Home Explore Help
Register Sign In
hp
/
kopano-core
Watch 1
Star 0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
kopano-core
/
common
/
SSLUtil.cpp

SSLUtil.cpp 2.4 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105 
  1. /*
    2. 

  2.  * Copyright 2005 - 2016 Zarafa and its licensors
    3. 

  3.  *
    4. 

  4.  * This program is free software: you can redistribute it and/or modify
    5. 

  5.  * it under the terms of the GNU Affero General Public License, version 3,
    6. 

  6.  * as published by the Free Software Foundation.
    7. 

  7.  *
    8. 

  8.  * This program is distributed in the hope that it will be useful,
    9. 

  9.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
    10. 

  10.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
    11. 

  11.  * GNU Affero General Public License for more details.
    12. 

  12.  *
    13. 

  13.  * You should have received a copy of the GNU Affero General Public License
    14. 

  14.  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
    15. 

  15.  *
    16. 

  16.  */
    17. 

  17. #include <mutex>
    18. 

  18. #include <kopano/platform.h>
    19. 

  19. #include <kopano/lockhelper.hpp>
    20. 

  20. #include "SSLUtil.h"
    21. 

  21. #include <pthread.h>
    22. 

  22. #include <openssl/bn.h>
    23. 

  23. #include <openssl/rand.h>
    24. 

  24. #include <openssl/ssl.h>
    25. 

  25. #include <openssl/conf.h>
    26. 

  26. #include <openssl/engine.h>
    27. 

  27. 

  28. namespace KC {
    29. 

  29. 

  30. static std::recursive_mutex *ssl_locks;
    31. 

  31. 

  32. static void ssl_lock(int mode, int n, const char *file, int line)
    33. 

  33. {
    34. 

  34. 	if (mode & CRYPTO_LOCK)
    35. 

  35. 		ssl_locks[n].lock();
    36. 

  36. 	else
    37. 

  37. 		ssl_locks[n].unlock();
    38. 

  38. }
    39. 

  39. 

  40. static unsigned long ssl_id_function(void)
    41. 

  41. {
    42. 

  42.     return ((unsigned long) pthread_self());
    43. 

  43. }
    44. 

  44. 

  45. void ssl_threading_setup() {
    46. 

  46. 	if (ssl_locks)
    47. 

  47. 		return;
    48. 

  48. 	// make recursive, because of openssl bug http://rt.openssl.org/Ticket/Display.html?id=2813&user=guest&pass=guest
    49. 

  49. 	ssl_locks = new std::recursive_mutex[CRYPTO_num_locks()];
    50. 

  50. 	CRYPTO_set_locking_callback(ssl_lock);
    51. 

  51. 	CRYPTO_set_id_callback(ssl_id_function);
    52. 

  52. }
    53. 

  53. 

  54. void ssl_threading_cleanup() {
    55. 

  55. 	if (!ssl_locks)
    56. 

  56. 		return;
    57. 

  57. 	CRYPTO_set_id_callback(NULL);
    58. 

  58. 	CRYPTO_set_locking_callback(NULL);
    59. 

  59. 	delete[] ssl_locks;
    60. 

  60. 	ssl_locks = nullptr;
    61. 

  61. }
    62. 

  62. 

  63. /**
    64. 

  64.  * Free most of the SSL library allocated memory.
    65. 

  65.  *
    66. 

  66.  * This will remove most of the memmory used by 
    67. 

  67.  * the ssl library. Don't use this function in libraries
    68. 

  68.  * because it will unload the whole SSL data.
    69. 

  69.  *
    70. 

  70.  * This function makes valgrind happy
    71. 

  71.  */
    72. 

  72. void SSL_library_cleanup()
    73. 

  73. {
    74. 

  74. 	#ifndef OPENSSL_NO_ENGINE
    75. 

  75. 		ENGINE_cleanup();
    76. 

  76. 	#endif
    77. 

  77. 

  78. 	ERR_free_strings();
    79. 

  79. 	ERR_remove_state(0);
    80. 

  80. 	EVP_cleanup();
    81. 

  81. 	CRYPTO_cleanup_all_ex_data();
    82. 

  82. 

  83. 	CONF_modules_unload(0);
    84. 

  84. }
    85. 

  85. 

  86. void ssl_random_init()
    87. 

  87. {
    88. 

  88. 	rand_init();
    89. 

  89. 

  90. 	while (RAND_status() == 0) {
    91. 

  91. 		char buffer[16];
    92. 

  92. 		rand_get(buffer, sizeof buffer);
    93. 

  93. 		RAND_seed(buffer, sizeof buffer);
    94. 

  94. 	}
    95. 

  95. }
    96. 

  96. 

  97. void ssl_random(bool b64bit, uint64_t *id)
    98. 

  98. {
    99. 

  99. 	RAND_pseudo_bytes(reinterpret_cast<unsigned char *>(id), sizeof(*id));
    100. 

  100. 	if (!b64bit)
    101. 

  101. 		*id &= 0xFFFFFFFF;
    102. 

  102. }
    103. 

  103. 

  104. } /* namespace */
    105. 

  105.