Re: firefox-3.6.9 and friends

DJ Lucas Sun, 12 Sep 2010 23:37:08 -0700

On 09/13/2010 12:46 AM, DJ Lucas wrote:
> On 09/12/2010 12:40 PM, Ken Moffat wrote:
>> On Sat, Sep 11, 2010 at 12:08:12AM +0100, Ken Moffat wrote:
>>>  People who care about security will have noticed this week's
>>> upstream firefox update.  Often, updating an existing system is just
>>> a straightforward recompile.  In this case, I had enough
>>> aggravations that I think it might be worth documenting them.
>>>
>>  And after all that, it crashes when I try to print.  Not something
>> I often do from the browser (only really for maps and hotel
>> reservations), but a real pain when it happens.  On the good side,
>> it recovers the open tabs and I can paste / save and print text by
>> other means.  For all I know, it might have been like this for a few
>> releases.  Something else to add to my acceptance tests, and to look
>> at when I've got the time.
>>
>> grumpily, ĸen
> 
> Interesting.  I am seeing the same.  It looks to be an issue with
> XulRunner as I see the same in Thunderbird.  If I stop cups and try it,
> the dialog opens correctly.  Does everyone seeing this problem have
> libgcrypt installed?  This looks interesting:
> https://bugzilla.redhat.com/show_bug.cgi?id=553834  Trying to figure out
> which of 58 patches fixes it. :-)
> 
> -- DJ Lucas
>


Got it.  Try the attached patch.  You'll have to restart cups and
anything using xulrunner.  We'll also need to get this into the book,
I'll submit the patch and update the cups page/bug (I haven't looked to
see if it is done yet).

-- DJ Lucas

diff -Naurp cups-1.4.4-orig/cups/http.c cups-1.4.4/cups/http.c
--- cups-1.4.4-orig/cups/http.c 2010-06-16 00:27:41.000000000 -0500
+++ cups-1.4.4/cups/http.c      2010-09-13 01:27:03.000000000 -0500
@@ -83,12 +83,10 @@
  *   http_debug_hex()     - Do a hex dump of a buffer.
  *   http_field()         - Return the field index for a field name.
  *   http_read_ssl()      - Read from a SSL/TLS connection.
- *   http_locking_cb()    - Lock/unlock a thread's mutex.
  *   http_send()          - Send a request with all fields and the trailing
  *                          blank line.
  *   http_setup_ssl()     - Set up SSL/TLS support on a connection.
  *   http_shutdown_ssl()  - Shut down SSL/TLS on a connection.
- *   http_threadid_cb()   - Return the current thread ID.
  *   http_upgrade()       - Force upgrade to TLS encryption.
  *   http_write()         - Write a buffer to a HTTP connection.
  *   http_write_chunk()   - Write a chunked buffer.
@@ -146,19 +144,6 @@ static int         http_setup_ssl(http_t *http)
 static void            http_shutdown_ssl(http_t *http);
 static int             http_upgrade(http_t *http);
 static int             http_write_ssl(http_t *http, const char *buf, int len);
-
-#  ifdef HAVE_GNUTLS
-#    ifdef HAVE_PTHREAD_H
-GCRY_THREAD_OPTION_PTHREAD_IMPL;
-#    endif /* HAVE_PTHREAD_H */
-
-#  elif defined(HAVE_LIBSSL) && defined(HAVE_PTHREAD_H)
-static pthread_mutex_t *http_locks;    /* OpenSSL lock mutexes */
-
-static void            http_locking_cb(int mode, int type, const char *file,
-                                       int line);
-static unsigned long   http_threadid_cb(void);
-#  endif /* HAVE_GNUTLS */
 #endif /* HAVE_SSL */
 
 
@@ -1188,22 +1173,21 @@ httpHead(http_t     *http,              /* I - Conne
 void
 httpInitialize(void)
 {
-  static int   initialized = 0;        /* Have we been called before? */
-#ifdef WIN32
-  WSADATA      winsockdata;            /* WinSock data */
-#endif /* WIN32 */
 #ifdef HAVE_LIBSSL
-  int          i;                      /* Looping var */
-  unsigned char        data[1024];             /* Seed data */
+#  ifndef WIN32
+  struct timeval        curtime;        /* Current time in microseconds */
+#  endif /* !WIN32 */
+  int                   i;              /* Looping var */
+  unsigned char         data[1024];     /* Seed data */
 #endif /* HAVE_LIBSSL */
 
-
-  if (initialized)
-    return;
-
 #ifdef WIN32
-  WSAStartup(MAKEWORD(2,2), &winsockdata);
+  WSADATA       winsockdata;            /* WinSock data */
+
 
+  static int    initialized = 0;        /* Has WinSock been initialized? */
+  if (!initialized)
+    WSAStartup(MAKEWORD(1,1), &winsockdata);
 #elif !defined(SO_NOSIGPIPE)
  /*
   * Ignore SIGPIPE signals...
@@ -1226,21 +1210,15 @@ httpInitialize(void)
 #endif /* WIN32 */
 
 #ifdef HAVE_GNUTLS
- /*
-  * Make sure we handle threading properly...
-  */
-
-#  ifdef HAVE_PTHREAD_H
-  gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
-#  endif /* HAVE_PTHREAD_H */
 
  /*
   * Initialize GNU TLS...
   */
 
   gnutls_global_init();
+#endif /* HAVE_GNUTLS */
 
-#elif defined(HAVE_LIBSSL)
+#ifdef HAVE_LIBSSL
  /*
   * Initialize OpenSSL...
   */
@@ -1249,33 +1227,21 @@ httpInitialize(void)
   SSL_library_init();
 
  /*
-  * Set the threading callbacks...
-  */
-
-#  ifdef HAVE_PTHREAD_H
-  http_locks = calloc(CRYPTO_num_locks(), sizeof(pthread_mutex_t));
-
-  for (i = 0; i < CRYPTO_num_locks(); i ++)
-    pthread_mutex_init(http_locks + i, NULL);
-
-  CRYPTO_set_id_callback(http_threadid_cb);
-  CRYPTO_set_locking_callback(http_locking_cb);
-#  endif /* HAVE_PTHREAD_H */
-
- /*
   * Using the current time is a dubious random seed, but on some systems
   * it is the best we can do (on others, this seed isn't even used...)
   */
 
-  CUPS_SRAND(time(NULL));
+#  ifdef WIN32
+#  else
+  gettimeofday(&curtime, NULL);
+  srand(curtime.tv_sec + curtime.tv_usec);
+#  endif /* WIN32 */
 
   for (i = 0; i < sizeof(data); i ++)
-    data[i] = CUPS_RAND();
+    data[i] = rand();
 
   RAND_seed(data, sizeof(data));
-#endif /* HAVE_GNUTLS */
-
-  initialized = 1;
+#endif /* HAVE_LIBSSL */
 }
 
 
@@ -2834,25 +2800,6 @@ http_read_ssl(http_t *http,              /* I - Conn
 #endif /* HAVE_SSL */
 
 
-#if defined(HAVE_LIBSSL) && defined(HAVE_PTHREAD_H)
-/*
- * 'http_locking_cb()' - Lock/unlock a thread's mutex.
- */
-
-static void
-http_locking_cb(int        mode,       /* I - Lock mode */
-               int        type,        /* I - Lock type */
-               const char *file,       /* I - Source file */
-               int        line)        /* I - Line number */
-{
-  if (mode & CRYPTO_LOCK)
-    pthread_mutex_lock(http_locks + type);
-  else
-    pthread_mutex_unlock(http_locks + type);
-}
-#endif /* HAVE_LIBSSL && HAVE_PTHREAD_H */
-
-
 /*
  * 'http_send()' - Send a request with all fields and the trailing blank line.
  */
@@ -3224,19 +3171,6 @@ http_shutdown_ssl(http_t *http)          /* I - 
 #endif /* HAVE_SSL */
 
 
-#if defined(HAVE_LIBSSL) && defined(HAVE_PTHREAD_H)
-/*
- * 'http_threadid_cb()' - Return the current thread ID.
- */
-
-static unsigned long                   /* O - Thread ID */
-http_threadid_cb(void)
-{
-  return ((unsigned long)pthread_self());
-}
-#endif /* HAVE_LIBSSL && HAVE_PTHREAD_H */
-
-
 #ifdef HAVE_SSL
 /*
  * 'http_upgrade()' - Force upgrade to TLS encryption.
diff -Naurp cups-1.4.4-orig/cups/http-private.h cups-1.4.4/cups/http-private.h
--- cups-1.4.4-orig/cups/http-private.h 2010-04-11 23:03:53.000000000 -0500
+++ cups-1.4.4/cups/http-private.h      2010-09-13 01:27:24.000000000 -0500
@@ -98,7 +98,6 @@ extern BIO_METHOD *_httpBIOMethods(void)
  * The GNU TLS library is more of a "bare metal" SSL/TLS library...
  */
 #    include <gnutls/gnutls.h>
-#    include <gcrypt.h>
 
 typedef struct
 {
diff -Naurp cups-1.4.4-orig/scheduler/main.c cups-1.4.4/scheduler/main.c
--- cups-1.4.4-orig/scheduler/main.c    2010-04-23 13:56:34.000000000 -0500
+++ cups-1.4.4/scheduler/main.c 2010-09-13 01:27:36.000000000 -0500
@@ -549,8 +549,6 @@ main(int  argc,                             /* I - Number 
of comm
   * Startup the server...
   */
 
-  httpInitialize();
-
   cupsdStartServer();
 
  /*
diff -Naurp cups-1.4.4-orig/scheduler/server.c cups-1.4.4/scheduler/server.c
--- cups-1.4.4-orig/scheduler/server.c  2010-04-11 23:03:53.000000000 -0500
+++ cups-1.4.4/scheduler/server.c       2010-09-13 01:27:49.000000000 -0500
@@ -44,6 +44,42 @@ static int   started = 0;
 void
 cupsdStartServer(void)
 {
+#ifdef HAVE_LIBSSL
+  int                   i;              /* Looping var */
+  struct timeval        curtime;        /* Current time in microseconds */
+  unsigned char         data[1024];     /* Seed data */
+#endif /* HAVE_LIBSSL */
+
+
+#ifdef HAVE_LIBSSL
+ /*
+  * Initialize the encryption libraries...
+  */
+
+  SSL_library_init();
+  SSL_load_error_strings();
+
+ /*
+  * Using the current time is a dubious random seed, but on some systems
+  * it is the best we can do (on others, this seed isn't even used...)
+  */
+
+  gettimeofday(&curtime, NULL);
+  srand(curtime.tv_sec + curtime.tv_usec);
+
+  for (i = 0; i < sizeof(data); i ++)
+    data[i] = rand(); /* Yes, this is a poor source of random data... */
+
+  RAND_seed(&data, sizeof(data));
+#elif defined(HAVE_GNUTLS)
+ /*
+  * Initialize the encryption libraries...
+  */
+
+  gnutls_global_init();
+#endif /* HAVE_LIBSSL */
+
+
  /*
   * Create the default security profile...
   */

-- 
http://linuxfromscratch.org/mailman/listinfo/blfs-support
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page

Re: firefox-3.6.9 and friends

Reply via email to