Remove ex_data's dup hook.
The only place it is used is EC_KEY_{dup,copy} and no one calls that
function on an EC_KEY with ex_data. This aligns with functions like
RSAPublicKey_dup which do not copy ex_data. The logic is also somewhat
subtle in the face of malloc errors (upstream's PR 3323).
In fact, we'd even changed the function pointer signature from upstream,
so BoringSSL-only code is needed to pass this pointer in anyway. (I
haven't switched it to CRYPTO_EX_unused because there are some callers
which pass in an implementation anyway.)
Note, in upstream, the dup hook is also used for SSL_SESSIONs when those
are duplicated (for TLS 1.2 ticket renewal or TLS 1.3 resumption). Our
interpretation is that callers should treat those SSL_SESSIONs
equivalently to newly-established ones. This avoids every consumer
providing a dup hook and simplifies the interface.
(I've gone ahead and removed the TODO(fork). I don't think we'll be able
to change this API. Maybe introduce a new one, but it may not be worth
it? Then again, this API is atrocious... I've never seen anyone use argl
and argp even.)
BUG=21
Change-Id: I6c9e9d5a02347cb229d4c084c1e85125bd741d2b
Reviewed-on: https://boringssl-review.googlesource.com/16344
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
diff --git a/crypto/ex_data.c b/crypto/ex_data.c
index 8555e23..27b9a51 100644
--- a/crypto/ex_data.c
+++ b/crypto/ex_data.c
@@ -127,12 +127,10 @@
long argl; /* Arbitary long */
void *argp; /* Arbitary void pointer */
CRYPTO_EX_free *free_func;
- CRYPTO_EX_dup *dup_func;
};
int CRYPTO_get_ex_new_index(CRYPTO_EX_DATA_CLASS *ex_data_class, int *out_index,
- long argl, void *argp, CRYPTO_EX_dup *dup_func,
- CRYPTO_EX_free *free_func) {
+ long argl, void *argp, CRYPTO_EX_free *free_func) {
CRYPTO_EX_DATA_FUNCS *funcs;
int ret = 0;
@@ -144,7 +142,6 @@
funcs->argl = argl;
funcs->argp = argp;
- funcs->dup_func = dup_func;
funcs->free_func = free_func;
CRYPTO_STATIC_MUTEX_lock_write(&ex_data_class->lock);
@@ -233,45 +230,6 @@
ad->sk = NULL;
}
-int CRYPTO_dup_ex_data(CRYPTO_EX_DATA_CLASS *ex_data_class, CRYPTO_EX_DATA *to,
- const CRYPTO_EX_DATA *from) {
- if (from->sk == NULL) {
- /* In this case, |from| is blank, which is also the initial state of |to|,
- * so there's nothing to do. */
- return 1;
- }
-
- for (size_t i = 0; i < ex_data_class->num_reserved; i++) {
- void *ptr = CRYPTO_get_ex_data(from, i);
- if (!CRYPTO_set_ex_data(to, i, ptr)) {
- return 0;
- }
- }
-
- STACK_OF(CRYPTO_EX_DATA_FUNCS) *func_pointers;
- if (!get_func_pointers(&func_pointers, ex_data_class)) {
- return 0;
- }
-
- for (size_t i = 0; i < sk_CRYPTO_EX_DATA_FUNCS_num(func_pointers); i++) {
- CRYPTO_EX_DATA_FUNCS *func_pointer =
- sk_CRYPTO_EX_DATA_FUNCS_value(func_pointers, i);
- void *ptr = CRYPTO_get_ex_data(from, i + ex_data_class->num_reserved);
- if (func_pointer->dup_func) {
- func_pointer->dup_func(to, from, &ptr, i + ex_data_class->num_reserved,
- func_pointer->argl, func_pointer->argp);
- }
- if (!CRYPTO_set_ex_data(to, i + ex_data_class->num_reserved, ptr)) {
- sk_CRYPTO_EX_DATA_FUNCS_free(func_pointers);
- return 0;
- }
- }
-
- sk_CRYPTO_EX_DATA_FUNCS_free(func_pointers);
-
- return 1;
-}
-
void CRYPTO_free_ex_data(CRYPTO_EX_DATA_CLASS *ex_data_class, void *obj,
CRYPTO_EX_DATA *ad) {
if (ad->sk == NULL) {
