Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
---|---|---|---|---|---|---|
0001-Issue-548-Don-t-clean-up-engines-after-OpenSSL-has-a.patch | Issue #548: Don't clean up engines after OpenSSL has already shut down As of 1.1.0, OpenSSL registers its own atexit() handler to call OPENSSL_cleanup(). If our own code subsequently tries to, for example, unreference an ENGINE, then it'll crash or deadlock with a use after free. Fix it by registering a callback with OPENSSL_atexit() to be called when OPENSSL_cleanup() is called. It sets a flag which prevents any further touching of OpenSSL objects — which would otherwise happen fairly much immediately thereafter when our own OSSLCryptoFactory destructor gets called by the C++ runtime's own atexit() handler. |
David Woodhouse <dwmw2@infradead.org> | no | 2020-05-04 | ||
0002-Fix-OPENSSL_cleanup-detection-without-using-our-own-.patch | Fix OPENSSL_cleanup() detection without using our own atexit() handler We can't register our own atexit() or OPENSSL_atexit() handler because there's no way to unregister it when the SoftHSM DSO is unloaded. This causes the crash reported at https://bugzilla.redhat.com/1831086#c8 Instead of using that method to set a flag showing that OPENSSL_cleanup() has occurred, instead test directly by calling OPENSSL_init_crypto() for something that *would* do nothing, but will fail if OPENSSL_cleanup() has indeed been run already. has already shut down" |
David Woodhouse <dwmw2@infradead.org> | no | 2020-05-13 |