crypto: fix non-reentrancy of ceph::crypto::init

This could be called multiple times from common_preinit.

Signed-off-by: Colin McCabe <colin.mccabe@dreamhost.com>

diff --git a/src/common/ceph_crypto.cc b/src/common/ceph_crypto.cc
index 35398415497a6229faf61e3b81ced949555830fe..037dd3d867de8ae49841ea6029bba4e9e4eefc90 100644 (file)
--- a/src/common/ceph_crypto.cc
+++ b/src/common/ceph_crypto.cc
@@ -1,5 +1,21 @@
+// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
+// vim: ts=8 sw=2 smarttab
+/*
+ * Ceph - scalable distributed file system
+ *
+ * Copyright (C) 2010-2011 Dreamhost
+ *
+ * This is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License version 2.1, as published by the Free Software
+ * Foundation.  See file COPYING.
+ *
+ */
+
 #include "ceph_crypto.h"
 
+#include <pthread.h>
+
 #ifdef USE_CRYPTOPP
 // nothing
 ceph::crypto::HMACSHA1::~HMACSHA1()
@@ -9,6 +25,16 @@ ceph::crypto::HMACSHA1::~HMACSHA1()
 #elif USE_NSS
 
 void ceph::crypto::init() {
+  static pthread_mutex_t lock;
+  static bool crypto_init = false;
+  pthread_mutex_lock(&lock);
+  if (crypto_init) {
+    pthread_mutex_unlock(&lock);
+    return;
+  }
+  crypto_init = true;
+  pthread_mutex_unlock(&lock);
+
   SECStatus s;
   s = NSS_NoDB_Init(NULL);
   assert(s == SECSuccess);

diff --git a/src/common/common_init.cc b/src/common/common_init.cc
index aa29e54a9abc1862328531e5b135670e50a00c00..12fff794c442ad9fab9d2d074698e70c49d8ece2 100644 (file)
--- a/src/common/common_init.cc
+++ b/src/common/common_init.cc
@@ -116,10 +116,6 @@ md_config_t *common_preinit(const CephInitParameters &iparams,
       break;
   }
 
-  // TODO this is not idempotent! we are relying on
-  // libceph_initialized/rados_initialized to guard us from being
-  // called more than once in 3rd party apps, and on coding
-  // conventions in Ceph daemons/tools
   ceph::crypto::init();
   return conf;
 }