From b8565a9af9c6a4113b11764d2f79e799266a33c0 Mon Sep 17 00:00:00 2001
From: Bodo Möller <bodo@openssl.org>
Date: Wed, 25 Sep 2002 15:38:57 +0000
Subject: really fix race conditions

Submitted by: "Patrick McCormick" <patrick@tellme.com>

PR: 262
PR: 291
---
 CHANGES        |  4 +++-
 ssl/s23_clnt.c | 13 ++++++++-----
 ssl/s23_srvr.c | 13 ++++++++-----
 ssl/s2_clnt.c  | 13 ++++++++-----
 ssl/s2_lib.c   | 16 ++++++++++------
 ssl/s2_srvr.c  | 13 ++++++++-----
 ssl/s3_clnt.c  | 13 ++++++++-----
 ssl/s3_lib.c   | 17 ++++++++++-------
 ssl/s3_srvr.c  | 15 +++++++++------
 ssl/t1_clnt.c  | 15 +++++++++------
 ssl/t1_srvr.c  | 15 +++++++++------
 11 files changed, 90 insertions(+), 57 deletions(-)

diff --git a/CHANGES b/CHANGES
index 1a312d9e61..2443971bba 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1931,7 +1931,9 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
         SSLv23_client_method(),   SSLv23_server_method(),
         SSLv2_client_method(),    SSLv2_server_method(),
         SSLv3_client_method(),    SSLv3_server_method(),
-        TLSv1_client_method(),    TLSv1_server_method().
+        TLSv1_client_method(),    TLSv1_server_method(),
+        ssl2_get_cipher_by_char(),
+        ssl3_get_cipher_by_char().
      [Patrick McCormick <patrick@tellme.com>, Bodo Moeller]
 
   *) Reorder cleanup sequence in SSL_CTX_free(): only remove the ex_data after
diff --git a/ssl/s23_clnt.c b/ssl/s23_clnt.c
index 9c02cb49a1..99230890a9 100644
--- a/ssl/s23_clnt.c
+++ b/ssl/s23_clnt.c
@@ -89,11 +89,14 @@ SSL_METHOD *SSLv23_client_method(void)
 		{
 		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
 
-		memcpy((char *)&SSLv23_client_data,
-			(char *)sslv23_base_method(),sizeof(SSL_METHOD));
-		SSLv23_client_data.ssl_connect=ssl23_connect;
-		SSLv23_client_data.get_ssl_method=ssl23_get_client_method;
-		init=0;
+		if (init)
+			{
+			memcpy((char *)&SSLv23_client_data,
+				(char *)sslv23_base_method(),sizeof(SSL_METHOD));
+			SSLv23_client_data.ssl_connect=ssl23_connect;
+			SSLv23_client_data.get_ssl_method=ssl23_get_client_method;
+			init=0;
+			}
 
 		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
 		}
diff --git a/ssl/s23_srvr.c b/ssl/s23_srvr.c
index 5c7e9fa97f..442c95aa9b 100644
--- a/ssl/s23_srvr.c
+++ b/ssl/s23_srvr.c
@@ -141,11 +141,14 @@ SSL_METHOD *SSLv23_server_method(void)
 		{
 		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
 
-		memcpy((char *)&SSLv23_server_data,
-			(char *)sslv23_base_method(),sizeof(SSL_METHOD));
-		SSLv23_server_data.ssl_accept=ssl23_accept;
-		SSLv23_server_data.get_ssl_method=ssl23_get_server_method;
-		init=0;
+		if (init)
+			{
+			memcpy((char *)&SSLv23_server_data,
+				(char *)sslv23_base_method(),sizeof(SSL_METHOD));
+			SSLv23_server_data.ssl_accept=ssl23_accept;
+			SSLv23_server_data.get_ssl_method=ssl23_get_server_method;
+			init=0;
+			}
 
 		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
 		}
diff --git a/ssl/s2_clnt.c b/ssl/s2_clnt.c
index 0d29039828..be03e9c630 100644
--- a/ssl/s2_clnt.c
+++ b/ssl/s2_clnt.c
@@ -147,11 +147,14 @@ SSL_METHOD *SSLv2_client_method(void)
 		{
 		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
 
-		memcpy((char *)&SSLv2_client_data,(char *)sslv2_base_method(),
-			sizeof(SSL_METHOD));
-		SSLv2_client_data.ssl_connect=ssl2_connect;
-		SSLv2_client_data.get_ssl_method=ssl2_get_client_method;
-		init=0;
+		if (init)
+			{
+			memcpy((char *)&SSLv2_client_data,(char *)sslv2_base_method(),
+				sizeof(SSL_METHOD));
+			SSLv2_client_data.ssl_connect=ssl2_connect;
+			SSLv2_client_data.get_ssl_method=ssl2_get_client_method;
+			init=0;
+			}
 
 		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
 		}
diff --git a/ssl/s2_lib.c b/ssl/s2_lib.c
index cc0dcfa956..0cbbb066fd 100644
--- a/ssl/s2_lib.c
+++ b/ssl/s2_lib.c
@@ -377,15 +377,19 @@ SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p)
 		{
 		CRYPTO_w_lock(CRYPTO_LOCK_SSL);
 
-		for (i=0; i<SSL2_NUM_CIPHERS; i++)
-			sorted[i]= &(ssl2_ciphers[i]);
+		if (init)
+			{
+			for (i=0; i<SSL2_NUM_CIPHERS; i++)
+				sorted[i]= &(ssl2_ciphers[i]);
 
-		qsort(  (char *)sorted,
-			SSL2_NUM_CIPHERS,sizeof(SSL_CIPHER *),
-			FP_ICC ssl_cipher_ptr_id_cmp);
+			qsort((char *)sorted,
+				SSL2_NUM_CIPHERS,sizeof(SSL_CIPHER *),
+				FP_ICC ssl_cipher_ptr_id_cmp);
 
+			init=0;
+			}
+			
 		CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
-		init=0;
 		}
 
 	id=0x02000000L|((unsigned long)p[0]<<16L)|
diff --git a/ssl/s2_srvr.c b/ssl/s2_srvr.c
index d64d4e1ede..2efc14bc1a 100644
--- a/ssl/s2_srvr.c
+++ b/ssl/s2_srvr.c
@@ -147,11 +147,14 @@ SSL_METHOD *SSLv2_server_method(void)
 		{
 		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
 
-		memcpy((char *)&SSLv2_server_data,(char *)sslv2_base_method(),
-			sizeof(SSL_METHOD));
-		SSLv2_server_data.ssl_accept=ssl2_accept;
-		SSLv2_server_data.get_ssl_method=ssl2_get_server_method;
-		init=0;
+		if (init)
+			{
+			memcpy((char *)&SSLv2_server_data,(char *)sslv2_base_method(),
+				sizeof(SSL_METHOD));
+			SSLv2_server_data.ssl_accept=ssl2_accept;
+			SSLv2_server_data.get_ssl_method=ssl2_get_server_method;
+			init=0;
+			}
 
 		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
 		}
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 6e29a6ce39..592e0b35c8 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -180,11 +180,14 @@ SSL_METHOD *SSLv3_client_method(void)
 		{
 		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
 
-		memcpy((char *)&SSLv3_client_data,(char *)sslv3_base_method(),
-			sizeof(SSL_METHOD));
-		SSLv3_client_data.ssl_connect=ssl3_connect;
-		SSLv3_client_data.get_ssl_method=ssl3_get_client_method;
-		init=0;
+		if (init)
+			{
+			memcpy((char *)&SSLv3_client_data,(char *)sslv3_base_method(),
+				sizeof(SSL_METHOD));
+			SSLv3_client_data.ssl_connect=ssl3_connect;
+			SSLv3_client_data.get_ssl_method=ssl3_get_client_method;
+			init=0;
+			}
 
 		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
 		}
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 40730ca11d..afc81a2796 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -1819,16 +1819,19 @@ SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
 		{
 		CRYPTO_w_lock(CRYPTO_LOCK_SSL);
 
-		for (i=0; i<SSL3_NUM_CIPHERS; i++)
-			sorted[i]= &(ssl3_ciphers[i]);
+		if (init)
+			{
+			for (i=0; i<SSL3_NUM_CIPHERS; i++)
+				sorted[i]= &(ssl3_ciphers[i]);
 
-		qsort(	(char *)sorted,
-			SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *),
-			FP_ICC ssl_cipher_ptr_id_cmp);
+			qsort(sorted,
+				SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *),
+				FP_ICC ssl_cipher_ptr_id_cmp);
 
+			init=0;
+			}
+		
 		CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
-
-		init=0;
 		}
 
 	id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1];
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 7742f3b8bc..98c950a343 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -183,12 +183,15 @@ SSL_METHOD *SSLv3_server_method(void)
 		{
 		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
 
-		memcpy((char *)&SSLv3_server_data,(char *)sslv3_base_method(),
-			sizeof(SSL_METHOD));
-		SSLv3_server_data.ssl_accept=ssl3_accept;
-		SSLv3_server_data.get_ssl_method=ssl3_get_server_method;
-		init=0;
-
+		if (init)
+			{
+			memcpy((char *)&SSLv3_server_data,(char *)sslv3_base_method(),
+				sizeof(SSL_METHOD));
+			SSLv3_server_data.ssl_accept=ssl3_accept;
+			SSLv3_server_data.get_ssl_method=ssl3_get_server_method;
+			init=0;
+			}
+			
 		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
 		}
 	return(&SSLv3_server_data);
diff --git a/ssl/t1_clnt.c b/ssl/t1_clnt.c
index 3eb3ae56c5..57205fb429 100644
--- a/ssl/t1_clnt.c
+++ b/ssl/t1_clnt.c
@@ -81,12 +81,15 @@ SSL_METHOD *TLSv1_client_method(void)
 		{
 		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
 
-		memcpy((char *)&TLSv1_client_data,(char *)tlsv1_base_method(),
-			sizeof(SSL_METHOD));
-		TLSv1_client_data.ssl_connect=ssl3_connect;
-		TLSv1_client_data.get_ssl_method=tls1_get_client_method;
-		init=0;
-
+		if (init)
+			{
+			memcpy((char *)&TLSv1_client_data,(char *)tlsv1_base_method(),
+				sizeof(SSL_METHOD));
+			TLSv1_client_data.ssl_connect=ssl3_connect;
+			TLSv1_client_data.get_ssl_method=tls1_get_client_method;
+			init=0;
+			}
+		
 		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
 		}
 	return(&TLSv1_client_data);
diff --git a/ssl/t1_srvr.c b/ssl/t1_srvr.c
index c72e5525ae..1c1149e49f 100644
--- a/ssl/t1_srvr.c
+++ b/ssl/t1_srvr.c
@@ -82,12 +82,15 @@ SSL_METHOD *TLSv1_server_method(void)
 		{
 		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
 
-		memcpy((char *)&TLSv1_server_data,(char *)tlsv1_base_method(),
-			sizeof(SSL_METHOD));
-		TLSv1_server_data.ssl_accept=ssl3_accept;
-		TLSv1_server_data.get_ssl_method=tls1_get_server_method;
-		init=0;
-
+		if (init)
+			{
+			memcpy((char *)&TLSv1_server_data,(char *)tlsv1_base_method(),
+				sizeof(SSL_METHOD));
+			TLSv1_server_data.ssl_accept=ssl3_accept;
+			TLSv1_server_data.get_ssl_method=tls1_get_server_method;
+			init=0;
+			}
+			
 		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
 		}
 	return(&TLSv1_server_data);
-- 
cgit v1.2.3