From d3507e3ea697be7aab4e9344c379d6b277cf81cf Mon Sep 17 00:00:00 2001 From: nahi Date: Thu, 1 Sep 2011 07:42:29 +0000 Subject: * Release GVL while OpenSSL's public key generation. t = Thread.new { print "."; sleep 0.1 } key = OpenSSL::PKey::RSA.new(2048) #=> Thread t works in parallel with public key generation if OS/machine allows it. This works with OpenSSL >= 0.9.8. From this version, it has new public key generation function which allows us to interrupt the execution while pkey generation iterations. * ext/openssl/extconf.rb: Check existence of OpenSSL's new public key generation function. (DH_generate_parameters_ex, DSA_generate_parameters_ex and RSA_generate_key_ex. * ext/openssl/ossl_pkey.{h,c} (ossl_generate_cb_2, ossl_generate_cb_stop): Added new callback function for OpenSSL pkey generation which handles Thread interruption by Ruby. ossl_generate_cb_stop is the unblock function(ubf) for Ruby which sets a stop flag. New pkey generation callback ossl_generate_cb_2 checks the stop flag at each iterations of OpenSSL and interrupts pkey generation when the flag is set. * ext/openssl/ossl_pkey_dsa.c (dsa_generate): Call rb_thread_blocking_region with the above unblock function to release GVL while pkey generation. * ext/openssl/ossl_pkey_rsa.c (rsa_generate): ditto. * ext/openssl/ossl_pkey_dh.c (dh_generate): ditto. * test/openssl/test_pkey_{dh,dsa,rsa}.rb: Test it. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33155 b2dd03c8-39d4-4d8f-98ff-823fe69b080e --- ext/openssl/ossl_pkey_rsa.c | 70 +++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 67 insertions(+), 3 deletions(-) (limited to 'ext/openssl/ossl_pkey_rsa.c') diff --git a/ext/openssl/ossl_pkey_rsa.c b/ext/openssl/ossl_pkey_rsa.c index eba693b057..d6ae8d22bb 100644 --- a/ext/openssl/ossl_pkey_rsa.c +++ b/ext/openssl/ossl_pkey_rsa.c @@ -76,12 +76,76 @@ ossl_rsa_new(EVP_PKEY *pkey) /* * Private */ +#if defined(HAVE_RSA_GENERATE_KEY_EX) && HAVE_BN_GENCB +struct rsa_blocking_gen_arg { + RSA *rsa; + BIGNUM *e; + int size; + BN_GENCB *cb; + int result; +}; + +static void +rsa_blocking_gen(void *arg) +{ + struct rsa_blocking_gen_arg *gen = (struct rsa_blocking_gen_arg *)arg; + gen->result = RSA_generate_key_ex(gen->rsa, gen->size, gen->e, gen->cb); +} +#endif + static RSA * rsa_generate(int size, int exp) { - return RSA_generate_key(size, exp, - rb_block_given_p() ? ossl_generate_cb : NULL, - NULL); +#if defined(HAVE_RSA_GENERATE_KEY_EX) && HAVE_BN_GENCB + int i; + BN_GENCB cb; + struct ossl_generate_cb_arg cb_arg; + struct rsa_blocking_gen_arg gen_arg; + RSA *rsa = RSA_new(); + BIGNUM *e = BN_new(); + + if (!rsa || !e) { + if (e) BN_free(e); + if (rsa) RSA_free(rsa); + return 0; + } + for (i = 0; i < (int)sizeof(exp); ++i) { + if (exp & (1 << i)) { + if (BN_set_bit(e, i) == 0) { + BN_free(e); + RSA_free(rsa); + return 0; + } + } + } + + memset(&cb_arg, 0, sizeof(struct ossl_generate_cb_arg)); + if (rb_block_given_p()) + cb_arg.yield = 1; + BN_GENCB_set(&cb, ossl_generate_cb_2, &cb_arg); + gen_arg.rsa = rsa; + gen_arg.e = e; + gen_arg.size = size; + gen_arg.cb = &cb; + if (cb_arg.yield == 1) { + /* we cannot release GVL when callback proc is supplied */ + rsa_blocking_gen(&gen_arg); + } else { + /* there's a chance to unblock */ + rb_thread_blocking_region(rsa_blocking_gen, &gen_arg, ossl_generate_cb_stop, &cb_arg); + } + if (!gen_arg.result) { + BN_free(e); + RSA_free(rsa); + if (cb_arg.state) rb_jump_tag(cb_arg.state); + return 0; + } + + BN_free(e); + return rsa; +#else + return RSA_generate_key(size, exp, rb_block_given_p() ? ossl_generate_cb : NULL, NULL); +#endif } /* -- cgit v1.2.3