diff options
| author | sergey.galtsev <sergey.galtsev@mongodb.com> | 2021-10-11 15:22:53 +0000 |
|---|---|---|
| committer | Evergreen Agent <no-reply@evergreen.mongodb.com> | 2021-10-11 15:56:49 +0000 |
| commit | 425083c4a584b6d321ec692eab66927ee564357c (patch) | |
| tree | 9835eff2dd31865b78cdfa9bed4c44e1818f1469 /src/mongo/util | |
| parent | 9c72ff10477f6e4bbb01690aa40998bd28ad814e (diff) | |
| download | mongo-425083c4a584b6d321ec692eab66927ee564357c.tar.gz | |
SERVER-60503 refactor SSLThreadInfo for easier debugging
Diffstat (limited to 'src/mongo/util')
| -rw-r--r-- | src/mongo/util/net/openssl_init.cpp | 29 |
1 files changed, 14 insertions, 15 deletions
diff --git a/src/mongo/util/net/openssl_init.cpp b/src/mongo/util/net/openssl_init.cpp index 2259b47a924..6b81a326618 100644 --- a/src/mongo/util/net/openssl_init.cpp +++ b/src/mongo/util/net/openssl_init.cpp @@ -83,34 +83,31 @@ public: } static void lockingCallback(int mode, int type, const char* file, int line) { + const auto m = mutexes.at(type).get(); if (mode & CRYPTO_LOCK) { - mutexes()[type]->lock(); + m->lock(); } else { - mutexes()[type]->unlock(); + m->unlock(); } } static void init() { + while ((int)mutexes.size() < CRYPTO_num_locks()) { + mutexes.emplace_back(std::make_unique<stdx::recursive_mutex>()); + } + CRYPTO_set_id_callback(&SSLThreadInfo::getID); CRYPTO_set_locking_callback(&SSLThreadInfo::lockingCallback); - - while ((int)mutexes().size() < CRYPTO_num_locks()) { - mutexes().emplace_back(std::make_unique<stdx::recursive_mutex>()); - } } private: SSLThreadInfo() = delete; - // Note: see SERVER-8734 for why we are using a recursive mutex here. - // Once the deadlock fix in OpenSSL is incorporated into most distros of - // Linux, this can be changed back to a nonrecursive mutex. - static std::vector<std::unique_ptr<stdx::recursive_mutex>>& mutexes() { - // Keep the static as a pointer to avoid it ever to be destroyed. It is referenced in the - // CallErrRemoveState thread local above. - static auto m = new std::vector<std::unique_ptr<stdx::recursive_mutex>>(); - return *m; - } + // History: see SERVER-8734 for why we are using a recursive mutex here. + // Original plan was to revert to regular mutex when OpenSSL fixes the deadock. + // Deadlock was fixed in OpenSSL 0.9.8y, however OpenSSL 1.1.1 and later + // started to use internal locking, so there is no longer a need to revert. + static std::vector<std::unique_ptr<stdx::recursive_mutex>> mutexes; class ThreadIDManager { public: @@ -144,6 +141,8 @@ private: } }; +std::vector<std::unique_ptr<stdx::recursive_mutex>> SSLThreadInfo::mutexes; + void setupFIPS() { // Turn on FIPS mode if requested, OPENSSL_FIPS must be defined by the OpenSSL headers #if defined(MONGO_CONFIG_HAVE_FIPS_MODE_SET) |