pkgs/cups/patches/cups-serialize-gnutls.patch

   1 diff -up cups-1.4.4/cups/http.c.serialize-gnutls cups-1.4.4/cups/http.c
   2 --- cups-1.4.4/cups/http.c.serialize-gnutls     2010-09-17 13:37:01.858871762 +0100
   3 +++ cups-1.4.4/cups/http.c      2010-09-17 13:55:22.579871934 +0100
   4 @@ -149,7 +149,7 @@ static int          http_write_ssl(http_t *http,
   5
   6  #  ifdef HAVE_GNUTLS
   7  #    ifdef HAVE_PTHREAD_H
   8 -GCRY_THREAD_OPTION_PTHREAD_IMPL;
   9 +static pthread_mutex_t gnutls_lock;
  10  #    endif /* HAVE_PTHREAD_H */
  11
  12  #  elif defined(HAVE_LIBSSL) && defined(HAVE_PTHREAD_H)
  13 @@ -1231,7 +1231,7 @@ httpInitialize(void)
  14    */
  15
  16  #  ifdef HAVE_PTHREAD_H
  17 -  gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
  18 +  pthread_mutex_init(&gnutls_lock, NULL);
  19  #  endif /* HAVE_PTHREAD_H */
  20
  21   /*
  22 @@ -2228,6 +2228,7 @@ _httpWait(http_t *http,                   /* I - Connect
  23      if (SSL_pending((SSL *)(http->tls)))
  24        return (1);
  25  #  elif defined(HAVE_GNUTLS)
  26 +    /* lock already held here... */
  27      if (gnutls_record_check_pending(((http_tls_t *)(http->tls))->session))
  28        return (1);
  29  #  elif defined(HAVE_CDSASSL)
  30 @@ -2294,6 +2295,8 @@ int                                       /* O - 1 if data is available, 0
  31  httpWait(http_t *http,                 /* I - Connection to server */
  32           int    msec)                  /* I - Milliseconds to wait */
  33  {
  34 +  int ret;
  35 +
  36   /*
  37    * First see if there is data in the buffer...
  38    */
  39 @@ -2318,7 +2321,17 @@ httpWait(http_t *http,                   /* I - Connecti
  40    * If not, check the SSL/TLS buffers and do a select() on the connection...
  41    */
  42
  43 -  return (_httpWait(http, msec, 1));
  44 +#if defined(HAVE_SSL) && defined(HAVE_GNUTLS) && defined(HAVE_PTHREAD_H)
  45 +  pthread_mutex_lock(&gnutls_lock);
  46 +#endif
  47 +
  48 +  ret = _httpWait(http, msec, 1);
  49 +
  50 +#if defined(HAVE_SSL) && defined(HAVE_GNUTLS) && defined(HAVE_PTHREAD_H)
  51 +  pthread_mutex_unlock(&gnutls_lock);
  52 +#endif
  53 +
  54 +  return (ret);
  55  }
  56
  57
  58 @@ -2769,7 +2782,9 @@ http_read_ssl(http_t *http,               /* I - Conn
  59    ssize_t      result;                 /* Return value */
  60
  61
  62 +  pthread_mutex_lock(&gnutls_lock);
  63    result = gnutls_record_recv(((http_tls_t *)(http->tls))->session, buf, len);
  64 +  pthread_mutex_unlock(&gnutls_lock);
  65
  66    if (result < 0 && !errno)
  67    {
  68 @@ -3085,6 +3100,7 @@ http_setup_ssl(http_t *http)              /* I - Con
  69      return (-1);
  70    }
  71
  72 +  pthread_mutex_lock(&gnutls_lock);
  73    gnutls_certificate_allocate_credentials(credentials);
  74
  75    gnutls_init(&(conn->session), GNUTLS_CLIENT);
  76 @@ -3104,9 +3120,11 @@ http_setup_ssl(http_t *http)             /* I - Con
  77      free(credentials);
  78      free(conn);
  79
  80 +    pthread_mutex_unlock(&gnutls_lock);
  81      return (-1);
  82    }
  83
  84 +  pthread_mutex_unlock(&gnutls_lock);
  85    conn->credentials = credentials;
  86
  87  #  elif defined(HAVE_CDSASSL)
  88 @@ -3196,9 +3214,11 @@ http_shutdown_ssl(http_t *http)          /* I -
  89    conn = (http_tls_t *)(http->tls);
  90    credentials = (gnutls_certificate_client_credentials *)(conn->credentials);
  91
  92 +  pthread_mutex_lock(&gnutls_lock);
  93    gnutls_bye(conn->session, GNUTLS_SHUT_RDWR);
  94    gnutls_deinit(conn->session);
  95    gnutls_certificate_free_credentials(*credentials);
  96 +  pthread_mutex_unlock(&gnutls_lock);
  97    free(credentials);
  98    free(conn);
  99
 100 @@ -3445,7 +3465,9 @@ http_write_ssl(http_t     *http,  /* I -
 101  #  elif defined(HAVE_GNUTLS)
 102    ssize_t      result;                 /* Return value */
 103
 104 +  pthread_mutex_lock(&gnutls_lock);
 105    result = gnutls_record_send(((http_tls_t *)(http->tls))->session, buf, len);
 106 +  pthread_mutex_unlock(&gnutls_lock);
 107
 108    if (result < 0 && !errno)
 109    {