The branch master has been updated
via a161738a708b5e284a4714edc0c976606ea7cb26 (commit)
from 5fe6e2311df9bbbe347cdc7b3c22ce06e20a0ef9 (commit)
- Log -----------------------------------------------------------------
commit a161738a708b5e284a4714edc0c976606ea7cb26
Author: Krists Krilovs <[email protected]>
Date: Mon Jul 8 13:43:09 2019 -0700
Fix wrong lock claimed in x509 dir lookup.
x509 store's objects cache can get corrupted when using dir lookup
method in multithreaded application. Claim x509 store's lock when
accessing objects cache.
CLA: trivial
Reviewed-by: Richard Levitte <[email protected]>
Reviewed-by: Tomas Mraz <[email protected]>
Reviewed-by: Bernd Edlinger <[email protected]>
Reviewed-by: Paul Dale <[email protected]>
Reviewed-by: Shane Lontis <[email protected]>
(Merged from https://github.com/openssl/openssl/pull/9326)
-----------------------------------------------------------------------
Summary of changes:
crypto/x509/by_dir.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c
index 36c6b08..e53b9b4 100644
--- a/crypto/x509/by_dir.c
+++ b/crypto/x509/by_dir.c
@@ -327,10 +327,10 @@ static int get_cert_by_subject(X509_LOOKUP *xl,
X509_LOOKUP_TYPE type,
/*
* we have added it to the cache so now pull it out again
*/
- CRYPTO_THREAD_write_lock(ctx->lock);
+ X509_STORE_lock(xl->store_ctx);
j = sk_X509_OBJECT_find(xl->store_ctx->objs, &stmp);
tmp = sk_X509_OBJECT_value(xl->store_ctx->objs, j);
- CRYPTO_THREAD_unlock(ctx->lock);
+ X509_STORE_unlock(xl->store_ctx);
/* If a CRL, update the last file suffix added for this */
