1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-22 08:08:50 -05:00

PolarSSL: pthread support for entropy

Added pthread support for polarssl entropy if --enable-threaded-resolver
config flag is set and pthread.h can be found.
This commit is contained in:
Willem Sparreboom 2013-01-28 18:31:22 +01:00 committed by Daniel Stenberg
parent db3f3c14f2
commit c35a10483d
5 changed files with 249 additions and 17 deletions

View File

@ -20,12 +20,12 @@ CSOURCES = file.c timeval.c base64.c hostip.c progress.c formdata.c \
qssl.c rawstr.c curl_addrinfo.c socks_gssapi.c socks_sspi.c \ qssl.c rawstr.c curl_addrinfo.c socks_gssapi.c socks_sspi.c \
curl_sspi.c slist.c nonblock.c curl_memrchr.c imap.c pop3.c smtp.c \ curl_sspi.c slist.c nonblock.c curl_memrchr.c imap.c pop3.c smtp.c \
pingpong.c rtsp.c curl_threads.c warnless.c hmac.c polarssl.c \ pingpong.c rtsp.c curl_threads.c warnless.c hmac.c polarssl.c \
curl_rtmp.c openldap.c curl_gethostname.c gopher.c axtls.c \ polarsslthreadlock.c curl_rtmp.c openldap.c curl_gethostname.c \
idn_win32.c http_negotiate_sspi.c cyassl.c http_proxy.c non-ascii.c \ gopher.c axtls.c idn_win32.c http_negotiate_sspi.c cyassl.c \
asyn-ares.c asyn-thread.c curl_gssapi.c curl_ntlm.c curl_ntlm_wb.c \ http_proxy.c non-ascii.c asyn-ares.c asyn-thread.c curl_gssapi.c \
curl_ntlm_core.c curl_ntlm_msgs.c curl_sasl.c curl_schannel.c \ curl_ntlm.c curl_ntlm_wb.c curl_ntlm_core.c curl_ntlm_msgs.c \
curl_multibyte.c curl_darwinssl.c hostcheck.c \ curl_sasl.c curl_schannel.c curl_multibyte.c curl_darwinssl.c \
bundles.c conncache.c hostcheck.c bundles.c conncache.c
HHEADERS = arpa_telnet.h netrc.h file.h timeval.h qssl.h hostip.h \ HHEADERS = arpa_telnet.h netrc.h file.h timeval.h qssl.h hostip.h \
progress.h formdata.h cookie.h http.h sendf.h ftp.h url.h dict.h \ progress.h formdata.h cookie.h http.h sendf.h ftp.h url.h dict.h \
@ -36,12 +36,12 @@ HHEADERS = arpa_telnet.h netrc.h file.h timeval.h qssl.h hostip.h \
curl_md5.h http_digest.h http_negotiate.h inet_pton.h amigaos.h \ curl_md5.h http_digest.h http_negotiate.h inet_pton.h amigaos.h \
strtoofft.h strerror.h inet_ntop.h curlx.h curl_memory.h curl_setup.h \ strtoofft.h strerror.h inet_ntop.h curlx.h curl_memory.h curl_setup.h \
transfer.h select.h easyif.h multiif.h parsedate.h sslgen.h gtls.h \ transfer.h select.h easyif.h multiif.h parsedate.h sslgen.h gtls.h \
tftp.h sockaddr.h splay.h strdup.h socks.h ssh.h nssg.h \ tftp.h sockaddr.h splay.h strdup.h socks.h ssh.h nssg.h curl_base64.h \
curl_base64.h rawstr.h curl_addrinfo.h curl_sspi.h slist.h nonblock.h \ rawstr.h curl_addrinfo.h curl_sspi.h slist.h nonblock.h \
curl_memrchr.h imap.h pop3.h smtp.h pingpong.h rtsp.h curl_threads.h \ curl_memrchr.h imap.h pop3.h smtp.h pingpong.h rtsp.h curl_threads.h \
warnless.h curl_hmac.h polarssl.h curl_rtmp.h curl_gethostname.h \ warnless.h curl_hmac.h polarssl.h polarsslthreadlock.h curl_rtmp.h \
gopher.h axtls.h cyassl.h http_proxy.h non-ascii.h asyn.h curl_ntlm.h \ curl_gethostname.h gopher.h axtls.h cyassl.h http_proxy.h non-ascii.h \
curl_gssapi.h curl_ntlm_wb.h curl_ntlm_core.h curl_ntlm_msgs.h \ asyn.h curl_ntlm.h curl_gssapi.h curl_ntlm_wb.h curl_ntlm_core.h \
curl_sasl.h curl_schannel.h curl_multibyte.h curl_darwinssl.h \ curl_ntlm_msgs.h curl_sasl.h curl_schannel.h curl_multibyte.h \
hostcheck.h bundles.h conncache.h curl_setup_once.h multihandle.h \ curl_darwinssl.h hostcheck.h bundles.h conncache.h curl_setup_once.h \
setup-vms.h multihandle.h setup-vms.h

View File

@ -67,12 +67,51 @@
#include "select.h" #include "select.h"
#include "rawstr.h" #include "rawstr.h"
/* apply threading? */
#if defined(USE_THREADS_POSIX)
#define THREADING_SUPPORT
#include "polarsslthreadlock.h"
#endif /* USE_THREADS_POSIX */
#define _MPRINTF_REPLACE /* use our functions only */ #define _MPRINTF_REPLACE /* use our functions only */
#include <curl/mprintf.h> #include <curl/mprintf.h>
#include "curl_memory.h" #include "curl_memory.h"
/* The last #include file should be: */ /* The last #include file should be: */
#include "memdebug.h" #include "memdebug.h"
#if defined(THREADING_SUPPORT) && POLARSSL_VERSION_NUMBER>0x01010000
static entropy_context entropy;
static int entropy_init_initialized = 0;
/* start of entropy_init_mutex() */
static void entropy_init_mutex(entropy_context *ctx)
{
/* lock 0 = entropy_init_mutex() */
polarsslthreadlock_lock_function(0);
if(entropy_init_initialized == 0)
{
entropy_init(ctx);
entropy_init_initialized = 1;
}
polarsslthreadlock_unlock_function(0);
}
/* end of entropy_init_mutex() */
/* start of entropy_func_mutex() */
static int entropy_func_mutex(void *data, unsigned char *output, size_t len)
{
int ret;
/* lock 1 = entropy_func_mutex() */
polarsslthreadlock_lock_function(1);
ret = entropy_func(data, output, len);
polarsslthreadlock_unlock_function(1);
return ret;
}
/* end of entropy_func_mutex() */
#endif /* THREADING_SUPPORT && POLARSSL_VERSION_NUMBER>0x01010000 */
/* Define this to enable lots of debugging for PolarSSL */ /* Define this to enable lots of debugging for PolarSSL */
#undef POLARSSL_DEBUG #undef POLARSSL_DEBUG
@ -127,6 +166,18 @@ polarssl_connect_step1(struct connectdata *conn,
#if POLARSSL_VERSION_NUMBER<0x01010000 #if POLARSSL_VERSION_NUMBER<0x01010000
havege_init(&connssl->hs); havege_init(&connssl->hs);
#else
#ifdef THREADING_SUPPORT
entropy_init_mutex(&entropy);
if((ret = ctr_drbg_init(&connssl->ctr_drbg, entropy_func_mutex, &entropy,
connssl->ssn.id, connssl->ssn.length)) != 0)
{
#ifdef POLARSSL_ERROR_C
error_strerror(ret, errorbuf, sizeof(errorbuf));
#endif /* POLARSSL_ERROR_C */
failf(data, "Failed - PolarSSL: ctr_drbg_init returned (-0x%04X) %s\n", -ret, errorbuf);
}
#else #else
entropy_init(&connssl->entropy); entropy_init(&connssl->entropy);
@ -138,6 +189,7 @@ polarssl_connect_step1(struct connectdata *conn,
#endif /* POLARSSL_ERROR_C */ #endif /* POLARSSL_ERROR_C */
failf(data, "Failed - PolarSSL: ctr_drbg_init returned (-0x%04X) %s\n", -ret, errorbuf); failf(data, "Failed - PolarSSL: ctr_drbg_init returned (-0x%04X) %s\n", -ret, errorbuf);
} }
#endif /* THREADING_SUPPORT */
#endif /* POLARSSL_VERSION_NUMBER<0x01010000 */ #endif /* POLARSSL_VERSION_NUMBER<0x01010000 */
/* Load the trusted CA */ /* Load the trusted CA */
@ -637,4 +689,24 @@ Curl_polarssl_connect(struct connectdata *conn,
return CURLE_OK; return CURLE_OK;
} }
#endif /*
* return 0 error initializing SSL
* return 1 SSL initialized successfully
*/
int polarssl_init(void)
{
#ifdef THREADING_SUPPORT
return polarsslthreadlock_thread_setup();
#else /* THREADING_SUPPORT */
return 1;
#endif /* THREADING_SUPPORT */
}
void polarssl_cleanup(void)
{
#ifdef THREADING_SUPPORT
polarsslthreadlock_thread_cleanup();
#endif /* THREADING_SUPPORT */
}
#endif /* USE_POLARSSL */

View File

@ -25,6 +25,11 @@
#ifdef USE_POLARSSL #ifdef USE_POLARSSL
/* Called on first use PolarSSL, setup threading if supported */
int polarssl_init(void);
void polarssl_cleanup(void);
CURLcode Curl_polarssl_connect(struct connectdata *conn, int sockindex); CURLcode Curl_polarssl_connect(struct connectdata *conn, int sockindex);
CURLcode Curl_polarssl_connect_nonblocking(struct connectdata *conn, CURLcode Curl_polarssl_connect_nonblocking(struct connectdata *conn,
@ -43,8 +48,8 @@ size_t Curl_polarssl_version(char *buffer, size_t size);
int Curl_polarssl_shutdown(struct connectdata *conn, int sockindex); int Curl_polarssl_shutdown(struct connectdata *conn, int sockindex);
/* API setup for PolarSSL */ /* API setup for PolarSSL */
#define curlssl_init() (1) #define curlssl_init() polarssl_init()
#define curlssl_cleanup() Curl_nop_stmt #define curlssl_cleanup() polarssl_cleanup()
#define curlssl_connect Curl_polarssl_connect #define curlssl_connect Curl_polarssl_connect
#define curlssl_connect_nonblocking Curl_polarssl_connect_nonblocking #define curlssl_connect_nonblocking Curl_polarssl_connect_nonblocking
#define curlssl_session_free(x) Curl_polarssl_session_free(x) #define curlssl_session_free(x) Curl_polarssl_session_free(x)

121
lib/polarsslthreadlock.c Executable file
View File

@ -0,0 +1,121 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 2010, 2011, Hoi-Ho Chan, <hoiho.chan@gmail.com>
* Copyright (C) 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
#include <stdio.h>
#include "curl_setup.h"
#ifdef USE_POLARSSL
#if defined(USE_THREADS_POSIX)
#ifdef HAVE_PTHREAD_H
#include <pthread.h>
#define MUTEX_TYPE pthread_mutex_t
#endif /* HAVE_PTHREAD_H */
#endif /* USE_THREADS_POSIX */
#include "polarsslthreadlock.h"
/* number of thread locks */
#define NUMT 2
/* This array will store all of the mutexes available to PolarSSL. */
static MUTEX_TYPE *mutex_buf = NULL;
int polarsslthreadlock_thread_setup(void)
{
int i;
int ret;
mutex_buf = malloc(NUMT * sizeof(MUTEX_TYPE));
if (!mutex_buf)
return 0; /* error, no number of threads defined */
#ifdef HAVE_PTHREAD_H
for (i = 0; i < NUMT; i++)
{
ret = pthread_mutex_init(&mutex_buf[i], NULL);
if(ret)
return 0; /* pthread_mutex_init failed */
}
#endif /* HAVE_PTHREAD_H */
return 1; /* OK */
}
int polarsslthreadlock_thread_cleanup(void)
{
int i;
int ret;
if (!mutex_buf)
return 0; /* error, no threads locks defined */
#ifdef HAVE_PTHREAD_H
for (i = 0; i < NUMT; i++)
{
ret = pthread_mutex_destroy(&mutex_buf[i]);
if(ret)
return 0; /* pthread_mutex_destroy failed */
}
#endif /* HAVE_PTHREAD_H */
free(mutex_buf);
mutex_buf = NULL;
return 1; /* OK */
}
int polarsslthreadlock_lock_function(int n)
{
int ret;
#ifdef HAVE_PTHREAD_H
if(n < NUMT)
{
ret = pthread_mutex_lock(&mutex_buf[n]);
if(ret)
{
DEBUGF(fprintf(stderr, "Error: pthread_mutex_lock failed\n"));
return 0; /* pthread_mutex_lock failed */
}
}
#endif /* HAVE_PTHREAD_H */
return 1; /* OK */
}
int polarsslthreadlock_unlock_function(int n)
{
int ret;
#ifdef HAVE_PTHREAD_H
if(n < NUMT)
{
ret = pthread_mutex_unlock(&mutex_buf[n]);
if(ret)
{
DEBUGF(fprintf(stderr, "Error: pthread_mutex_unlock failed\n"));
return 0; /* pthread_mutex_unlock failed */
}
}
#endif /* HAVE_PTHREAD_H */
return 1; /* OK */
}
#endif /* USE_POLARSSL */

34
lib/polarsslthreadlock.h Executable file
View File

@ -0,0 +1,34 @@
#ifndef HEADER_CURL_POLARSSLTHREADLOCK_H
#define HEADER_CURL_POLARSSLTHREADLOCK_H
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 2010, Hoi-Ho Chan, <hoiho.chan@gmail.com>
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
#include "curl_setup.h"
#ifdef USE_POLARSSL
int polarsslthreadlock_thread_setup(void);
int polarsslthreadlock_thread_cleanup(void);
int polarsslthreadlock_lock_function(int n);
int polarsslthreadlock_unlock_function(int n);
#endif /* USE_POLARSSL */
#endif /* HEADER_CURL_POLARSSLTHREADLOCK_H */