From d4ea2418d80c206e2e8f7729fa14c95f60d4b4fb Mon Sep 17 00:00:00 2001
From: Tatsuhiro Tsujikawa <tatsuhiro.t@gmail.com>
Date: Tue, 4 Mar 2014 21:33:43 +0900
Subject: [PATCH] nghttpx: Use LibsslGlobalLock

---
 src/Makefile.am  |  1 +
 src/shrpx.cc     |  5 ++---
 src/shrpx_ssl.cc | 37 -------------------------------------
 src/shrpx_ssl.h  |  4 ----
 4 files changed, 3 insertions(+), 44 deletions(-)

diff --git a/src/Makefile.am b/src/Makefile.am
index 765673b1..369e892e 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -81,6 +81,7 @@ endif # HAVE_SPDYLAY
 NGHTTPX_SRCS = \
 	util.cc util.h http2.cc http2.h timegm.c timegm.h base64.h \
 	app_helper.cc app_helper.h \
+	ssl.cc ssl.h \
 	shrpx_config.cc shrpx_config.h \
 	shrpx_error.h \
 	shrpx_listen_handler.cc shrpx_listen_handler.h \
diff --git a/src/shrpx.cc b/src/shrpx.cc
index 04fdc3c0..968ba51a 100644
--- a/src/shrpx.cc
+++ b/src/shrpx.cc
@@ -54,6 +54,7 @@
 #include "shrpx_ssl.h"
 #include "util.h"
 #include "app_helper.h"
+#include "ssl.h"
 
 using namespace nghttp2;
 
@@ -1081,7 +1082,7 @@ int main(int argc, char **argv)
   OpenSSL_add_all_algorithms();
   SSL_load_error_strings();
   SSL_library_init();
-  ssl::setup_ssl_lock();
+  nghttp2::ssl::LibsslGlobalLock();
 
   if(conf_exists(get_config()->conf_path)) {
     if(load_config(get_config()->conf_path) == -1) {
@@ -1237,8 +1238,6 @@ int main(int argc, char **argv)
 
   event_loop();
 
-  ssl::teardown_ssl_lock();
-
   return 0;
 }
 
diff --git a/src/shrpx_ssl.cc b/src/shrpx_ssl.cc
index 9294c190..7feed9c6 100644
--- a/src/shrpx_ssl.cc
+++ b/src/shrpx_ssl.cc
@@ -666,43 +666,6 @@ int check_cert(SSL *ssl)
   return 0;
 }
 
-namespace {
-std::unique_ptr<pthread_mutex_t[]> ssl_locks;
-} // namespace
-
-namespace {
-void ssl_locking_cb(int mode, int type, const char *file, int line)
-{
-  if(mode & CRYPTO_LOCK) {
-    pthread_mutex_lock(&(ssl_locks[type]));
-  } else {
-    pthread_mutex_unlock(&(ssl_locks[type]));
-  }
-}
-} // namespace
-
-void setup_ssl_lock()
-{
-  ssl_locks = util::make_unique<pthread_mutex_t[]>(CRYPTO_num_locks());
-  for(int i = 0; i < CRYPTO_num_locks(); ++i) {
-    // Always returns 0
-    pthread_mutex_init(&(ssl_locks[i]), 0);
-  }
-  //CRYPTO_set_id_callback(ssl_thread_id); OpenSSL manual says that if
-  // threadid_func is not specified using
-  // CRYPTO_THREADID_set_callback(), then default implementation is
-  // used. We use this default one.
-  CRYPTO_set_locking_callback(ssl_locking_cb);
-}
-
-void teardown_ssl_lock()
-{
-  for(int i = 0; i < CRYPTO_num_locks(); ++i) {
-    pthread_mutex_destroy(&(ssl_locks[i]));
-  }
-  ssl_locks.reset();
-}
-
 CertLookupTree* cert_lookup_tree_new()
 {
   auto tree = new CertLookupTree();
diff --git a/src/shrpx_ssl.h b/src/shrpx_ssl.h
index 44bbbfdc..60dbaffe 100644
--- a/src/shrpx_ssl.h
+++ b/src/shrpx_ssl.h
@@ -53,10 +53,6 @@ bool numeric_host(const char *hostname);
 
 int check_cert(SSL *ssl);
 
-void setup_ssl_lock();
-
-void teardown_ssl_lock();
-
 // Retrieves DNS and IP address in subjectAltNames and commonName from
 // the |cert|.
 void get_altnames(X509 *cert,