drop read lock in fips_drbg_status that is unnecessary
and causes deadlock when reseeding (#1400922)
This commit is contained in:
parent
d0c38b1fe6
commit
94c1cf7e19
@ -4997,7 +4997,7 @@ diff -up openssl-1.0.2i/crypto/fips/fips_drbg_lib.c.fips openssl-1.0.2i/crypto/f
|
||||
diff -up openssl-1.0.2i/crypto/fips/fips_drbg_rand.c.fips openssl-1.0.2i/crypto/fips/fips_drbg_rand.c
|
||||
--- openssl-1.0.2i/crypto/fips/fips_drbg_rand.c.fips 2016-09-22 13:35:57.015220951 +0200
|
||||
+++ openssl-1.0.2i/crypto/fips/fips_drbg_rand.c 2016-09-22 13:35:57.015220951 +0200
|
||||
@@ -0,0 +1,166 @@
|
||||
@@ -0,0 +1,164 @@
|
||||
+/* fips/rand/fips_drbg_rand.c */
|
||||
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
|
||||
+ * project.
|
||||
@ -5121,9 +5121,7 @@ diff -up openssl-1.0.2i/crypto/fips/fips_drbg_rand.c.fips openssl-1.0.2i/crypto/
|
||||
+{
|
||||
+ DRBG_CTX *dctx = &ossl_dctx;
|
||||
+ int rv;
|
||||
+ CRYPTO_r_lock(CRYPTO_LOCK_RAND);
|
||||
+ rv = dctx->status == DRBG_STATUS_READY ? 1 : 0;
|
||||
+ CRYPTO_r_unlock(CRYPTO_LOCK_RAND);
|
||||
+ return rv;
|
||||
+}
|
||||
+
|
||||
|
@ -23,7 +23,7 @@
|
||||
Summary: Utilities from the general purpose cryptography library with TLS implementation
|
||||
Name: openssl
|
||||
Version: 1.0.2j
|
||||
Release: 2%{?dist}
|
||||
Release: 3%{?dist}
|
||||
Epoch: 1
|
||||
# We have to remove certain patented algorithms from the openssl source
|
||||
# tarball with the hobble-openssl script which is included below.
|
||||
@ -508,6 +508,10 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
|
||||
%postun libs -p /sbin/ldconfig
|
||||
|
||||
%changelog
|
||||
* Fri Dec 2 2016 Tomáš Mráz <tmraz@redhat.com> 1.0.2j-2
|
||||
- drop read lock in fips_drbg_status that is unnecessary
|
||||
and causes deadlock when reseeding (#1400922)
|
||||
|
||||
* Fri Oct 07 2016 Richard W.M. Jones <rjones@redhat.com> - 1:1.0.2j-2
|
||||
- Add flags for riscv64.
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user