Remove ex_data's dup hook.
The only place it is used is EC_KEY_{dup,copy} and no one calls that
function on an EC_KEY with ex_data. This aligns with functions like
RSAPublicKey_dup which do not copy ex_data. The logic is also somewhat
subtle in the face of malloc errors (upstream's PR 3323).
In fact, we'd even changed the function pointer signature from upstream,
so BoringSSL-only code is needed to pass this pointer in anyway. (I
haven't switched it to CRYPTO_EX_unused because there are some callers
which pass in an implementation anyway.)
Note, in upstream, the dup hook is also used for SSL_SESSIONs when those
are duplicated (for TLS 1.2 ticket renewal or TLS 1.3 resumption). Our
interpretation is that callers should treat those SSL_SESSIONs
equivalently to newly-established ones. This avoids every consumer
providing a dup hook and simplifies the interface.
(I've gone ahead and removed the TODO(fork). I don't think we'll be able
to change this API. Maybe introduce a new one, but it may not be worth
it? Then again, this API is atrocious... I've never seen anyone use argl
and argp even.)
BUG=21
Change-Id: I6c9e9d5a02347cb229d4c084c1e85125bd741d2b
Reviewed-on: https://boringssl-review.googlesource.com/16344
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
diff --git a/include/openssl/ex_data.h b/include/openssl/ex_data.h
index e78e070..5d1a45c 100644
--- a/include/openssl/ex_data.h
+++ b/include/openssl/ex_data.h
@@ -134,16 +134,14 @@
#if 0 /* Sample */
-/* TYPE_get_ex_new_index allocates a new index for |TYPE|. See the
- * descriptions of the callback typedefs for details of when they are
- * called. Any of the callback arguments may be NULL. The |argl| and |argp|
- * arguments are opaque values that are passed to the callbacks. It returns the
- * new index or a negative number on error.
- *
- * TODO(fork): this should follow the standard calling convention. */
+/* TYPE_get_ex_new_index allocates a new index for |TYPE|. An optional
+ * |free_func| argument may be provided which is called when the owning object
+ * is destroyed. See |CRYPTO_EX_free| for details. The |argl| and |argp|
+ * arguments are opaque values that are passed to the callback. It returns the
+ * new index or a negative number on error. */
OPENSSL_EXPORT int TYPE_get_ex_new_index(long argl, void *argp,
CRYPTO_EX_unused *unused,
- CRYPTO_EX_dup *dup_func,
+ CRYPTO_EX_dup *dup_unused,
CRYPTO_EX_free *free_func);
/* TYPE_set_ex_data sets an extra data pointer on |t|. The |index| argument
@@ -176,24 +174,16 @@
typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
int index, long argl, void *argp);
-/* CRYPTO_EX_dup is a callback function that is called when an object of the
- * class is being copied and thus the ex_data linked to it also needs to be
- * copied. On entry, |*from_d| points to the data for this index from the
- * original object. When the callback returns, |*from_d| will be set as the
- * data for this index in |to|.
- *
- * This callback may be called with a NULL value for |*from_d| if |from| has no
- * value set for this index. However, the callbacks may also be skipped entirely
- * if no extra data pointers are set on |from| at all. */
-typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from,
- void **from_d, int index, long argl, void *argp);
-
/* Deprecated functions. */
/* CRYPTO_cleanup_all_ex_data does nothing. */
OPENSSL_EXPORT void CRYPTO_cleanup_all_ex_data(void);
+/* CRYPTO_EX_dup is a legacy callback function type which is ignored. */
+typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from,
+ void **from_d, int index, long argl, void *argp);
+
/* Private structures. */
