sipwise
/
kamailio
mirror of https://github.com/sipwise/kamailio.git
1
0
Fork 0
Code Issues Releases Wiki Activity

MT#58875 tls fixes from upstream 5.7 branch, take two

Browse Source 
Change-Id: I4f263a679653018f1d97c7e920ff79ece9298f9d
mr12.2.1
Victor Seva 2 years ago
parent 5cce2f8c3c
commit 901ea7aa34
9 changed files with 631 additions and 0 deletions
Show Stats Download Patch File Download Diff File

8
debian/patches/series vendored
Unescape View File

@ -36,6 +36,14 @@ upstream/Makefile.groups-tlsa-in-packaging-group-ktls-if-KTLS.patch
upstream/tls-rework-init-mode-1-to-set-PTHREAD_PROCESS_SHARED.patch
upstream/tls-init-early-the-local-lock-for-memory.patch
upstream/core-parse-privacy-recompute-lenght-of-rest-to-parse.patch
upstream/tls-OpenSSL-3.x-thread-local-init-libssl-in-thread-o.patch
upstream/tls-fix-compilation-with-OpenSSL-1.1.1.patch
upstream/tls-OpenSSL-1.1.1-thread-local-init-libssl-in-thread.patch
upstream/tls-thread-local-revert-1a9b0b6361-as-double-layer-l.patch
upstream/tls-OpenSSL-3.x-1.1.1-thread-local-clean-up-dead-cod.patch
upstream/outbound-OpenSSL-3.x-thread-local-init-libssl-in-thr.patch
upstream/outbound-OpenSSL-1.1.1-thread-local-init-libssl-in-t.patch
upstream/outbound-build-fix-missing-argument-name.patch
## upstream master
sipwise/pv_headers-rework-pvh_remove_header_param-take-two.patch
upstream/pv_headers-compare-result-of-pvh_set_xavi-with-NULL-.patch

22
debian/patches/upstream/outbound-OpenSSL-1.1.1-thread-local-init-libssl-in-t.patch vendored
Unescape View File

@ -0,0 +1,22 @@
From: S-P Chan <shihping.chan@gmail.com>
Date: Thu, 4 Jan 2024 21:47:23 +0800
Subject: outbound: OpenSSL 1.1.1 thread-local, init libssl in thread
(cherry-pick from 689de2736f5c92f11860e5854ccd95c84239f032)
---
src/modules/outbound/outbound_mod.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/modules/outbound/outbound_mod.c b/src/modules/outbound/outbound_mod.c
index 00c0a66..a797eb8 100644
--- a/src/modules/outbound/outbound_mod.c
+++ b/src/modules/outbound/outbound_mod.c
@@ -110,7 +110,7 @@ static int mod_init(void)
}
ob_key.len = OB_KEY_LEN;
-#if OPENSSL_VERSION_NUMBER < 0x030000000L
+#if OPENSSL_VERSION_NUMBER < 0x010101000L
mod_init_openssl(NULL);
#else
pthread_t tid;

64
debian/patches/upstream/outbound-OpenSSL-3.x-thread-local-init-libssl-in-thr.patch vendored
Unescape View File

@ -0,0 +1,64 @@
From: S-P Chan <shihping.chan@gmail.com>
Date: Thu, 4 Jan 2024 20:11:21 +0800
Subject: outbound: OpenSSL 3.x thread-local, init libssl in thread
(cherry-pick from 4742c8131aba878c4fc954e42b656b9d4bafdd24)
---
src/modules/outbound/outbound_mod.c | 37 +++++++++++++++++++++++++------------
1 file changed, 25 insertions(+), 12 deletions(-)
diff --git a/src/modules/outbound/outbound_mod.c b/src/modules/outbound/outbound_mod.c
index 4e408e2..00c0a66 100644
--- a/src/modules/outbound/outbound_mod.c
+++ b/src/modules/outbound/outbound_mod.c
@@ -75,6 +75,23 @@ struct module_exports exports = {
destroy /* destroy function */
};
+static void *mod_init_openssl(void *) {
+ if(flow_token_secret.s) {
+ assert(ob_key.len == SHA_DIGEST_LENGTH);
+ LM_DBG("flow_token_secret mod param set. use persistent ob_key");
+ SHA1((const unsigned char *)flow_token_secret.s, flow_token_secret.len,
+ (unsigned char *)ob_key.s);
+ } else {
+ if(RAND_bytes((unsigned char *)ob_key.s, ob_key.len) == 0) {
+ LM_ERR("unable to get %d cryptographically strong pseudo-"
+ "random bytes\n",
+ ob_key.len);
+ }
+ }
+
+ return NULL;
+}
+
static int mod_init(void)
{
if(ob_force_flag != -1 && !flag_in_range(ob_force_flag)) {
@@ -93,18 +110,14 @@ static int mod_init(void)
}
ob_key.len = OB_KEY_LEN;
- if(flow_token_secret.s) {
- assert(ob_key.len == SHA_DIGEST_LENGTH);
- LM_DBG("flow_token_secret mod param set. use persistent ob_key");
- SHA1((const unsigned char *)flow_token_secret.s, flow_token_secret.len,
- (unsigned char *)ob_key.s);
- } else {
- if(RAND_bytes((unsigned char *)ob_key.s, ob_key.len) == 0) {
- LM_ERR("unable to get %d cryptographically strong pseudo-"
- "random bytes\n",
- ob_key.len);
- }
- }
+#if OPENSSL_VERSION_NUMBER < 0x030000000L
+ mod_init_openssl(NULL);
+#else
+ pthread_t tid;
+ void *retval;
+ pthread_create(&tid, NULL, mod_init_openssl, NULL);
+ pthread_join(tid, &retval);
+#endif
if(cfg_declare("outbound", outbound_cfg_def, &default_outbound_cfg,
cfg_sizeof(outbound), &outbound_cfg)) {

22
debian/patches/upstream/outbound-build-fix-missing-argument-name.patch vendored
Unescape View File

@ -0,0 +1,22 @@
From: S-P Chan <shihping.chan@gmail.com>
Date: Fri, 5 Jan 2024 20:56:39 +0800
Subject: outbound: build, fix missing argument name
(cherry-pick from 4708f537d7f5d28123b48cd89474a4931dd698ad)
---
src/modules/outbound/outbound_mod.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/modules/outbound/outbound_mod.c b/src/modules/outbound/outbound_mod.c
index a797eb8..32f10f6 100644
--- a/src/modules/outbound/outbound_mod.c
+++ b/src/modules/outbound/outbound_mod.c
@@ -75,7 +75,7 @@ struct module_exports exports = {
destroy /* destroy function */
};
-static void *mod_init_openssl(void *) {
+static void *mod_init_openssl(void *arg) {
if(flow_token_secret.s) {
assert(ob_key.len == SHA_DIGEST_LENGTH);
LM_DBG("flow_token_secret mod param set. use persistent ob_key");

94
debian/patches/upstream/tls-OpenSSL-1.1.1-thread-local-init-libssl-in-thread.patch vendored
Unescape View File

@ -0,0 +1,94 @@
From: S-P Chan <shihping.chan@gmail.com>
Date: Thu, 4 Jan 2024 21:56:00 +0800
Subject: tls: OpenSSL 1.1.1 thread-local, init libssl in thread
- no need for RAND workaround; default is OpenSSL 1.1.1 RAND
- linux/pthreads will handle forking
(cherry-pick from 7b531cfe038fae5e3414ac74c4e076c10e32b86c)
---
src/modules/tls/tls_init.c | 5 +++--
src/modules/tls/tls_mod.c | 22 ++++++++++++----------
2 files changed, 15 insertions(+), 12 deletions(-)
diff --git a/src/modules/tls/tls_init.c b/src/modules/tls/tls_init.c
index 872fdb2..2d5a9e1 100644
--- a/src/modules/tls/tls_init.c
+++ b/src/modules/tls/tls_init.c
@@ -825,7 +825,8 @@ int tls_h_mod_pre_init_f(void)
#if OPENSSL_VERSION_NUMBER >= 0x030000000L
// skip init for 3.x
#elif OPENSSL_VERSION_NUMBER >= 0x010101000L
- OPENSSL_init_ssl(OPENSSL_INIT_ATFORK, NULL);
+ //not needed on Linux
+ //OPENSSL_init_ssl(OPENSSL_INIT_ATFORK, NULL);
#else
OPENSSL_init_ssl(0, NULL);
#endif
@@ -833,7 +834,7 @@ int tls_h_mod_pre_init_f(void)
LM_DBG("preparing tls env for modules initialization (libssl <=1.0)\n");
SSL_library_init();
#endif
-#if OPENSSL_VERSION_NUMBER < 0x030000000L
+#if OPENSSL_VERSION_NUMBER < 0x010101000L
SSL_load_error_strings();
#endif
diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c
index 1e74ba0..03874ed 100644
--- a/src/modules/tls/tls_mod.c
+++ b/src/modules/tls/tls_mod.c
@@ -440,8 +440,16 @@ static int mod_child(int rank)
/* fix tls config only from the main proc/PROC_INIT., when we know
* the exact process number and before any other process starts*/
+ if(rank == PROC_INIT) {
+#if OPENSSL_VERSION_NUMBER >= 0x010101000L \
+ && OPENSSL_VERSION_NUMBER < 0x030000000L
+ if(ksr_tls_init_mode & TLS_MODE_FORK_PREPARE) {
+ // not needed on Linux: OPENSSL_fork_prepare();
+ }
+#endif
+ }
-#if OPENSSL_VERSION_NUMBER >= 0x030000000L
+#if OPENSSL_VERSION_NUMBER >= 0x010101000L
/*
* OpenSSL 3.x: create shared SSL_CTX* in worker to avoid init of
* libssl in rank 0(thread#1)
@@ -460,12 +468,6 @@ static int mod_child(int rank)
< 0)
return -1;
}
-#if OPENSSL_VERSION_NUMBER >= 0x010101000L \
- && OPENSSL_VERSION_NUMBER < 0x030000000L
- if(ksr_tls_init_mode & TLS_MODE_FORK_PREPARE) {
- OPENSSL_fork_prepare();
- }
-#endif
return 0;
}
@@ -476,11 +478,11 @@ static int mod_child(int rank)
/*
* this is called after forking of all child processes
*/
- OPENSSL_fork_parent();
+ // not needed on Linux: OPENSSL_fork_parent();
return 0;
}
if(!_ksr_is_main) {
- OPENSSL_fork_child();
+ // not needed on Linux: OPENSSL_fork_child();
}
}
#endif
@@ -691,7 +693,7 @@ int mod_register(char *path, int *dlflags, void *p1, void *p2)
#if OPENSSL_VERSION_NUMBER >= 0x10100000L \
&& OPENSSL_VERSION_NUMBER < 0x030000000L
LM_DBG("setting cryptorand random engine\n");
- RAND_set_rand_method(RAND_ksr_cryptorand_method());
+ // RAND_set_rand_method(RAND_ksr_cryptorand_method());
#endif
sr_kemi_modules_add(sr_kemi_tls_exports);

107
debian/patches/upstream/tls-OpenSSL-3.x-1.1.1-thread-local-clean-up-dead-cod.patch vendored
Unescape View File

@ -0,0 +1,107 @@
From: S-P Chan <shihping.chan@gmail.com>
Date: Fri, 5 Jan 2024 07:38:56 +0800
Subject: tls: OpenSSL 3.x/1.1.1 thread-local,
clean-up dead code and preprocessor blocks
(cherry-pick from 798cc26908395d2ba21015684ad6f0ac4f012b2e)
---
src/modules/tls/tls_init.c | 7 +------
src/modules/tls/tls_mod.c | 44 ++++++++++----------------------------------
2 files changed, 11 insertions(+), 40 deletions(-)
diff --git a/src/modules/tls/tls_init.c b/src/modules/tls/tls_init.c
index 58289c6..65f5ae7 100644
--- a/src/modules/tls/tls_init.c
+++ b/src/modules/tls/tls_init.c
@@ -783,12 +783,7 @@ int tls_h_mod_pre_init_f(void)
LM_DBG("preparing tls env for modules initialization\n");
#if OPENSSL_VERSION_NUMBER >= 0x010100000L && !defined(LIBRESSL_VERSION_NUMBER)
LM_DBG("preparing tls env for modules initialization (libssl >=1.1)\n");
-#if OPENSSL_VERSION_NUMBER >= 0x030000000L
- // skip init for 3.x
-#elif OPENSSL_VERSION_NUMBER >= 0x010101000L
- //not needed on Linux
- //OPENSSL_init_ssl(OPENSSL_INIT_ATFORK, NULL);
-#else
+#if OPENSSL_VERSION_NUMBER < 0x010100000L
OPENSSL_init_ssl(0, NULL);
#endif
#else
diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c
index 03874ed..7cad1b0 100644
--- a/src/modules/tls/tls_mod.c
+++ b/src/modules/tls/tls_mod.c
@@ -438,20 +438,9 @@ static int mod_child(int rank)
if(tls_disable || (tls_domains_cfg == 0))
return 0;
- /* fix tls config only from the main proc/PROC_INIT., when we know
- * the exact process number and before any other process starts*/
- if(rank == PROC_INIT) {
-#if OPENSSL_VERSION_NUMBER >= 0x010101000L \
- && OPENSSL_VERSION_NUMBER < 0x030000000L
- if(ksr_tls_init_mode & TLS_MODE_FORK_PREPARE) {
- // not needed on Linux: OPENSSL_fork_prepare();
- }
-#endif
- }
-
#if OPENSSL_VERSION_NUMBER >= 0x010101000L
/*
- * OpenSSL 3.x: create shared SSL_CTX* in worker to avoid init of
+ * OpenSSL 3.x/1.1.1: create shared SSL_CTX* in worker to avoid init of
* libssl in rank 0(thread#1)
*/
if(rank == PROC_SIPINIT) {
@@ -471,22 +460,6 @@ static int mod_child(int rank)
return 0;
}
-#if OPENSSL_VERSION_NUMBER >= 0x010101000L \
- && OPENSSL_VERSION_NUMBER < 0x030000000L
- if(ksr_tls_init_mode & TLS_MODE_FORK_PREPARE) {
- if(rank == PROC_POSTCHILDINIT) {
- /*
- * this is called after forking of all child processes
- */
- // not needed on Linux: OPENSSL_fork_parent();
- return 0;
- }
- if(!_ksr_is_main) {
- // not needed on Linux: OPENSSL_fork_child();
- }
- }
-#endif
-
#ifndef OPENSSL_NO_ENGINE
/*
* after the child is fork()ed we go through the TLS domains
@@ -514,6 +487,11 @@ static void mod_destroy(void)
* => nothing to do here */
}
+/*
+ * GH #3695: OpenSSL 1.1.1: it is no longer necessary to replace RAND
+ * - early init in rank 0 causes workers to inherit public_drbg/private_drbg
+ * which are not thread-safe
+ */
int ksr_rand_engine_param(modparam_t type, void *val)
{
@@ -690,12 +668,10 @@ int mod_register(char *path, int *dlflags, void *p1, void *p2)
register_tls_hooks(&tls_h);
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L \
- && OPENSSL_VERSION_NUMBER < 0x030000000L
- LM_DBG("setting cryptorand random engine\n");
- // RAND_set_rand_method(RAND_ksr_cryptorand_method());
-#endif
-
+ /*
+ * GH #3695: OpenSSL 1.1.1 historical note: it is no longer
+ * needed to replace RAND with cryptorand
+ */
sr_kemi_modules_add(sr_kemi_tls_exports);
return 0;

145
debian/patches/upstream/tls-OpenSSL-3.x-thread-local-init-libssl-in-thread-o.patch vendored
Unescape View File

@ -0,0 +1,145 @@
From: S-P Chan <shihping.chan@gmail.com>
Date: Thu, 4 Jan 2024 20:00:09 +0800
Subject: tls: OpenSSL 3.x thread-local, init libssl in thread or PROC_SIPINIT
- avoid initialising ERR_STATE in rank 0(thread#1)
(cherry-pick from e49a60e1052c6c1dcebe7f78f2ac970338eabe2e)
---
src/modules/tls/tls_init.c | 83 +++++++++++++++++++++++++++-------------------
src/modules/tls/tls_mod.c | 11 +++++-
2 files changed, 59 insertions(+), 35 deletions(-)
diff --git a/src/modules/tls/tls_init.c b/src/modules/tls/tls_init.c
index 57be9ca..0bc12d3 100644
--- a/src/modules/tls/tls_init.c
+++ b/src/modules/tls/tls_init.c
@@ -769,6 +769,44 @@ int tls_pre_init(void)
* tls mod pre-init function
* - executed before any mod_init()
*/
+long tls_h_mod_randctx(void *) {
+ do {
+ OSSL_LIB_CTX *osslglobal = NULL;
+ EVP_RAND_CTX *randctx = NULL;
+
+ LM_DBG("enabling locking for rand ctx\n");
+
+ osslglobal = OSSL_LIB_CTX_get0_global_default();
+ if(osslglobal == NULL) {
+ LM_ERR("failed to get lib ssl global ctx\n");
+ return -1L;
+ }
+
+ randctx = RAND_get0_primary(osslglobal);
+ if(randctx == NULL) {
+ LM_ERR("primary rand ctx is null\n");
+ return -1L;
+ }
+ EVP_RAND_enable_locking(randctx);
+
+ randctx = RAND_get0_public(osslglobal);
+ if(randctx == NULL) {
+ LM_ERR("public rand ctx is null\n");
+ return -1L;
+ }
+ EVP_RAND_enable_locking(randctx);
+
+ randctx = RAND_get0_private(osslglobal);
+ if(randctx == NULL) {
+ LM_ERR("private rand ctx is null\n");
+ return -1L;
+ }
+ EVP_RAND_enable_locking(randctx);
+ } while(0);
+
+ return 0L;
+}
+
int tls_h_mod_pre_init_f(void)
{
if(tls_mod_preinitialized == 1) {
@@ -782,7 +820,9 @@ int tls_h_mod_pre_init_f(void)
LM_DBG("preparing tls env for modules initialization\n");
#if OPENSSL_VERSION_NUMBER >= 0x010100000L && !defined(LIBRESSL_VERSION_NUMBER)
LM_DBG("preparing tls env for modules initialization (libssl >=1.1)\n");
-#if OPENSSL_VERSION_NUMBER >= 0x010101000L
+#if OPENSSL_VERSION_NUMBER >= 0x030000000L
+ // skip init for 3.x
+#elif OPENSSL_VERSION_NUMBER >= 0x010101000L
OPENSSL_init_ssl(OPENSSL_INIT_ATFORK, NULL);
#else
OPENSSL_init_ssl(0, NULL);
@@ -791,42 +831,17 @@ int tls_h_mod_pre_init_f(void)
LM_DBG("preparing tls env for modules initialization (libssl <=1.0)\n");
SSL_library_init();
#endif
+#if OPENSSL_VERSION_NUMBER < 0x030000000L
SSL_load_error_strings();
+#endif
#if OPENSSL_VERSION_NUMBER >= 0x030000000L
- do {
- OSSL_LIB_CTX *osslglobal = NULL;
- EVP_RAND_CTX *randctx = NULL;
-
- LM_DBG("enabling locking for rand ctx\n");
-
- osslglobal = OSSL_LIB_CTX_get0_global_default();
- if(osslglobal == NULL) {
- LM_ERR("failed to get lib ssl global ctx\n");
- return -1;
- }
-
- randctx = RAND_get0_primary(osslglobal);
- if(randctx == NULL) {
- LM_ERR("primary rand ctx is null\n");
- return -1;
- }
- EVP_RAND_enable_locking(randctx);
-
- randctx = RAND_get0_public(osslglobal);
- if(randctx == NULL) {
- LM_ERR("public rand ctx is null\n");
- return -1;
- }
- EVP_RAND_enable_locking(randctx);
-
- randctx = RAND_get0_private(osslglobal);
- if(randctx == NULL) {
- LM_ERR("private rand ctx is null\n");
- return -1;
- }
- EVP_RAND_enable_locking(randctx);
- } while(0);
+ pthread_t tid;
+ long rl;
+ pthread_create(&tid, NULL, (void *(*)(void *))tls_h_mod_randctx, NULL);
+ pthread_join(tid, (void **)&rl);
+ if ((int)rl)
+ return (int)rl;
#endif
tls_mod_preinitialized = 1;
diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c
index 3a04776..1e74ba0 100644
--- a/src/modules/tls/tls_mod.c
+++ b/src/modules/tls/tls_mod.c
@@ -440,7 +440,16 @@ static int mod_child(int rank)
/* fix tls config only from the main proc/PROC_INIT., when we know
* the exact process number and before any other process starts*/
- if(rank == PROC_INIT) {
+
+#if OPENSSL_VERSION_NUMBER >= 0x030000000L
+ /*
+ * OpenSSL 3.x: create shared SSL_CTX* in worker to avoid init of
+ * libssl in rank 0(thread#1)
+ */
+ if(rank == PROC_SIPINIT) {
+#else
+ if(rank == PROC_INIT) {
+#endif
if(cfg_get(tls, tls_cfg, config_file).s) {
if(tls_fix_domains_cfg(
*tls_domains_cfg, &srv_defaults, &cli_defaults)

29
debian/patches/upstream/tls-fix-compilation-with-OpenSSL-1.1.1.patch vendored
Unescape View File

@ -0,0 +1,29 @@
From: S-P Chan <shihping.chan@gmail.com>
Date: Thu, 4 Jan 2024 21:51:15 +0800
Subject: tls: fix compilation with OpenSSL <= 1.1.1
(cherry-pick from 7111687e1107261bcdd7a9f8cc90959754c93272)
---
src/modules/tls/tls_init.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/modules/tls/tls_init.c b/src/modules/tls/tls_init.c
index 0bc12d3..872fdb2 100644
--- a/src/modules/tls/tls_init.c
+++ b/src/modules/tls/tls_init.c
@@ -769,6 +769,7 @@ int tls_pre_init(void)
* tls mod pre-init function
* - executed before any mod_init()
*/
+#if OPENSSL_VERSION_NUMBER >= 0x030000000L
long tls_h_mod_randctx(void *) {
do {
OSSL_LIB_CTX *osslglobal = NULL;
@@ -806,6 +807,7 @@ long tls_h_mod_randctx(void *) {
return 0L;
}
+#endif
int tls_h_mod_pre_init_f(void)
{

140
debian/patches/upstream/tls-thread-local-revert-1a9b0b6361-as-double-layer-l.patch vendored
Unescape View File

@ -0,0 +1,140 @@
From: S-P Chan <shihping.chan@gmail.com>
Date: Fri, 5 Jan 2024 08:09:34 +0800
Subject: tls: thread-local,
revert 1a9b0b6361 as double-layer locking is redundant
- the 2nd lock was put in place as defensive programming for shm contention
- GH #3695: the underlying issue is early init of thread-locals
(cherry-pick from 1c70775530b1a3a905e8a983610cb0d092b0d240)
---
src/modules/tls/tls_init.c | 39 ---------------------------------------
1 file changed, 39 deletions(-)
diff --git a/src/modules/tls/tls_init.c b/src/modules/tls/tls_init.c
index 2d5a9e1..58289c6 100644
--- a/src/modules/tls/tls_init.c
+++ b/src/modules/tls/tls_init.c
@@ -259,9 +259,6 @@ static void *ser_malloc(size_t size, const char *file, int line)
static ticks_t st = 0;
#endif
- if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
- pthread_mutex_lock(ksr_tls_lock_shm);
-
#ifdef RAND_NULL_MALLOC
/* start random null returns only after
* NULL_GRACE_PERIOD from first call */
@@ -289,8 +286,6 @@ static void *ser_malloc(size_t size, const char *file, int line)
size, file, line, bt_buf);
}
#endif
- if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
- pthread_mutex_unlock(ksr_tls_lock_shm);
return p;
}
@@ -304,9 +299,6 @@ static void *ser_realloc(void *ptr, size_t size, const char *file, int line)
static ticks_t st = 0;
#endif
- if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
- pthread_mutex_lock(ksr_tls_lock_shm);
-
#ifdef RAND_NULL_MALLOC
/* start random null returns only after
* NULL_GRACE_PERIOD from first call */
@@ -335,21 +327,14 @@ static void *ser_realloc(void *ptr, size_t size, const char *file, int line)
}
#endif
- if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
- pthread_mutex_unlock(ksr_tls_lock_shm);
-
return p;
}
static void ser_free(void *ptr, const char *fname, int fline)
{
- if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
- pthread_mutex_lock(ksr_tls_lock_shm);
if(ptr) {
shm_free(ptr);
}
- if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
- pthread_mutex_unlock(ksr_tls_lock_shm);
}
#endif /* LIBRESSL_VERSION_NUMBER */
@@ -363,11 +348,7 @@ static void *ser_malloc(size_t size)
{
void *p;
- if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
- pthread_mutex_lock(ksr_tls_lock_shm);
p = shm_malloc(size);
- if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
- pthread_mutex_unlock(ksr_tls_lock_shm);
return p;
}
@@ -375,22 +356,14 @@ static void *ser_malloc(size_t size)
static void *ser_realloc(void *ptr, size_t size)
{
void *p;
- if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
- pthread_mutex_lock(ksr_tls_lock_shm);
p = shm_realloc(ptr, size);
- if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
- pthread_mutex_unlock(ksr_tls_lock_shm);
return p;
}
#else
static void *ser_malloc(size_t size, const char *fname, int fline)
{
void *p;
- if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
- pthread_mutex_lock(ksr_tls_lock_shm);
p = shm_malloc(size);
- if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
- pthread_mutex_unlock(ksr_tls_lock_shm);
return p;
}
@@ -398,11 +371,7 @@ static void *ser_malloc(size_t size, const char *fname, int fline)
static void *ser_realloc(void *ptr, size_t size, const char *fname, int fline)
{
void *p;
- if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
- pthread_mutex_lock(ksr_tls_lock_shm);
p = shm_realloc(ptr, size);
- if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
- pthread_mutex_unlock(ksr_tls_lock_shm);
return p;
}
#endif
@@ -419,24 +388,16 @@ static void ser_free(void *ptr)
* As shm_free() aborts on null pointers, we have to check for null pointer
* here in the wrapper function.
*/
- if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
- pthread_mutex_lock(ksr_tls_lock_shm);
if(ptr) {
shm_free(ptr);
}
- if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
- pthread_mutex_unlock(ksr_tls_lock_shm);
}
#else
static void ser_free(void *ptr, const char *fname, int fline)
{
- if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
- pthread_mutex_lock(ksr_tls_lock_shm);
if(ptr) {
shm_free(ptr);
}
- if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
- pthread_mutex_unlock(ksr_tls_lock_shm);
}
#endif
Write Preview
Loading…
Cancel
Save