maride/guacamole-spice-protocol
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

GUAC-1171: Move initialization of SSH, OpenSSL, etc. to common SSH base.

Browse Source
This commit is contained in:
Michael Jumper 2015-07-09 12:02:31 -07:00
parent cc6a56234c
commit fbcf8a1e0d
3 changed files with 120 additions and 74 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

104
src/common-ssh/guac_ssh.c
View File

@ -26,8 +26,108 @@
#include <guacamole/object.h> #include <guacamole/object.h>
#include <libssh2.h> #include <libssh2.h>
void guac_common_ssh_init() { #ifdef LIBSSH2_USES_GCRYPT
/* STUB */ #include <gcrypt.h>
#endif
#include <openssl/err.h>
#include <openssl/ssl.h>
#include <pthread.h>
#ifdef LIBSSH2_USES_GCRYPT
GCRY_THREAD_OPTION_PTHREAD_IMPL;
#endif
/**
* Array of mutexes, used by OpenSSL.
*/
static pthread_mutex_t* guac_common_ssh_openssl_locks;
/**
* Called by OpenSSL when locking or unlocking the Nth mutex.
*/
static void guac_common_ssh_openssl_locking_callback(int mode, int n,
const char* file, int line){
/* Lock given mutex upon request */
if (mode & CRYPTO_LOCK)
pthread_mutex_lock(&(guac_common_ssh_openssl_locks[n]));
/* Unlock given mutex upon request */
else if (mode & CRYPTO_UNLOCK)
pthread_mutex_unlock(&(guac_common_ssh_openssl_locks[n]));
}
/**
* Called by OpenSSL when determining the current thread ID.
*/
static unsigned long guac_common_ssh_openssl_id_callback() {
return (unsigned long) pthread_self();
}
/**
* Creates the given number of mutexes, such that OpenSSL will have at least
* this number of mutexes at its disposal.
*/
static void guac_common_ssh_openssl_init_locks(int count) {
int i;
/* Allocate required number of locks */
guac_common_ssh_openssl_locks =
malloc(sizeof(pthread_mutex_t) * CRYPTO_num_locks());
/* Initialize each lock */
for (i=0; i < count; i++)
pthread_mutex_init(&(guac_common_ssh_openssl_locks[i]), NULL);
}
/**
* Frees the given number of mutexes.
*/
static void guac_common_ssh_openssl_free_locks(int count) {
int i;
/* Free all locks */
for (i=0; i < count; i++)
pthread_mutex_destroy(&(guac_common_ssh_openssl_locks[i]));
}
int guac_common_ssh_init(guac_client* client) {
#ifdef LIBSSH2_USES_GCRYPT
/* Init threadsafety in libgcrypt */
gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
if (!gcry_check_version(GCRYPT_VERSION)) {
guac_client_log(client, GUAC_LOG_ERROR, "libgcrypt version mismatch.");
return 1;
}
#endif
/* Init threadsafety in OpenSSL */
guac_common_ssh_openssl_init_locks(CRYPTO_num_locks());
CRYPTO_set_id_callback(guac_common_ssh_openssl_id_callback);
CRYPTO_set_locking_callback(guac_common_ssh_openssl_locking_callback);
/* Init OpenSSL */
SSL_library_init();
ERR_load_crypto_strings();
/* Init libssh2 */
libssh2_init(0);
/* Success */
return 0;
}
void guac_common_ssh_uninit() {
guac_common_ssh_openssl_free_locks(CRYPTO_num_locks());
} }
LIBSSH2_SESSION* guac_common_ssh_connect_password(const char* hostname, LIBSSH2_SESSION* guac_common_ssh_connect_password(const char* hostname,

15
src/common-ssh/guac_ssh.h
View File

@ -31,8 +31,21 @@
* Initializes the underlying SSH and encryption libraries used by Guacamole. * Initializes the underlying SSH and encryption libraries used by Guacamole.
* This function must be called before any other guac_common_ssh_*() functions * This function must be called before any other guac_common_ssh_*() functions
* are called. * are called.
*
* @param client
* The Guacamole client that will be using SSH.
*
* @return
* Zero if initialization, or non-zero if an error occurs.
*/ */
void guac_common_ssh_init(); int guac_common_ssh_init(guac_client* client);
/**
* Cleans up the underlying SSH and encryption libraries used by Guacamole.
* This function must be called once no other guac_common_ssh_*() functions
* will be used.
*/
void guac_common_ssh_uninit();
/** /**
* Connects to the SSH server running at the given hostname and port using the * Connects to the SSH server running at the given hostname and port using the

75
src/protocols/ssh/ssh_client.c
View File

@ -23,6 +23,7 @@
#include "config.h" #include "config.h"
#include "client.h" #include "client.h"
#include "guac_ssh.h"
#include "sftp.h" #include "sftp.h"
#include "ssh_key.h" #include "ssh_key.h"
#include "terminal.h" #include "terminal.h"
@ -270,59 +271,6 @@ static LIBSSH2_SESSION* __guac_ssh_create_session(guac_client* client,
} }
#ifdef LIBSSH2_USES_GCRYPT
GCRY_THREAD_OPTION_PTHREAD_IMPL;
#endif
/**
* Array of mutexes, used by OpenSSL.
*/
static pthread_mutex_t* __openssl_locks;
/**
* Called by OpenSSL when locking or unlocking the Nth mutex.
*/
static void __openssl_locking_callback(int mode, int n, const char* file, int line){
if (mode & CRYPTO_LOCK)
pthread_mutex_lock(&(__openssl_locks[n]));
else if (mode & CRYPTO_UNLOCK)
pthread_mutex_unlock(&(__openssl_locks[n]));
}
/**
* Called by OpenSSL when determining the current thread ID.
*/
static unsigned long __openssl_id_callback() {
return (unsigned long) pthread_self();
}
/**
* Creates the given number of mutexes, such that OpenSSL will have at least
* this number of mutexes at its disposal.
*/
static void __openssl_init_locks(int count) {
int i;
__openssl_locks = malloc(sizeof(pthread_mutex_t) * CRYPTO_num_locks());
for (i=0; i<count; i++)
pthread_mutex_init(&(__openssl_locks[i]), NULL);
}
/**
* Frees the given number of mutexes.
*/
static void __openssl_free_locks(int count) {
int i;
for (i=0; i<count; i++)
pthread_mutex_destroy(&(__openssl_locks[i]));
}
void* ssh_client_thread(void* data) { void* ssh_client_thread(void* data) {
guac_client* client = (guac_client*) data; guac_client* client = (guac_client*) data;
@ -338,24 +286,9 @@ void* ssh_client_thread(void* data) {
pthread_t input_thread; pthread_t input_thread;
#ifdef LIBSSH2_USES_GCRYPT /* Init SSH base libraries */
/* Init threadsafety in libgcrypt */ if (guac_common_ssh_init(client))
gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
if (!gcry_check_version(GCRYPT_VERSION)) {
guac_client_log(client, GUAC_LOG_ERROR, "libgcrypt version mismatch.");
return NULL; return NULL;
}
#endif
/* Init threadsafety in OpenSSL */
__openssl_init_locks(CRYPTO_num_locks());
CRYPTO_set_id_callback(__openssl_id_callback);
CRYPTO_set_locking_callback(__openssl_locking_callback);
/* Init OpenSSL */
SSL_library_init();
ERR_load_crypto_strings();
libssh2_init(0);
/* Get username */ /* Get username */
if (client_data->username[0] == 0) if (client_data->username[0] == 0)
@ -574,8 +507,8 @@ void* ssh_client_thread(void* data) {
guac_client_stop(client); guac_client_stop(client);
pthread_join(input_thread, NULL); pthread_join(input_thread, NULL);
__openssl_free_locks(CRYPTO_num_locks());
pthread_mutex_destroy(&client_data->term_channel_lock); pthread_mutex_destroy(&client_data->term_channel_lock);
guac_common_ssh_uninit();
guac_client_log(client, GUAC_LOG_INFO, "SSH connection ended."); guac_client_log(client, GUAC_LOG_INFO, "SSH connection ended.");
return NULL; return NULL;