fix more race conditions

Submitted by: "Patrick McCormick" <patrick@tellme.com>
PR: 262

CHANGES

@@ -1928,10 +1928,10 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
      [Bodo Moeller]
 
   *) Fix initialization code race conditions in
-        SSLv23_client_method(),   SSLv23_server_method(),
-        SSLv2_client_method(),    SSLv2_server_method(),
-        SSLv3_client_method(),    SSLv3_server_method(),
-        TLSv1_client_method(),    TLSv1_server_method(),
+        SSLv23_method(),  SSLv23_client_method(),   SSLv23_server_method(),
+        SSLv2_method(),   SSLv2_client_method(),    SSLv2_server_method(),
+        SSLv3_method(),   SSLv3_client_method(),    SSLv3_server_method(),
+        TLSv1_method(),   TLSv1_client_method(),    TLSv1_server_method(),
         ssl2_get_cipher_by_char(),
         ssl3_get_cipher_by_char().
      [Patrick McCormick <patrick@tellme.com>, Bodo Moeller]

ssl/s23_meth.c

@@ -80,12 +80,19 @@ SSL_METHOD *SSLv23_method(void)
 
 	if (init)
 		{
-		memcpy((char *)&SSLv23_data,(char *)sslv23_base_method(),
-			sizeof(SSL_METHOD));
-		SSLv23_data.ssl_connect=ssl23_connect;
-		SSLv23_data.ssl_accept=ssl23_accept;
-		SSLv23_data.get_ssl_method=ssl23_get_method;
-		init=0;
+		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
+		
+		if (init)
+			{
+			memcpy((char *)&SSLv23_data,(char *)sslv23_base_method(),
+				sizeof(SSL_METHOD));
+			SSLv23_data.ssl_connect=ssl23_connect;
+			SSLv23_data.ssl_accept=ssl23_accept;
+			SSLv23_data.get_ssl_method=ssl23_get_method;
+			init=0;
+			}
+		
+		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
 		}
 	return(&SSLv23_data);
 	}

ssl/s2_meth.c

@@ -77,12 +77,19 @@ SSL_METHOD *SSLv2_method(void)
 
 	if (init)
 		{
-		memcpy((char *)&SSLv2_data,(char *)sslv2_base_method(),
-			sizeof(SSL_METHOD));
-		SSLv2_data.ssl_connect=ssl2_connect;
-		SSLv2_data.ssl_accept=ssl2_accept;
-		SSLv2_data.get_ssl_method=ssl2_get_method;
-		init=0;
+		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
+		
+		if (init)
+			{
+			memcpy((char *)&SSLv2_data,(char *)sslv2_base_method(),
+				sizeof(SSL_METHOD));
+			SSLv2_data.ssl_connect=ssl2_connect;
+			SSLv2_data.ssl_accept=ssl2_accept;
+			SSLv2_data.get_ssl_method=ssl2_get_method;
+			init=0;
+			}
+		
+		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
 		}
 	return(&SSLv2_data);
 	}

ssl/s3_meth.c

@@ -76,12 +76,19 @@ SSL_METHOD *SSLv3_method(void)
 
 	if (init)
 		{
-		memcpy((char *)&SSLv3_data,(char *)sslv3_base_method(),
-			sizeof(SSL_METHOD));
-		SSLv3_data.ssl_connect=ssl3_connect;
-		SSLv3_data.ssl_accept=ssl3_accept;
-		SSLv3_data.get_ssl_method=ssl3_get_method;
-		init=0;
+		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
+		
+		if (init)
+			{
+			memcpy((char *)&SSLv3_data,(char *)sslv3_base_method(),
+				sizeof(SSL_METHOD));
+			SSLv3_data.ssl_connect=ssl3_connect;
+			SSLv3_data.ssl_accept=ssl3_accept;
+			SSLv3_data.get_ssl_method=ssl3_get_method;
+			init=0;
+			}
+
+		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
 		}
 	return(&SSLv3_data);
 	}

ssl/t1_meth.c

@@ -76,13 +76,21 @@ SSL_METHOD *TLSv1_method(void)
 
 	if (init)
 		{
-		memcpy((char *)&TLSv1_data,(char *)tlsv1_base_method(),
-			sizeof(SSL_METHOD));
-		TLSv1_data.ssl_connect=ssl3_connect;
-		TLSv1_data.ssl_accept=ssl3_accept;
-		TLSv1_data.get_ssl_method=tls1_get_method;
-		init=0;
+		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
+		
+		if (init)
+			{
+			memcpy((char *)&TLSv1_data,(char *)tlsv1_base_method(),
+				sizeof(SSL_METHOD));
+			TLSv1_data.ssl_connect=ssl3_connect;
+			TLSv1_data.ssl_accept=ssl3_accept;
+			TLSv1_data.get_ssl_method=tls1_get_method;
+			init=0;
+			}
+
+		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
 		}
+	
 	return(&TLSv1_data);
 	}