-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathsslcom.cpp
178 lines (136 loc) · 5.54 KB
/
sslcom.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
#include <sslcom.hpp>
void CompatThreading::locking_function ( int mode, int n, const char * file, int line ) {
if ( mode & CRYPTO_LOCK ) {
MUTEX_LOCK ( mutex_buf()[n] );
#ifdef MORE_LOGGING
auto const& log = logan::create("com.ssl.threads");
_dum("SSL threading: locked mutex %u for thread %u (%s:%d)",n,id_function(),file,line);
#endif
} else {
MUTEX_UNLOCK ( mutex_buf()[n] );
#ifdef MORE_LOGGING
auto const& log = logan::create("com.ssl.threads");
_dum("SSL threading: unlocked mutex %u from thread %u (%s:%d)",n,id_function(),file,line);
#endif
}
}
unsigned long CompatThreading::id_function () {
static thread_local std::hash<std::thread::id> h;
static thread_local unsigned long id = static_cast<unsigned long> (h(std::this_thread::get_id()));
#ifdef MORE_LOGGING
auto const& log = logan::create("com.ssl.threads");
_dum("SSL threading: id_function: returning %u",id);
#endif
return id;
}
CompatThreading::CRYPTO_dynlock_value* CompatThreading::dyn_create_function(const char *file, int line) {
auto* value = new CRYPTO_dynlock_value();
MUTEX_SETUP(value->mutex);
return value;
}
void CompatThreading::dyn_lock_function(int mode, CompatThreading::CRYPTO_dynlock_value *l, const char *file, int line) {
if (mode & CRYPTO_LOCK)
MUTEX_LOCK(l->mutex);
else
MUTEX_UNLOCK(l->mutex);
}
void CompatThreading::dyn_destroy_function(CompatThreading::CRYPTO_dynlock_value *l, const char *file, int line) {
MUTEX_CLEANUP(l->mutex);
free(l);
}
int CompatThreading::THREAD_setup() {
static auto log = logan::create("com.ssl.threads");
#ifndef USE_OPENSSL11
mutex_buf() = new MUTEX_TYPE[CRYPTO_num_locks()];
if ( !mutex_buf() ) {
_fat("OpenSSL threading support: cannot allocate mutex buffer");
return 0;
}
for (int i = 0; i < CRYPTO_num_locks(); i++ ) {
MUTEX_SETUP ( CompatThreading::mutex_buf()[i] );
}
CRYPTO_set_id_callback ( CompatThreading::id_function );
CRYPTO_set_locking_callback ( CompatThreading::locking_function );
CRYPTO_set_dynlock_create_callback( CompatThreading::dyn_create_function );
CRYPTO_set_dynlock_lock_callback( CompatThreading::dyn_lock_function );
CRYPTO_set_dynlock_destroy_callback( CompatThreading::dyn_destroy_function );
_dia("OpenSSL threading support: enabled");
_dia("OpenSSL: loading error strings");
SSL_load_error_strings();
_dia("OpenSSL: loading algorithms");
SSLeay_add_ssl_algorithms();
#else
_dia("OpenSSL: openssl1.1.x detected, using its own locking mechanisms.");
#endif
return 1;
}
int CompatThreading::THREAD_cleanup() {
#ifndef USE_OPENSSL11
if ( !mutex_buf() ) {
return 0;
}
CRYPTO_set_id_callback (nullptr);
CRYPTO_set_locking_callback (nullptr);
CRYPTO_set_dynlock_create_callback(nullptr);
CRYPTO_set_dynlock_lock_callback(nullptr);
CRYPTO_set_dynlock_destroy_callback(nullptr);
for ( int i = 0; i < CRYPTO_num_locks( ); i++ ) {
MUTEX_CLEANUP ( mutex_buf()[i] );
}
delete[] mutex_buf();
mutex_buf() = nullptr;
#endif
return 1;
}
namespace socle::com::ssl {
const char* SCT_validation_status_str(sct_validation_status_t const& st) {
static const char* SCT_VALIDATION_STATUS_NOT_SET_ = "SCT_VALIDATION_STATUS_NOT_SET";
static const char* SCT_VALIDATION_STATUS_UNKNOWN_LOG_ = "SCT_VALIDATION_STATUS_UNKNOWN_LOG";
static const char* SCT_VALIDATION_STATUS_VALID_ = "SCT_VALIDATION_STATUS_VALID";
static const char* SCT_VALIDATION_STATUS_INVALID_ = "SCT_VALIDATION_STATUS_INVALID";
static const char* SCT_VALIDATION_STATUS_UNVERIFIED_ = "SCT_VALIDATION_STATUS_UNVERIFIED";
static const char* SCT_VALIDATION_STATUS_UNKNOWN_VERSION_ = "SCT_VALIDATION_STATUS_UNKNOWN_VERSION";
static const char* UNK_ = "???";
switch(st) {
case SCT_VALIDATION_STATUS_NOT_SET:
return SCT_VALIDATION_STATUS_NOT_SET_;
case SCT_VALIDATION_STATUS_UNKNOWN_LOG:
return SCT_VALIDATION_STATUS_UNKNOWN_LOG_;
case SCT_VALIDATION_STATUS_VALID:
return SCT_VALIDATION_STATUS_VALID_;
case SCT_VALIDATION_STATUS_INVALID:
return SCT_VALIDATION_STATUS_INVALID_;
case SCT_VALIDATION_STATUS_UNVERIFIED:
return SCT_VALIDATION_STATUS_UNVERIFIED_;
case SCT_VALIDATION_STATUS_UNKNOWN_VERSION:
return SCT_VALIDATION_STATUS_UNKNOWN_VERSION_;
default:
return UNK_;
}
}
std::string connection_name(baseCom const* com, bool reverse) {
if (not com) return {};
std::stringstream ss;
baseCom const *left = reverse ? com->peer() : com;
baseCom const *right = reverse ? com : com->peer();
if (left->owner_cx()) {
ss << left->owner_cx()->name();
} else {
ss << left->shortname();
}
if (right) {
if (right->owner_cx()) {
auto const *rssl = dynamic_cast<SSLCom const*>(right);
if (rssl) {
auto sni = rssl->get_sni();
ss << "->[sni:" << sni << "]" << right->owner_cx()->name();
} else {
ss << "->" << right->owner_cx()->name();
}
} else {
ss << "->" << right->shortname();
}
}
return ss.str();
}
}