(openssl tls) when OpenSSL is older than 1.1, register the crypto locking callback to be thread safe. Should fix lots of CI failures

2020-05-06 16:26:30 -07:00
parent a65b334961
commit 6c205b983e
8 changed files with 34 additions and 5 deletions
--- a/ixwebsocket/IXSocketOpenSSL.cpp
+++ b/ixwebsocket/IXSocketOpenSSL.cpp
@ -85,6 +85,8 @@ namespace ix

    std::atomic<bool> SocketOpenSSL::_openSSLInitializationSuccessful(false);
    std::once_flag SocketOpenSSL::_openSSLInitFlag;
+    std::unique_ptr<std::mutex[]> SocketOpenSSL::_openSSLMutexes =
+        std::make_unique<std::mutex[]>(CRYPTO_num_locks());

    SocketOpenSSL::SocketOpenSSL(const SocketTLSOptions& tlsOptions, int fd)
        : Socket(fd)
@ -106,6 +108,7 @@ namespace ix
        if (!OPENSSL_init_ssl(OPENSSL_INIT_LOAD_CONFIG, nullptr)) return;
 #else
        (void) OPENSSL_config(nullptr);
+        CRYPTO_set_locking_callback(SocketOpenSSL::openSSLLockingCallback);
 #endif

        (void) OpenSSL_add_ssl_algorithms();
@ -114,6 +117,21 @@ namespace ix
        _openSSLInitializationSuccessful = true;
    }

+    void SocketOpenSSL::openSSLLockingCallback(int mode,
+                                               int type,
+                                               const char* /*file*/,
+                                               int /*line*/)
+    {
+        if (mode & CRYPTO_LOCK)
+        {
+            _openSSLMutexes[type].lock();
+        }
+        else
+        {
+            _openSSLMutexes[type].unlock();
+        }
+    }
+
    std::string SocketOpenSSL::getSSLError(int ret)
    {
        unsigned long e;