Google Git
Sign in
boringssl/boringssl.git/9eaa3bd55d5d7836f56051bf87c051ae6890ca06^!/./ssl/ssl_lib.cc
commit
9eaa3bd55d5d7836f56051bf87c051ae6890ca06
[log]
author
David Benjamin <davidben@google.com>
Wed Sep 27 17:03:54 2017 -0400
committer
CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Wed Sep 27 21:58:05 2017 +0000
tree
e84583a9dc29e836be28ee7f189b5e16f381b986
parent
73d42e614c21b3ec173c839bf1f687f1654b4265 [diff] [blame]
Remove SSL_CTX_sessions and properly lock SSL_CTX_sess_number.

SSL_CTX_sessions is the only think making us expose LHASH as public API
and nothing uses it. Nothing can use it anyway as it's not thread-safe.
I haven't actually removed it yet since SSL_CTX is public, but once the
types are opaque, we could trim the number of symbols ssl.h pulls in
with some work.

Relatedly, fix thread safety of SSL_CTX_sess_number.

Change-Id: I75a6c93509d462cd5ed3ce76c587f0d1e7cd0797
Reviewed-on: https://boringssl-review.googlesource.com/20804
Commit-Queue: David Benjamin <davidben@google.com>
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

diff --git a/ssl/ssl_lib.cc b/ssl/ssl_lib.cc
index 9c551c2..607bf07 100644
--- a/ssl/ssl_lib.cc
+++ b/ssl/ssl_lib.cc

@@ -1566,9 +1566,8 @@
          ssl->s3->send_connection_binding;
 }
 
-LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx) { return ctx->sessions; }
-
 size_t SSL_CTX_sess_number(const SSL_CTX *ctx) {
+  MutexReadLock lock(const_cast<CRYPTO_MUTEX *>(&ctx->lock));
   return lh_SSL_SESSION_num_items(ctx->sessions);
 }