Unexpose the generic ex_data functions.
Callers are required to use the wrappers now. They still need OPENSSL_EXPORT
since crypto and ssl get built separately in the standalone shared library
build.
Change-Id: I61186964e6099b9b589c4cd45b8314dcb2210c89
Reviewed-on: https://boringssl-review.googlesource.com/4372
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/crypto/bio/bio.c b/crypto/bio/bio.c
index be3cc21..9b7120b 100644
--- a/crypto/bio/bio.c
+++ b/crypto/bio/bio.c
@@ -64,6 +64,8 @@
#include <openssl/mem.h>
#include <openssl/thread.h>
+#include "../internal.h"
+
/* BIO_set initialises a BIO structure to have the given type and sets the
* reference count to one. It returns one on success or zero on error. */
diff --git a/crypto/ec/ec_key.c b/crypto/ec/ec_key.c
index 74ed4be..a11a439 100644
--- a/crypto/ec/ec_key.c
+++ b/crypto/ec/ec_key.c
@@ -77,6 +77,7 @@
#include <openssl/thread.h>
#include "internal.h"
+#include "../internal.h"
EC_KEY *EC_KEY_new(void) { return EC_KEY_new_method(NULL); }
diff --git a/crypto/internal.h b/crypto/internal.h
index 9c76b12..2dab634 100644
--- a/crypto/internal.h
+++ b/crypto/internal.h
@@ -451,6 +451,70 @@
thread_local_destructor_t destructor);
+/* ex_data */
+
+/* CRYPTO_get_ex_new_index allocates a new index for ex_data linked with
+ * objects of the given |class|. This should not be called directly, rather
+ * each class of object should provide a wrapper function that sets
+ * |class_value| correctly.
+ *
+ * The |class_value| argument should be one of |CRYPTO_EX_INDEX_*|.
+ *
+ * TODO(fork): replace the class_value with a pointer to EX_CLASS_ITEM. Saves
+ * having that hash table and some of the lock-bouncing. Maybe have every
+ * module have a private global EX_CLASS_ITEM somewhere and any direct callers
+ * of CRYPTO_{get,set}_ex_data{,_index} would have to always call the
+ * wrappers. */
+OPENSSL_EXPORT int CRYPTO_get_ex_new_index(int class_value, long argl,
+ void *argp, CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func,
+ CRYPTO_EX_free *free_func);
+
+/* CRYPTO_set_ex_data sets an extra data pointer on a given object. This should
+ * not be called directly, rather each class of object should provide a wrapper
+ * function. */
+OPENSSL_EXPORT int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int index, void *val);
+
+/* CRYPTO_set_ex_data return an extra data pointer for a given object, or NULL
+ * if no such index exists. This should not be called directly, rather each
+ * class of object should provide a wrapper function. */
+OPENSSL_EXPORT void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad, int index);
+
+/* CRYPTO_EX_INDEX_* are the built-in classes of objects.
+ *
+ * TODO(fork): WARNING: these are called "INDEX", but they aren't! */
+enum {
+ CRYPTO_EX_INDEX_BIO,
+ CRYPTO_EX_INDEX_SSL,
+ CRYPTO_EX_INDEX_SSL_CTX,
+ CRYPTO_EX_INDEX_SSL_SESSION,
+ CRYPTO_EX_INDEX_X509_STORE,
+ CRYPTO_EX_INDEX_X509_STORE_CTX,
+ CRYPTO_EX_INDEX_RSA,
+ CRYPTO_EX_INDEX_DSA,
+ CRYPTO_EX_INDEX_DH,
+ CRYPTO_EX_INDEX_X509,
+ CRYPTO_EX_INDEX_EC_KEY,
+};
+
+/* CRYPTO_new_ex_data initialises a newly allocated |CRYPTO_EX_DATA| which is
+ * embedded inside of |obj| which is of class |class_value|. Returns one on
+ * success and zero otherwise. */
+OPENSSL_EXPORT int CRYPTO_new_ex_data(int class_value, void *obj,
+ CRYPTO_EX_DATA *ad);
+
+/* CRYPTO_dup_ex_data duplicates |from| into a freshly allocated
+ * |CRYPTO_EX_DATA|, |to|. Both of which are inside objects of the given
+ * class. It returns one on success and zero otherwise. */
+OPENSSL_EXPORT int CRYPTO_dup_ex_data(int class_value, CRYPTO_EX_DATA *to,
+ const CRYPTO_EX_DATA *from);
+
+/* CRYPTO_free_ex_data frees |ad|, which is embedded inside |obj|, which is an
+ * object of the given class. */
+OPENSSL_EXPORT void CRYPTO_free_ex_data(int class_value, void *obj,
+ CRYPTO_EX_DATA *ad);
+
+
#if defined(__cplusplus)
} /* extern C */
#endif
diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c
index cfac81d..a3b1d68 100644
--- a/crypto/x509/x509_lu.c
+++ b/crypto/x509/x509_lu.c
@@ -64,6 +64,8 @@
#include <openssl/x509.h>
#include <openssl/x509v3.h>
+#include "../internal.h"
+
X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method)
{
diff --git a/crypto/x509/x_x509.c b/crypto/x509/x_x509.c
index 00d4a6a..035b2f4 100644
--- a/crypto/x509/x_x509.c
+++ b/crypto/x509/x_x509.c
@@ -65,6 +65,8 @@
#include <openssl/x509.h>
#include <openssl/x509v3.h>
+#include "../internal.h"
+
ASN1_SEQUENCE_enc(X509_CINF, enc, 0) = {
ASN1_EXP_OPT(X509_CINF, version, ASN1_INTEGER, 0),
diff --git a/include/openssl/dh.h b/include/openssl/dh.h
index 39614ff..60a030d 100644
--- a/include/openssl/dh.h
+++ b/include/openssl/dh.h
@@ -190,7 +190,7 @@
/* ex_data functions.
*
- * These functions are wrappers. See |ex_data.h| for details. */
+ * See |ex_data.h| for details. */
OPENSSL_EXPORT int DH_get_ex_new_index(long argl, void *argp,
CRYPTO_EX_new *new_func,
diff --git a/include/openssl/dsa.h b/include/openssl/dsa.h
index 47270f8..2271915 100644
--- a/include/openssl/dsa.h
+++ b/include/openssl/dsa.h
@@ -302,7 +302,7 @@
/* ex_data functions.
*
- * These functions are wrappers. See |ex_data.h| for details. */
+ * See |ex_data.h| for details. */
OPENSSL_EXPORT int DSA_get_ex_new_index(long argl, void *argp,
CRYPTO_EX_new *new_func,
diff --git a/include/openssl/ex_data.h b/include/openssl/ex_data.h
index abf96a3..fa9de39 100644
--- a/include/openssl/ex_data.h
+++ b/include/openssl/ex_data.h
@@ -119,21 +119,51 @@
/* ex_data is a mechanism for associating arbitrary extra data with objects.
- * The different types of objects which can have data associated with them are
- * called "classes" and there are predefined classes for all the OpenSSL
- * objects that support ex_data.
- *
- * Within a given class, different users can be assigned indexes in which to
- * store their data. Each index has callback functions that are called when a
- * new object of that type is created, freed and duplicated. */
+ * For each type of object that supports ex_data, different users can be
+ * assigned indexes in which to store their data. Each index has callback
+ * functions that are called when a new object of that type is created, freed
+ * and duplicated. */
typedef struct crypto_ex_data_st CRYPTO_EX_DATA;
+
+/* Type-specific functions.
+ *
+ * Each type that supports ex_data provides three functions: */
+
+#if 0 /* Sample */
+
+/* |TYPE_get_ex_new_index| allocates a new index for |TYPE|. See the
+ * descriptions of the callback typedefs for details of when they are
+ * called. Any of the callback arguments may be NULL. The |argl| and |argp|
+ * arguments are opaque values that are passed to the callbacks. It returns the
+ * new index or a negative number on error.
+ *
+ * TODO(fork): this should follow the standard calling convention. */
+OPENSSL_EXPORT int TYPE_get_ex_new_index(long argl, void *argp,
+ CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func,
+ CRYPTO_EX_free *free_func);
+
+/* |TYPE_set_ex_data| sets an extra data pointer on |t|. The |index| argument
+ * should have been returned from a previous call to |TYPE_get_ex_new_index|. */
+OPENSSL_EXPORT int TYPE_set_ex_data(TYPE *t, int index, void *arg);
+
+/* |TYPE_get_ex_data| returns an extra data pointer for |t|, or NULL if no such
+ * pointer exists. The |index| argument should have been returned from a
+ * previous call to |TYPE_get_ex_new_index|. */
+OPENSSL_EXPORT void *TYPE_get_ex_data(const TYPE *t, int index);
+
+#endif /* Sample */
+
+
+/* Callback types. */
+
/* CRYPTO_EX_new is the type of a callback function that is called whenever a
* new object of a given class is created. For example, if this callback has
- * been passed to |CRYPTO_get_ex_new_index| with a |class| of
- * |CRYPTO_EX_INDEX_SSL| then it'll be called each time an SSL* is created.
+ * been passed to |SSL_get_ex_new_index| then it'll be called each time an SSL*
+ * is created.
*
* The callback is passed the new object (i.e. the SSL*) in |parent|. The
* arguments |argl| and |argp| contain opaque values that were given to
@@ -166,85 +196,6 @@
typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from,
void **from_d, int index, long argl, void *argp);
-/* CRYPTO_get_ex_new_index allocates a new index for ex_data linked with
- * objects of the given |class|. This should not be called directly, rather
- * each class of object should provide a wrapper function that sets
- * |class_value| correctly.
- *
- * The |class_value| argument should be one of |CRYPTO_EX_INDEX_*|.
- *
- * See the descriptions of the callback typedefs for details of when they are
- * called. Any of the callback arguments may be NULL. The |argl| and |argp|
- * arguments are opaque values that are passed to the callbacks.
- *
- * It returns the new index, or a negative number on error.
- *
- * TODO(fork): this should follow the standard calling convention.
- *
- * TODO(fork): replace the class_value with a pointer to EX_CLASS_ITEM. Saves
- * having that hash table and some of the lock-bouncing. Maybe have every
- * module have a private global EX_CLASS_ITEM somewhere and any direct callers
- * of CRYPTO_{get,set}_ex_data{,_index} would have to always call the
- * wrappers. */
-OPENSSL_EXPORT int CRYPTO_get_ex_new_index(int class_value, long argl,
- void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func,
- CRYPTO_EX_free *free_func);
-
-/* CRYPTO_set_ex_data sets an extra data pointer on a given object. This should
- * not be called directly, rather each class of object should provide a wrapper
- * function.
- *
- * The |index| argument should have been returned from a previous call to
- * |CRYPTO_get_ex_new_index|. */
-OPENSSL_EXPORT int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int index, void *val);
-
-/* CRYPTO_set_ex_data return an extra data pointer for a given object, or NULL
- * if no such index exists. This should not be called directly, rather each
- * class of object should provide a wrapper function.
- *
- * The |index| argument should have been returned from a previous call to
- * |CRYPTO_get_ex_new_index|. */
-OPENSSL_EXPORT void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad, int index);
-
-/* CRYPTO_EX_INDEX_* are the built-in classes of objects.
- *
- * TODO(fork): WARNING: these are called "INDEX", but they aren't! */
-enum {
- CRYPTO_EX_INDEX_BIO,
- CRYPTO_EX_INDEX_SSL,
- CRYPTO_EX_INDEX_SSL_CTX,
- CRYPTO_EX_INDEX_SSL_SESSION,
- CRYPTO_EX_INDEX_X509_STORE,
- CRYPTO_EX_INDEX_X509_STORE_CTX,
- CRYPTO_EX_INDEX_RSA,
- CRYPTO_EX_INDEX_DSA,
- CRYPTO_EX_INDEX_DH,
- CRYPTO_EX_INDEX_X509,
- CRYPTO_EX_INDEX_EC_KEY,
-};
-
-
-/* Embedding, allocating and freeing |CRYPTO_EX_DATA| structures for objects
- * that embed them. */
-
-/* CRYPTO_new_ex_data initialises a newly allocated |CRYPTO_EX_DATA| which is
- * embedded inside of |obj| which is of class |class_value|. Returns one on
- * success and zero otherwise. */
-OPENSSL_EXPORT int CRYPTO_new_ex_data(int class_value, void *obj,
- CRYPTO_EX_DATA *ad);
-
-/* CRYPTO_dup_ex_data duplicates |from| into a freshly allocated
- * |CRYPTO_EX_DATA|, |to|. Both of which are inside objects of the given
- * class. It returns one on success and zero otherwise. */
-OPENSSL_EXPORT int CRYPTO_dup_ex_data(int class_value, CRYPTO_EX_DATA *to,
- const CRYPTO_EX_DATA *from);
-
-/* CRYPTO_free_ex_data frees |ad|, which is embedded inside |obj|, which is an
- * object of the given class. */
-OPENSSL_EXPORT void CRYPTO_free_ex_data(int class_value, void *obj,
- CRYPTO_EX_DATA *ad);
-
/* Private functions. */
diff --git a/include/openssl/rsa.h b/include/openssl/rsa.h
index 6a93e0a..2e24231 100644
--- a/include/openssl/rsa.h
+++ b/include/openssl/rsa.h
@@ -349,7 +349,7 @@
/* ex_data functions.
*
- * These functions are wrappers. See |ex_data.h| for details. */
+ * See |ex_data.h| for details. */
OPENSSL_EXPORT int RSA_get_ex_new_index(long argl, void *argp,
CRYPTO_EX_new *new_func,
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index f8e9bab..257ffbc 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -152,6 +152,8 @@
#include <openssl/x509v3.h>
#include "internal.h"
+#include "../crypto/internal.h"
+
/* Some error codes are special. Ensure the make_errors.go script never
* regresses this. */
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index 2f8ca7f..de210f5 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -142,6 +142,8 @@
#include <openssl/rand.h>
#include "internal.h"
+#include "../crypto/internal.h"
+
/* The address of this is a magic value, a pointer to which is returned by
* SSL_magic_pending_session_ptr(). It allows a session callback to indicate
