Marek,
I really appreciate this code snippet **a lot**. It looks like an
excellent snippet of code...as best as I can tell.
Can anyone else please confirm that these functions (listed below) are
what I need to implement for making OpenSSL thead-safe?
No offense intended Marek. I'm just looking for a second confirming source.
I'm running this on a Win32 platform, so I'm going to have to convert
from pthreads to Win32 speak, but I think I can do that. Any gotchas
will be appreciated though. For example, do I need the Win32 keyword
CALLBACK or EXPORT in the function prototypes?
I'm also wondering if there is someway I can test this to make sure this
is working correctly?
Thanks a million.....again!
Joe
------------------------------------------------------------------------------------------------------------------------------------
Marek Marcola wrote:
You may use something like that:
--------------------------------
struct CRYPTO_dynlock_value
{
pthread_mutex_t mutex;
};
static pthread_mutex_t *mutex_buf = NULL;
/**
* OpenSSL locking function.
*
* @param mode lock mode
* @param n lock number
* @param file source file name
* @param line source file line number
* @return none
*/
static void locking_function(int mode, int n, const char *file, int line)
{
if (mode & CRYPTO_LOCK) {
pthread_mutex_lock(&mutex_buf[n]);
} else {
pthread_mutex_unlock(&mutex_buf[n]);
}
}
/**
* OpenSSL uniq id function.
*
* @return thread id
*/
static unsigned long id_function(void)
{
return ((unsigned long) pthread_self());
}
/**
* OpenSSL allocate and initialize dynamic crypto lock.
*
* @param file source file name
* @param line source file line number
*/
static struct CRYPTO_dynlock_value *dyn_create_function(const char
*file, int line)
{
struct CRYPTO_dynlock_value *value;
value = (struct CRYPTO_dynlock_value *)
malloc(sizeof(struct CRYPTO_dynlock_value));
if (!value) {
goto err;
}
pthread_mutex_init(&value->mutex, NULL);
return value;
err:
return (NULL);
}
/**
* OpenSSL dynamic locking function.
*
* @param mode lock mode
* @param l lock structure pointer
* @param file source file name
* @param line source file line number
* @return none
*/
static void dyn_lock_function(int mode, struct CRYPTO_dynlock_value *l,
const char *file, int line)
{
if (mode & CRYPTO_LOCK) {
pthread_mutex_lock(&l->mutex);
} else {
pthread_mutex_unlock(&l->mutex);
}
}
/**
* OpenSSL destroy dynamic crypto lock.
*
* @param l lock structure pointer
* @param file source file name
* @param line source file line number
* @return none
*/
static void dyn_destroy_function(struct CRYPTO_dynlock_value *l,
const char *file, int line)
{
pthread_mutex_destroy(&l->mutex);
free(l);
}
/**
* Initialize TLS library.
*
* @return 0 on success, -1 on error
*/
int tls_init(void)
{
int i;
/* static locks area */
mutex_buf = malloc(CRYPTO_num_locks() * sizeof(pthread_mutex_t));
if (mutex_buf == NULL) {
return (-1);
}
for (i = 0; i < CRYPTO_num_locks(); i++) {
pthread_mutex_init(&mutex_buf[i], NULL);
}
/* static locks callbacks */
CRYPTO_set_locking_callback(locking_function);
CRYPTO_set_id_callback(id_function);
/* dynamic locks callbacks */
CRYPTO_set_dynlock_create_callback(dyn_create_function);
CRYPTO_set_dynlock_lock_callback(dyn_lock_function);
CRYPTO_set_dynlock_destroy_callback(dyn_destroy_function);
SSL_load_error_strings();
SSLeay_add_ssl_algorithms();
RAND_load_file("/dev/urandom", 1024);
return (0);
}
/**
* Cleanup TLS library.
*
* @return 0
*/
int tls_cleanup(void)
{
int i;
if (mutex_buf == NULL) {
return (0);
}
CRYPTO_set_dynlock_create_callback(NULL);
CRYPTO_set_dynlock_lock_callback(NULL);
CRYPTO_set_dynlock_destroy_callback(NULL);
CRYPTO_set_locking_callback(NULL);
CRYPTO_set_id_callback(NULL);
for (i = 0; i < CRYPTO_num_locks(); i++) {
pthread_mutex_destroy(&mutex_buf[i]);
}
free(mutex_buf);
mutex_buf = NULL;
return (0);
}
Best regards,
-- Marek Marcola <[EMAIL PROTECTED]>
------------------------------------------------------------------------------------------------------------------------------------
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]