpi2bn 1059 EXIST::FUNCTION:
ASN1_BIT_STRING_get_bit 1060 EXIST::FUNCTION:
ASN1_BIT_STRING_set_bit 1061 EXIST::FUNCTION:
BIO_get_ex_data 1062 EXIST::FUNCTION:
BIO_get_ex_new_index 1063 EXIST::FUNCTION:
BIO_get_ex_new_index 1063 NOEXIST::FUNCTION:
BIO_set_ex_data 1064 EXIST::FUNCTION:
X509v3_get_key_usage 1066 NOEXIST::FUNCTION:
X509v3_set_key_usage 1067 NOEXIST::FUNCTION:
@ -1069,7 +1069,7 @@ COMP_CTX_new 1096 EXIST::FUNCTION:
COMP_CTX_free 1097 EXIST::FUNCTION:
COMP_CTX_compress_block 1098 NOEXIST::FUNCTION:
COMP_CTX_expand_block 1099 NOEXIST::FUNCTION:
X509_STORE_CTX_get_ex_new_index 1100 EXIST::FUNCTION:
X509_STORE_CTX_get_ex_new_index 1100 NOEXIST::FUNCTION:
OBJ_NAME_add 1101 EXIST::FUNCTION:
BIO_socket_nbio 1102 EXIST::FUNCTION:
EVP_rc2_64_cbc 1103 EXIST::FUNCTION:RC2
@ -1484,11 +1484,11 @@ DH_set_ex_data 1883 EXIST::FUNCTION:DH
DH_set_method 1884 EXIST::FUNCTION:DH
DSA_OpenSSL 1885 EXIST::FUNCTION:DSA
DH_get_ex_data 1886 EXIST::FUNCTION:DH
DH_get_ex_new_index 1887 EXIST::FUNCTION:DH
DH_get_ex_new_index 1887 NOEXIST::FUNCTION:
DSA_new_method 1888 EXIST::FUNCTION:DSA
DH_new_method 1889 EXIST::FUNCTION:DH
DH_OpenSSL 1890 EXIST::FUNCTION:DH
DSA_get_ex_new_index 1891 EXIST::FUNCTION:DSA
DSA_get_ex_new_index 1891 NOEXIST::FUNCTION:
DH_get_default_method 1892 EXIST::FUNCTION:DH
DSA_set_ex_data 1893 EXIST::FUNCTION:DSA
DH_set_default_method 1894 EXIST::FUNCTION:DH
@ -1580,7 +1580,7 @@ i2d_DSA_PUBKEY_bio 2014 EXIST::FUNCTION:DSA
i2d_OTHERNAME 2015 EXIST::FUNCTION:
ASN1_OCTET_STRING_free 2016 EXIST::FUNCTION:
ASN1_BIT_STRING_set_asc 2017 EXIST::FUNCTION:
X509_get_ex_new_index 2019 EXIST::FUNCTION:
X509_get_ex_new_index 2019 NOEXIST::FUNCTION:
ASN1_STRING_TABLE_cleanup 2020 EXIST::FUNCTION:
X509_TRUST_get_by_id 2021 EXIST::FUNCTION:
X509_PURPOSE_get_trust 2022 EXIST::FUNCTION:
@ -2311,7 +2311,7 @@ d2i_ASN1_GENERALSTRING 2822 EXIST::FUNCTION:
X509_CRL_set_version 2823 EXIST::FUNCTION:
BN_mod_sub 2824 EXIST::FUNCTION:
OCSP_SINGLERESP_get_ext_by_NID 2825 EXIST::FUNCTION:
ENGINE_get_ex_new_index 2826 EXIST::FUNCTION:ENGINE
ENGINE_get_ex_new_index 2826 NOEXIST::FUNCTION:
OCSP_REQUEST_free 2827 EXIST::FUNCTION:
OCSP_REQUEST_add1_ext_i2d 2828 EXIST::FUNCTION:
X509_VAL_it 2829 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
@ -2435,7 +2435,7 @@ EC_POINT_free 2929 EXIST::FUNCTION:EC
DH_up_ref 2930 EXIST::FUNCTION:DH
X509_NAME_ENTRY_it 2931 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
X509_NAME_ENTRY_it 2931 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
UI_get_ex_new_index 2932 EXIST::FUNCTION:
UI_get_ex_new_index 2932 NOEXIST::FUNCTION:
BN_mod_sub_quick 2933 EXIST::FUNCTION:
OCSP_ONEREQ_add_ext 2934 EXIST::FUNCTION:
OCSP_request_sign 2935 EXIST::FUNCTION:
@ -3173,7 +3173,7 @@ BIO_dgram_non_fatal_error 3586 EXIST::FUNCTION:
EC_GROUP_get_asn1_flag 3587 EXIST::FUNCTION:EC
STORE_ATTR_INFO_in_ex 3588 NOEXIST::FUNCTION:
STORE_list_crl_start 3589 NOEXIST::FUNCTION:
ECDH_get_ex_new_index 3590 EXIST::FUNCTION:EC
ECDH_get_ex_new_index 3590 NOEXIST::FUNCTION:
STORE_meth_get_modify_fn 3591 NOEXIST::FUNCTION:
STORE_method_get_modify_function 3591 NOEXIST::FUNCTION:
v2i_ASN1_BIT_STRING 3592 EXIST::FUNCTION:
@ -3341,7 +3341,7 @@ PKCS7_set_digest 3741 EXIST::FUNCTION:
EC_KEY_print 3742 EXIST::FUNCTION:EC
STORE_meth_set_lock_store_fn 3743 NOEXIST::FUNCTION:
STORE_method_set_lock_store_function 3743 NOEXIST::FUNCTION:
ECDSA_get_ex_new_index 3744 EXIST::FUNCTION:EC
ECDSA_get_ex_new_index 3744 NOEXIST::FUNCTION:
SHA384 3745 EXIST:!VMSVAX:FUNCTION:
POLICY_MAPPING_new 3746 EXIST::FUNCTION:
STORE_list_certificate_endp 3747 NOEXIST::FUNCTION:
@ -4665,3 +4665,4 @@ ASYNC_cleanup 5024 EXIST::FUNCTION:
ASYNC_init 5025 EXIST::FUNCTION:
EVP_MD_CTX_ctrl 5026 EXIST::FUNCTION:
EVP_md5_sha1 5027 EXIST::FUNCTION:MD5
CRYPTO_free_ex_index 5028 EXIST::FUNCTION:

6
util/ssleay.num
View file

@ -146,9 +146,9 @@ SSL_set_verify_result 163 EXIST::FUNCTION:
SSL_version 164 EXIST::FUNCTION:
SSL_get_info_callback 165 EXIST::FUNCTION:
SSL_state 166 NOEXIST::FUNCTION:
SSL_CTX_get_ex_new_index 167 EXIST::FUNCTION:
SSL_SESSION_get_ex_new_index 168 EXIST::FUNCTION:
SSL_get_ex_new_index 169 EXIST::FUNCTION:
SSL_CTX_get_ex_new_index 167 NOEXIST::FUNCTION:
SSL_SESSION_get_ex_new_index 168 NOEXIST::FUNCTION:
SSL_get_ex_new_index 169 NOEXIST::FUNCTION:
TLSv1_method 170 EXIST::FUNCTION:
TLSv1_server_method 171 EXIST::FUNCTION:
TLSv1_client_method 172 EXIST::FUNCTION: