rpms
/
pyOpenSSL
21
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update threadsafe patch

Browse Source
epel9
Dennis Gilmore 17 years ago
parent 2fe4c27aa1
commit b740483ad4
3 changed files with 201 additions and 225 deletions
Show Stats Download Patch File Download Diff File

135
pyOpenSSL-0.7-threadsafe.patch
Unescape View File

@ -1,135 +0,0 @@
--- pyOpenSSL-0.7/src/ssl/context.c 2008-03-21 22:34:42.000000000 +0000
+++ pyOpenSSL-0.7/src/ssl/context-new.c 2008-09-15 23:58:23.000000000 +0100
@@ -64,39 +64,34 @@
static int
global_passphrase_callback(char *buf, int maxlen, int verify, void *arg)
{
- int len;
+ int len = 0;
char *str;
PyObject *argv, *ret = NULL;
ssl_ContextObj *ctx = (ssl_ContextObj *)arg;
+ if (!ctx->tstate)
+ fprintf (stderr, "ERROR: ctx->tstate == NULL!\n");
+ MY_END_ALLOW_THREADS(ctx->tstate);
+
/* The Python callback is called with a (maxlen,verify,userdata) tuple */
argv = Py_BuildValue("(iiO)", maxlen, verify, ctx->passphrase_userdata);
- if (ctx->tstate != NULL)
- {
- /* We need to get back our thread state before calling the callback */
- MY_END_ALLOW_THREADS(ctx->tstate);
- ret = PyEval_CallObject(ctx->passphrase_callback, argv);
- MY_BEGIN_ALLOW_THREADS(ctx->tstate);
- }
- else
- {
- ret = PyEval_CallObject(ctx->passphrase_callback, argv);
- }
+
+ ret = PyEval_CallObject(ctx->passphrase_callback, argv);
Py_DECREF(argv);
if (ret == NULL)
- return 0;
+ goto out;
if (!PyObject_IsTrue(ret))
{
Py_DECREF(ret);
- return 0;
+ goto out;
}
if (!PyString_Check(ret))
{
Py_DECREF(ret);
- return 0;
+ goto out;
}
len = PyString_Size(ret);
@@ -107,6 +102,8 @@
strncpy(buf, str, len);
Py_XDECREF(ret);
+out:
+ MY_BEGIN_ALLOW_THREADS(ctx->tstate);
return len;
}
@@ -126,7 +123,7 @@
SSL *ssl;
ssl_ConnectionObj *conn;
crypto_X509Obj *cert;
- int errnum, errdepth, c_ret, use_thread_state;
+ int errnum, errdepth, c_ret = 0, use_thread_state;
// Get Connection object to check thread state
ssl = (SSL *)X509_STORE_CTX_get_app_data(x509_ctx);
@@ -136,10 +133,15 @@
if (use_thread_state)
MY_END_ALLOW_THREADS(conn->tstate);
- cert = crypto_X509_New(X509_STORE_CTX_get_current_cert(x509_ctx), 0);
errnum = X509_STORE_CTX_get_error(x509_ctx);
errdepth = X509_STORE_CTX_get_error_depth(x509_ctx);
+ if (!conn->tstate)
+ fprintf (stderr, "ERROR: ctx->tstate == NULL!\n");
+ MY_END_ALLOW_THREADS(conn->tstate);
+
+ cert = crypto_X509_New(X509_STORE_CTX_get_current_cert(x509_ctx), 0);
+
argv = Py_BuildValue("(OOiii)", (PyObject *)conn, (PyObject *)cert,
errnum, errdepth, ok);
Py_DECREF(cert);
@@ -173,28 +175,19 @@
ssl_ConnectionObj *conn = (ssl_ConnectionObj *)SSL_get_app_data(ssl);
PyObject *argv, *ret;
+ if (!conn->tstate)
+ fprintf (stderr, "ERROR: ctx->tstate == NULL!\n");
+ MY_END_ALLOW_THREADS(conn->tstate);
+
argv = Py_BuildValue("(Oii)", (PyObject *)conn, where, _ret);
- if (conn->tstate != NULL)
- {
- /* We need to get back our thread state before calling the callback */
- MY_END_ALLOW_THREADS(conn->tstate);
- ret = PyEval_CallObject(conn->context->info_callback, argv);
- if (ret == NULL)
- PyErr_Clear();
- else
- Py_DECREF(ret);
- MY_BEGIN_ALLOW_THREADS(conn->tstate);
- }
+ ret = PyEval_CallObject(conn->context->info_callback, argv);
+ if (ret == NULL)
+ PyErr_Clear();
else
- {
- ret = PyEval_CallObject(conn->context->info_callback, argv);
- if (ret == NULL)
- PyErr_Clear();
- else
- Py_DECREF(ret);
- }
+ Py_DECREF(ret);
Py_DECREF(argv);
+ MY_BEGIN_ALLOW_THREADS(conn->tstate);
return;
}
@@ -447,6 +440,9 @@
if (!PyArg_ParseTuple(args, "s|i:use_privatekey_file", &keyfile, &filetype))
return NULL;
+ if (self->tstate)
+ fprintf (stderr, "ERROR: ctx->tstate != NULL!\n");
+
MY_BEGIN_ALLOW_THREADS(self->tstate);
ret = SSL_CTX_use_PrivateKey_file(self->ctx, keyfile, filetype);
MY_END_ALLOW_THREADS(self->tstate);

283
pyOpenSSL-threadsafe.patch
Unescape View File

@ -1,88 +1,197 @@
--- pyOpenSSL-0.6/src/crypto/crypto.c.threadsafe 2004-08-09 10:56:05.000000000 -0400 diff -Nur pyOpenSSL-0.7-bad/src/crypto/crypto.c pyOpenSSL-0.7/src/crypto/crypto.c
+++ pyOpenSSL-0.6/src/crypto/crypto.c 2005-07-12 22:29:32.000000000 -0400 --- pyOpenSSL-0.7-bad/src/crypto/crypto.c 2008-03-21 17:34:42.000000000 -0500
@@ -668,6 +668,74 @@ +++ pyOpenSSL-0.7/src/crypto/crypto.c 2008-09-19 17:22:12.000000000 -0500
{ NULL, NULL } -694,6 +694,74 @@
}; { NULL, NULL }
};
+
+#ifdef WITH_THREAD
+
+#include <pthread.h>
+
+#define MUTEX_TYPE pthread_mutex_t
+#define MUTEX_SETUP(x) pthread_mutex_init(&(x), NULL)
+#define MUTEX_CLEANUP(x) pthread_mutex_destroy(&(x))
+#define MUTEX_LOCK(x) pthread_mutex_lock(&(x))
+#define MUTEX_UNLOCK(x) pthread_mutex_unlock(&(x))
+#define THREAD_ID pthread_self()
+
+void handle_error(const char *file, int lineno, const char *msg)
+{
+ fprintf(stderr, "** %s:%i %s\n", file, lineno, msg);
+ ERR_print_errors_fp(stderr);
+}
+
+
+/* This array will store all of the mutexes available to OpenSSL. */
+static MUTEX_TYPE *mutex_buf = NULL;
+
+
+static void locking_function(int mode, int n, const char * file, int line)
+{
+ if (mode & CRYPTO_LOCK)
+ MUTEX_LOCK(mutex_buf[n]);
+ else
+ MUTEX_UNLOCK(mutex_buf[n]);
+}
+
+static unsigned long id_function(void)
+{
+ return ((unsigned long)THREAD_ID);
+}
+
+int init_openssl_threads(void)
+{
+ int i;
+
+ mutex_buf = (MUTEX_TYPE *)malloc(CRYPTO_num_locks() * sizeof(MUTEX_TYPE));
+ if (!mutex_buf)
+ return 0;
+ for (i = 0; i < CRYPTO_num_locks(); i++)
+ MUTEX_SETUP(mutex_buf[i]);
+ CRYPTO_set_id_callback(id_function);
+ CRYPTO_set_locking_callback(locking_function);
+ return 1;
+}
+
+int deinit_openssl_threads(void)
+{
+ int i;
+
+ if (!mutex_buf)
+ return 0;
+ CRYPTO_set_id_callback(NULL);
+ CRYPTO_set_locking_callback(NULL);
+ for (i = 0; i < CRYPTO_num_locks(); i++)
+ MUTEX_CLEANUP(mutex_buf[i]);
+ free(mutex_buf);
+ mutex_buf = NULL;
+ return 1;
+}
+
+#endif
+
+
/*
* Initialize crypto sub module
*
-739,6 +807,10 @@
PyModule_AddIntConstant(module, "TYPE_DSA", crypto_TYPE_DSA);
dict = PyModule_GetDict(module);
+#ifdef WITH_THREAD
+ if (!init_openssl_threads())
+ goto error;
+#endif
if (!init_crypto_x509(dict))
goto error;
if (!init_crypto_x509name(dict))
diff -Nur pyOpenSSL-0.7-bad/src/ssl/context.c pyOpenSSL-0.7/src/ssl/context.c
--- pyOpenSSL-0.7-bad/src/ssl/context.c 2008-03-21 17:34:42.000000000 -0500
+++ pyOpenSSL-0.7/src/ssl/context.c 2008-09-19 17:22:12.000000000 -0500
-64,39 +64,33 @@
static int
global_passphrase_callback(char *buf, int maxlen, int verify, void *arg)
{
- int len;
+ int len = 0;
char *str;
PyObject *argv, *ret = NULL;
ssl_ContextObj *ctx = (ssl_ContextObj *)arg;
+ if (!ctx->tstate)
+ fprintf (stderr, "ERROR: ctx->tstate == NULL!\n");
+ MY_END_ALLOW_THREADS(ctx->tstate);
+
/* The Python callback is called with a (maxlen,verify,userdata) tuple */
argv = Py_BuildValue("(iiO)", maxlen, verify, ctx->passphrase_userdata);
- if (ctx->tstate != NULL)
- {
- /* We need to get back our thread state before calling the callback */
- MY_END_ALLOW_THREADS(ctx->tstate);
- ret = PyEval_CallObject(ctx->passphrase_callback, argv);
- MY_BEGIN_ALLOW_THREADS(ctx->tstate);
- }
- else
- {
- ret = PyEval_CallObject(ctx->passphrase_callback, argv);
- }
+ ret = PyEval_CallObject(ctx->passphrase_callback, argv);
Py_DECREF(argv);
if (ret == NULL)
- return 0;
+ goto out;
if (!PyObject_IsTrue(ret))
{
Py_DECREF(ret);
- return 0;
+ goto out;
}
if (!PyString_Check(ret))
{
Py_DECREF(ret);
- return 0;
+ goto out;
}
len = PyString_Size(ret);
-107,6 +101,8 @@
strncpy(buf, str, len);
Py_XDECREF(ret);
+out:
+ MY_BEGIN_ALLOW_THREADS(ctx->tstate);
return len;
}
-173,28 +169,19 @@
ssl_ConnectionObj *conn = (ssl_ConnectionObj *)SSL_get_app_data(ssl);
PyObject *argv, *ret;
+ if (!conn->tstate)
+ fprintf (stderr, "ERROR: ctx->tstate == NULL!\n");
+ MY_END_ALLOW_THREADS(conn->tstate);
+ +
+#ifdef WITH_THREAD argv = Py_BuildValue("(Oii)", (PyObject *)conn, where, _ret);
+ - if (conn->tstate != NULL)
+#include <pthread.h> - {
+ - /* We need to get back our thread state before calling the callback */
+#define MUTEX_TYPE pthread_mutex_t - MY_END_ALLOW_THREADS(conn->tstate);
+#define MUTEX_SETUP(x) pthread_mutex_init(&(x), NULL) - ret = PyEval_CallObject(conn->context->info_callback, argv);
+#define MUTEX_CLEANUP(x) pthread_mutex_destroy(&(x)) - if (ret == NULL)
+#define MUTEX_LOCK(x) pthread_mutex_lock(&(x)) - PyErr_Clear();
+#define MUTEX_UNLOCK(x) pthread_mutex_unlock(&(x)) - else
+#define THREAD_ID pthread_self() - Py_DECREF(ret);
+ - MY_BEGIN_ALLOW_THREADS(conn->tstate);
+void handle_error(const char *file, int lineno, const char *msg) - }
+{ + ret = PyEval_CallObject(conn->context->info_callback, argv);
+ fprintf(stderr, "** %s:%i %s\n", file, lineno, msg); + if (ret == NULL)
+ ERR_print_errors_fp(stderr); + PyErr_Clear();
+} else
+ - {
+ - ret = PyEval_CallObject(conn->context->info_callback, argv);
+/* This array will store all of the mutexes available to OpenSSL. */ - if (ret == NULL)
+static MUTEX_TYPE *mutex_buf = NULL; - PyErr_Clear();
+ - else
+ - Py_DECREF(ret);
+static void locking_function(int mode, int n, const char * file, int line) - }
+{ + Py_DECREF(ret);
+ if (mode & CRYPTO_LOCK) Py_DECREF(argv);
+ MUTEX_LOCK(mutex_buf[n]);
+ else + MY_BEGIN_ALLOW_THREADS(conn->tstate);
+ MUTEX_UNLOCK(mutex_buf[n]); return;
+} }
+
+static unsigned long id_function(void) -447,6 +434,8 @@
+{ if (!PyArg_ParseTuple(args, "s|i:use_privatekey_file", &keyfile, &filetype))
+ return ((unsigned long)THREAD_ID); return NULL;
+}
+ + if (self->tstate)
+int init_openssl_threads(void) + fprintf (stderr, "ERROR: ctx->tstate != NULL!\n");
+{ MY_BEGIN_ALLOW_THREADS(self->tstate);
+ int i; ret = SSL_CTX_use_PrivateKey_file(self->ctx, keyfile, filetype);
+ MY_END_ALLOW_THREADS(self->tstate);
+ mutex_buf = (MUTEX_TYPE *)malloc(CRYPTO_num_locks() * sizeof(MUTEX_TYPE));
+ if (!mutex_buf)
+ return 0;
+ for (i = 0; i < CRYPTO_num_locks(); i++)
+ MUTEX_SETUP(mutex_buf[i]);
+ CRYPTO_set_id_callback(id_function);
+ CRYPTO_set_locking_callback(locking_function);
+ return 1;
+}
+
+int deinit_openssl_threads(void)
+{
+ int i;
+
+ if (!mutex_buf)
+ return 0;
+ CRYPTO_set_id_callback(NULL);
+ CRYPTO_set_locking_callback(NULL);
+ for (i = 0; i < CRYPTO_num_locks(); i++)
+ MUTEX_CLEANUP(mutex_buf[i]);
+ free(mutex_buf);
+ mutex_buf = NULL;
+ return 1;
+}
+
+#endif
+
+
/*
* Initialize crypto sub module
*
@@ -713,6 +779,10 @@
PyModule_AddIntConstant(module, "TYPE_DSA", crypto_TYPE_DSA);
dict = PyModule_GetDict(module);
+#ifdef WITH_THREAD
+ if (!init_openssl_threads())
+ goto error;
+#endif
if (!init_crypto_x509(dict))
goto error;
if (!init_crypto_x509name(dict))

8
pyOpenSSL.spec
Unescape View File

@ -3,13 +3,12 @@
Summary: Python wrapper module around the OpenSSL library Summary: Python wrapper module around the OpenSSL library
Name: pyOpenSSL Name: pyOpenSSL
Version: 0.7 Version: 0.7
Release: 1%{?dist} Release: 2%{?dist}
Source0: http://pyopenssl.sf.net/%{name}-%{version}.tar.gz Source0: http://pyopenssl.sf.net/%{name}-%{version}.tar.gz
Patch0: pyOpenSSL-0.7-openssl.patch Patch0: pyOpenSSL-0.7-openssl.patch
Patch2: pyOpenSSL-elinks.patch Patch2: pyOpenSSL-elinks.patch
Patch3: pyOpenSSL-nopdfout.patch Patch3: pyOpenSSL-nopdfout.patch
Patch4: pyOpenSSL-threadsafe.patch Patch4: pyOpenSSL-threadsafe.patch
Patch5: pyOpenSSL-0.7-threadsafe.patch
License: LGPLv2+ License: LGPLv2+
Group: Development/Libraries Group: Development/Libraries
BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX) BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
@ -31,7 +30,6 @@ High-level wrapper around a subset of the OpenSSL library, includes
%patch2 -p1 -b .elinks %patch2 -p1 -b .elinks
%patch3 -p1 -b .nopdfout %patch3 -p1 -b .nopdfout
%patch4 -p1 -b .threadsafe %patch4 -p1 -b .threadsafe
%patch5 -p1 -b .threadsafe
# Fix permissions for debuginfo package # Fix permissions for debuginfo package
%{__chmod} -x src/ssl/connection.c %{__chmod} -x src/ssl/connection.c
@ -55,6 +53,10 @@ CFLAGS="%{optflags}" %{__python} setup.py build
%{python_sitearch}/%{name}*.egg-info %{python_sitearch}/%{name}*.egg-info
%changelog %changelog
* Fri Sep 19 2008 Dennis Gilmore <dennis@ausil.us> - 0.7-2
- update threadsafe patch
- bug#462807
* Mon Sep 15 2008 Paul F. Johnson <paul@all-the-johnsons.co.uk> 0.7-1 * Mon Sep 15 2008 Paul F. Johnson <paul@all-the-johnsons.co.uk> 0.7-1
- bump to new release - bump to new release
- the inevitable patch fixes - the inevitable patch fixes

Write Preview
Loading…
Cancel
Save