Hello community, here is the log from the commit of package strongswan for openSUSE:Factory checked in at 2012-09-11 09:20:14 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/strongswan (Old) and /work/SRC/openSUSE:Factory/.strongswan.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "strongswan", Maintainer is "[email protected]" Changes: -------- --- /work/SRC/openSUSE:Factory/strongswan/strongswan.changes 2012-06-01 07:24:23.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.strongswan.new/strongswan.changes 2012-09-11 09:20:15.000000000 +0200 @@ -1,0 +2,11 @@ +Fri Sep 7 08:36:57 UTC 2012 - [email protected] + +- Applied upstream patch adjusting an internal thread id causing + charon keying daemon start failure (bnc#779038,strongswan#198): + openssl: Ensure the thread ID is never zero + This might otherwise cause problems because OpenSSL tries to + lock mutexes recursively if it assumes the lock is held by a + different thread e.g. during FIPS initialization. + See http://wiki.strongswan.org/issues/198 for more informations. + +------------------------------------------------------------------- New: ---- 0001-openssl-Ensure-the-thread-ID-is-never-zero.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ strongswan.spec ++++++ --- /var/tmp/diff_new_pack.AVMzFR/_old 2012-09-11 09:20:17.000000000 +0200 +++ /var/tmp/diff_new_pack.AVMzFR/_new 2012-09-11 09:20:17.000000000 +0200 @@ -42,6 +42,7 @@ Source4: README.SUSE Patch1: %{name}_modprobe_syslog.patch Patch2: %{name}-%{version}-fmt-warnings.patch +Patch3: 0001-openssl-Ensure-the-thread-ID-is-never-zero.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: bison BuildRequires: curl-devel @@ -249,6 +250,7 @@ %setup -q -n %{name}-%{upstream_version} %patch1 -p0 %patch2 -p0 +%patch3 -p1 sed -e 's|@libexecdir@|%_libexecdir|g' \ < $RPM_SOURCE_DIR/strongswan.init.in \ > strongswan.init ++++++ 0001-openssl-Ensure-the-thread-ID-is-never-zero.patch ++++++ >From 901dbc1077f6c9bd29369cad848bc79a29c1a65b Mon Sep 17 00:00:00 2001 From: Tobias Brunner <[email protected]> Date: Sat, 30 Jun 2012 10:05:41 +0200 Subject: [PATCH] openssl: Ensure the thread ID is never zero This might otherwise cause problems because OpenSSL tries to lock mutexes recursively if it assumes the lock is held by a different thread e.g. during FIPS initialization. --- src/libstrongswan/plugins/openssl/openssl_plugin.c | 4 +++- 1 files changed, 3 insertions(+), 1 deletions(-) diff --git a/src/libstrongswan/plugins/openssl/openssl_plugin.c b/src/libstrongswan/plugins/openssl/openssl_plugin.c index 5a11412..7daa92b 100644 --- a/src/libstrongswan/plugins/openssl/openssl_plugin.c +++ b/src/libstrongswan/plugins/openssl/openssl_plugin.c @@ -129,7 +129,9 @@ static void destroy_function(struct CRYPTO_dynlock_value *lock, */ static unsigned long id_function(void) { - return (unsigned long)thread_current_id(); + /* ensure the thread ID is never zero, otherwise OpenSSL might try to + * acquire locks recursively */ + return 1 + (unsigned long)thread_current_id(); } /** -- 1.7.7 -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
