Source of tls.c - Zabbix

Raw file
Source viewDiff to previous
141.03 KB
/* variable for passing information from callback functions if PSK was found among host PSKs or autoregistration PSK */
 
/*
** Zabbix
** Copyright (C) 2001-2023 Zabbix SIA
**
** This program is free software; you can redistribute it and/or modify
** it under the terms of the GNU General Public License as published by
** the Free Software Foundation; either version 2 of the License, or
** (at your option) any later version.
**
** This program is distributed in the hope that it will be useful,
** but WITHOUT ANY WARRANTY; without even the implied warranty of
** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
** GNU General Public License for more details.
**
** You should have received a copy of the GNU General Public License
** along with this program; if not, write to the Free Software
** Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
**/
​
#include "zbxcomms.h"
#include "tls.h"
​
#include "zbxsysinc.h"
​
#if defined(HAVE_GNUTLS) || defined(HAVE_OPENSSL)
​
#include "zbxthreads.h"
#include "log.h"
#include "zbxcrypto.h"
#include "zbxstr.h"
#include "zbxtime.h"
​
#if defined(HAVE_OPENSSL) && OPENSSL_VERSION_NUMBER < 0x1010000fL || defined(LIBRESSL_VERSION_NUMBER)
/* for OpenSSL 1.0.1/1.0.2 (before 1.1.0) or LibreSSL */
​
/* mutexes for multi-threaded OpenSSL (see "man 3ssl threads" and example in crypto/threads/mttest.c) */
​
#ifdef _WINDOWS
#include "zbxmutexs.h"
​
static zbx_mutex_t  *crypto_mutexes = NULL;
​
static void zbx_openssl_locking_cb(int mode, int n, const char *file, int line)
{
    if (0 != (mode & CRYPTO_LOCK))
        __zbx_mutex_lock(file, line, *(crypto_mutexes + n));
    else
        __zbx_mutex_unlock(file, line, *(crypto_mutexes + n));
}
​
static void zbx_openssl_thread_setup(void)
{
    int i, num_locks;
​
    num_locks = CRYPTO_num_locks();
​
    if (NULL == (crypto_mutexes = zbx_malloc(crypto_mutexes, num_locks * sizeof(zbx_mutex_t))))
    {
        zabbix_log(LOG_LEVEL_CRIT, "cannot allocate mutexes for OpenSSL library");
        exit(EXIT_FAILURE);
    }
​
    zabbix_log(LOG_LEVEL_DEBUG, "%s() creating %d mutexes", __func__, num_locks);
​
    for (i = 0; i < num_locks; i++)
    {
        char    *error = NULL;
​
        if (SUCCEED != zbx_mutex_create(crypto_mutexes + i, NULL, &error))
        {
            zabbix_log(LOG_LEVEL_CRIT, "cannot create mutex #%d for OpenSSL library: %s", i, error);
            zbx_free(error);
            exit(EXIT_FAILURE);
        }
    }
​
    CRYPTO_set_locking_callback((void (*)(int, int, const char *, int))zbx_openssl_locking_cb);
​
    /* do not register our own threadid_func() callback, use OpenSSL default one */
}
​
static void zbx_openssl_thread_cleanup(void)
{
    int i, num_locks;
​
    CRYPTO_set_locking_callback(NULL);
​
    num_locks = CRYPTO_num_locks();
​
    for (i = 0; i < num_locks; i++)
        zbx_mutex_destroy(crypto_mutexes + i);