2c70e2a25280c8f1db54a6477cc98182202b8100
1 #! /bin/sh /usr/share/dpatch/dpatch-run
2 ## bts832577-gcry-control.dpatch by Florian Forster <octo@collectd.org>
3 ## and Sebastian Harl <tokkee@debian.org>
4 ##
5 ## DP: network plugin, libcollectdclient: Check return value of gcry_control().
6 ##
7 ## Upstream commits:
8 ## https://github.com/collectd/collectd/commit/8b4fed99
9 ## https://github.com/collectd/collectd/commit/262915c4
10 ## https://github.com/collectd/collectd/commit/a3000cbe
11 ## Upstream report:
12 ## https://github.com/collectd/collectd/issues/1665
14 @DPATCH@
16 diff a/src/libcollectdclient/network_buffer.c b/src/libcollectdclient/network_buffer.c
17 --- a/src/libcollectdclient/network_buffer.c
18 +++ b/src/libcollectdclient/network_buffer.c
19 @@ -131,12 +131,15 @@
20 need_init = 0;
22 #if HAVE_LIBGCRYPT
23 - gcry_control (GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
24 + if (gcry_control (GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread))
25 + return (0);
27 if (!gcry_check_version (GCRYPT_VERSION))
28 return (0);
30 - gcry_control (GCRYCTL_INIT_SECMEM, 32768, 0);
31 + if (!gcry_control (GCRYCTL_INIT_SECMEM, 32768, 0))
32 + return (0);
33 +
34 gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
36 result = 1;
37 diff a/src/network.c b/src/network.c
38 --- a/src/network.c
39 +++ b/src/network.c
40 @@ -493,13 +493,15 @@
41 } /* }}} int network_dispatch_notification */
43 #if HAVE_LIBGCRYPT
44 -static void network_init_gcrypt (void) /* {{{ */
45 +static int network_init_gcrypt (void) /* {{{ */
46 {
47 + gcry_error_t err;
48 +
49 /* http://lists.gnupg.org/pipermail/gcrypt-devel/2003-August/000458.html
50 * Because you can't know in a library whether another library has
51 * already initialized the library */
52 if (gcry_control (GCRYCTL_ANY_INITIALIZATION_P))
53 - return;
54 + return (0);
56 /* http://www.gnupg.org/documentation/manuals/gcrypt/Multi_002dThreading.html
57 * To ensure thread-safety, it's important to set GCRYCTL_SET_THREAD_CBS
58 @@ -508,11 +510,25 @@
59 * above doesn't count, as it doesn't implicitly initalize Libgcrypt.
60 *
61 * tl;dr: keep all these gry_* statements in this exact order please. */
62 - gcry_control (GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
63 + err = gcry_control (GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
64 + if (err)
65 + {
66 + ERROR ("network plugin: gcry_control (GCRYCTL_SET_THREAD_CBS) failed: %s", gcry_strerror (err));
67 + return (-1);
68 + }
69 +
70 gcry_check_version (NULL);
71 - gcry_control (GCRYCTL_INIT_SECMEM, 32768);
72 +
73 + err = gcry_control (GCRYCTL_INIT_SECMEM, 32768);
74 + if (err)
75 + {
76 + ERROR ("network plugin: gcry_control (GCRYCTL_INIT_SECMEM) failed: %s", gcry_strerror (err));
77 + return (-1);
78 + }
79 +
80 gcry_control (GCRYCTL_INITIALIZATION_FINISHED);
81 -} /* }}} void network_init_gcrypt */
82 + return (0);
83 +} /* }}} int network_init_gcrypt */
85 static gcry_cipher_hd_t network_get_aes256_cypher (sockent_t *se, /* {{{ */
86 const void *iv, size_t iv_size, const char *username)
87 @@ -2050,7 +2066,12 @@
88 {
89 if (se->data.client.security_level > SECURITY_LEVEL_NONE)
90 {
91 - network_init_gcrypt ();
92 + if (network_init_gcrypt () < 0)
93 + {
94 + ERROR ("network plugin: Cannot configure client socket with "
95 + "security: Failed to initialize crypto library.");
96 + return (-1);
97 + }
99 if ((se->data.client.username == NULL)
100 || (se->data.client.password == NULL))
101 @@ -2070,7 +2091,12 @@
102 {
103 if (se->data.server.security_level > SECURITY_LEVEL_NONE)
104 {
105 - network_init_gcrypt ();
106 + if (network_init_gcrypt () < 0)
107 + {
108 + ERROR ("network plugin: Cannot configure server socket with "
109 + "security: Failed to initialize crypto library.");
110 + return (-1);
111 + }
113 if (se->data.server.auth_file == NULL)
114 {
115 @@ -3395,7 +3421,11 @@
116 have_init = 1;
118 #if HAVE_LIBGCRYPT
119 - network_init_gcrypt ();
120 + if (network_init_gcrypt () < 0)
121 + {
122 + ERROR ("network plugin: Failed to initialize crypto library.");
123 + return (-1);
124 + }
125 #endif
127 if (network_config_stats != 0)