#include "global.h"
#include "hash.h"
#include "sysdir.h"
-#include "git2/threads.h"
+#include "git2/global.h"
+#include "git2/sys/openssl.h"
#include "thread-utils.h"
-
+#if defined(GIT_MSVC_CRTDBG)
+#include "win32/w32_stack.h"
+#include "win32/w32_crtdbg_stacktrace.h"
+#endif
git_mutex git__mwindow_mutex;
#define MAX_SHUTDOWN_CB 8
-#ifdef GIT_SSL
+#ifdef GIT_OPENSSL
# include <openssl/ssl.h>
SSL_CTX *git__ssl_ctx;
# ifdef GIT_THREADS
git__shutdown_callbacks[count - 1] = callback;
}
+static void git__global_state_cleanup(git_global_st *st)
+{
+ if (!st)
+ return;
+
+ git__free(st->error_t.message);
+ st->error_t.message = NULL;
+}
+
static void git__shutdown(void)
{
int pos;
+ /* Shutdown subsystems that have registered */
for (pos = git_atomic_get(&git__n_shutdown_callbacks); pos > 0; pos = git_atomic_dec(&git__n_shutdown_callbacks)) {
git_global_shutdown_fn cb = git__swap(git__shutdown_callbacks[pos - 1], NULL);
if (cb != NULL)
cb();
}
-
}
-#if defined(GIT_THREADS) && defined(GIT_SSL)
+#if defined(GIT_THREADS) && defined(GIT_OPENSSL)
void openssl_locking_function(int mode, int n, const char *file, int line)
{
int lock;
git_mutex_unlock(&openssl_locks[n]);
}
}
-#endif
+static void shutdown_ssl_locking(void)
+{
+ int num_locks, i;
+
+ num_locks = CRYPTO_num_locks();
+ CRYPTO_set_locking_callback(NULL);
+
+ for (i = 0; i < num_locks; ++i)
+ git_mutex_free(openssl_locks);
+ git__free(openssl_locks);
+}
+#endif
static void init_ssl(void)
{
-#ifdef GIT_SSL
+#ifdef GIT_OPENSSL
+ long ssl_opts = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3;
+
+ /* Older OpenSSL and MacOS OpenSSL doesn't have this */
+#ifdef SSL_OP_NO_COMPRESSION
+ ssl_opts |= SSL_OP_NO_COMPRESSION;
+#endif
+
SSL_load_error_strings();
OpenSSL_add_ssl_algorithms();
+ /*
+ * Load SSLv{2,3} and TLSv1 so that we can talk with servers
+ * which use the SSL hellos, which are often used for
+ * compatibility. We then disable SSL so we only allow OpenSSL
+ * to speak TLSv1 to perform the encryption itself.
+ */
git__ssl_ctx = SSL_CTX_new(SSLv23_method());
+ SSL_CTX_set_options(git__ssl_ctx, ssl_opts);
SSL_CTX_set_mode(git__ssl_ctx, SSL_MODE_AUTO_RETRY);
SSL_CTX_set_verify(git__ssl_ctx, SSL_VERIFY_NONE, NULL);
if (!SSL_CTX_set_default_verify_paths(git__ssl_ctx)) {
SSL_CTX_free(git__ssl_ctx);
git__ssl_ctx = NULL;
}
+#endif
+}
+/**
+ * This function aims to clean-up the SSL context which
+ * we allocated.
+ */
+static void uninit_ssl(void)
+{
+#ifdef GIT_OPENSSL
+ if (git__ssl_ctx) {
+ SSL_CTX_free(git__ssl_ctx);
+ git__ssl_ctx = NULL;
+ }
+#endif
+}
+
+int git_openssl_set_locking(void)
+{
+#ifdef GIT_OPENSSL
# ifdef GIT_THREADS
- {
- int num_locks, i;
-
- num_locks = CRYPTO_num_locks();
- openssl_locks = git__calloc(num_locks, sizeof(git_mutex));
- if (openssl_locks == NULL) {
- SSL_CTX_free(git__ssl_ctx);
- git__ssl_ctx = NULL;
- }
+ int num_locks, i;
- for (i = 0; i < num_locks; i++) {
- if (git_mutex_init(&openssl_locks[i]) != 0) {
- SSL_CTX_free(git__ssl_ctx);
- git__ssl_ctx = NULL;
- }
- }
+ num_locks = CRYPTO_num_locks();
+ openssl_locks = git__calloc(num_locks, sizeof(git_mutex));
+ GITERR_CHECK_ALLOC(openssl_locks);
- CRYPTO_set_locking_callback(openssl_locking_function);
+ for (i = 0; i < num_locks; i++) {
+ if (git_mutex_init(&openssl_locks[i]) != 0) {
+ giterr_set(GITERR_SSL, "failed to initialize openssl locks");
+ return -1;
+ }
}
+
+ CRYPTO_set_locking_callback(openssl_locking_function);
+ git__on_shutdown(shutdown_ssl_locking);
+ return 0;
+# else
+ giterr_set(GITERR_THREAD, "libgit2 as not built with threads");
+ return -1;
# endif
+#else
+ giterr_set(GITERR_SSL, "libgit2 was not built with OpenSSL support");
+ return -1;
#endif
}
* Handle the global state with TLS
*
* If libgit2 is built with GIT_THREADS enabled,
- * the `git_threads_init()` function must be called
+ * the `git_libgit2_init()` function must be called
* before calling any other function of the library.
*
* This function allocates a TLS index (using pthreads
* allocated on each thread.
*
* Before shutting down the library, the
- * `git_threads_shutdown` method must be called to free
+ * `git_libgit2_shutdown` method must be called to free
* the previously reserved TLS index.
*
* If libgit2 is built without threading support, the
*/
/*
- * `git_threads_init()` allows subsystems to perform global setup,
+ * `git_libgit2_init()` allows subsystems to perform global setup,
* which may take place in the global scope. An explicit memory
- * fence exists at the exit of `git_threads_init()`. Without this,
+ * fence exists at the exit of `git_libgit2_init()`. Without this,
* CPU cores are free to reorder cache invalidation of `_tls_init`
* before cache invalidation of the subsystems' newly written global
* state.
return error;
}
-int git_threads_init(void)
+int git_libgit2_init(void)
{
- int error = 0;
+ int ret;
/* Enter the lock */
while (InterlockedCompareExchange(&_mutex, 1, 0)) { Sleep(0); }
/* Only do work on a 0 -> 1 transition of the refcount */
- if (1 == git_atomic_inc(&git__n_inits))
- error = synchronized_threads_init();
+ if ((ret = git_atomic_inc(&git__n_inits)) == 1) {
+#if defined(GIT_MSVC_CRTDBG)
+ git_win32__crtdbg_stacktrace_init();
+ git_win32__stack_init();
+#endif
+
+ if (synchronized_threads_init() < 0)
+ ret = -1;
+ }
/* Exit the lock */
InterlockedExchange(&_mutex, 0);
- return error;
+ return ret;
}
static void synchronized_threads_shutdown(void)
{
/* Shut down any subsystems that have global state */
git__shutdown();
+
+ git__free_tls_data();
+
TlsFree(_tls_index);
git_mutex_free(&git__mwindow_mutex);
}
-void git_threads_shutdown(void)
+int git_libgit2_shutdown(void)
{
+ int ret;
+
/* Enter the lock */
while (InterlockedCompareExchange(&_mutex, 1, 0)) { Sleep(0); }
/* Only do work on a 1 -> 0 transition of the refcount */
- if (0 == git_atomic_dec(&git__n_inits))
+ if ((ret = git_atomic_dec(&git__n_inits)) == 0) {
synchronized_threads_shutdown();
+#if defined(GIT_MSVC_CRTDBG)
+ git_win32__crtdbg_stacktrace_cleanup();
+ git_win32__stack_cleanup();
+#endif
+ }
+
/* Exit the lock */
InterlockedExchange(&_mutex, 0);
+
+ return ret;
}
git_global_st *git__global_state(void)
return ptr;
}
+/**
+ * Free the TLS data associated with this thread.
+ * This should only be used by the thread as it
+ * is exiting.
+ */
+void git__free_tls_data(void)
+{
+ void *ptr = TlsGetValue(_tls_index);
+ if (!ptr)
+ return;
+
+ git__global_state_cleanup(ptr);
+ git__free(ptr);
+ TlsSetValue(_tls_index, NULL);
+}
+
#elif defined(GIT_THREADS) && defined(_POSIX_THREADS)
static pthread_key_t _tls_key;
static void cb__free_status(void *st)
{
- git_global_st *state = (git_global_st *) st;
- git__free(state->error_t.message);
-
+ git__global_state_cleanup(st);
git__free(st);
}
GIT_MEMORY_BARRIER;
}
-int git_threads_init(void)
+int git_libgit2_init(void)
{
+ int ret;
+
pthread_once(&_once_init, init_once);
- git_atomic_inc(&git__n_inits);
- return init_error;
+ ret = git_atomic_inc(&git__n_inits);
+
+ return init_error ? init_error : ret;
}
-void git_threads_shutdown(void)
+int git_libgit2_shutdown(void)
{
void *ptr = NULL;
pthread_once_t new_once = PTHREAD_ONCE_INIT;
+ int ret;
- if (git_atomic_dec(&git__n_inits) > 0) return;
+ if ((ret = git_atomic_dec(&git__n_inits)) != 0)
+ return ret;
/* Shut down any subsystems that have global state */
git__shutdown();
+ uninit_ssl();
ptr = pthread_getspecific(_tls_key);
pthread_setspecific(_tls_key, NULL);
+
+ git__global_state_cleanup(ptr);
git__free(ptr);
pthread_key_delete(_tls_key);
git_mutex_free(&git__mwindow_mutex);
_once_init = new_once;
+
+ return 0;
}
git_global_st *git__global_state(void)
static git_global_st __state;
-int git_threads_init(void)
+int git_libgit2_init(void)
{
static int ssl_inited = 0;
ssl_inited = 1;
}
- git_atomic_inc(&git__n_inits);
- return 0;
+ return git_atomic_inc(&git__n_inits);
}
-void git_threads_shutdown(void)
+int git_libgit2_shutdown(void)
{
+ int ret;
+
/* Shut down any subsystems that have global state */
- if (0 == git_atomic_dec(&git__n_inits))
- git__shutdown();
+ if ((ret = git_atomic_dec(&git__n_inits)) != 0)
+ return ret;
+
+ git__shutdown();
+ git__global_state_cleanup(&__state);
+ uninit_ssl();
+
+ return 0;
}
git_global_st *git__global_state(void)