From 1e8099ab00f8be5f4069a7456629808ce5be60b4 Mon Sep 17 00:00:00 2001 From: Kamil Dudka Date: Mon, 12 Aug 2013 15:14:35 +0200 Subject: [PATCH] nss: make sure that NSS is initialized ... prior to calling PK11_GenerateRandom() --- 0001-curl-7.32.0-204126a5.patch | 42 +++++++++++++++++++++++++++++++++ curl.spec | 5 ++++ 2 files changed, 47 insertions(+) create mode 100644 0001-curl-7.32.0-204126a5.patch diff --git a/0001-curl-7.32.0-204126a5.patch b/0001-curl-7.32.0-204126a5.patch new file mode 100644 index 0000000..dbf93a9 --- /dev/null +++ b/0001-curl-7.32.0-204126a5.patch @@ -0,0 +1,42 @@ +From 204126a5f1218b7ba02c0abbd9703ee79d0d0776 Mon Sep 17 00:00:00 2001 +From: Kamil Dudka +Date: Mon, 12 Aug 2013 15:14:35 +0200 +Subject: [PATCH] nss: make sure that NSS is initialized + +... prior to calling PK11_GenerateRandom() +--- + lib/nss.c | 11 +++++++---- + 1 files changed, 7 insertions(+), 4 deletions(-) + +diff --git a/lib/nss.c b/lib/nss.c +index cc3d9c9..2d4bf9e 100644 +--- a/lib/nss.c ++++ b/lib/nss.c +@@ -1543,9 +1543,8 @@ size_t Curl_nss_version(char *buffer, size_t size) + + int Curl_nss_seed(struct SessionHandle *data) + { +- /* TODO: implement? */ +- (void) data; +- return 0; ++ /* make sure that NSS is initialized */ ++ return !!Curl_nss_force_init(data); + } + + void Curl_nss_random(struct SessionHandle *data, +@@ -1553,7 +1552,11 @@ void Curl_nss_random(struct SessionHandle *data, + size_t length) + { + Curl_nss_seed(data); /* Initiate the seed if not already done */ +- PK11_GenerateRandom(entropy, curlx_uztosi(length)); ++ if(SECSuccess != PK11_GenerateRandom(entropy, curlx_uztosi(length))) { ++ /* no way to signal a failure from here, we have to abort */ ++ failf(data, "PK11_GenerateRandom() failed, calling abort()..."); ++ abort(); ++ } + } + + void Curl_nss_md5sum(unsigned char *tmp, /* input */ +-- +1.7.1 + diff --git a/curl.spec b/curl.spec index 438bb8b..6758739 100644 --- a/curl.spec +++ b/curl.spec @@ -7,6 +7,9 @@ Group: Applications/Internet Source: http://curl.haxx.se/download/%{name}-%{version}.tar.lzma Source2: curlbuild.h +# make sure that NSS is initialized prior to calling PK11_GenerateRandom() +Patch1: 0001-curl-7.32.0-204126a5.patch + # patch making libcurl multilib ready Patch101: 0101-curl-7.32.0-multilib.patch @@ -104,6 +107,7 @@ documentation of the library, too. %setup -q # upstream patches +%patch1 -p1 # Fedora patches %patch101 -p1 @@ -227,6 +231,7 @@ rm -rf $RPM_BUILD_ROOT %changelog * Mon Aug 12 2013 Kamil Dudka 7.32.0-1 - new upstream release +- make sure that NSS is initialized prior to calling PK11_GenerateRandom() * Sat Aug 03 2013 Fedora Release Engineering - 7.31.0-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild