From 901dbc1077f6c9bd29369cad848bc79a29c1a65b Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Sat, 30 Jun 2012 10:05:41 +0200 Subject: [PATCH] openssl: Ensure the thread ID is never zero This might otherwise cause problems because OpenSSL tries to lock mutexes recursively if it assumes the lock is held by a different thread e.g. during FIPS initialization. --- src/libstrongswan/plugins/openssl/openssl_plugin.c | 4 +++- 1 files changed, 3 insertions(+), 1 deletions(-) diff --git a/src/libstrongswan/plugins/openssl/openssl_plugin.c b/src/libstrongswan/plugins/openssl/openssl_plugin.c index 5a11412..7daa92b 100644 --- a/src/libstrongswan/plugins/openssl/openssl_plugin.c +++ b/src/libstrongswan/plugins/openssl/openssl_plugin.c @@ -129,7 +129,9 @@ static void destroy_function(struct CRYPTO_dynlock_value *lock, */ static unsigned long id_function(void) { - return (unsigned long)thread_current_id(); + /* ensure the thread ID is never zero, otherwise OpenSSL might try to + * acquire locks recursively */ + return 1 + (unsigned long)thread_current_id(); } /** -- 1.7.7