diff --git a/pyOpenSSL-0.7-threadsafe.patch b/pyOpenSSL-0.7-threadsafe.patch deleted file mode 100644 index 53ce1af..0000000 --- a/pyOpenSSL-0.7-threadsafe.patch +++ /dev/null @@ -1,135 +0,0 @@ ---- pyOpenSSL-0.7/src/ssl/context.c 2008-03-21 22:34:42.000000000 +0000 -+++ pyOpenSSL-0.7/src/ssl/context-new.c 2008-09-15 23:58:23.000000000 +0100 -@@ -64,39 +64,34 @@ - static int - global_passphrase_callback(char *buf, int maxlen, int verify, void *arg) - { -- int len; -+ int len = 0; - char *str; - PyObject *argv, *ret = NULL; - ssl_ContextObj *ctx = (ssl_ContextObj *)arg; - -+ if (!ctx->tstate) -+ fprintf (stderr, "ERROR: ctx->tstate == NULL!\n"); -+ MY_END_ALLOW_THREADS(ctx->tstate); -+ - /* The Python callback is called with a (maxlen,verify,userdata) tuple */ - argv = Py_BuildValue("(iiO)", maxlen, verify, ctx->passphrase_userdata); -- if (ctx->tstate != NULL) -- { -- /* We need to get back our thread state before calling the callback */ -- MY_END_ALLOW_THREADS(ctx->tstate); -- ret = PyEval_CallObject(ctx->passphrase_callback, argv); -- MY_BEGIN_ALLOW_THREADS(ctx->tstate); -- } -- else -- { -- ret = PyEval_CallObject(ctx->passphrase_callback, argv); -- } -+ -+ ret = PyEval_CallObject(ctx->passphrase_callback, argv); - Py_DECREF(argv); - - if (ret == NULL) -- return 0; -+ goto out; - - if (!PyObject_IsTrue(ret)) - { - Py_DECREF(ret); -- return 0; -+ goto out; - } - - if (!PyString_Check(ret)) - { - Py_DECREF(ret); -- return 0; -+ goto out; - } - - len = PyString_Size(ret); -@@ -107,6 +102,8 @@ - strncpy(buf, str, len); - Py_XDECREF(ret); - -+out: -+ MY_BEGIN_ALLOW_THREADS(ctx->tstate); - return len; - } - -@@ -126,7 +123,7 @@ - SSL *ssl; - ssl_ConnectionObj *conn; - crypto_X509Obj *cert; -- int errnum, errdepth, c_ret, use_thread_state; -+ int errnum, errdepth, c_ret = 0, use_thread_state; - - // Get Connection object to check thread state - ssl = (SSL *)X509_STORE_CTX_get_app_data(x509_ctx); -@@ -136,10 +133,15 @@ - if (use_thread_state) - MY_END_ALLOW_THREADS(conn->tstate); - -- cert = crypto_X509_New(X509_STORE_CTX_get_current_cert(x509_ctx), 0); - errnum = X509_STORE_CTX_get_error(x509_ctx); - errdepth = X509_STORE_CTX_get_error_depth(x509_ctx); - -+ if (!conn->tstate) -+ fprintf (stderr, "ERROR: ctx->tstate == NULL!\n"); -+ MY_END_ALLOW_THREADS(conn->tstate); -+ -+ cert = crypto_X509_New(X509_STORE_CTX_get_current_cert(x509_ctx), 0); -+ - argv = Py_BuildValue("(OOiii)", (PyObject *)conn, (PyObject *)cert, - errnum, errdepth, ok); - Py_DECREF(cert); -@@ -173,28 +175,19 @@ - ssl_ConnectionObj *conn = (ssl_ConnectionObj *)SSL_get_app_data(ssl); - PyObject *argv, *ret; - -+ if (!conn->tstate) -+ fprintf (stderr, "ERROR: ctx->tstate == NULL!\n"); -+ MY_END_ALLOW_THREADS(conn->tstate); -+ - argv = Py_BuildValue("(Oii)", (PyObject *)conn, where, _ret); -- if (conn->tstate != NULL) -- { -- /* We need to get back our thread state before calling the callback */ -- MY_END_ALLOW_THREADS(conn->tstate); -- ret = PyEval_CallObject(conn->context->info_callback, argv); -- if (ret == NULL) -- PyErr_Clear(); -- else -- Py_DECREF(ret); -- MY_BEGIN_ALLOW_THREADS(conn->tstate); -- } -+ ret = PyEval_CallObject(conn->context->info_callback, argv); -+ if (ret == NULL) -+ PyErr_Clear(); - else -- { -- ret = PyEval_CallObject(conn->context->info_callback, argv); -- if (ret == NULL) -- PyErr_Clear(); -- else -- Py_DECREF(ret); -- } -+ Py_DECREF(ret); - Py_DECREF(argv); - -+ MY_BEGIN_ALLOW_THREADS(conn->tstate); - return; - } - -@@ -447,6 +440,9 @@ - if (!PyArg_ParseTuple(args, "s|i:use_privatekey_file", &keyfile, &filetype)) - return NULL; - -+ if (self->tstate) -+ fprintf (stderr, "ERROR: ctx->tstate != NULL!\n"); -+ - MY_BEGIN_ALLOW_THREADS(self->tstate); - ret = SSL_CTX_use_PrivateKey_file(self->ctx, keyfile, filetype); - MY_END_ALLOW_THREADS(self->tstate); diff --git a/pyOpenSSL-threadsafe.patch b/pyOpenSSL-threadsafe.patch index 98c3068..1d8e3e3 100644 --- a/pyOpenSSL-threadsafe.patch +++ b/pyOpenSSL-threadsafe.patch @@ -1,88 +1,197 @@ ---- pyOpenSSL-0.6/src/crypto/crypto.c.threadsafe 2004-08-09 10:56:05.000000000 -0400 -+++ pyOpenSSL-0.6/src/crypto/crypto.c 2005-07-12 22:29:32.000000000 -0400 -@@ -668,6 +668,74 @@ - { NULL, NULL } - }; - +diff -Nur pyOpenSSL-0.7-bad/src/crypto/crypto.c pyOpenSSL-0.7/src/crypto/crypto.c +--- pyOpenSSL-0.7-bad/src/crypto/crypto.c 2008-03-21 17:34:42.000000000 -0500 ++++ pyOpenSSL-0.7/src/crypto/crypto.c 2008-09-19 17:22:12.000000000 -0500 + -694,6 +694,74 @@ + { NULL, NULL } + }; + ++ ++#ifdef WITH_THREAD ++ ++#include ++ ++#define MUTEX_TYPE pthread_mutex_t ++#define MUTEX_SETUP(x) pthread_mutex_init(&(x), NULL) ++#define MUTEX_CLEANUP(x) pthread_mutex_destroy(&(x)) ++#define MUTEX_LOCK(x) pthread_mutex_lock(&(x)) ++#define MUTEX_UNLOCK(x) pthread_mutex_unlock(&(x)) ++#define THREAD_ID pthread_self() ++ ++void handle_error(const char *file, int lineno, const char *msg) ++{ ++ fprintf(stderr, "** %s:%i %s\n", file, lineno, msg); ++ ERR_print_errors_fp(stderr); ++} ++ ++ ++/* This array will store all of the mutexes available to OpenSSL. */ ++static MUTEX_TYPE *mutex_buf = NULL; ++ ++ ++static void locking_function(int mode, int n, const char * file, int line) ++{ ++ if (mode & CRYPTO_LOCK) ++ MUTEX_LOCK(mutex_buf[n]); ++ else ++ MUTEX_UNLOCK(mutex_buf[n]); ++} ++ ++static unsigned long id_function(void) ++{ ++ return ((unsigned long)THREAD_ID); ++} ++ ++int init_openssl_threads(void) ++{ ++ int i; ++ ++ mutex_buf = (MUTEX_TYPE *)malloc(CRYPTO_num_locks() * sizeof(MUTEX_TYPE)); ++ if (!mutex_buf) ++ return 0; ++ for (i = 0; i < CRYPTO_num_locks(); i++) ++ MUTEX_SETUP(mutex_buf[i]); ++ CRYPTO_set_id_callback(id_function); ++ CRYPTO_set_locking_callback(locking_function); ++ return 1; ++} ++ ++int deinit_openssl_threads(void) ++{ ++ int i; ++ ++ if (!mutex_buf) ++ return 0; ++ CRYPTO_set_id_callback(NULL); ++ CRYPTO_set_locking_callback(NULL); ++ for (i = 0; i < CRYPTO_num_locks(); i++) ++ MUTEX_CLEANUP(mutex_buf[i]); ++ free(mutex_buf); ++ mutex_buf = NULL; ++ return 1; ++} ++ ++#endif ++ ++ + /* + * Initialize crypto sub module + * + -739,6 +807,10 @@ + PyModule_AddIntConstant(module, "TYPE_DSA", crypto_TYPE_DSA); + + dict = PyModule_GetDict(module); ++#ifdef WITH_THREAD ++ if (!init_openssl_threads()) ++ goto error; ++#endif + if (!init_crypto_x509(dict)) + goto error; + if (!init_crypto_x509name(dict)) +diff -Nur pyOpenSSL-0.7-bad/src/ssl/context.c pyOpenSSL-0.7/src/ssl/context.c +--- pyOpenSSL-0.7-bad/src/ssl/context.c 2008-03-21 17:34:42.000000000 -0500 ++++ pyOpenSSL-0.7/src/ssl/context.c 2008-09-19 17:22:12.000000000 -0500 + -64,39 +64,33 @@ + static int + global_passphrase_callback(char *buf, int maxlen, int verify, void *arg) + { +- int len; ++ int len = 0; + char *str; + PyObject *argv, *ret = NULL; + ssl_ContextObj *ctx = (ssl_ContextObj *)arg; + ++ if (!ctx->tstate) ++ fprintf (stderr, "ERROR: ctx->tstate == NULL!\n"); ++ MY_END_ALLOW_THREADS(ctx->tstate); ++ + /* The Python callback is called with a (maxlen,verify,userdata) tuple */ + argv = Py_BuildValue("(iiO)", maxlen, verify, ctx->passphrase_userdata); +- if (ctx->tstate != NULL) +- { +- /* We need to get back our thread state before calling the callback */ +- MY_END_ALLOW_THREADS(ctx->tstate); +- ret = PyEval_CallObject(ctx->passphrase_callback, argv); +- MY_BEGIN_ALLOW_THREADS(ctx->tstate); +- } +- else +- { +- ret = PyEval_CallObject(ctx->passphrase_callback, argv); +- } ++ ret = PyEval_CallObject(ctx->passphrase_callback, argv); + Py_DECREF(argv); + + if (ret == NULL) +- return 0; ++ goto out; + + if (!PyObject_IsTrue(ret)) + { + Py_DECREF(ret); +- return 0; ++ goto out; + } + + if (!PyString_Check(ret)) + { + Py_DECREF(ret); +- return 0; ++ goto out; + } + + len = PyString_Size(ret); + -107,6 +101,8 @@ + strncpy(buf, str, len); + Py_XDECREF(ret); + ++out: ++ MY_BEGIN_ALLOW_THREADS(ctx->tstate); + return len; + } + + -173,28 +169,19 @@ + ssl_ConnectionObj *conn = (ssl_ConnectionObj *)SSL_get_app_data(ssl); + PyObject *argv, *ret; + ++ if (!conn->tstate) ++ fprintf (stderr, "ERROR: ctx->tstate == NULL!\n"); ++ MY_END_ALLOW_THREADS(conn->tstate); + -+#ifdef WITH_THREAD -+ -+#include -+ -+#define MUTEX_TYPE pthread_mutex_t -+#define MUTEX_SETUP(x) pthread_mutex_init(&(x), NULL) -+#define MUTEX_CLEANUP(x) pthread_mutex_destroy(&(x)) -+#define MUTEX_LOCK(x) pthread_mutex_lock(&(x)) -+#define MUTEX_UNLOCK(x) pthread_mutex_unlock(&(x)) -+#define THREAD_ID pthread_self() -+ -+void handle_error(const char *file, int lineno, const char *msg) -+{ -+ fprintf(stderr, "** %s:%i %s\n", file, lineno, msg); -+ ERR_print_errors_fp(stderr); -+} -+ -+ -+/* This array will store all of the mutexes available to OpenSSL. */ -+static MUTEX_TYPE *mutex_buf = NULL; -+ -+ -+static void locking_function(int mode, int n, const char * file, int line) -+{ -+ if (mode & CRYPTO_LOCK) -+ MUTEX_LOCK(mutex_buf[n]); -+ else -+ MUTEX_UNLOCK(mutex_buf[n]); -+} -+ -+static unsigned long id_function(void) -+{ -+ return ((unsigned long)THREAD_ID); -+} -+ -+int init_openssl_threads(void) -+{ -+ int i; -+ -+ mutex_buf = (MUTEX_TYPE *)malloc(CRYPTO_num_locks() * sizeof(MUTEX_TYPE)); -+ if (!mutex_buf) -+ return 0; -+ for (i = 0; i < CRYPTO_num_locks(); i++) -+ MUTEX_SETUP(mutex_buf[i]); -+ CRYPTO_set_id_callback(id_function); -+ CRYPTO_set_locking_callback(locking_function); -+ return 1; -+} -+ -+int deinit_openssl_threads(void) -+{ -+ int i; -+ -+ if (!mutex_buf) -+ return 0; -+ CRYPTO_set_id_callback(NULL); -+ CRYPTO_set_locking_callback(NULL); -+ for (i = 0; i < CRYPTO_num_locks(); i++) -+ MUTEX_CLEANUP(mutex_buf[i]); -+ free(mutex_buf); -+ mutex_buf = NULL; -+ return 1; -+} -+ -+#endif -+ -+ - /* - * Initialize crypto sub module - * -@@ -713,6 +779,10 @@ - PyModule_AddIntConstant(module, "TYPE_DSA", crypto_TYPE_DSA); - - dict = PyModule_GetDict(module); -+#ifdef WITH_THREAD -+ if (!init_openssl_threads()) -+ goto error; -+#endif - if (!init_crypto_x509(dict)) - goto error; - if (!init_crypto_x509name(dict)) + argv = Py_BuildValue("(Oii)", (PyObject *)conn, where, _ret); +- if (conn->tstate != NULL) +- { +- /* We need to get back our thread state before calling the callback */ +- MY_END_ALLOW_THREADS(conn->tstate); +- ret = PyEval_CallObject(conn->context->info_callback, argv); +- if (ret == NULL) +- PyErr_Clear(); +- else +- Py_DECREF(ret); +- MY_BEGIN_ALLOW_THREADS(conn->tstate); +- } ++ ret = PyEval_CallObject(conn->context->info_callback, argv); ++ if (ret == NULL) ++ PyErr_Clear(); + else +- { +- ret = PyEval_CallObject(conn->context->info_callback, argv); +- if (ret == NULL) +- PyErr_Clear(); +- else +- Py_DECREF(ret); +- } ++ Py_DECREF(ret); + Py_DECREF(argv); + ++ MY_BEGIN_ALLOW_THREADS(conn->tstate); + return; + } + + -447,6 +434,8 @@ + if (!PyArg_ParseTuple(args, "s|i:use_privatekey_file", &keyfile, &filetype)) + return NULL; + ++ if (self->tstate) ++ fprintf (stderr, "ERROR: ctx->tstate != NULL!\n"); + MY_BEGIN_ALLOW_THREADS(self->tstate); + ret = SSL_CTX_use_PrivateKey_file(self->ctx, keyfile, filetype); + MY_END_ALLOW_THREADS(self->tstate); diff --git a/pyOpenSSL.spec b/pyOpenSSL.spec index 83226a3..e1604d3 100644 --- a/pyOpenSSL.spec +++ b/pyOpenSSL.spec @@ -3,13 +3,12 @@ Summary: Python wrapper module around the OpenSSL library Name: pyOpenSSL Version: 0.7 -Release: 1%{?dist} +Release: 2%{?dist} Source0: http://pyopenssl.sf.net/%{name}-%{version}.tar.gz Patch0: pyOpenSSL-0.7-openssl.patch Patch2: pyOpenSSL-elinks.patch Patch3: pyOpenSSL-nopdfout.patch Patch4: pyOpenSSL-threadsafe.patch -Patch5: pyOpenSSL-0.7-threadsafe.patch License: LGPLv2+ Group: Development/Libraries BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX) @@ -31,7 +30,6 @@ High-level wrapper around a subset of the OpenSSL library, includes %patch2 -p1 -b .elinks %patch3 -p1 -b .nopdfout %patch4 -p1 -b .threadsafe -%patch5 -p1 -b .threadsafe # Fix permissions for debuginfo package %{__chmod} -x src/ssl/connection.c @@ -55,6 +53,10 @@ CFLAGS="%{optflags}" %{__python} setup.py build %{python_sitearch}/%{name}*.egg-info %changelog +* Fri Sep 19 2008 Dennis Gilmore - 0.7-2 +- update threadsafe patch +- bug#462807 + * Mon Sep 15 2008 Paul F. Johnson 0.7-1 - bump to new release - the inevitable patch fixes