threaded-ssl.c
/*************************************************************************** * _ _ ____ _ * Project ___| | | | _ \| | * / __| | | | |_) | | * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms * are also available at https://curl.se/docs/copyright.html. * * You may opt to use, copy, modify, merge, publish, distribute and/or sell * copies of the Software, and permit persons to whom the Software is * furnished to do so, under the terms of the COPYING file. * * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY * KIND, either express or implied. * * SPDX-License-Identifier: curl * ***************************************************************************/ /* <DESC> * Show the required mutex callback setups for GnuTLS and OpenSSL when using * libcurl multi-threaded. * </DESC> */ /* A multi-threaded example that uses pthreads and fetches 4 remote files at * once over HTTPS. The lock callbacks and stuff assume OpenSSL <1.1 or GnuTLS * (libgcrypt) so far. * * OpenSSL docs for this: * https://www.openssl.org/docs/man1.0.2/man3/CRYPTO_num_locks.html * gcrypt docs for this: * https://gnupg.org/documentation/manuals/gcrypt/Multi_002dThreading.html */ #define USE_OPENSSL /* or USE_GNUTLS accordingly */ #include <stdio.h> #include <pthread.h> #include <curl/curl.h> #define NUMT 4 /* we have this global to let the callback get easy access to it */ static pthread_mutex_t *lockarray; #ifdef USE_OPENSSL #include <openssl/crypto.h> static void lock_callback(int mode, int type, char *file, int line) { (void)file; (void)line; if(mode & CRYPTO_LOCK) { pthread_mutex_lock(&(lockarray[type])); } else { pthread_mutex_unlock(&(lockarray[type])); } } static unsigned long thread_id(void) { unsigned long ret; ret = (unsigned long)pthread_self(); return ret; } static void init_locks(void) { int i; lockarray = (pthread_mutex_t *)OPENSSL_malloc(CRYPTO_num_locks() * sizeof(pthread_mutex_t)); for(i = 0; i<CRYPTO_num_locks(); i++) { pthread_mutex_init(&(lockarray[i]), NULL); } CRYPTO_set_id_callback((unsigned long (*)())thread_id); CRYPTO_set_locking_callback((void (*)())lock_callback); } static void kill_locks(void) { int i; CRYPTO_set_locking_callback(NULL); for(i = 0; i<CRYPTO_num_locks(); i++) pthread_mutex_destroy(&(lockarray[i])); OPENSSL_free(lockarray); } #endif #ifdef USE_GNUTLS #include <gcrypt.h> #include <errno.h> GCRY_THREAD_OPTION_PTHREAD_IMPL; void init_locks(void) { gcry_control(GCRYCTL_SET_THREAD_CBS); } #define kill_locks() #endif /* List of URLs to fetch.*/ const char * const urls[]= { "https://www.example.com/", "https://www2.example.com/", "https://www3.example.com/", "https://www4.example.com/", }; static void *pull_one_url(void *url) { CURL *curl; curl = curl_easy_init(); curl_easy_setopt(curl, CURLOPT_URL, url); /* this example does not verify the server's certificate, which means we might be downloading stuff from an impostor */ curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L); curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L); curl_easy_perform(curl); /* ignores error */ curl_easy_cleanup(curl); return NULL; } int main(int argc, char **argv) { pthread_t tid[NUMT]; int i; (void)argc; /* we do not use any arguments in this example */ (void)argv; /* Must initialize libcurl before any threads are started */ curl_global_init(CURL_GLOBAL_ALL); init_locks(); for(i = 0; i< NUMT; i++) { int error = pthread_create(&tid[i], NULL, /* default attributes please */ pull_one_url, (void *)urls[i]); if(0 != error) fprintf(stderr, "Couldn't run thread number %d, errno %d\n", i, error); else fprintf(stderr, "Thread %d, gets %s\n", i, urls[i]); } /* now wait for all threads to terminate */ for(i = 0; i< NUMT; i++) { pthread_join(tid[i], NULL); fprintf(stderr, "Thread %d terminated\n", i); } kill_locks(); return 0; }
Notice
This source code example is simplified and ignores return
codes and error checks to a large extent. We do this to highlight the libcurl
function calls and related options and reduce unrelated code.
A real-world application will of course properly check every return value and exit correctly at the first serious error.