Module: sip-router Branch: master Commit: 208934d47ac1585d42029234267bcceab40ae218 URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=208934d… Author: Daniel-Constantin Mierla &lt;miconda(a)gmail.com&gt; Committer: Daniel-Constantin Mierla &lt;miconda(a)gmail.com&gt; Date: Tue Jan 7 00:10:34 2014 +0100 tls: the pointer of cfg structure - synchronize when updating the list of tls configs and their reference count - with parts from patch by Ding Ma, FS#380, contributed under BSD license --- modules/tls/tls_cfg.c | 3 ++- modules/tls/tls_cfg.h | 3 ++- modules/tls/tls_domain.c | 3 ++- modules/tls/tls_domain.h | 3 ++- modules/tls/tls_mod.c | 3 ++- modules/tls/tls_rpc.c | 10 +++++++++- modules/tls/tls_server.c | 11 +++++------ modules/tls/tls_util.c | 14 +++++++++----- 8 files changed, 33 insertions(+), 17 deletions(-) diff --git a/modules/tls/tls_cfg.c b/modules/tls/tls_cfg.c index c92f742..fbf3ab3 100644 --- a/modules/tls/tls_cfg.c +++ b/modules/tls/tls_cfg.c @@ -2,6 +2,7 @@ * TLS module * * Copyright (C) 2010 iptelorg GmbH + * Copyright (C) 2013 Motorola Solutions, Inc. * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -76,7 +77,7 @@ struct cfg_group_tls default_tls_cfg = { 0 /* send_close_notify (off by default)*/ }; -void* tls_cfg = &default_tls_cfg; +volatile void* tls_cfg = &default_tls_cfg; /* if *to<0 to=default_val, else if to>max_val to=max_val */ diff --git a/modules/tls/tls_cfg.h b/modules/tls/tls_cfg.h index f7a4c4e..4aeb5f5 100644 --- a/modules/tls/tls_cfg.h +++ b/modules/tls/tls_cfg.h @@ -2,6 +2,7 @@ * TLS module * * Copyright (C) 2010 iptelorg GmbH + * Copyright (C) 2013 Motorola Solutions, Inc. * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -101,7 +102,7 @@ struct cfg_group_tls { extern struct cfg_group_tls default_tls_cfg; -extern void* tls_cfg; +extern volatile void* tls_cfg; extern cfg_def_t tls_cfg_def[]; diff --git a/modules/tls/tls_domain.c b/modules/tls/tls_domain.c index b8362f4..b832c63 100644 --- a/modules/tls/tls_domain.c +++ b/modules/tls/tls_domain.c @@ -2,6 +2,7 @@ * TLS module * * Copyright (C) 2005,2006 iptelorg GmbH + * Copyright (C) 2013 Motorola Solutions, Inc. * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -23,7 +24,6 @@ * Module: @ref tls */ - #include <stdlib.h> #include <openssl/ssl.h> #include <openssl/opensslv.h> @@ -119,6 +119,7 @@ void tls_free_cfg(tls_domains_cfg_t* cfg) } if (cfg->srv_default) tls_free_domain(cfg->srv_default); if (cfg->cli_default) tls_free_domain(cfg->cli_default); + shm_free(cfg); } diff --git a/modules/tls/tls_domain.h b/modules/tls/tls_domain.h index 15652bc..38c5087 100644 --- a/modules/tls/tls_domain.h +++ b/modules/tls/tls_domain.h @@ -2,6 +2,7 @@ * TLS module * * Copyright (C) 2005,2006 iptelorg GmbH + * Copyright (C) 2013 Motorola Solutions, Inc. * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -99,7 +100,7 @@ typedef struct tls_domains_cfg { tls_domain_t* srv_list; /**< Server domain list */ tls_domain_t* cli_list; /**< Client domain list */ struct tls_domains_cfg* next; /**< Next element in the garbage list */ - int ref_count; /**< How many connections use this configuration */ + volatile int ref_count; /**< How many connections use this configuration */ } tls_domains_cfg_t; diff --git a/modules/tls/tls_mod.c b/modules/tls/tls_mod.c index d8e30b3..b206bf6 100644 --- a/modules/tls/tls_mod.c +++ b/modules/tls/tls_mod.c @@ -2,6 +2,7 @@ * TLS module * * Copyright (C) 2007 iptelorg GmbH + * Copyright (C) Motorola Solutions, Inc. * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -278,7 +279,7 @@ static int mod_init(void) } /* declare configuration */ if (cfg_declare("tls", tls_cfg_def, &default_tls_cfg, - cfg_sizeof(tls), &tls_cfg)) { + cfg_sizeof(tls), (void **)&tls_cfg)) { ERR("failed to register the configuration\n"); return -1; } diff --git a/modules/tls/tls_rpc.c b/modules/tls/tls_rpc.c index 458a215..c7c994d 100644 --- a/modules/tls/tls_rpc.c +++ b/modules/tls/tls_rpc.c @@ -2,6 +2,7 @@ * TLS module - management interface * * Copyright (C) 2005 iptelorg GmbH + * Copyright (C) 2013 Motorola Solutions, Inc. * * This file is part of sip-router, a free SIP server. * @@ -56,10 +57,11 @@ static void tls_reload(rpc_t* rpc, void* ctx) return; } - /* Try to delete old configurations first */ + /* Try to delete old configurations first */ collect_garbage(); cfg = tls_load_config(&tls_domains_cfg_file); + if (!cfg) { rpc->fault(ctx, 500, "Error while loading TLS configuration file" " (consult server log)"); @@ -78,8 +80,14 @@ static void tls_reload(rpc_t* rpc, void* ctx) } DBG("TLS configuration successfuly loaded"); + + lock_get(tls_domains_cfg_lock); + cfg->next = (*tls_domains_cfg); *tls_domains_cfg = cfg; + + lock_release(tls_domains_cfg_lock); + return; error: diff --git a/modules/tls/tls_server.c b/modules/tls/tls_server.c index 4b8db14..cfd09c4 100644 --- a/modules/tls/tls_server.c +++ b/modules/tls/tls_server.c @@ -2,6 +2,7 @@ * TLS module - main server part * * Copyright (C) 2005-2010 iptelorg GmbH + * Copyright (C) 2013 Motorola Solutions, Inc. * * This file is part of SIP-router, a free SIP server. * @@ -148,13 +149,10 @@ static int tls_complete_init(struct tcp_connection* c) goto error2; } /* Get current TLS configuration and increase reference - * count immediately. There is no need to lock the structure - * here, because it does not get deleted immediately. When - * SER reloads TLS configuration it will put the old configuration - * on a garbage queue and delete it later, so we know here that - * the pointer we get from *tls_domains_cfg will be valid for a while, - * at least by the time this function finishes + * count immediately. */ + + lock_get(tls_domains_cfg_lock); cfg = *tls_domains_cfg; /* Increment the reference count in the configuration structure, this @@ -162,6 +160,7 @@ static int tls_complete_init(struct tcp_connection* c) * not get deleted if there are still connection referencing its SSL_CTX */ cfg->ref_count++; + lock_release(tls_domains_cfg_lock); if (c->flags & F_CONN_PASSIVE) { state=S_TLS_ACCEPTING; diff --git a/modules/tls/tls_util.c b/modules/tls/tls_util.c index d8ffba2..88416a1 100644 --- a/modules/tls/tls_util.c +++ b/modules/tls/tls_util.c @@ -2,6 +2,7 @@ * TLS module * * Copyright (C) 2005 iptelorg GmbH + * Copyright (C) 2013 Motorola Solutions, Inc. * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -16,6 +17,7 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + #define _GNU_SOURCE 1 /* Needed for strndup */ #include <string.h> @@ -66,7 +68,7 @@ int shm_asciiz_dup(char** dest, char* val) */ void collect_garbage(void) { - tls_domains_cfg_t* prev, *cur; + tls_domains_cfg_t *prev, *cur, *next; /* Make sure we do not run two garbage collectors * at the same time @@ -80,14 +82,16 @@ void collect_garbage(void) cur = (*tls_domains_cfg)->next; while(cur) { + next = cur->next; if (cur->ref_count == 0) { - /* Not referenced by any existing connection */ + /* Not referenced by any existing connection */ prev->next = cur->next; tls_free_cfg(cur); + } else { + /* Only update prev if we didn't remove cur */ + prev = cur; } - - prev = cur; - cur = cur->next; + cur = next; } lock_release(tls_domains_cfg_lock);