From: Nick Mathewson Date: Sun, 27 Apr 2025 14:47:45 +0000 (-0400) Subject: Remove NEW_THREAD_API X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5a6b3d06f472a3e049c84ba687157d7115b0aecd;p=thirdparty%2Ftor.git Remove NEW_THREAD_API Every supported OpenSSL version and fork has the modern API. --- diff --git a/src/lib/crypt_ops/crypto_openssl_mgt.c b/src/lib/crypt_ops/crypto_openssl_mgt.c index ef152258d4..2bb2447836 100644 --- a/src/lib/crypt_ops/crypto_openssl_mgt.c +++ b/src/lib/crypt_ops/crypto_openssl_mgt.c @@ -45,19 +45,8 @@ ENABLE_GCC_WARNING("-Wredundant-decls") #define DISABLE_ENGINES #endif -#ifndef NEW_THREAD_API -/** A number of preallocated mutexes for use by OpenSSL. */ -static tor_mutex_t **openssl_mutexes_ = NULL; -/** How many mutexes have we allocated for use by OpenSSL? */ -static int n_openssl_mutexes_ = 0; -#endif /* !defined(NEW_THREAD_API) */ - /** Declare STATIC functions */ STATIC char * parse_openssl_version_str(const char *raw_version); -#ifndef NEW_THREAD_API -STATIC void openssl_locking_cb_(int mode, int n, const char *file, int line); -STATIC void tor_set_openssl_thread_id(CRYPTO_THREADID *threadid); -#endif /** Log all pending crypto errors at level severity. Use * doing to describe our current activities. @@ -142,46 +131,11 @@ crypto_openssl_get_header_version_str(void) #endif #endif /* !defined(COCCI) */ -#ifndef NEW_THREAD_API -/** Helper: OpenSSL uses this callback to manipulate mutexes. */ -STATIC void -openssl_locking_cb_(int mode, int n, const char *file, int line) -{ - (void)file; - (void)line; - if (!openssl_mutexes_) - /* This is not a really good fix for the - * "release-freed-lock-from-separate-thread-on-shutdown" problem, but - * it can't hurt. */ - return; - if (mode & CRYPTO_LOCK) - tor_mutex_acquire(openssl_mutexes_[n]); - else - tor_mutex_release(openssl_mutexes_[n]); -} - -STATIC void -tor_set_openssl_thread_id(CRYPTO_THREADID *threadid) -{ - CRYPTO_THREADID_set_numeric(threadid, tor_get_thread_id()); -} -#endif /* !defined(NEW_THREAD_API) */ - /** Helper: Construct mutexes, and set callbacks to help OpenSSL handle being * multithreaded. Returns 0. */ static int setup_openssl_threading(void) { -#ifndef NEW_THREAD_API - int i; - int n = CRYPTO_num_locks(); - n_openssl_mutexes_ = n; - openssl_mutexes_ = tor_calloc(n, sizeof(tor_mutex_t *)); - for (i=0; i < n; ++i) - openssl_mutexes_[i] = tor_mutex_new(); - CRYPTO_set_locking_callback(openssl_locking_cb_); - CRYPTO_THREADID_set_callback(tor_set_openssl_thread_id); -#endif /* !defined(NEW_THREAD_API) */ return 0; } @@ -191,24 +145,6 @@ crypto_openssl_free_all(void) { tor_free(crypto_openssl_version_str); tor_free(crypto_openssl_header_version_str); - - /* Destroying a locked mutex is undefined behaviour. This mutex may be - * locked, because multiple threads can access it. But we need to destroy - * it, otherwise re-initialisation will trigger undefined behaviour. - * See #31735 for details. */ -#ifndef NEW_THREAD_API - if (n_openssl_mutexes_) { - int n = n_openssl_mutexes_; - tor_mutex_t **ms = openssl_mutexes_; - int i; - openssl_mutexes_ = NULL; - n_openssl_mutexes_ = 0; - for (i=0;i= OPENSSL_VER(1,1,0,0,5) -/* OpenSSL as of 1.1.0pre4 has an "new" thread API, which doesn't require - * setting up various callbacks. - * - * OpenSSL 1.1.0pre4 has a messed up `ERR_remove_thread_state()` prototype, - * while the previous one was restored in pre5, and the function made a no-op - * (along with a deprecated annotation, which produces a compiler warning). - * - * While it is possible to support all three versions of the thread API, - * a version that existed only for one snapshot pre-release is kind of - * pointless, so let's not. - */ -#define NEW_THREAD_API -#endif /* OPENSSL_VERSION_NUMBER >= OPENSSL_VER(1,1,0,0,5) && ... */ - void crypto_openssl_log_errors(int severity, const char *doing); /* global openssl state */