From 0ea144a64dcb0275350d4046fec693367cc4b0be Mon Sep 17 00:00:00 2001 From: Gunnar Beutner Date: Sat, 12 Apr 2014 21:22:59 +0200 Subject: [PATCH] Set OpenSSL locking callback. Refs #4865 --- lib/base/tlsstream.cpp | 6 ++---- lib/base/tlsstream.h | 1 - lib/base/tlsutility.cpp | 12 ++++++++++++ 3 files changed, 14 insertions(+), 5 deletions(-) diff --git a/lib/base/tlsstream.cpp b/lib/base/tlsstream.cpp index 06bc979ea..0f76f6275 100644 --- a/lib/base/tlsstream.cpp +++ b/lib/base/tlsstream.cpp @@ -38,11 +38,9 @@ bool I2_EXPORT TlsStream::m_SSLIndexInitialized = false; * @param sslContext The SSL context for the client. */ TlsStream::TlsStream(const Stream::Ptr& innerStream, TlsRole role, shared_ptr sslContext) - : m_InnerStream(innerStream), m_SSLContext(sslContext), m_Role(role) + : m_InnerStream(innerStream), m_Role(role) { - m_SSL = shared_ptr(SSL_new(m_SSLContext.get()), SSL_free); - - m_SSLContext.reset(); + m_SSL = shared_ptr(SSL_new(sslContext.get()), SSL_free); if (!m_SSL) { BOOST_THROW_EXCEPTION(openssl_error() diff --git a/lib/base/tlsstream.h b/lib/base/tlsstream.h index 1c1b2894f..0d60bacef 100644 --- a/lib/base/tlsstream.h +++ b/lib/base/tlsstream.h @@ -59,7 +59,6 @@ public: virtual bool IsEof(void) const; private: - shared_ptr m_SSLContext; shared_ptr m_SSL; BIO *m_BIO; diff --git a/lib/base/tlsutility.cpp b/lib/base/tlsutility.cpp index 5bae7cc4c..56ae17394 100644 --- a/lib/base/tlsutility.cpp +++ b/lib/base/tlsutility.cpp @@ -23,6 +23,15 @@ namespace icinga { static bool l_SSLInitialized = false; +static boost::mutex *l_Mutexes; + +static void OpenSSLLockingCallback(int mode, int type, const char *file, int line) +{ + if (mode & CRYPTO_LOCK) + l_Mutexes[type].lock(); + else + l_Mutexes[type].unlock(); +} /** * Initializes the OpenSSL library. @@ -37,6 +46,9 @@ static void InitializeOpenSSL(void) SSL_COMP_get_compression_methods(); + l_Mutexes = new boost::mutex[CRYPTO_num_locks()]; + CRYPTO_set_locking_callback(&OpenSSLLockingCallback); + l_SSLInitialized = true; }