RESOLVED FIXED 185138
[Curl] Add OpenSSL/LibreSSL multi-threading support 
https://bugs.webkit.org/show_bug.cgi?id=185138
Summary [Curl] Add OpenSSL/LibreSSL multi-threading support
Basuke Suzuki
Reported 2018-04-30 11:10:43 PDT
The older OpenSSL manual says the locking_function and threadid_funcion should set when use it in multi-threading environment. This applies to LibreSSL also. https://www.openssl.org/docs/man1.0.2/crypto/threads.html For unix and other similar os, the default threadId_function implementation is good enough. We'll set custom callback only for Windows OS. Note it's not required for OpenSSL 1.1.0 and after. https://www.openssl.org/blog/blog/2017/02/21/threads/
Attachments
PATCH (4.08 KB, patch)
2018-04-30 11:15 PDT, Basuke Suzuki 		no flags
DetailsFormatted DiffDiff
fix (4.02 KB, patch)
2018-05-01 22:14 PDT, Basuke Suzuki 		no flags
DetailsFormatted DiffDiff
fix (3.91 KB, patch)
2018-05-01 22:16 PDT, Basuke Suzuki 		pvollan: review+
pvollan: commit-queue-
DetailsFormatted DiffDiff
Fix potential security issue (4.85 KB, patch)
2018-05-02 14:29 PDT, Basuke Suzuki 		no flags
DetailsFormatted DiffDiff
Fix style (4.89 KB, patch)
2018-05-02 15:14 PDT, Basuke Suzuki 		pvollan: review+
DetailsFormatted DiffDiff
Fox (5.04 KB, patch)
2018-05-02 23:27 PDT, Basuke Suzuki 		no flags
DetailsFormatted DiffDiff
typo (5.04 KB, patch)
2018-05-02 23:41 PDT, Basuke Suzuki 		no flags
DetailsFormatted DiffDiff
Show Obsolete (6) View All Add attachment proposed patch, testcase, etc.
Basuke Suzuki
Comment 1 2018-04-30 11:15:16 PDT
Created attachment 339130 [details] PATCH
Per Arne Vollan
Comment 2 2018-04-30 13:50:24 PDT
Would it be sufficient to require that OpenSSL 1.1.0 or later is used?
Basuke Suzuki
Comment 3 2018-04-30 15:44:18 PDT
We believe so. What is your worry for instance?
Per Arne Vollan
Comment 4 2018-04-30 18:52:20 PDT
I was just wondering if this change is strictly needed, since this issue has been addressed in OpenSSL 1.1.0 or later. But this is perhaps not the case for LibreSSL?
Basuke Suzuki
Comment 5 2018-04-30 21:18:28 PDT
Oh, that’s not true. This is required for both OpenSSL prior to 1.1.0 and whole version of LibreSSL.
Per Arne Vollan
Comment 6 2018-05-01 07:09:06 PDT
Comment on attachment 339130 [details] PATCH View in context: https://bugs.webkit.org/attachment.cgi?id=339130&action=review > Source/WebCore/platform/network/curl/CurlSSLHandle.cpp:147 > + if (!lock || (type > lockNum)) > + return; I think this should be '(type >= lockNum)'. Also, should we return early if type < 0?
Basuke Suzuki
Comment 7 2018-05-01 18:04:06 PDT
Comment on attachment 339130 [details] PATCH View in context: https://bugs.webkit.org/attachment.cgi?id=339130&action=review Thank you for the review. >> Source/WebCore/platform/network/curl/CurlSSLHandle.cpp:147 >> + return; > > I think this should be '(type >= lockNum)'. Also, should we return early if type < 0? type argument are hard-coded in OpenSSL/LibreSSL code and used internally only. I think it should be not run-time check, but assert. Also lock shouldn't be checked like this. If it failed, it may fail in multi thread env. I will move it to more robust place to define locks.
Basuke Suzuki
Comment 8 2018-05-01 22:14:37 PDT
Created attachment 339278 [details] fix
Basuke Suzuki
Comment 9 2018-05-01 22:16:19 PDT
Created attachment 339279 [details] fix
Per Arne Vollan
Comment 10 2018-05-02 07:03:49 PDT
Comment on attachment 339279 [details] fix View in context: https://bugs.webkit.org/attachment.cgi?id=339279&action=review R=me. > Source/WebCore/platform/network/curl/CurlSSLHandle.cpp:144 > + ASSERT(type >= 0 && type < CRYPTO_NUM_LOCKS); I think we should use RELEASE_ASSERT here.
Per Arne Vollan
Comment 11 2018-05-02 07:55:44 PDT
Comment on attachment 339279 [details] fix View in context: https://bugs.webkit.org/attachment.cgi?id=339279&action=review > Source/WebCore/platform/network/curl/CurlSSLHandle.cpp:143 > + static Lock lock[CRYPTO_NUM_LOCKS]; Also, I think you need to make sure the initialization of lock is thread safe, by using call_once, for example.
Basuke Suzuki
Comment 12 2018-05-02 10:21:18 PDT
Comment on attachment 339279 [details] fix View in context: https://bugs.webkit.org/attachment.cgi?id=339279&action=review Thanks for the review. >> Source/WebCore/platform/network/curl/CurlSSLHandle.cpp:143 >> + static Lock lock[CRYPTO_NUM_LOCKS]; > > Also, I think you need to make sure the initialization of lock is thread safe, by using call_once, for example. I think Lock is constexpr constructor class and it is initialized in compile time, which means no run-time initialization. I am not confident about this behavior so I am asking about this my co-workers. >> Source/WebCore/platform/network/curl/CurlSSLHandle.cpp:144 >> + ASSERT(type >= 0 && type < CRYPTO_NUM_LOCKS); > > I think we should use RELEASE_ASSERT here. Sure I do.
Basuke Suzuki
Comment 13 2018-05-02 14:29:32 PDT
Created attachment 339340 [details] Fix potential security issue
EWS Watchlist
Comment 14 2018-05-02 14:31:58 PDT
Attachment 339340 [details] did not pass style-queue: ERROR: Source/WebCore/platform/network/curl/CurlSSLHandle.h:69: Place brace on its own line for function definitions. [whitespace/braces] [4] ERROR: Source/WebCore/platform/network/curl/CurlSSLHandle.h:74: Place brace on its own line for function definitions. [whitespace/braces] [4] Total errors found: 2 in 3 files If any of these errors are false positives, please file a bug against check-webkit-style.
Basuke Suzuki
Comment 15 2018-05-02 15:14:22 PDT
Created attachment 339353 [details] Fix style
Per Arne Vollan
Comment 16 2018-05-02 16:13:53 PDT
Comment on attachment 339353 [details] Fix style View in context: https://bugs.webkit.org/attachment.cgi?id=339353&action=review R=me. > Source/WebCore/ChangeLog:6 > + The older OpenSSL manual says the locking_function and threadid_funcion should Small typo, change phrase to 'threadid_function should be set'. > Source/WebCore/platform/network/curl/CurlSSLHandle.h:74 > + static ThreadSupport shared; I think we can use NeverDestroyed here.
Basuke Suzuki
Comment 17 2018-05-02 23:27:35 PDT
Created attachment 339391 [details] Fox Thanks for r+ Per Arne.
Basuke Suzuki
Comment 18 2018-05-02 23:41:56 PDT
Created attachment 339392 [details] typo
WebKit Commit Bot
Comment 19 2018-05-03 00:23:14 PDT
Comment on attachment 339392 [details] typo Clearing flags on attachment: 339392 Committed r231297: <https://trac.webkit.org/changeset/231297>
WebKit Commit Bot
Comment 20 2018-05-03 00:23:16 PDT
All reviewed patches have been landed. Closing bug.
Radar WebKit Bug Importer
Comment 21 2018-05-03 00:24:15 PDT
<rdar://problem/39934014>
Note You need to log in before you can comment on or make changes to this bug.