mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2025-07-31 03:07:29 +02:00
Support pthread_rwlock (#5952)
* Support rwlock * Fix typo, ENABLE_SESSION_CACHE_ROW_LOCK with TITAN_SESSION_CACHE * Implement read lock - Use read lock for the SessionCache - Don't copy the * TLS 1.3: Don't push ticket to cache if we don't retrieve from it * Detect rwlock support with PTHREAD_RWLOCK_INITIALIZER * Implement explicit rwlocks - Mutex's still necessary for signals. Implement explicit rwlocks and we can migrate critical mutexs to rwlocks when necessary. * Remove WOLFSSL_USE_RWLOCK guard around mutex condLock * condLock not necessary after all * Use configure.ac to check for pthread_rwlock_destroy support * Can't include config.h in wc_port.h as that breaks make distcheck * Check for pthread_rwlock_t to determine if rwlock is available * Code review --------- Co-authored-by: Juliusz Sosinowicz <juliusz@wolfssl.com>
This commit is contained in:
tmael
GitHub
@ -1109,6 +1109,7 @@ AS_IF([ test "x$ENABLED_SINGLETHREADED" = "xno" ],[
|
|||||||
AS_CASE([$PTHREAD_CFLAGS],[-Qunused-arguments*],[PTHREAD_CFLAGS="-Xcompiler $PTHREAD_CFLAGS"])
|
AS_CASE([$PTHREAD_CFLAGS],[-Qunused-arguments*],[PTHREAD_CFLAGS="-Xcompiler $PTHREAD_CFLAGS"])
|
||||||
AM_CFLAGS="$AM_CFLAGS $PTHREAD_CFLAGS"
|
AM_CFLAGS="$AM_CFLAGS $PTHREAD_CFLAGS"
|
||||||
LIBS="$LIBS $PTHREAD_LIBS"
|
LIBS="$LIBS $PTHREAD_LIBS"
|
||||||
|
AC_CHECK_TYPES([pthread_rwlock_t])
|
||||||
],[
|
],[
|
||||||
ENABLED_SINGLETHREADED=yes
|
ENABLED_SINGLETHREADED=yes
|
||||||
])
|
])
|
||||||
|
|||||||
@ -1348,7 +1348,6 @@ static int StartMonitorCRL(WOLFSSL_CRL* crl)
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (crl->setup < 0)
|
if (crl->setup < 0)
|
||||||
ret = crl->setup; /* store setup error */
|
ret = crl->setup; /* store setup error */
|
||||||
|
|
||||||
|
|||||||
@ -288,7 +288,7 @@ static int TlsSessionIdIsValid(WOLFSSL* ssl, WolfSSL_ConstVector sessionID,
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
ret = TlsSessionCacheGetAndLock(sessionID.elements, &sess, &sessRow);
|
ret = TlsSessionCacheGetAndLock(sessionID.elements, &sess, &sessRow, 1);
|
||||||
if (ret == 0 && sess != NULL) {
|
if (ret == 0 && sess != NULL) {
|
||||||
*isValid = 1;
|
*isValid = 1;
|
||||||
TlsSessionCacheUnlockRow(sessRow);
|
TlsSessionCacheUnlockRow(sessRow);
|
||||||
|
|||||||
119
src/ssl.c
119
src/ssl.c
@ -6162,8 +6162,8 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify)
|
|||||||
#if defined(TITAN_SESSION_CACHE)
|
#if defined(TITAN_SESSION_CACHE)
|
||||||
#define SESSIONS_PER_ROW 31
|
#define SESSIONS_PER_ROW 31
|
||||||
#define SESSION_ROWS 64937
|
#define SESSION_ROWS 64937
|
||||||
#ifdef ENABLE_SESSION_CACHE_ROW_LOCK
|
#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
|
||||||
#define ENABLE_SESSION_CACHE_ROW_LOCK
|
#define ENABLE_SESSION_CACHE_ROW_LOCK
|
||||||
#endif
|
#endif
|
||||||
#elif defined(HUGE_SESSION_CACHE)
|
#elif defined(HUGE_SESSION_CACHE)
|
||||||
#define SESSIONS_PER_ROW 11
|
#define SESSIONS_PER_ROW 11
|
||||||
@ -6194,8 +6194,8 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify)
|
|||||||
|
|
||||||
#ifdef ENABLE_SESSION_CACHE_ROW_LOCK
|
#ifdef ENABLE_SESSION_CACHE_ROW_LOCK
|
||||||
/* not included in import/export */
|
/* not included in import/export */
|
||||||
wolfSSL_Mutex row_mutex;
|
wolfSSL_RwLock row_lock;
|
||||||
int mutex_valid;
|
int lock_valid;
|
||||||
#endif
|
#endif
|
||||||
} SessionRow;
|
} SessionRow;
|
||||||
#define SIZEOF_SESSION_ROW (sizeof(WOLFSSL_SESSION) + (sizeof(int) * 2))
|
#define SIZEOF_SESSION_ROW (sizeof(WOLFSSL_SESSION) + (sizeof(int) * 2))
|
||||||
@ -6207,13 +6207,15 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify)
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifdef ENABLE_SESSION_CACHE_ROW_LOCK
|
#ifdef ENABLE_SESSION_CACHE_ROW_LOCK
|
||||||
#define SESSION_ROW_LOCK(row) wc_LockMutex(&(row)->row_mutex)
|
#define SESSION_ROW_RD_LOCK(row) wc_LockRwLock_Rd(&(row)->row_lock)
|
||||||
#define SESSION_ROW_UNLOCK(row) wc_UnLockMutex(&(row)->row_mutex);
|
#define SESSION_ROW_WR_LOCK(row) wc_LockRwLock_Wr(&(row)->row_lock)
|
||||||
|
#define SESSION_ROW_UNLOCK(row) wc_UnLockRwLock(&(row)->row_lock);
|
||||||
#else
|
#else
|
||||||
static WOLFSSL_GLOBAL wolfSSL_Mutex session_mutex; /* SessionCache mutex */
|
static WOLFSSL_GLOBAL wolfSSL_RwLock session_lock; /* SessionCache lock */
|
||||||
static WOLFSSL_GLOBAL int session_mutex_valid = 0;
|
static WOLFSSL_GLOBAL int session_lock_valid = 0;
|
||||||
#define SESSION_ROW_LOCK(row) wc_LockMutex(&session_mutex)
|
#define SESSION_ROW_RD_LOCK(row) wc_LockRwLock_Rd(&session_lock)
|
||||||
#define SESSION_ROW_UNLOCK(row) wc_UnLockMutex(&session_mutex);
|
#define SESSION_ROW_WR_LOCK(row) wc_LockRwLock_Wr(&session_lock)
|
||||||
|
#define SESSION_ROW_UNLOCK(row) wc_UnLockRwLock(&session_lock);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if !defined(NO_SESSION_CACHE_REF) && defined(NO_CLIENT_CACHE)
|
#if !defined(NO_SESSION_CACHE_REF) && defined(NO_CLIENT_CACHE)
|
||||||
@ -6342,25 +6344,25 @@ int wolfSSL_Init(void)
|
|||||||
#ifndef NO_SESSION_CACHE
|
#ifndef NO_SESSION_CACHE
|
||||||
#ifdef ENABLE_SESSION_CACHE_ROW_LOCK
|
#ifdef ENABLE_SESSION_CACHE_ROW_LOCK
|
||||||
for (i = 0; i < SESSION_ROWS; ++i) {
|
for (i = 0; i < SESSION_ROWS; ++i) {
|
||||||
SessionCache[i].mutex_valid = 0;
|
SessionCache[i].lock_valid = 0;
|
||||||
}
|
}
|
||||||
for (i = 0; (ret == WOLFSSL_SUCCESS) && (i < SESSION_ROWS); ++i) {
|
for (i = 0; (ret == WOLFSSL_SUCCESS) && (i < SESSION_ROWS); ++i) {
|
||||||
if (wc_InitMutex(&SessionCache[i].row_mutex) != 0) {
|
if (wc_InitRwLock(&SessionCache[i].row_lock) != 0) {
|
||||||
WOLFSSL_MSG("Bad Init Mutex session");
|
WOLFSSL_MSG("Bad Init Mutex session");
|
||||||
ret = BAD_MUTEX_E;
|
ret = BAD_MUTEX_E;
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
SessionCache[i].mutex_valid = 1;
|
SessionCache[i].lock_valid = 1;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
#else
|
#else
|
||||||
if (ret == WOLFSSL_SUCCESS) {
|
if (ret == WOLFSSL_SUCCESS) {
|
||||||
if (wc_InitMutex(&session_mutex) != 0) {
|
if (wc_InitRwLock(&session_lock) != 0) {
|
||||||
WOLFSSL_MSG("Bad Init Mutex session");
|
WOLFSSL_MSG("Bad Init Mutex session");
|
||||||
ret = BAD_MUTEX_E;
|
ret = BAD_MUTEX_E;
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
session_mutex_valid = 1;
|
session_lock_valid = 1;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
@ -11524,14 +11526,14 @@ int wolfSSL_memsave_session_cache(void* mem, int sz)
|
|||||||
XMEMCPY(mem, &cache_header, sizeof(cache_header));
|
XMEMCPY(mem, &cache_header, sizeof(cache_header));
|
||||||
|
|
||||||
#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
|
#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
|
||||||
if (wc_LockMutex(&session_mutex) != 0) {
|
if (SESSION_ROW_RD_LOCK(row) != 0) {
|
||||||
WOLFSSL_MSG("Session cache mutex lock failed");
|
WOLFSSL_MSG("Session cache mutex lock failed");
|
||||||
return BAD_MUTEX_E;
|
return BAD_MUTEX_E;
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
for (i = 0; i < cache_header.rows; ++i) {
|
for (i = 0; i < cache_header.rows; ++i) {
|
||||||
#ifdef ENABLE_SESSION_CACHE_ROW_LOCK
|
#ifdef ENABLE_SESSION_CACHE_ROW_LOCK
|
||||||
if (SESSION_ROW_LOCK(&SessionCache[i]) != 0) {
|
if (SESSION_ROW_RD_LOCK(&SessionCache[i]) != 0) {
|
||||||
WOLFSSL_MSG("Session row cache mutex lock failed");
|
WOLFSSL_MSG("Session row cache mutex lock failed");
|
||||||
return BAD_MUTEX_E;
|
return BAD_MUTEX_E;
|
||||||
}
|
}
|
||||||
@ -11543,7 +11545,7 @@ int wolfSSL_memsave_session_cache(void* mem, int sz)
|
|||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
|
#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
|
||||||
wc_UnLockMutex(&session_mutex);
|
SESSION_ROW_UNLOCK(row);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifndef NO_CLIENT_CACHE
|
#ifndef NO_CLIENT_CACHE
|
||||||
@ -11586,14 +11588,14 @@ int wolfSSL_memrestore_session_cache(const void* mem, int sz)
|
|||||||
}
|
}
|
||||||
|
|
||||||
#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
|
#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
|
||||||
if (wc_LockMutex(&session_mutex) != 0) {
|
if (SESSION_ROW_WR_LOCK(&SessionCache[0]) != 0) {
|
||||||
WOLFSSL_MSG("Session cache mutex lock failed");
|
WOLFSSL_MSG("Session cache mutex lock failed");
|
||||||
return BAD_MUTEX_E;
|
return BAD_MUTEX_E;
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
for (i = 0; i < cache_header.rows; ++i) {
|
for (i = 0; i < cache_header.rows; ++i) {
|
||||||
#ifdef ENABLE_SESSION_CACHE_ROW_LOCK
|
#ifdef ENABLE_SESSION_CACHE_ROW_LOCK
|
||||||
if (SESSION_ROW_LOCK(&SessionCache[i]) != 0) {
|
if (SESSION_ROW_WR_LOCK(&SessionCache[i]) != 0) {
|
||||||
WOLFSSL_MSG("Session row cache mutex lock failed");
|
WOLFSSL_MSG("Session row cache mutex lock failed");
|
||||||
return BAD_MUTEX_E;
|
return BAD_MUTEX_E;
|
||||||
}
|
}
|
||||||
@ -11605,7 +11607,7 @@ int wolfSSL_memrestore_session_cache(const void* mem, int sz)
|
|||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
|
#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
|
||||||
wc_UnLockMutex(&session_mutex);
|
SESSION_ROW_UNLOCK(&SessionCache[0]);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifndef NO_CLIENT_CACHE
|
#ifndef NO_CLIENT_CACHE
|
||||||
@ -11655,7 +11657,7 @@ int wolfSSL_save_session_cache(const char *fname)
|
|||||||
}
|
}
|
||||||
|
|
||||||
#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
|
#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
|
||||||
if (wc_LockMutex(&session_mutex) != 0) {
|
if (SESSION_ROW_RD_LOCK(&SessionCache[0]) != 0) {
|
||||||
WOLFSSL_MSG("Session cache mutex lock failed");
|
WOLFSSL_MSG("Session cache mutex lock failed");
|
||||||
XFCLOSE(file);
|
XFCLOSE(file);
|
||||||
return BAD_MUTEX_E;
|
return BAD_MUTEX_E;
|
||||||
@ -11664,7 +11666,7 @@ int wolfSSL_save_session_cache(const char *fname)
|
|||||||
/* session cache */
|
/* session cache */
|
||||||
for (i = 0; i < cache_header.rows; ++i) {
|
for (i = 0; i < cache_header.rows; ++i) {
|
||||||
#ifdef ENABLE_SESSION_CACHE_ROW_LOCK
|
#ifdef ENABLE_SESSION_CACHE_ROW_LOCK
|
||||||
if (SESSION_ROW_LOCK(&SessionCache[i]) != 0) {
|
if (SESSION_ROW_RD_LOCK(&SessionCache[i]) != 0) {
|
||||||
WOLFSSL_MSG("Session row cache mutex lock failed");
|
WOLFSSL_MSG("Session row cache mutex lock failed");
|
||||||
XFCLOSE(file);
|
XFCLOSE(file);
|
||||||
return BAD_MUTEX_E;
|
return BAD_MUTEX_E;
|
||||||
@ -11682,7 +11684,7 @@ int wolfSSL_save_session_cache(const char *fname)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
|
#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
|
||||||
wc_UnLockMutex(&session_mutex);
|
SESSION_ROW_UNLOCK(&SessionCache[0]);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifndef NO_CLIENT_CACHE
|
#ifndef NO_CLIENT_CACHE
|
||||||
@ -11742,7 +11744,7 @@ int wolfSSL_restore_session_cache(const char *fname)
|
|||||||
}
|
}
|
||||||
|
|
||||||
#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
|
#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
|
||||||
if (wc_LockMutex(&session_mutex) != 0) {
|
if (SESSION_ROW_WR_LOCK(&SessionCache[0]) != 0) {
|
||||||
WOLFSSL_MSG("Session cache mutex lock failed");
|
WOLFSSL_MSG("Session cache mutex lock failed");
|
||||||
XFCLOSE(file);
|
XFCLOSE(file);
|
||||||
return BAD_MUTEX_E;
|
return BAD_MUTEX_E;
|
||||||
@ -11751,7 +11753,7 @@ int wolfSSL_restore_session_cache(const char *fname)
|
|||||||
/* session cache */
|
/* session cache */
|
||||||
for (i = 0; i < cache_header.rows; ++i) {
|
for (i = 0; i < cache_header.rows; ++i) {
|
||||||
#ifdef ENABLE_SESSION_CACHE_ROW_LOCK
|
#ifdef ENABLE_SESSION_CACHE_ROW_LOCK
|
||||||
if (SESSION_ROW_LOCK(&SessionCache[i]) != 0) {
|
if (SESSION_ROW_WR_LOCK(&SessionCache[i]) != 0) {
|
||||||
WOLFSSL_MSG("Session row cache mutex lock failed");
|
WOLFSSL_MSG("Session row cache mutex lock failed");
|
||||||
XFCLOSE(file);
|
XFCLOSE(file);
|
||||||
return BAD_MUTEX_E;
|
return BAD_MUTEX_E;
|
||||||
@ -11770,7 +11772,7 @@ int wolfSSL_restore_session_cache(const char *fname)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
|
#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
|
||||||
wc_UnLockMutex(&session_mutex);
|
SESSION_ROW_UNLOCK(&SessionCache[0]);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifndef NO_CLIENT_CACHE
|
#ifndef NO_CLIENT_CACHE
|
||||||
@ -14207,19 +14209,19 @@ int wolfSSL_Cleanup(void)
|
|||||||
#ifndef NO_SESSION_CACHE
|
#ifndef NO_SESSION_CACHE
|
||||||
#ifdef ENABLE_SESSION_CACHE_ROW_LOCK
|
#ifdef ENABLE_SESSION_CACHE_ROW_LOCK
|
||||||
for (i = 0; i < SESSION_ROWS; ++i) {
|
for (i = 0; i < SESSION_ROWS; ++i) {
|
||||||
if ((SessionCache[i].mutex_valid == 1) &&
|
if ((SessionCache[i].lock_valid == 1) &&
|
||||||
(wc_FreeMutex(&SessionCache[i].row_mutex) != 0)) {
|
(wc_FreeRwLock(&SessionCache[i].row_lock) != 0)) {
|
||||||
if (ret == WOLFSSL_SUCCESS)
|
if (ret == WOLFSSL_SUCCESS)
|
||||||
ret = BAD_MUTEX_E;
|
ret = BAD_MUTEX_E;
|
||||||
}
|
}
|
||||||
SessionCache[i].mutex_valid = 0;
|
SessionCache[i].lock_valid = 0;
|
||||||
}
|
}
|
||||||
#else
|
#else
|
||||||
if ((session_mutex_valid == 1) && (wc_FreeMutex(&session_mutex) != 0)) {
|
if ((session_lock_valid == 1) && (wc_UnLockRwLock(&session_lock) != 0)) {
|
||||||
if (ret == WOLFSSL_SUCCESS)
|
if (ret == WOLFSSL_SUCCESS)
|
||||||
ret = BAD_MUTEX_E;
|
ret = BAD_MUTEX_E;
|
||||||
}
|
}
|
||||||
session_mutex_valid = 0;
|
session_lock_valid = 0;
|
||||||
#endif
|
#endif
|
||||||
#ifndef NO_CLIENT_CACHE
|
#ifndef NO_CLIENT_CACHE
|
||||||
if ((clisession_mutex_valid == 1) &&
|
if ((clisession_mutex_valid == 1) &&
|
||||||
@ -14431,7 +14433,7 @@ WOLFSSL_SESSION* wolfSSL_GetSessionClient(WOLFSSL* ssl, const byte* id, int len)
|
|||||||
|
|
||||||
/* lock row */
|
/* lock row */
|
||||||
sessRow = &SessionCache[clSess[idx].serverRow];
|
sessRow = &SessionCache[clSess[idx].serverRow];
|
||||||
if (SESSION_ROW_LOCK(sessRow) != 0) {
|
if (SESSION_ROW_RD_LOCK(sessRow) != 0) {
|
||||||
WOLFSSL_MSG("Session cache row lock failure");
|
WOLFSSL_MSG("Session cache row lock failure");
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
@ -14520,7 +14522,7 @@ void TlsSessionCacheUnlockRow(word32 row)
|
|||||||
}
|
}
|
||||||
|
|
||||||
int TlsSessionCacheGetAndLock(const byte *id, WOLFSSL_SESSION **sess,
|
int TlsSessionCacheGetAndLock(const byte *id, WOLFSSL_SESSION **sess,
|
||||||
word32 *lockedRow)
|
word32 *lockedRow, byte readOnly)
|
||||||
{
|
{
|
||||||
SessionRow *sessRow;
|
SessionRow *sessRow;
|
||||||
WOLFSSL_SESSION *s;
|
WOLFSSL_SESSION *s;
|
||||||
@ -14534,7 +14536,11 @@ int TlsSessionCacheGetAndLock(const byte *id, WOLFSSL_SESSION **sess,
|
|||||||
if (error != 0)
|
if (error != 0)
|
||||||
return error;
|
return error;
|
||||||
sessRow = &SessionCache[row];
|
sessRow = &SessionCache[row];
|
||||||
if (SESSION_ROW_LOCK(sessRow) != 0)
|
if (readOnly)
|
||||||
|
error = SESSION_ROW_RD_LOCK(sessRow);
|
||||||
|
else
|
||||||
|
error = SESSION_ROW_WR_LOCK(sessRow);
|
||||||
|
if (error != 0)
|
||||||
return FATAL_ERROR;
|
return FATAL_ERROR;
|
||||||
|
|
||||||
/* start from most recently used */
|
/* start from most recently used */
|
||||||
@ -14709,7 +14715,7 @@ int wolfSSL_GetSessionFromCache(WOLFSSL* ssl, WOLFSSL_SESSION* output)
|
|||||||
|
|
||||||
/* init to avoid clang static analyzer false positive */
|
/* init to avoid clang static analyzer false positive */
|
||||||
row = 0;
|
row = 0;
|
||||||
error = TlsSessionCacheGetAndLock(id, &sess, &row);
|
error = TlsSessionCacheGetAndLock(id, &sess, &row, 1);
|
||||||
error = (error == 0) ? WOLFSSL_SUCCESS : WOLFSSL_FAILURE;
|
error = (error == 0) ? WOLFSSL_SUCCESS : WOLFSSL_FAILURE;
|
||||||
if (error != WOLFSSL_SUCCESS || sess == NULL) {
|
if (error != WOLFSSL_SUCCESS || sess == NULL) {
|
||||||
WOLFSSL_MSG("Get Session from cache failed");
|
WOLFSSL_MSG("Get Session from cache failed");
|
||||||
@ -14890,7 +14896,7 @@ int wolfSSL_SetSession(WOLFSSL* ssl, WOLFSSL_SESSION* session)
|
|||||||
if (session->type == WOLFSSL_SESSION_TYPE_CACHE) {
|
if (session->type == WOLFSSL_SESSION_TYPE_CACHE) {
|
||||||
if (session->cacheRow < SESSION_ROWS) {
|
if (session->cacheRow < SESSION_ROWS) {
|
||||||
sessRow = &SessionCache[session->cacheRow];
|
sessRow = &SessionCache[session->cacheRow];
|
||||||
if (SESSION_ROW_LOCK(sessRow) != 0) {
|
if (SESSION_ROW_RD_LOCK(sessRow) != 0) {
|
||||||
WOLFSSL_MSG("Session row lock failed");
|
WOLFSSL_MSG("Session row lock failed");
|
||||||
return WOLFSSL_FAILURE;
|
return WOLFSSL_FAILURE;
|
||||||
}
|
}
|
||||||
@ -15097,7 +15103,7 @@ WOLFSSL_SESSION* ClientSessionToSession(const WOLFSSL_SESSION* session)
|
|||||||
if (error == 0) {
|
if (error == 0) {
|
||||||
/* Lock row */
|
/* Lock row */
|
||||||
sessRow = &SessionCache[clientSession->serverRow];
|
sessRow = &SessionCache[clientSession->serverRow];
|
||||||
error = SESSION_ROW_LOCK(sessRow);
|
error = SESSION_ROW_RD_LOCK(sessRow);
|
||||||
if (error != 0) {
|
if (error != 0) {
|
||||||
WOLFSSL_MSG("Session cache row lock failure");
|
WOLFSSL_MSG("Session cache row lock failure");
|
||||||
sessRow = NULL;
|
sessRow = NULL;
|
||||||
@ -15149,7 +15155,8 @@ int AddSessionToCache(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* addSession,
|
|||||||
SessionRow* sessRow = NULL;
|
SessionRow* sessRow = NULL;
|
||||||
word32 idx = 0;
|
word32 idx = 0;
|
||||||
#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
|
#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
|
||||||
WOLFSSL_X509* peer = NULL;
|
WOLFSSL_X509* cachePeer = NULL;
|
||||||
|
WOLFSSL_X509* addPeer = NULL;
|
||||||
#endif
|
#endif
|
||||||
#ifdef HAVE_SESSION_TICKET
|
#ifdef HAVE_SESSION_TICKET
|
||||||
byte* cacheTicBuff = NULL;
|
byte* cacheTicBuff = NULL;
|
||||||
@ -15229,7 +15236,7 @@ int AddSessionToCache(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* addSession,
|
|||||||
}
|
}
|
||||||
|
|
||||||
sessRow = &SessionCache[row];
|
sessRow = &SessionCache[row];
|
||||||
if (SESSION_ROW_LOCK(sessRow) != 0) {
|
if (SESSION_ROW_WR_LOCK(sessRow) != 0) {
|
||||||
#ifdef HAVE_SESSION_TICKET
|
#ifdef HAVE_SESSION_TICKET
|
||||||
XFREE(ticBuff, NULL, DYNAMIC_TYPE_SESSION_TICK);
|
XFREE(ticBuff, NULL, DYNAMIC_TYPE_SESSION_TICK);
|
||||||
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKE_NONCE_MALLOC)
|
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKE_NONCE_MALLOC)
|
||||||
@ -15275,7 +15282,7 @@ int AddSessionToCache(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* addSession,
|
|||||||
#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
|
#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
|
||||||
/* Save the peer field to free after unlocking the row */
|
/* Save the peer field to free after unlocking the row */
|
||||||
if (cacheSession->peer != NULL)
|
if (cacheSession->peer != NULL)
|
||||||
peer = cacheSession->peer;
|
cachePeer = cacheSession->peer;
|
||||||
cacheSession->peer = NULL;
|
cacheSession->peer = NULL;
|
||||||
#endif
|
#endif
|
||||||
#ifdef HAVE_SESSION_TICKET
|
#ifdef HAVE_SESSION_TICKET
|
||||||
@ -15314,6 +15321,11 @@ int AddSessionToCache(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* addSession,
|
|||||||
sizeof(x509_buffer) * cacheSession->chain.count);
|
sizeof(x509_buffer) * cacheSession->chain.count);
|
||||||
}
|
}
|
||||||
#endif /* SESSION_CERTS */
|
#endif /* SESSION_CERTS */
|
||||||
|
#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
|
||||||
|
/* Don't copy the peer cert into cache */
|
||||||
|
addPeer = addSession->peer;
|
||||||
|
addSession->peer = NULL;
|
||||||
|
#endif
|
||||||
cacheSession->heap = NULL;
|
cacheSession->heap = NULL;
|
||||||
/* Copy data into the cache object */
|
/* Copy data into the cache object */
|
||||||
#if defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_TLS13) && \
|
#if defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_TLS13) && \
|
||||||
@ -15325,6 +15337,9 @@ int AddSessionToCache(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* addSession,
|
|||||||
ret = wolfSSL_DupSession(addSession, cacheSession, 1) == WOLFSSL_FAILURE;
|
ret = wolfSSL_DupSession(addSession, cacheSession, 1) == WOLFSSL_FAILURE;
|
||||||
#endif /* HAVE_SESSION_TICKET && WOLFSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC
|
#endif /* HAVE_SESSION_TICKET && WOLFSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC
|
||||||
&& FIPS_VERSION_GE(5,3)*/
|
&& FIPS_VERSION_GE(5,3)*/
|
||||||
|
#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
|
||||||
|
addSession->peer = addPeer;
|
||||||
|
#endif
|
||||||
|
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
/* Increment the totalCount and the nextIdx */
|
/* Increment the totalCount and the nextIdx */
|
||||||
@ -15392,9 +15407,9 @@ int AddSessionToCache(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* addSession,
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
|
#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
|
||||||
if (peer != NULL) {
|
if (cachePeer != NULL) {
|
||||||
wolfSSL_X509_free(peer);
|
wolfSSL_X509_free(cachePeer);
|
||||||
peer = NULL; /* Make sure not use after this point */
|
cachePeer = NULL; /* Make sure not use after this point */
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
@ -15578,7 +15593,7 @@ int wolfSSL_GetSessionAtIndex(int idx, WOLFSSL_SESSION* session)
|
|||||||
}
|
}
|
||||||
|
|
||||||
sessRow = &SessionCache[row];
|
sessRow = &SessionCache[row];
|
||||||
if (SESSION_ROW_LOCK(sessRow) != 0) {
|
if (SESSION_ROW_RD_LOCK(sessRow) != 0) {
|
||||||
return BAD_MUTEX_E;
|
return BAD_MUTEX_E;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -15656,12 +15671,12 @@ static int get_locked_session_stats(word32* active, word32* total, word32* peak)
|
|||||||
WOLFSSL_ENTER("get_locked_session_stats");
|
WOLFSSL_ENTER("get_locked_session_stats");
|
||||||
|
|
||||||
#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
|
#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
|
||||||
wc_LockMutex(&session_mutex);
|
SESSION_ROW_RD_LOCK(&SessionCache[0]);
|
||||||
#endif
|
#endif
|
||||||
for (i = 0; i < SESSION_ROWS; i++) {
|
for (i = 0; i < SESSION_ROWS; i++) {
|
||||||
SessionRow* row = &SessionCache[i];
|
SessionRow* row = &SessionCache[i];
|
||||||
#ifdef ENABLE_SESSION_CACHE_ROW_LOCK
|
#ifdef ENABLE_SESSION_CACHE_ROW_LOCK
|
||||||
if (SESSION_ROW_LOCK(row) != 0) {
|
if (SESSION_ROW_RD_LOCK(row) != 0) {
|
||||||
WOLFSSL_MSG("Session row cache mutex lock failed");
|
WOLFSSL_MSG("Session row cache mutex lock failed");
|
||||||
return BAD_MUTEX_E;
|
return BAD_MUTEX_E;
|
||||||
}
|
}
|
||||||
@ -15695,7 +15710,7 @@ static int get_locked_session_stats(word32* active, word32* total, word32* peak)
|
|||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
|
#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
|
||||||
wc_UnLockMutex(&session_mutex);
|
SESSION_ROW_UNLOCK(&SessionCache[0]);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if (active) {
|
if (active) {
|
||||||
@ -32352,7 +32367,11 @@ static void SESSION_ex_data_cache_update(WOLFSSL_SESSION* session, int idx,
|
|||||||
}
|
}
|
||||||
|
|
||||||
sessRow = &SessionCache[row];
|
sessRow = &SessionCache[row];
|
||||||
if (SESSION_ROW_LOCK(sessRow) != 0) {
|
if (get)
|
||||||
|
error = SESSION_ROW_RD_LOCK(sessRow);
|
||||||
|
else
|
||||||
|
error = SESSION_ROW_WR_LOCK(sessRow);
|
||||||
|
if (error != 0) {
|
||||||
WOLFSSL_MSG("Session row lock failed");
|
WOLFSSL_MSG("Session row lock failed");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
@ -34202,7 +34221,7 @@ int wolfSSL_SSL_CTX_remove_session(WOLFSSL_CTX *ctx, WOLFSSL_SESSION *s)
|
|||||||
}
|
}
|
||||||
|
|
||||||
sessRow = &SessionCache[row];
|
sessRow = &SessionCache[row];
|
||||||
if (SESSION_ROW_LOCK(sessRow) != 0) {
|
if (SESSION_ROW_WR_LOCK(sessRow) != 0) {
|
||||||
WOLFSSL_MSG("Session row lock failed");
|
WOLFSSL_MSG("Session row lock failed");
|
||||||
return BAD_MUTEX_E;
|
return BAD_MUTEX_E;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -10273,7 +10273,10 @@ static int SendTls13NewSessionTicket(WOLFSSL* ssl)
|
|||||||
|
|
||||||
ssl->options.haveSessionId = 1;
|
ssl->options.haveSessionId = 1;
|
||||||
|
|
||||||
#ifndef NO_SESSION_CACHE
|
/* Only add to cache when suppport built in and when the ticket contains
|
||||||
|
* an ID. Otherwise we have no way to actually retrieve the ticket from the
|
||||||
|
* cache. */
|
||||||
|
#if !defined(NO_SESSION_CACHE) && defined(WOLFSSL_TICKET_HAVE_ID)
|
||||||
AddSession(ssl);
|
AddSession(ssl);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
|||||||
@ -1560,6 +1560,48 @@ int wolfSSL_CryptHwMutexUnLock(void)
|
|||||||
|
|
||||||
#elif defined(WOLFSSL_PTHREADS)
|
#elif defined(WOLFSSL_PTHREADS)
|
||||||
|
|
||||||
|
#ifdef WOLFSSL_USE_RWLOCK
|
||||||
|
int wc_InitRwLock(wolfSSL_RwLock* m)
|
||||||
|
{
|
||||||
|
if (pthread_rwlock_init(m, 0) == 0)
|
||||||
|
return 0;
|
||||||
|
else
|
||||||
|
return BAD_MUTEX_E;
|
||||||
|
}
|
||||||
|
|
||||||
|
int wc_FreeRwLock(wolfSSL_RwLock* m)
|
||||||
|
{
|
||||||
|
if (pthread_rwlock_destroy(m) == 0)
|
||||||
|
return 0;
|
||||||
|
else
|
||||||
|
return BAD_MUTEX_E;
|
||||||
|
}
|
||||||
|
|
||||||
|
int wc_LockRwLock_Wr(wolfSSL_RwLock* m)
|
||||||
|
{
|
||||||
|
if (pthread_rwlock_wrlock(m) == 0)
|
||||||
|
return 0;
|
||||||
|
else
|
||||||
|
return BAD_MUTEX_E;
|
||||||
|
}
|
||||||
|
|
||||||
|
int wc_LockRwLock_Rd(wolfSSL_RwLock* m)
|
||||||
|
{
|
||||||
|
if (pthread_rwlock_rdlock(m) == 0)
|
||||||
|
return 0;
|
||||||
|
else
|
||||||
|
return BAD_MUTEX_E;
|
||||||
|
}
|
||||||
|
|
||||||
|
int wc_UnLockRwLock(wolfSSL_RwLock* m)
|
||||||
|
{
|
||||||
|
if (pthread_rwlock_unlock(m) == 0)
|
||||||
|
return 0;
|
||||||
|
else
|
||||||
|
return BAD_MUTEX_E;
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
int wc_InitMutex(wolfSSL_Mutex* m)
|
int wc_InitMutex(wolfSSL_Mutex* m)
|
||||||
{
|
{
|
||||||
if (pthread_mutex_init(m, 0) == 0)
|
if (pthread_mutex_init(m, 0) == 0)
|
||||||
@ -1594,7 +1636,6 @@ int wolfSSL_CryptHwMutexUnLock(void)
|
|||||||
else
|
else
|
||||||
return BAD_MUTEX_E;
|
return BAD_MUTEX_E;
|
||||||
}
|
}
|
||||||
|
|
||||||
#elif defined(WOLFSSL_LINUXKM)
|
#elif defined(WOLFSSL_LINUXKM)
|
||||||
|
|
||||||
/* Linux kernel mutex routines are voids, alas. */
|
/* Linux kernel mutex routines are voids, alas. */
|
||||||
@ -2546,6 +2587,32 @@ int wolfSSL_CryptHwMutexUnLock(void)
|
|||||||
#warning No mutex handling defined
|
#warning No mutex handling defined
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
#if !defined(WOLFSSL_USE_RWLOCK) || defined(SINGLE_THREADED)
|
||||||
|
int wc_InitRwLock(wolfSSL_RwLock* m)
|
||||||
|
{
|
||||||
|
return wc_InitMutex(m);
|
||||||
|
}
|
||||||
|
|
||||||
|
int wc_FreeRwLock(wolfSSL_RwLock* m)
|
||||||
|
{
|
||||||
|
return wc_FreeMutex(m);
|
||||||
|
}
|
||||||
|
|
||||||
|
int wc_LockRwLock_Wr(wolfSSL_RwLock* m)
|
||||||
|
{
|
||||||
|
return wc_LockMutex(m);
|
||||||
|
}
|
||||||
|
|
||||||
|
int wc_LockRwLock_Rd(wolfSSL_RwLock* m)
|
||||||
|
{
|
||||||
|
return wc_LockMutex(m);
|
||||||
|
}
|
||||||
|
|
||||||
|
int wc_UnLockRwLock(wolfSSL_RwLock* m)
|
||||||
|
{
|
||||||
|
return wc_UnLockMutex(m);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
#ifndef NO_ASN_TIME
|
#ifndef NO_ASN_TIME
|
||||||
#if defined(_WIN32_WCE)
|
#if defined(_WIN32_WCE)
|
||||||
|
|||||||
@ -3999,7 +3999,7 @@ WOLFSSL_LOCAL
|
|||||||
WOLFSSL_SESSION* ClientSessionToSession(const WOLFSSL_SESSION* session);
|
WOLFSSL_SESSION* ClientSessionToSession(const WOLFSSL_SESSION* session);
|
||||||
WOLFSSL_LOCAL void TlsSessionCacheUnlockRow(word32 row);
|
WOLFSSL_LOCAL void TlsSessionCacheUnlockRow(word32 row);
|
||||||
WOLFSSL_LOCAL int TlsSessionCacheGetAndLock(const byte *id,
|
WOLFSSL_LOCAL int TlsSessionCacheGetAndLock(const byte *id,
|
||||||
WOLFSSL_SESSION **sess, word32 *lockedRow);
|
WOLFSSL_SESSION **sess, word32 *lockedRow, byte readOnly);
|
||||||
/* WOLFSSL_API to test it in tests/api.c */
|
/* WOLFSSL_API to test it in tests/api.c */
|
||||||
WOLFSSL_API int wolfSSL_GetSessionFromCache(WOLFSSL* ssl, WOLFSSL_SESSION* output);
|
WOLFSSL_API int wolfSSL_GetSessionFromCache(WOLFSSL* ssl, WOLFSSL_SESSION* output);
|
||||||
WOLFSSL_LOCAL int wolfSSL_SetSession(WOLFSSL* ssl, WOLFSSL_SESSION* session);
|
WOLFSSL_LOCAL int wolfSSL_SetSession(WOLFSSL* ssl, WOLFSSL_SESSION* session);
|
||||||
|
|||||||
@ -175,6 +175,10 @@
|
|||||||
/* definitions are in linuxkm/linuxkm_wc_port.h */
|
/* definitions are in linuxkm/linuxkm_wc_port.h */
|
||||||
#else
|
#else
|
||||||
#define WOLFSSL_PTHREADS
|
#define WOLFSSL_PTHREADS
|
||||||
|
#ifdef HAVE_PTHREAD_RWLOCK_T
|
||||||
|
#undef WOLFSSL_USE_RWLOCK
|
||||||
|
#define WOLFSSL_USE_RWLOCK
|
||||||
|
#endif
|
||||||
#include <pthread.h>
|
#include <pthread.h>
|
||||||
#endif
|
#endif
|
||||||
#endif
|
#endif
|
||||||
@ -228,6 +232,9 @@
|
|||||||
typedef pthread_mutex_t wolfSSL_Mutex;
|
typedef pthread_mutex_t wolfSSL_Mutex;
|
||||||
int maxq_CryptHwMutexTryLock(void);
|
int maxq_CryptHwMutexTryLock(void);
|
||||||
#elif defined(WOLFSSL_PTHREADS)
|
#elif defined(WOLFSSL_PTHREADS)
|
||||||
|
#ifdef WOLFSSL_USE_RWLOCK
|
||||||
|
typedef pthread_rwlock_t wolfSSL_RwLock;
|
||||||
|
#endif
|
||||||
typedef pthread_mutex_t wolfSSL_Mutex;
|
typedef pthread_mutex_t wolfSSL_Mutex;
|
||||||
#elif defined(THREADX)
|
#elif defined(THREADX)
|
||||||
typedef TX_MUTEX wolfSSL_Mutex;
|
typedef TX_MUTEX wolfSSL_Mutex;
|
||||||
@ -284,7 +291,11 @@
|
|||||||
#else
|
#else
|
||||||
#error Need a mutex type in multithreaded mode
|
#error Need a mutex type in multithreaded mode
|
||||||
#endif /* USE_WINDOWS_API */
|
#endif /* USE_WINDOWS_API */
|
||||||
|
|
||||||
#endif /* SINGLE_THREADED */
|
#endif /* SINGLE_THREADED */
|
||||||
|
#if !defined(WOLFSSL_USE_RWLOCK) || defined(SINGLE_THREADED)
|
||||||
|
typedef wolfSSL_Mutex wolfSSL_RwLock;
|
||||||
|
#endif
|
||||||
|
|
||||||
/* Reference counting. */
|
/* Reference counting. */
|
||||||
typedef struct wolfSSL_Ref {
|
typedef struct wolfSSL_Ref {
|
||||||
@ -381,6 +392,12 @@ WOLFSSL_API wolfSSL_Mutex* wc_InitAndAllocMutex(void);
|
|||||||
WOLFSSL_API int wc_FreeMutex(wolfSSL_Mutex* m);
|
WOLFSSL_API int wc_FreeMutex(wolfSSL_Mutex* m);
|
||||||
WOLFSSL_API int wc_LockMutex(wolfSSL_Mutex* m);
|
WOLFSSL_API int wc_LockMutex(wolfSSL_Mutex* m);
|
||||||
WOLFSSL_API int wc_UnLockMutex(wolfSSL_Mutex* m);
|
WOLFSSL_API int wc_UnLockMutex(wolfSSL_Mutex* m);
|
||||||
|
/* RwLock functions. Fallback to Mutex when not implemented explicitly. */
|
||||||
|
WOLFSSL_API int wc_InitRwLock(wolfSSL_RwLock* m);
|
||||||
|
WOLFSSL_API int wc_FreeRwLock(wolfSSL_RwLock* m);
|
||||||
|
WOLFSSL_API int wc_LockRwLock_Wr(wolfSSL_RwLock* m);
|
||||||
|
WOLFSSL_API int wc_LockRwLock_Rd(wolfSSL_RwLock* m);
|
||||||
|
WOLFSSL_API int wc_UnLockRwLock(wolfSSL_RwLock* m);
|
||||||
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
|
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
|
||||||
/* dynamically set which mutex to use. unlock / lock is controlled by flag */
|
/* dynamically set which mutex to use. unlock / lock is controlled by flag */
|
||||||
typedef void (mutex_cb)(int flag, int type, const char* file, int line);
|
typedef void (mutex_cb)(int flag, int type, const char* file, int line);
|
||||||
|
|||||||
Reference in New Issue
Block a user