diff options
Diffstat (limited to 'patches/source/cups/cups.fix_broken_locking.diff')
-rw-r--r-- | patches/source/cups/cups.fix_broken_locking.diff | 256 |
1 files changed, 256 insertions, 0 deletions
diff --git a/patches/source/cups/cups.fix_broken_locking.diff b/patches/source/cups/cups.fix_broken_locking.diff new file mode 100644 index 00000000..44f97533 --- /dev/null +++ b/patches/source/cups/cups.fix_broken_locking.diff @@ -0,0 +1,256 @@ +Submitted By: DJ Lucas <robert AT linuxfromscratch DOT org> +Date: 2010-09-13 +Initial Package Version: 1.4.4 +Upstream Status: Unknown +Origin: https://bugzilla.redhat.com/show_bug.cgi?id=553834 +Description: Bug fix for invalid locking with GCrypt. + +diff -Naurp cups-1.4.4-orig/cups/http.c cups-1.4.4/cups/http.c +--- cups-1.4.4-orig/cups/http.c 2010-06-16 00:27:41.000000000 -0500 ++++ cups-1.4.4/cups/http.c 2010-09-13 01:27:03.000000000 -0500 +@@ -83,12 +83,10 @@ + * http_debug_hex() - Do a hex dump of a buffer. + * http_field() - Return the field index for a field name. + * http_read_ssl() - Read from a SSL/TLS connection. +- * http_locking_cb() - Lock/unlock a thread's mutex. + * http_send() - Send a request with all fields and the trailing + * blank line. + * http_setup_ssl() - Set up SSL/TLS support on a connection. + * http_shutdown_ssl() - Shut down SSL/TLS on a connection. +- * http_threadid_cb() - Return the current thread ID. + * http_upgrade() - Force upgrade to TLS encryption. + * http_write() - Write a buffer to a HTTP connection. + * http_write_chunk() - Write a chunked buffer. +@@ -146,19 +144,6 @@ static int http_setup_ssl(http_t *http) + static void http_shutdown_ssl(http_t *http); + static int http_upgrade(http_t *http); + static int http_write_ssl(http_t *http, const char *buf, int len); +- +-# ifdef HAVE_GNUTLS +-# ifdef HAVE_PTHREAD_H +-GCRY_THREAD_OPTION_PTHREAD_IMPL; +-# endif /* HAVE_PTHREAD_H */ +- +-# elif defined(HAVE_LIBSSL) && defined(HAVE_PTHREAD_H) +-static pthread_mutex_t *http_locks; /* OpenSSL lock mutexes */ +- +-static void http_locking_cb(int mode, int type, const char *file, +- int line); +-static unsigned long http_threadid_cb(void); +-# endif /* HAVE_GNUTLS */ + #endif /* HAVE_SSL */ + + +@@ -1188,22 +1173,21 @@ httpHead(http_t *http, /* I - Conne + void + httpInitialize(void) + { +- static int initialized = 0; /* Have we been called before? */ +-#ifdef WIN32 +- WSADATA winsockdata; /* WinSock data */ +-#endif /* WIN32 */ + #ifdef HAVE_LIBSSL +- int i; /* Looping var */ +- unsigned char data[1024]; /* Seed data */ ++# ifndef WIN32 ++ struct timeval curtime; /* Current time in microseconds */ ++# endif /* !WIN32 */ ++ int i; /* Looping var */ ++ unsigned char data[1024]; /* Seed data */ + #endif /* HAVE_LIBSSL */ + +- +- if (initialized) +- return; +- + #ifdef WIN32 +- WSAStartup(MAKEWORD(2,2), &winsockdata); ++ WSADATA winsockdata; /* WinSock data */ ++ + ++ static int initialized = 0; /* Has WinSock been initialized? */ ++ if (!initialized) ++ WSAStartup(MAKEWORD(1,1), &winsockdata); + #elif !defined(SO_NOSIGPIPE) + /* + * Ignore SIGPIPE signals... +@@ -1226,21 +1210,15 @@ httpInitialize(void) + #endif /* WIN32 */ + + #ifdef HAVE_GNUTLS +- /* +- * Make sure we handle threading properly... +- */ +- +-# ifdef HAVE_PTHREAD_H +- gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread); +-# endif /* HAVE_PTHREAD_H */ + + /* + * Initialize GNU TLS... + */ + + gnutls_global_init(); ++#endif /* HAVE_GNUTLS */ + +-#elif defined(HAVE_LIBSSL) ++#ifdef HAVE_LIBSSL + /* + * Initialize OpenSSL... + */ +@@ -1249,33 +1227,21 @@ httpInitialize(void) + SSL_library_init(); + + /* +- * Set the threading callbacks... +- */ +- +-# ifdef HAVE_PTHREAD_H +- http_locks = calloc(CRYPTO_num_locks(), sizeof(pthread_mutex_t)); +- +- for (i = 0; i < CRYPTO_num_locks(); i ++) +- pthread_mutex_init(http_locks + i, NULL); +- +- CRYPTO_set_id_callback(http_threadid_cb); +- CRYPTO_set_locking_callback(http_locking_cb); +-# endif /* HAVE_PTHREAD_H */ +- +- /* + * Using the current time is a dubious random seed, but on some systems + * it is the best we can do (on others, this seed isn't even used...) + */ + +- CUPS_SRAND(time(NULL)); ++# ifdef WIN32 ++# else ++ gettimeofday(&curtime, NULL); ++ srand(curtime.tv_sec + curtime.tv_usec); ++# endif /* WIN32 */ + + for (i = 0; i < sizeof(data); i ++) +- data[i] = CUPS_RAND(); ++ data[i] = rand(); + + RAND_seed(data, sizeof(data)); +-#endif /* HAVE_GNUTLS */ +- +- initialized = 1; ++#endif /* HAVE_LIBSSL */ + } + + +@@ -2834,25 +2800,6 @@ http_read_ssl(http_t *http, /* I - Conn + #endif /* HAVE_SSL */ + + +-#if defined(HAVE_LIBSSL) && defined(HAVE_PTHREAD_H) +-/* +- * 'http_locking_cb()' - Lock/unlock a thread's mutex. +- */ +- +-static void +-http_locking_cb(int mode, /* I - Lock mode */ +- int type, /* I - Lock type */ +- const char *file, /* I - Source file */ +- int line) /* I - Line number */ +-{ +- if (mode & CRYPTO_LOCK) +- pthread_mutex_lock(http_locks + type); +- else +- pthread_mutex_unlock(http_locks + type); +-} +-#endif /* HAVE_LIBSSL && HAVE_PTHREAD_H */ +- +- + /* + * 'http_send()' - Send a request with all fields and the trailing blank line. + */ +@@ -3224,19 +3171,6 @@ http_shutdown_ssl(http_t *http) /* I - + #endif /* HAVE_SSL */ + + +-#if defined(HAVE_LIBSSL) && defined(HAVE_PTHREAD_H) +-/* +- * 'http_threadid_cb()' - Return the current thread ID. +- */ +- +-static unsigned long /* O - Thread ID */ +-http_threadid_cb(void) +-{ +- return ((unsigned long)pthread_self()); +-} +-#endif /* HAVE_LIBSSL && HAVE_PTHREAD_H */ +- +- + #ifdef HAVE_SSL + /* + * 'http_upgrade()' - Force upgrade to TLS encryption. +diff -Naurp cups-1.4.4-orig/cups/http-private.h cups-1.4.4/cups/http-private.h +--- cups-1.4.4-orig/cups/http-private.h 2010-04-11 23:03:53.000000000 -0500 ++++ cups-1.4.4/cups/http-private.h 2010-09-13 01:27:24.000000000 -0500 +@@ -98,7 +98,6 @@ extern BIO_METHOD *_httpBIOMethods(void) + * The GNU TLS library is more of a "bare metal" SSL/TLS library... + */ + # include <gnutls/gnutls.h> +-# include <gcrypt.h> + + typedef struct + { +diff -Naurp cups-1.4.4-orig/scheduler/main.c cups-1.4.4/scheduler/main.c +--- cups-1.4.4-orig/scheduler/main.c 2010-04-23 13:56:34.000000000 -0500 ++++ cups-1.4.4/scheduler/main.c 2010-09-13 01:27:36.000000000 -0500 +@@ -549,8 +549,6 @@ main(int argc, /* I - Number of comm + * Startup the server... + */ + +- httpInitialize(); +- + cupsdStartServer(); + + /* +diff -Naurp cups-1.4.4-orig/scheduler/server.c cups-1.4.4/scheduler/server.c +--- cups-1.4.4-orig/scheduler/server.c 2010-04-11 23:03:53.000000000 -0500 ++++ cups-1.4.4/scheduler/server.c 2010-09-13 01:27:49.000000000 -0500 +@@ -44,6 +44,42 @@ static int started = 0; + void + cupsdStartServer(void) + { ++#ifdef HAVE_LIBSSL ++ int i; /* Looping var */ ++ struct timeval curtime; /* Current time in microseconds */ ++ unsigned char data[1024]; /* Seed data */ ++#endif /* HAVE_LIBSSL */ ++ ++ ++#ifdef HAVE_LIBSSL ++ /* ++ * Initialize the encryption libraries... ++ */ ++ ++ SSL_library_init(); ++ SSL_load_error_strings(); ++ ++ /* ++ * Using the current time is a dubious random seed, but on some systems ++ * it is the best we can do (on others, this seed isn't even used...) ++ */ ++ ++ gettimeofday(&curtime, NULL); ++ srand(curtime.tv_sec + curtime.tv_usec); ++ ++ for (i = 0; i < sizeof(data); i ++) ++ data[i] = rand(); /* Yes, this is a poor source of random data... */ ++ ++ RAND_seed(&data, sizeof(data)); ++#elif defined(HAVE_GNUTLS) ++ /* ++ * Initialize the encryption libraries... ++ */ ++ ++ gnutls_global_init(); ++#endif /* HAVE_LIBSSL */ ++ ++ + /* + * Create the default security profile... + */ |