Merge pull request #81 from vhbit/lock-init
Correct init mutexes and locking function
This commit is contained in:
Steven Fackler
commit
60dce4c219
|
|
@ -20,6 +20,8 @@ impl Asn1Time {
|
||||||
}
|
}
|
||||||
|
|
||||||
fn new_with_period(period: u64) -> Result<Asn1Time, SslError> {
|
fn new_with_period(period: u64) -> Result<Asn1Time, SslError> {
|
||||||
|
ffi::init();
|
||||||
|
|
||||||
let handle = unsafe {
|
let handle = unsafe {
|
||||||
try_ssl_null!(ffi::X509_gmtime_adj(ptr::null_mut(),
|
try_ssl_null!(ffi::X509_gmtime_adj(ptr::null_mut(),
|
||||||
period as c_long))
|
period as c_long))
|
||||||
|
|
|
||||||
|
|
@ -24,6 +24,8 @@ impl Drop for MemBio {
|
||||||
impl MemBio {
|
impl MemBio {
|
||||||
/// Creates a new owned memory based BIO
|
/// Creates a new owned memory based BIO
|
||||||
pub fn new() -> Result<MemBio, SslError> {
|
pub fn new() -> Result<MemBio, SslError> {
|
||||||
|
ffi::init();
|
||||||
|
|
||||||
let bio = unsafe { ffi::BIO_new(ffi::BIO_s_mem()) };
|
let bio = unsafe { ffi::BIO_new(ffi::BIO_s_mem()) };
|
||||||
try_ssl_null!(bio);
|
try_ssl_null!(bio);
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -79,8 +79,10 @@ macro_rules! with_bn_in_ctx(
|
||||||
)
|
)
|
||||||
|
|
||||||
impl BigNum {
|
impl BigNum {
|
||||||
|
// FIXME: squash 3 constructors into one
|
||||||
pub fn new() -> Result<BigNum, SslError> {
|
pub fn new() -> Result<BigNum, SslError> {
|
||||||
unsafe {
|
unsafe {
|
||||||
|
ffi::init();
|
||||||
let v = ffi::BN_new();
|
let v = ffi::BN_new();
|
||||||
if v.is_null() {
|
if v.is_null() {
|
||||||
Err(SslError::get())
|
Err(SslError::get())
|
||||||
|
|
@ -92,6 +94,7 @@ impl BigNum {
|
||||||
|
|
||||||
pub fn new_from(n: u64) -> Result<BigNum, SslError> {
|
pub fn new_from(n: u64) -> Result<BigNum, SslError> {
|
||||||
unsafe {
|
unsafe {
|
||||||
|
ffi::init();
|
||||||
let bn = ffi::BN_new();
|
let bn = ffi::BN_new();
|
||||||
if bn.is_null() || ffi::BN_set_word(bn, n as c_ulong) == 0 {
|
if bn.is_null() || ffi::BN_set_word(bn, n as c_ulong) == 0 {
|
||||||
Err(SslError::get())
|
Err(SslError::get())
|
||||||
|
|
@ -103,6 +106,7 @@ impl BigNum {
|
||||||
|
|
||||||
pub fn new_from_slice(n: &[u8]) -> Result<BigNum, SslError> {
|
pub fn new_from_slice(n: &[u8]) -> Result<BigNum, SslError> {
|
||||||
unsafe {
|
unsafe {
|
||||||
|
ffi::init();
|
||||||
let bn = ffi::BN_new();
|
let bn = ffi::BN_new();
|
||||||
if bn.is_null() || ffi::BN_bin2bn(n.as_ptr(), n.len() as c_int, bn).is_null() {
|
if bn.is_null() || ffi::BN_bin2bn(n.as_ptr(), n.len() as c_int, bn).is_null() {
|
||||||
Err(SslError::get())
|
Err(SslError::get())
|
||||||
|
|
|
||||||
|
|
@ -36,6 +36,8 @@ pub struct Hasher {
|
||||||
|
|
||||||
impl Hasher {
|
impl Hasher {
|
||||||
pub fn new(ht: HashType) -> Hasher {
|
pub fn new(ht: HashType) -> Hasher {
|
||||||
|
ffi::init();
|
||||||
|
|
||||||
let ctx = unsafe { ffi::EVP_MD_CTX_create() };
|
let ctx = unsafe { ffi::EVP_MD_CTX_create() };
|
||||||
let (evp, mdlen) = evpmd(ht);
|
let (evp, mdlen) = evpmd(ht);
|
||||||
unsafe {
|
unsafe {
|
||||||
|
|
|
||||||
|
|
@ -27,6 +27,8 @@ pub struct HMAC {
|
||||||
#[allow(non_snake_case)]
|
#[allow(non_snake_case)]
|
||||||
pub fn HMAC(ht: hash::HashType, key: &[u8]) -> HMAC {
|
pub fn HMAC(ht: hash::HashType, key: &[u8]) -> HMAC {
|
||||||
unsafe {
|
unsafe {
|
||||||
|
ffi::init();
|
||||||
|
|
||||||
let (evp, mdlen) = hash::evpmd(ht);
|
let (evp, mdlen) = hash::evpmd(ht);
|
||||||
|
|
||||||
let mut ctx : ffi::HMAC_CTX = ::std::mem::uninitialized();
|
let mut ctx : ffi::HMAC_CTX = ::std::mem::uninitialized();
|
||||||
|
|
|
||||||
|
|
@ -9,6 +9,8 @@ pub fn pbkdf2_hmac_sha1(pass: &str, salt: &[u8], iter: uint, keylen: uint) -> Ve
|
||||||
|
|
||||||
let mut out = Vec::with_capacity(keylen);
|
let mut out = Vec::with_capacity(keylen);
|
||||||
|
|
||||||
|
ffi::init();
|
||||||
|
|
||||||
let r = ffi::PKCS5_PBKDF2_HMAC_SHA1(
|
let r = ffi::PKCS5_PBKDF2_HMAC_SHA1(
|
||||||
pass.as_ptr(), pass.len() as c_int,
|
pass.as_ptr(), pass.len() as c_int,
|
||||||
salt.as_ptr(), salt.len() as c_int,
|
salt.as_ptr(), salt.len() as c_int,
|
||||||
|
|
|
||||||
|
|
@ -55,6 +55,8 @@ pub struct PKey {
|
||||||
impl PKey {
|
impl PKey {
|
||||||
pub fn new() -> PKey {
|
pub fn new() -> PKey {
|
||||||
unsafe {
|
unsafe {
|
||||||
|
ffi::init();
|
||||||
|
|
||||||
PKey {
|
PKey {
|
||||||
evp: ffi::EVP_PKEY_new(),
|
evp: ffi::EVP_PKEY_new(),
|
||||||
parts: Neither,
|
parts: Neither,
|
||||||
|
|
|
||||||
|
|
@ -5,6 +5,7 @@ pub fn rand_bytes(len: uint) -> Vec<u8> {
|
||||||
unsafe {
|
unsafe {
|
||||||
let mut out = Vec::with_capacity(len);
|
let mut out = Vec::with_capacity(len);
|
||||||
|
|
||||||
|
ffi::init();
|
||||||
let r = ffi::RAND_bytes(out.as_mut_ptr(), len as c_int);
|
let r = ffi::RAND_bytes(out.as_mut_ptr(), len as c_int);
|
||||||
if r != 1 as c_int { fail!() }
|
if r != 1 as c_int { fail!() }
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -50,6 +50,8 @@ pub struct Crypter {
|
||||||
|
|
||||||
impl Crypter {
|
impl Crypter {
|
||||||
pub fn new(t: Type) -> Crypter {
|
pub fn new(t: Type) -> Crypter {
|
||||||
|
ffi::init();
|
||||||
|
|
||||||
let ctx = unsafe { ffi::EVP_CIPHER_CTX_new() };
|
let ctx = unsafe { ffi::EVP_CIPHER_CTX_new() };
|
||||||
let (evp, keylen, blocksz) = evpc(t);
|
let (evp, keylen, blocksz) = evpc(t);
|
||||||
Crypter { evp: evp, ctx: ctx, keylen: keylen, blocksize: blocksz }
|
Crypter { evp: evp, ctx: ctx, keylen: keylen, blocksize: blocksz }
|
||||||
|
|
|
||||||
25
src/ffi.rs
25
src/ffi.rs
|
|
@ -1,7 +1,9 @@
|
||||||
#![allow(non_camel_case_types, non_uppercase_statics, non_snake_case)]
|
#![allow(non_camel_case_types, non_uppercase_statics, non_snake_case)]
|
||||||
#![allow(dead_code)]
|
#![allow(dead_code)]
|
||||||
use libc::{c_void, c_int, c_char, c_ulong, c_long, c_uint, c_uchar, size_t};
|
use libc::{c_void, c_int, c_char, c_ulong, c_long, c_uint, c_uchar, size_t};
|
||||||
|
use std::mem;
|
||||||
use std::ptr;
|
use std::ptr;
|
||||||
|
use std::rt::mutex::NativeMutex;
|
||||||
use sync::one::{Once, ONCE_INIT};
|
use sync::one::{Once, ONCE_INIT};
|
||||||
|
|
||||||
pub use bn::BIGNUM;
|
pub use bn::BIGNUM;
|
||||||
|
|
@ -182,13 +184,34 @@ extern {}
|
||||||
#[link(name="wsock32")]
|
#[link(name="wsock32")]
|
||||||
extern { }
|
extern { }
|
||||||
|
|
||||||
|
static mut MUTEXES: *mut Vec<NativeMutex> = 0 as *mut Vec<NativeMutex>;
|
||||||
|
|
||||||
|
extern fn locking_function(mode: c_int, n: c_int, _file: *const c_char,
|
||||||
|
_line: c_int) {
|
||||||
|
unsafe {
|
||||||
|
let mutex = (*MUTEXES).get_mut(n as uint);
|
||||||
|
|
||||||
|
if mode & CRYPTO_LOCK != 0 {
|
||||||
|
mutex.lock_noguard();
|
||||||
|
} else {
|
||||||
|
mutex.unlock_noguard();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
pub fn init() {
|
pub fn init() {
|
||||||
static mut INIT: Once = ONCE_INIT;
|
static mut INIT: Once = ONCE_INIT;
|
||||||
|
|
||||||
unsafe {
|
unsafe {
|
||||||
INIT.doit(|| {
|
INIT.doit(|| {
|
||||||
SSL_library_init();
|
SSL_library_init();
|
||||||
SSL_load_error_strings()
|
SSL_load_error_strings();
|
||||||
|
|
||||||
|
let num_locks = CRYPTO_num_locks();
|
||||||
|
let mutexes = box Vec::from_fn(num_locks as uint, |_| NativeMutex::new());
|
||||||
|
MUTEXES = mem::transmute(mutexes);
|
||||||
|
|
||||||
|
CRYPTO_set_locking_callback(locking_function);
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,8 +1,7 @@
|
||||||
use libc::{c_int, c_void, c_char, c_long};
|
use libc::{c_int, c_void, c_long};
|
||||||
use std::io::{IoResult, IoError, EndOfFile, Stream, Reader, Writer};
|
use std::io::{IoResult, IoError, EndOfFile, Stream, Reader, Writer};
|
||||||
use std::mem;
|
use std::mem;
|
||||||
use std::ptr;
|
use std::ptr;
|
||||||
use std::rt::mutex::NativeMutex;
|
|
||||||
use std::string;
|
use std::string;
|
||||||
use sync::one::{Once, ONCE_INIT};
|
use sync::one::{Once, ONCE_INIT};
|
||||||
|
|
||||||
|
|
@ -16,7 +15,6 @@ pub mod error;
|
||||||
mod tests;
|
mod tests;
|
||||||
|
|
||||||
static mut VERIFY_IDX: c_int = -1;
|
static mut VERIFY_IDX: c_int = -1;
|
||||||
static mut MUTEXES: *mut Vec<NativeMutex> = 0 as *mut Vec<NativeMutex>;
|
|
||||||
|
|
||||||
fn init() {
|
fn init() {
|
||||||
static mut INIT: Once = ONCE_INIT;
|
static mut INIT: Once = ONCE_INIT;
|
||||||
|
|
@ -29,12 +27,6 @@ fn init() {
|
||||||
None, None);
|
None, None);
|
||||||
assert!(verify_idx >= 0);
|
assert!(verify_idx >= 0);
|
||||||
VERIFY_IDX = verify_idx;
|
VERIFY_IDX = verify_idx;
|
||||||
|
|
||||||
let num_locks = ffi::CRYPTO_num_locks();
|
|
||||||
let mutexes = box Vec::from_fn(num_locks as uint, |_| NativeMutex::new());
|
|
||||||
MUTEXES = mem::transmute(mutexes);
|
|
||||||
|
|
||||||
ffi::CRYPTO_set_locking_callback(locking_function);
|
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -109,19 +101,6 @@ fn get_verify_data_idx<T>() -> c_int {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
extern fn locking_function(mode: c_int, n: c_int, _file: *const c_char,
|
|
||||||
_line: c_int) {
|
|
||||||
unsafe {
|
|
||||||
let mutex = (*MUTEXES).get_mut(n as uint);
|
|
||||||
|
|
||||||
if mode & ffi::CRYPTO_LOCK != 0 {
|
|
||||||
mutex.lock_noguard();
|
|
||||||
} else {
|
|
||||||
mutex.unlock_noguard();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
extern fn raw_verify(preverify_ok: c_int, x509_ctx: *mut ffi::X509_STORE_CTX)
|
extern fn raw_verify(preverify_ok: c_int, x509_ctx: *mut ffi::X509_STORE_CTX)
|
||||||
-> c_int {
|
-> c_int {
|
||||||
unsafe {
|
unsafe {
|
||||||
|
|
|
||||||
|
|
@ -272,6 +272,8 @@ impl X509Generator {
|
||||||
|
|
||||||
/// Generates a private key and a signed certificate and returns them
|
/// Generates a private key and a signed certificate and returns them
|
||||||
pub fn generate<'a>(&self) -> Result<(X509<'a>, PKey), SslError> {
|
pub fn generate<'a>(&self) -> Result<(X509<'a>, PKey), SslError> {
|
||||||
|
ffi::init();
|
||||||
|
|
||||||
let mut p_key = PKey::new();
|
let mut p_key = PKey::new();
|
||||||
p_key.gen(self.bits);
|
p_key.gen(self.bits);
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue