Overview
Comment: | Register helpers for thread-safety with OpenSSL. |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA3-256: |
54c783b25f4c7f294d9e691e7393f645 |
User & Date: | jos@kuijpersvof.nl on 2011-10-22 16:36:08 |
Other Links: | manifest | tags |
Context
2011-10-23
| ||
23:39 | Add methods enabling certificate verification check-in: 7fa9a01744 user: florob@babelmonkeys.de tags: trunk | |
2011-10-22
| ||
16:36 | Register helpers for thread-safety with OpenSSL. check-in: 54c783b25f user: jos@kuijpersvof.nl tags: trunk | |
16:33 |
Only call SSL_shutdown if we have an SSL context. This would otherwise cause trouble for listening sockets. check-in: 5695c6cedc user: js tags: trunk | |
Changes
Modified src/SSLSocket.m from [caea951286] to [c5200f606f].
︙ | |||
23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 | 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 | + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + | #include <unistd.h> #include <errno.h> #include <assert.h> #import <ObjFW/OFHTTPRequest.h> #import <ObjFW/OFDataArray.h> #include <openssl/crypto.h> #import "SSLSocket.h" #import <ObjFW/OFAcceptFailedException.h> #import <ObjFW/OFConnectionFailedException.h> #import <ObjFW/OFInitializationFailedException.h> #import <ObjFW/OFInvalidArgumentException.h> #import <ObjFW/OFNotConnectedException.h> #import <ObjFW/OFOutOfRangeException.h> #import <ObjFW/OFReadFailedException.h> #import <ObjFW/OFWriteFailedException.h> #import <ObjFW/macros.h> #import <ObjFW/threading.h> #ifndef INVALID_SOCKET # define INVALID_SOCKET -1 #endif static SSL_CTX *ctx; static of_mutex_t *ssl_mutexes; static void ssl_locking_callback(int mode, int n, const char *file, int line) { /* * This function must handle up to CRYPTO_num_locks() mutexes. * It must set the n-th lock if mode & CRYPTO_LOCK, * release it otherwise. */ if (mode & CRYPTO_LOCK) of_mutex_lock(&ssl_mutexes[n]); else of_mutex_unlock(&ssl_mutexes[n]); } @implementation SSLSocket + (void)load { of_http_request_tls_socket_class = self; } + (void)initialize { int m; if (self != [SSLSocket class]) return; CRYPTO_set_id_callback(&of_thread_current); /* Generate number of mutexes needed */ m = CRYPTO_num_locks(); ssl_mutexes = malloc(m * sizeof(of_mutex_t)); for (m--; m >= 0; m--) of_mutex_new(&ssl_mutexes[m]); CRYPTO_set_locking_callback(&ssl_locking_callback); SSL_library_init(); if ((ctx = SSL_CTX_new(SSLv23_method())) == NULL) @throw [OFInitializationFailedException exceptionWithClass: self]; if ((SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2) & SSL_OP_NO_SSLv2) == 0) |
︙ |