rpms/openssl
8
1
Fork 1
Code Issues Pull Requests Releases Activity

only release thread-local key if we created it (from upstream) (#1458775)

Browse Source
This commit is contained in:
Tomas Mraz 2017-06-05 17:20:12 +02:00
parent 1ff978b22e
commit 6b68d87d06
2 changed files with 55 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
openssl-1.1.0-thread-local.patch Normal file
View File

@ -0,0 +1,48 @@
From c8ec34109cab8c92685958ddfef0776a4b3b8460 Mon Sep 17 00:00:00 2001
From: Rich Salz <rsalz@openssl.org>
Date: Wed, 31 May 2017 12:14:55 -0400
Subject: [PATCH] Only release thread-local key if we created it.
Thanks to Jan Alexander Steffens for finding the bug and confirming the
fix.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3592)
(cherry picked from commit 73bc53708c386c1ea85941d345721e23dc61c05c)
---
crypto/err/err.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/crypto/err/err.c b/crypto/err/err.c
index f866f2f..c55f849 100644
--- a/crypto/err/err.c
+++ b/crypto/err/err.c
@@ -122,6 +122,7 @@ static ERR_STRING_DATA ERR_str_reasons[] = {
#endif
static CRYPTO_ONCE err_init = CRYPTO_ONCE_STATIC_INIT;
+static int set_err_thread_local;
static CRYPTO_THREAD_LOCAL err_thread_local;
static CRYPTO_ONCE err_string_init = CRYPTO_ONCE_STATIC_INIT;
@@ -260,7 +261,8 @@ DEFINE_RUN_ONCE_STATIC(do_err_strings_init)
void err_cleanup(void)
{
- CRYPTO_THREAD_cleanup_local(&err_thread_local);
+ if (set_err_thread_local != 0)
+ CRYPTO_THREAD_cleanup_local(&err_thread_local);
CRYPTO_THREAD_lock_free(err_string_lock);
err_string_lock = NULL;
}
@@ -639,6 +641,7 @@ void ERR_remove_state(unsigned long pid)
DEFINE_RUN_ONCE_STATIC(err_do_init)
{
+ set_err_thread_local = 1;
return CRYPTO_THREAD_init_local(&err_thread_local, NULL);
}
--
2.9.3

8
openssl.spec
View File

@ -22,7 +22,7 @@
Summary: Utilities from the general purpose cryptography library with TLS implementation Summary: Utilities from the general purpose cryptography library with TLS implementation
Name: openssl Name: openssl
Version: 1.1.0f Version: 1.1.0f
Release: 1%{?dist} Release: 2%{?dist}
Epoch: 1 Epoch: 1
# We have to remove certain patented algorithms from the openssl source # We have to remove certain patented algorithms from the openssl source
# tarball with the hobble-openssl script which is included below. # tarball with the hobble-openssl script which is included below.
@ -61,6 +61,7 @@ Patch42: openssl-1.1.0-fips.patch
Patch43: openssl-1.1.0-afalg-eventfd2.patch Patch43: openssl-1.1.0-afalg-eventfd2.patch
Patch44: openssl-1.1.0-bio-fd-preserve-nl.patch Patch44: openssl-1.1.0-bio-fd-preserve-nl.patch
# Backported fixes including security fixes # Backported fixes including security fixes
Patch70: openssl-1.1.0-thread-local.patch
License: OpenSSL License: OpenSSL
Group: System Environment/Libraries Group: System Environment/Libraries
@ -162,6 +163,8 @@ cp %{SOURCE13} test/
%patch43 -p1 -b .eventfd2 %patch43 -p1 -b .eventfd2
%patch44 -p1 -b .preserve-nl %patch44 -p1 -b .preserve-nl
%patch70 -p1 -b .thread-local
%build %build
# Figure out which flags we want to use. # Figure out which flags we want to use.
# default # default
@ -428,6 +431,9 @@ export LD_LIBRARY_PATH
%postun libs -p /sbin/ldconfig %postun libs -p /sbin/ldconfig
%changelog %changelog
* Mon Jun 5 2017 Tomáš Mráz <tmraz@redhat.com> 1.1.0f-2
- only release thread-local key if we created it (from upstream) (#1458775)
* Fri Jun 2 2017 Tomáš Mráz <tmraz@redhat.com> 1.1.0f-1 * Fri Jun 2 2017 Tomáš Mráz <tmraz@redhat.com> 1.1.0f-1
- update to upstream version 1.1.0f - update to upstream version 1.1.0f
- SRP and GOST is now allowed, note that GOST support requires - SRP and GOST is now allowed, note that GOST support requires