- Applied upstream patch adjusting an internal thread id causing

charon keying daemon start failure (bnc#779038,strongswan#198): openssl: Ensure the thread ID is never zero This might otherwise cause problems because OpenSSL tries to lock mutexes recursively if it assumes the lock is held by a different thread e.g. during FIPS initialization. See http://wiki.strongswan.org/issues/198 for more informations. OBS-URL: https://build.opensuse.org/package/show/network:vpn/strongswan?expand=0&rev=48
2012-09-07 12:53:09 +00:00 · 2012-09-07 12:53:09 +00:00 · 4a8b8bd95f
commit 4a8b8bd95f
parent 2645720915
3 changed files with 43 additions and 0 deletions
--- a/0001-openssl-Ensure-the-thread-ID-is-never-zero.patch
+++ b/0001-openssl-Ensure-the-thread-ID-is-never-zero.patch
@ -0,0 +1,30 @@
+From 901dbc1077f6c9bd29369cad848bc79a29c1a65b Mon Sep 17 00:00:00 2001
+From: Tobias Brunner <tobias@strongswan.org>
+Date: Sat, 30 Jun 2012 10:05:41 +0200
+Subject: [PATCH] openssl: Ensure the thread ID is never zero
+
+This might otherwise cause problems because OpenSSL tries to lock
+mutexes recursively if it assumes the lock is held by a different
+thread e.g. during FIPS initialization.
+---
+ src/libstrongswan/plugins/openssl/openssl_plugin.c |    4 +++-
+ 1 files changed, 3 insertions(+), 1 deletions(-)
+
+diff --git a/src/libstrongswan/plugins/openssl/openssl_plugin.c b/src/libstrongswan/plugins/openssl/openssl_plugin.c
+index 5a11412..7daa92b 100644
+--- a/src/libstrongswan/plugins/openssl/openssl_plugin.c
+++ b/src/libstrongswan/plugins/openssl/openssl_plugin.c
+@@ -129,7 +129,9 @@ static void destroy_function(struct CRYPTO_dynlock_value *lock,
+  */
+ static unsigned long id_function(void)
+ {
+-	return (unsigned long)thread_current_id();
+	/* ensure the thread ID is never zero, otherwise OpenSSL might try to
+	 * acquire locks recursively */
+	return 1 + (unsigned long)thread_current_id();
+ }
+ 
+ /**
+-- 
+1.7.7
+
--- a/strongswan.changes
+++ b/strongswan.changes
@ -1,3 +1,14 @@
+-------------------------------------------------------------------
+Fri Sep  7 08:36:57 UTC 2012 - mt@suse.de
+
+- Applied upstream patch adjusting an internal thread id causing
+  charon keying daemon start failure (bnc#779038,strongswan#198):
+    openssl: Ensure the thread ID is never zero
+    This might otherwise cause problems because OpenSSL tries to
+    lock mutexes recursively if it assumes the lock is held by a
+    different thread e.g. during FIPS initialization.
+  See http://wiki.strongswan.org/issues/198 for more informations.
+
 -------------------------------------------------------------------
 Thu May 31 16:08:43 UTC 2012 - mt@suse.com

--- a/strongswan.spec
+++ b/strongswan.spec
@ -42,6 +42,7 @@ Source3:        %{name}-%{version}-rpmlintrc
 Source4:        README.SUSE
 Patch1:         %{name}_modprobe_syslog.patch
 Patch2:         %{name}-%{version}-fmt-warnings.patch
+Patch3:         0001-openssl-Ensure-the-thread-ID-is-never-zero.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  bison
 BuildRequires:  curl-devel
@ -249,6 +250,7 @@ and the load testing plugin for IKEv2 daemon.
 %setup -q -n %{name}-%{upstream_version}
 %patch1 -p0
 %patch2 -p0
+%patch3 -p1
 sed -e 's|@libexecdir@|%_libexecdir|g'    \
     < $RPM_SOURCE_DIR/strongswan.init.in \
     > strongswan.init