[asterisk-commits] russell: branch 1.4 r205149 - /branches/1.4/res/res_crypto.c
SVN commits to the Asterisk project
asterisk-commits at lists.digium.com
Wed Jul 8 10:54:24 CDT 2009
Author: russell
Date: Wed Jul 8 10:54:21 2009
New Revision: 205149
URL: http://svn.asterisk.org/svn-view/asterisk?view=rev&rev=205149
Log:
Make OpenSSL usage thread-safe.
OpenSSL is not thread-safe by default. However, making it thread safe is
very easy. We just have to provide a couple of callbacks. One callback
returns a thread ID. The other handles locking. For more information,
start with the "Is OpenSSL thread-safe?" question on the FAQ page of
openssl.org.
Modified:
branches/1.4/res/res_crypto.c
Modified: branches/1.4/res/res_crypto.c
URL: http://svn.asterisk.org/svn-view/asterisk/branches/1.4/res/res_crypto.c?view=diff&rev=205149&r1=205148&r2=205149
==============================================================================
--- branches/1.4/res/res_crypto.c (original)
+++ branches/1.4/res/res_crypto.c Wed Jul 8 10:54:21 2009
@@ -102,6 +102,30 @@
static struct ast_key *keys = NULL;
+static ast_mutex_t *ssl_locks;
+
+static int ssl_num_locks;
+
+static unsigned long ssl_threadid(void)
+{
+ return pthread_self();
+}
+
+static void ssl_lock(int mode, int n, const char *file, int line)
+{
+ if (n < 0 || n >= ssl_num_locks) {
+ ast_log(LOG_ERROR, "OpenSSL is full of LIES!!! - "
+ "ssl_num_locks '%d' - n '%d'\n",
+ ssl_num_locks, n);
+ return;
+ }
+
+ if (mode & CRYPTO_LOCK) {
+ ast_mutex_lock(&ssl_locks[n]);
+ } else {
+ ast_mutex_unlock(&ssl_locks[n]);
+ }
+}
#if 0
static int fdprint(int fd, char *s)
@@ -586,8 +610,27 @@
static int crypto_init(void)
{
+ unsigned int i;
+
SSL_library_init();
+ SSL_load_error_strings();
ERR_load_crypto_strings();
+ ERR_load_BIO_strings();
+ OpenSSL_add_all_algorithms();
+
+ /* Make OpenSSL thread-safe. */
+
+ CRYPTO_set_id_callback(ssl_threadid);
+
+ ssl_num_locks = CRYPTO_num_locks();
+ if (!(ssl_locks = ast_calloc(ssl_num_locks, sizeof(ssl_locks[0])))) {
+ return AST_MODULE_LOAD_DECLINE;
+ }
+ for (i = 0; i < ssl_num_locks; i++) {
+ ast_mutex_init(&ssl_locks[i]);
+ }
+ CRYPTO_set_locking_callback(ssl_lock);
+
ast_cli_register_multiple(cli_crypto, sizeof(cli_crypto) / sizeof(struct ast_cli_entry));
/* Install ourselves into stubs */
@@ -598,7 +641,8 @@
ast_sign_bin = __ast_sign_bin;
ast_encrypt_bin = __ast_encrypt_bin;
ast_decrypt_bin = __ast_decrypt_bin;
- return 0;
+
+ return AST_MODULE_LOAD_SUCCESS;
}
static int reload(void)
More information about the asterisk-commits
mailing list