godotengine/godot
1
0
Fork 0
mirror of https://github.com/godotengine/godot.git synced 2025-11-06 12:20:30 +00:00
Code Releases Wiki Activity

mbedTLS: Fix concurrency issues with TLS

Browse Source 
When we first integrated mbedTLS, we decided not to enable
MBEDTLS_THREADING_C (which adds mutex locking to calls modifying the
state), and instead to simply create separate contexts ("states") for
each connection.

This worked fine until recently.
Sadly, mbedTLS 3 added a global state for the new PSA crypto
functionalities (which are required to support TLSv1.3).
This results in TLSv1.3 connections to access and modify the global
state concurrently when running in threads.

This commit enables MBEDTLS_THREADING_C, and MBEDTLS_THREADING_C_ALT to
provide a generic Godot implementation using the engine Mutex class.
This commit is contained in:
Fabio Alessandrelli
2025-05-08 10:43:00 +02:00
parent 0793c626d2
commit 2c789788c0
5 changed files with 65 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
thirdparty/mbedtls/include/godot_module_mbedtls_config.h vendored
View File

@@ -49,6 +49,13 @@
#undef MBEDTLS_DES_C
#undef MBEDTLS_DHM_C
#ifdef THREADS_ENABLED
// In mbedTLS 3, the PSA subsystem has an implicit shared context, MBEDTLS_THREADING_C is required to make it thread safe.
#define MBEDTLS_THREADING_C
#define MBEDTLS_THREADING_ALT
#define GODOT_MBEDTLS_THREADING_ALT
#endif
#if !(defined(__linux__) && defined(__aarch64__))
// ARMv8 hardware AES operations. Detection only possible on linux.
// May technically be supported on some ARM32 arches but doesn't seem