[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[minion-cvs] First work on threadsafety
Update of /home/minion/cvsroot/src/minion/src
In directory moria.mit.edu:/tmp/cvs-serv31100/src
Modified Files:
crypt.c tls.c
Log Message:
First work on threadsafety
Index: crypt.c
===================================================================
RCS file: /home/minion/cvsroot/src/minion/src/crypt.c,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -d -r1.17 -r1.18
--- crypt.c 29 Dec 2002 20:30:41 -0000 1.17
+++ crypt.c 8 Jan 2003 08:09:09 -0000 1.18
@@ -64,10 +64,12 @@
return NULL;
}
+ Py_BEGIN_ALLOW_THREADS
SHA1_Init(&ctx);
SHA1_Update(&ctx,cp,len);
SHA1_Final(PyString_AS_STRING(output),&ctx);
memset(&ctx,0,sizeof(ctx));
+ Py_END_ALLOW_THREADS
return output;
}
@@ -112,6 +114,7 @@
static char *kwlist[] = { "key", NULL };
char *key;
int keylen;
+ int r;
AES_KEY *aes_key = NULL;
PyObject *result;
@@ -126,7 +129,10 @@
if (!(aes_key = malloc(sizeof(AES_KEY)))) {
PyErr_NoMemory(); goto err;
}
- if (AES_set_encrypt_key(key, keylen*8, aes_key)) {
+ Py_BEGIN_ALLOW_THREADS
+ r = AES_set_encrypt_key(key, keylen*8, aes_key);
+ Py_END_ALLOW_THREADS
+ if (r) {
mm_SSL_ERR(1);
goto err;
}
@@ -188,8 +194,10 @@
return NULL;
}
+ Py_BEGIN_ALLOW_THREADS
mm_aes_counter128(input, PyString_AS_STRING(output), inputlen,
aes_key, idx);
+ Py_END_ALLOW_THREADS
if (prng) free(input);
return output;
@@ -224,9 +232,11 @@
}
outp = PyString_AS_STRING(output);
+ Py_BEGIN_ALLOW_THREADS
while (s1len--) {
*(outp++) = *(s1++) ^ *(s2++);
}
+ Py_END_ALLOW_THREADS
return output;
}
@@ -249,7 +259,10 @@
&seed, &seedlen))
return NULL;
+ Py_BEGIN_ALLOW_THREADS
RAND_seed(seed, seedlen);
+ Py_END_ALLOW_THREADS
+
Py_INCREF(Py_None);
return Py_None;
}
@@ -307,6 +320,7 @@
output = PyString_FromStringAndSize(NULL, keylen);
out = PyString_AS_STRING(output);
+ Py_BEGIN_ALLOW_THREADS
if (encrypt) {
if (pub)
i = RSA_public_encrypt(stringlen, string, out, rsa,
@@ -322,6 +336,7 @@
i = RSA_private_decrypt(stringlen, string, out, rsa,
RSA_NO_PADDING);
}
+ Py_END_ALLOW_THREADS
if (i <= 0) {
Py_DECREF(output);
@@ -359,7 +374,10 @@
return NULL;
}
+ Py_BEGIN_ALLOW_THREADS
rsa = RSA_generate_key(bits, e, NULL, NULL);
+ Py_END_ALLOW_THREADS
+
if (rsa == NULL) {
mm_SSL_ERR(1);
return NULL;
@@ -383,7 +401,7 @@
int len;
PyObject *output;
- unsigned char *out, *outp;
+ unsigned char *out = NULL, *outp;
assert(mm_RSA_Check(self));
if (!PyArg_ParseTupleAndKeywords(args, kwdict,
@@ -396,19 +414,21 @@
return NULL;
}
+ Py_BEGIN_ALLOW_THREADS
len = public ? i2d_RSAPublicKey(rsa,NULL) :
i2d_RSAPrivateKey(rsa,NULL);
- if (len < 0) {
- mm_SSL_ERR(1);
- return NULL;
+ if (len >= 0) {
+ out = outp = malloc(len+1);
+ if (public)
+ len = i2d_RSAPublicKey(rsa, &outp);
+ else
+ len = i2d_RSAPrivateKey(rsa, &outp);
}
- out = outp = malloc(len+1);
- if (public)
- len = i2d_RSAPublicKey(rsa, &outp);
- else
- len = i2d_RSAPrivateKey(rsa, &outp);
+ Py_END_ALLOW_THREADS
+
if (len < 0) {
- free(out);
+ if (out)
+ free(out);
mm_SSL_ERR(1);
return NULL;
}
@@ -441,8 +461,10 @@
&string, &stringlen, &public))
return NULL;
+ Py_BEGIN_ALLOW_THREADS
rsa = public ? d2i_RSAPublicKey(NULL, &string, stringlen) :
d2i_RSAPrivateKey(NULL, &string, stringlen);
+ Py_END_ALLOW_THREADS
if (!rsa) {
mm_SSL_ERR(1);
return NULL;
@@ -460,6 +482,7 @@
PyObject *
mm_RSA_PEM_write_key(PyObject *self, PyObject *args, PyObject *kwdict)
{
+ /* XXXX make this threadsafe. */
static char* kwlist[] = { "file", "public", "password", NULL };
PyObject *pyfile;
int public, passwordlen=0;
@@ -551,12 +574,15 @@
if (!passwordlen)
password = "";
+ Py_BEGIN_ALLOW_THREADS
if (public) {
rsa = PEM_read_RSAPublicKey(file, NULL, NULL, NULL);
} else {
rsa = PEM_read_RSAPrivateKey(file, NULL,
NULL, password);
}
+ Py_END_ALLOW_THREADS
+
if (!rsa) {
mm_SSL_ERR(1);
return NULL;
@@ -626,6 +652,7 @@
PyObject *
mm_RSA_get_public_key(PyObject *self, PyObject *args, PyObject *kwdict)
{
+ /* ???? should be threadified? */
static char *kwlist[] = { NULL };
RSA *rsa;
@@ -658,6 +685,7 @@
PyObject *
mm_RSA_get_exponent(PyObject *self, PyObject *args, PyObject *kwdict)
{
+ /* ???? should be threadified? */
static char *kwlist[] = { NULL };
RSA *rsa;
@@ -683,6 +711,7 @@
PyObject *
mm_rsa_make_public_key(PyObject *self, PyObject *args, PyObject *kwdict)
{
+ /* ???? Should be threadified */
static char *kwlist[] = { "n","e", NULL };
RSA *rsa;
@@ -713,6 +742,7 @@
static PyObject *
mm_RSA_get_modulus_bytes(PyObject *self, PyObject *args, PyObject *kwargs)
{
+ /* ???? should be threadified? */
static char *kwlist[] = { NULL };
RSA *rsa;
@@ -797,9 +827,12 @@
PyErr_NoMemory(); return NULL;
}
+ Py_BEGIN_ALLOW_THREADS
r = RSA_padding_add_PKCS1_OAEP(PyString_AS_STRING(output), keylen,
input, inputlen,
param, paramlen);
+ Py_END_ALLOW_THREADS
+
if (r <= 0) {
mm_SSL_ERR(1);
Py_DECREF(output);
@@ -842,9 +875,11 @@
PyErr_NoMemory(); return NULL;
}
+ Py_BEGIN_ALLOW_THREADS
r = RSA_padding_check_PKCS1_OAEP(PyString_AS_STRING(output), r,
input+1, inputlen-1, keylen,
param, paramlen);
+ Py_END_ALLOW_THREADS
if (r <= 0) {
mm_SSL_ERR(1);
Py_DECREF(output);
@@ -874,10 +909,11 @@
PyObject *
mm_generate_dh_parameters(PyObject *self, PyObject *args, PyObject *kwargs)
{
+ /* ???? should be threadified? */
static char *kwlist[] = { "filename", "verbose", "bits", NULL };
char *filename;
int bits=512, verbose=0;
-
+
BIO *out = NULL;
DH *dh = NULL;
@@ -887,12 +923,12 @@
&filename, &verbose, &bits))
return NULL;
- if (!(out = BIO_new_file(filename, "w")))
- goto error;
- if (!(dh = DH_generate_parameters(bits, 2,
- verbose?gen_dh_callback:NULL,
- NULL)))
- goto error;
+ out = BIO_new_file(filename, "w");
+ if (out)
+ dh = DH_generate_parameters(bits, 2,
+ verbose?gen_dh_callback:NULL,
+ NULL);
+ if (out && dh)
if (!PEM_write_bio_DHparams(out, dh))
goto error;
BIO_free(out);
@@ -920,6 +956,7 @@
PyObject *
mm_generate_cert(PyObject *self, PyObject *args, PyObject *kwargs)
{
+ /* ???? should be threadified? */
static char *kwlist[] = { "filename", "rsa", "cn",
"start_time", "end_time", NULL };
char *filename, *cn;
Index: tls.c
===================================================================
RCS file: /home/minion/cvsroot/src/minion/src/tls.c,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -d -r1.11 -r1.12
--- tls.c 16 Dec 2002 02:40:11 -0000 1.11
+++ tls.c 8 Jan 2003 08:09:09 -0000 1.12
@@ -111,14 +111,15 @@
static char *kwlist[] = { "certfile", "pkfile", "dhfile", NULL };
char *certfile = NULL, *dhfile=NULL;
mm_RSA *rsa = NULL;
+ int err = 0;
SSL_METHOD *method;
- SSL_CTX *ctx;
- DH *dh;
- mm_TLSContext *result;
- BIO *bio;
+ SSL_CTX *ctx = NULL;
+ DH *dh = NULL;
+ BIO *bio = NULL;
RSA *_rsa = NULL;
EVP_PKEY *pkey = NULL;
+ mm_TLSContext *result;
if (!PyArg_ParseTupleAndKeywords(args, kwargs, "|sO!s:TLSContext_new",
kwlist,
@@ -127,53 +128,60 @@
&dhfile))
return NULL;
+ Py_BEGIN_ALLOW_THREADS;
method = TLSv1_method();
- if (!(ctx = SSL_CTX_new(method))) {
- mm_SSL_ERR(0); return NULL;
- }
- if (!SSL_CTX_set_cipher_list(ctx, TLS1_TXT_DHE_RSA_WITH_AES_128_SHA)){
- SSL_CTX_free(ctx); mm_SSL_ERR(0); return NULL;
- }
- if (certfile &&
- !SSL_CTX_use_certificate_file(ctx,certfile,SSL_FILETYPE_PEM)) {
- SSL_CTX_free(ctx); mm_SSL_ERR(0); return NULL;
- }
- if (rsa) {
+ if (!(ctx = SSL_CTX_new(method)))
+ err = 1;
+ if (!err && !SSL_CTX_set_cipher_list(ctx,
+ TLS1_TXT_DHE_RSA_WITH_AES_128_SHA))
+ err = 1;
+ if (!err && certfile &&
+ !SSL_CTX_use_certificate_file(ctx,certfile,SSL_FILETYPE_PEM))
+ err = 1;
+ if (!err && rsa) {
if (!(_rsa = RSAPrivateKey_dup(rsa->rsa)) ||
- !(pkey = EVP_PKEY_new()) ||
- !EVP_PKEY_assign_RSA(pkey, _rsa)) {
- if (!pkey && _rsa) RSA_free(_rsa);
- if (pkey) EVP_PKEY_free(pkey);
- SSL_CTX_free(ctx); mm_SSL_ERR(0); return NULL;
- }
- if (!(SSL_CTX_use_PrivateKey(ctx, pkey))) {
+ !(pkey = EVP_PKEY_new()))
+ err = 1;
+ if (!err && !EVP_PKEY_assign_RSA(pkey, _rsa))
+ err = 1;
+ if (!err && !(SSL_CTX_use_PrivateKey(ctx, pkey)))
+ err = 1;
+ if (pkey)
EVP_PKEY_free(pkey);
- SSL_CTX_free(ctx); mm_SSL_ERR(0); return NULL;
- }
- EVP_PKEY_free(pkey);
}
- if (dhfile) {
- if ( !(bio = BIO_new_file(dhfile, "r"))) {
- SSL_CTX_free(ctx); mm_SSL_ERR(0); return NULL;
- }
- dh=PEM_read_bio_DHparams(bio,NULL,NULL,NULL);
- BIO_free(bio);
- if (!dh) {
- SSL_CTX_free(ctx); mm_SSL_ERR(0); return NULL;
+ if (!err && dhfile) {
+ if ( !(bio = BIO_new_file(dhfile, "r")))
+ err = 1;
+ if (!err) {
+ dh=PEM_read_bio_DHparams(bio,NULL,NULL,NULL);
+ if (!dh)
+ err = 1;
}
- SSL_CTX_set_tmp_dh(ctx,dh);
- DH_free(dh);
+ if (!err)
+ SSL_CTX_set_tmp_dh(ctx,dh);
}
- SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, NULL);
+ if (!err)
+ SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, NULL);
+ Py_END_ALLOW_THREADS
- result = PyObject_New(mm_TLSContext, &mm_TLSContext_Type);
- if (!result) {
- SSL_CTX_free(ctx); return NULL;
+ if (!err) {
+ result = PyObject_New(mm_TLSContext, &mm_TLSContext_Type);
+ if (!result) {
+ SSL_CTX_free(ctx); return NULL;
+ }
+ result->ctx = ctx;
+ return (PyObject*)result;
+ } else {
+ if (dh) DH_free(dh);
+ if (bio) BIO_free(bio);
+ if (!pkey && _rsa) RSA_free(_rsa);
+ if (pkey) EVP_PKEY_free(pkey);
+ if (ctx) SSL_CTX_free(ctx);
+ mm_SSL_ERR(0);
+ return NULL;
}
- result->ctx = ctx;
- return (PyObject*)result;
}
static void
@@ -196,10 +204,11 @@
PyObject *sockObj;
int serverMode = 0;
int sock;
+ int err = 0;
SSL_CTX *ctx;
- BIO *bio;
- SSL *ssl;
+ BIO *bio = NULL;
+ SSL *ssl = NULL;
mm_TLSSock *ret;
if (!PyArg_ParseTupleAndKeywords(args, kwargs, "O|i:sock",
@@ -214,31 +223,37 @@
ctx = ((mm_TLSContext*)self)->ctx;
- if (!(ssl = SSL_new(ctx))) {
- mm_SSL_ERR(0); return NULL;
- }
+ Py_BEGIN_ALLOW_THREADS
+ if (!(ssl = SSL_new(ctx)))
+ err = 1;
- if (serverMode && !SSL_set_cipher_list(ssl,
+ if (!err && serverMode && !SSL_set_cipher_list(ssl,
TLS1_TXT_DHE_RSA_WITH_AES_128_SHA ":"
- SSL3_TXT_RSA_DES_192_CBC3_SHA)) {
- mm_SSL_ERR(0); SSL_free(ssl); return NULL;
- }
+ SSL3_TXT_RSA_DES_192_CBC3_SHA))
+ err = 1;
- if (!(bio = BIO_new_socket(sock, BIO_NOCLOSE))) {
- SSL_free(ssl); mm_SSL_ERR(0); return NULL;
- }
+ if (!err && !(bio = BIO_new_socket(sock, BIO_NOCLOSE)))
+ err = 1;
SSL_set_bio(ssl,bio,bio);
+ Py_END_ALLOW_THREADS
- if (!(ret = PyObject_New(mm_TLSSock, &mm_TLSSock_Type))) {
- SSL_free(ssl); PyErr_NoMemory(); SSL_free(ssl); return NULL;
+ if (!err) {
+ if (!(ret = PyObject_New(mm_TLSSock, &mm_TLSSock_Type))) {
+ SSL_free(ssl); PyErr_NoMemory(); return NULL;
+ }
+ ret->ssl = ssl;
+ ret->context = self;
+ ret->sock = sock;
+ ret->sockObj = sockObj;
+ Py_INCREF(self);
+ Py_INCREF(sockObj);
+ return (PyObject*)ret;
+ } else {
+ if (ssl) SSL_free(ssl);
+ mm_SSL_ERR(0);
+ return NULL;
}
- ret->ssl = ssl;
- ret->context = self;
- ret->sock = sock;
- ret->sockObj = sockObj;
- Py_INCREF(self);
- Py_INCREF(sockObj);
- return (PyObject*)ret;
+
}
static PyMethodDef mm_TLSContext_methods[] = {
@@ -494,6 +509,7 @@
static PyObject*
mm_TLSSock_get_peer_cert_pk(PyObject *self, PyObject *args, PyObject *kwargs)
{
+ /* ???? Should be threadified? */
SSL *ssl;
X509 *cert;
EVP_PKEY *pkey;