diff options
| -rw-r--r-- | .travis.yml | 2 | ||||
| -rw-r--r-- | ffi.rs | 8 | ||||
| -rw-r--r-- | lib.rs | 36 |
3 files changed, 39 insertions, 7 deletions
diff --git a/.travis.yml b/.travis.yml index d689551a..62352f53 100644 --- a/.travis.yml +++ b/.travis.yml @@ -7,4 +7,4 @@ before_script: - openssl s_server -accept 15418 -www -cert test/cert.pem -key test/key.pem >/dev/null & script: - rustpkg build - - env RUST_TEST_TASKS=1 rustpkg test + - rustpkg test @@ -22,6 +22,8 @@ pub type CRYPTO_EX_free = extern "C" fn(parent: *c_void, ptr: *c_void, ad: *CRYPTO_EX_DATA, idx: c_int, argl: c_long, argp: *c_void); +pub static CRYPTO_LOCK: c_int = 1; + pub static SSL_ERROR_NONE: c_int = 0; pub static SSL_ERROR_SSL: c_int = 1; pub static SSL_ERROR_WANT_READ: c_int = 2; @@ -101,6 +103,12 @@ pub static X509_V_ERR_APPLICATION_VERIFICATION: c_int = 50; #[link_args = "-lssl -lcrypto"] extern "C" { + pub fn CRYPTO_num_locks() -> c_int; + pub fn CRYPTO_set_locking_callback(func: extern "C" fn(mode: c_int, + n: c_int, + file: *c_char, + line: c_int)); + pub fn ERR_get_error() -> c_ulong; pub fn SSL_library_init() -> c_int; @@ -6,11 +6,12 @@ #[doc(html_root_url="http://sfackler.com/doc/rust-ssl/")]; use std::cast; -use std::libc::{c_int, c_void}; +use std::libc::{c_int, c_void, c_char}; use std::ptr; use std::task; -use std::unstable::atomics::{AtomicBool, INIT_ATOMIC_BOOL, AtomicInt, - INIT_ATOMIC_INT, Acquire, Release, SeqCst}; +use std::unstable::atomics::{AtomicBool, INIT_ATOMIC_BOOL, AtomicUint, + INIT_ATOMIC_UINT, Acquire, Release, SeqCst}; +use std::unstable::mutex::Mutex; use std::io::{Stream, Reader, Writer, Decorator}; use std::vec; @@ -24,7 +25,10 @@ mod ffi; static mut STARTED_INIT: AtomicBool = INIT_ATOMIC_BOOL; static mut FINISHED_INIT: AtomicBool = INIT_ATOMIC_BOOL; -static mut VERIFY_IDX: AtomicInt = INIT_ATOMIC_INT; +static mut VERIFY_IDX: AtomicUint = INIT_ATOMIC_UINT; + +// actually a *~[Mutex] +static mut MUTEXES: AtomicUint = INIT_ATOMIC_UINT; fn init() { unsafe { @@ -39,7 +43,13 @@ fn init() { let verify_idx = ffi::SSL_CTX_get_ex_new_index(0, ptr::null(), None, None, None); assert!(verify_idx >= 0); - VERIFY_IDX.store(verify_idx as int, SeqCst); + VERIFY_IDX.store(verify_idx as uint, Release); + + let num_locks = ffi::CRYPTO_num_locks(); + let mutexes = ~vec::from_fn(num_locks as uint, |_| Mutex::new()); + MUTEXES.store(cast::transmute(mutexes), Release); + + ffi::CRYPTO_set_locking_callback(locking_function); FINISHED_INIT.store(true, Release); } @@ -73,13 +83,27 @@ pub enum SslVerifyMode { SslVerifyNone = ffi::SSL_VERIFY_NONE } +extern "C" fn locking_function(mode: c_int, n: c_int, _file: *c_char, + _line: c_int) { + unsafe { + let mutexes: *mut ~[Mutex] = cast::transmute(MUTEXES.load(Acquire)); + let mutex = &mut (*mutexes)[n as uint]; + + if mode & ffi::CRYPTO_LOCK != 0 { + mutex.lock(); + } else { + mutex.unlock(); + } + } +} + extern "C" fn raw_verify(preverify_ok: c_int, x509_ctx: *ffi::X509_STORE_CTX) -> c_int { unsafe { let idx = ffi::SSL_get_ex_data_X509_STORE_CTX_idx(); let ssl = ffi::X509_STORE_CTX_get_ex_data(x509_ctx, idx); let ssl_ctx = ffi::SSL_get_SSL_CTX(ssl); - let idx = VERIFY_IDX.load(SeqCst) as c_int; + let idx = VERIFY_IDX.load(Acquire) as c_int; let verify = ffi::SSL_CTX_get_ex_data(ssl_ctx, idx); let verify: Option<VerifyCallback> = cast::transmute(verify); |