From 4742c8131aba878c4fc954e42b656b9d4bafdd24 Mon Sep 17 00:00:00 2001 From: S-P Chan Date: Thu, 4 Jan 2024 20:11:21 +0800 Subject: [PATCH] outbound: OpenSSL 3.x thread-local, init libssl in thread --- src/modules/outbound/outbound_mod.c | 37 +++++++++++++++++++---------- 1 file changed, 25 insertions(+), 12 deletions(-) diff --git a/src/modules/outbound/outbound_mod.c b/src/modules/outbound/outbound_mod.c index 4e408e22356..00c0a66f73b 100644 --- a/src/modules/outbound/outbound_mod.c +++ b/src/modules/outbound/outbound_mod.c @@ -75,6 +75,23 @@ struct module_exports exports = { destroy /* destroy function */ }; +static void *mod_init_openssl(void *) { + if(flow_token_secret.s) { + assert(ob_key.len == SHA_DIGEST_LENGTH); + LM_DBG("flow_token_secret mod param set. use persistent ob_key"); + SHA1((const unsigned char *)flow_token_secret.s, flow_token_secret.len, + (unsigned char *)ob_key.s); + } else { + if(RAND_bytes((unsigned char *)ob_key.s, ob_key.len) == 0) { + LM_ERR("unable to get %d cryptographically strong pseudo-" + "random bytes\n", + ob_key.len); + } + } + + return NULL; +} + static int mod_init(void) { if(ob_force_flag != -1 && !flag_in_range(ob_force_flag)) { @@ -93,18 +110,14 @@ static int mod_init(void) } ob_key.len = OB_KEY_LEN; - if(flow_token_secret.s) { - assert(ob_key.len == SHA_DIGEST_LENGTH); - LM_DBG("flow_token_secret mod param set. use persistent ob_key"); - SHA1((const unsigned char *)flow_token_secret.s, flow_token_secret.len, - (unsigned char *)ob_key.s); - } else { - if(RAND_bytes((unsigned char *)ob_key.s, ob_key.len) == 0) { - LM_ERR("unable to get %d cryptographically strong pseudo-" - "random bytes\n", - ob_key.len); - } - } +#if OPENSSL_VERSION_NUMBER < 0x030000000L + mod_init_openssl(NULL); +#else + pthread_t tid; + void *retval; + pthread_create(&tid, NULL, mod_init_openssl, NULL); + pthread_join(tid, &retval); +#endif if(cfg_declare("outbound", outbound_cfg_def, &default_outbound_cfg, cfg_sizeof(outbound), &outbound_cfg)) {