python-pyOpenSSL/python-pyOpenSSL-threadsafe.patch

198 lines
5.2 KiB
Diff

diff -Nur pyOpenSSL-0.7-bad/src/crypto/crypto.c pyOpenSSL-0.7/src/crypto/crypto.c
--- pyOpenSSL-0.7-bad/src/crypto/crypto.c 2008-03-21 17:34:42.000000000 -0500
+++ pyOpenSSL-0.7/src/crypto/crypto.c 2008-09-19 18:06:08.000000000 -0500
@@ -694,6 +694,74 @@
{ NULL, NULL }
};
+
+#ifdef WITH_THREAD
+
+#include <pthread.h>
+
+#define MUTEX_TYPE pthread_mutex_t
+#define MUTEX_SETUP(x) pthread_mutex_init(&(x), NULL)
+#define MUTEX_CLEANUP(x) pthread_mutex_destroy(&(x))
+#define MUTEX_LOCK(x) pthread_mutex_lock(&(x))
+#define MUTEX_UNLOCK(x) pthread_mutex_unlock(&(x))
+#define THREAD_ID pthread_self()
+
+void handle_error(const char *file, int lineno, const char *msg)
+{
+ fprintf(stderr, "** %s:%i %s\n", file, lineno, msg);
+ ERR_print_errors_fp(stderr);
+}
+
+
+/* This array will store all of the mutexes available to OpenSSL. */
+static MUTEX_TYPE *mutex_buf = NULL;
+
+
+static void locking_function(int mode, int n, const char * file, int line)
+{
+ if (mode & CRYPTO_LOCK)
+ MUTEX_LOCK(mutex_buf[n]);
+ else
+ MUTEX_UNLOCK(mutex_buf[n]);
+}
+
+static unsigned long id_function(void)
+{
+ return ((unsigned long)THREAD_ID);
+}
+
+int init_openssl_threads(void)
+{
+ int i;
+
+ mutex_buf = (MUTEX_TYPE *)malloc(CRYPTO_num_locks() * sizeof(MUTEX_TYPE));
+ if (!mutex_buf)
+ return 0;
+ for (i = 0; i < CRYPTO_num_locks(); i++)
+ MUTEX_SETUP(mutex_buf[i]);
+ CRYPTO_set_id_callback(id_function);
+ CRYPTO_set_locking_callback(locking_function);
+ return 1;
+}
+
+int deinit_openssl_threads(void)
+{
+ int i;
+
+ if (!mutex_buf)
+ return 0;
+ CRYPTO_set_id_callback(NULL);
+ CRYPTO_set_locking_callback(NULL);
+ for (i = 0; i < CRYPTO_num_locks(); i++)
+ MUTEX_CLEANUP(mutex_buf[i]);
+ free(mutex_buf);
+ mutex_buf = NULL;
+ return 1;
+}
+
+#endif
+
+
/*
* Initialize crypto sub module
*
@@ -739,6 +807,10 @@
PyModule_AddIntConstant(module, "TYPE_DSA", crypto_TYPE_DSA);
dict = PyModule_GetDict(module);
+#ifdef WITH_THREAD
+ if (!init_openssl_threads())
+ goto error;
+#endif
if (!init_crypto_x509(dict))
goto error;
if (!init_crypto_x509name(dict))
diff -Nur pyOpenSSL-0.7-bad/src/ssl/context.c pyOpenSSL-0.7/src/ssl/context.c
--- pyOpenSSL-0.7-bad/src/ssl/context.c 2008-03-21 17:34:42.000000000 -0500
+++ pyOpenSSL-0.7/src/ssl/context.c 2008-09-19 18:27:00.000000000 -0500
@@ -64,39 +64,33 @@
static int
global_passphrase_callback(char *buf, int maxlen, int verify, void *arg)
{
- int len;
+ int len = 0;
char *str;
PyObject *argv, *ret = NULL;
ssl_ContextObj *ctx = (ssl_ContextObj *)arg;
+ if (!ctx->tstate)
+ fprintf (stderr, "ERROR: ctx->tstate == NULL!\n");
+ MY_END_ALLOW_THREADS(ctx->tstate);
+
/* The Python callback is called with a (maxlen,verify,userdata) tuple */
argv = Py_BuildValue("(iiO)", maxlen, verify, ctx->passphrase_userdata);
- if (ctx->tstate != NULL)
- {
- /* We need to get back our thread state before calling the callback */
- MY_END_ALLOW_THREADS(ctx->tstate);
- ret = PyEval_CallObject(ctx->passphrase_callback, argv);
- MY_BEGIN_ALLOW_THREADS(ctx->tstate);
- }
- else
- {
- ret = PyEval_CallObject(ctx->passphrase_callback, argv);
- }
+ ret = PyEval_CallObject(ctx->passphrase_callback, argv);
Py_DECREF(argv);
if (ret == NULL)
- return 0;
+ goto out;
if (!PyObject_IsTrue(ret))
{
Py_DECREF(ret);
- return 0;
+ goto out;
}
if (!PyString_Check(ret))
{
Py_DECREF(ret);
- return 0;
+ goto out;
}
len = PyString_Size(ret);
@@ -107,6 +101,8 @@
strncpy(buf, str, len);
Py_XDECREF(ret);
+out:
+ MY_BEGIN_ALLOW_THREADS(ctx->tstate);
return len;
}
@@ -173,28 +169,19 @@
ssl_ConnectionObj *conn = (ssl_ConnectionObj *)SSL_get_app_data(ssl);
PyObject *argv, *ret;
+ if (!conn->tstate)
+ fprintf (stderr, "ERROR: ctx->tstate == NULL!\n");
+ MY_END_ALLOW_THREADS(conn->tstate);
+
argv = Py_BuildValue("(Oii)", (PyObject *)conn, where, _ret);
- if (conn->tstate != NULL)
- {
- /* We need to get back our thread state before calling the callback */
- MY_END_ALLOW_THREADS(conn->tstate);
- ret = PyEval_CallObject(conn->context->info_callback, argv);
- if (ret == NULL)
- PyErr_Clear();
- else
- Py_DECREF(ret);
- MY_BEGIN_ALLOW_THREADS(conn->tstate);
- }
+ ret = PyEval_CallObject(conn->context->info_callback, argv);
+ if (ret == NULL)
+ PyErr_Clear();
else
- {
- ret = PyEval_CallObject(conn->context->info_callback, argv);
- if (ret == NULL)
- PyErr_Clear();
- else
- Py_DECREF(ret);
- }
+ Py_DECREF(ret);
Py_DECREF(argv);
+ MY_BEGIN_ALLOW_THREADS(conn->tstate);
return;
}
@@ -447,6 +434,8 @@
if (!PyArg_ParseTuple(args, "s|i:use_privatekey_file", &keyfile, &filetype))
return NULL;
+ if (self->tstate)
+ fprintf (stderr, "ERROR: ctx->tstate != NULL!\n");
MY_BEGIN_ALLOW_THREADS(self->tstate);
ret = SSL_CTX_use_PrivateKey_file(self->ctx, keyfile, filetype);
MY_END_ALLOW_THREADS(self->tstate);