--- a/components/openssl/openssl-1.0.1/patches/29_fork_safe.patch Wed May 27 12:25:12 2015 -0700
+++ b/components/openssl/openssl-1.0.1/patches/29_fork_safe.patch Wed May 27 16:32:47 2015 -0700
@@ -1,6 +1,7 @@
#
# This file adds the code to setup internal mutexes and callback function.
# PSARC/2014/077
+# PSARC/2015/043
# This change was implemented in-house. The issue was brought up to
# the upstream engineers, but there was no commitment.
#
@@ -23,7 +24,43 @@
static void (MS_FAR *locking_callback) (int mode, int type,
const char *file, int line) = 0;
static int (MS_FAR *add_lock_callback) (int *pointer, int amount,
-@@ -402,6 +405,79 @@
+@@ -373,7 +376,10 @@
+ void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *(*func)
+ (const char *file, int line))
+ {
+- dynlock_create_callback = func;
++ /*
++ * we now setup our own dynamic locking callback, and disallow
++ * setting of another locking callback.
++ */
+ }
+
+ void CRYPTO_set_dynlock_lock_callback(void (*func) (int mode,
+@@ -382,7 +388,10 @@
+ const char *file,
+ int line))
+ {
+- dynlock_lock_callback = func;
++ /*
++ * we now setup our own dynamic locking callback, and disallow
++ * setting of another locking callback.
++ */
+ }
+
+ void CRYPTO_set_dynlock_destroy_callback(void (*func)
+@@ -389,7 +398,10 @@
+ (struct CRYPTO_dynlock_value *l,
+ const char *file, int line))
+ {
+- dynlock_destroy_callback = func;
++ /*
++ * we now setup our own dynamic locking callback, and disallow
++ * setting of another locking callback.
++ */
+ }
+
+ void (*CRYPTO_get_locking_callback(void)) (int mode, int type,
+@@ -402,6 +414,129@@
return (add_lock_callback);
}
@@ -33,16 +70,58 @@
+ */
+static void solaris_locking_callback(int mode, int type, const char *file,
+ int line)
-+ {
-+ if (mode & CRYPTO_LOCK)
-+ {
-+ pthread_mutex_lock(&solaris_openssl_locks[type]);
-+ }
-+ else
-+ {
-+ pthread_mutex_unlock(&solaris_openssl_locks[type]);
-+ }
-+ }
++{
++ if (mode & CRYPTO_LOCK) {
++ pthread_mutex_lock(&solaris_openssl_locks[type]);
++ } else {
++ pthread_mutex_unlock(&solaris_openssl_locks[type]);
++ }
++}
++
++
++/*
++ * Implement Solaris's own dynamic locking routines.
++ */
++static struct CRYPTO_dynlock_value *
++solaris_dynlock_create(const char *file, int line)
++{
++ int ret;
++ pthread_mutex_t *dynlock;
++
++ dynlock = OPENSSL_malloc(sizeof(pthread_mutex_t));
++ if (dynlock == NULL) {
++ return (NULL);
++ }
++
++ ret = pthread_mutex_init(dynlock, NULL);
++ OPENSSL_assert(ret);
++
++ return ((struct CRYPTO_dynlock_value *)dynlock);
++}
++
++static void
++solaris_dynlock_lock(int mode, struct CRYPTO_dynlock_valud *dynlock,
++ const char *file, int line)
++{
++ int ret;
++
++ if (mode & CRYPTO_LOCK) {
++ ret = pthread_mutex_lock((pthread_mutex_t *)dynlock);
++ } else {
++ ret = pthread_mutex_unlock((pthread_mutex_t *)dynlock);
++ }
++
++ OPENSSL_assert(ret == 0);
++}
++
++static void
++solaris_dynlock_destroy(struct CRYPTO_dynlock_value *dynlock,
++ const char *file, int line)
++{
++ int ret;
++ ret = pthread_mutex_destroy((pthread_mutex_t *)dynlock);
++ OPENSSL_assert(ret);
++}
+
+
+/*
@@ -50,53 +129,61 @@
+ * global locking callback function ptr and mutexes.
+ */
+static void solaris_fork_child(void)
-+ {
-+ /*
-+ * clear locking_callback to indicate that locks should
-+ * be reinitialized.
-+ */
-+ locking_callback = NULL;
-+ solaris_locking_setup();
-+ }
++{
++ /*
++ * clear locking_callback to indicate that locks should
++ * be reinitialized.
++ */
++ locking_callback = NULL;
++ solaris_locking_setup();
++}
+
+/*
+ * This function allocates and initializes the global mutex array, and
+ * sets the locking callback.
+ */
+void solaris_locking_setup()
-+ {
-+ int i;
-+ int num_locks;
++{
++ int i;
++ int num_locks;
+
-+ /* locking callback is already setup. Nothing to do */
-+ if (locking_callback != NULL)
-+ {
-+ return;
-+ }
++ /* setup the dynlock callback if not already */
++ if (dynlock_create_callback == NULL) {
++ dynlock_create_callback = solaris_dynlock_create;
++ }
++ if (dynlock_lock_callback == NULL) {
++ dynlock_lock_callback = solaris_dynlock_lock;
++ }
++ if (dynlock_destroy_callback == NULL) {
++ dynlock_destroy_callback = solaris_dynlock_destroy;
++ }
+
-+ /*
-+ * Set atfork handler so that child can setup its own mutexes and
-+ * locking callbacks when it is forked
-+ */
-+ (void) pthread_atfork(NULL, NULL, solaris_fork_child);
++ /* locking callback is already setup. Nothing to do */
++ if (locking_callback != NULL) {
++ return;
++ }
+
-+ /* allocate locks needed by OpenSSL */
-+ num_locks = CRYPTO_num_locks();
-+ solaris_openssl_locks =
-+ OPENSSL_malloc(sizeof (pthread_mutex_t) * num_locks);
-+ if (solaris_openssl_locks == NULL)
-+ {
-+ fprintf(stderr,
-+ "solaris_locking_setup: memory allocation failure.\n");
-+ abort();
-+ }
++ /*
++ * Set atfork handler so that child can setup its own mutexes and
++ * locking callbacks when it is forked
++ */
++ (void) pthread_atfork(NULL, NULL, solaris_fork_child);
+
-+ /* initialize openssl mutexes */
-+ for (i = 0; i < num_locks; i++)
-+ {
-+ pthread_mutex_init(&solaris_openssl_locks[i], NULL);
-+ }
-+ locking_callback = solaris_locking_callback;
++ /* allocate locks needed by OpenSSL */
++ num_locks = CRYPTO_num_locks();
++ solaris_openssl_locks =
++ OPENSSL_malloc(sizeof (pthread_mutex_t) * num_locks);
++ if (solaris_openssl_locks == NULL) {
++ fprintf(stderr,
++ "solaris_locking_setup: memory allocation failure.\n");
++ abort();
++ }
++
++ /* initialize openssl mutexes */
++ for (i = 0; i < num_locks; i++) {
++ pthread_mutex_init(&solaris_openssl_locks[i], NULL);
++ }
++ locking_callback = solaris_locking_callback;
+
+}
+
@@ -109,13 +196,39 @@
OPENSSL_init();
- locking_callback = func;
+
-+ /*
-+ * we now setup our own locking callback and mutexes, and disallow
-+ * setting of another locking callback.
-+ */
++ /*
++ * we now setup our own locking callback and mutexes, and disallow
++ * setting of another locking callback.
++ */
}
void CRYPTO_set_add_lock_callback(int (*func) (int *num, int mount, int type,
+@@ -471,9 +551,10 @@
+
+ int CRYPTO_THREADID_set_callback(void (*func) (CRYPTO_THREADID *))
+ {
+- if (threadid_callback)
+- return 0;
+- threadid_callback = func;
++ /*
++ * Use the backup method (the address of 'errno') to identify the
++ * thread and disallow setting the threadid callback.
++ */
+ return 1;
+ }
+
+@@ -531,7 +611,10 @@
+
+ void CRYPTO_set_id_callback(unsigned long (*func) (void))
+ {
+- id_callback = func;
++ /*
++ * Use the backup method to identify the thread/process.
++ * Setting the id callback is disallowed.
++ */
+ }
+
+ unsigned long CRYPTO_thread_id(void)
--- openssl-1.0.1f/crypto/cryptlib.h.~1~ Fri Feb 7 10:41:42 2014
+++ openssl-1.0.1f/crypto/cryptlib.h Thu Feb 6 16:04:16 2014
@@ -104,6 +104,8 @@