diff --git a/crypto/bio/bio.c b/crypto/bio/bio.c index 6f112c1a..4b5bb720 100644 --- a/crypto/bio/bio.c +++ b/crypto/bio/bio.c @@ -114,9 +114,9 @@ int BIO_free(BIO *bio) { return 1; } -BIO *BIO_up_ref(BIO *bio) { +int BIO_up_ref(BIO *bio) { CRYPTO_refcount_inc(&bio->references); - return bio; + return 1; } void BIO_vfree(BIO *bio) { diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c index 9f427dea..7aee3bb1 100644 --- a/crypto/x509/x509_lu.c +++ b/crypto/x509/x509_lu.c @@ -217,9 +217,10 @@ X509_STORE *X509_STORE_new(void) return NULL; } -void X509_STORE_up_ref(X509_STORE *store) +int X509_STORE_up_ref(X509_STORE *store) { CRYPTO_refcount_inc(&store->references); + return 1; } static void cleanup(X509_OBJECT *a) @@ -395,7 +396,7 @@ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x) return ret; } -void X509_OBJECT_up_ref_count(X509_OBJECT *a) +int X509_OBJECT_up_ref_count(X509_OBJECT *a) { switch (a->type) { case X509_LU_X509: @@ -405,6 +406,7 @@ void X509_OBJECT_up_ref_count(X509_OBJECT *a) X509_CRL_up_ref(a->data.crl); break; } + return 1; } void X509_OBJECT_free_contents(X509_OBJECT *a) @@ -515,12 +517,12 @@ STACK_OF (X509) * X509_STORE_get1_certs(X509_STORE_CTX *ctx, X509_NAME *nm) for (i = 0; i < cnt; i++, idx++) { obj = sk_X509_OBJECT_value(ctx->ctx->objs, idx); x = obj->data.x509; - if (!sk_X509_push(sk, X509_up_ref(x))) { + if (!sk_X509_push(sk, x)) { CRYPTO_MUTEX_unlock_write(&ctx->ctx->objs_lock); - X509_free(x); sk_X509_pop_free(sk, X509_free); return NULL; } + X509_up_ref(x); } CRYPTO_MUTEX_unlock_write(&ctx->ctx->objs_lock); return sk; diff --git a/crypto/x509/x509cset.c b/crypto/x509/x509cset.c index a292710e..2fd48a9c 100644 --- a/crypto/x509/x509cset.c +++ b/crypto/x509/x509cset.c @@ -129,9 +129,10 @@ int X509_CRL_sort(X509_CRL *c) return 1; } -void X509_CRL_up_ref(X509_CRL *crl) +int X509_CRL_up_ref(X509_CRL *crl) { CRYPTO_refcount_inc(&crl->references); + return 1; } int X509_REVOKED_set_revocationDate(X509_REVOKED *x, ASN1_TIME *tm) diff --git a/crypto/x509/x_x509.c b/crypto/x509/x_x509.c index bcf8546c..9fdda825 100644 --- a/crypto/x509/x_x509.c +++ b/crypto/x509/x_x509.c @@ -142,10 +142,10 @@ IMPLEMENT_ASN1_FUNCTIONS(X509) IMPLEMENT_ASN1_DUP_FUNCTION(X509) -X509 *X509_up_ref(X509 *x) +int X509_up_ref(X509 *x) { CRYPTO_refcount_inc(&x->references); - return x; + return 1; } int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_unused * unused, diff --git a/crypto/x509v3/pcy_tree.c b/crypto/x509v3/pcy_tree.c index e7484e52..a13a4fa3 100644 --- a/crypto/x509v3/pcy_tree.c +++ b/crypto/x509v3/pcy_tree.c @@ -255,7 +255,8 @@ static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs, level++; x = sk_X509_value(certs, i); cache = policy_cache_set(x); - level->cert = X509_up_ref(x); + X509_up_ref(x); + level->cert = x; if (!cache->anyPolicy) level->flags |= X509_V_FLAG_INHIBIT_ANY; diff --git a/include/openssl/bio.h b/include/openssl/bio.h index 5416c657..9622f96b 100644 --- a/include/openssl/bio.h +++ b/include/openssl/bio.h @@ -96,8 +96,8 @@ OPENSSL_EXPORT int BIO_free(BIO *bio); * TODO(fork): remove. */ OPENSSL_EXPORT void BIO_vfree(BIO *bio); -/* BIO_up_ref increments the reference count of |bio| and returns it. */ -OPENSSL_EXPORT BIO *BIO_up_ref(BIO *bio); +/* BIO_up_ref increments the reference count of |bio| and returns one. */ +OPENSSL_EXPORT int BIO_up_ref(BIO *bio); /* Basic I/O. */ diff --git a/include/openssl/dh.h b/include/openssl/dh.h index 8758413e..40256561 100644 --- a/include/openssl/dh.h +++ b/include/openssl/dh.h @@ -81,7 +81,7 @@ OPENSSL_EXPORT DH *DH_new(void); * count drops to zero. */ OPENSSL_EXPORT void DH_free(DH *dh); -/* DH_up_ref increments the reference count of |dh|. */ +/* DH_up_ref increments the reference count of |dh| and returns one. */ OPENSSL_EXPORT int DH_up_ref(DH *dh); diff --git a/include/openssl/dsa.h b/include/openssl/dsa.h index d25bfaac..1e1ff656 100644 --- a/include/openssl/dsa.h +++ b/include/openssl/dsa.h @@ -84,7 +84,7 @@ OPENSSL_EXPORT DSA *DSA_new(void); * reference count drops to zero. */ OPENSSL_EXPORT void DSA_free(DSA *dsa); -/* DSA_up_ref increments the reference count of |dsa|. */ +/* DSA_up_ref increments the reference count of |dsa| and returns one. */ OPENSSL_EXPORT int DSA_up_ref(DSA *dsa); diff --git a/include/openssl/ec_key.h b/include/openssl/ec_key.h index 63554a78..0658deb2 100644 --- a/include/openssl/ec_key.h +++ b/include/openssl/ec_key.h @@ -105,8 +105,7 @@ OPENSSL_EXPORT EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src); /* EC_KEY_dup returns a fresh copy of |src| or NULL on error. */ OPENSSL_EXPORT EC_KEY *EC_KEY_dup(const EC_KEY *src); -/* EC_KEY_up_ref increases the reference count of |key|. It returns one on - * success and zero otherwise. */ +/* EC_KEY_up_ref increases the reference count of |key| and returns one. */ OPENSSL_EXPORT int EC_KEY_up_ref(EC_KEY *key); /* EC_KEY_is_opaque returns one if |key| is opaque and doesn't expose its key diff --git a/include/openssl/rsa.h b/include/openssl/rsa.h index a656d6c9..b4c7653b 100644 --- a/include/openssl/rsa.h +++ b/include/openssl/rsa.h @@ -83,7 +83,7 @@ OPENSSL_EXPORT RSA *RSA_new_method(const ENGINE *engine); * reference count drops to zero. */ OPENSSL_EXPORT void RSA_free(RSA *rsa); -/* RSA_up_ref increments the reference count of |rsa|. */ +/* RSA_up_ref increments the reference count of |rsa| and returns one. */ OPENSSL_EXPORT int RSA_up_ref(RSA *rsa); diff --git a/include/openssl/x509.h b/include/openssl/x509.h index 6e062f29..5bbf651d 100644 --- a/include/openssl/x509.h +++ b/include/openssl/x509.h @@ -781,9 +781,8 @@ DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX) DECLARE_ASN1_FUNCTIONS(X509_CERT_PAIR) -/* X509_up_ref adds one to the reference count of |x| and returns - * |x|. */ -OPENSSL_EXPORT X509 *X509_up_ref(X509 *x); +/* X509_up_ref adds one to the reference count of |x| and returns one. */ +OPENSSL_EXPORT int X509_up_ref(X509 *x); OPENSSL_EXPORT int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_unused *unused, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); @@ -894,7 +893,7 @@ OPENSSL_EXPORT int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name); OPENSSL_EXPORT int X509_CRL_set_lastUpdate(X509_CRL *x, const ASN1_TIME *tm); OPENSSL_EXPORT int X509_CRL_set_nextUpdate(X509_CRL *x, const ASN1_TIME *tm); OPENSSL_EXPORT int X509_CRL_sort(X509_CRL *crl); -OPENSSL_EXPORT void X509_CRL_up_ref(X509_CRL *crl); +OPENSSL_EXPORT int X509_CRL_up_ref(X509_CRL *crl); OPENSSL_EXPORT int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial); OPENSSL_EXPORT int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm); diff --git a/include/openssl/x509_vfy.h b/include/openssl/x509_vfy.h index 7ecd981a..50ded0de 100644 --- a/include/openssl/x509_vfy.h +++ b/include/openssl/x509_vfy.h @@ -437,10 +437,10 @@ OPENSSL_EXPORT int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type X509_NAME *name); OPENSSL_EXPORT X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h,int type,X509_NAME *name); OPENSSL_EXPORT X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h, X509_OBJECT *x); -OPENSSL_EXPORT void X509_OBJECT_up_ref_count(X509_OBJECT *a); +OPENSSL_EXPORT int X509_OBJECT_up_ref_count(X509_OBJECT *a); OPENSSL_EXPORT void X509_OBJECT_free_contents(X509_OBJECT *a); OPENSSL_EXPORT X509_STORE *X509_STORE_new(void ); -OPENSSL_EXPORT void X509_STORE_up_ref(X509_STORE *store); +OPENSSL_EXPORT int X509_STORE_up_ref(X509_STORE *store); OPENSSL_EXPORT void X509_STORE_free(X509_STORE *v); OPENSSL_EXPORT STACK_OF(X509)* X509_STORE_get1_certs(X509_STORE_CTX *st, X509_NAME *nm); diff --git a/ssl/handshake_client.c b/ssl/handshake_client.c index 89140d99..34c1adc0 100644 --- a/ssl/handshake_client.c +++ b/ssl/handshake_client.c @@ -1039,7 +1039,8 @@ static int ssl3_get_server_certificate(SSL *ssl) { ssl->s3->new_session->cert_chain = chain; X509_free(ssl->s3->new_session->peer); - ssl->s3->new_session->peer = X509_up_ref(leaf); + X509_up_ref(leaf); + ssl->s3->new_session->peer = leaf; return 1; diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index 20a88842..c35834e0 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -171,7 +171,8 @@ CERT *ssl_cert_dup(CERT *cert) { ret->dh_tmp_cb = cert->dh_tmp_cb; if (cert->x509 != NULL) { - ret->x509 = X509_up_ref(cert->x509); + X509_up_ref(cert->x509); + ret->x509 = cert->x509; } if (cert->privatekey != NULL) { diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 1872f57b..1a950ad4 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -1019,7 +1019,8 @@ X509 *SSL_get_peer_certificate(const SSL *ssl) { if (session == NULL || session->peer == NULL) { return NULL; } - return X509_up_ref(session->peer); + X509_up_ref(session->peer); + return session->peer; } STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *ssl) { diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c index 295f37ac..c06207f8 100644 --- a/ssl/ssl_rsa.c +++ b/ssl/ssl_rsa.c @@ -235,7 +235,8 @@ static int ssl_set_cert(CERT *c, X509 *x) { EVP_PKEY_free(pkey); X509_free(c->x509); - c->x509 = X509_up_ref(x); + X509_up_ref(x); + c->x509 = x; return 1; } diff --git a/ssl/ssl_session.c b/ssl/ssl_session.c index 4680a408..1d634d80 100644 --- a/ssl/ssl_session.c +++ b/ssl/ssl_session.c @@ -198,7 +198,8 @@ SSL_SESSION *SSL_SESSION_dup(SSL_SESSION *session, int include_ticket) { } } if (session->peer != NULL) { - new_session->peer = X509_up_ref(session->peer); + X509_up_ref(session->peer); + new_session->peer = session->peer; } if (session->cert_chain != NULL) { new_session->cert_chain = X509_chain_up_ref(session->cert_chain); diff --git a/ssl/ssl_test.cc b/ssl/ssl_test.cc index c2ce99ba..4c4f6d97 100644 --- a/ssl/ssl_test.cc +++ b/ssl/ssl_test.cc @@ -811,7 +811,8 @@ static bool GetClientHello(SSL *ssl, std::vector *out) { return false; } // Do not configure a reading BIO, but record what's written to a memory BIO. - SSL_set_bio(ssl, nullptr /* rbio */, BIO_up_ref(bio.get())); + BIO_up_ref(bio.get()); + SSL_set_bio(ssl, nullptr /* rbio */, bio.get()); int ret = SSL_connect(ssl); if (ret > 0) { // SSL_connect should fail without a BIO to write to. diff --git a/ssl/tls13_both.c b/ssl/tls13_both.c index 35fea53f..25278969 100644 --- a/ssl/tls13_both.c +++ b/ssl/tls13_both.c @@ -230,7 +230,9 @@ int tls13_process_certificate(SSL *ssl, int allow_anonymous) { ssl->s3->new_session->verify_result = ssl->verify_result; X509_free(ssl->s3->new_session->peer); - ssl->s3->new_session->peer = X509_up_ref(sk_X509_value(chain, 0)); + X509 *leaf = sk_X509_value(chain, 0); + X509_up_ref(leaf); + ssl->s3->new_session->peer = leaf; sk_X509_pop_free(ssl->s3->new_session->cert_chain, X509_free); ssl->s3->new_session->cert_chain = chain;