nghttpx: Use LibsslGlobalLock

d4ea2418 · Tatsuhiro Tsujikawa · 73f55e7b · d4ea2418 · d4ea2418 · d4ea2418
Commit d4ea2418 authored Mar 04, 2014 by Tatsuhiro Tsujikawa
Hide whitespace changes
Inline Side-by-side

Showing with 3 additions and 44 deletions

src/Makefile.am src/Makefile.am +1 -0

src/shrpx.cc src/shrpx.cc +2 -3

src/shrpx_ssl.cc src/shrpx_ssl.cc +0 -37

src/shrpx_ssl.h src/shrpx_ssl.h +0 -4

No files found.
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -81,6 +81,7 @@ endif # HAVE_SPDYLAY
 NGHTTPX_SRCS = \
 	util.cc util.h http2.cc http2.h timegm.c timegm.h base64.h \
 	app_helper.cc app_helper.h \
+	ssl.cc ssl.h \
 	shrpx_config.cc shrpx_config.h \
 	shrpx_error.h \
 	shrpx_listen_handler.cc shrpx_listen_handler.h \

--- a/src/shrpx.cc
+++ b/src/shrpx.cc
@@ -54,6 +54,7 @@
 #include "shrpx_ssl.h"
 #include "util.h"
 #include "app_helper.h"
+#include "ssl.h"

 using namespace nghttp2;

@@ -1081,7 +1082,7 @@ int main(int argc, char **argv)
  OpenSSL_add_all_algorithms();
  SSL_load_error_strings();
  SSL_library_init();
-  ssl::setup_ssl_lock();
+  nghttp2::ssl::LibsslGlobalLock();

  if(conf_exists(get_config()->conf_path)) {
    if(load_config(get_config()->conf_path) == -1) {
@@ -1237,8 +1238,6 @@ int main(int argc, char **argv)

  event_loop();

-  ssl::teardown_ssl_lock();
-
  return 0;
 }


--- a/src/shrpx_ssl.cc
+++ b/src/shrpx_ssl.cc
@@ -666,43 +666,6 @@ int check_cert(SSL *ssl)
  return 0;
 }

-namespace {
-std::unique_ptr<pthread_mutex_t[]> ssl_locks;
-} // namespace
-
-namespace {
-void ssl_locking_cb(int mode, int type, const char *file, int line)
-{
-  if(mode & CRYPTO_LOCK) {
-    pthread_mutex_lock(&(ssl_locks[type]));
-  } else {
-    pthread_mutex_unlock(&(ssl_locks[type]));
-  }
-}
-} // namespace
-
-void setup_ssl_lock()
-{
-  ssl_locks = util::make_unique<pthread_mutex_t[]>(CRYPTO_num_locks());
-  for(int i = 0; i < CRYPTO_num_locks(); ++i) {
-    // Always returns 0
-    pthread_mutex_init(&(ssl_locks[i]), 0);
-  }
-  //CRYPTO_set_id_callback(ssl_thread_id); OpenSSL manual says that if
-  // threadid_func is not specified using
-  // CRYPTO_THREADID_set_callback(), then default implementation is
-  // used. We use this default one.
-  CRYPTO_set_locking_callback(ssl_locking_cb);
-}
-
-void teardown_ssl_lock()
-{
-  for(int i = 0; i < CRYPTO_num_locks(); ++i) {
-    pthread_mutex_destroy(&(ssl_locks[i]));
-  }
-  ssl_locks.reset();
-}
-
 CertLookupTree* cert_lookup_tree_new()
 {
  auto tree = new CertLookupTree();

--- a/src/shrpx_ssl.h
+++ b/src/shrpx_ssl.h
@@ -53,10 +53,6 @@ bool numeric_host(const char *hostname);

 int check_cert(SSL *ssl);

-void setup_ssl_lock();
-
-void teardown_ssl_lock();
-
 // Retrieves DNS and IP address in subjectAltNames and commonName from
 // the |cert|.
 void get_altnames(X509 *cert,