-
Notifications
You must be signed in to change notification settings - Fork 57
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
chore: Move
OpenSslMutex
into c2pa-crypto (#684)
- Loading branch information
1 parent
fffdd64
commit d2e56f2
Showing
19 changed files
with
194 additions
and
94 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,79 @@ | ||
// Copyright 2024 Adobe. All rights reserved. | ||
// This file is licensed to you under the Apache License, | ||
// Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0) | ||
// or the MIT license (http://opensource.org/licenses/MIT), | ||
// at your option. | ||
|
||
// Unless required by applicable law or agreed to in writing, | ||
// this software is distributed on an "AS IS" BASIS, WITHOUT | ||
// WARRANTIES OR REPRESENTATIONS OF ANY KIND, either express or | ||
// implied. See the LICENSE-MIT and LICENSE-APACHE files for the | ||
// specific language governing permissions and limitations under | ||
// each license. | ||
|
||
use std::{ | ||
error::Error, | ||
fmt, | ||
sync::{Mutex, MutexGuard}, | ||
}; | ||
|
||
static FFI_MUTEX: Mutex<()> = Mutex::new(()); | ||
|
||
/// This mutex must be used by all code that accesses OpenSSL native code since | ||
/// the OpenSSL native code library is not re-entrant. | ||
/// | ||
/// Failure to do so has been observed to lead to unexpected behavior including | ||
/// process crashes. | ||
pub struct OpenSslMutex<'a> { | ||
// The dead code bypass is intentional. We don't need to read the () contents of this guard. We | ||
// only need to ensure that the guard is dropped when this struct is dropped. | ||
#[allow(dead_code)] | ||
guard: MutexGuard<'a, ()>, | ||
} | ||
|
||
impl OpenSslMutex<'_> { | ||
/// Acquire a mutex on OpenSSL FFI code. | ||
/// | ||
/// WARNING: Calling code MUST NOT PANIC inside this function or | ||
/// anything called by it, even in test code. This will poison the FFI mutex | ||
/// and leave OpenSSL unusable for the remainder of the process lifetime. | ||
pub fn acquire() -> Result<Self, OpenSslMutexUnavailable> { | ||
// Useful for debugging. | ||
// eprintln!( | ||
// "ACQUIRING FFI MUTEX at\n{}", | ||
// std::backtrace::Backtrace::force_capture() | ||
// ); | ||
|
||
match FFI_MUTEX.lock() { | ||
Ok(guard) => Ok(Self { guard }), | ||
Err(_) => Err(OpenSslMutexUnavailable {}), | ||
} | ||
} | ||
} | ||
|
||
// Useful for debugging. | ||
// impl<'a> Drop for OpenSslMutex<'a> { | ||
// fn drop(&mut self) { | ||
// eprintln!("Releasing FFI mutex\n\n\n"); | ||
// } | ||
// } | ||
|
||
/// Error returned when unable to acquire the OpenSSL native code mutex. | ||
/// | ||
/// If this occurs, it's likely that a prior invocation of OpenSSL code panicked | ||
/// while holding the mutex. When this happens, the OpenSSL native code mutex is | ||
/// considered poisoned for the remainder of the process lifetime. | ||
/// | ||
/// See [Rustnomicon: Poisoning] for more information. | ||
/// | ||
/// [Rustnomicon: Poisoning]: https://doc.rust-lang.org/nomicon/poisoning.html | ||
#[derive(Debug, Eq, PartialEq)] | ||
pub struct OpenSslMutexUnavailable; | ||
|
||
impl fmt::Display for OpenSslMutexUnavailable { | ||
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { | ||
write!(f, "Unable to acquire OpenSSL native code mutex") | ||
} | ||
} | ||
|
||
impl Error for OpenSslMutexUnavailable {} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
// Copyright 2022 Adobe. All rights reserved. | ||
// This file is licensed to you under the Apache License, | ||
// Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0) | ||
// or the MIT license (http://opensource.org/licenses/MIT), | ||
// at your option. | ||
|
||
// Unless required by applicable law or agreed to in writing, | ||
// this software is distributed on an "AS IS" BASIS, WITHOUT | ||
// WARRANTIES OR REPRESENTATIONS OF ANY KIND, either express or | ||
// implied. See the LICENSE-MIT and LICENSE-APACHE files for the | ||
// specific language governing permissions and limitations under | ||
// each license. | ||
|
||
//! This module provides functions for working with the [`openssl` native code | ||
//! library]. | ||
//! | ||
//! It is only available if the `openssl` feature is enabled. | ||
//! | ||
//! [`openssl` native code library]: https://crates.io/crates/openssl | ||
|
||
mod ffi_mutex; | ||
pub use ffi_mutex::{OpenSslMutex, OpenSslMutexUnavailable}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
// Copyright 2024 Adobe. All rights reserved. | ||
// This file is licensed to you under the Apache License, | ||
// Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0) | ||
// or the MIT license (http://opensource.org/licenses/MIT), | ||
// at your option. | ||
|
||
// Unless required by applicable law or agreed to in writing, | ||
// this software is distributed on an "AS IS" BASIS, WITHOUT | ||
// WARRANTIES OR REPRESENTATIONS OF ANY KIND, either express or | ||
// implied. See the LICENSE-MIT and LICENSE-APACHE files for the | ||
// specific language governing permissions and limitations under | ||
// each license. | ||
|
||
use crate::openssl::OpenSslMutexUnavailable; | ||
|
||
#[test] | ||
fn impl_display() { | ||
let err = OpenSslMutexUnavailable {}; | ||
assert_eq!( | ||
err.to_string(), | ||
"Unable to acquire OpenSSL native code mutex" | ||
); | ||
} | ||
|
||
#[test] | ||
fn impl_debug() { | ||
let err = OpenSslMutexUnavailable {}; | ||
assert_eq!(format!("{err:?}"), "OpenSslMutexUnavailable"); | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
// Copyright 2024 Adobe. All rights reserved. | ||
// This file is licensed to you under the Apache License, | ||
// Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0) | ||
// or the MIT license (http://opensource.org/licenses/MIT), | ||
// at your option. | ||
|
||
// Unless required by applicable law or agreed to in writing, | ||
// this software is distributed on an "AS IS" BASIS, WITHOUT | ||
// WARRANTIES OR REPRESENTATIONS OF ANY KIND, either express or | ||
// implied. See the LICENSE-MIT and LICENSE-APACHE files for the | ||
// specific language governing permissions and limitations under | ||
// each license. | ||
|
||
mod ffi_mutex; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.