From: Doug MacEachern <dougm@apache.org>
Date: Fri, 24 Aug 2001 04:08:04 +0000 (+0000)
Subject: Implement CRYPTO_set_locking_callback() for mod_ssl
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6906cff19548c2c6a76fda965ac5c24707b82a5d;p=thirdparty%2Fapache%2Fhttpd.git

Implement CRYPTO_set_locking_callback() for mod_ssl
PR:
Obtained from:
Submitted by:	Madhusudan Mathihalli <madhusudan_mathihalli@hp.com>
Reviewed by:	dougm


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@90612 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/README b/README
index 3dd54226839..7299128c79d 100644
--- a/README
+++ b/README
@@ -174,7 +174,6 @@
  o Whether to unregister and how to unregister?
    ssl_var_unregister();
    ssl_ext_unregister();
- o We certainly need CRYPTO_set_locking_callback() now also under Unix!
  o Do we need SSL_set_read_ahead()?
  o Enable use of MM, SHMCB and SHMHT.
  o Enable SSL extensions (ssl_engine_ext.c)
diff --git a/mod_ssl.h b/mod_ssl.h
index c24e2f3ef07..4bdeb65942b 100644
--- a/mod_ssl.h
+++ b/mod_ssl.h
@@ -728,7 +728,7 @@ BOOL         ssl_util_path_check(ssl_pathcheck_t, const char *, apr_pool_t *);
 ssl_algo_t   ssl_util_algotypeof(X509 *, EVP_PKEY *); 
 char        *ssl_util_algotypestr(ssl_algo_t);
 char        *ssl_util_ptxtsub(apr_pool_t *, const char *, const char *, char *);
-void         ssl_util_thread_setup(void);
+void         ssl_util_thread_setup(server_rec *, apr_pool_t *);
 apr_status_t     ssl_util_setmodconfig(server_rec *, const char *, SSLModConfigRec *);
 SSLModConfigRec *ssl_util_getmodconfig(server_rec *, const char *);
 SSLModConfigRec *ssl_util_getmodconfig_ssl(SSL *, const char *);
diff --git a/ssl_engine_init.c b/ssl_engine_init.c
index f6472966d7a..73f8e7e4c0c 100644
--- a/ssl_engine_init.c
+++ b/ssl_engine_init.c
@@ -185,6 +185,7 @@ void ssl_init_Module(apr_pool_t *p, apr_pool_t *plog,
         ssl_init_SSLLibrary();
     }
 #endif
+    ssl_util_thread_setup(s, p);
     if (mc->nInitCount == 1) {
         ssl_pphrase_Handle(s, p);
         ssl_init_TmpKeysHandle(SSL_TKP_GEN, s, p);
diff --git a/ssl_util.c b/ssl_util.c
index 9bbf52568f2..46eb14abe2e 100644
--- a/ssl_util.c
+++ b/ssl_util.c
@@ -328,3 +328,49 @@ ssl_util_getmodconfig_ssl(
     return mc;
 }
 
+/*
+ * To ensure thread-safetyness in OpenSSL - work in progress
+ */
+
+static apr_lock_t *lock_cs[CRYPTO_NUM_LOCKS];
+static long        lock_count[CRYPTO_NUM_LOCKS];
+
+void ssl_util_thread_locking_callback(int mode, int type, char *file, int line)
+{
+    if (mode & CRYPTO_LOCK) {
+        apr_lock_acquire(lock_cs[type]);
+        lock_count[type]++;
+    }
+    else {
+        apr_lock_release(lock_cs[type]);
+    }
+}
+
+apr_status_t ssl_util_thread_cleanup(void *data)
+{
+    int i;
+
+    CRYPTO_set_locking_callback(NULL);
+    for (i = 0; i < CRYPTO_NUM_LOCKS; i++)
+        apr_lock_destroy(lock_cs[i]);
+    return APR_SUCCESS;
+}
+
+void ssl_util_thread_setup(server_rec *s, apr_pool_t *p)
+{
+    int i;
+    SSLModConfigRec *mc = myModConfig(s);
+
+    *lock_cs = apr_palloc(p, CRYPTO_NUM_LOCKS);
+    for (i = 0; i < CRYPTO_NUM_LOCKS; i++)
+    {
+        lock_count[i]=0;
+        apr_lock_create(&(lock_cs[i]), APR_MUTEX, APR_LOCKALL,
+                                                mc->szMutexFile, p);
+    }
+
+    CRYPTO_set_locking_callback((void (*)())ssl_util_thread_locking_callback);
+    apr_pool_cleanup_register(p, NULL,
+                ssl_util_thread_cleanup, apr_pool_cleanup_null);
+
+}