Fix race condition when logging keystmp-keylog-threadsafe

Moves keylog initialization to _gnutls_global_init(). That means SSLKEYLOGFILE has to be set before starting the application - or more exactly - before library initialization. Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
author: Tim Rühsen <tim.ruehsen@gmx.de> 2019-07-16 11:44:02 +0200
committer: Tim Rühsen <tim.ruehsen@gmx.de> 2019-07-16 11:44:09 +0200
commit: c8db8e1724cd189d3865823dc3f0f1154e3a8868 (patch)
tree: 30dab8ece42f053f463aff7efaeca0bec4ccbba5 /lib/kx.c
parent: 9ba468c457478c1c1fbdd772b45c1564584a160e (diff)
download: gnutls-tmp-keylog-threadsafe.tar.gz
1 files changed, 8 insertions, 10 deletions
diff --git a/lib/kx.c b/lib/kx.c
index 69374908e4..875a56b71c 100644
--- a/lib/kx.c
+++ b/lib/kx.c
@@ -74,16 +74,6 @@ void _gnutls_nss_keylog_write(gnutls_session_t session,
 			      const char *label,
 			      const uint8_t *secret, size_t secret_size)
 {
-	static const char *keylogfile = NULL;
-	static unsigned checked_env = 0;
-
-	if (!checked_env) {
-		checked_env = 1;
-		keylogfile = secure_getenv("SSLKEYLOGFILE");
-		if (keylogfile != NULL)
-			keylog = fopen(keylogfile, "a");
-	}
-
 	if (keylog) {
 		char client_random_hex[2*GNUTLS_RANDOM_SIZE+1];
 		char secret_hex[2*MAX_HASH_SIZE+1];
@@ -102,6 +92,14 @@ void _gnutls_nss_keylog_write(gnutls_session_t session,
 	}
 }
 
+void _gnutls_nss_keylog_init(void)
+{
+	const char *keylogfile = secure_getenv("SSLKEYLOGFILE");
+
+	if (keylogfile)
+		keylog = fopen(keylogfile, "a");
+}
+
 void _gnutls_nss_keylog_deinit(void)
 {
 	if (keylog) {
author	Tim Rühsen <tim.ruehsen@gmx.de>	2019-07-16 11:44:02 +0200
committer	Tim Rühsen <tim.ruehsen@gmx.de>	2019-07-16 11:44:09 +0200
commit	c8db8e1724cd189d3865823dc3f0f1154e3a8868 (patch)
tree	30dab8ece42f053f463aff7efaeca0bec4ccbba5 /lib/kx.c
parent	9ba468c457478c1c1fbdd772b45c1564584a160e (diff)
download	gnutls-tmp-keylog-threadsafe.tar.gz