kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2025-09-05 12:16:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

Make OpenSSL usage thread-safe.

Browse Source 
OpenSSL is not thread-safe by default.  However, making it thread safe is
very easy.  We just have to provide a couple of callbacks.  One callback
returns a thread ID.  The other handles locking.  For more information,
start with the "Is OpenSSL thread-safe?" question on the FAQ page of
openssl.org.


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.4@205149 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This commit is contained in:
Russell Bryant
2009-07-08 15:54:21 +00:00
parent 202f9967c6
commit 33f54353ba
1 changed files with 45 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
res/res_crypto.c
View File

@@ -102,6 +102,30 @@ struct ast_key {
static struct ast_key *keys = NULL;
static ast_mutex_t *ssl_locks;
static int ssl_num_locks;
static unsigned long ssl_threadid(void)
{
return pthread_self();
}
static void ssl_lock(int mode, int n, const char *file, int line)
{
if (n < 0 || n >= ssl_num_locks) {
ast_log(LOG_ERROR, "OpenSSL is full of LIES!!! - "
"ssl_num_locks '%d' - n '%d'\n",
ssl_num_locks, n);
return;
}
if (mode & CRYPTO_LOCK) {
ast_mutex_lock(&ssl_locks[n]);
} else {
ast_mutex_unlock(&ssl_locks[n]);
}
}
#if 0
static int fdprint(int fd, char *s)
@@ -586,8 +610,27 @@ static struct ast_cli_entry cli_crypto[] = {
static int crypto_init(void)
{
unsigned int i;
SSL_library_init();
SSL_load_error_strings();
ERR_load_crypto_strings();
ERR_load_BIO_strings();
OpenSSL_add_all_algorithms();
/* Make OpenSSL thread-safe. */
CRYPTO_set_id_callback(ssl_threadid);
ssl_num_locks = CRYPTO_num_locks();
if (!(ssl_locks = ast_calloc(ssl_num_locks, sizeof(ssl_locks[0])))) {
return AST_MODULE_LOAD_DECLINE;
}
for (i = 0; i < ssl_num_locks; i++) {
ast_mutex_init(&ssl_locks[i]);
}
CRYPTO_set_locking_callback(ssl_lock);
ast_cli_register_multiple(cli_crypto, sizeof(cli_crypto) / sizeof(struct ast_cli_entry));
/* Install ourselves into stubs */
@@ -598,7 +641,8 @@ static int crypto_init(void)
ast_sign_bin = __ast_sign_bin;
ast_encrypt_bin = __ast_encrypt_bin;
ast_decrypt_bin = __ast_decrypt_bin;
return 0;
return AST_MODULE_LOAD_SUCCESS;
}
static int reload(void)