int zmq::socket_base_t::join (const char* group_) { scoped_optional_lock_t sync_lock(thread_safe ? &sync : NULL); int rc = xjoin (group_); return rc; }
int zmq::socket_base_t::join (const char* group_) { ENTER_MUTEX (); int rc = xjoin (group_); EXIT_MUTEX(); return rc; }
/* -------------------------------------------------------------------- */ SSL_CTX* evssl_init(const echossl_t *options, int isserver) { /*-*/ SSL_CTX *context = NULL; /*-*/ char *crtfile = NULL; /*-*/ char *keyfile = NULL; /*-*/ char *dhfile = NULL; /*-*/ char *CApath = NULL; const SSL_METHOD *method = NULL; if (options->sname != NULL) { crtfile = xjoin(options->pki, "/certificates/", options->sname, ".crt", NULL); keyfile = xjoin(options->pki, "/certificates/", options->sname, ".key", NULL); } dhfile = xjoin(options->pki, "/certificates/dh.pem", NULL); CApath = xjoin(options->pki, "/db/ca.db.certs", NULL); SSL_load_error_strings(); SSL_library_init(); if (!RAND_poll()) { elog(LOG_FATAL, "cannot initialize entropy"); goto bailout; } if (isserver) { switch (options->tlsver) { case SSL_3p0: method = SSLv3_server_method (); break ; case TLS_1p0: method = TLSv1_server_method (); break ; case TLS_1p1: method = TLSv1_1_server_method(); break ; case TLS_1p2: method = TLSv1_2_server_method(); break ; default: abort(); } } else { switch (options->tlsver) { case SSL_3p0: method = SSLv3_client_method (); break ; case TLS_1p0: method = TLSv1_client_method (); break ; case TLS_1p1: method = TLSv1_1_client_method(); break ; case TLS_1p2: method = TLSv1_2_client_method(); break ; default: abort(); } } if ((context = SSL_CTX_new(method)) == NULL) { elog(LOG_FATAL, "cannot create SSL context"); goto bailout; } if (options->ciphers != NULL) { if (!SSL_CTX_set_cipher_list(context, options->ciphers)) { elog(LOG_FATAL, "cannot set ciphers list `%s'", options->ciphers); goto bailout; } } if (!SSL_CTX_use_tmp_dh_file(context, dhfile)) { elog(LOG_FATAL, "cannot load/set DH parameters from file `%s'", dhfile); goto bailout; } if (!SSL_CTX_load_verify_locations(context, NULL, CApath)) { elog(LOG_FATAL, "cannot load trusted hashed CA path"); goto bailout; } (void) SSL_CTX_set_default_verify_paths(context); if (isserver) { if (options->sname != NULL) { if (!SSL_CTX_use_certificate_chain_file(context, crtfile)) { elog(LOG_FATAL, "cannot load certificate `%s'", crtfile); goto bailout; } if (!SSL_CTX_use_PrivateKey_file(context, keyfile, SSL_FILETYPE_PEM)) { elog(LOG_FATAL, "cannot load certificate key `%s'", keyfile); goto bailout; } } } (void) SSL_CTX_set_options(context, SSL_OP_NO_COMPRESSION); if (options->sname != NULL) { free(keyfile); free(crtfile); } free(dhfile); free(CApath); return context; bailout: if (context != NULL) SSL_CTX_free(context); if (keyfile != NULL) free(keyfile); if (crtfile != NULL) free(crtfile); if (dhfile != NULL) free(dhfile); if (CApath != NULL) free(CApath); return NULL; }