Mercurial > urweb
comparison src/c/openssl.c @ 2166:8a01e8f21de9
Make OpenSSL usage thread-safe (closes #206)
Enable OpenSSL?s multithreading support by defining locking and
thread-ID callbacks. Remove a lock obviated by this change.
author | Benjamin Barenblat <bbaren@mit.edu> |
---|---|
date | Thu, 06 Aug 2015 10:15:53 -0400 |
parents | 882556b3029d |
children | ce312cad5ecd c275bbc41194 |
comparison
equal
deleted
inserted
replaced
2165:7dfce558aca2 | 2166:8a01e8f21de9 |
---|---|
1 #include "config.h" | 1 #include "config.h" |
2 | 2 |
3 #include <assert.h> | |
3 #include <stdlib.h> | 4 #include <stdlib.h> |
4 #include <unistd.h> | 5 #include <unistd.h> |
5 #include <sys/types.h> | 6 #include <sys/types.h> |
6 #include <sys/stat.h> | 7 #include <sys/stat.h> |
7 #include <fcntl.h> | 8 #include <fcntl.h> |
8 #include <stdio.h> | 9 #include <stdio.h> |
9 #include <string.h> | 10 #include <string.h> |
11 #include <pthread.h> | |
10 | 12 |
13 #include <openssl/crypto.h> | |
11 #include <openssl/sha.h> | 14 #include <openssl/sha.h> |
12 #include <openssl/rand.h> | 15 #include <openssl/rand.h> |
13 | 16 |
14 #define PASSSIZE 4 | 17 #define PASSSIZE 4 |
18 | |
19 // OpenSSL locks array. See threads(3SSL). | |
20 static pthread_mutex_t *openssl_locks; | |
15 | 21 |
16 int uw_hash_blocksize = 32; | 22 int uw_hash_blocksize = 32; |
17 | 23 |
18 static int password[PASSSIZE]; | 24 static int password[PASSSIZE]; |
19 | 25 |
25 perror("RAND_bytes"); | 31 perror("RAND_bytes"); |
26 exit(1); | 32 exit(1); |
27 } | 33 } |
28 } | 34 } |
29 | 35 |
36 // OpenSSL callbacks | |
37 static void thread_id(CRYPTO_THREADID *const result) { | |
38 CRYPTO_THREADID_set_numeric(result, pthread_self()); | |
39 } | |
40 static void lock_or_unlock(const int mode, const int type, const char *file, | |
41 const int line) { | |
42 pthread_mutex_t *const lock = &openssl_locks[type]; | |
43 if (mode & CRYPTO_LOCK) { | |
44 if (pthread_mutex_lock(lock)) { | |
45 fprintf(stderr, "Can't take lock at %s:%d\n", file, line); | |
46 exit(1); | |
47 } | |
48 } else { | |
49 if (pthread_mutex_unlock(lock)) { | |
50 fprintf(stderr, "Can't release lock at %s:%d\n", file, line); | |
51 exit(1); | |
52 } | |
53 } | |
54 } | |
55 | |
30 void uw_init_crypto() { | 56 void uw_init_crypto() { |
57 int i; | |
58 // Set up OpenSSL. | |
59 assert(openssl_locks == NULL); | |
60 openssl_locks = malloc(CRYPTO_num_locks() * sizeof(pthread_mutex_t)); | |
61 if (!openssl_locks) { | |
62 perror("malloc"); | |
63 exit(1); | |
64 } | |
65 for (i = 0; i < CRYPTO_num_locks(); ++i) { | |
66 pthread_mutex_init(&(openssl_locks[i]), NULL); | |
67 } | |
68 CRYPTO_THREADID_set_callback(thread_id); | |
69 CRYPTO_set_locking_callback(lock_or_unlock); | |
70 // Prepare signatures. | |
31 if (uw_sig_file) { | 71 if (uw_sig_file) { |
32 int fd; | 72 int fd; |
33 | 73 |
34 if (access(uw_sig_file, F_OK)) { | 74 if (access(uw_sig_file, F_OK)) { |
35 random_password(); | 75 random_password(); |