From 6f3f1853e4231a76325e940604a0dced5791d521 Mon Sep 17 00:00:00 2001
From: Doug MacEachern <dougm@apache.org>
Date: Fri, 24 Aug 2001 04:08:04 +0000
Subject: [PATCH] Implement CRYPTO_set_locking_callback() for mod_ssl PR:
 Obtained from: Submitted by:	Madhusudan Mathihalli
 <madhusudan_mathihalli@hp.com> Reviewed by:	dougm

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@90612 13f79535-47bb-0310-9956-ffa450edef68
---
 CHANGES                       |  4 +++
 modules/ssl/README            |  1 -
 modules/ssl/mod_ssl.h         |  2 +-
 modules/ssl/ssl_engine_init.c |  1 +
 modules/ssl/ssl_util.c        | 46 +++++++++++++++++++++++++++++++++++
 5 files changed, 52 insertions(+), 2 deletions(-)

diff --git a/CHANGES b/CHANGES
index 9553287112..820ce19994 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,4 +1,8 @@
 Changes with Apache 2.0.25-dev
+  *)  Implement CRYPTO_set_locking_callback() in terms of apr_lock
+      for mod_ssl
+     [Madhusudan Mathihalli <madhusudan_mathihalli@hp.com>]
+
   *) Fix for mod_include. Ryan's patch to check error
      codes put a return in the wrong place. Also, the
      include handler return code wasn't being checked.
diff --git a/modules/ssl/README b/modules/ssl/README
index 3dd5422683..7299128c79 100644
--- a/modules/ssl/README
+++ b/modules/ssl/README
@@ -174,7 +174,6 @@
  o Whether to unregister and how to unregister?
    ssl_var_unregister();
    ssl_ext_unregister();
- o We certainly need CRYPTO_set_locking_callback() now also under Unix!
  o Do we need SSL_set_read_ahead()?
  o Enable use of MM, SHMCB and SHMHT.
  o Enable SSL extensions (ssl_engine_ext.c)
diff --git a/modules/ssl/mod_ssl.h b/modules/ssl/mod_ssl.h
index c24e2f3ef0..4bdeb65942 100644
--- a/modules/ssl/mod_ssl.h
+++ b/modules/ssl/mod_ssl.h
@@ -728,7 +728,7 @@ BOOL         ssl_util_path_check(ssl_pathcheck_t, const char *, apr_pool_t *);
 ssl_algo_t   ssl_util_algotypeof(X509 *, EVP_PKEY *); 
 char        *ssl_util_algotypestr(ssl_algo_t);
 char        *ssl_util_ptxtsub(apr_pool_t *, const char *, const char *, char *);
-void         ssl_util_thread_setup(void);
+void         ssl_util_thread_setup(server_rec *, apr_pool_t *);
 apr_status_t     ssl_util_setmodconfig(server_rec *, const char *, SSLModConfigRec *);
 SSLModConfigRec *ssl_util_getmodconfig(server_rec *, const char *);
 SSLModConfigRec *ssl_util_getmodconfig_ssl(SSL *, const char *);
diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c
index f6472966d7..73f8e7e4c0 100644
--- a/modules/ssl/ssl_engine_init.c
+++ b/modules/ssl/ssl_engine_init.c
@@ -185,6 +185,7 @@ void ssl_init_Module(apr_pool_t *p, apr_pool_t *plog,
         ssl_init_SSLLibrary();
     }
 #endif
+    ssl_util_thread_setup(s, p);
     if (mc->nInitCount == 1) {
         ssl_pphrase_Handle(s, p);
         ssl_init_TmpKeysHandle(SSL_TKP_GEN, s, p);
diff --git a/modules/ssl/ssl_util.c b/modules/ssl/ssl_util.c
index 9bbf52568f..46eb14abe2 100644
--- a/modules/ssl/ssl_util.c
+++ b/modules/ssl/ssl_util.c
@@ -328,3 +328,49 @@ ssl_util_getmodconfig_ssl(
     return mc;
 }
 
+/*
+ * To ensure thread-safetyness in OpenSSL - work in progress
+ */
+
+static apr_lock_t *lock_cs[CRYPTO_NUM_LOCKS];
+static long        lock_count[CRYPTO_NUM_LOCKS];
+
+void ssl_util_thread_locking_callback(int mode, int type, char *file, int line)
+{
+    if (mode & CRYPTO_LOCK) {
+        apr_lock_acquire(lock_cs[type]);
+        lock_count[type]++;
+    }
+    else {
+        apr_lock_release(lock_cs[type]);
+    }
+}
+
+apr_status_t ssl_util_thread_cleanup(void *data)
+{
+    int i;
+
+    CRYPTO_set_locking_callback(NULL);
+    for (i = 0; i < CRYPTO_NUM_LOCKS; i++)
+        apr_lock_destroy(lock_cs[i]);
+    return APR_SUCCESS;
+}
+
+void ssl_util_thread_setup(server_rec *s, apr_pool_t *p)
+{
+    int i;
+    SSLModConfigRec *mc = myModConfig(s);
+
+    *lock_cs = apr_palloc(p, CRYPTO_NUM_LOCKS);
+    for (i = 0; i < CRYPTO_NUM_LOCKS; i++)
+    {
+        lock_count[i]=0;
+        apr_lock_create(&(lock_cs[i]), APR_MUTEX, APR_LOCKALL,
+                                                mc->szMutexFile, p);
+    }
+
+    CRYPTO_set_locking_callback((void (*)())ssl_util_thread_locking_callback);
+    apr_pool_cleanup_register(p, NULL,
+                ssl_util_thread_cleanup, apr_pool_cleanup_null);
+
+}
-- 
2.50.1