File openssl-1.1.1-fips-fix-memory-leaks.patch of Package openssl-1_1

Overview Repositories Revisions Requests Users Attributes Meta

File openssl-1.1.1-fips-fix-memory-leaks.patch of Package openssl-1_1

--- a/crypto/fips/fips.c
+++ b/crypto/fips/fips.c
@@ -93,6 +93,14 @@ DEFINE_RUN_ONCE_STATIC(do_fips_lock_init
     return fips_lock != NULL && fips_owning_lock != NULL;
 }
 
+void FIPS_owning_thread_lock_cleanup(void)
+{
+    CRYPTO_THREAD_lock_free(fips_lock);
+    fips_lock = NULL;
+    CRYPTO_THREAD_lock_free(fips_owning_lock);
+    fips_owning_lock = NULL;
+}
+
 # define fips_w_lock()   CRYPTO_THREAD_write_lock(fips_lock)
 # define fips_w_unlock() CRYPTO_THREAD_unlock(fips_lock)
 # define fips_r_lock()   CRYPTO_THREAD_read_lock(fips_lock)
--- a/crypto/fips/fips_drbg_rand.c
+++ b/crypto/fips/fips_drbg_rand.c
@@ -84,6 +84,12 @@ DRBG_CTX *FIPS_get_default_drbg(void)
     return &ossl_dctx;
 }
 
+void FIPS_drbg_lock_cleanup(void)
+{
+    CRYPTO_THREAD_lock_free(fips_rand_lock);
+    fips_rand_lock = NULL;
+}
+
 static int fips_drbg_bytes(unsigned char *out, int count)
 {
     DRBG_CTX *dctx = &ossl_dctx;
--- a/crypto/init.c
+++ b/crypto/init.c
@@ -28,6 +28,8 @@
 #include "internal/dso.h"
 #include "crypto/store.h"
 #include "openssl/fips.h"
+#include "openssl/fips_rand.h"
+#include "crypto/fips.h"
 
 static int stopped = 0;
 
@@ -600,6 +602,8 @@ void OPENSSL_cleanup(void)
     conf_modules_free_int();
 #ifdef OPENSSL_FIPS
     FIPS_entropy_cleanup();
+    FIPS_drbg_lock_cleanup();
+    FIPS_owning_thread_lock_cleanup();
 #endif
 #ifndef OPENSSL_NO_ENGINE
     engine_cleanup_int();
--- a/include/crypto/fips.h
+++ b/include/crypto/fips.h
@@ -56,6 +56,7 @@
 
 #ifdef OPENSSL_FIPS
 
+void FIPS_owning_thread_lock_cleanup(void);
 int FIPS_module_mode_set(int onoff);
 int FIPS_module_mode(void);
 int FIPS_module_installed(void);
--- a/include/openssl/fips_rand.h
+++ b/include/openssl/fips_rand.h
@@ -125,6 +125,7 @@ extern "C" {
 
     DRBG_CTX *FIPS_get_default_drbg(void);
     const RAND_METHOD *FIPS_drbg_method(void);
+    void FIPS_drbg_lock_cleanup(void);
 
     int FIPS_rand_set_method(const RAND_METHOD *meth);
     const RAND_METHOD *FIPS_rand_get_method(void);

xxxxxxxxxx
 
---
 crypto/fips/fips.c           |    8 ++++++++
 crypto/fips/fips_drbg_rand.c |    6 ++++++
 crypto/init.c                |    4 ++++
 include/crypto/fips.h        |    1 +
 include/openssl/fips_rand.h  |    1 +
 5 files changed, 20 insertions(+)
​
--- a/crypto/fips/fips.c
+++ b/crypto/fips/fips.c
@@ -93,6 +93,14 @@ DEFINE_RUN_ONCE_STATIC(do_fips_lock_init
     return fips_lock != NULL && fips_owning_lock != NULL;
 }
 
+void FIPS_owning_thread_lock_cleanup(void)
+{
+    CRYPTO_THREAD_lock_free(fips_lock);
+    fips_lock = NULL;
+    CRYPTO_THREAD_lock_free(fips_owning_lock);
+    fips_owning_lock = NULL;
+}
+
 # define fips_w_lock()   CRYPTO_THREAD_write_lock(fips_lock)
 # define fips_w_unlock() CRYPTO_THREAD_unlock(fips_lock)
 # define fips_r_lock()   CRYPTO_THREAD_read_lock(fips_lock)
--- a/crypto/fips/fips_drbg_rand.c
+++ b/crypto/fips/fips_drbg_rand.c
@@ -84,6 +84,12 @@ DRBG_CTX *FIPS_get_default_drbg(void)
     return &ossl_dctx;
 }
 
+void FIPS_drbg_lock_cleanup(void)
+{
+    CRYPTO_THREAD_lock_free(fips_rand_lock);
+    fips_rand_lock = NULL;
+}
+
 static int fips_drbg_bytes(unsigned char *out, int count)
 {
     DRBG_CTX *dctx = &ossl_dctx;
--- a/crypto/init.c
+++ b/crypto/init.c
@@ -28,6 +28,8 @@
 #include "internal/dso.h"
 #include "crypto/store.h"
 #include "openssl/fips.h"
+#include "openssl/fips_rand.h"
+#include "crypto/fips.h"
 
 static int stopped = 0;
 
@@ -600,6 +602,8 @@ void OPENSSL_cleanup(void)
     conf_modules_free_int();
 #ifdef OPENSSL_FIPS
     FIPS_entropy_cleanup();
+    FIPS_drbg_lock_cleanup();
+    FIPS_owning_thread_lock_cleanup();
 #endif
 #ifndef OPENSSL_NO_ENGINE
     engine_cleanup_int();
--- a/include/crypto/fips.h
+++ b/include/crypto/fips.h
@@ -56,6 +56,7 @@
 
 #ifdef OPENSSL_FIPS
 
+void FIPS_owning_thread_lock_cleanup(void);
 int FIPS_module_mode_set(int onoff);
 int FIPS_module_mode(void);
 int FIPS_module_installed(void);
--- a/include/openssl/fips_rand.h
+++ b/include/openssl/fips_rand.h
@@ -125,6 +125,7 @@ extern "C" {
 
     DRBG_CTX *FIPS_get_default_drbg(void);
     const RAND_METHOD *FIPS_drbg_method(void);
+    void FIPS_drbg_lock_cleanup(void);
 
     int FIPS_rand_set_method(const RAND_METHOD *meth);
     const RAND_METHOD *FIPS_rand_get_method(void);
​

Places

File openssl-1.1.1-fips-fix-memory-leaks.patch of Package openssl-1_1

Places