kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
23a8ca1f10
boringssl/ssl
History
David Benjamin 23a8ca1f10 Implement SSL_get1_session with SSL_SESSION_up_ref. 
It doesn't appear that logic (added in upstream's
b7cfcfb7f8e17c17f457b3384010eb027f3aad72) is protecting against anything. On
the contrary, it prohibits implementing CRYPTO_add with real atomic operations!
There's no guarantee that those operations will interact with the locked
implementation.

https://www.mail-archive.com/openssl-users@openssl.org/msg63176.html

As long as ssl->session points to the same session, we know the session won't
be freed. There is no lock protecting, say, SSL_set_session, but a single SSL*
does not appear to be safe to use across threads. If this were to be supported,
both should be guarded by CRYPTO_LOCK_SSL (which is barely used).
CRYPTO_LOCK_SSL_SESSION isn't sufficient anyway; it could sample while
SSL_set_session is busy swapping out the now freed old session with the new.

Change-Id: I54623d0690c55c2c86720406ceff545e2e5f2f8f
Reviewed-on: https://boringssl-review.googlesource.com/3345
Reviewed-by: Adam Langley <agl@google.com>
2015-02-09 23:35:25 +00:00
..
pqueue Remove string.h from base.h. 2015-02-02 19:14:15 +00:00
test Test asynchronous cert_cb behavior. 2015-02-09 23:32:51 +00:00
CMakeLists.txt Change CMakeLists.txt to two-space indent. 2015-01-28 16:37:10 -08:00
d1_both.c Simplify DTLS epoch rewind. 2015-02-03 20:34:06 +00:00
d1_clnt.c Reformatting of several DTLS source files. 2014-12-13 16:28:18 -08:00
d1_lib.c Remove dtls1_timeout_st. 2015-02-03 00:41:07 +00:00
d1_meth.c Implement SSL_clear with ssl_new and ssl_free. 2015-01-12 22:35:58 +00:00
d1_pkt.c Initialize the record buffers after the handshake check. 2015-02-09 19:49:45 +00:00
d1_srtp.c Store SRTP_PROTECTION_PROFILES as const. 2015-01-14 22:10:08 +00:00
d1_srvr.c Remove NETSCAPE_HANG_BUG. 2015-02-03 00:41:15 +00:00
s3_both.c Touch up ssl3_get_message. 2014-12-17 00:16:23 +00:00
s3_clnt.c Revise SSL_cutthrough_complete and SSL_in_init. 2015-02-09 20:00:43 +00:00
s3_enc.c Implement SSLv3 ciphers with stateful AEADs. 2015-01-14 20:55:58 +00:00
s3_lib.c Revise SSL_cutthrough_complete and SSL_in_init. 2015-02-09 20:00:43 +00:00
s3_meth.c Implement SSL_clear with ssl_new and ssl_free. 2015-01-12 22:35:58 +00:00
s3_pkt.c Revise SSL_cutthrough_complete and SSL_in_init. 2015-02-09 20:00:43 +00:00
s3_srvr.c Remove NETSCAPE_HANG_BUG. 2015-02-03 00:41:15 +00:00
ssl_algs.c Make SSL_load_error_strings a no-op. 2015-01-14 22:09:58 +00:00
ssl_asn1.c Remove SSL_SESSION::cipher_id. 2015-01-14 21:10:55 +00:00
ssl_cert.c Add (void) to some macros to satisfy compiler. 2015-01-12 23:46:03 +00:00
ssl_ciph.c Fix some unchecked mallocs. 2015-02-09 19:39:41 +00:00
ssl_error.c Remove alert_fragment and handshake_fragment. 2015-02-03 19:10:08 +00:00
ssl_lib.c Add SSL_SESSION_up_ref. 2015-02-09 23:34:41 +00:00
ssl_locl.h aarch64 support. 2015-01-14 23:38:11 +00:00
ssl_rsa.c Reformat the rest of ssl/. 2014-12-18 17:43:03 -08:00
ssl_sess.c Implement SSL_get1_session with SSL_SESSION_up_ref. 2015-02-09 23:35:25 +00:00
ssl_stat.c Reformat the rest of ssl/. 2014-12-18 17:43:03 -08:00
ssl_test.c
ssl_txt.c Remove SSL_SESSION::cipher_id. 2015-01-14 21:10:55 +00:00
t1_enc.c Simplify DTLS epoch rewind. 2015-02-03 20:34:06 +00:00
t1_lib.c Only send sigalgs extension in 1.2-capable ClientHellos. 2015-01-26 18:45:04 +00:00
t1_reneg.c Reformat the rest of ssl/. 2014-12-18 17:43:03 -08:00