provide human-readable names for NSS errors (upstream commit a60edcc6)

2012-04-13 12:51:05 +02:00 · 2012-04-13 12:51:05 +02:00 · 045ad4ccac
commit 045ad4ccac
parent 828454f996
2 changed files with 105 additions and 0 deletions
--- a/0002-curl-7.25.00-a60edcc6.patch
+++ b/0002-curl-7.25.00-a60edcc6.patch
@ -0,0 +1,100 @@
 From 304341d763f4293c7cc107e37d0ca0ac3741a560 Mon Sep 17 00:00:00 2001
 From: Kamil Dudka <kdudka@redhat.com>
 Date: Wed, 11 Apr 2012 13:44:20 +0200
 Subject: [PATCH] nss: provide human-readable names for NSS errors
 [upstream commit a60edcc6]
 Signed-off-by: Kamil Dudka <kdudka@redhat.com>
 ---
 lib/nss.c |   32 +++++++++++++++++++++++++-------
 1 files changed, 25 insertions(+), 7 deletions(-)
 diff --git a/lib/nss.c b/lib/nss.c
 index 16127ee..6002391 100644
 --- a/lib/nss.c
 +++ b/lib/nss.c
@@ -62,6 +62,7 @@
 #include <certdb.h>
 #include <base64.h>
 #include <cert.h>
 +#include <prerror.h>
 #include "curl_memory.h"
 #include "rawstr.h"
@@ -176,6 +177,15 @@ static const int enable_ciphers_by_default[] = {
 static const char* pem_library = "libnsspem.so";
 SECMODModule* mod = NULL;
 +static const char* nss_error_to_name(PRErrorCode code)
 +{
 +  const char *name = PR_ErrorToName(code);
 +  if(name)
 +    return name;
 +
 +  return "unknown error";
 +}
 +
 static SECStatus set_ciphers(struct SessionHandle *data, PRFileDesc * model,
                              char *cipher_list)
 {
@@ -548,8 +558,11 @@ static CURLcode cert_stuff(struct connectdata *conn, int sockindex,
   if(cert_file) {
     rv = nss_load_cert(&conn->ssl[sockindex], cert_file, PR_FALSE);
     if(CURLE_OK != rv) {
 -      if(!display_error(conn, PR_GetError(), cert_file))
 -        failf(data, "Unable to load client cert %d.", PR_GetError());
 +      const PRErrorCode err = PR_GetError();
 +      if(!display_error(conn, err, cert_file)) {
 +        const char *err_name = nss_error_to_name(err);
 +        failf(data, "unable to load client cert: %d (%s)", err, err_name);
 +      }
       return rv;
     }
@@ -562,8 +575,11 @@ static CURLcode cert_stuff(struct connectdata *conn, int sockindex,
       /* In case the cert file also has the key */
       rv = nss_load_key(conn, sockindex, cert_file);
     if(CURLE_OK != rv) {
 -      if(!display_error(conn, PR_GetError(), key_file))
 -        failf(data, "Unable to load client key %d.", PR_GetError());
 +      const PRErrorCode err = PR_GetError();
 +      if(!display_error(conn, err, key_file)) {
 +        const char *err_name = nss_error_to_name(err);
 +        failf(data, "unable to load client key: %d (%s)", err, err_name);
 +      }
       return rv;
     }
@@ -1448,7 +1464,7 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)
   if(handle_cc_error(err, data))
     curlerr = CURLE_SSL_CERTPROBLEM;
   else
 -    infof(data, "NSS error %d\n", err);
 +    infof(data, "NSS error %d (%s)\n", err, nss_error_to_name(err));
   if(model)
     PR_Close(model);
@@ -1484,7 +1500,8 @@ static ssize_t nss_send(struct connectdata *conn,  /* connection data */
     else if(handle_cc_error(err, conn->data))
       *curlcode = CURLE_SSL_CERTPROBLEM;
     else {
 -      failf(conn->data, "SSL write: error %d", err);
 +      const char *err_name = nss_error_to_name(err);
 +      failf(conn->data, "SSL write: error %d (%s)", err, err_name);
       *curlcode = CURLE_SEND_ERROR;
     }
     return -1;
@@ -1510,7 +1527,8 @@ static ssize_t nss_recv(struct connectdata * conn, /* connection data */
     else if(handle_cc_error(err, conn->data))
       *curlcode = CURLE_SSL_CERTPROBLEM;
     else {
 -      failf(conn->data, "SSL read: errno %d", err);
 +      const char *err_name = nss_error_to_name(err);
 +      failf(conn->data, "SSL read: errno %d (%s)", err, err_name);
       *curlcode = CURLE_RECV_ERROR;
     }
     return -1;
 -- 
 1.7.1
--- a/curl.spec
+++ b/curl.spec
@ -11,6 +11,9 @@ Source3: hide_selinux.c
 # use NSS_InitContext() to initialize NSS if available (#738456)
 Patch1: 0001-curl-7.25.00-20cb12db.patch
 # provide human-readable names for NSS errors (upstream commit a60edcc6)
 Patch2: 0002-curl-7.25.00-a60edcc6.patch
 # patch making libcurl multilib ready
 Patch101: 0101-curl-7.25.0-multilib.patch
@ -108,6 +111,7 @@ documentation of the library, too.
 # upstream patches
 %patch1 -p1
 %patch2 -p1
 # Fedora patches
 %patch101 -p1
@ -226,6 +230,7 @@ rm -rf $RPM_BUILD_ROOT
 %changelog
 * Fri Apr 13 2012 Kamil Dudka <kdudka@redhat.com> 7.25.0-2
 - use NSS_InitContext() to initialize NSS if available (#738456)
 - provide human-readable names for NSS errors (upstream commit a60edcc6)
 * Fri Mar 23 2012 Paul Howarth <paul@city-fan.org> 7.25.0-1
 - new upstream release (#806264)