[Python-checkins] GH-103092: isolate `_ssl` (#104725)
kumaraditya303
webhook-mailer at python.org
Sun May 21 20:44:55 EDT 2023
https://github.com/python/cpython/commit/b9c807a260f63284f16e25b5e98e18191f61a05f
commit: b9c807a260f63284f16e25b5e98e18191f61a05f
branch: main
author: Kumar Aditya <59607654+kumaraditya303 at users.noreply.github.com>
committer: kumaraditya303 <59607654+kumaraditya303 at users.noreply.github.com>
date: 2023-05-22T06:14:48+05:30
summary:
GH-103092: isolate `_ssl` (#104725)
files:
M Modules/_ssl.c
M Modules/_ssl.h
M Modules/_ssl/debughelpers.c
diff --git a/Modules/_ssl.c b/Modules/_ssl.c
index 5bf6b3bc19b2..59fd401cac27 100644
--- a/Modules/_ssl.c
+++ b/Modules/_ssl.c
@@ -6150,6 +6150,18 @@ sslmodule_init_strings(PyObject *module)
return 0;
}
+static int
+sslmodule_init_lock(PyObject *module)
+{
+ _sslmodulestate *state = get_ssl_state(module);
+ state->keylog_lock = PyThread_allocate_lock();
+ if (state->keylog_lock == NULL) {
+ PyErr_NoMemory();
+ return -1;
+ }
+ return 0;
+}
+
static PyModuleDef_Slot sslmodule_slots[] = {
{Py_mod_exec, sslmodule_init_types},
{Py_mod_exec, sslmodule_init_exceptions},
@@ -6158,9 +6170,8 @@ static PyModuleDef_Slot sslmodule_slots[] = {
{Py_mod_exec, sslmodule_init_constants},
{Py_mod_exec, sslmodule_init_versioninfo},
{Py_mod_exec, sslmodule_init_strings},
- // XXX gh-103092: fix isolation.
- {Py_mod_multiple_interpreters, Py_MOD_MULTIPLE_INTERPRETERS_NOT_SUPPORTED},
- //{Py_mod_multiple_interpreters, Py_MOD_PER_INTERPRETER_GIL_SUPPORTED},
+ {Py_mod_exec, sslmodule_init_lock},
+ {Py_mod_multiple_interpreters, Py_MOD_PER_INTERPRETER_GIL_SUPPORTED},
{0, NULL}
};
@@ -6219,6 +6230,8 @@ static void
sslmodule_free(void *m)
{
sslmodule_clear((PyObject *)m);
+ _sslmodulestate *state = get_ssl_state(m);
+ PyThread_free_lock(state->keylog_lock);
}
static struct PyModuleDef _sslmodule_def = {
diff --git a/Modules/_ssl.h b/Modules/_ssl.h
index c1da8b46b536..22d93ddcc6d6 100644
--- a/Modules/_ssl.h
+++ b/Modules/_ssl.h
@@ -33,6 +33,8 @@ typedef struct {
PyObject *str_reason;
PyObject *str_verify_code;
PyObject *str_verify_message;
+ /* keylog lock */
+ PyThread_type_lock keylog_lock;
} _sslmodulestate;
static struct PyModuleDef _sslmodule_def;
diff --git a/Modules/_ssl/debughelpers.c b/Modules/_ssl/debughelpers.c
index 217f22494255..a81f0aad05a8 100644
--- a/Modules/_ssl/debughelpers.c
+++ b/Modules/_ssl/debughelpers.c
@@ -118,30 +118,22 @@ _PySSL_keylog_callback(const SSL *ssl, const char *line)
PyGILState_STATE threadstate;
PySSLSocket *ssl_obj = NULL; /* ssl._SSLSocket, borrowed ref */
int res, e;
- static PyThread_type_lock *lock = NULL;
threadstate = PyGILState_Ensure();
ssl_obj = (PySSLSocket *)SSL_get_app_data(ssl);
assert(Py_IS_TYPE(ssl_obj, get_state_sock(ssl_obj)->PySSLSocket_Type));
+ PyThread_type_lock lock = get_state_sock(ssl_obj)->keylog_lock;
+ assert(lock != NULL);
if (ssl_obj->ctx->keylog_bio == NULL) {
return;
}
-
- /* Allocate a static lock to synchronize writes to keylog file.
+ /*
* The lock is neither released on exit nor on fork(). The lock is
* also shared between all SSLContexts although contexts may write to
* their own files. IMHO that's good enough for a non-performance
* critical debug helper.
*/
- if (lock == NULL) {
- lock = PyThread_allocate_lock();
- if (lock == NULL) {
- PyErr_SetString(PyExc_MemoryError, "Unable to allocate lock");
- ssl_obj->exc = PyErr_GetRaisedException();
- return;
- }
- }
PySSL_BEGIN_ALLOW_THREADS
PyThread_acquire_lock(lock, 1);
More information about the Python-checkins
mailing list