rpms/globus-openssl-module/F-12 globus-openssl-module-oid.patch, NONE, 1.1 globus-openssl-module.spec, 1.6, 1.7 import.log, 1.4, 1.5

Mattias Ellert ellert at fedoraproject.org
Sat Jun 5 16:09:47 UTC 2010 

Author: ellert

Update of /cvs/pkgs/rpms/globus-openssl-module/F-12
In directory cvs01.phx2.fedoraproject.org:/tmp/cvs-serv12994/F-12

Modified Files:
	globus-openssl-module.spec import.log 
Added Files:
	globus-openssl-module-oid.patch 
Log Message:
* Mon May 31 2010 Mattias Ellert <mattias.ellert at fysast.uu.se> - 1.2-2
- Fix OID registration pollution


globus-openssl-module-oid.patch:
 globus_openssl.c |   99 ++++++++++++++++++++++++++++++++++++++-----------------
 1 file changed, 69 insertions(+), 30 deletions(-)

--- NEW FILE globus-openssl-module-oid.patch ---
diff -dur globus_openssl_module-1.2.orig/library/globus_openssl.c globus_openssl_module-1.2/library/globus_openssl.c
--- globus_openssl_module-1.2.orig/library/globus_openssl.c	2010-01-29 21:09:32.000000000 +0100
+++ globus_openssl_module-1.2/library/globus_openssl.c	2010-06-02 12:40:54.537121665 +0200
@@ -86,41 +86,74 @@
         globus_mutex_init(&(mutex_pool[i]),NULL);
     }
 
-    CRYPTO_set_locking_callback(globus_l_openssl_locking_cb);
-    CRYPTO_set_id_callback(globus_l_openssl_thread_id);
+    if (!CRYPTO_get_locking_callback())
+    {
+        CRYPTO_set_locking_callback(globus_l_openssl_locking_cb);
+    }
+    if (!CRYPTO_get_id_callback())
+    {
+        CRYPTO_set_id_callback(globus_l_openssl_thread_id);
+    }
 
-    OBJ_create(ANY_LANGUAGE_OID,
-               ANY_LANGUAGE_SN,
-               ANY_LANGUAGE_LN);
+    if (OBJ_txt2nid(ANY_LANGUAGE_OID) == 0)
+    {
+        OBJ_create(ANY_LANGUAGE_OID,
+                   ANY_LANGUAGE_SN,
+                   ANY_LANGUAGE_LN);
+    }
 
-    OBJ_create(IMPERSONATION_PROXY_OID,
-               IMPERSONATION_PROXY_SN,
-               IMPERSONATION_PROXY_LN);
+    if (OBJ_txt2nid(IMPERSONATION_PROXY_OID) == 0)
+    {
+        OBJ_create(IMPERSONATION_PROXY_OID,
+                   IMPERSONATION_PROXY_SN,
+                   IMPERSONATION_PROXY_LN);
+    }
 
-    OBJ_create(INDEPENDENT_PROXY_OID,
-               INDEPENDENT_PROXY_SN,
-               INDEPENDENT_PROXY_LN);
+    if (OBJ_txt2nid(INDEPENDENT_PROXY_OID) == 0)
+    {
+        OBJ_create(INDEPENDENT_PROXY_OID,
+                   INDEPENDENT_PROXY_SN,
+                   INDEPENDENT_PROXY_LN);
+    }
 
-    OBJ_create(LIMITED_PROXY_OID,
-               LIMITED_PROXY_SN,
-               LIMITED_PROXY_LN);
-    
-    pci_NID = OBJ_create(PROXYCERTINFO_OID,PROXYCERTINFO_SN,PROXYCERTINFO_LN);
+    if (OBJ_txt2nid(LIMITED_PROXY_OID) == 0)
+    {
+        OBJ_create(LIMITED_PROXY_OID,
+                   LIMITED_PROXY_SN,
+                   LIMITED_PROXY_LN);
+    }
 
-    pci_old_NID = OBJ_create(PROXYCERTINFO_OLD_OID,
-                             PROXYCERTINFO_OLD_SN,
-                             PROXYCERTINFO_OLD_LN);
+    pci_NID = OBJ_txt2nid(PROXYCERTINFO_OID);
+    if (pci_NID == 0)
+    {
+        pci_NID = OBJ_create(PROXYCERTINFO_OID,
+                             PROXYCERTINFO_SN,
+                             PROXYCERTINFO_LN);
+    }
 
-    pci_x509v3_ext_meth = PROXYCERTINFO_x509v3_ext_meth();
-    pci_old_x509v3_ext_meth = PROXYCERTINFO_OLD_x509v3_ext_meth();
+    pci_old_NID = OBJ_txt2nid(PROXYCERTINFO_OLD_OID);
+    if (pci_old_NID == 0)
+    {
+        pci_old_NID = OBJ_create(PROXYCERTINFO_OLD_OID,
+                                 PROXYCERTINFO_OLD_SN,
+                                 PROXYCERTINFO_OLD_LN);
+    }
 
     /* this sets the pci NID in the static X509V3_EXT_METHOD struct */
-    pci_x509v3_ext_meth->ext_nid = pci_NID;
-    pci_old_x509v3_ext_meth->ext_nid = pci_old_NID;
-    
-    X509V3_EXT_add(pci_x509v3_ext_meth);
-    X509V3_EXT_add(pci_old_x509v3_ext_meth);
-    
+    if (X509V3_EXT_get_nid(pci_NID) == NULL)
+    {
+        pci_x509v3_ext_meth = PROXYCERTINFO_x509v3_ext_meth();
+        pci_x509v3_ext_meth->ext_nid = pci_NID;
+        X509V3_EXT_add(pci_x509v3_ext_meth);
+    }
+
+    if (X509V3_EXT_get_nid(pci_old_NID) == NULL)
+    {
+        pci_old_x509v3_ext_meth = PROXYCERTINFO_OLD_x509v3_ext_meth();
+        pci_old_x509v3_ext_meth->ext_nid = pci_old_NID;
+        X509V3_EXT_add(pci_old_x509v3_ext_meth);
+    }
+
     return GLOBUS_SUCCESS;
 }
 /* globus_l_openssl_activate() */
@@ -140,9 +173,15 @@
     ERR_clear_error();
 
     X509V3_EXT_cleanup();
-    
-    CRYPTO_set_id_callback(NULL);
-    CRYPTO_set_locking_callback(NULL);
+
+    if (CRYPTO_get_id_callback() == globus_l_openssl_thread_id)
+    {
+        CRYPTO_set_id_callback(NULL);
+    }
+    if (CRYPTO_get_locking_callback() == globus_l_openssl_locking_cb)
+    {
+        CRYPTO_set_locking_callback(NULL);
+    }
 
     for (i=0; i<CRYPTO_num_locks(); i++)
     {


Index: globus-openssl-module.spec
===================================================================
RCS file: /cvs/pkgs/rpms/globus-openssl-module/F-12/globus-openssl-module.spec,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -p -r1.6 -r1.7
--- globus-openssl-module.spec	16 Apr 2010 14:43:06 -0000	1.6
+++ globus-openssl-module.spec	5 Jun 2010 16:09:46 -0000	1.7
@@ -7,7 +7,7 @@
 Name:		globus-openssl-module
 %global _name %(tr - _ <<< %{name})
 Version:	1.2
-Release:	1%{?dist}
+Release:	2%{?dist}
 Summary:	Globus Toolkit - Globus OpenSSL Module Wrapper
 
 Group:		System Environment/Libraries
@@ -26,6 +26,9 @@ Source9:	epstopdf-2.9.5gw
 #		Fixes for mingw compilation:
 #		http://bugzilla.globus.org/bugzilla/show_bug.cgi?id=6742
 Patch0:		%{name}-mingw.patch
+#		Fix duplicate OID registrations:
+#		http://bugzilla.globus.org/bugzilla/show_bug.cgi?id=7032
+Patch1:		%{name}-oid.patch
 BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
 Requires:	globus-openssl%{?_isa} >= 1
@@ -95,6 +98,7 @@ Globus OpenSSL Module Wrapper Documentat
 %prep
 %setup -q -n %{_name}-%{version}
 %patch0 -p1
+%patch1 -p1
 
 %if "%{rhel}" == "5"
 mkdir bin
@@ -196,6 +200,9 @@ rm -rf $RPM_BUILD_ROOT
 %dir %{_docdir}/%{name}-%{version}/html
 
 %changelog
+* Mon May 31 2010 Mattias Ellert <mattias.ellert at fysast.uu.se> - 1.2-2
+- Fix OID registration pollution
+
 * Tue Apr 13 2010 Mattias Ellert <mattias.ellert at fysast.uu.se> - 1.2-1
 - Update to Globus Toolkit 5.0.1
 - Drop patch globus-openssl-module-sslinit.patch (fixed upstream)


Index: import.log
===================================================================
RCS file: /cvs/pkgs/rpms/globus-openssl-module/F-12/import.log,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -p -r1.4 -r1.5
--- import.log	16 Apr 2010 14:43:06 -0000	1.4
+++ import.log	5 Jun 2010 16:09:46 -0000	1.5
@@ -2,3 +2,4 @@ globus-openssl-module-0_6-1_fc9:HEAD:glo
 globus-openssl-module-0_6-2_fc9:HEAD:globus-openssl-module-0.6-2.fc9.src.rpm:1245083235
 globus-openssl-module-1_1-1_fc12:F-12:globus-openssl-module-1.1-1.fc12.src.rpm:1265701085
 globus-openssl-module-1_2-1_fc12:F-12:globus-openssl-module-1.2-1.fc12.src.rpm:1271428969
+globus-openssl-module-1_2-2_fc12:F-12:globus-openssl-module-1.2-2.fc12.src.rpm:1275754171

More information about the scm-commits mailing list