[people/stevee/ipfire-3.x.git] / cups / patches / cups-serialize-gnutls.patch

diff -up cups-1.4.4/cups/http.c.serialize-gnutls cups-1.4.4/cups/http.c
--- cups-1.4.4/cups/http.c.serialize-gnutls	2010-09-17 13:37:01.858871762 +0100
+++ cups-1.4.4/cups/http.c	2010-09-17 13:55:22.579871934 +0100
@@ -149,7 +149,7 @@ static int		http_write_ssl(http_t *http,
 
 #  ifdef HAVE_GNUTLS
 #    ifdef HAVE_PTHREAD_H
-GCRY_THREAD_OPTION_PTHREAD_IMPL;
+static pthread_mutex_t gnutls_lock;
 #    endif /* HAVE_PTHREAD_H */
 
 #  elif defined(HAVE_LIBSSL) && defined(HAVE_PTHREAD_H)
@@ -1231,7 +1231,7 @@ httpInitialize(void)
   */
 
 #  ifdef HAVE_PTHREAD_H
-  gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
+  pthread_mutex_init(&gnutls_lock, NULL);
 #  endif /* HAVE_PTHREAD_H */
 
  /*
@@ -2228,6 +2228,7 @@ _httpWait(http_t *http,			/* I - Connect
     if (SSL_pending((SSL *)(http->tls)))
       return (1);
 #  elif defined(HAVE_GNUTLS)
+    /* lock already held here... */
     if (gnutls_record_check_pending(((http_tls_t *)(http->tls))->session))
       return (1);
 #  elif defined(HAVE_CDSASSL)
@@ -2294,6 +2295,8 @@ int					/* O - 1 if data is available, 0
 httpWait(http_t *http,			/* I - Connection to server */
          int    msec)			/* I - Milliseconds to wait */
 {
+  int ret;
+
  /*
   * First see if there is data in the buffer...
   */
@@ -2318,7 +2321,17 @@ httpWait(http_t *http,			/* I - Connecti
   * If not, check the SSL/TLS buffers and do a select() on the connection...
   */
 
-  return (_httpWait(http, msec, 1));
+#if defined(HAVE_SSL) && defined(HAVE_GNUTLS) && defined(HAVE_PTHREAD_H)
+  pthread_mutex_lock(&gnutls_lock);
+#endif
+
+  ret = _httpWait(http, msec, 1);
+
+#if defined(HAVE_SSL) && defined(HAVE_GNUTLS) && defined(HAVE_PTHREAD_H)
+  pthread_mutex_unlock(&gnutls_lock);
+#endif
+
+  return (ret);
 }
 
 
@@ -2769,7 +2782,9 @@ http_read_ssl(http_t *http,		/* I - Conn
   ssize_t	result;			/* Return value */
 
 
+  pthread_mutex_lock(&gnutls_lock);
   result = gnutls_record_recv(((http_tls_t *)(http->tls))->session, buf, len);
+  pthread_mutex_unlock(&gnutls_lock);
 
   if (result < 0 && !errno)
   {
@@ -3085,6 +3100,7 @@ http_setup_ssl(http_t *http)		/* I - Con
     return (-1);
   }
 
+  pthread_mutex_lock(&gnutls_lock);
   gnutls_certificate_allocate_credentials(credentials);
 
   gnutls_init(&(conn->session), GNUTLS_CLIENT);
@@ -3104,9 +3120,11 @@ http_setup_ssl(http_t *http)		/* I - Con
     free(credentials);
     free(conn);
 
+    pthread_mutex_unlock(&gnutls_lock);
     return (-1);
   }
 
+  pthread_mutex_unlock(&gnutls_lock);
   conn->credentials = credentials;
 
 #  elif defined(HAVE_CDSASSL)
@@ -3196,9 +3214,11 @@ http_shutdown_ssl(http_t *http)		/* I - 
   conn = (http_tls_t *)(http->tls);
   credentials = (gnutls_certificate_client_credentials *)(conn->credentials);
 
+  pthread_mutex_lock(&gnutls_lock);
   gnutls_bye(conn->session, GNUTLS_SHUT_RDWR);
   gnutls_deinit(conn->session);
   gnutls_certificate_free_credentials(*credentials);
+  pthread_mutex_unlock(&gnutls_lock);
   free(credentials);
   free(conn);
 
@@ -3445,7 +3465,9 @@ http_write_ssl(http_t     *http,	/* I - 
 #  elif defined(HAVE_GNUTLS)
   ssize_t	result;			/* Return value */
 
+  pthread_mutex_lock(&gnutls_lock);
   result = gnutls_record_send(((http_tls_t *)(http->tls))->session, buf, len);
+  pthread_mutex_unlock(&gnutls_lock);
 
   if (result < 0 && !errno)
   {
Commit	Line	Data
f92713d3 SS	1	diff -up cups-1.4.4/cups/http.c.serialize-gnutls cups-1.4.4/cups/http.c
	2	--- cups-1.4.4/cups/http.c.serialize-gnutls 2010-09-17 13:37:01.858871762 +0100
	3	+++ cups-1.4.4/cups/http.c 2010-09-17 13:55:22.579871934 +0100
	4	@@ -149,7 +149,7 @@ static int http_write_ssl(http_t *http,
	5
	6	# ifdef HAVE_GNUTLS
	7	# ifdef HAVE_PTHREAD_H
	8	-GCRY_THREAD_OPTION_PTHREAD_IMPL;
	9	+static pthread_mutex_t gnutls_lock;
	10	# endif /* HAVE_PTHREAD_H */
	11
	12	# elif defined(HAVE_LIBSSL) && defined(HAVE_PTHREAD_H)
	13	@@ -1231,7 +1231,7 @@ httpInitialize(void)
	14	*/
	15
	16	# ifdef HAVE_PTHREAD_H
	17	- gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
	18	+ pthread_mutex_init(&gnutls_lock, NULL);
	19	# endif /* HAVE_PTHREAD_H */
	20
	21	/*
	22	@@ -2228,6 +2228,7 @@ _httpWait(http_t http, / I - Connect
	23	if (SSL_pending((SSL *)(http->tls)))
	24	return (1);
	25	# elif defined(HAVE_GNUTLS)
	26	+ /* lock already held here... */
	27	if (gnutls_record_check_pending(((http_tls_t *)(http->tls))->session))
	28	return (1);
	29	# elif defined(HAVE_CDSASSL)
	30	@@ -2294,6 +2295,8 @@ int /* O - 1 if data is available, 0
	31	httpWait(http_t http, / I - Connection to server */
	32	int msec) /* I - Milliseconds to wait */
	33	{
	34	+ int ret;
	35	+
	36	/*
	37	* First see if there is data in the buffer...
	38	*/
	39	@@ -2318,7 +2321,17 @@ httpWait(http_t http, / I - Connecti
	40	* If not, check the SSL/TLS buffers and do a select() on the connection...
	41	*/
	42
	43	- return (_httpWait(http, msec, 1));
	44	+#if defined(HAVE_SSL) && defined(HAVE_GNUTLS) && defined(HAVE_PTHREAD_H)
	45	+ pthread_mutex_lock(&gnutls_lock);
	46	+#endif
	47	+
	48	+ ret = _httpWait(http, msec, 1);
	49	+
	50	+#if defined(HAVE_SSL) && defined(HAVE_GNUTLS) && defined(HAVE_PTHREAD_H)
	51	+ pthread_mutex_unlock(&gnutls_lock);
	52	+#endif
	53	+
	54	+ return (ret);
	55	}
	56
	57
	58	@@ -2769,7 +2782,9 @@ http_read_ssl(http_t http, / I - Conn
	59	ssize_t result; /* Return value */
	60
	61
	62	+ pthread_mutex_lock(&gnutls_lock);
	63	result = gnutls_record_recv(((http_tls_t *)(http->tls))->session, buf, len);
	64	+ pthread_mutex_unlock(&gnutls_lock);
65
66	if (result < 0 && !errno)
67	{
68	@@ -3085,6 +3100,7 @@ http_setup_ssl(http_t http) / I - Con
69	return (-1);
70	}
71
72	+ pthread_mutex_lock(&gnutls_lock);
73	gnutls_certificate_allocate_credentials(credentials);
74
75	gnutls_init(&(conn->session), GNUTLS_CLIENT);
76	@@ -3104,9 +3120,11 @@ http_setup_ssl(http_t http) / I - Con
77	free(credentials);
78	free(conn);
79
80	+ pthread_mutex_unlock(&gnutls_lock);
81	return (-1);
82	}
83
84	+ pthread_mutex_unlock(&gnutls_lock);
85	conn->credentials = credentials;
86
87	# elif defined(HAVE_CDSASSL)
88	@@ -3196,9 +3214,11 @@ http_shutdown_ssl(http_t http) / I -
89	conn = (http_tls_t *)(http->tls);
90	credentials = (gnutls_certificate_client_credentials *)(conn->credentials);
91
92	+ pthread_mutex_lock(&gnutls_lock);
93	gnutls_bye(conn->session, GNUTLS_SHUT_RDWR);
94	gnutls_deinit(conn->session);
95	gnutls_certificate_free_credentials(*credentials);
96	+ pthread_mutex_unlock(&gnutls_lock);
97	free(credentials);
98	free(conn);
99
100	@@ -3445,7 +3465,9 @@ http_write_ssl(http_t http, / I -
101	# elif defined(HAVE_GNUTLS)
102	ssize_t result; /* Return value */
103
104	+ pthread_mutex_lock(&gnutls_lock);
105	result = gnutls_record_send(((http_tls_t *)(http->tls))->session, buf, len);
106	+ pthread_mutex_unlock(&gnutls_lock);
107
108	if (result < 0 && !errno)
109	{