GUAC-1171: Move initialization of SSH, OpenSSL, etc. to common SSH base.
This commit is contained in:
parent
cc6a56234c
commit
fbcf8a1e0d
@ -26,8 +26,108 @@
|
|||||||
#include <guacamole/object.h>
|
#include <guacamole/object.h>
|
||||||
#include <libssh2.h>
|
#include <libssh2.h>
|
||||||
|
|
||||||
void guac_common_ssh_init() {
|
#ifdef LIBSSH2_USES_GCRYPT
|
||||||
/* STUB */
|
#include <gcrypt.h>
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/ssl.h>
|
||||||
|
|
||||||
|
#include <pthread.h>
|
||||||
|
|
||||||
|
#ifdef LIBSSH2_USES_GCRYPT
|
||||||
|
GCRY_THREAD_OPTION_PTHREAD_IMPL;
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Array of mutexes, used by OpenSSL.
|
||||||
|
*/
|
||||||
|
static pthread_mutex_t* guac_common_ssh_openssl_locks;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Called by OpenSSL when locking or unlocking the Nth mutex.
|
||||||
|
*/
|
||||||
|
static void guac_common_ssh_openssl_locking_callback(int mode, int n,
|
||||||
|
const char* file, int line){
|
||||||
|
|
||||||
|
/* Lock given mutex upon request */
|
||||||
|
if (mode & CRYPTO_LOCK)
|
||||||
|
pthread_mutex_lock(&(guac_common_ssh_openssl_locks[n]));
|
||||||
|
|
||||||
|
/* Unlock given mutex upon request */
|
||||||
|
else if (mode & CRYPTO_UNLOCK)
|
||||||
|
pthread_mutex_unlock(&(guac_common_ssh_openssl_locks[n]));
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Called by OpenSSL when determining the current thread ID.
|
||||||
|
*/
|
||||||
|
static unsigned long guac_common_ssh_openssl_id_callback() {
|
||||||
|
return (unsigned long) pthread_self();
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Creates the given number of mutexes, such that OpenSSL will have at least
|
||||||
|
* this number of mutexes at its disposal.
|
||||||
|
*/
|
||||||
|
static void guac_common_ssh_openssl_init_locks(int count) {
|
||||||
|
|
||||||
|
int i;
|
||||||
|
|
||||||
|
/* Allocate required number of locks */
|
||||||
|
guac_common_ssh_openssl_locks =
|
||||||
|
malloc(sizeof(pthread_mutex_t) * CRYPTO_num_locks());
|
||||||
|
|
||||||
|
/* Initialize each lock */
|
||||||
|
for (i=0; i < count; i++)
|
||||||
|
pthread_mutex_init(&(guac_common_ssh_openssl_locks[i]), NULL);
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Frees the given number of mutexes.
|
||||||
|
*/
|
||||||
|
static void guac_common_ssh_openssl_free_locks(int count) {
|
||||||
|
|
||||||
|
int i;
|
||||||
|
|
||||||
|
/* Free all locks */
|
||||||
|
for (i=0; i < count; i++)
|
||||||
|
pthread_mutex_destroy(&(guac_common_ssh_openssl_locks[i]));
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
int guac_common_ssh_init(guac_client* client) {
|
||||||
|
|
||||||
|
#ifdef LIBSSH2_USES_GCRYPT
|
||||||
|
/* Init threadsafety in libgcrypt */
|
||||||
|
gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
|
||||||
|
if (!gcry_check_version(GCRYPT_VERSION)) {
|
||||||
|
guac_client_log(client, GUAC_LOG_ERROR, "libgcrypt version mismatch.");
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* Init threadsafety in OpenSSL */
|
||||||
|
guac_common_ssh_openssl_init_locks(CRYPTO_num_locks());
|
||||||
|
CRYPTO_set_id_callback(guac_common_ssh_openssl_id_callback);
|
||||||
|
CRYPTO_set_locking_callback(guac_common_ssh_openssl_locking_callback);
|
||||||
|
|
||||||
|
/* Init OpenSSL */
|
||||||
|
SSL_library_init();
|
||||||
|
ERR_load_crypto_strings();
|
||||||
|
|
||||||
|
/* Init libssh2 */
|
||||||
|
libssh2_init(0);
|
||||||
|
|
||||||
|
/* Success */
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
void guac_common_ssh_uninit() {
|
||||||
|
guac_common_ssh_openssl_free_locks(CRYPTO_num_locks());
|
||||||
}
|
}
|
||||||
|
|
||||||
LIBSSH2_SESSION* guac_common_ssh_connect_password(const char* hostname,
|
LIBSSH2_SESSION* guac_common_ssh_connect_password(const char* hostname,
|
||||||
|
@ -31,8 +31,21 @@
|
|||||||
* Initializes the underlying SSH and encryption libraries used by Guacamole.
|
* Initializes the underlying SSH and encryption libraries used by Guacamole.
|
||||||
* This function must be called before any other guac_common_ssh_*() functions
|
* This function must be called before any other guac_common_ssh_*() functions
|
||||||
* are called.
|
* are called.
|
||||||
|
*
|
||||||
|
* @param client
|
||||||
|
* The Guacamole client that will be using SSH.
|
||||||
|
*
|
||||||
|
* @return
|
||||||
|
* Zero if initialization, or non-zero if an error occurs.
|
||||||
*/
|
*/
|
||||||
void guac_common_ssh_init();
|
int guac_common_ssh_init(guac_client* client);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Cleans up the underlying SSH and encryption libraries used by Guacamole.
|
||||||
|
* This function must be called once no other guac_common_ssh_*() functions
|
||||||
|
* will be used.
|
||||||
|
*/
|
||||||
|
void guac_common_ssh_uninit();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Connects to the SSH server running at the given hostname and port using the
|
* Connects to the SSH server running at the given hostname and port using the
|
||||||
|
@ -23,6 +23,7 @@
|
|||||||
#include "config.h"
|
#include "config.h"
|
||||||
|
|
||||||
#include "client.h"
|
#include "client.h"
|
||||||
|
#include "guac_ssh.h"
|
||||||
#include "sftp.h"
|
#include "sftp.h"
|
||||||
#include "ssh_key.h"
|
#include "ssh_key.h"
|
||||||
#include "terminal.h"
|
#include "terminal.h"
|
||||||
@ -270,59 +271,6 @@ static LIBSSH2_SESSION* __guac_ssh_create_session(guac_client* client,
|
|||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef LIBSSH2_USES_GCRYPT
|
|
||||||
GCRY_THREAD_OPTION_PTHREAD_IMPL;
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Array of mutexes, used by OpenSSL.
|
|
||||||
*/
|
|
||||||
static pthread_mutex_t* __openssl_locks;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Called by OpenSSL when locking or unlocking the Nth mutex.
|
|
||||||
*/
|
|
||||||
static void __openssl_locking_callback(int mode, int n, const char* file, int line){
|
|
||||||
if (mode & CRYPTO_LOCK)
|
|
||||||
pthread_mutex_lock(&(__openssl_locks[n]));
|
|
||||||
else if (mode & CRYPTO_UNLOCK)
|
|
||||||
pthread_mutex_unlock(&(__openssl_locks[n]));
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Called by OpenSSL when determining the current thread ID.
|
|
||||||
*/
|
|
||||||
static unsigned long __openssl_id_callback() {
|
|
||||||
return (unsigned long) pthread_self();
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Creates the given number of mutexes, such that OpenSSL will have at least
|
|
||||||
* this number of mutexes at its disposal.
|
|
||||||
*/
|
|
||||||
static void __openssl_init_locks(int count) {
|
|
||||||
|
|
||||||
int i;
|
|
||||||
|
|
||||||
__openssl_locks = malloc(sizeof(pthread_mutex_t) * CRYPTO_num_locks());
|
|
||||||
|
|
||||||
for (i=0; i<count; i++)
|
|
||||||
pthread_mutex_init(&(__openssl_locks[i]), NULL);
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Frees the given number of mutexes.
|
|
||||||
*/
|
|
||||||
static void __openssl_free_locks(int count) {
|
|
||||||
|
|
||||||
int i;
|
|
||||||
|
|
||||||
for (i=0; i<count; i++)
|
|
||||||
pthread_mutex_destroy(&(__openssl_locks[i]));
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
void* ssh_client_thread(void* data) {
|
void* ssh_client_thread(void* data) {
|
||||||
|
|
||||||
guac_client* client = (guac_client*) data;
|
guac_client* client = (guac_client*) data;
|
||||||
@ -338,24 +286,9 @@ void* ssh_client_thread(void* data) {
|
|||||||
|
|
||||||
pthread_t input_thread;
|
pthread_t input_thread;
|
||||||
|
|
||||||
#ifdef LIBSSH2_USES_GCRYPT
|
/* Init SSH base libraries */
|
||||||
/* Init threadsafety in libgcrypt */
|
if (guac_common_ssh_init(client))
|
||||||
gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
|
|
||||||
if (!gcry_check_version(GCRYPT_VERSION)) {
|
|
||||||
guac_client_log(client, GUAC_LOG_ERROR, "libgcrypt version mismatch.");
|
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* Init threadsafety in OpenSSL */
|
|
||||||
__openssl_init_locks(CRYPTO_num_locks());
|
|
||||||
CRYPTO_set_id_callback(__openssl_id_callback);
|
|
||||||
CRYPTO_set_locking_callback(__openssl_locking_callback);
|
|
||||||
|
|
||||||
/* Init OpenSSL */
|
|
||||||
SSL_library_init();
|
|
||||||
ERR_load_crypto_strings();
|
|
||||||
libssh2_init(0);
|
|
||||||
|
|
||||||
/* Get username */
|
/* Get username */
|
||||||
if (client_data->username[0] == 0)
|
if (client_data->username[0] == 0)
|
||||||
@ -574,8 +507,8 @@ void* ssh_client_thread(void* data) {
|
|||||||
guac_client_stop(client);
|
guac_client_stop(client);
|
||||||
pthread_join(input_thread, NULL);
|
pthread_join(input_thread, NULL);
|
||||||
|
|
||||||
__openssl_free_locks(CRYPTO_num_locks());
|
|
||||||
pthread_mutex_destroy(&client_data->term_channel_lock);
|
pthread_mutex_destroy(&client_data->term_channel_lock);
|
||||||
|
guac_common_ssh_uninit();
|
||||||
|
|
||||||
guac_client_log(client, GUAC_LOG_INFO, "SSH connection ended.");
|
guac_client_log(client, GUAC_LOG_INFO, "SSH connection ended.");
|
||||||
return NULL;
|
return NULL;
|
||||||
|
Loading…
Reference in New Issue
Block a user