diff options
Diffstat (limited to 'net-print/cups/files/cups-1.4.6-serialize-gnutls.patch')
| -rw-r--r-- | net-print/cups/files/cups-1.4.6-serialize-gnutls.patch | 113 |
1 files changed, 113 insertions, 0 deletions
diff --git a/net-print/cups/files/cups-1.4.6-serialize-gnutls.patch b/net-print/cups/files/cups-1.4.6-serialize-gnutls.patch new file mode 100644 index 0000000..bfe9f5e --- /dev/null +++ b/net-print/cups/files/cups-1.4.6-serialize-gnutls.patch @@ -0,0 +1,113 @@ +Source: http://pkgs.fedoraproject.org/gitweb/?p=cups.git;a=blob;f=cups-serialize-gnutls.patch;h=cdd82cb95574801bf714364a585e31eb05191750;hb=HEAD +Reason: Perform locking for gnutls and avoid libgcrypt's broken locking (Gentoo bug #350406) +Upstream: http://cups.org/str.php?L3605 + +diff -up cups-1.4.4/cups/http.c.serialize-gnutls cups-1.4.4/cups/http.c +--- cups-1.4.4/cups/http.c.serialize-gnutls 2010-09-17 13:37:01.858871762 +0100 ++++ cups-1.4.4/cups/http.c 2010-09-17 13:55:22.579871934 +0100 +@@ -149,7 +149,7 @@ static int http_write_ssl(http_t *http, + + # ifdef HAVE_GNUTLS + # ifdef HAVE_PTHREAD_H +-GCRY_THREAD_OPTION_PTHREAD_IMPL; ++static pthread_mutex_t gnutls_lock; + # endif /* HAVE_PTHREAD_H */ + + # elif defined(HAVE_LIBSSL) && defined(HAVE_PTHREAD_H) +@@ -1231,7 +1231,7 @@ httpInitialize(void) + */ + + # ifdef HAVE_PTHREAD_H +- gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread); ++ pthread_mutex_init(&gnutls_lock, NULL); + # endif /* HAVE_PTHREAD_H */ + + /* +@@ -2228,6 +2228,7 @@ _httpWait(http_t *http, /* I - Connect + if (SSL_pending((SSL *)(http->tls))) + return (1); + # elif defined(HAVE_GNUTLS) ++ /* lock already held here... */ + if (gnutls_record_check_pending(((http_tls_t *)(http->tls))->session)) + return (1); + # elif defined(HAVE_CDSASSL) +@@ -2294,6 +2295,8 @@ int /* O - 1 if data is available, 0 + httpWait(http_t *http, /* I - Connection to server */ + int msec) /* I - Milliseconds to wait */ + { ++ int ret; ++ + /* + * First see if there is data in the buffer... + */ +@@ -2318,7 +2321,17 @@ httpWait(http_t *http, /* I - Connecti + * If not, check the SSL/TLS buffers and do a select() on the connection... + */ + +- return (_httpWait(http, msec, 1)); ++#if defined(HAVE_SSL) && defined(HAVE_GNUTLS) && defined(HAVE_PTHREAD_H) ++ pthread_mutex_lock(&gnutls_lock); ++#endif ++ ++ ret = _httpWait(http, msec, 1); ++ ++#if defined(HAVE_SSL) && defined(HAVE_GNUTLS) && defined(HAVE_PTHREAD_H) ++ pthread_mutex_unlock(&gnutls_lock); ++#endif ++ ++ return (ret); + } + + +@@ -2769,7 +2782,9 @@ http_read_ssl(http_t *http, /* I - Conn + ssize_t result; /* Return value */ + + ++ pthread_mutex_lock(&gnutls_lock); + result = gnutls_record_recv(((http_tls_t *)(http->tls))->session, buf, len); ++ pthread_mutex_unlock(&gnutls_lock); + + if (result < 0 && !errno) + { +@@ -3085,6 +3100,7 @@ http_setup_ssl(http_t *http) /* I - Con + return (-1); + } + ++ pthread_mutex_lock(&gnutls_lock); + gnutls_certificate_allocate_credentials(credentials); + + gnutls_init(&(conn->session), GNUTLS_CLIENT); +@@ -3104,9 +3120,11 @@ http_setup_ssl(http_t *http) /* I - Con + free(credentials); + free(conn); + ++ pthread_mutex_unlock(&gnutls_lock); + return (-1); + } + ++ pthread_mutex_unlock(&gnutls_lock); + conn->credentials = credentials; + + # elif defined(HAVE_CDSASSL) +@@ -3196,9 +3214,11 @@ http_shutdown_ssl(http_t *http) /* I - + conn = (http_tls_t *)(http->tls); + credentials = (gnutls_certificate_client_credentials *)(conn->credentials); + ++ pthread_mutex_lock(&gnutls_lock); + gnutls_bye(conn->session, GNUTLS_SHUT_RDWR); + gnutls_deinit(conn->session); + gnutls_certificate_free_credentials(*credentials); ++ pthread_mutex_unlock(&gnutls_lock); + free(credentials); + free(conn); + +@@ -3445,7 +3465,9 @@ http_write_ssl(http_t *http, /* I - + # elif defined(HAVE_GNUTLS) + ssize_t result; /* Return value */ + ++ pthread_mutex_lock(&gnutls_lock); + result = gnutls_record_send(((http_tls_t *)(http->tls))->session, buf, len); ++ pthread_mutex_unlock(&gnutls_lock); + + if (result < 0 && !errno) + { |