drop read lock in fips_drbg_status that is unnecessary

and causes deadlock when reseeding (#1400922)

openssl-1.0.2i-fips.patch

@@ -4997,7 +4997,7 @@ diff -up openssl-1.0.2i/crypto/fips/fips_drbg_lib.c.fips openssl-1.0.2i/crypto/f
 diff -up openssl-1.0.2i/crypto/fips/fips_drbg_rand.c.fips openssl-1.0.2i/crypto/fips/fips_drbg_rand.c
 --- openssl-1.0.2i/crypto/fips/fips_drbg_rand.c.fips	2016-09-22 13:35:57.015220951 +0200
 +++ openssl-1.0.2i/crypto/fips/fips_drbg_rand.c	2016-09-22 13:35:57.015220951 +0200
-@@ -0,0 +1,166 @@
+@@ -0,0 +1,164 @@
 +/* fips/rand/fips_drbg_rand.c */
 +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 + * project.
@@ -5121,9 +5121,7 @@ diff -up openssl-1.0.2i/crypto/fips/fips_drbg_rand.c.fips openssl-1.0.2i/crypto/
 +{
 +    DRBG_CTX *dctx = &ossl_dctx;
 +    int rv;
-+    CRYPTO_r_lock(CRYPTO_LOCK_RAND);
 +    rv = dctx->status == DRBG_STATUS_READY ? 1 : 0;
-+    CRYPTO_r_unlock(CRYPTO_LOCK_RAND);
 +    return rv;
 +}
 +

openssl.spec

@@ -23,7 +23,7 @@
 Summary: Utilities from the general purpose cryptography library with TLS implementation
 Name: openssl
 Version: 1.0.2j
-Release: 2%{?dist}
+Release: 3%{?dist}
 Epoch: 1
 # We have to remove certain patented algorithms from the openssl source
 # tarball with the hobble-openssl script which is included below.
@@ -508,6 +508,10 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
 %postun libs -p /sbin/ldconfig
 
 %changelog
+* Fri Dec  2 2016 Tomáš Mráz <tmraz@redhat.com> 1.0.2j-2
+- drop read lock in fips_drbg_status that is unnecessary
+  and causes deadlock when reseeding (#1400922)
+
 * Fri Oct 07 2016 Richard W.M. Jones <rjones@redhat.com> - 1:1.0.2j-2
 - Add flags for riscv64.