diff options
| author |  Benjamin Barenblat <bbaren@mit.edu> | 2015-08-06 10:15:53 -0400 |
|---|---|---|
| committer | Benjamin Barenblat <bbaren@mit.edu> | 2015-08-06 10:15:53 -0400 |
| commit | 3b38c3e915e0ee658b6b4995432ee2fe3ff984f4 (patch) | |
| tree | 7647c80d07d015f69147ea6de9cd5eb61ea6c80f | |
| parent | f30aebaed989fbb42859e303d5e31a2c9afeb9fd (diff) | |
Make OpenSSL usage thread-safe (closes #206)
Enable OpenSSL’s multithreading support by defining locking and
thread-ID callbacks. Remove a lock obviated by this change.
| -rw-r--r-- | src/c/openssl.c | 40 | ||||
| -rw-r--r-- | src/c/urweb.c | 5 |
2 files changed, 40 insertions, 5 deletions
diff --git a/src/c/openssl.c b/src/c/openssl.c index 1d820a34..6d018707 100644 --- a/src/c/openssl.c +++ b/src/c/openssl.c @@ -1,5 +1,6 @@ #include "config.h" +#include <assert.h> #include <stdlib.h> #include <unistd.h> #include <sys/types.h> @@ -7,12 +8,17 @@ #include <fcntl.h> #include <stdio.h> #include <string.h> +#include <pthread.h> +#include <openssl/crypto.h> #include <openssl/sha.h> #include <openssl/rand.h> #define PASSSIZE 4 +// OpenSSL locks array. See threads(3SSL). +static pthread_mutex_t *openssl_locks; + int uw_hash_blocksize = 32; static int password[PASSSIZE]; @@ -27,7 +33,41 @@ static void random_password() { } } +// OpenSSL callbacks +static void thread_id(CRYPTO_THREADID *const result) { + CRYPTO_THREADID_set_numeric(result, pthread_self()); +} +static void lock_or_unlock(const int mode, const int type, const char *file, + const int line) { + pthread_mutex_t *const lock = &openssl_locks[type]; + if (mode & CRYPTO_LOCK) { + if (pthread_mutex_lock(lock)) { + fprintf(stderr, "Can't take lock at %s:%d\n", file, line); + exit(1); + } + } else { + if (pthread_mutex_unlock(lock)) { + fprintf(stderr, "Can't release lock at %s:%d\n", file, line); + exit(1); + } + } +} + void uw_init_crypto() { + int i; + // Set up OpenSSL. + assert(openssl_locks == NULL); + openssl_locks = malloc(CRYPTO_num_locks() * sizeof(pthread_mutex_t)); + if (!openssl_locks) { + perror("malloc"); + exit(1); + } + for (i = 0; i < CRYPTO_num_locks(); ++i) { + pthread_mutex_init(&(openssl_locks[i]), NULL); + } + CRYPTO_THREADID_set_callback(thread_id); + CRYPTO_set_locking_callback(lock_or_unlock); + // Prepare signatures. if (uw_sig_file) { int fd; diff --git a/src/c/urweb.c b/src/c/urweb.c index 1e49dae0..6d3836f1 100644 --- a/src/c/urweb.c +++ b/src/c/urweb.c @@ -167,13 +167,8 @@ void *uw_init_client_data(); void uw_free_client_data(void *); void uw_copy_client_data(void *dst, void *src); -static pthread_mutex_t rand_mutex = PTHREAD_MUTEX_INITIALIZER; - static uw_Basis_int my_rand() { - pthread_mutex_lock(&rand_mutex); int ret, r = RAND_bytes((unsigned char *)&ret, sizeof ret); - pthread_mutex_unlock(&rand_mutex); - if (r) return abs(ret); else |