[Swan-commit] Changes to ref refs/heads/master
Paul Wouters
paul at vault.libreswan.fi
Sat Jul 13 22:06:00 EEST 2013
New commits:
commit 87101c5ad2a44e67c1e7b050ec27e02e52e8e213
Author: Paul Wouters <pwouters at redhat.com>
Date: Sat Jul 13 15:05:51 2013 -0400
updated changes
commit 0438445d58db20c9a545a30dedf2040bc151a19f
Author: Paul Wouters <pwouters at redhat.com>
Date: Sat Jul 13 14:59:03 2013 -0400
pluto: prevent curl from sending confusing signals crashing pluto (lsbz#128)
This would manifest itself when you need a CRL to bring up the tunnel,
but the CRL fetch location is on the other end of the tunnel (or otherwise
resolving fails)
See also: https://bugzilla.redhat.com/show_bug.cgi?id=539809
libcurl built without an asynchronous resolver library uses
alarm() to time out DNS lookups. When a timeout occurs,
this causes libcurl to jump from the signal handler back
into the library with a sigsetjmp, which effectively
causes libcurl to continue running within the signal
handler. This is non-portable and could cause problems on
some platforms. A discussion on the problem is available at
http://curl.haxx.se/mail/lib-2008-09/0197.html
Also, alarm() provides timeout resolution only to the nearest
second. alarm ought to be replaced by setitimer on systems that
support it.
Note this seems to have happened in Fedora, but not yet in RHEL6
More information about the Swan-commit
mailing list