mirror of https://github.com/sipwise/kamailio.git
Change-Id: Ie4f68a60e4b4ecfc798efef940cfd944b2b85f9d (cherry picked from commitmr11.58becf82158
) (cherry picked from commite1233a185d
)
parent
1ae53feaa6
commit
a46e882a3a
@ -1,48 +0,0 @@
|
||||
From: Daniel-Constantin Mierla <miconda@gmail.com>
|
||||
Date: Fri, 24 Nov 2023 10:38:49 +0100
|
||||
Subject: Makefile.groups: tlsa in packaging group ktls if
|
||||
KTLS_INCLUDE_TLSA=yes
|
||||
|
||||
- if not, then it is in separate group module_group_ktlsa
|
||||
|
||||
(cherry picked from commit a49c8d8d968e31a539e47db6c06a0756e4be55e3)
|
||||
---
|
||||
src/Makefile.groups | 12 +++++++-----
|
||||
1 file changed, 7 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/src/Makefile.groups b/src/Makefile.groups
|
||||
index ec0d8ac..7cb9586 100644
|
||||
--- a/src/Makefile.groups
|
||||
+++ b/src/Makefile.groups
|
||||
@@ -88,12 +88,12 @@ mod_list_memcached=memcached
|
||||
# - modules depending on openssl library
|
||||
mod_list_tlsdeps=crypto tls
|
||||
|
||||
-# - modules depending on openssl (+curl) library
|
||||
-mod_list_tlsdeps_curl=auth_identity
|
||||
-
|
||||
# - modules depending on static openssl library
|
||||
mod_list_tlsa=tlsa
|
||||
|
||||
+# - modules depending on openssl (+curl) library
|
||||
+mod_list_tlsdeps_curl=auth_identity
|
||||
+
|
||||
# - modules depending on static wolfssl library
|
||||
mod_list_tls_wolfssl=tls_wolfssl
|
||||
|
||||
@@ -414,11 +414,13 @@ module_group_kmemcached=$(mod_list_memcached)
|
||||
# pkg tls module
|
||||
module_group_ktls_basic=$(mod_list_tlsdeps)
|
||||
|
||||
+ifeq ($(KTLS_INCLUDE_TLSA),yes)
|
||||
# pkg tls module with curl
|
||||
-module_group_ktls=$(mod_list_tlsdeps) $(mod_list_tlsdeps_curl)
|
||||
-
|
||||
+module_group_ktls=$(mod_list_tlsdeps) $(mod_list_tlsdeps_curl) $(mod_list_tlsa)
|
||||
+else
|
||||
# pkg tlsa module
|
||||
module_group_ktlsa=$(mod_list_tlsa)
|
||||
+endif
|
||||
|
||||
# pkg tls_wolfssl module
|
||||
module_group_ktls_wolfssl=$(mod_list_tls_wolfssl)
|
@ -1,30 +0,0 @@
|
||||
From: Daniel-Constantin Mierla <miconda@gmail.com>
|
||||
Date: Fri, 8 Dec 2023 22:10:36 +0100
|
||||
Subject: core: parse privacy recompute lenght of rest to parse
|
||||
|
||||
(cherry picked from commit 804ee651b45498727196886c97cb55d20b254c4a)
|
||||
---
|
||||
src/core/parser/parse_privacy.c | 5 ++---
|
||||
1 file changed, 2 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/src/core/parser/parse_privacy.c b/src/core/parser/parse_privacy.c
|
||||
index 6443146..89423c1 100644
|
||||
--- a/src/core/parser/parse_privacy.c
|
||||
+++ b/src/core/parser/parse_privacy.c
|
||||
@@ -178,14 +178,13 @@ int parse_privacy(struct sip_msg *msg)
|
||||
|
||||
values = 0;
|
||||
p = next.s;
|
||||
- len = next.len;
|
||||
- beyond = p + len;
|
||||
+ beyond = next.s + next.len;
|
||||
|
||||
while(p < beyond) {
|
||||
+ len = beyond - p;
|
||||
if((val_len = parse_priv_value(p, len, &value)) != 0) {
|
||||
values |= value;
|
||||
p = p + val_len;
|
||||
- len = len - val_len;
|
||||
} else {
|
||||
LM_ERR("invalid privacy value\n");
|
||||
return -1;
|
@ -1,22 +0,0 @@
|
||||
From: S-P Chan <shihping.chan@gmail.com>
|
||||
Date: Thu, 4 Jan 2024 21:47:23 +0800
|
||||
Subject: outbound: OpenSSL 1.1.1 thread-local, init libssl in thread
|
||||
|
||||
(cherry-pick from 689de2736f5c92f11860e5854ccd95c84239f032)
|
||||
---
|
||||
src/modules/outbound/outbound_mod.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/modules/outbound/outbound_mod.c b/src/modules/outbound/outbound_mod.c
|
||||
index 00c0a66..a797eb8 100644
|
||||
--- a/src/modules/outbound/outbound_mod.c
|
||||
+++ b/src/modules/outbound/outbound_mod.c
|
||||
@@ -110,7 +110,7 @@ static int mod_init(void)
|
||||
}
|
||||
ob_key.len = OB_KEY_LEN;
|
||||
|
||||
-#if OPENSSL_VERSION_NUMBER < 0x030000000L
|
||||
+#if OPENSSL_VERSION_NUMBER < 0x010101000L
|
||||
mod_init_openssl(NULL);
|
||||
#else
|
||||
pthread_t tid;
|
@ -1,64 +0,0 @@
|
||||
From: S-P Chan <shihping.chan@gmail.com>
|
||||
Date: Thu, 4 Jan 2024 20:11:21 +0800
|
||||
Subject: outbound: OpenSSL 3.x thread-local, init libssl in thread
|
||||
|
||||
(cherry-pick from 4742c8131aba878c4fc954e42b656b9d4bafdd24)
|
||||
---
|
||||
src/modules/outbound/outbound_mod.c | 37 +++++++++++++++++++++++++------------
|
||||
1 file changed, 25 insertions(+), 12 deletions(-)
|
||||
|
||||
diff --git a/src/modules/outbound/outbound_mod.c b/src/modules/outbound/outbound_mod.c
|
||||
index 4e408e2..00c0a66 100644
|
||||
--- a/src/modules/outbound/outbound_mod.c
|
||||
+++ b/src/modules/outbound/outbound_mod.c
|
||||
@@ -75,6 +75,23 @@ struct module_exports exports = {
|
||||
destroy /* destroy function */
|
||||
};
|
||||
|
||||
+static void *mod_init_openssl(void *) {
|
||||
+ if(flow_token_secret.s) {
|
||||
+ assert(ob_key.len == SHA_DIGEST_LENGTH);
|
||||
+ LM_DBG("flow_token_secret mod param set. use persistent ob_key");
|
||||
+ SHA1((const unsigned char *)flow_token_secret.s, flow_token_secret.len,
|
||||
+ (unsigned char *)ob_key.s);
|
||||
+ } else {
|
||||
+ if(RAND_bytes((unsigned char *)ob_key.s, ob_key.len) == 0) {
|
||||
+ LM_ERR("unable to get %d cryptographically strong pseudo-"
|
||||
+ "random bytes\n",
|
||||
+ ob_key.len);
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ return NULL;
|
||||
+}
|
||||
+
|
||||
static int mod_init(void)
|
||||
{
|
||||
if(ob_force_flag != -1 && !flag_in_range(ob_force_flag)) {
|
||||
@@ -93,18 +110,14 @@ static int mod_init(void)
|
||||
}
|
||||
ob_key.len = OB_KEY_LEN;
|
||||
|
||||
- if(flow_token_secret.s) {
|
||||
- assert(ob_key.len == SHA_DIGEST_LENGTH);
|
||||
- LM_DBG("flow_token_secret mod param set. use persistent ob_key");
|
||||
- SHA1((const unsigned char *)flow_token_secret.s, flow_token_secret.len,
|
||||
- (unsigned char *)ob_key.s);
|
||||
- } else {
|
||||
- if(RAND_bytes((unsigned char *)ob_key.s, ob_key.len) == 0) {
|
||||
- LM_ERR("unable to get %d cryptographically strong pseudo-"
|
||||
- "random bytes\n",
|
||||
- ob_key.len);
|
||||
- }
|
||||
- }
|
||||
+#if OPENSSL_VERSION_NUMBER < 0x030000000L
|
||||
+ mod_init_openssl(NULL);
|
||||
+#else
|
||||
+ pthread_t tid;
|
||||
+ void *retval;
|
||||
+ pthread_create(&tid, NULL, mod_init_openssl, NULL);
|
||||
+ pthread_join(tid, &retval);
|
||||
+#endif
|
||||
|
||||
if(cfg_declare("outbound", outbound_cfg_def, &default_outbound_cfg,
|
||||
cfg_sizeof(outbound), &outbound_cfg)) {
|
@ -1,22 +0,0 @@
|
||||
From: S-P Chan <shihping.chan@gmail.com>
|
||||
Date: Fri, 5 Jan 2024 20:56:39 +0800
|
||||
Subject: outbound: build, fix missing argument name
|
||||
|
||||
(cherry-pick from 4708f537d7f5d28123b48cd89474a4931dd698ad)
|
||||
---
|
||||
src/modules/outbound/outbound_mod.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/modules/outbound/outbound_mod.c b/src/modules/outbound/outbound_mod.c
|
||||
index a797eb8..32f10f6 100644
|
||||
--- a/src/modules/outbound/outbound_mod.c
|
||||
+++ b/src/modules/outbound/outbound_mod.c
|
||||
@@ -75,7 +75,7 @@ struct module_exports exports = {
|
||||
destroy /* destroy function */
|
||||
};
|
||||
|
||||
-static void *mod_init_openssl(void *) {
|
||||
+static void *mod_init_openssl(void *arg) {
|
||||
if(flow_token_secret.s) {
|
||||
assert(ob_key.len == SHA_DIGEST_LENGTH);
|
||||
LM_DBG("flow_token_secret mod param set. use persistent ob_key");
|
@ -1,94 +0,0 @@
|
||||
From: S-P Chan <shihping.chan@gmail.com>
|
||||
Date: Thu, 4 Jan 2024 21:56:00 +0800
|
||||
Subject: tls: OpenSSL 1.1.1 thread-local, init libssl in thread
|
||||
|
||||
- no need for RAND workaround; default is OpenSSL 1.1.1 RAND
|
||||
- linux/pthreads will handle forking
|
||||
|
||||
(cherry-pick from 7b531cfe038fae5e3414ac74c4e076c10e32b86c)
|
||||
---
|
||||
src/modules/tls/tls_init.c | 5 +++--
|
||||
src/modules/tls/tls_mod.c | 22 ++++++++++++----------
|
||||
2 files changed, 15 insertions(+), 12 deletions(-)
|
||||
|
||||
diff --git a/src/modules/tls/tls_init.c b/src/modules/tls/tls_init.c
|
||||
index 872fdb2..2d5a9e1 100644
|
||||
--- a/src/modules/tls/tls_init.c
|
||||
+++ b/src/modules/tls/tls_init.c
|
||||
@@ -825,7 +825,8 @@ int tls_h_mod_pre_init_f(void)
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x030000000L
|
||||
// skip init for 3.x
|
||||
#elif OPENSSL_VERSION_NUMBER >= 0x010101000L
|
||||
- OPENSSL_init_ssl(OPENSSL_INIT_ATFORK, NULL);
|
||||
+ //not needed on Linux
|
||||
+ //OPENSSL_init_ssl(OPENSSL_INIT_ATFORK, NULL);
|
||||
#else
|
||||
OPENSSL_init_ssl(0, NULL);
|
||||
#endif
|
||||
@@ -833,7 +834,7 @@ int tls_h_mod_pre_init_f(void)
|
||||
LM_DBG("preparing tls env for modules initialization (libssl <=1.0)\n");
|
||||
SSL_library_init();
|
||||
#endif
|
||||
-#if OPENSSL_VERSION_NUMBER < 0x030000000L
|
||||
+#if OPENSSL_VERSION_NUMBER < 0x010101000L
|
||||
SSL_load_error_strings();
|
||||
#endif
|
||||
|
||||
diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c
|
||||
index 1e74ba0..03874ed 100644
|
||||
--- a/src/modules/tls/tls_mod.c
|
||||
+++ b/src/modules/tls/tls_mod.c
|
||||
@@ -440,8 +440,16 @@ static int mod_child(int rank)
|
||||
|
||||
/* fix tls config only from the main proc/PROC_INIT., when we know
|
||||
* the exact process number and before any other process starts*/
|
||||
+ if(rank == PROC_INIT) {
|
||||
+#if OPENSSL_VERSION_NUMBER >= 0x010101000L \
|
||||
+ && OPENSSL_VERSION_NUMBER < 0x030000000L
|
||||
+ if(ksr_tls_init_mode & TLS_MODE_FORK_PREPARE) {
|
||||
+ // not needed on Linux: OPENSSL_fork_prepare();
|
||||
+ }
|
||||
+#endif
|
||||
+ }
|
||||
|
||||
-#if OPENSSL_VERSION_NUMBER >= 0x030000000L
|
||||
+#if OPENSSL_VERSION_NUMBER >= 0x010101000L
|
||||
/*
|
||||
* OpenSSL 3.x: create shared SSL_CTX* in worker to avoid init of
|
||||
* libssl in rank 0(thread#1)
|
||||
@@ -460,12 +468,6 @@ static int mod_child(int rank)
|
||||
< 0)
|
||||
return -1;
|
||||
}
|
||||
-#if OPENSSL_VERSION_NUMBER >= 0x010101000L \
|
||||
- && OPENSSL_VERSION_NUMBER < 0x030000000L
|
||||
- if(ksr_tls_init_mode & TLS_MODE_FORK_PREPARE) {
|
||||
- OPENSSL_fork_prepare();
|
||||
- }
|
||||
-#endif
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -476,11 +478,11 @@ static int mod_child(int rank)
|
||||
/*
|
||||
* this is called after forking of all child processes
|
||||
*/
|
||||
- OPENSSL_fork_parent();
|
||||
+ // not needed on Linux: OPENSSL_fork_parent();
|
||||
return 0;
|
||||
}
|
||||
if(!_ksr_is_main) {
|
||||
- OPENSSL_fork_child();
|
||||
+ // not needed on Linux: OPENSSL_fork_child();
|
||||
}
|
||||
}
|
||||
#endif
|
||||
@@ -691,7 +693,7 @@ int mod_register(char *path, int *dlflags, void *p1, void *p2)
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x10100000L \
|
||||
&& OPENSSL_VERSION_NUMBER < 0x030000000L
|
||||
LM_DBG("setting cryptorand random engine\n");
|
||||
- RAND_set_rand_method(RAND_ksr_cryptorand_method());
|
||||
+ // RAND_set_rand_method(RAND_ksr_cryptorand_method());
|
||||
#endif
|
||||
|
||||
sr_kemi_modules_add(sr_kemi_tls_exports);
|
@ -1,107 +0,0 @@
|
||||
From: S-P Chan <shihping.chan@gmail.com>
|
||||
Date: Fri, 5 Jan 2024 07:38:56 +0800
|
||||
Subject: tls: OpenSSL 3.x/1.1.1 thread-local,
|
||||
clean-up dead code and preprocessor blocks
|
||||
|
||||
(cherry-pick from 798cc26908395d2ba21015684ad6f0ac4f012b2e)
|
||||
---
|
||||
src/modules/tls/tls_init.c | 7 +------
|
||||
src/modules/tls/tls_mod.c | 44 ++++++++++----------------------------------
|
||||
2 files changed, 11 insertions(+), 40 deletions(-)
|
||||
|
||||
diff --git a/src/modules/tls/tls_init.c b/src/modules/tls/tls_init.c
|
||||
index 58289c6..65f5ae7 100644
|
||||
--- a/src/modules/tls/tls_init.c
|
||||
+++ b/src/modules/tls/tls_init.c
|
||||
@@ -783,12 +783,7 @@ int tls_h_mod_pre_init_f(void)
|
||||
LM_DBG("preparing tls env for modules initialization\n");
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x010100000L && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
LM_DBG("preparing tls env for modules initialization (libssl >=1.1)\n");
|
||||
-#if OPENSSL_VERSION_NUMBER >= 0x030000000L
|
||||
- // skip init for 3.x
|
||||
-#elif OPENSSL_VERSION_NUMBER >= 0x010101000L
|
||||
- //not needed on Linux
|
||||
- //OPENSSL_init_ssl(OPENSSL_INIT_ATFORK, NULL);
|
||||
-#else
|
||||
+#if OPENSSL_VERSION_NUMBER < 0x010100000L
|
||||
OPENSSL_init_ssl(0, NULL);
|
||||
#endif
|
||||
#else
|
||||
diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c
|
||||
index 03874ed..7cad1b0 100644
|
||||
--- a/src/modules/tls/tls_mod.c
|
||||
+++ b/src/modules/tls/tls_mod.c
|
||||
@@ -438,20 +438,9 @@ static int mod_child(int rank)
|
||||
if(tls_disable || (tls_domains_cfg == 0))
|
||||
return 0;
|
||||
|
||||
- /* fix tls config only from the main proc/PROC_INIT., when we know
|
||||
- * the exact process number and before any other process starts*/
|
||||
- if(rank == PROC_INIT) {
|
||||
-#if OPENSSL_VERSION_NUMBER >= 0x010101000L \
|
||||
- && OPENSSL_VERSION_NUMBER < 0x030000000L
|
||||
- if(ksr_tls_init_mode & TLS_MODE_FORK_PREPARE) {
|
||||
- // not needed on Linux: OPENSSL_fork_prepare();
|
||||
- }
|
||||
-#endif
|
||||
- }
|
||||
-
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x010101000L
|
||||
/*
|
||||
- * OpenSSL 3.x: create shared SSL_CTX* in worker to avoid init of
|
||||
+ * OpenSSL 3.x/1.1.1: create shared SSL_CTX* in worker to avoid init of
|
||||
* libssl in rank 0(thread#1)
|
||||
*/
|
||||
if(rank == PROC_SIPINIT) {
|
||||
@@ -471,22 +460,6 @@ static int mod_child(int rank)
|
||||
return 0;
|
||||
}
|
||||
|
||||
-#if OPENSSL_VERSION_NUMBER >= 0x010101000L \
|
||||
- && OPENSSL_VERSION_NUMBER < 0x030000000L
|
||||
- if(ksr_tls_init_mode & TLS_MODE_FORK_PREPARE) {
|
||||
- if(rank == PROC_POSTCHILDINIT) {
|
||||
- /*
|
||||
- * this is called after forking of all child processes
|
||||
- */
|
||||
- // not needed on Linux: OPENSSL_fork_parent();
|
||||
- return 0;
|
||||
- }
|
||||
- if(!_ksr_is_main) {
|
||||
- // not needed on Linux: OPENSSL_fork_child();
|
||||
- }
|
||||
- }
|
||||
-#endif
|
||||
-
|
||||
#ifndef OPENSSL_NO_ENGINE
|
||||
/*
|
||||
* after the child is fork()ed we go through the TLS domains
|
||||
@@ -514,6 +487,11 @@ static void mod_destroy(void)
|
||||
* => nothing to do here */
|
||||
}
|
||||
|
||||
+/*
|
||||
+ * GH #3695: OpenSSL 1.1.1: it is no longer necessary to replace RAND
|
||||
+ * - early init in rank 0 causes workers to inherit public_drbg/private_drbg
|
||||
+ * which are not thread-safe
|
||||
+ */
|
||||
|
||||
int ksr_rand_engine_param(modparam_t type, void *val)
|
||||
{
|
||||
@@ -690,12 +668,10 @@ int mod_register(char *path, int *dlflags, void *p1, void *p2)
|
||||
|
||||
register_tls_hooks(&tls_h);
|
||||
|
||||
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L \
|
||||
- && OPENSSL_VERSION_NUMBER < 0x030000000L
|
||||
- LM_DBG("setting cryptorand random engine\n");
|
||||
- // RAND_set_rand_method(RAND_ksr_cryptorand_method());
|
||||
-#endif
|
||||
-
|
||||
+ /*
|
||||
+ * GH #3695: OpenSSL 1.1.1 historical note: it is no longer
|
||||
+ * needed to replace RAND with cryptorand
|
||||
+ */
|
||||
sr_kemi_modules_add(sr_kemi_tls_exports);
|
||||
|
||||
return 0;
|
@ -1,145 +0,0 @@
|
||||
From: S-P Chan <shihping.chan@gmail.com>
|
||||
Date: Thu, 4 Jan 2024 20:00:09 +0800
|
||||
Subject: tls: OpenSSL 3.x thread-local, init libssl in thread or PROC_SIPINIT
|
||||
|
||||
- avoid initialising ERR_STATE in rank 0(thread#1)
|
||||
|
||||
(cherry-pick from e49a60e1052c6c1dcebe7f78f2ac970338eabe2e)
|
||||
---
|
||||
src/modules/tls/tls_init.c | 83 +++++++++++++++++++++++++++-------------------
|
||||
src/modules/tls/tls_mod.c | 11 +++++-
|
||||
2 files changed, 59 insertions(+), 35 deletions(-)
|
||||
|
||||
diff --git a/src/modules/tls/tls_init.c b/src/modules/tls/tls_init.c
|
||||
index 57be9ca..0bc12d3 100644
|
||||
--- a/src/modules/tls/tls_init.c
|
||||
+++ b/src/modules/tls/tls_init.c
|
||||
@@ -769,6 +769,44 @@ int tls_pre_init(void)
|
||||
* tls mod pre-init function
|
||||
* - executed before any mod_init()
|
||||
*/
|
||||
+long tls_h_mod_randctx(void *) {
|
||||
+ do {
|
||||
+ OSSL_LIB_CTX *osslglobal = NULL;
|
||||
+ EVP_RAND_CTX *randctx = NULL;
|
||||
+
|
||||
+ LM_DBG("enabling locking for rand ctx\n");
|
||||
+
|
||||
+ osslglobal = OSSL_LIB_CTX_get0_global_default();
|
||||
+ if(osslglobal == NULL) {
|
||||
+ LM_ERR("failed to get lib ssl global ctx\n");
|
||||
+ return -1L;
|
||||
+ }
|
||||
+
|
||||
+ randctx = RAND_get0_primary(osslglobal);
|
||||
+ if(randctx == NULL) {
|
||||
+ LM_ERR("primary rand ctx is null\n");
|
||||
+ return -1L;
|
||||
+ }
|
||||
+ EVP_RAND_enable_locking(randctx);
|
||||
+
|
||||
+ randctx = RAND_get0_public(osslglobal);
|
||||
+ if(randctx == NULL) {
|
||||
+ LM_ERR("public rand ctx is null\n");
|
||||
+ return -1L;
|
||||
+ }
|
||||
+ EVP_RAND_enable_locking(randctx);
|
||||
+
|
||||
+ randctx = RAND_get0_private(osslglobal);
|
||||
+ if(randctx == NULL) {
|
||||
+ LM_ERR("private rand ctx is null\n");
|
||||
+ return -1L;
|
||||
+ }
|
||||
+ EVP_RAND_enable_locking(randctx);
|
||||
+ } while(0);
|
||||
+
|
||||
+ return 0L;
|
||||
+}
|
||||
+
|
||||
int tls_h_mod_pre_init_f(void)
|
||||
{
|
||||
if(tls_mod_preinitialized == 1) {
|
||||
@@ -782,7 +820,9 @@ int tls_h_mod_pre_init_f(void)
|
||||
LM_DBG("preparing tls env for modules initialization\n");
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x010100000L && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
LM_DBG("preparing tls env for modules initialization (libssl >=1.1)\n");
|
||||
-#if OPENSSL_VERSION_NUMBER >= 0x010101000L
|
||||
+#if OPENSSL_VERSION_NUMBER >= 0x030000000L
|
||||
+ // skip init for 3.x
|
||||
+#elif OPENSSL_VERSION_NUMBER >= 0x010101000L
|
||||
OPENSSL_init_ssl(OPENSSL_INIT_ATFORK, NULL);
|
||||
#else
|
||||
OPENSSL_init_ssl(0, NULL);
|
||||
@@ -791,42 +831,17 @@ int tls_h_mod_pre_init_f(void)
|
||||
LM_DBG("preparing tls env for modules initialization (libssl <=1.0)\n");
|
||||
SSL_library_init();
|
||||
#endif
|
||||
+#if OPENSSL_VERSION_NUMBER < 0x030000000L
|
||||
SSL_load_error_strings();
|
||||
+#endif
|
||||
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x030000000L
|
||||
- do {
|
||||
- OSSL_LIB_CTX *osslglobal = NULL;
|
||||
- EVP_RAND_CTX *randctx = NULL;
|
||||
-
|
||||
- LM_DBG("enabling locking for rand ctx\n");
|
||||
-
|
||||
- osslglobal = OSSL_LIB_CTX_get0_global_default();
|
||||
- if(osslglobal == NULL) {
|
||||
- LM_ERR("failed to get lib ssl global ctx\n");
|
||||
- return -1;
|
||||
- }
|
||||
-
|
||||
- randctx = RAND_get0_primary(osslglobal);
|
||||
- if(randctx == NULL) {
|
||||
- LM_ERR("primary rand ctx is null\n");
|
||||
- return -1;
|
||||
- }
|
||||
- EVP_RAND_enable_locking(randctx);
|
||||
-
|
||||
- randctx = RAND_get0_public(osslglobal);
|
||||
- if(randctx == NULL) {
|
||||
- LM_ERR("public rand ctx is null\n");
|
||||
- return -1;
|
||||
- }
|
||||
- EVP_RAND_enable_locking(randctx);
|
||||
-
|
||||
- randctx = RAND_get0_private(osslglobal);
|
||||
- if(randctx == NULL) {
|
||||
- LM_ERR("private rand ctx is null\n");
|
||||
- return -1;
|
||||
- }
|
||||
- EVP_RAND_enable_locking(randctx);
|
||||
- } while(0);
|
||||
+ pthread_t tid;
|
||||
+ long rl;
|
||||
+ pthread_create(&tid, NULL, (void *(*)(void *))tls_h_mod_randctx, NULL);
|
||||
+ pthread_join(tid, (void **)&rl);
|
||||
+ if ((int)rl)
|
||||
+ return (int)rl;
|
||||
#endif
|
||||
|
||||
tls_mod_preinitialized = 1;
|
||||
diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c
|
||||
index 3a04776..1e74ba0 100644
|
||||
--- a/src/modules/tls/tls_mod.c
|
||||
+++ b/src/modules/tls/tls_mod.c
|
||||
@@ -440,7 +440,16 @@ static int mod_child(int rank)
|
||||
|
||||
/* fix tls config only from the main proc/PROC_INIT., when we know
|
||||
* the exact process number and before any other process starts*/
|
||||
- if(rank == PROC_INIT) {
|
||||
+
|
||||
+#if OPENSSL_VERSION_NUMBER >= 0x030000000L
|
||||
+ /*
|
||||
+ * OpenSSL 3.x: create shared SSL_CTX* in worker to avoid init of
|
||||
+ * libssl in rank 0(thread#1)
|
||||
+ */
|
||||
+ if(rank == PROC_SIPINIT) {
|
||||
+#else
|
||||
+ if(rank == PROC_INIT) {
|
||||
+#endif
|
||||
if(cfg_get(tls, tls_cfg, config_file).s) {
|
||||
if(tls_fix_domains_cfg(
|
||||
*tls_domains_cfg, &srv_defaults, &cli_defaults)
|
@ -1,29 +0,0 @@
|
||||
From: S-P Chan <shihping.chan@gmail.com>
|
||||
Date: Thu, 4 Jan 2024 21:51:15 +0800
|
||||
Subject: tls: fix compilation with OpenSSL <= 1.1.1
|
||||
|
||||
(cherry-pick from 7111687e1107261bcdd7a9f8cc90959754c93272)
|
||||
---
|
||||
src/modules/tls/tls_init.c | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/src/modules/tls/tls_init.c b/src/modules/tls/tls_init.c
|
||||
index 0bc12d3..872fdb2 100644
|
||||
--- a/src/modules/tls/tls_init.c
|
||||
+++ b/src/modules/tls/tls_init.c
|
||||
@@ -769,6 +769,7 @@ int tls_pre_init(void)
|
||||
* tls mod pre-init function
|
||||
* - executed before any mod_init()
|
||||
*/
|
||||
+#if OPENSSL_VERSION_NUMBER >= 0x030000000L
|
||||
long tls_h_mod_randctx(void *) {
|
||||
do {
|
||||
OSSL_LIB_CTX *osslglobal = NULL;
|
||||
@@ -806,6 +807,7 @@ long tls_h_mod_randctx(void *) {
|
||||
|
||||
return 0L;
|
||||
}
|
||||
+#endif
|
||||
|
||||
int tls_h_mod_pre_init_f(void)
|
||||
{
|
@ -1,49 +0,0 @@
|
||||
From: Daniel-Constantin Mierla <miconda@gmail.com>
|
||||
Date: Fri, 8 Dec 2023 12:34:56 +0100
|
||||
Subject: tls: init early the local lock for memory
|
||||
|
||||
- needed to done before mod param init_mode is set
|
||||
- runtime uses the modparam to do lock/unlock
|
||||
- #3668
|
||||
|
||||
(cherry picked from commit 1a9b0b63617afebcee2aecb3b2240d7684ecabc2)
|
||||
---
|
||||
src/modules/tls/tls_init.c | 11 ++++++++++-
|
||||
1 file changed, 10 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/modules/tls/tls_init.c b/src/modules/tls/tls_init.c
|
||||
index 6106cc7..57be9ca 100644
|
||||
--- a/src/modules/tls/tls_init.c
|
||||
+++ b/src/modules/tls/tls_init.c
|
||||
@@ -78,7 +78,7 @@ int ksr_tls_lock_init(void)
|
||||
{
|
||||
pthread_mutexattr_t attr;
|
||||
|
||||
- if(!(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)) {
|
||||
+ if(ksr_tls_lock_shm != NULL) {
|
||||
return 0;
|
||||
}
|
||||
ksr_tls_lock_shm = (pthread_mutex_t *)shm_mallocxz(sizeof(pthread_mutex_t));
|
||||
@@ -723,6 +723,11 @@ int tls_pre_init(void)
|
||||
LM_INFO("libssl linked mode: static\n");
|
||||
#endif
|
||||
|
||||
+ if(ksr_tls_lock_init() < 0) {
|
||||
+ LM_ERR("failed to init local lock\n");
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
/*
|
||||
* this has to be called before any function calling CRYPTO_malloc,
|
||||
* CRYPTO_malloc will set allow_customize in openssl to 0
|
||||
@@ -770,6 +775,10 @@ int tls_h_mod_pre_init_f(void)
|
||||
LM_DBG("already mod pre-initialized\n");
|
||||
return 0;
|
||||
}
|
||||
+ if(ksr_tls_lock_init() < 0) {
|
||||
+ LM_ERR("failed to init local lock\n");
|
||||
+ return -1;
|
||||
+ }
|
||||
LM_DBG("preparing tls env for modules initialization\n");
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x010100000L && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
LM_DBG("preparing tls env for modules initialization (libssl >=1.1)\n");
|
@ -1,218 +0,0 @@
|
||||
From: Daniel-Constantin Mierla <miconda@gmail.com>
|
||||
Date: Thu, 7 Dec 2023 13:00:50 +0100
|
||||
Subject: tls: rework init mode 1 to set PTHREAD_PROCESS_SHARED
|
||||
|
||||
- pthread mutex set in shm
|
||||
- GH #3635
|
||||
|
||||
(cherry picked from commit 4b068f49b618dca5fa85a1687bd9054c1d98ae6a)
|
||||
---
|
||||
src/modules/tls/tls_init.c | 62 ++++++++++++++++++++++++++++++++--------------
|
||||
src/modules/tls/tls_mod.c | 8 +++---
|
||||
2 files changed, 47 insertions(+), 23 deletions(-)
|
||||
|
||||
diff --git a/src/modules/tls/tls_init.c b/src/modules/tls/tls_init.c
|
||||
index d7399e8..6106cc7 100644
|
||||
--- a/src/modules/tls/tls_init.c
|
||||
+++ b/src/modules/tls/tls_init.c
|
||||
@@ -69,20 +69,31 @@ static int tls_mod_preinitialized = 0;
|
||||
static int tls_mod_initialized = 0;
|
||||
|
||||
extern int ksr_tls_init_mode;
|
||||
-pthread_mutex_t ksr_tls_lock_shm;
|
||||
+static pthread_mutex_t *ksr_tls_lock_shm = NULL;
|
||||
|
||||
/**
|
||||
*
|
||||
*/
|
||||
int ksr_tls_lock_init(void)
|
||||
{
|
||||
+ pthread_mutexattr_t attr;
|
||||
+
|
||||
if(!(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)) {
|
||||
return 0;
|
||||
}
|
||||
- if(pthread_mutex_init(&ksr_tls_lock_shm, NULL) != 0) {
|
||||
+ ksr_tls_lock_shm = (pthread_mutex_t *)shm_mallocxz(sizeof(pthread_mutex_t));
|
||||
+ if(ksr_tls_lock_shm == NULL) {
|
||||
+ LM_ERR("mutex allocation failed\n");
|
||||
+ return -1;
|
||||
+ }
|
||||
+ pthread_mutexattr_init(&attr);
|
||||
+ pthread_mutexattr_setpshared(&attr, PTHREAD_PROCESS_SHARED);
|
||||
+ if(pthread_mutex_init(ksr_tls_lock_shm, &attr) != 0) {
|
||||
+ pthread_mutexattr_destroy(&attr);
|
||||
LM_ERR("mutex init failed\n");
|
||||
return -1;
|
||||
}
|
||||
+ pthread_mutexattr_destroy(&attr);
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -94,7 +105,8 @@ void ksr_tls_lock_destroy(void)
|
||||
if(!(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)) {
|
||||
return;
|
||||
}
|
||||
- pthread_mutex_destroy(&ksr_tls_lock_shm);
|
||||
+ pthread_mutex_destroy(ksr_tls_lock_shm);
|
||||
+ shm_free(ksr_tls_lock_shm);
|
||||
return;
|
||||
}
|
||||
|
||||
@@ -248,7 +260,7 @@ static void *ser_malloc(size_t size, const char *file, int line)
|
||||
#endif
|
||||
|
||||
if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
|
||||
- pthread_mutex_lock(&ksr_tls_lock_shm);
|
||||
+ pthread_mutex_lock(ksr_tls_lock_shm);
|
||||
|
||||
#ifdef RAND_NULL_MALLOC
|
||||
/* start random null returns only after
|
||||
@@ -278,7 +290,7 @@ static void *ser_malloc(size_t size, const char *file, int line)
|
||||
}
|
||||
#endif
|
||||
if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
|
||||
- pthread_mutex_unlock(&ksr_tls_lock_shm);
|
||||
+ pthread_mutex_unlock(ksr_tls_lock_shm);
|
||||
return p;
|
||||
}
|
||||
|
||||
@@ -293,7 +305,7 @@ static void *ser_realloc(void *ptr, size_t size, const char *file, int line)
|
||||
#endif
|
||||
|
||||
if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
|
||||
- pthread_mutex_lock(&ksr_tls_lock_shm);
|
||||
+ pthread_mutex_lock(ksr_tls_lock_shm);
|
||||
|
||||
#ifdef RAND_NULL_MALLOC
|
||||
/* start random null returns only after
|
||||
@@ -324,10 +336,22 @@ static void *ser_realloc(void *ptr, size_t size, const char *file, int line)
|
||||
#endif
|
||||
|
||||
if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
|
||||
- pthread_mutex_unlock(&ksr_tls_lock_shm);
|
||||
+ pthread_mutex_unlock(ksr_tls_lock_shm);
|
||||
|
||||
return p;
|
||||
}
|
||||
+
|
||||
+static void ser_free(void *ptr, const char *fname, int fline)
|
||||
+{
|
||||
+ if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
|
||||
+ pthread_mutex_lock(ksr_tls_lock_shm);
|
||||
+ if(ptr) {
|
||||
+ shm_free(ptr);
|
||||
+ }
|
||||
+ if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
|
||||
+ pthread_mutex_unlock(ksr_tls_lock_shm);
|
||||
+}
|
||||
+
|
||||
#endif /* LIBRESSL_VERSION_NUMBER */
|
||||
|
||||
#else /*TLS_MALLOC_DBG */
|
||||
@@ -340,10 +364,10 @@ static void *ser_malloc(size_t size)
|
||||
void *p;
|
||||
|
||||
if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
|
||||
- pthread_mutex_lock(&ksr_tls_lock_shm);
|
||||
+ pthread_mutex_lock(ksr_tls_lock_shm);
|
||||
p = shm_malloc(size);
|
||||
if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
|
||||
- pthread_mutex_unlock(&ksr_tls_lock_shm);
|
||||
+ pthread_mutex_unlock(ksr_tls_lock_shm);
|
||||
return p;
|
||||
}
|
||||
|
||||
@@ -352,10 +376,10 @@ static void *ser_realloc(void *ptr, size_t size)
|
||||
{
|
||||
void *p;
|
||||
if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
|
||||
- pthread_mutex_lock(&ksr_tls_lock_shm);
|
||||
+ pthread_mutex_lock(ksr_tls_lock_shm);
|
||||
p = shm_realloc(ptr, size);
|
||||
if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
|
||||
- pthread_mutex_unlock(&ksr_tls_lock_shm);
|
||||
+ pthread_mutex_unlock(ksr_tls_lock_shm);
|
||||
return p;
|
||||
}
|
||||
#else
|
||||
@@ -363,10 +387,10 @@ static void *ser_malloc(size_t size, const char *fname, int fline)
|
||||
{
|
||||
void *p;
|
||||
if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
|
||||
- pthread_mutex_lock(&ksr_tls_lock_shm);
|
||||
+ pthread_mutex_lock(ksr_tls_lock_shm);
|
||||
p = shm_malloc(size);
|
||||
if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
|
||||
- pthread_mutex_unlock(&ksr_tls_lock_shm);
|
||||
+ pthread_mutex_unlock(ksr_tls_lock_shm);
|
||||
return p;
|
||||
}
|
||||
|
||||
@@ -375,10 +399,10 @@ static void *ser_realloc(void *ptr, size_t size, const char *fname, int fline)
|
||||
{
|
||||
void *p;
|
||||
if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
|
||||
- pthread_mutex_lock(&ksr_tls_lock_shm);
|
||||
+ pthread_mutex_lock(ksr_tls_lock_shm);
|
||||
p = shm_realloc(ptr, size);
|
||||
if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
|
||||
- pthread_mutex_unlock(&ksr_tls_lock_shm);
|
||||
+ pthread_mutex_unlock(ksr_tls_lock_shm);
|
||||
return p;
|
||||
}
|
||||
#endif
|
||||
@@ -396,23 +420,23 @@ static void ser_free(void *ptr)
|
||||
* here in the wrapper function.
|
||||
*/
|
||||
if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
|
||||
- pthread_mutex_lock(&ksr_tls_lock_shm);
|
||||
+ pthread_mutex_lock(ksr_tls_lock_shm);
|
||||
if(ptr) {
|
||||
shm_free(ptr);
|
||||
}
|
||||
if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
|
||||
- pthread_mutex_unlock(&ksr_tls_lock_shm);
|
||||
+ pthread_mutex_unlock(ksr_tls_lock_shm);
|
||||
}
|
||||
#else
|
||||
static void ser_free(void *ptr, const char *fname, int fline)
|
||||
{
|
||||
if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
|
||||
- pthread_mutex_lock(&ksr_tls_lock_shm);
|
||||
+ pthread_mutex_lock(ksr_tls_lock_shm);
|
||||
if(ptr) {
|
||||
shm_free(ptr);
|
||||
}
|
||||
if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
|
||||
- pthread_mutex_unlock(&ksr_tls_lock_shm);
|
||||
+ pthread_mutex_unlock(ksr_tls_lock_shm);
|
||||
}
|
||||
#endif
|
||||
|
||||
diff --git a/src/modules/tls/tls_mod.c b/src/modules/tls/tls_mod.c
|
||||
index c966e34..3a04776 100644
|
||||
--- a/src/modules/tls/tls_mod.c
|
||||
+++ b/src/modules/tls/tls_mod.c
|
||||
@@ -402,10 +402,6 @@ static int mod_init(void)
|
||||
if(tls_check_sockets(*tls_domains_cfg) < 0)
|
||||
goto error;
|
||||
|
||||
- if(ksr_tls_lock_init() < 0) {
|
||||
- goto error;
|
||||
- }
|
||||
-
|
||||
LM_INFO("use OpenSSL version: %08x\n", (uint32_t)(OPENSSL_VERSION_NUMBER));
|
||||
#ifndef OPENSSL_NO_ECDH
|
||||
LM_INFO("With ECDH-Support!\n");
|
||||
@@ -674,6 +670,10 @@ int mod_register(char *path, int *dlflags, void *p1, void *p2)
|
||||
if(!shm_initialized() && init_shm() < 0)
|
||||
return -1;
|
||||
|
||||
+ if(ksr_tls_lock_init() < 0) {
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
if(tls_pre_init() < 0)
|
||||
return -1;
|
||||
|
@ -1,140 +0,0 @@
|
||||
From: S-P Chan <shihping.chan@gmail.com>
|
||||
Date: Fri, 5 Jan 2024 08:09:34 +0800
|
||||
Subject: tls: thread-local,
|
||||
revert 1a9b0b6361 as double-layer locking is redundant
|
||||
|
||||
- the 2nd lock was put in place as defensive programming for shm contention
|
||||
- GH #3695: the underlying issue is early init of thread-locals
|
||||
|
||||
(cherry-pick from 1c70775530b1a3a905e8a983610cb0d092b0d240)
|
||||
---
|
||||
src/modules/tls/tls_init.c | 39 ---------------------------------------
|
||||
1 file changed, 39 deletions(-)
|
||||
|
||||
diff --git a/src/modules/tls/tls_init.c b/src/modules/tls/tls_init.c
|
||||
index 2d5a9e1..58289c6 100644
|
||||
--- a/src/modules/tls/tls_init.c
|
||||
+++ b/src/modules/tls/tls_init.c
|
||||
@@ -259,9 +259,6 @@ static void *ser_malloc(size_t size, const char *file, int line)
|
||||
static ticks_t st = 0;
|
||||
#endif
|
||||
|
||||
- if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
|
||||
- pthread_mutex_lock(ksr_tls_lock_shm);
|
||||
-
|
||||
#ifdef RAND_NULL_MALLOC
|
||||
/* start random null returns only after
|
||||
* NULL_GRACE_PERIOD from first call */
|
||||
@@ -289,8 +286,6 @@ static void *ser_malloc(size_t size, const char *file, int line)
|
||||
size, file, line, bt_buf);
|
||||
}
|
||||
#endif
|
||||
- if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
|
||||
- pthread_mutex_unlock(ksr_tls_lock_shm);
|
||||
return p;
|
||||
}
|
||||
|
||||
@@ -304,9 +299,6 @@ static void *ser_realloc(void *ptr, size_t size, const char *file, int line)
|
||||
static ticks_t st = 0;
|
||||
#endif
|
||||
|
||||
- if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
|
||||
- pthread_mutex_lock(ksr_tls_lock_shm);
|
||||
-
|
||||
#ifdef RAND_NULL_MALLOC
|
||||
/* start random null returns only after
|
||||
* NULL_GRACE_PERIOD from first call */
|
||||
@@ -335,21 +327,14 @@ static void *ser_realloc(void *ptr, size_t size, const char *file, int line)
|
||||
}
|
||||
#endif
|
||||
|
||||
- if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
|
||||
- pthread_mutex_unlock(ksr_tls_lock_shm);
|
||||
-
|
||||
return p;
|
||||
}
|
||||
|
||||
static void ser_free(void *ptr, const char *fname, int fline)
|
||||
{
|
||||
- if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
|
||||
- pthread_mutex_lock(ksr_tls_lock_shm);
|
||||
if(ptr) {
|
||||
shm_free(ptr);
|
||||
}
|
||||
- if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
|
||||
- pthread_mutex_unlock(ksr_tls_lock_shm);
|
||||
}
|
||||
|
||||
#endif /* LIBRESSL_VERSION_NUMBER */
|
||||
@@ -363,11 +348,7 @@ static void *ser_malloc(size_t size)
|
||||
{
|
||||
void *p;
|
||||
|
||||
- if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
|
||||
- pthread_mutex_lock(ksr_tls_lock_shm);
|
||||
p = shm_malloc(size);
|
||||
- if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
|
||||
- pthread_mutex_unlock(ksr_tls_lock_shm);
|
||||
return p;
|
||||
}
|
||||
|
||||
@@ -375,22 +356,14 @@ static void *ser_malloc(size_t size)
|
||||
static void *ser_realloc(void *ptr, size_t size)
|
||||
{
|
||||
void *p;
|
||||
- if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
|
||||
- pthread_mutex_lock(ksr_tls_lock_shm);
|
||||
p = shm_realloc(ptr, size);
|
||||
- if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
|
||||
- pthread_mutex_unlock(ksr_tls_lock_shm);
|
||||
return p;
|
||||
}
|
||||
#else
|
||||
static void *ser_malloc(size_t size, const char *fname, int fline)
|
||||
{
|
||||
void *p;
|
||||
- if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
|
||||
- pthread_mutex_lock(ksr_tls_lock_shm);
|
||||
p = shm_malloc(size);
|
||||
- if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
|
||||
- pthread_mutex_unlock(ksr_tls_lock_shm);
|
||||
return p;
|
||||
}
|
||||
|
||||
@@ -398,11 +371,7 @@ static void *ser_malloc(size_t size, const char *fname, int fline)
|
||||
static void *ser_realloc(void *ptr, size_t size, const char *fname, int fline)
|
||||
{
|
||||
void *p;
|
||||
- if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
|
||||
- pthread_mutex_lock(ksr_tls_lock_shm);
|
||||
p = shm_realloc(ptr, size);
|
||||
- if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
|
||||
- pthread_mutex_unlock(ksr_tls_lock_shm);
|
||||
return p;
|
||||
}
|
||||
#endif
|
||||
@@ -419,24 +388,16 @@ static void ser_free(void *ptr)
|
||||
* As shm_free() aborts on null pointers, we have to check for null pointer
|
||||
* here in the wrapper function.
|
||||
*/
|
||||
- if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
|
||||
- pthread_mutex_lock(ksr_tls_lock_shm);
|
||||
if(ptr) {
|
||||
shm_free(ptr);
|
||||
}
|
||||
- if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
|
||||
- pthread_mutex_unlock(ksr_tls_lock_shm);
|
||||
}
|
||||
#else
|
||||
static void ser_free(void *ptr, const char *fname, int fline)
|
||||
{
|
||||
- if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
|
||||
- pthread_mutex_lock(ksr_tls_lock_shm);
|
||||
if(ptr) {
|
||||
shm_free(ptr);
|
||||
}
|
||||
- if(ksr_tls_init_mode & TLS_MODE_PTHREAD_LOCK_SHM)
|
||||
- pthread_mutex_unlock(ksr_tls_lock_shm);
|
||||
}
|
||||
#endif
|
||||
|
Loading…
Reference in new issue