hardcoresushi/libgocryptfs
1
0
Fork 0
Code Issues Pull Requests Releases Activity

stupidgcm: set dummy locking callback.

Browse Source 
In general, OpenSSL is only threadsafe if you provide a locking function
through CRYPTO_set_locking_callback. However, the GCM operations that
stupidgcm uses never call that function.

To guard against that ever changing, set a dummy locking callback
that crashes the app.
This commit is contained in:
Jakob Unterwurzacher 2016-05-05 00:02:04 +02:00
parent 906172938a
commit cf29ce3762
1 changed files with 26 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
internal/stupidgcm/locking.go Normal file
View File

@ -0,0 +1,26 @@
package stupidgcm
// In general, OpenSSL is only threadsafe if you provide a locking function
// through CRYPTO_set_locking_callback. However, the GCM operations that
// stupidgcm uses never call that function. Additionally, the manual locking
// has been removed completely in openssl 1.1.0.
/*
#include <openssl/evp.h>
#include <stdio.h>
static void dummy_callback(int mode, int n, const char *file, int line) {
printf("stupidgcm: thread locking is not implemented and should not be "
"needed. Please upgrade openssl.\n");
// panic
*((int*)0)=0;
}
static void set_dummy_callback() {
CRYPTO_set_locking_callback(dummy_callback);
}
*/
import "C"
func init() {
C.set_dummy_callback()
}