-
Notifications
You must be signed in to change notification settings - Fork 96
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix #272: check c_obj_create
error code for OBJ_R_OID_EXISTS
.
#294
Conversation
5568d9e
to
1970d83
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks very much for trying to resolve this issue! But Windows (CI) doesn't seem to "like" this solution. While we have learned at school that locks should be held for the shortest possible time, I wonder whether it might not be worth while trying in this case to run the whole NID registration within CRYPTO_THREAD_run_once
instead (and do away with the lock/unlock pattern proposed and apparently causing all this "cross platform" hassle)?
|
Correct observation: As per the OpenSSL documentation:
This IMO applies also to all objects created/registered via an OpenSSL API. We have |
Okay so we can't pass arguments to |
Yikes. That doesn't sound "attractive". Sorry I hadn't considered that (lack of parameters) when making the proposal. If I were doing this (having arbitrary time at my hands :), I'd do two things: 1) Go ahead and make that change and then very carefully observe the results of an |
1970d83
to
8d3d336
Compare
Okay, so I've opted for another solution: in case of an error, we check the last error, if it's |
8d3d336
to
980d1ec
Compare
980d1ec
to
326cb5c
Compare
c_obj_create
under a lock.c_obj_create
error code for OBJ_R_OID_EXISTS
.
goto end_init; | ||
last_error = ERR_peek_last_error(); | ||
if ((last_error != ERR_PACK(ERR_LIB_OBJ, 0, OBJ_R_OID_EXISTS)) | ||
|| (OBJ_txt2nid(oqs_oid_alg_list[i]) == NID_undef)) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
rather than check for equality with NID_undef, what about checking for inequality with oqs_oid_alg_list[i]
? Oh, and the parameter for OBJ_txt2nid
seems to be indexed incorrectly (i-> i+1), no?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We're passing oqs_oid_alg_list[i]
as second argument of c_obj_create
, and according to the implementation, OBJ_txt2nid
is called with the second argument:
static int core_obj_create(const OSSL_CORE_HANDLE *prov, const char *oid,
const char *sn, const char *ln)
{
/* Check if it already exists and create it if not */
return OBJ_txt2nid(oid) != NID_undef
|| OBJ_create(oid, sn, ln) != NID_undef;
}
Although OBJ_create
returns the NID
as an integer, c_obj_create
only returns 1
or 0
. So after adding a new object using c_obj_create
, we don't get back its NID
as an integer
, so we cannot compare it to the returned value of OBJ_txt2nid
…
f9f63b2
to
9682c04
Compare
Alright, after spending 2 hours debugging, it seems that my solution that consisted of checking the error code against I discarded my solution of using a EDIT: found a better solution: I used |
1af69b7
to
564ee11
Compare
May I ask about the status of this? Windows (CI) seems to run into a deadlock... |
Hi! For Windows, one of the builds is failing:
and I really dont' understand why… About the deadlock, I also have no clue since I'm just using OpenSSL API… Also, I don't understand why ubuntu focal is failing, but I think it will be easier to fix than windows… I'll try to find some time before the end of the week to fix this PR properly. |
See #272. This commit checks that if `c_obj_create` fails, the error code is `OBJ_R_OID_EXISTS` and the OID has been successfully added (using `OBJ_txt2nid`). If it's the case, then the error is skipped.
564ee11
to
63bc01e
Compare
@thb-sb This seems to be pretty stale now. OK to close this PR for now and look into this when time permits again? |
Closing due to inactivity. Please re-open as you find time, @thb-sb . |
See #272.
This commit checks that if
c_obj_create
fails, the error code isOBJ_R_OID_EXISTS
and the OID has been successfully added (using
OBJ_txt2nid
). If it's the case,then the error is skipped.