diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-02-15 21:15:17 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-02-15 21:15:17 +0100 |
| commit | 2cae6c75d47f486bc4a337df76908b72789a720d (patch) | |
| tree | 44d8ba385bd0f587982a6d39ae0510f7072334e4 | |
| parent | 26b3553b83f44c1f74123f8f0ea4b73d71878910 (diff) | |
| download | gnutls-2cae6c75d47f486bc4a337df76908b72789a720d.tar.gz | |
make the default storage backend thread safe.
| -rw-r--r-- | lib/gnutls_global.c | 9 | ||||
| -rw-r--r-- | lib/verify-tofu.c | 18 |
2 files changed, 23 insertions, 4 deletions
diff --git a/lib/gnutls_global.c b/lib/gnutls_global.c index 112d2b6345..606d5ba577 100644 --- a/lib/gnutls_global.c +++ b/lib/gnutls_global.c @@ -42,6 +42,7 @@ /* created by asn1c */ extern const ASN1_ARRAY_TYPE gnutls_asn1_tab[]; extern const ASN1_ARRAY_TYPE pkix_asn1_tab[]; +extern void *_gnutls_file_mutex; ASN1_TYPE _gnutls_pkix1_asn; ASN1_TYPE _gnutls_gnutls_asn; @@ -262,6 +263,13 @@ gnutls_global_init (void) goto out; } + result = gnutls_mutex_init(&_gnutls_file_mutex); + if (result < 0) + { + gnutls_assert(); + goto out; + } + #ifdef ENABLE_PKCS11 gnutls_pkcs11_init (GNUTLS_PKCS11_FLAG_AUTO, NULL); #endif @@ -296,6 +304,7 @@ gnutls_global_deinit (void) #ifdef ENABLE_PKCS11 gnutls_pkcs11_deinit (); #endif + gnutls_mutex_deinit(&_gnutls_file_mutex); } _gnutls_init--; } diff --git a/lib/verify-tofu.c b/lib/verify-tofu.c index d4461eeca4..5366887cf3 100644 --- a/lib/verify-tofu.c +++ b/lib/verify-tofu.c @@ -34,6 +34,7 @@ #include <base64.h> #include <gnutls/abstract.h> #include <system.h> +#include <locks.h> static int raw_pubkey_to_base64(const gnutls_datum_t* raw, gnutls_datum_t * b64); static int x509_crt_to_raw_pubkey(const gnutls_datum_t * cert, gnutls_datum_t *rpubkey); @@ -54,6 +55,8 @@ int store_pubkey(const char* db_name, const char* host, static int find_config_file(char* file, size_t max_size); #define MAX_FILENAME 512 +void *_gnutls_file_mutex; + static const trust_storage_st default_storage = { store_pubkey, @@ -502,12 +505,19 @@ int store_pubkey(const char* db_name, const char* host, const gnutls_datum_t* pubkey) { FILE* fd = NULL; -gnutls_datum_t b64key; +gnutls_datum_t b64key = { NULL, 0 }; int ret; + ret = gnutls_mutex_lock(&_gnutls_file_mutex); + if (ret != 0) + return gnutls_assert_val(GNUTLS_E_LOCKING_ERROR); + ret = raw_pubkey_to_base64(pubkey, &b64key); if (ret < 0) - return gnutls_assert_val(ret); + { + gnutls_assert(); + goto cleanup; + } fd = fopen(db_name, "ab+"); if (fd == NULL) @@ -527,6 +537,8 @@ int ret; cleanup: if (fd != NULL) fclose(fd); + + gnutls_mutex_unlock(&_gnutls_file_mutex); gnutls_free(b64key.data); return ret; @@ -575,8 +587,6 @@ char buffer[MAX_HASH_SIZE*2+1]; * the storage and retrieval of entries. If it is NULL then the * default file backend will be used. * - * Note that this function is not thread safe with the default backend. - * * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a * negative error value. * |