From: Hallvard Furuseth Date: Sun, 20 May 2007 20:02:52 +0000 (+0000) Subject: libldap/tls.c calls CRYPTO_set_id_callback(ldap_pvt_thread_self), which X-Git-Tag: OPENLDAP_REL_ENG_2_4_MP~450 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=c47e444698251fca2bd781f03fe6e6fe305b0942;p=openldap libldap/tls.c calls CRYPTO_set_id_callback(ldap_pvt_thread_self), which causes ldap_pvt_thread_self to be called with the wrong prototype. That can cause OpenSSL to use a garbage value, e.g. if the unsigned long it expects takes two words but ldap_pvt_thread_t is an int. I'm fixing it in HEAD now and also provoking an error if unsigned long cannot hold a ldap_pvt_thread_t. Otherwise it can silently compile to broken code. Maybe the latter should go in configure, but since OpenSSL presumably breaks anyway if that fails I don't see much point at this time. --- diff --git a/libraries/libldap/tls.c b/libraries/libldap/tls.c index 99e252bb24..ace10b7e3c 100644 --- a/libraries/libldap/tls.c +++ b/libraries/libldap/tls.c @@ -397,6 +397,24 @@ static void tls_locking_cb( int mode, int type, const char *file, int line ) } } +static unsigned long tls_thread_self( void ) +{ + /* FIXME: CRYPTO_set_id_callback only works when ldap_pvt_thread_t + * is an integral type that fits in an unsigned long + */ + + /* force an error if ldap_pvt_thread_t is not such a type */ + enum { + ok = + 3 / (ldap_pvt_thread_t)2 == 1 /* integer */ + && (ldap_pvt_thread_t)-1 > 0UL /* not too wide signed */ + && (ldap_pvt_thread_t)-2 < -1UL /* not too wide unsigned */ + }; + typedef struct { int dummy: ok ? 1 : -1; } Check[ok ? 1 : -1]; + + return ldap_pvt_thread_self(); +} + static void tls_init_threads( void ) { int i; @@ -405,10 +423,7 @@ static void tls_init_threads( void ) ldap_pvt_thread_mutex_init( &tls_mutexes[i] ); } CRYPTO_set_locking_callback( tls_locking_cb ); - CRYPTO_set_id_callback( ldap_pvt_thread_self ); - /* FIXME: CRYPTO_set_id_callback only works when ldap_pvt_thread_t - * is an integral type that fits in an unsigned long - */ + CRYPTO_set_id_callback( tls_thread_self ); } #endif /* LDAP_R_COMPILE */