softhsm/softhsm2-1378800-openssl.patch
2016-09-23 11:11:17 -04:00

60 lines
1.7 KiB
Diff

From 371686fb68eff02020ddd80a702c39f31a849b8e Mon Sep 17 00:00:00 2001
From: David Woodhouse <David.Woodhouse@intel.com>
Date: Wed, 21 Sep 2016 08:20:29 +0100
Subject: [PATCH] Issue #239: Crash on module unload with OpenSSL
We use CRYPTO_set_id_callback() to set a callback, but we don't ever
remove it again on unload. So OpenSSL crashes the next time it needs a
thread-id.
CRYPTO_set_id_callback() has been deprecated since OpenSSL 1.0.0, the
oldest we support. And redundant too, since OpenSSL has fallbacks which
include the address of errno. Which is going to work on any platform
with pthreads... and we were only calling CRYPTO_set_id_callback() on
platforms with pthreads.
So just rip it out.
---
src/lib/crypto/OSSLCryptoFactory.cpp | 14 --------------
1 file changed, 14 deletions(-)
diff --git a/src/lib/crypto/OSSLCryptoFactory.cpp b/src/lib/crypto/OSSLCryptoFactory.cpp
index 3aa8dcd..fc059ae 100644
--- a/src/lib/crypto/OSSLCryptoFactory.cpp
+++ b/src/lib/crypto/OSSLCryptoFactory.cpp
@@ -55,9 +55,6 @@
#include "OSSLGOST.h"
#endif
-#ifdef HAVE_PTHREAD_H
-#include <pthread.h>
-#endif
#include <algorithm>
#include <string.h>
#include <openssl/ssl.h>
@@ -72,14 +69,6 @@
bool OSSLCryptoFactory::FipsSelfTestStatus = false;
#endif
-// Thread ID callback
-#ifdef HAVE_PTHREAD_H
-static unsigned long id_callback()
-{
- return (unsigned long) pthread_self();
-}
-#endif
-
static unsigned nlocks;
static Mutex** locks;
@@ -116,9 +105,6 @@ OSSLCryptoFactory::OSSLCryptoFactory()
{
locks[i] = MutexFactory::i()->getMutex();
}
-#ifdef HAVE_PTHREAD_H
- CRYPTO_set_id_callback(id_callback);
-#endif
CRYPTO_set_locking_callback(lock_callback);
#ifdef WITH_FIPS