| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| 0001-Issue-548-Don-t-clean-up-engines-after-OpenSSL-has-a.patch | Issue #548: Don't clean up engines after OpenSSL has already shut down As of 1.1.0, OpenSSL registers its own atexit() handler to call OPENSSL_cleanup(). If our own code subsequently tries to, for example, unreference an ENGINE, then it'll crash or deadlock with a use after free. Fix it by registering a callback with OPENSSL_atexit() to be called when OPENSSL_cleanup() is called. It sets a flag which prevents any further touching of OpenSSL objects — which would otherwise happen fairly much immediately thereafter when our own OSSLCryptoFactory destructor gets called by the C++ runtime's own atexit() handler. |
David Woodhouse <dwmw2@infradead.org> | no | 2020-05-04 | ||
| 0002-Fix-OPENSSL_cleanup-detection-without-using-our-own-.patch | Fix OPENSSL_cleanup() detection without using our own atexit() handler We can't register our own atexit() or OPENSSL_atexit() handler because there's no way to unregister it when the SoftHSM DSO is unloaded. This causes the crash reported at https://bugzilla.redhat.com/1831086#c8 Instead of using that method to set a flag showing that OPENSSL_cleanup() has occurred, instead test directly by calling OPENSSL_init_crypto() for something that *would* do nothing, but will fail if OPENSSL_cleanup() has indeed been run already. has already shut down" |
David Woodhouse <dwmw2@infradead.org> | no | 2020-05-13 | ||
| 0003-fix-ftbfs-with-opensslv3.patch | [PATCH 1/4] openssl 3.0: Run DES tests only if OpenSSL allows it OpenSSL 3.0 moves DES into a legacy provider which has to be loaded explicitly. By default, it will not be loaded and DES methods in tests will fail. Nest test blocks under successful initialization. |
Alexander Bokovoy <abokovoy@redhat.com> | no | 2021-05-26 |