diff options
author | Daniel P. Berrange <berrange@redhat.com> | 2016-10-10 12:17:50 +0100 |
---|---|---|
committer | Daniel P. Berrange <berrange@redhat.com> | 2016-10-20 12:19:35 +0100 |
commit | 373166636b9f07c60d7c32610bd346acf7d143e9 (patch) | |
tree | 3af354e1e5c8959a81d57424f332606569d83cef | |
parent | d26d6b5d34f825c452f9bf3c9d5126181b10f25b (diff) |
crypto: fix initialization of gcrypt threading
The gcrypt threads implementation must be set before calling
any other gcrypt APIs, especially gcry_check_version(),
since that triggers initialization of the random pool. After
that is initialized, changes to the threads impl won't be
honoured by the random pool code. This means that gcrypt
will think thread locking is needed and so try to acquire
the random pool mutex, but this is NULL as no threads impl
was set originally. This results in a crash in the random
pool code.
For the same reasons, we must set the gcrypt threads impl
before calling gnutls_init, since that will also trigger
gcry_check_version
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
-rw-r--r-- | crypto/init.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/crypto/init.c b/crypto/init.c index 16e099b489..f65207e57d 100644 --- a/crypto/init.c +++ b/crypto/init.c @@ -119,6 +119,10 @@ static struct gcry_thread_cbs qcrypto_gcrypt_thread_impl = { int qcrypto_init(Error **errp) { +#ifdef QCRYPTO_INIT_GCRYPT_THREADS + gcry_control(GCRYCTL_SET_THREAD_CBS, &qcrypto_gcrypt_thread_impl); +#endif /* QCRYPTO_INIT_GCRYPT_THREADS */ + #ifdef CONFIG_GNUTLS int ret; ret = gnutls_global_init(); @@ -139,9 +143,6 @@ int qcrypto_init(Error **errp) error_setg(errp, "Unable to initialize gcrypt"); return -1; } -#ifdef QCRYPTO_INIT_GCRYPT_THREADS - gcry_control(GCRYCTL_SET_THREAD_CBS, &qcrypto_gcrypt_thread_impl); -#endif /* QCRYPTO_INIT_GCRYPT_THREADS */ gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0); #endif |