198 lines
5.2 KiB
Diff
198 lines
5.2 KiB
Diff
diff -Nur pyOpenSSL-0.7-bad/src/crypto/crypto.c pyOpenSSL-0.7/src/crypto/crypto.c
|
|
--- pyOpenSSL-0.7-bad/src/crypto/crypto.c 2008-03-21 17:34:42.000000000 -0500
|
|
+++ pyOpenSSL-0.7/src/crypto/crypto.c 2008-09-19 18:06:08.000000000 -0500
|
|
@@ -694,6 +694,74 @@
|
|
{ NULL, NULL }
|
|
};
|
|
|
|
+
|
|
+#ifdef WITH_THREAD
|
|
+
|
|
+#include <pthread.h>
|
|
+
|
|
+#define MUTEX_TYPE pthread_mutex_t
|
|
+#define MUTEX_SETUP(x) pthread_mutex_init(&(x), NULL)
|
|
+#define MUTEX_CLEANUP(x) pthread_mutex_destroy(&(x))
|
|
+#define MUTEX_LOCK(x) pthread_mutex_lock(&(x))
|
|
+#define MUTEX_UNLOCK(x) pthread_mutex_unlock(&(x))
|
|
+#define THREAD_ID pthread_self()
|
|
+
|
|
+void handle_error(const char *file, int lineno, const char *msg)
|
|
+{
|
|
+ fprintf(stderr, "** %s:%i %s\n", file, lineno, msg);
|
|
+ ERR_print_errors_fp(stderr);
|
|
+}
|
|
+
|
|
+
|
|
+/* This array will store all of the mutexes available to OpenSSL. */
|
|
+static MUTEX_TYPE *mutex_buf = NULL;
|
|
+
|
|
+
|
|
+static void locking_function(int mode, int n, const char * file, int line)
|
|
+{
|
|
+ if (mode & CRYPTO_LOCK)
|
|
+ MUTEX_LOCK(mutex_buf[n]);
|
|
+ else
|
|
+ MUTEX_UNLOCK(mutex_buf[n]);
|
|
+}
|
|
+
|
|
+static unsigned long id_function(void)
|
|
+{
|
|
+ return ((unsigned long)THREAD_ID);
|
|
+}
|
|
+
|
|
+int init_openssl_threads(void)
|
|
+{
|
|
+ int i;
|
|
+
|
|
+ mutex_buf = (MUTEX_TYPE *)malloc(CRYPTO_num_locks() * sizeof(MUTEX_TYPE));
|
|
+ if (!mutex_buf)
|
|
+ return 0;
|
|
+ for (i = 0; i < CRYPTO_num_locks(); i++)
|
|
+ MUTEX_SETUP(mutex_buf[i]);
|
|
+ CRYPTO_set_id_callback(id_function);
|
|
+ CRYPTO_set_locking_callback(locking_function);
|
|
+ return 1;
|
|
+}
|
|
+
|
|
+int deinit_openssl_threads(void)
|
|
+{
|
|
+ int i;
|
|
+
|
|
+ if (!mutex_buf)
|
|
+ return 0;
|
|
+ CRYPTO_set_id_callback(NULL);
|
|
+ CRYPTO_set_locking_callback(NULL);
|
|
+ for (i = 0; i < CRYPTO_num_locks(); i++)
|
|
+ MUTEX_CLEANUP(mutex_buf[i]);
|
|
+ free(mutex_buf);
|
|
+ mutex_buf = NULL;
|
|
+ return 1;
|
|
+}
|
|
+
|
|
+#endif
|
|
+
|
|
+
|
|
/*
|
|
* Initialize crypto sub module
|
|
*
|
|
@@ -739,6 +807,10 @@
|
|
PyModule_AddIntConstant(module, "TYPE_DSA", crypto_TYPE_DSA);
|
|
|
|
dict = PyModule_GetDict(module);
|
|
+#ifdef WITH_THREAD
|
|
+ if (!init_openssl_threads())
|
|
+ goto error;
|
|
+#endif
|
|
if (!init_crypto_x509(dict))
|
|
goto error;
|
|
if (!init_crypto_x509name(dict))
|
|
diff -Nur pyOpenSSL-0.7-bad/src/ssl/context.c pyOpenSSL-0.7/src/ssl/context.c
|
|
--- pyOpenSSL-0.7-bad/src/ssl/context.c 2008-03-21 17:34:42.000000000 -0500
|
|
+++ pyOpenSSL-0.7/src/ssl/context.c 2008-09-19 18:27:00.000000000 -0500
|
|
@@ -64,39 +64,33 @@
|
|
static int
|
|
global_passphrase_callback(char *buf, int maxlen, int verify, void *arg)
|
|
{
|
|
- int len;
|
|
+ int len = 0;
|
|
char *str;
|
|
PyObject *argv, *ret = NULL;
|
|
ssl_ContextObj *ctx = (ssl_ContextObj *)arg;
|
|
|
|
+ if (!ctx->tstate)
|
|
+ fprintf (stderr, "ERROR: ctx->tstate == NULL!\n");
|
|
+ MY_END_ALLOW_THREADS(ctx->tstate);
|
|
+
|
|
/* The Python callback is called with a (maxlen,verify,userdata) tuple */
|
|
argv = Py_BuildValue("(iiO)", maxlen, verify, ctx->passphrase_userdata);
|
|
- if (ctx->tstate != NULL)
|
|
- {
|
|
- /* We need to get back our thread state before calling the callback */
|
|
- MY_END_ALLOW_THREADS(ctx->tstate);
|
|
- ret = PyEval_CallObject(ctx->passphrase_callback, argv);
|
|
- MY_BEGIN_ALLOW_THREADS(ctx->tstate);
|
|
- }
|
|
- else
|
|
- {
|
|
- ret = PyEval_CallObject(ctx->passphrase_callback, argv);
|
|
- }
|
|
+ ret = PyEval_CallObject(ctx->passphrase_callback, argv);
|
|
Py_DECREF(argv);
|
|
|
|
if (ret == NULL)
|
|
- return 0;
|
|
+ goto out;
|
|
|
|
if (!PyObject_IsTrue(ret))
|
|
{
|
|
Py_DECREF(ret);
|
|
- return 0;
|
|
+ goto out;
|
|
}
|
|
|
|
if (!PyString_Check(ret))
|
|
{
|
|
Py_DECREF(ret);
|
|
- return 0;
|
|
+ goto out;
|
|
}
|
|
|
|
len = PyString_Size(ret);
|
|
@@ -107,6 +101,8 @@
|
|
strncpy(buf, str, len);
|
|
Py_XDECREF(ret);
|
|
|
|
+out:
|
|
+ MY_BEGIN_ALLOW_THREADS(ctx->tstate);
|
|
return len;
|
|
}
|
|
|
|
@@ -173,28 +169,19 @@
|
|
ssl_ConnectionObj *conn = (ssl_ConnectionObj *)SSL_get_app_data(ssl);
|
|
PyObject *argv, *ret;
|
|
|
|
+ if (!conn->tstate)
|
|
+ fprintf (stderr, "ERROR: ctx->tstate == NULL!\n");
|
|
+ MY_END_ALLOW_THREADS(conn->tstate);
|
|
+
|
|
argv = Py_BuildValue("(Oii)", (PyObject *)conn, where, _ret);
|
|
- if (conn->tstate != NULL)
|
|
- {
|
|
- /* We need to get back our thread state before calling the callback */
|
|
- MY_END_ALLOW_THREADS(conn->tstate);
|
|
- ret = PyEval_CallObject(conn->context->info_callback, argv);
|
|
- if (ret == NULL)
|
|
- PyErr_Clear();
|
|
- else
|
|
- Py_DECREF(ret);
|
|
- MY_BEGIN_ALLOW_THREADS(conn->tstate);
|
|
- }
|
|
+ ret = PyEval_CallObject(conn->context->info_callback, argv);
|
|
+ if (ret == NULL)
|
|
+ PyErr_Clear();
|
|
else
|
|
- {
|
|
- ret = PyEval_CallObject(conn->context->info_callback, argv);
|
|
- if (ret == NULL)
|
|
- PyErr_Clear();
|
|
- else
|
|
- Py_DECREF(ret);
|
|
- }
|
|
+ Py_DECREF(ret);
|
|
Py_DECREF(argv);
|
|
|
|
+ MY_BEGIN_ALLOW_THREADS(conn->tstate);
|
|
return;
|
|
}
|
|
|
|
@@ -447,6 +434,8 @@
|
|
if (!PyArg_ParseTuple(args, "s|i:use_privatekey_file", &keyfile, &filetype))
|
|
return NULL;
|
|
|
|
+ if (self->tstate)
|
|
+ fprintf (stderr, "ERROR: ctx->tstate != NULL!\n");
|
|
MY_BEGIN_ALLOW_THREADS(self->tstate);
|
|
ret = SSL_CTX_use_PrivateKey_file(self->ctx, keyfile, filetype);
|
|
MY_END_ALLOW_THREADS(self->tstate);
|