[openssl-commits] [openssl] master update
Rich Salz
rsalz at openssl.org
Mon Oct 26 20:36:08 UTC 2015
The branch master has been updated
via 0e56b4b42439d0842956a6730dec904ed70bbef7 (commit)
from d2c3d5d4fcfee0820ed3e7018f9b1537a97cbe2e (commit)
- Log -----------------------------------------------------------------
commit 0e56b4b42439d0842956a6730dec904ed70bbef7
Author: Rich Salz <rsalz at akamai.com>
Date: Mon Oct 26 16:00:23 2015 -0400
Move crypto/threads to demo/threads
Reviewed-by: Richard Levitte <levitte at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
CHANGES | 3 +
demos/threads/README | 7 +
demos/threads/mttest.c | 773 ++++++++++++++++++++++
demos/threads/pthread.sh | 6 +
crypto/asn1/a_digest.c => demos/threads/th-lock.c | 151 ++++-
demos/threads/win32.bat | 4 +
6 files changed, 910 insertions(+), 34 deletions(-)
create mode 100644 demos/threads/README
create mode 100644 demos/threads/mttest.c
create mode 100644 demos/threads/pthread.sh
copy crypto/asn1/a_digest.c => demos/threads/th-lock.c (52%)
create mode 100644 demos/threads/win32.bat
diff --git a/CHANGES b/CHANGES
index 3408794..7f33901 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,9 @@
Changes between 1.0.2 and 1.1.0 [xx XXX xxxx]
+ *) The demo files in crypto/threads were moved to demo/threads.
+ [Rich Salz]
+
*) Removed obsolete engines: 4758cca, aep, atalla, cswift, nuron and sureware.
[Matt Caswell]
diff --git a/demos/threads/README b/demos/threads/README
new file mode 100644
index 0000000..d8f358b
--- /dev/null
+++ b/demos/threads/README
@@ -0,0 +1,7 @@
+This shows how to set up the OpenSSL callbacks for use in
+multi-threaded programs.
+
+Two implementations, one for Win32 native and one for pthreads, are provided
+in th-lock.c A test program is in mttest.c
+
+Build scripts are in pthread.sh and win32.bat
diff --git a/demos/threads/mttest.c b/demos/threads/mttest.c
new file mode 100644
index 0000000..797a2ca
--- /dev/null
+++ b/demos/threads/mttest.c
@@ -0,0 +1,773 @@
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay at cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh at cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#ifdef LINUX
+# include <typedefs.h>
+#endif
+#ifdef OPENSSL_SYS_WIN32
+# include <windows.h>
+#endif
+#ifdef PTHREADS
+# include <pthread.h>
+#endif
+#include <openssl/lhash.h>
+#include <openssl/crypto.h>
+#include <openssl/buffer.h>
+#include <openssl/x509.h>
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+#include <openssl/rand.h>
+
+#define TEST_SERVER_CERT "../../apps/server.pem"
+#define TEST_CLIENT_CERT "../../apps/client.pem"
+
+#define MAX_THREAD_NUMBER 100
+
+int verify_callback(int ok, X509_STORE_CTX *xs);
+void thread_setup(void);
+void thread_cleanup(void);
+void do_threads(SSL_CTX *s_ctx, SSL_CTX *c_ctx);
+
+void win32_locking_callback(int mode, int type, const char *file, int line);
+void pthreads_locking_callback(int mode, int type, const char *file, int line);
+
+void irix_thread_id(CRYPTO_THREADID *tid);
+void pthreads_thread_id(CRYPTO_THREADID *tid);
+
+BIO *bio_err = NULL;
+BIO *bio_stdout = NULL;
+
+static char *cipher = NULL;
+int verbose = 0;
+#ifdef FIONBIO
+static int s_nbio = 0;
+#endif
+
+int thread_number = 10;
+int number_of_loops = 10;
+int reconnect = 0;
+int cache_stats = 0;
+
+static const char rnd_seed[] =
+ "string to make the random number generator think it has entropy";
+
+int doit(char *ctx[4]);
+static void print_stats(BIO *bio, SSL_CTX *ctx)
+{
+ BIO_printf(bio, "%4ld items in the session cache\n",
+ SSL_CTX_sess_number(ctx));
+ BIO_printf(bio, "%4d client connects (SSL_connect())\n",
+ SSL_CTX_sess_connect(ctx));
+ BIO_printf(bio, "%4d client connects that finished\n",
+ SSL_CTX_sess_connect_good(ctx));
+ BIO_printf(bio, "%4d server connects (SSL_accept())\n",
+ SSL_CTX_sess_accept(ctx));
+ BIO_printf(bio, "%4d server connects that finished\n",
+ SSL_CTX_sess_accept_good(ctx));
+ BIO_printf(bio, "%4d session cache hits\n", SSL_CTX_sess_hits(ctx));
+ BIO_printf(bio, "%4d session cache misses\n", SSL_CTX_sess_misses(ctx));
+ BIO_printf(bio, "%4d session cache timeouts\n", SSL_CTX_sess_timeouts(ctx));
+}
+
+static void sv_usage(void)
+{
+ BIO_printf(bio_err, "usage: ssltest [args ...]\n");
+ BIO_printf(bio_err, "\n");
+ BIO_printf(bio_err, " -server_auth - check server certificate\n");
+ BIO_printf(bio_err, " -client_auth - do client authentication\n");
+ BIO_printf(bio_err, " -v - more output\n");
+ BIO_printf(bio_err, " -CApath arg - PEM format directory of CA's\n");
+ BIO_printf(bio_err, " -CAfile arg - PEM format file of CA's\n");
+ BIO_printf(bio_err, " -threads arg - number of threads\n");
+ BIO_printf(bio_err, " -loops arg - number of 'connections', per thread\n");
+ BIO_printf(bio_err, " -reconnect - reuse session-id's\n");
+ BIO_printf(bio_err, " -stats - server session-id cache stats\n");
+ BIO_printf(bio_err, " -cert arg - server certificate/key\n");
+ BIO_printf(bio_err, " -ccert arg - client certificate/key\n");
+ BIO_printf(bio_err, " -ssl3 - just SSLv3n\n");
+}
+
+int main(int argc, char *argv[])
+{
+ char *CApath = NULL, *CAfile = NULL;
+ int badop = 0;
+ int ret = 1;
+ int client_auth = 0;
+ int server_auth = 0;
+ SSL_CTX *s_ctx = NULL;
+ SSL_CTX *c_ctx = NULL;
+ char *scert = TEST_SERVER_CERT;
+ char *ccert = TEST_CLIENT_CERT;
+ const SSL_METHOD *ssl_method = TLS_method();
+
+ RAND_seed(rnd_seed, sizeof rnd_seed);
+
+ if (bio_err == NULL)
+ bio_err = BIO_new_fd(2, BIO_NOCLOSE);
+ if (bio_stdout == NULL)
+ bio_stdout = BIO_new_fd(1, BIO_NOCLOSE);
+ argc--;
+ argv++;
+
+ while (argc >= 1) {
+ if (strcmp(*argv, "-server_auth") == 0)
+ server_auth = 1;
+ else if (strcmp(*argv, "-client_auth") == 0)
+ client_auth = 1;
+ else if (strcmp(*argv, "-reconnect") == 0)
+ reconnect = 1;
+ else if (strcmp(*argv, "-stats") == 0)
+ cache_stats = 1;
+ else if (strcmp(*argv, "-ssl3") == 0)
+ ssl_method = SSLv3_method();
+ else if (strcmp(*argv, "-CApath") == 0) {
+ if (--argc < 1)
+ goto bad;
+ CApath = *(++argv);
+ } else if (strcmp(*argv, "-CAfile") == 0) {
+ if (--argc < 1)
+ goto bad;
+ CAfile = *(++argv);
+ } else if (strcmp(*argv, "-cert") == 0) {
+ if (--argc < 1)
+ goto bad;
+ scert = *(++argv);
+ } else if (strcmp(*argv, "-ccert") == 0) {
+ if (--argc < 1)
+ goto bad;
+ ccert = *(++argv);
+ } else if (strcmp(*argv, "-threads") == 0) {
+ if (--argc < 1)
+ goto bad;
+ thread_number = atoi(*(++argv));
+ if (thread_number == 0)
+ thread_number = 1;
+ if (thread_number > MAX_THREAD_NUMBER)
+ thread_number = MAX_THREAD_NUMBER;
+ } else if (strcmp(*argv, "-loops") == 0) {
+ if (--argc < 1)
+ goto bad;
+ number_of_loops = atoi(*(++argv));
+ if (number_of_loops == 0)
+ number_of_loops = 1;
+ } else {
+ BIO_printf(bio_err, "unknown option %s\n", *argv);
+ badop = 1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+ if (badop) {
+ bad:
+ sv_usage();
+ goto end;
+ }
+
+ if (cipher == NULL && OPENSSL_issetugid() == 0)
+ cipher = getenv("SSL_CIPHER");
+
+ SSL_load_error_strings();
+ OpenSSL_add_ssl_algorithms();
+
+ c_ctx = SSL_CTX_new(ssl_method);
+ s_ctx = SSL_CTX_new(ssl_method);
+ if ((c_ctx == NULL) || (s_ctx == NULL)) {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ SSL_CTX_set_session_cache_mode(s_ctx,
+ SSL_SESS_CACHE_NO_AUTO_CLEAR |
+ SSL_SESS_CACHE_SERVER);
+ SSL_CTX_set_session_cache_mode(c_ctx,
+ SSL_SESS_CACHE_NO_AUTO_CLEAR |
+ SSL_SESS_CACHE_SERVER);
+
+ if (!SSL_CTX_use_certificate_file(s_ctx, scert, SSL_FILETYPE_PEM)) {
+ BIO_printf(bio_err, "SSL_CTX_use_certificate_file (%s)\n", scert);
+ ERR_print_errors(bio_err);
+ goto end;
+ } else
+ if (!SSL_CTX_use_RSAPrivateKey_file(s_ctx, scert, SSL_FILETYPE_PEM)) {
+ BIO_printf(bio_err, "SSL_CTX_use_RSAPrivateKey_file (%s)\n", scert);
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (client_auth) {
+ SSL_CTX_use_certificate_file(c_ctx, ccert, SSL_FILETYPE_PEM);
+ SSL_CTX_use_RSAPrivateKey_file(c_ctx, ccert, SSL_FILETYPE_PEM);
+ }
+
+ if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) ||
+ (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
+ (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) ||
+ (!SSL_CTX_set_default_verify_paths(c_ctx))) {
+ BIO_printf(bio_err, "SSL_load_verify_locations\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (client_auth) {
+ BIO_printf(bio_err, "client authentication\n");
+ SSL_CTX_set_verify(s_ctx,
+ SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
+ verify_callback);
+ }
+ if (server_auth) {
+ BIO_printf(bio_err, "server authentication\n");
+ SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER, verify_callback);
+ }
+
+ thread_setup();
+ do_threads(s_ctx, c_ctx);
+ thread_cleanup();
+ end:
+
+ if (c_ctx != NULL) {
+ BIO_printf(bio_err, "Client SSL_CTX stats then free it\n");
+ print_stats(bio_err, c_ctx);
+ SSL_CTX_free(c_ctx);
+ }
+ if (s_ctx != NULL) {
+ BIO_printf(bio_err, "Server SSL_CTX stats then free it\n");
+ print_stats(bio_err, s_ctx);
+ if (cache_stats) {
+ BIO_printf(bio_err, "-----\n");
+ lh_SSL_SESSION_stats_bio(SSL_CTX_sessions(s_ctx), bio_err);
+ BIO_printf(bio_err, "-----\n");
+ /*- lh_SSL_SESSION_node_stats_bio(SSL_CTX_sessions(s_ctx),bio_err);
+ BIO_printf(bio_err,"-----\n"); */
+ lh_SSL_SESSION_node_usage_stats_bio(SSL_CTX_sessions(s_ctx), bio_err);
+ BIO_printf(bio_err, "-----\n");
+ }
+ SSL_CTX_free(s_ctx);
+ BIO_printf(bio_err, "done free\n");
+ }
+ exit(ret);
+ return (0);
+}
+
+#define W_READ 1
+#define W_WRITE 2
+#define C_DONE 1
+#define S_DONE 2
+
+int ndoit(SSL_CTX *ssl_ctx[2])
+{
+ int i;
+ int ret;
+ char *ctx[4];
+ CRYPTO_THREADID thread_id;
+
+ ctx[0] = (char *)ssl_ctx[0];
+ ctx[1] = (char *)ssl_ctx[1];
+
+ if (reconnect) {
+ ctx[2] = (char *)SSL_new(ssl_ctx[0]);
+ ctx[3] = (char *)SSL_new(ssl_ctx[1]);
+ } else {
+ ctx[2] = NULL;
+ ctx[3] = NULL;
+ }
+
+ CRYPTO_THREADID_current(&thread_id);
+ BIO_printf(bio_stdout, "started thread %lu\n",
+ CRYPTO_THREADID_hash(&thread_id));
+ for (i = 0; i < number_of_loops; i++) {
+/*- BIO_printf(bio_err,"%4d %2d ctx->ref (%3d,%3d)\n",
+ CRYPTO_THREADID_hash(&thread_id),i,
+ ssl_ctx[0]->references,
+ ssl_ctx[1]->references); */
+/* pthread_delay_np(&tm); */
+
+ ret = doit(ctx);
+ if (ret != 0) {
+ BIO_printf(bio_stdout, "error[%d] %lu - %d\n",
+ i, CRYPTO_THREADID_hash(&thread_id), ret);
+ return (ret);
+ }
+ }
+ BIO_printf(bio_stdout, "DONE %lu\n", CRYPTO_THREADID_hash(&thread_id));
+ if (reconnect) {
+ SSL_free((SSL *)ctx[2]);
+ SSL_free((SSL *)ctx[3]);
+ }
+ return (0);
+}
+
+int doit(char *ctx[4])
+{
+ SSL_CTX *s_ctx, *c_ctx;
+ static char cbuf[200], sbuf[200];
+ SSL *c_ssl = NULL;
+ SSL *s_ssl = NULL;
+ BIO *c_to_s = NULL;
+ BIO *s_to_c = NULL;
+ BIO *c_bio = NULL;
+ BIO *s_bio = NULL;
+ int c_r, c_w, s_r, s_w;
+ int c_want, s_want;
+ int i;
+ int done = 0;
+ int c_write, s_write;
+ int do_server = 0, do_client = 0;
+
+ s_ctx = (SSL_CTX *)ctx[0];
+ c_ctx = (SSL_CTX *)ctx[1];
+
+ if (ctx[2] != NULL)
+ s_ssl = (SSL *)ctx[2];
+ else
+ s_ssl = SSL_new(s_ctx);
+
+ if (ctx[3] != NULL)
+ c_ssl = (SSL *)ctx[3];
+ else
+ c_ssl = SSL_new(c_ctx);
+
+ if ((s_ssl == NULL) || (c_ssl == NULL))
+ goto err;
+
+ c_to_s = BIO_new(BIO_s_mem());
+ s_to_c = BIO_new(BIO_s_mem());
+ if ((s_to_c == NULL) || (c_to_s == NULL))
+ goto err;
+
+ c_bio = BIO_new(BIO_f_ssl());
+ s_bio = BIO_new(BIO_f_ssl());
+ if ((c_bio == NULL) || (s_bio == NULL))
+ goto err;
+
+ SSL_set_connect_state(c_ssl);
+ SSL_set_bio(c_ssl, s_to_c, c_to_s);
+ BIO_set_ssl(c_bio, c_ssl, (ctx[2] == NULL) ? BIO_CLOSE : BIO_NOCLOSE);
+
+ SSL_set_accept_state(s_ssl);
+ SSL_set_bio(s_ssl, c_to_s, s_to_c);
+ BIO_set_ssl(s_bio, s_ssl, (ctx[3] == NULL) ? BIO_CLOSE : BIO_NOCLOSE);
+
+ c_r = 0;
+ s_r = 1;
+ c_w = 1;
+ s_w = 0;
+ c_want = W_WRITE;
+ s_want = 0;
+ c_write = 1, s_write = 0;
+
+ /* We can always do writes */
+ for (;;) {
+ do_server = 0;
+ do_client = 0;
+
+ i = (int)BIO_pending(s_bio);
+ if ((i && s_r) || s_w)
+ do_server = 1;
+
+ i = (int)BIO_pending(c_bio);
+ if ((i && c_r) || c_w)
+ do_client = 1;
+
+ if (do_server && verbose) {
+ if (SSL_in_init(s_ssl))
+ BIO_printf(bio_stdout, "server waiting in SSL_accept - %s\n",
+ SSL_state_string_long(s_ssl));
+ else if (s_write)
+ BIO_printf(bio_stdout, "server:SSL_write()\n");
+ else
+ BIO_printf(bio_stdout, "server:SSL_read()\n");
+ }
+
+ if (do_client && verbose) {
+ if (SSL_in_init(c_ssl))
+ BIO_printf(bio_stdout, "client waiting in SSL_connect - %s\n",
+ SSL_state_string_long(c_ssl));
+ else if (c_write)
+ BIO_printf(bio_stdout, "client:SSL_write()\n");
+ else
+ BIO_printf(bio_stdout, "client:SSL_read()\n");
+ }
+
+ if (!do_client && !do_server) {
+ BIO_printf(bio_stdout, "ERROR IN STARTUP\n");
+ break;
+ }
+ if (do_client && !(done & C_DONE)) {
+ if (c_write) {
+ i = BIO_write(c_bio, "hello from client\n", 18);
+ if (i < 0) {
+ c_r = 0;
+ c_w = 0;
+ if (BIO_should_retry(c_bio)) {
+ if (BIO_should_read(c_bio))
+ c_r = 1;
+ if (BIO_should_write(c_bio))
+ c_w = 1;
+ } else {
+ BIO_printf(bio_err, "ERROR in CLIENT\n");
+ ERR_print_errors_fp(stderr);
+ return (1);
+ }
+ } else if (i == 0) {
+ BIO_printf(bio_err, "SSL CLIENT STARTUP FAILED\n");
+ return (1);
+ } else {
+ /* ok */
+ c_write = 0;
+ }
+ } else {
+ i = BIO_read(c_bio, cbuf, 100);
+ if (i < 0) {
+ c_r = 0;
+ c_w = 0;
+ if (BIO_should_retry(c_bio)) {
+ if (BIO_should_read(c_bio))
+ c_r = 1;
+ if (BIO_should_write(c_bio))
+ c_w = 1;
+ } else {
+ BIO_printf(bio_err, "ERROR in CLIENT\n");
+ ERR_print_errors_fp(stderr);
+ return (1);
+ }
+ } else if (i == 0) {
+ BIO_printf(bio_err, "SSL CLIENT STARTUP FAILED\n");
+ return (1);
+ } else {
+ done |= C_DONE;
+ }
+ }
+ }
+
+ if (do_server && !(done & S_DONE)) {
+ if (!s_write) {
+ i = BIO_read(s_bio, sbuf, 100);
+ if (i < 0) {
+ s_r = 0;
+ s_w = 0;
+ if (BIO_should_retry(s_bio)) {
+ if (BIO_should_read(s_bio))
+ s_r = 1;
+ if (BIO_should_write(s_bio))
+ s_w = 1;
+ } else {
+ BIO_printf(bio_err, "ERROR in SERVER\n");
+ ERR_print_errors_fp(stderr);
+ return (1);
+ }
+ } else if (i == 0) {
+ BIO_printf(bio_err, "SSL SERVER STARTUP FAILED\n");
+ return (1);
+ } else {
+ s_write = 1;
+ s_w = 1;
+ }
+ } else {
+ i = BIO_write(s_bio, "hello from server\n", 18);
+ if (i < 0) {
+ s_r = 0;
+ s_w = 0;
+ if (BIO_should_retry(s_bio)) {
+ if (BIO_should_read(s_bio))
+ s_r = 1;
+ if (BIO_should_write(s_bio))
+ s_w = 1;
+ } else {
+ BIO_printf(bio_err, "ERROR in SERVER\n");
+ ERR_print_errors_fp(stderr);
+ return (1);
+ }
+ } else if (i == 0) {
+ BIO_printf(bio_err, "SSL SERVER STARTUP FAILED\n");
+ return (1);
+ } else {
+ s_write = 0;
+ s_r = 1;
+ done |= S_DONE;
+ }
+ }
+ }
+
+ if ((done & S_DONE) && (done & C_DONE))
+ break;
+ }
+
+ SSL_set_shutdown(c_ssl, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
+ SSL_set_shutdown(s_ssl, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
+
+ err:
+#if 0
+ /*
+ * We have to set the BIO's to NULL otherwise they will be free()ed
+ * twice. Once when th s_ssl is SSL_free()ed and again when c_ssl is
+ * SSL_free()ed. This is a hack required because s_ssl and c_ssl are
+ * sharing the same BIO structure and SSL_set_bio() and SSL_free()
+ * automatically BIO_free non NULL entries. You should not normally do
+ * this or be required to do this
+ */
+
+ if (s_ssl != NULL) {
+ s_ssl->rbio = NULL;
+ s_ssl->wbio = NULL;
+ }
+ if (c_ssl != NULL) {
+ c_ssl->rbio = NULL;
+ c_ssl->wbio = NULL;
+ }
+
+ /* The SSL's are optionally freed in the following calls */
+ BIO_free(c_to_s);
+ BIO_free(s_to_c);
+#endif
+
+ BIO_free(c_bio);
+ BIO_free(s_bio);
+ return (0);
+}
+
+int verify_callback(int ok, X509_STORE_CTX *ctx)
+{
+ char *s, buf[256];
+
+ if (verbose) {
+ s = X509_NAME_oneline(X509_get_subject_name(ctx->current_cert),
+ buf, 256);
+ if (s != NULL) {
+ if (ok)
+ BIO_printf(bio_err, "depth=%d %s\n", ctx->error_depth, buf);
+ else
+ BIO_printf(bio_err, "depth=%d error=%d %s\n",
+ ctx->error_depth, ctx->error, buf);
+ }
+ }
+ return (ok);
+}
+
+#define THREAD_STACK_SIZE (16*1024)
+
+#ifdef OPENSSL_SYS_WIN32
+
+static HANDLE *lock_cs;
+
+void thread_setup(void)
+{
+ int i;
+
+ lock_cs = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(HANDLE));
+ for (i = 0; i < CRYPTO_num_locks(); i++) {
+ lock_cs[i] = CreateMutex(NULL, FALSE, NULL);
+ }
+
+ CRYPTO_set_locking_callback((void (*)(int, int, char *, int))
+ win32_locking_callback);
+ /* id callback defined */
+}
+
+void thread_cleanup(void)
+{
+ int i;
+
+ CRYPTO_set_locking_callback(NULL);
+ for (i = 0; i < CRYPTO_num_locks(); i++)
+ CloseHandle(lock_cs[i]);
+ OPENSSL_free(lock_cs);
+}
+
+void win32_locking_callback(int mode, int type, const char *file, int line)
+{
+ if (mode & CRYPTO_LOCK) {
+ WaitForSingleObject(lock_cs[type], INFINITE);
+ } else {
+ ReleaseMutex(lock_cs[type]);
+ }
+}
+
+void do_threads(SSL_CTX *s_ctx, SSL_CTX *c_ctx)
+{
+ double ret;
+ SSL_CTX *ssl_ctx[2];
+ DWORD thread_id[MAX_THREAD_NUMBER];
+ HANDLE thread_handle[MAX_THREAD_NUMBER];
+ int i;
+ SYSTEMTIME start, end;
+
+ ssl_ctx[0] = s_ctx;
+ ssl_ctx[1] = c_ctx;
+
+ GetSystemTime(&start);
+ for (i = 0; i < thread_number; i++) {
+ thread_handle[i] = CreateThread(NULL,
+ THREAD_STACK_SIZE,
+ (LPTHREAD_START_ROUTINE) ndoit,
+ (void *)ssl_ctx, 0L, &(thread_id[i]));
+ }
+
+ BIO_printf(bio_stdout, "reaping\n");
+ for (i = 0; i < thread_number; i += 50) {
+ int j;
+
+ j = (thread_number < (i + 50)) ? (thread_number - i) : 50;
+
+ if (WaitForMultipleObjects(j,
+ (CONST HANDLE *) & (thread_handle[i]),
+ TRUE, INFINITE)
+ == WAIT_FAILED) {
+ BIO_printf(bio_err, "WaitForMultipleObjects failed:%d\n",
+ GetLastError());
+ exit(1);
+ }
+ }
+ GetSystemTime(&end);
+
+ if (start.wDayOfWeek > end.wDayOfWeek)
+ end.wDayOfWeek += 7;
+ ret = (end.wDayOfWeek - start.wDayOfWeek) * 24;
+
+ ret = (ret + end.wHour - start.wHour) * 60;
+ ret = (ret + end.wMinute - start.wMinute) * 60;
+ ret = (ret + end.wSecond - start.wSecond);
+ ret += (end.wMilliseconds - start.wMilliseconds) / 1000.0;
+
+ BIO_printf(bio_stdout, "win32 threads done - %.3f seconds\n", ret);
+}
+
+#endif /* OPENSSL_SYS_WIN32 */
+
+
+#ifdef PTHREADS
+
+static pthread_mutex_t *lock_cs;
+static long *lock_count;
+
+void thread_setup(void)
+{
+ int i;
+
+ lock_cs = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(pthread_mutex_t));
+ lock_count = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(long));
+ for (i = 0; i < CRYPTO_num_locks(); i++) {
+ lock_count[i] = 0;
+ pthread_mutex_init(&(lock_cs[i]), NULL);
+ }
+
+ CRYPTO_THREADID_set_callback(pthreads_thread_id);
+ CRYPTO_set_locking_callback(pthreads_locking_callback);
+}
+
+void thread_cleanup(void)
+{
+ int i;
+
+ CRYPTO_set_locking_callback(NULL);
+ BIO_printf(bio_err, "cleanup\n");
+ for (i = 0; i < CRYPTO_num_locks(); i++) {
+ pthread_mutex_destroy(&(lock_cs[i]));
+ BIO_printf(bio_err, "%8ld:%s\n", lock_count[i], CRYPTO_get_lock_name(i));
+ }
+ OPENSSL_free(lock_cs);
+ OPENSSL_free(lock_count);
+
+ BIO_printf(bio_err, "done cleanup\n");
+}
+
+void pthreads_locking_callback(int mode, int type, const char *file, int line)
+{
+ if (mode & CRYPTO_LOCK) {
+ pthread_mutex_lock(&(lock_cs[type]));
+ lock_count[type]++;
+ } else {
+ pthread_mutex_unlock(&(lock_cs[type]));
+ }
+}
+
+void do_threads(SSL_CTX *s_ctx, SSL_CTX *c_ctx)
+{
+ SSL_CTX *ssl_ctx[2];
+ pthread_t thread_ctx[MAX_THREAD_NUMBER];
+ int i;
+
+ ssl_ctx[0] = s_ctx;
+ ssl_ctx[1] = c_ctx;
+
+ for (i = 0; i < thread_number; i++) {
+ pthread_create(&(thread_ctx[i]), NULL,
+ (void *(*)())ndoit, (void *)ssl_ctx);
+ }
+
+ BIO_printf(bio_stdout, "reaping\n");
+ for (i = 0; i < thread_number; i++) {
+ pthread_join(thread_ctx[i], NULL);
+ }
+
+#if 0 /* We can't currently find out the reference amount */
+ BIO_printf(bio_stdout, "pthreads threads done (%d,%d)\n",
+ s_ctx->references, c_ctx->references);
+#else
+ BIO_printf(bio_stdout, "pthreads threads done\n");
+#endif
+}
+
+void pthreads_thread_id(CRYPTO_THREADID *tid)
+{
+ CRYPTO_THREADID_set_numeric(tid, (unsigned long)pthread_self());
+}
+
+#endif /* PTHREADS */
diff --git a/demos/threads/pthread.sh b/demos/threads/pthread.sh
new file mode 100644
index 0000000..ec945c4
--- /dev/null
+++ b/demos/threads/pthread.sh
@@ -0,0 +1,6 @@
+#!/bin/sh
+#
+# build using pthreads where it's already built into the system
+#
+/bin/rm -f mttest
+gcc -DPTHREADS -I../../include -g mttest.c -o mttest -L../.. -lssl -lcrypto -lpthread -ldl
diff --git a/crypto/asn1/a_digest.c b/demos/threads/th-lock.c
similarity index 52%
copy from crypto/asn1/a_digest.c
copy to demos/threads/th-lock.c
index 57adccc..dc58cb2 100644
--- a/crypto/asn1/a_digest.c
+++ b/demos/threads/th-lock.c
@@ -1,4 +1,3 @@
-/* crypto/asn1/a_digest.c */
/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
* All rights reserved.
*
@@ -57,55 +56,139 @@
*/
#include <stdio.h>
-#include <time.h>
-
-#include "internal/cryptlib.h"
-
-#ifndef NO_SYS_TYPES_H
-# include <sys/types.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#ifdef LINUX
+# include <typedefs.h>
#endif
-
-#include <openssl/err.h>
-#include <openssl/evp.h>
+#ifdef OPENSSL_SYS_WIN32
+# include <windows.h>
+#endif
+#ifdef PTHREADS
+# include <pthread.h>
+#endif
+#include <openssl/lhash.h>
+#include <openssl/crypto.h>
#include <openssl/buffer.h>
+#include "../../e_os.h"
#include <openssl/x509.h>
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+
+void CRYPTO_thread_setup(void);
+void CRYPTO_thread_cleanup(void);
+
+static void win32_locking_callback(int mode, int type, char *file, int line);
+static void pthreads_locking_callback(int mode, int type, char *file, int line);
+static unsigned long pthreads_thread_id(void);
+
+/*-
+ * usage:
+ * CRYPTO_thread_setup();
+ * application code
+ * CRYPTO_thread_cleanup();
+ */
-#ifndef NO_ASN1_OLD
+#ifdef OPENSSL_SYS_WIN32
-int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data,
- unsigned char *md, unsigned int *len)
+static HANDLE *lock_cs;
+
+void CRYPTO_thread_setup(void)
{
int i;
- unsigned char *str, *p;
- i = i2d(data, NULL);
- if ((str = OPENSSL_malloc(i)) == NULL) {
- ASN1err(ASN1_F_ASN1_DIGEST, ERR_R_MALLOC_FAILURE);
- return (0);
+ lock_cs = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(HANDLE));
+ if (!lock_cs) {
+ /* Nothing we can do about this...void function! */
+ return;
+ }
+ for (i = 0; i < CRYPTO_num_locks(); i++) {
+ lock_cs[i] = CreateMutex(NULL, FALSE, NULL);
}
- p = str;
- i2d(data, &p);
- if (!EVP_Digest(str, i, md, len, type, NULL))
- return 0;
- OPENSSL_free(str);
+ CRYPTO_set_locking_callback((void (*)(int, int, char *, int))
+ win32_locking_callback);
+ /* id callback defined */
return (1);
}
-#endif
+static void CRYPTO_thread_cleanup(void)
+{
+ int i;
-int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *asn,
- unsigned char *md, unsigned int *len)
+ CRYPTO_set_locking_callback(NULL);
+ for (i = 0; i < CRYPTO_num_locks(); i++)
+ CloseHandle(lock_cs[i]);
+ OPENSSL_free(lock_cs);
+}
+
+void win32_locking_callback(int mode, int type, char *file, int line)
+{
+ if (mode & CRYPTO_LOCK) {
+ WaitForSingleObject(lock_cs[type], INFINITE);
+ } else {
+ ReleaseMutex(lock_cs[type]);
+ }
+}
+
+#endif /* OPENSSL_SYS_WIN32 */
+
+/* Linux and a few others */
+#ifdef PTHREADS
+
+static pthread_mutex_t *lock_cs;
+static long *lock_count;
+
+void CRYPTO_thread_setup(void)
{
int i;
- unsigned char *str = NULL;
- i = ASN1_item_i2d(asn, &str, it);
- if (!str)
- return (0);
+ lock_cs = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(pthread_mutex_t));
+ lock_count = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(long));
+ if (!lock_cs || !lock_count) {
+ /* Nothing we can do about this...void function! */
+ OPENSSL_free(lock_cs);
+ OPENSSL_free(lock_count);
+ return;
+ }
+ for (i = 0; i < CRYPTO_num_locks(); i++) {
+ lock_count[i] = 0;
+ pthread_mutex_init(&(lock_cs[i]), NULL);
+ }
- if (!EVP_Digest(str, i, md, len, type, NULL))
- return 0;
- OPENSSL_free(str);
- return (1);
+ CRYPTO_set_id_callback((unsigned long (*)())pthreads_thread_id);
+ CRYPTO_set_locking_callback((void (*)())pthreads_locking_callback);
}
+
+void thread_cleanup(void)
+{
+ int i;
+
+ CRYPTO_set_locking_callback(NULL);
+ for (i = 0; i < CRYPTO_num_locks(); i++) {
+ pthread_mutex_destroy(&(lock_cs[i]));
+ }
+ OPENSSL_free(lock_cs);
+ OPENSSL_free(lock_count);
+}
+
+void pthreads_locking_callback(int mode, int type, char *file, int line)
+{
+ if (mode & CRYPTO_LOCK) {
+ pthread_mutex_lock(&(lock_cs[type]));
+ lock_count[type]++;
+ } else {
+ pthread_mutex_unlock(&(lock_cs[type]));
+ }
+}
+
+unsigned long pthreads_thread_id(void)
+{
+ unsigned long ret;
+
+ ret = (unsigned long)pthread_self();
+ return (ret);
+}
+
+#endif /* PTHREADS */
diff --git a/demos/threads/win32.bat b/demos/threads/win32.bat
new file mode 100644
index 0000000..ee6da80
--- /dev/null
+++ b/demos/threads/win32.bat
@@ -0,0 +1,4 @@
+del mttest.exe
+
+cl /O2 -DWIN32 /MD -I..\..\out mttest.c /Femttest ..\..\out\ssleay32.lib ..\..\out\libeay32.lib
+
More information about the openssl-commits
mailing list