summaryrefslogtreecommitdiff
path: root/source/a/cups/cups.fix_broken_locking.diff
diff options
context:
space:
mode:
Diffstat (limited to 'source/a/cups/cups.fix_broken_locking.diff')
-rw-r--r--source/a/cups/cups.fix_broken_locking.diff256
1 files changed, 256 insertions, 0 deletions
diff --git a/source/a/cups/cups.fix_broken_locking.diff b/source/a/cups/cups.fix_broken_locking.diff
new file mode 100644
index 00000000..44f97533
--- /dev/null
+++ b/source/a/cups/cups.fix_broken_locking.diff
@@ -0,0 +1,256 @@
+Submitted By: DJ Lucas <robert AT linuxfromscratch DOT org>
+Date: 2010-09-13
+Initial Package Version: 1.4.4
+Upstream Status: Unknown
+Origin: https://bugzilla.redhat.com/show_bug.cgi?id=553834
+Description: Bug fix for invalid locking with GCrypt.
+
+diff -Naurp cups-1.4.4-orig/cups/http.c cups-1.4.4/cups/http.c
+--- cups-1.4.4-orig/cups/http.c 2010-06-16 00:27:41.000000000 -0500
++++ cups-1.4.4/cups/http.c 2010-09-13 01:27:03.000000000 -0500
+@@ -83,12 +83,10 @@
+ * http_debug_hex() - Do a hex dump of a buffer.
+ * http_field() - Return the field index for a field name.
+ * http_read_ssl() - Read from a SSL/TLS connection.
+- * http_locking_cb() - Lock/unlock a thread's mutex.
+ * http_send() - Send a request with all fields and the trailing
+ * blank line.
+ * http_setup_ssl() - Set up SSL/TLS support on a connection.
+ * http_shutdown_ssl() - Shut down SSL/TLS on a connection.
+- * http_threadid_cb() - Return the current thread ID.
+ * http_upgrade() - Force upgrade to TLS encryption.
+ * http_write() - Write a buffer to a HTTP connection.
+ * http_write_chunk() - Write a chunked buffer.
+@@ -146,19 +144,6 @@ static int http_setup_ssl(http_t *http)
+ static void http_shutdown_ssl(http_t *http);
+ static int http_upgrade(http_t *http);
+ static int http_write_ssl(http_t *http, const char *buf, int len);
+-
+-# ifdef HAVE_GNUTLS
+-# ifdef HAVE_PTHREAD_H
+-GCRY_THREAD_OPTION_PTHREAD_IMPL;
+-# endif /* HAVE_PTHREAD_H */
+-
+-# elif defined(HAVE_LIBSSL) && defined(HAVE_PTHREAD_H)
+-static pthread_mutex_t *http_locks; /* OpenSSL lock mutexes */
+-
+-static void http_locking_cb(int mode, int type, const char *file,
+- int line);
+-static unsigned long http_threadid_cb(void);
+-# endif /* HAVE_GNUTLS */
+ #endif /* HAVE_SSL */
+
+
+@@ -1188,22 +1173,21 @@ httpHead(http_t *http, /* I - Conne
+ void
+ httpInitialize(void)
+ {
+- static int initialized = 0; /* Have we been called before? */
+-#ifdef WIN32
+- WSADATA winsockdata; /* WinSock data */
+-#endif /* WIN32 */
+ #ifdef HAVE_LIBSSL
+- int i; /* Looping var */
+- unsigned char data[1024]; /* Seed data */
++# ifndef WIN32
++ struct timeval curtime; /* Current time in microseconds */
++# endif /* !WIN32 */
++ int i; /* Looping var */
++ unsigned char data[1024]; /* Seed data */
+ #endif /* HAVE_LIBSSL */
+
+-
+- if (initialized)
+- return;
+-
+ #ifdef WIN32
+- WSAStartup(MAKEWORD(2,2), &winsockdata);
++ WSADATA winsockdata; /* WinSock data */
++
+
++ static int initialized = 0; /* Has WinSock been initialized? */
++ if (!initialized)
++ WSAStartup(MAKEWORD(1,1), &winsockdata);
+ #elif !defined(SO_NOSIGPIPE)
+ /*
+ * Ignore SIGPIPE signals...
+@@ -1226,21 +1210,15 @@ httpInitialize(void)
+ #endif /* WIN32 */
+
+ #ifdef HAVE_GNUTLS
+- /*
+- * Make sure we handle threading properly...
+- */
+-
+-# ifdef HAVE_PTHREAD_H
+- gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
+-# endif /* HAVE_PTHREAD_H */
+
+ /*
+ * Initialize GNU TLS...
+ */
+
+ gnutls_global_init();
++#endif /* HAVE_GNUTLS */
+
+-#elif defined(HAVE_LIBSSL)
++#ifdef HAVE_LIBSSL
+ /*
+ * Initialize OpenSSL...
+ */
+@@ -1249,33 +1227,21 @@ httpInitialize(void)
+ SSL_library_init();
+
+ /*
+- * Set the threading callbacks...
+- */
+-
+-# ifdef HAVE_PTHREAD_H
+- http_locks = calloc(CRYPTO_num_locks(), sizeof(pthread_mutex_t));
+-
+- for (i = 0; i < CRYPTO_num_locks(); i ++)
+- pthread_mutex_init(http_locks + i, NULL);
+-
+- CRYPTO_set_id_callback(http_threadid_cb);
+- CRYPTO_set_locking_callback(http_locking_cb);
+-# endif /* HAVE_PTHREAD_H */
+-
+- /*
+ * Using the current time is a dubious random seed, but on some systems
+ * it is the best we can do (on others, this seed isn't even used...)
+ */
+
+- CUPS_SRAND(time(NULL));
++# ifdef WIN32
++# else
++ gettimeofday(&curtime, NULL);
++ srand(curtime.tv_sec + curtime.tv_usec);
++# endif /* WIN32 */
+
+ for (i = 0; i < sizeof(data); i ++)
+- data[i] = CUPS_RAND();
++ data[i] = rand();
+
+ RAND_seed(data, sizeof(data));
+-#endif /* HAVE_GNUTLS */
+-
+- initialized = 1;
++#endif /* HAVE_LIBSSL */
+ }
+
+
+@@ -2834,25 +2800,6 @@ http_read_ssl(http_t *http, /* I - Conn
+ #endif /* HAVE_SSL */
+
+
+-#if defined(HAVE_LIBSSL) && defined(HAVE_PTHREAD_H)
+-/*
+- * 'http_locking_cb()' - Lock/unlock a thread's mutex.
+- */
+-
+-static void
+-http_locking_cb(int mode, /* I - Lock mode */
+- int type, /* I - Lock type */
+- const char *file, /* I - Source file */
+- int line) /* I - Line number */
+-{
+- if (mode & CRYPTO_LOCK)
+- pthread_mutex_lock(http_locks + type);
+- else
+- pthread_mutex_unlock(http_locks + type);
+-}
+-#endif /* HAVE_LIBSSL && HAVE_PTHREAD_H */
+-
+-
+ /*
+ * 'http_send()' - Send a request with all fields and the trailing blank line.
+ */
+@@ -3224,19 +3171,6 @@ http_shutdown_ssl(http_t *http) /* I -
+ #endif /* HAVE_SSL */
+
+
+-#if defined(HAVE_LIBSSL) && defined(HAVE_PTHREAD_H)
+-/*
+- * 'http_threadid_cb()' - Return the current thread ID.
+- */
+-
+-static unsigned long /* O - Thread ID */
+-http_threadid_cb(void)
+-{
+- return ((unsigned long)pthread_self());
+-}
+-#endif /* HAVE_LIBSSL && HAVE_PTHREAD_H */
+-
+-
+ #ifdef HAVE_SSL
+ /*
+ * 'http_upgrade()' - Force upgrade to TLS encryption.
+diff -Naurp cups-1.4.4-orig/cups/http-private.h cups-1.4.4/cups/http-private.h
+--- cups-1.4.4-orig/cups/http-private.h 2010-04-11 23:03:53.000000000 -0500
++++ cups-1.4.4/cups/http-private.h 2010-09-13 01:27:24.000000000 -0500
+@@ -98,7 +98,6 @@ extern BIO_METHOD *_httpBIOMethods(void)
+ * The GNU TLS library is more of a "bare metal" SSL/TLS library...
+ */
+ # include <gnutls/gnutls.h>
+-# include <gcrypt.h>
+
+ typedef struct
+ {
+diff -Naurp cups-1.4.4-orig/scheduler/main.c cups-1.4.4/scheduler/main.c
+--- cups-1.4.4-orig/scheduler/main.c 2010-04-23 13:56:34.000000000 -0500
++++ cups-1.4.4/scheduler/main.c 2010-09-13 01:27:36.000000000 -0500
+@@ -549,8 +549,6 @@ main(int argc, /* I - Number of comm
+ * Startup the server...
+ */
+
+- httpInitialize();
+-
+ cupsdStartServer();
+
+ /*
+diff -Naurp cups-1.4.4-orig/scheduler/server.c cups-1.4.4/scheduler/server.c
+--- cups-1.4.4-orig/scheduler/server.c 2010-04-11 23:03:53.000000000 -0500
++++ cups-1.4.4/scheduler/server.c 2010-09-13 01:27:49.000000000 -0500
+@@ -44,6 +44,42 @@ static int started = 0;
+ void
+ cupsdStartServer(void)
+ {
++#ifdef HAVE_LIBSSL
++ int i; /* Looping var */
++ struct timeval curtime; /* Current time in microseconds */
++ unsigned char data[1024]; /* Seed data */
++#endif /* HAVE_LIBSSL */
++
++
++#ifdef HAVE_LIBSSL
++ /*
++ * Initialize the encryption libraries...
++ */
++
++ SSL_library_init();
++ SSL_load_error_strings();
++
++ /*
++ * Using the current time is a dubious random seed, but on some systems
++ * it is the best we can do (on others, this seed isn't even used...)
++ */
++
++ gettimeofday(&curtime, NULL);
++ srand(curtime.tv_sec + curtime.tv_usec);
++
++ for (i = 0; i < sizeof(data); i ++)
++ data[i] = rand(); /* Yes, this is a poor source of random data... */
++
++ RAND_seed(&data, sizeof(data));
++#elif defined(HAVE_GNUTLS)
++ /*
++ * Initialize the encryption libraries...
++ */
++
++ gnutls_global_init();
++#endif /* HAVE_LIBSSL */
++
++
+ /*
+ * Create the default security profile...
+ */