use a separate thread to compute dh params

git-svn-id: svn+ssh://svn.gna.org/svn/gnustep/libs/base/trunk@35600 72102866-910b-0410-8b05-ffd578937521
2025-04-23 09:04:13 +00:00 · 2012-09-24 09:51:56 +00:00 · 2012-09-24 09:51:56 +00:00 · 73b0d4f585
commit 73b0d4f585
parent a7171ab9be
1 changed files with 38 additions and 18 deletions
--- a/Source/GSTLS.m
+++ b/Source/GSTLS.m
@ -31,6 +31,7 @@
 #import "Foundation/NSException.h"
 #import "Foundation/NSLock.h"
 #import "Foundation/NSNotification.h"
+#import "Foundation/NSThread.h"
 #import "Foundation/NSUserDefaults.h"

 #import "GSTLS.h"
@ -239,6 +240,7 @@ static gnutls_anon_client_credentials_t anoncred;
@implementation GSTLSDHParams
 static NSLock           *paramsLock = nil;
 static NSDate           *when = nil;
+static BOOL             generating = NO;
 static GSTLSDHParams    *current = nil;

 + (GSTLSDHParams*) current
@ -246,27 +248,51 @@ static GSTLSDHParams    *current = nil;
  GSTLSDHParams *p;

  [paramsLock lock];
-  if (nil == current)
+  while (nil == current)
    {
-      current = [self new];
+      [paramsLock unlock];
+      [NSThread sleepForTimeInterval: 0.2];
+      [paramsLock lock];
    }
  p = [current retain];
  [paramsLock unlock];
  return [current autorelease];
 }

+ (void) generate
+{
+  GSTLSDHParams         *p = [GSTLSDHParams new];
+
+  /* Generate Diffie-Hellman parameters - for use with DHE
+   * kx algorithms. When short bit length is used, it might
+   * be wise to regenerate parameters often.
+   */
+  gnutls_dh_params_init (&p->params);
+  gnutls_dh_params_generate2 (p->params, 2048);
+  [paramsLock lock];
+  [current release];
+  current = p;
+  ASSIGN(when, [NSDate date]);
+  generating = NO;
+  [paramsLock unlock];
+}
+
 + (void) housekeeping: (NSNotification*)n
 {
  NSDate        *now;

  now = [NSDate date];
  [paramsLock lock];
-  /* Regenerate DH params once per day.
+  /* Regenerate DH params once per day, perfoming generation in another
+   * thread since it's likely to be rather slow.
   */
-  if ([now timeIntervalSinceDate: when] > 24 * 60 * 60)
+  if (NO == generating
+    && (nil == when || [now timeIntervalSinceDate: when] > 24 * 60 * 60))
    {
-      ASSIGN(when, [NSDate date]);
-      ASSIGN(current, [self new]);
+      generating = YES;
+      [NSThread detachNewThreadSelector: @selector(generate)
+                               toTarget: self
+                             withObject: nil];
    }
  [paramsLock unlock];
 }
@ -277,10 +303,10 @@ static GSTLSDHParams    *current = nil;
    {
      paramsLock = [NSLock new];
      when = [NSDate new];
-      current = [self new];
      [[NSNotificationCenter defaultCenter] addObserver: self
 	selector: @selector(housekeeping:)
 	name: @"GSHousekeeping" object: nil];
+      [self housekeeping: nil];
    }
 }

@ -290,17 +316,6 @@ static GSTLSDHParams    *current = nil;
  [super dealloc];
 }

- (id) init
-{
-  /* Generate Diffie-Hellman parameters - for use with DHE
-   * kx algorithms. When short bit length is used, it might
-   * be wise to regenerate parameters often.
-   */
-  gnutls_dh_params_init (&params);
-  gnutls_dh_params_generate2 (params, 2048);
-  return self;
-}
-
 - (gnutls_dh_params_t) params
 {
  return params;
@ -346,6 +361,11 @@ static NSMutableDictionary      *certificateListCache = nil;
      [[NSNotificationCenter defaultCenter] addObserver: self
 	selector: @selector(housekeeping:)
 	name: @"GSHousekeeping" object: nil];
+
+      /* Start initialisation of DH params so we can use the certificate
+       * to handle an incoming connection negotiated using DH.
+       */
+      [GSTLSDHParams class];
    }
 }