Issue 19704 get default search path #19752
Conversation
crypto/provider_core.c
Outdated
| @@ -816,6 +816,23 @@ int OSSL_PROVIDER_set_default_search_path(OSSL_LIB_CTX *libctx, | |||
| return 0; | |||
| } | |||
|
|
|||
| int OSSL_PROVIDER_get1_default_search_path(OSSL_LIB_CTX *libctx, | |||
There was a problem hiding this comment.
Just a random thought but would OSSL_PROVIDER_get0_default_search_path be more sensible? The caller gets to decide to strdup or not -- the path exists for the life of the libctx, so not duping it is reasonable.
const char *OSSL_PROVIDER_get0_default_search_path(OSSL_LIB_CTX *libctx)
{
char *path = NULL;
if ((store = get_provider_store(libctx)) != NULL
&& CRYPTO_THREAD_read_lock(store->default_path_lock)) {
path = OPENSSL_strdup(store->default_path ? store->default_path : "");
CRYPTO_THREAD_unlock(store->default_path_lock);
}
return path;
}There was a problem hiding this comment.
That is always an option; in that case, I would just do:
path = store->default_path;
You do get less error info that way; if the lock failed for some reason or the library context was invalid which is why I went the other route.
There was a problem hiding this comment.
Sorry, didn't look at the code properly :(
An invalid library context is likely to crash. The lock failing is a legitimate concern I guess.
There was a problem hiding this comment.
I think an invalid library context should return NULL on get_provider_store (it calls ossl_lib_ctx_get_data which will also fail gracefully).
There was a problem hiding this comment.
or it will crash or return rubbish. C has no way to distinguish a good pointer from a bad one.
There was a problem hiding this comment.
ok, switched to OSSL_PROVIDER_get0_default_search_path
github-actions
bot
added
the
severity: fips change
t8m
added
branch: master
|
I'd also prefer implementing get0 accessor instead. I would definitely be ok with adding it to 3.1. In that case the libcrypto.num and documentation HISTORY entry has to change. Not sure about 3.0. I do not see it as bug fix. |
|
Instead of adding merge commits please rebase the whole PR against fresh master branch. |
pm-cfs
force-pushed
the
Issue-19704_get-default-search-path
branch
from
b5eefaf
to
6c7d6a9
Compare
|
Ok, rebased to master and squashed to simplify commit history. |
|
The pyca-cryptography submodule change has to be reverted. |
|
For the pyra-cryptography, do I just ignore those / Discard? Git keeps adding it in as a change from master. |
pm-cfs
force-pushed
the
Issue-19704_get-default-search-path
branch
from
0e13313
to
8f1d650
Compare
t8m
added
approval: review pending
pm-cfs
force-pushed
the
Issue-19704_get-default-search-path
branch
from
6224f28
to
e12d6b0
Compare
t8m
removed
the
approval: otc review pending
tmshort
added
approval: done
openssl-machine
removed
the
approval: done
openssl-machine
added
the
approval: ready to merge
|
This pull request is ready to merge |
|
As is this can be merged only to master branch. So I did that. @pm-cfs if you want this in 3.1 would you please submit a PR against master branch that changes the version in the manpage and libcrypto.num and separate PR against openssl-3.1 branch that cherry-picks this merged commit? |
Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #19752)
Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl#19752)
Checklist
Description of change
Update core provider to add:
OSSL_PROVIDER_get1_default_search_pathFixes #19704