Add mutexes to make OpenSSL thread safe
This commit is contained in:
Eric Frias
parent
49cbe600f9
commit
62ea4ae9c3
1 changed files with 69 additions and 0 deletions
|
|
@ -7,6 +7,16 @@
|
|||
#include <fc/io/raw.hpp>
|
||||
|
||||
#include <fc/log/logger.hpp>
|
||||
#include <boost/thread/mutex.hpp>
|
||||
#include <openssl/opensslconf.h>
|
||||
#ifndef OPENSSL_THREADS
|
||||
# error "OpenSSL must be configured to support threads"
|
||||
#endif
|
||||
#include <openssl/crypto.h>
|
||||
|
||||
#if defined(_MSC_VER)
|
||||
# include <Windows.h>
|
||||
#endif
|
||||
|
||||
namespace fc {
|
||||
|
||||
|
|
@ -365,4 +375,63 @@ std::vector<char> aes_load( const fc::path& file, const fc::sha512& key )
|
|||
return aes_decrypt( key, cipher );
|
||||
} FC_RETHROW_EXCEPTIONS( warn, "", ("file",file) ) }
|
||||
|
||||
/* This stuff has to go somewhere, I guess this is as good a place as any...
|
||||
OpenSSL isn't thread-safe unless you give it access to some mutexes,
|
||||
so the CRYPTO_set_id_callback() function needs to be called before there's any
|
||||
chance of OpenSSL being accessed from multiple threads.
|
||||
*/
|
||||
struct openssl_thread_config
|
||||
{
|
||||
static boost::mutex* openssl_mutexes;
|
||||
static unsigned long get_thread_id();
|
||||
static void locking_callback(int mode, int type, const char *file, int line);
|
||||
openssl_thread_config();
|
||||
~openssl_thread_config();
|
||||
};
|
||||
openssl_thread_config openssl_thread_config_manager;
|
||||
|
||||
boost::mutex* openssl_thread_config::openssl_mutexes = nullptr;
|
||||
|
||||
unsigned long openssl_thread_config::get_thread_id()
|
||||
{
|
||||
#ifdef _MSC_VER
|
||||
return (unsigned long)::GetCurrentThreadId();
|
||||
#else
|
||||
return (unsigned long)(&fc::thread::current()); // TODO: should expose boost thread id
|
||||
#endif
|
||||
}
|
||||
|
||||
void openssl_thread_config::locking_callback(int mode, int type, const char *file, int line)
|
||||
{
|
||||
if (mode & CRYPTO_LOCK)
|
||||
openssl_mutexes[type].lock();
|
||||
else
|
||||
openssl_mutexes[type].unlock();
|
||||
}
|
||||
|
||||
// Warning: Things get complicated if third-party libraries also try to install their their own
|
||||
// OpenSSL thread functions. Right now, we don't install our own handlers if another library has
|
||||
// installed them before us which is a partial solution, but you'd really need to evaluate
|
||||
// each library that does this to make sure they will play nice.
|
||||
openssl_thread_config::openssl_thread_config()
|
||||
{
|
||||
if (CRYPTO_get_id_callback() == NULL &&
|
||||
CRYPTO_get_locking_callback() == NULL)
|
||||
{
|
||||
openssl_mutexes = new boost::mutex[CRYPTO_num_locks()];
|
||||
CRYPTO_set_id_callback(&get_thread_id);
|
||||
CRYPTO_set_locking_callback(&locking_callback);
|
||||
}
|
||||
}
|
||||
openssl_thread_config::~openssl_thread_config()
|
||||
{
|
||||
if (CRYPTO_get_id_callback() == &get_thread_id)
|
||||
{
|
||||
CRYPTO_set_id_callback(NULL);
|
||||
CRYPTO_set_locking_callback(NULL);
|
||||
delete[] openssl_mutexes;
|
||||
openssl_mutexes = nullptr;
|
||||
}
|
||||
}
|
||||
|
||||
} // namespace fc
|
||||
|
|
|
|||
Loading…
Reference in a new issue