Revert "SSL backend: load libraries for certificates only once"

This reverts commit f2187e31de13a6ab8631a9067487dab555f7c2e7.

Reviewed-by: Markus Goetz

3 files changed, 29 insertions, 30 deletions

diff --git a/src/network/ssl/qsslsocket.cpp b/src/network/ssl/qsslsocket.cpp
index 809e8aa..f85fa84 100644
--- a/src/network/ssl/qsslsocket.cpp
+++ b/src/network/ssl/qsslsocket.cpp
@@ -1849,7 +1849,7 @@ QList<QSslCipher> QSslSocketPrivate::defaultCiphers()
 */
 QList<QSslCipher> QSslSocketPrivate::supportedCiphers()
 {
-    QSslSocketPrivate::ensureCertsAndCiphersLoaded();
+    QSslSocketPrivate::ensureInitialized();
     QMutexLocker locker(&globalData()->mutex);
     return globalData()->supportedCiphers;
 }
@@ -1879,7 +1879,7 @@ void QSslSocketPrivate::setDefaultSupportedCiphers(const QList<QSslCipher> &ciph
 */
 QList<QSslCertificate> QSslSocketPrivate::defaultCaCertificates()
 {
-    QSslSocketPrivate::ensureCertsAndCiphersLoaded();
+    QSslSocketPrivate::ensureInitialized();
     QMutexLocker locker(&globalData()->mutex);
     return globalData()->config->caCertificates;
 }
@@ -1962,7 +1962,7 @@ void QSslConfigurationPrivate::setDefaultConfiguration(const QSslConfiguration &
 */
 void QSslConfigurationPrivate::deepCopyDefaultConfiguration(QSslConfigurationPrivate *ptr)
 {
-    QSslSocketPrivate::ensureCertsAndCiphersLoaded();
+    QSslSocketPrivate::ensureInitialized();
     QMutexLocker locker(&globalData()->mutex);
     const QSslConfigurationPrivate *global = globalData()->config.constData();
 
diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp
index b602b29..d7088ee 100644
--- a/src/network/ssl/qsslsocket_openssl.cpp
+++ b/src/network/ssl/qsslsocket_openssl.cpp
@@ -74,9 +74,8 @@
 
 QT_BEGIN_NAMESPACE
 
-bool QSslSocketPrivate::s_initialized = false;
-QBasicAtomicInt QSslSocketPrivate::s_CertsAndCiphersLoaded;
-Q_GLOBAL_STATIC(QMutex, s_CertsAndCiphersLoadedMutex);
+bool QSslSocketPrivate::s_libraryLoaded = false;
+bool QSslSocketPrivate::s_loadedCiphersAndCerts = false;
 
 // Useful defines
 #define SSL_ERRORSTR() QString::fromLocal8Bit(q_ERR_error_string(q_ERR_get_error(), NULL))
@@ -171,7 +170,7 @@ QSslSocketBackendPrivate::QSslSocketBackendPrivate()
       session(0)
 {
     // Calls SSL_library_init().
-    ensureCertsAndCiphersLoaded();
+    ensureInitialized();
 }
 
 QSslSocketBackendPrivate::~QSslSocketBackendPrivate()
@@ -422,18 +421,18 @@ void QSslSocketPrivate::deinitialize()
 
 bool QSslSocketPrivate::supportsSsl()
 {
-    return ensureInitialized();
+    return ensureLibraryLoaded();
 }
 
-bool QSslSocketPrivate::ensureInitialized()
+bool QSslSocketPrivate::ensureLibraryLoaded()
 {
     if (!q_resolveOpenSslSymbols())
         return false;
 
     // Check if the library itself needs to be initialized.
     QMutexLocker locker(openssl_locks()->initLock());
-    if (!s_initialized) {
-        s_initialized = true;
+    if (!s_libraryLoaded) {
+        s_libraryLoaded = true;
 
         // Initialize OpenSSL.
         q_CRYPTO_set_id_callback(id_function);
@@ -474,6 +473,16 @@ bool QSslSocketPrivate::ensureInitialized()
     return true;
 }
 
+void QSslSocketPrivate::ensureCiphersAndCertsLoaded()
+{
+    if (s_loadedCiphersAndCerts)
+        return;
+    s_loadedCiphersAndCerts = true;
+
+    resetDefaultCiphers();
+    setDefaultCaCertificates(systemCaCertificates());
+}
+
 /*!
     \internal
 
@@ -481,18 +490,13 @@ bool QSslSocketPrivate::ensureInitialized()
     been initialized.
 */
 
-void QSslSocketPrivate::ensureCertsAndCiphersLoaded()
+void QSslSocketPrivate::ensureInitialized()
 {
-    // use double-checked locking to speed up this function
-    if (s_CertsAndCiphersLoaded)
+    if (!supportsSsl())
         return;
 
-    QMutexLocker locker(s_CertsAndCiphersLoadedMutex());
-    if (s_CertsAndCiphersLoaded)
-        return;
+    ensureCiphersAndCertsLoaded();
 
-    if (!supportsSsl())
-        return;
     //load symbols needed to receive certificates from system store
 #if defined(Q_OS_MAC)
     QLibrary securityLib("/System/Library/Frameworks/Security.framework/Versions/Current/Security");
@@ -528,12 +532,6 @@ void QSslSocketPrivate::ensureCertsAndCiphersLoaded()
         qWarning("could not load crypt32 library"); // should never happen
     }
 #endif
-    resetDefaultCiphers();
-    setDefaultCaCertificates(systemCaCertificates());
-    // we need to make sure that s_CertsAndCiphersLoaded is executed after the library loading above
-    // (the compiler/processor might reorder instructions otherwise)
-    if (!s_CertsAndCiphersLoaded.testAndSetRelease(0, 1))
-        Q_ASSERT_X(false, "certificate store", "certificate store has already been initialized!");
 }
 
 /*!
diff --git a/src/network/ssl/qsslsocket_p.h b/src/network/ssl/qsslsocket_p.h
index b474175..72b3ef7 100644
--- a/src/network/ssl/qsslsocket_p.h
+++ b/src/network/ssl/qsslsocket_p.h
@@ -63,7 +63,6 @@
 #include <QtCore/qstringlist.h>
 
 #include <private/qringbuffer_p.h>
-#include <QtCore/QMutex>
 
 QT_BEGIN_NAMESPACE
 
@@ -114,8 +113,7 @@ public:
     QString verificationPeerName;
 
     static bool supportsSsl();
-    static bool ensureInitialized();
-    static void ensureCertsAndCiphersLoaded();
+    static void ensureInitialized();
     static void deinitialize();
     static QList<QSslCipher> defaultCiphers();
     static QList<QSslCipher> supportedCiphers();
@@ -163,8 +161,11 @@ public:
     virtual QSslCipher sessionCipher() const = 0;
 
 private:
-    static bool s_initialized;
-    static QBasicAtomicInt s_CertsAndCiphersLoaded;
+    static bool ensureLibraryLoaded();
+    static void ensureCiphersAndCertsLoaded();
+
+    static bool s_libraryLoaded;
+    static bool s_loadedCiphersAndCerts;
 };
 
 QT_END_NAMESPACE