Accepting request 133236 from network:vpn
charon keying daemon start failure with openssl (bnc#779038) OBS-URL: https://build.opensuse.org/request/show/133236 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/strongswan?expand=0&rev=45
This commit is contained in:
commit
b5cb816081
30
0001-openssl-Ensure-the-thread-ID-is-never-zero.patch
Normal file
30
0001-openssl-Ensure-the-thread-ID-is-never-zero.patch
Normal file
@ -0,0 +1,30 @@
|
||||
From 901dbc1077f6c9bd29369cad848bc79a29c1a65b Mon Sep 17 00:00:00 2001
|
||||
From: Tobias Brunner <tobias@strongswan.org>
|
||||
Date: Sat, 30 Jun 2012 10:05:41 +0200
|
||||
Subject: [PATCH] openssl: Ensure the thread ID is never zero
|
||||
|
||||
This might otherwise cause problems because OpenSSL tries to lock
|
||||
mutexes recursively if it assumes the lock is held by a different
|
||||
thread e.g. during FIPS initialization.
|
||||
---
|
||||
src/libstrongswan/plugins/openssl/openssl_plugin.c | 4 +++-
|
||||
1 files changed, 3 insertions(+), 1 deletions(-)
|
||||
|
||||
diff --git a/src/libstrongswan/plugins/openssl/openssl_plugin.c b/src/libstrongswan/plugins/openssl/openssl_plugin.c
|
||||
index 5a11412..7daa92b 100644
|
||||
--- a/src/libstrongswan/plugins/openssl/openssl_plugin.c
|
||||
+++ b/src/libstrongswan/plugins/openssl/openssl_plugin.c
|
||||
@@ -129,7 +129,9 @@ static void destroy_function(struct CRYPTO_dynlock_value *lock,
|
||||
*/
|
||||
static unsigned long id_function(void)
|
||||
{
|
||||
- return (unsigned long)thread_current_id();
|
||||
+ /* ensure the thread ID is never zero, otherwise OpenSSL might try to
|
||||
+ * acquire locks recursively */
|
||||
+ return 1 + (unsigned long)thread_current_id();
|
||||
}
|
||||
|
||||
/**
|
||||
--
|
||||
1.7.7
|
||||
|
@ -1,3 +1,14 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Sep 7 08:36:57 UTC 2012 - mt@suse.de
|
||||
|
||||
- Applied upstream patch adjusting an internal thread id causing
|
||||
charon keying daemon start failure (bnc#779038,strongswan#198):
|
||||
openssl: Ensure the thread ID is never zero
|
||||
This might otherwise cause problems because OpenSSL tries to
|
||||
lock mutexes recursively if it assumes the lock is held by a
|
||||
different thread e.g. during FIPS initialization.
|
||||
See http://wiki.strongswan.org/issues/198 for more informations.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu May 31 16:08:43 UTC 2012 - mt@suse.com
|
||||
|
||||
|
@ -42,6 +42,7 @@ Source3: %{name}-%{version}-rpmlintrc
|
||||
Source4: README.SUSE
|
||||
Patch1: %{name}_modprobe_syslog.patch
|
||||
Patch2: %{name}-%{version}-fmt-warnings.patch
|
||||
Patch3: 0001-openssl-Ensure-the-thread-ID-is-never-zero.patch
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
BuildRequires: bison
|
||||
BuildRequires: curl-devel
|
||||
@ -249,6 +250,7 @@ and the load testing plugin for IKEv2 daemon.
|
||||
%setup -q -n %{name}-%{upstream_version}
|
||||
%patch1 -p0
|
||||
%patch2 -p0
|
||||
%patch3 -p1
|
||||
sed -e 's|@libexecdir@|%_libexecdir|g' \
|
||||
< $RPM_SOURCE_DIR/strongswan.init.in \
|
||||
> strongswan.init
|
||||
|
Loading…
Reference in New Issue
Block a user