diff options
author | Bryan Ischo <bryan@ischo.com> | 2008-08-21 05:00:26 +0000 |
---|---|---|
committer | Bryan Ischo <bryan@ischo.com> | 2008-08-21 05:00:26 +0000 |
commit | af16c4d1a3a79d51ba1c1ea661d958eed65c15a3 (patch) | |
tree | f3b702353e3b28b5517624ee4f297c5648d94a97 /src | |
parent | 7088858ee0b97a0576dcae6a0ad770412651301a (diff) | |
download | ceph-libs3-af16c4d1a3a79d51ba1c1ea661d958eed65c15a3.tar.gz |
* Revert GnuTLS back to openssl, since GnuTLS is too hard to get working on
Windows
Diffstat (limited to 'src')
-rw-r--r-- | src/general.c | 106 | ||||
-rw-r--r-- | src/request.c | 33 |
2 files changed, 102 insertions, 37 deletions
diff --git a/src/general.c b/src/general.c index 8f9996a..9904e5a 100644 --- a/src/general.c +++ b/src/general.c @@ -25,10 +25,13 @@ ************************************************************************** **/ #include <ctype.h> -#include <errno.h> // For gcrypt, which should include it itself -#include <gcrypt.h> +#include <openssl/crypto.h> +#define OPENSSL_THREAD_DEFINES +#include <openssl/opensslconf.h> +#ifndef OPENSSL_THREADS +#error "Threading support required in OpenSSL library, but not provided" +#endif #include <pthread.h> -#include <stdlib.h> // For gcrypt, which should include it itself #include <string.h> #include "request.h" #include "simplexml.h" @@ -36,8 +39,71 @@ static int initializeCountG = 0; -// libgcrypt macro which generates boilerplate for using pthreads -GCRY_THREAD_OPTION_PTHREAD_IMPL; +typedef pthread_mutex_t CRYPTO_dynlock_value; + +static pthread_mutex_t *pLocksG; + + +static unsigned long id_callback() +{ + return (unsigned long) pthread_self(); +} + + +static void locking_callback(int mode, int index, const char *file, int line) +{ + if (mode & CRYPTO_LOCK) { + pthread_mutex_lock(&(pLocksG[index])); + } + else { + pthread_mutex_unlock(&(pLocksG[index])); + } +} + + +static struct CRYPTO_dynlock_value *dynlock_create(const char *file, int line) +{ + pthread_mutex_t *ret = (pthread_mutex_t *) malloc(sizeof(pthread_mutex_t)); + pthread_mutex_init(ret, 0); + return (struct CRYPTO_dynlock_value *) ret; +} + + +static void dynlock_lock(int mode, struct CRYPTO_dynlock_value *pLock, + const char *file, int line) +{ + if (mode & CRYPTO_LOCK) { + pthread_mutex_lock((pthread_mutex_t *) pLock); + } + else { + pthread_mutex_unlock((pthread_mutex_t *) pLock); + } +} + + +static void dynlock_destroy(struct CRYPTO_dynlock_value *pLock, + const char *file, int line) +{ + pthread_mutex_destroy((pthread_mutex_t *) pLock); + free(pLock); +} + + +static void deinitialize_locks() +{ + CRYPTO_set_dynlock_destroy_callback(NULL); + CRYPTO_set_dynlock_lock_callback(NULL); + CRYPTO_set_dynlock_create_callback(NULL); + CRYPTO_set_locking_callback(NULL); + CRYPTO_set_id_callback(NULL); + + int count = CRYPTO_num_locks(); + for (int i = 0; i < count; i++) { + pthread_mutex_destroy(&(pLocksG[i])); + } + + free(pLocksG); +} S3Status S3_initialize(const char *userAgentInfo, int flags) @@ -46,13 +112,31 @@ S3Status S3_initialize(const char *userAgentInfo, int flags) return S3StatusOK; } - if (flags & S3_INIT_GCRYPT) { - gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread); - gcry_control(GCRYCTL_DISABLE_SECMEM); - gcry_check_version(0); + /* As required by the openssl library for thread support */ + int count = CRYPTO_num_locks(), i; + + if (!(pLocksG = + (pthread_mutex_t *) malloc(count * sizeof(pthread_mutex_t)))) { + return S3StatusOutOfMemory; + } + + for (i = 0; i < count; i++) { + pthread_mutex_init(&(pLocksG[i]), 0); } - return request_api_initialize(userAgentInfo, flags); + CRYPTO_set_id_callback(&id_callback); + CRYPTO_set_locking_callback(&locking_callback); + CRYPTO_set_dynlock_create_callback(dynlock_create); + CRYPTO_set_dynlock_lock_callback(dynlock_lock); + CRYPTO_set_dynlock_destroy_callback(dynlock_destroy); + + S3Status status = request_api_initialize(userAgentInfo, flags); + if (status != S3StatusOK) { + deinitialize_locks(); + return status; + } + + return S3StatusOK; } @@ -63,6 +147,8 @@ void S3_deinitialize() } request_api_deinitialize(); + + deinitialize_locks(); } const char *S3_get_status_name(S3Status status) diff --git a/src/request.c b/src/request.c index 4249243..293c97a 100644 --- a/src/request.c +++ b/src/request.c @@ -25,7 +25,7 @@ ************************************************************************** **/ #include <ctype.h> -#include <gcrypt.h> +#include <openssl/hmac.h> #include <pthread.h> #include <stdlib.h> #include <string.h> @@ -705,39 +705,18 @@ static S3Status compose_auth_header(const RequestParams *params, signbuf_append("%s", values->canonicalizedResource); - // Generate a SHA-1 of the signbuf + // Generate an HMAC-SHA-1 of the signbuf - // Message Digest handle - gcry_md_hd_t mdh; + unsigned int md_len; + unsigned char md[EVP_MAX_MD_SIZE]; - // "Open" the Message Digest Handle - SHA-1 with HMAC feature - if (gcry_md_open - (&mdh, GCRY_MD_SHA1, GCRY_MD_FLAG_HMAC) != GPG_ERR_NO_ERROR) { - return S3StatusInternalError; - } - - // Set the key that will be used with the HMAC feature - if (gcry_md_setkey - (mdh, params->secretAccessKey, - strlen(params->secretAccessKey)) != GPG_ERR_NO_ERROR) { - gcry_md_close(mdh); - return S3StatusInternalError; - } - - // Specify the signbuf data to compute SHA-1 of - gcry_md_write(mdh, signbuf, len); - - // Get the results - unsigned int md_len = gcry_md_get_algo_dlen(GCRY_MD_SHA1); - unsigned char *md = gcry_md_read(mdh, GCRY_MD_SHA1); + HMAC(EVP_sha1(), params->secretAccessKey, strlen(params->secretAccessKey), + (unsigned char *) signbuf, len, md, &md_len); // Now base-64 encode the results unsigned char b64[((md_len + 1) * 4) / 3]; int b64Len = base64Encode(md, md_len, b64); - // Be sure to release the Message Digest handle - gcry_md_close(mdh); - snprintf(values->authorizationHeader, sizeof(values->authorizationHeader), "Authorization: AWS %s:%.*s", params->accessKeyId, b64Len, b64); |