Browse code

tls: the pointer of cfg structure

- synchronize when updating the list of tls configs and their reference
count
- with parts from patch by Ding Ma, FS#380, contributed under BSD license

(cherry picked from commit 208934d47ac1585d42029234267bcceab40ae218)

Daniel-Constantin Mierla authored on 06/01/2014 23:10:34
Showing 8 changed files
... ...
@@ -2,6 +2,7 @@
2 2
  * TLS module
3 3
  *
4 4
  * Copyright (C) 2010 iptelorg GmbH
5
+ * Copyright (C) 2013 Motorola Solutions, Inc.
5 6
  *
6 7
  * Permission to use, copy, modify, and distribute this software for any
7 8
  * purpose with or without fee is hereby granted, provided that the above
... ...
@@ -76,7 +77,7 @@ struct cfg_group_tls default_tls_cfg = {
76 76
 	0 /* send_close_notify (off by default)*/
77 77
 };
78 78
 
79
-void* tls_cfg = &default_tls_cfg;
79
+volatile void* tls_cfg = &default_tls_cfg;
80 80
 
81 81
 
82 82
 /* if *to<0 to=default_val, else if to>max_val to=max_val */
... ...
@@ -2,6 +2,7 @@
2 2
  * TLS module
3 3
  * 
4 4
  * Copyright (C) 2010 iptelorg GmbH
5
+ * Copyright (C) 2013 Motorola Solutions, Inc.
5 6
  *
6 7
  * Permission to use, copy, modify, and distribute this software for any
7 8
  * purpose with or without fee is hereby granted, provided that the above
... ...
@@ -101,7 +102,7 @@ struct cfg_group_tls {
101 101
 
102 102
 
103 103
 extern struct cfg_group_tls default_tls_cfg;
104
-extern void* tls_cfg;
104
+extern volatile void* tls_cfg;
105 105
 extern cfg_def_t tls_cfg_def[];
106 106
 
107 107
 
... ...
@@ -2,6 +2,7 @@
2 2
  * TLS module
3 3
  *
4 4
  * Copyright (C) 2005,2006 iptelorg GmbH
5
+ * Copyright (C) 2013 Motorola Solutions, Inc.
5 6
  *
6 7
  * Permission to use, copy, modify, and distribute this software for any
7 8
  * purpose with or without fee is hereby granted, provided that the above
... ...
@@ -23,7 +24,6 @@
23 23
  * Module: @ref tls
24 24
  */
25 25
 
26
-
27 26
 #include <stdlib.h>
28 27
 #include <openssl/ssl.h>
29 28
 #include <openssl/opensslv.h>
... ...
@@ -119,6 +119,7 @@ void tls_free_cfg(tls_domains_cfg_t* cfg)
119 119
 	}
120 120
 	if (cfg->srv_default) tls_free_domain(cfg->srv_default);
121 121
 	if (cfg->cli_default) tls_free_domain(cfg->cli_default);
122
+	shm_free(cfg);
122 123
 }
123 124
 
124 125
 
... ...
@@ -2,6 +2,7 @@
2 2
  * TLS module
3 3
  *
4 4
  * Copyright (C) 2005,2006 iptelorg GmbH
5
+ * Copyright (C) 2013 Motorola Solutions, Inc.
5 6
  *
6 7
  * Permission to use, copy, modify, and distribute this software for any
7 8
  * purpose with or without fee is hereby granted, provided that the above
... ...
@@ -99,7 +100,7 @@ typedef struct tls_domains_cfg {
99 99
 	tls_domain_t* srv_list;    /**< Server domain list */
100 100
 	tls_domain_t* cli_list;    /**< Client domain list */
101 101
 	struct tls_domains_cfg* next; /**< Next element in the garbage list */
102
-	int ref_count;             /**< How many connections use this configuration */
102
+	volatile int ref_count;             /**< How many connections use this configuration */
103 103
 } tls_domains_cfg_t;
104 104
 
105 105
 
... ...
@@ -2,6 +2,7 @@
2 2
  * TLS module
3 3
  *
4 4
  * Copyright (C) 2007 iptelorg GmbH 
5
+ * Copyright (C) Motorola Solutions, Inc.
5 6
  *
6 7
  * Permission to use, copy, modify, and distribute this software for any
7 8
  * purpose with or without fee is hereby granted, provided that the above
... ...
@@ -278,7 +279,7 @@ static int mod_init(void)
278 278
 	}
279 279
 	/* declare configuration */
280 280
 	if (cfg_declare("tls", tls_cfg_def, &default_tls_cfg,
281
-							cfg_sizeof(tls), &tls_cfg)) {
281
+							cfg_sizeof(tls), (void **)&tls_cfg)) {
282 282
 		ERR("failed to register the configuration\n");
283 283
 		return -1;
284 284
 	}
... ...
@@ -2,6 +2,7 @@
2 2
  * TLS module - management interface
3 3
  *
4 4
  * Copyright (C) 2005 iptelorg GmbH
5
+ * Copyright (C) 2013 Motorola Solutions, Inc.
5 6
  *
6 7
  * This file is part of sip-router, a free SIP server.
7 8
  *
... ...
@@ -56,10 +57,11 @@ static void tls_reload(rpc_t* rpc, void* ctx)
56 56
 		return;
57 57
 	}
58 58
 
59
-	     /* Try to delete old configurations first */
59
+	/* Try to delete old configurations first */
60 60
 	collect_garbage();
61 61
 
62 62
 	cfg = tls_load_config(&tls_domains_cfg_file);
63
+
63 64
 	if (!cfg) {
64 65
 		rpc->fault(ctx, 500, "Error while loading TLS configuration file"
65 66
 							" (consult server log)");
... ...
@@ -78,8 +80,14 @@ static void tls_reload(rpc_t* rpc, void* ctx)
78 78
 	}
79 79
 
80 80
 	DBG("TLS configuration successfuly loaded");
81
+
82
+	lock_get(tls_domains_cfg_lock);
83
+
81 84
 	cfg->next = (*tls_domains_cfg);
82 85
 	*tls_domains_cfg = cfg;
86
+
87
+	lock_release(tls_domains_cfg_lock);
88
+
83 89
 	return;
84 90
 
85 91
  error:
... ...
@@ -2,6 +2,7 @@
2 2
  * TLS module - main server part
3 3
  *
4 4
  * Copyright (C) 2005-2010 iptelorg GmbH
5
+ * Copyright (C) 2013 Motorola Solutions, Inc.
5 6
  *
6 7
  * This file is part of SIP-router, a free SIP server.
7 8
  *
... ...
@@ -148,13 +149,10 @@ static int tls_complete_init(struct tcp_connection* c)
148 148
 		goto error2;
149 149
 	}
150 150
 	     /* Get current TLS configuration and increase reference
151
-	      * count immediately. There is no need to lock the structure
152
-	      * here, because it does not get deleted immediately. When
153
-	      * SER reloads TLS configuration it will put the old configuration
154
-	      * on a garbage queue and delete it later, so we know here that
155
-	      * the pointer we get from *tls_domains_cfg will be valid for a while,
156
-		  * at least by the time this function finishes
151
+	      * count immediately.
157 152
 	      */
153
+
154
+	lock_get(tls_domains_cfg_lock);
158 155
 	cfg = *tls_domains_cfg;
159 156
 
160 157
 	     /* Increment the reference count in the configuration structure, this
... ...
@@ -162,6 +160,7 @@ static int tls_complete_init(struct tcp_connection* c)
162 162
 	      * not get deleted if there are still connection referencing its SSL_CTX
163 163
 	      */
164 164
 	cfg->ref_count++;
165
+	lock_release(tls_domains_cfg_lock);
165 166
 
166 167
 	if (c->flags & F_CONN_PASSIVE) {
167 168
 		state=S_TLS_ACCEPTING;
... ...
@@ -2,6 +2,7 @@
2 2
  * TLS module
3 3
  *
4 4
  * Copyright (C) 2005 iptelorg GmbH
5
+ * Copyright (C) 2013 Motorola Solutions, Inc.
5 6
  *
6 7
  * Permission to use, copy, modify, and distribute this software for any
7 8
  * purpose with or without fee is hereby granted, provided that the above
... ...
@@ -16,6 +17,7 @@
16 16
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 17
  */
18 18
 
19
+
19 20
 #define _GNU_SOURCE 1 /* Needed for strndup */
20 21
 
21 22
 #include <string.h>
... ...
@@ -66,7 +68,7 @@ int shm_asciiz_dup(char** dest, char* val)
66 66
  */
67 67
 void collect_garbage(void)
68 68
 {
69
-	tls_domains_cfg_t* prev, *cur;
69
+	tls_domains_cfg_t *prev, *cur, *next;
70 70
 
71 71
 	     /* Make sure we do not run two garbage collectors
72 72
 	      * at the same time
... ...
@@ -80,14 +82,16 @@ void collect_garbage(void)
80 80
 	cur = (*tls_domains_cfg)->next;
81 81
 
82 82
 	while(cur) {
83
+		next = cur->next;
83 84
 		if (cur->ref_count == 0) {
84
-			     /* Not referenced by any existing connection */
85
+			/* Not referenced by any existing connection */
85 86
 			prev->next = cur->next;
86 87
 			tls_free_cfg(cur);
88
+		} else {
89
+			/* Only update prev if we didn't remove cur */
90
+			prev = cur;
87 91
 		}
88
-
89
-		prev = cur;
90
-		cur = cur->next;
92
+		cur = next;
91 93
 	}
92 94
 
93 95
 	lock_release(tls_domains_cfg_lock);