From 1887c771e76a8e11056ccdcb32ca562a0a9b5a6c Mon Sep 17 00:00:00 2001 From: David Hedbor Date: Wed, 31 May 2017 16:48:05 -0700 Subject: [PATCH 1/3] Fix OpenSSLInitialized thread safety (#1739) The init/uninit methods can be called from multiple threads, and thus need synchronization with a mutex. --- Crypto/include/Poco/Crypto/OpenSSLInitializer.h | 1 + Crypto/src/OpenSSLInitializer.cpp | 6 +++++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/Crypto/include/Poco/Crypto/OpenSSLInitializer.h b/Crypto/include/Poco/Crypto/OpenSSLInitializer.h index b616f08fa4..34e31155a0 100644 --- a/Crypto/include/Poco/Crypto/OpenSSLInitializer.h +++ b/Crypto/include/Poco/Crypto/OpenSSLInitializer.h @@ -84,6 +84,7 @@ class Crypto_API OpenSSLInitializer static void dynlockDestroy(struct CRYPTO_dynlock_value* lock, const char* file, int line); private: + static Poco::FastMutex _synchronizationMutex; static Poco::FastMutex* _mutexes; static Poco::AtomicCounter _rc; static bool _disableSSLInitialization; diff --git a/Crypto/src/OpenSSLInitializer.cpp b/Crypto/src/OpenSSLInitializer.cpp index 3808341723..e2f60fe0b0 100644 --- a/Crypto/src/OpenSSLInitializer.cpp +++ b/Crypto/src/OpenSSLInitializer.cpp @@ -33,7 +33,7 @@ using Poco::Thread; namespace Poco { namespace Crypto { - +Poco::FastMutex OpenSSLInitializer::_synchronizationMutex; Poco::FastMutex* OpenSSLInitializer::_mutexes(0); Poco::AtomicCounter OpenSSLInitializer::_rc; bool OpenSSLInitializer::_disableSSLInitialization = false; @@ -59,6 +59,7 @@ OpenSSLInitializer::~OpenSSLInitializer() void OpenSSLInitializer::initialize() { + _synchronizationMutex.lock(); if (++_rc == 1) { #if OPENSSL_VERSION_NUMBER >= 0x0907000L @@ -99,11 +100,13 @@ void OpenSSLInitializer::initialize() CRYPTO_set_dynlock_destroy_callback(&OpenSSLInitializer::dynlockDestroy); } } + _synchronizationMutex.unlock(); } void OpenSSLInitializer::uninitialize() { + _synchronizationMutex.lock(); if (--_rc == 0) { if(_mutexes != NULL) { @@ -127,6 +130,7 @@ void OpenSSLInitializer::uninitialize() CONF_modules_free(); } } + _synchronizationMutex.unlock(); } From 6763b9e806dd1982459928d50cd60e61df205fb1 Mon Sep 17 00:00:00 2001 From: David Hedbor Date: Mon, 10 Jul 2017 09:15:10 -0700 Subject: [PATCH 2/3] Renamed mutex variable and use ScopedLock. --- Crypto/include/Poco/Crypto/OpenSSLInitializer.h | 2 +- Crypto/src/OpenSSLInitializer.cpp | 8 +++----- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/Crypto/include/Poco/Crypto/OpenSSLInitializer.h b/Crypto/include/Poco/Crypto/OpenSSLInitializer.h index 34e31155a0..2943f55e64 100644 --- a/Crypto/include/Poco/Crypto/OpenSSLInitializer.h +++ b/Crypto/include/Poco/Crypto/OpenSSLInitializer.h @@ -84,7 +84,7 @@ class Crypto_API OpenSSLInitializer static void dynlockDestroy(struct CRYPTO_dynlock_value* lock, const char* file, int line); private: - static Poco::FastMutex _synchronizationMutex; + static Poco::FastMutex _mutex; static Poco::FastMutex* _mutexes; static Poco::AtomicCounter _rc; static bool _disableSSLInitialization; diff --git a/Crypto/src/OpenSSLInitializer.cpp b/Crypto/src/OpenSSLInitializer.cpp index e2f60fe0b0..ac42cf608d 100644 --- a/Crypto/src/OpenSSLInitializer.cpp +++ b/Crypto/src/OpenSSLInitializer.cpp @@ -33,7 +33,7 @@ using Poco::Thread; namespace Poco { namespace Crypto { -Poco::FastMutex OpenSSLInitializer::_synchronizationMutex; +Poco::FastMutex OpenSSLInitializer::_mutex; Poco::FastMutex* OpenSSLInitializer::_mutexes(0); Poco::AtomicCounter OpenSSLInitializer::_rc; bool OpenSSLInitializer::_disableSSLInitialization = false; @@ -59,7 +59,7 @@ OpenSSLInitializer::~OpenSSLInitializer() void OpenSSLInitializer::initialize() { - _synchronizationMutex.lock(); + FastMutex::ScopedLock lock(_mutex); if (++_rc == 1) { #if OPENSSL_VERSION_NUMBER >= 0x0907000L @@ -100,13 +100,12 @@ void OpenSSLInitializer::initialize() CRYPTO_set_dynlock_destroy_callback(&OpenSSLInitializer::dynlockDestroy); } } - _synchronizationMutex.unlock(); } void OpenSSLInitializer::uninitialize() { - _synchronizationMutex.lock(); + FastMutex::ScopedLock lock(_mutex); if (--_rc == 0) { if(_mutexes != NULL) { @@ -130,7 +129,6 @@ void OpenSSLInitializer::uninitialize() CONF_modules_free(); } } - _synchronizationMutex.unlock(); } From 81dd1691c15cddeb46e7112d8d4e5b79f286c0e1 Mon Sep 17 00:00:00 2001 From: David Hedbor Date: Mon, 10 Jul 2017 11:11:57 -0700 Subject: [PATCH 3/3] =?UTF-8?q?Change=20reference=20count=20variable=20to?= =?UTF-8?q?=20be=20an=20integer,=20since=20it=E2=80=99s=20protected=20by?= =?UTF-8?q?=20a=20mutex=20and=20no=20longer=20needs=20to=20be=20atomic.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Crypto/include/Poco/Crypto/OpenSSLInitializer.h | 2 +- Crypto/src/OpenSSLInitializer.cpp | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Crypto/include/Poco/Crypto/OpenSSLInitializer.h b/Crypto/include/Poco/Crypto/OpenSSLInitializer.h index 2943f55e64..f4d1d6a415 100644 --- a/Crypto/include/Poco/Crypto/OpenSSLInitializer.h +++ b/Crypto/include/Poco/Crypto/OpenSSLInitializer.h @@ -86,7 +86,7 @@ class Crypto_API OpenSSLInitializer private: static Poco::FastMutex _mutex; static Poco::FastMutex* _mutexes; - static Poco::AtomicCounter _rc; + static int _rc; static bool _disableSSLInitialization; }; diff --git a/Crypto/src/OpenSSLInitializer.cpp b/Crypto/src/OpenSSLInitializer.cpp index ac42cf608d..6a74ba8127 100644 --- a/Crypto/src/OpenSSLInitializer.cpp +++ b/Crypto/src/OpenSSLInitializer.cpp @@ -35,7 +35,7 @@ namespace Crypto { Poco::FastMutex OpenSSLInitializer::_mutex; Poco::FastMutex* OpenSSLInitializer::_mutexes(0); -Poco::AtomicCounter OpenSSLInitializer::_rc; +int OpenSSLInitializer::_rc(0); bool OpenSSLInitializer::_disableSSLInitialization = false; OpenSSLInitializer::OpenSSLInitializer()