Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
Please login to access the resource
openSUSE:Maintenance:6416
tigervnc.openSUSE_Leap_42.1_Update
U_tigervnc_proper_global_init_deinit_of_GnuTLS....
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File U_tigervnc_proper_global_init_deinit_of_GnuTLS.patch of Package tigervnc.openSUSE_Leap_42.1_Update
Git-commit: 8aa4bc53206c2430bbf0c8f4b642f59a379ee649 Patch-Mainline: Upstream References: bnc#1023012 Subject: [PATCH] Proper global init/deinit of GnuTLS Author: Pierre Ossman <ossman@cendio.se> Signed-off-by: Michal Srb <msrb@suse.com> These are reference counted so it is important to retain symmetry between the calls. Failure to do so will result in bad memory access and crashes. diff --git a/common/rfb/CSecurityTLS.cxx b/common/rfb/CSecurityTLS.cxx index 3dceded..8a053e3 100644 --- a/common/rfb/CSecurityTLS.cxx +++ b/common/rfb/CSecurityTLS.cxx @@ -67,21 +67,14 @@ StringParameter CSecurityTLS::X509CRL("X509CRL", "X509 CRL file", "", ConfViewer static LogWriter vlog("TLS"); -void CSecurityTLS::initGlobal() -{ - static bool globalInitDone = false; - - if (!globalInitDone) { - gnutls_global_init(); - globalInitDone = true; - } -} - CSecurityTLS::CSecurityTLS(bool _anon) : session(0), anon_cred(0), anon(_anon), fis(0), fos(0) { cafile = X509CA.getData(); crlfile = X509CRL.getData(); + + if (gnutls_global_init() != GNUTLS_E_SUCCESS) + throw AuthFailureException("gnutls_global_init failed"); } void CSecurityTLS::setDefaults() @@ -125,8 +118,6 @@ void CSecurityTLS::shutdown(bool needbye) if (session) { gnutls_deinit(session); session = 0; - - gnutls_global_deinit(); } } @@ -142,6 +133,8 @@ CSecurityTLS::~CSecurityTLS() delete[] cafile; delete[] crlfile; + + gnutls_global_deinit(); } bool CSecurityTLS::processMsg(CConnection* cc) @@ -150,8 +143,6 @@ bool CSecurityTLS::processMsg(CConnection* cc) rdr::OutStream* os = cc->getOutStream(); client = cc; - initGlobal(); - if (!session) { if (!is->checkNoWait(1)) return false; diff --git a/common/rfb/CSecurityTLS.h b/common/rfb/CSecurityTLS.h index b147d80..57d964d 100644 --- a/common/rfb/CSecurityTLS.h +++ b/common/rfb/CSecurityTLS.h @@ -62,8 +62,6 @@ namespace rfb { CConnection *client; private: - static void initGlobal(); - gnutls_session_t session; gnutls_anon_client_credentials_t anon_cred; gnutls_certificate_credentials_t cert_cred; diff --git a/common/rfb/SSecurityTLS.cxx b/common/rfb/SSecurityTLS.cxx index 0f52d34..b946022 100644 --- a/common/rfb/SSecurityTLS.cxx +++ b/common/rfb/SSecurityTLS.cxx @@ -48,23 +48,15 @@ StringParameter SSecurityTLS::X509_KeyFile static LogWriter vlog("TLS"); -void SSecurityTLS::initGlobal() -{ - static bool globalInitDone = false; - - if (!globalInitDone) { - if (gnutls_global_init() != GNUTLS_E_SUCCESS) - throw AuthFailureException("gnutls_global_init failed"); - globalInitDone = true; - } -} - SSecurityTLS::SSecurityTLS(bool _anon) : session(0), dh_params(0), anon_cred(0), cert_cred(0), anon(_anon), fis(0), fos(0) { certfile = X509_CertFile.getData(); keyfile = X509_KeyFile.getData(); + + if (gnutls_global_init() != GNUTLS_E_SUCCESS) + throw AuthFailureException("gnutls_global_init failed"); } void SSecurityTLS::shutdown() @@ -94,8 +86,6 @@ void SSecurityTLS::shutdown() if (session) { gnutls_deinit(session); session = 0; - - gnutls_global_deinit(); } } @@ -111,6 +101,8 @@ SSecurityTLS::~SSecurityTLS() delete[] keyfile; delete[] certfile; + + gnutls_global_deinit(); } bool SSecurityTLS::processMsg(SConnection *sc) @@ -121,8 +113,6 @@ bool SSecurityTLS::processMsg(SConnection *sc) vlog.debug("Process security message (session %p)", session); if (!session) { - initGlobal(); - if (gnutls_init(&session, GNUTLS_SERVER) != GNUTLS_E_SUCCESS) throw AuthFailureException("gnutls_init failed"); diff --git a/common/rfb/SSecurityTLS.h b/common/rfb/SSecurityTLS.h index a793205..30242a2 100644 --- a/common/rfb/SSecurityTLS.h +++ b/common/rfb/SSecurityTLS.h @@ -54,8 +54,6 @@ namespace rfb { void setParams(gnutls_session_t session); private: - static void initGlobal(); - gnutls_session_t session; gnutls_dh_params_t dh_params; gnutls_anon_server_credentials_t anon_cred;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor