pkey: avoid creating multiple wrapper objects for single EVP_PKEY #817
Commits on Nov 15, 2024
-
pkey: rename ossl_pkey_new() to ossl_pkey_wrap()
Among the functions named ossl_*_new(), ossl_pkey_new() is the only one that takes the ownership of the passed OpenSSL object. Let's rename it to avoid confusion.
-
pkey: avoid creating multiple wrapper objects for single EVP_PKEY
Currently, it is possible to create multiple OpenSSL::PKey::PKey instances that wrap the same EVP_PKEY object through ossl_pkey_wrap(). This behavior was not intentional and doesn't offer any useful functionality. As a result, the frozen state of an OpenSSL::PKey::PKey instance is meaningless. An upcoming change to make OpenSSL classes shareable between ractors relies on the assumption that frozen objects are thread-safe without the GVL. Let's keep track of the wrapper Ruby object associated with EVP_PKEY to ensure that only one Ruby object wraps a given EVP_PKEY. While other OpenSSL types have reference counters, EVP_PKEY is the only type in ruby/openssl where duplicate wrapper objects can be created.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.