openssl is ractor-safe

ossl_bn_ctx is C's global variable and it should be ractor-local to make it ractor-safe.
2022-11-09 12:17:21 -05:00 · 2020-12-18 18:19:33 +09:00 · 2020-12-18 18:19:33 +09:00 · b5588edc0a
commit b5588edc0a
parent 74ab2c3b46
3 changed files with 37 additions and 10 deletions
--- a/ext/openssl/ossl.c
+++ b/ext/openssl/ossl.c
@ -1126,6 +1126,10 @@ ossl_crypto_fixed_length_secure_compare(VALUE dummy, VALUE str1, VALUE str2)
 void
 Init_openssl(void)
 {
+#if HAVE_RB_EXT_RACTOR_SAFE
+    rb_ext_ractor_safe(true);
+#endif
+
 #undef rb_intern
    /*
     * Init timezone info
--- a/ext/openssl/ossl_bn.c
+++ b/ext/openssl/ossl_bn.c
@ -9,6 +9,7 @@
 */
 /* modified by Michal Rokos <m.rokos@sh.cvut.cz> */
 #include "ossl.h"
+#include <ruby/ractor.h>

 #define NewBN(klass) \
  TypedData_Wrap_Struct((klass), &ossl_bn_type, 0)
@ -150,12 +151,35 @@ ossl_bn_value_ptr(volatile VALUE *ptr)
 /*
 * Private
 */
-/*
- * BN_CTX - is used in more difficult math. ops
- * (Why just 1? Because Ruby itself isn't thread safe,
- *  we don't need to care about threads)
- */
-BN_CTX *ossl_bn_ctx;
+
+void
+ossl_bn_ctx_free(void *ptr)
+{
+    BN_CTX *ctx = (BN_CTX *)ptr;
+    BN_CTX_free(ctx);
+}
+
+struct rb_ractor_local_storage_type ossl_bn_ctx_key_type = {
+    NULL, // mark
+    ossl_bn_ctx_free,
+};
+
+rb_ractor_local_key_t ossl_bn_ctx_key;
+
+BN_CTX *
+ossl_bn_ctx_get(void)
+{
+    // stored in ractor local storage
+
+    BN_CTX *ctx = rb_ractor_local_storage_ptr(ossl_bn_ctx_key);
+    if (!ctx) {
+        if (!(ctx = BN_CTX_new())) {
+            ossl_raise(rb_eRuntimeError, "Cannot init BN_CTX");
+        }
+        rb_ractor_local_storage_ptr_set(ossl_bn_ctx_key, ctx);
+    }
+    return ctx;
+}

 static VALUE
 ossl_bn_alloc(VALUE klass)
@ -1092,9 +1116,7 @@ Init_ossl_bn(void)
    eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError);
 #endif

-    if (!(ossl_bn_ctx = BN_CTX_new())) {
-	ossl_raise(rb_eRuntimeError, "Cannot init BN_CTX");
-    }
+    ossl_bn_ctx_key = rb_ractor_local_storage_ptr_newkey(&ossl_bn_ctx_key_type);

    eBNError = rb_define_class_under(mOSSL, "BNError", eOSSLError);

--- a/ext/openssl/ossl_bn.h
+++ b/ext/openssl/ossl_bn.h
@ -13,7 +13,8 @@
 extern VALUE cBN;
 extern VALUE eBNError;

-extern BN_CTX *ossl_bn_ctx;
+BN_CTX *ossl_bn_ctx_get(void);
+#define ossl_bn_ctx ossl_bn_ctx_get()

 #define GetBNPtr(obj) ossl_bn_value_ptr(&(obj))