nghttpx: Use LibsslGlobalLock

This commit is contained in:
Tatsuhiro Tsujikawa 2014-03-04 21:33:43 +09:00
parent 73f55e7b7a
commit d4ea2418d8
4 changed files with 3 additions and 44 deletions

View File

@ -81,6 +81,7 @@ endif # HAVE_SPDYLAY
NGHTTPX_SRCS = \ NGHTTPX_SRCS = \
util.cc util.h http2.cc http2.h timegm.c timegm.h base64.h \ util.cc util.h http2.cc http2.h timegm.c timegm.h base64.h \
app_helper.cc app_helper.h \ app_helper.cc app_helper.h \
ssl.cc ssl.h \
shrpx_config.cc shrpx_config.h \ shrpx_config.cc shrpx_config.h \
shrpx_error.h \ shrpx_error.h \
shrpx_listen_handler.cc shrpx_listen_handler.h \ shrpx_listen_handler.cc shrpx_listen_handler.h \

View File

@ -54,6 +54,7 @@
#include "shrpx_ssl.h" #include "shrpx_ssl.h"
#include "util.h" #include "util.h"
#include "app_helper.h" #include "app_helper.h"
#include "ssl.h"
using namespace nghttp2; using namespace nghttp2;
@ -1081,7 +1082,7 @@ int main(int argc, char **argv)
OpenSSL_add_all_algorithms(); OpenSSL_add_all_algorithms();
SSL_load_error_strings(); SSL_load_error_strings();
SSL_library_init(); SSL_library_init();
ssl::setup_ssl_lock(); nghttp2::ssl::LibsslGlobalLock();
if(conf_exists(get_config()->conf_path)) { if(conf_exists(get_config()->conf_path)) {
if(load_config(get_config()->conf_path) == -1) { if(load_config(get_config()->conf_path) == -1) {
@ -1237,8 +1238,6 @@ int main(int argc, char **argv)
event_loop(); event_loop();
ssl::teardown_ssl_lock();
return 0; return 0;
} }

View File

@ -666,43 +666,6 @@ int check_cert(SSL *ssl)
return 0; return 0;
} }
namespace {
std::unique_ptr<pthread_mutex_t[]> ssl_locks;
} // namespace
namespace {
void ssl_locking_cb(int mode, int type, const char *file, int line)
{
if(mode & CRYPTO_LOCK) {
pthread_mutex_lock(&(ssl_locks[type]));
} else {
pthread_mutex_unlock(&(ssl_locks[type]));
}
}
} // namespace
void setup_ssl_lock()
{
ssl_locks = util::make_unique<pthread_mutex_t[]>(CRYPTO_num_locks());
for(int i = 0; i < CRYPTO_num_locks(); ++i) {
// Always returns 0
pthread_mutex_init(&(ssl_locks[i]), 0);
}
//CRYPTO_set_id_callback(ssl_thread_id); OpenSSL manual says that if
// threadid_func is not specified using
// CRYPTO_THREADID_set_callback(), then default implementation is
// used. We use this default one.
CRYPTO_set_locking_callback(ssl_locking_cb);
}
void teardown_ssl_lock()
{
for(int i = 0; i < CRYPTO_num_locks(); ++i) {
pthread_mutex_destroy(&(ssl_locks[i]));
}
ssl_locks.reset();
}
CertLookupTree* cert_lookup_tree_new() CertLookupTree* cert_lookup_tree_new()
{ {
auto tree = new CertLookupTree(); auto tree = new CertLookupTree();

View File

@ -53,10 +53,6 @@ bool numeric_host(const char *hostname);
int check_cert(SSL *ssl); int check_cert(SSL *ssl);
void setup_ssl_lock();
void teardown_ssl_lock();
// Retrieves DNS and IP address in subjectAltNames and commonName from // Retrieves DNS and IP address in subjectAltNames and commonName from
// the |cert|. // the |cert|.
void get_altnames(X509 *cert, void get_altnames(X509 *cert,