+++ /dev/null
-diff -up cups-1.4.4/cups/http.c.serialize-gnutls cups-1.4.4/cups/http.c
---- cups-1.4.4/cups/http.c.serialize-gnutls 2010-09-17 13:37:01.858871762 +0100
-+++ cups-1.4.4/cups/http.c 2010-09-17 13:55:22.579871934 +0100
-@@ -149,7 +149,7 @@ static int http_write_ssl(http_t *http,
-
- # ifdef HAVE_GNUTLS
- # ifdef HAVE_PTHREAD_H
--GCRY_THREAD_OPTION_PTHREAD_IMPL;
-+static pthread_mutex_t gnutls_lock;
- # endif /* HAVE_PTHREAD_H */
-
- # elif defined(HAVE_LIBSSL) && defined(HAVE_PTHREAD_H)
-@@ -1231,7 +1231,7 @@ httpInitialize(void)
- */
-
- # ifdef HAVE_PTHREAD_H
-- gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
-+ pthread_mutex_init(&gnutls_lock, NULL);
- # endif /* HAVE_PTHREAD_H */
-
- /*
-@@ -2228,6 +2228,7 @@ _httpWait(http_t *http, /* I - Connect
- if (SSL_pending((SSL *)(http->tls)))
- return (1);
- # elif defined(HAVE_GNUTLS)
-+ /* lock already held here... */
- if (gnutls_record_check_pending(((http_tls_t *)(http->tls))->session))
- return (1);
- # elif defined(HAVE_CDSASSL)
-@@ -2294,6 +2295,8 @@ int /* O - 1 if data is available, 0
- httpWait(http_t *http, /* I - Connection to server */
- int msec) /* I - Milliseconds to wait */
- {
-+ int ret;
-+
- /*
- * First see if there is data in the buffer...
- */
-@@ -2318,7 +2321,17 @@ httpWait(http_t *http, /* I - Connecti
- * If not, check the SSL/TLS buffers and do a select() on the connection...
- */
-
-- return (_httpWait(http, msec, 1));
-+#if defined(HAVE_SSL) && defined(HAVE_GNUTLS) && defined(HAVE_PTHREAD_H)
-+ pthread_mutex_lock(&gnutls_lock);
-+#endif
-+
-+ ret = _httpWait(http, msec, 1);
-+
-+#if defined(HAVE_SSL) && defined(HAVE_GNUTLS) && defined(HAVE_PTHREAD_H)
-+ pthread_mutex_unlock(&gnutls_lock);
-+#endif
-+
-+ return (ret);
- }
-
-
-@@ -2769,7 +2782,9 @@ http_read_ssl(http_t *http, /* I - Conn
- ssize_t result; /* Return value */
-
-
-+ pthread_mutex_lock(&gnutls_lock);
- result = gnutls_record_recv(((http_tls_t *)(http->tls))->session, buf, len);
-+ pthread_mutex_unlock(&gnutls_lock);
-
- if (result < 0 && !errno)
- {
-@@ -3085,6 +3100,7 @@ http_setup_ssl(http_t *http) /* I - Con
- return (-1);
- }
-
-+ pthread_mutex_lock(&gnutls_lock);
- gnutls_certificate_allocate_credentials(credentials);
-
- gnutls_init(&(conn->session), GNUTLS_CLIENT);
-@@ -3104,9 +3120,11 @@ http_setup_ssl(http_t *http) /* I - Con
- free(credentials);
- free(conn);
-
-+ pthread_mutex_unlock(&gnutls_lock);
- return (-1);
- }
-
-+ pthread_mutex_unlock(&gnutls_lock);
- conn->credentials = credentials;
-
- # elif defined(HAVE_CDSASSL)
-@@ -3196,9 +3214,11 @@ http_shutdown_ssl(http_t *http) /* I -
- conn = (http_tls_t *)(http->tls);
- credentials = (gnutls_certificate_client_credentials *)(conn->credentials);
-
-+ pthread_mutex_lock(&gnutls_lock);
- gnutls_bye(conn->session, GNUTLS_SHUT_RDWR);
- gnutls_deinit(conn->session);
- gnutls_certificate_free_credentials(*credentials);
-+ pthread_mutex_unlock(&gnutls_lock);
- free(credentials);
- free(conn);
-
-@@ -3445,7 +3465,9 @@ http_write_ssl(http_t *http, /* I -
- # elif defined(HAVE_GNUTLS)
- ssize_t result; /* Return value */
-
-+ pthread_mutex_lock(&gnutls_lock);
- result = gnutls_record_send(((http_tls_t *)(http->tls))->session, buf, len);
-+ pthread_mutex_unlock(&gnutls_lock);
-
- if (result < 0 && !errno)
- {
projects / people / amarx / ipfire-3.x.git / blobdiff