New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Issue 19704 get default search path #19752
Conversation
crypto/provider_core.c
Outdated
@@ -816,6 +816,23 @@ int OSSL_PROVIDER_set_default_search_path(OSSL_LIB_CTX *libctx, | |||
return 0; | |||
} | |||
|
|||
int OSSL_PROVIDER_get1_default_search_path(OSSL_LIB_CTX *libctx, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just a random thought but would OSSL_PROVIDER_get0_default_search_path
be more sensible? The caller gets to decide to strdup or not -- the path exists for the life of the libctx, so not duping it is reasonable.
const char *OSSL_PROVIDER_get0_default_search_path(OSSL_LIB_CTX *libctx)
{
char *path = NULL;
if ((store = get_provider_store(libctx)) != NULL
&& CRYPTO_THREAD_read_lock(store->default_path_lock)) {
path = OPENSSL_strdup(store->default_path ? store->default_path : "");
CRYPTO_THREAD_unlock(store->default_path_lock);
}
return path;
}
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That is always an option; in that case, I would just do:
path = store->default_path;
You do get less error info that way; if the lock failed for some reason or the library context was invalid which is why I went the other route.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry, didn't look at the code properly :(
An invalid library context is likely to crash. The lock failing is a legitimate concern I guess.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think an invalid library context should return NULL on get_provider_store
(it calls ossl_lib_ctx_get_data
which will also fail gracefully).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
or it will crash or return rubbish. C has no way to distinguish a good pointer from a bad one.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ok, switched to OSSL_PROVIDER_get0_default_search_path
I'd also prefer implementing get0 accessor instead. I would definitely be ok with adding it to 3.1. In that case the libcrypto.num and documentation HISTORY entry has to change. Not sure about 3.0. I do not see it as bug fix. |
Instead of adding merge commits please rebase the whole PR against fresh master branch. |
b5eefaf
to
6c7d6a9
Compare
Ok, rebased to master and squashed to simplify commit history. |
The pyca-cryptography submodule change has to be reverted. |
For the pyra-cryptography, do I just ignore those / Discard? Git keeps adding it in as a change from master. |
0e13313
to
8f1d650
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The original commit message was lost. Could you please amend the first commit message and possibly squash the two commits into one? You can use git rebase -i for that.
6224f28
to
e12d6b0
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
This pull request is ready to merge |
As is this can be merged only to master branch. So I did that. @pm-cfs if you want this in 3.1 would you please submit a PR against master branch that changes the version in the manpage and libcrypto.num and separate PR against openssl-3.1 branch that cherry-picks this merged commit? |
Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #19752)
Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl#19752)
Checklist
Description of change
Update core provider to add:
OSSL_PROVIDER_get1_default_search_path
Fixes #19704