diff options
author | Peter Hartmann <peter.hartmann@nokia.com> | 2010-07-09 08:11:13 (GMT) |
---|---|---|
committer | Peter Hartmann <peter.hartmann@nokia.com> | 2010-07-09 11:41:41 (GMT) |
commit | 230ab8adb281aabc2d0ebf41ade5f2ec7f11e020 (patch) | |
tree | 63892d5be891d137af9fdd9c7a6e46be5d68800c /src/network | |
parent | ad0e8a48eade0b2cdcf10a68f36d911784ff03ab (diff) | |
download | Qt-230ab8adb281aabc2d0ebf41ade5f2ec7f11e020.zip Qt-230ab8adb281aabc2d0ebf41ade5f2ec7f11e020.tar.gz Qt-230ab8adb281aabc2d0ebf41ade5f2ec7f11e020.tar.bz2 |
Revert "SSL backend: load libraries for certificates only once"
This reverts commit f2187e31de13a6ab8631a9067487dab555f7c2e7.
Reviewed-by: Markus Goetz
Diffstat (limited to 'src/network')
-rw-r--r-- | src/network/ssl/qsslsocket.cpp | 6 | ||||
-rw-r--r-- | src/network/ssl/qsslsocket_openssl.cpp | 42 | ||||
-rw-r--r-- | src/network/ssl/qsslsocket_p.h | 11 |
3 files changed, 29 insertions, 30 deletions
diff --git a/src/network/ssl/qsslsocket.cpp b/src/network/ssl/qsslsocket.cpp index 809e8aa..f85fa84 100644 --- a/src/network/ssl/qsslsocket.cpp +++ b/src/network/ssl/qsslsocket.cpp @@ -1849,7 +1849,7 @@ QList<QSslCipher> QSslSocketPrivate::defaultCiphers() */ QList<QSslCipher> QSslSocketPrivate::supportedCiphers() { - QSslSocketPrivate::ensureCertsAndCiphersLoaded(); + QSslSocketPrivate::ensureInitialized(); QMutexLocker locker(&globalData()->mutex); return globalData()->supportedCiphers; } @@ -1879,7 +1879,7 @@ void QSslSocketPrivate::setDefaultSupportedCiphers(const QList<QSslCipher> &ciph */ QList<QSslCertificate> QSslSocketPrivate::defaultCaCertificates() { - QSslSocketPrivate::ensureCertsAndCiphersLoaded(); + QSslSocketPrivate::ensureInitialized(); QMutexLocker locker(&globalData()->mutex); return globalData()->config->caCertificates; } @@ -1962,7 +1962,7 @@ void QSslConfigurationPrivate::setDefaultConfiguration(const QSslConfiguration & */ void QSslConfigurationPrivate::deepCopyDefaultConfiguration(QSslConfigurationPrivate *ptr) { - QSslSocketPrivate::ensureCertsAndCiphersLoaded(); + QSslSocketPrivate::ensureInitialized(); QMutexLocker locker(&globalData()->mutex); const QSslConfigurationPrivate *global = globalData()->config.constData(); diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp index b602b29..d7088ee 100644 --- a/src/network/ssl/qsslsocket_openssl.cpp +++ b/src/network/ssl/qsslsocket_openssl.cpp @@ -74,9 +74,8 @@ QT_BEGIN_NAMESPACE -bool QSslSocketPrivate::s_initialized = false; -QBasicAtomicInt QSslSocketPrivate::s_CertsAndCiphersLoaded; -Q_GLOBAL_STATIC(QMutex, s_CertsAndCiphersLoadedMutex); +bool QSslSocketPrivate::s_libraryLoaded = false; +bool QSslSocketPrivate::s_loadedCiphersAndCerts = false; // Useful defines #define SSL_ERRORSTR() QString::fromLocal8Bit(q_ERR_error_string(q_ERR_get_error(), NULL)) @@ -171,7 +170,7 @@ QSslSocketBackendPrivate::QSslSocketBackendPrivate() session(0) { // Calls SSL_library_init(). - ensureCertsAndCiphersLoaded(); + ensureInitialized(); } QSslSocketBackendPrivate::~QSslSocketBackendPrivate() @@ -422,18 +421,18 @@ void QSslSocketPrivate::deinitialize() bool QSslSocketPrivate::supportsSsl() { - return ensureInitialized(); + return ensureLibraryLoaded(); } -bool QSslSocketPrivate::ensureInitialized() +bool QSslSocketPrivate::ensureLibraryLoaded() { if (!q_resolveOpenSslSymbols()) return false; // Check if the library itself needs to be initialized. QMutexLocker locker(openssl_locks()->initLock()); - if (!s_initialized) { - s_initialized = true; + if (!s_libraryLoaded) { + s_libraryLoaded = true; // Initialize OpenSSL. q_CRYPTO_set_id_callback(id_function); @@ -474,6 +473,16 @@ bool QSslSocketPrivate::ensureInitialized() return true; } +void QSslSocketPrivate::ensureCiphersAndCertsLoaded() +{ + if (s_loadedCiphersAndCerts) + return; + s_loadedCiphersAndCerts = true; + + resetDefaultCiphers(); + setDefaultCaCertificates(systemCaCertificates()); +} + /*! \internal @@ -481,18 +490,13 @@ bool QSslSocketPrivate::ensureInitialized() been initialized. */ -void QSslSocketPrivate::ensureCertsAndCiphersLoaded() +void QSslSocketPrivate::ensureInitialized() { - // use double-checked locking to speed up this function - if (s_CertsAndCiphersLoaded) + if (!supportsSsl()) return; - QMutexLocker locker(s_CertsAndCiphersLoadedMutex()); - if (s_CertsAndCiphersLoaded) - return; + ensureCiphersAndCertsLoaded(); - if (!supportsSsl()) - return; //load symbols needed to receive certificates from system store #if defined(Q_OS_MAC) QLibrary securityLib("/System/Library/Frameworks/Security.framework/Versions/Current/Security"); @@ -528,12 +532,6 @@ void QSslSocketPrivate::ensureCertsAndCiphersLoaded() qWarning("could not load crypt32 library"); // should never happen } #endif - resetDefaultCiphers(); - setDefaultCaCertificates(systemCaCertificates()); - // we need to make sure that s_CertsAndCiphersLoaded is executed after the library loading above - // (the compiler/processor might reorder instructions otherwise) - if (!s_CertsAndCiphersLoaded.testAndSetRelease(0, 1)) - Q_ASSERT_X(false, "certificate store", "certificate store has already been initialized!"); } /*! diff --git a/src/network/ssl/qsslsocket_p.h b/src/network/ssl/qsslsocket_p.h index b474175..72b3ef7 100644 --- a/src/network/ssl/qsslsocket_p.h +++ b/src/network/ssl/qsslsocket_p.h @@ -63,7 +63,6 @@ #include <QtCore/qstringlist.h> #include <private/qringbuffer_p.h> -#include <QtCore/QMutex> QT_BEGIN_NAMESPACE @@ -114,8 +113,7 @@ public: QString verificationPeerName; static bool supportsSsl(); - static bool ensureInitialized(); - static void ensureCertsAndCiphersLoaded(); + static void ensureInitialized(); static void deinitialize(); static QList<QSslCipher> defaultCiphers(); static QList<QSslCipher> supportedCiphers(); @@ -163,8 +161,11 @@ public: virtual QSslCipher sessionCipher() const = 0; private: - static bool s_initialized; - static QBasicAtomicInt s_CertsAndCiphersLoaded; + static bool ensureLibraryLoaded(); + static void ensureCiphersAndCertsLoaded(); + + static bool s_libraryLoaded; + static bool s_loadedCiphersAndCerts; }; QT_END_NAMESPACE |