Commit 29859d5d authored by Committed by Quanah Gibson-MountBrowse files
ITS#9069 Do not call gnutls_global_set_mutex()
Since GnuTLS moved to implicit initialization on library load, calling this function deinitializes GnuTLS and then re-initializes it. When GnuTLS uses /dev/urandom as an entropy source (getrandom() not available, or older versions of GnuTLS), and the application closed all file descriptors at startup, this could result in GnuTLS opening /dev/urandom over one of the application's file descriptors when re-initialized. Additionally, the custom mutex functions are never reset, so if libldap is unloaded (for example via dlclose()) after calling this, its code may be unmapped and the application could crash when GnuTLS calls the mutex functions. On typical systems, GnuTLS system mutexes are probably the same as what libldap uses anyway.