drop read lock in fips_drbg_status that is unnecessary
and causes deadlock when reseeding (#1400922)
This commit is contained in:
parent
d0c38b1fe6
commit
94c1cf7e19
|
@ -4997,7 +4997,7 @@ diff -up openssl-1.0.2i/crypto/fips/fips_drbg_lib.c.fips openssl-1.0.2i/crypto/f
|
||||||
diff -up openssl-1.0.2i/crypto/fips/fips_drbg_rand.c.fips openssl-1.0.2i/crypto/fips/fips_drbg_rand.c
|
diff -up openssl-1.0.2i/crypto/fips/fips_drbg_rand.c.fips openssl-1.0.2i/crypto/fips/fips_drbg_rand.c
|
||||||
--- openssl-1.0.2i/crypto/fips/fips_drbg_rand.c.fips 2016-09-22 13:35:57.015220951 +0200
|
--- openssl-1.0.2i/crypto/fips/fips_drbg_rand.c.fips 2016-09-22 13:35:57.015220951 +0200
|
||||||
+++ openssl-1.0.2i/crypto/fips/fips_drbg_rand.c 2016-09-22 13:35:57.015220951 +0200
|
+++ openssl-1.0.2i/crypto/fips/fips_drbg_rand.c 2016-09-22 13:35:57.015220951 +0200
|
||||||
@@ -0,0 +1,166 @@
|
@@ -0,0 +1,164 @@
|
||||||
+/* fips/rand/fips_drbg_rand.c */
|
+/* fips/rand/fips_drbg_rand.c */
|
||||||
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
|
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
|
||||||
+ * project.
|
+ * project.
|
||||||
|
@ -5121,9 +5121,7 @@ diff -up openssl-1.0.2i/crypto/fips/fips_drbg_rand.c.fips openssl-1.0.2i/crypto/
|
||||||
+{
|
+{
|
||||||
+ DRBG_CTX *dctx = &ossl_dctx;
|
+ DRBG_CTX *dctx = &ossl_dctx;
|
||||||
+ int rv;
|
+ int rv;
|
||||||
+ CRYPTO_r_lock(CRYPTO_LOCK_RAND);
|
|
||||||
+ rv = dctx->status == DRBG_STATUS_READY ? 1 : 0;
|
+ rv = dctx->status == DRBG_STATUS_READY ? 1 : 0;
|
||||||
+ CRYPTO_r_unlock(CRYPTO_LOCK_RAND);
|
|
||||||
+ return rv;
|
+ return rv;
|
||||||
+}
|
+}
|
||||||
+
|
+
|
||||||
|
|
|
@ -23,7 +23,7 @@
|
||||||
Summary: Utilities from the general purpose cryptography library with TLS implementation
|
Summary: Utilities from the general purpose cryptography library with TLS implementation
|
||||||
Name: openssl
|
Name: openssl
|
||||||
Version: 1.0.2j
|
Version: 1.0.2j
|
||||||
Release: 2%{?dist}
|
Release: 3%{?dist}
|
||||||
Epoch: 1
|
Epoch: 1
|
||||||
# We have to remove certain patented algorithms from the openssl source
|
# We have to remove certain patented algorithms from the openssl source
|
||||||
# tarball with the hobble-openssl script which is included below.
|
# tarball with the hobble-openssl script which is included below.
|
||||||
|
@ -508,6 +508,10 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
|
||||||
%postun libs -p /sbin/ldconfig
|
%postun libs -p /sbin/ldconfig
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Dec 2 2016 Tomáš Mráz <tmraz@redhat.com> 1.0.2j-2
|
||||||
|
- drop read lock in fips_drbg_status that is unnecessary
|
||||||
|
and causes deadlock when reseeding (#1400922)
|
||||||
|
|
||||||
* Fri Oct 07 2016 Richard W.M. Jones <rjones@redhat.com> - 1:1.0.2j-2
|
* Fri Oct 07 2016 Richard W.M. Jones <rjones@redhat.com> - 1:1.0.2j-2
|
||||||
- Add flags for riscv64.
|
- Add flags for riscv64.
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue