add thread safety to libcurl NSS cleanup() functions (#459297)

2008-09-04 00:47:20 +00:00 · 2008-09-04 00:47:20 +00:00 · b42223618d
commit b42223618d
parent f5c0813b81
2 changed files with 74 additions and 1 deletions
--- a/curl-7.18.2-nss-thread-safety.patch
+++ b/curl-7.18.2-nss-thread-safety.patch
@ -0,0 +1,68 @@
+diff -u --recursive curl-7.18.2.orig/lib/nss.c curl-7.18.2/lib/nss.c
+--- curl-7.18.2.orig/lib/nss.c	2008-05-26 11:02:49.000000000 -0400
+++ curl-7.18.2/lib/nss.c	2008-09-03 13:33:32.000000000 -0400
+@@ -73,6 +73,8 @@
+ 
+ PRFileDesc *PR_ImportTCPSocket(PRInt32 osfd);
+ 
+PRLock * nss_initlock = NULL;
+
+ int initialized = 0;
+ 
+ #define HANDSHAKE_TIMEOUT 30
+@@ -718,9 +720,12 @@
+  * @retval 1 SSL initialized successfully
+  */
+ int Curl_nss_init(void)
+-{
+-  if(!initialized)
+{ 
+  /* curl_global_init() is not thread-safe so this test is ok */
+  if (nss_initlock == NULL) {
+     PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 256);
+    nss_initlock = PR_NewLock();
+  }
+ 
+   /* We will actually initialize NSS later */
+ 
+@@ -730,7 +735,17 @@
+ /* Global cleanup */
+ void Curl_nss_cleanup(void)
+ {
+-  NSS_Shutdown();
+  /* This function isn't required to be threadsafe and this is only done
+   * as a safety feature.
+   */
+  PR_Lock(nss_initlock);
+  if (initialized)
+    NSS_Shutdown();
+  PR_Unlock(nss_initlock);
+
+  PR_DestroyLock(nss_initlock);
+  nss_initlock = NULL;
+
+   initialized = 0;
+ }
+ 
+@@ -805,7 +820,8 @@
+   curlerr = CURLE_SSL_CONNECT_ERROR;
+ 
+   /* FIXME. NSS doesn't support multiple databases open at the same time. */
+-  if(!initialized) {
+  PR_Lock(nss_initlock);
+  if(!initialized && !NSS_IsInitialized()) {
+     initialized = 1;
+ 
+     certDir = getenv("SSL_DIR"); /* Look in $SSL_DIR */
+@@ -829,8 +845,11 @@
+     if(rv != SECSuccess) {
+       infof(conn->data, "Unable to initialize NSS database\n");
+       curlerr = CURLE_SSL_CACERT_BADFILE;
+      PR_Unlock(nss_initlock);
+      initialized = 0;
+       goto error;
+     }
+    PR_Unlock(nss_initlock);
+ 
+     NSS_SetDomesticPolicy();
+ 
--- a/curl.spec
+++ b/curl.spec
@ -1,7 +1,7 @@
 Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
 Name: curl
 Version: 7.18.2
-Release: 5%{?dist}
+Release: 6%{?dist}
 License: MIT
 Group: Applications/Internet
 Source: http://curl.haxx.se/download/%{name}-%{version}.tar.bz2
@ -9,6 +9,7 @@ Patch1: curl-7.15.3-multilib.patch
 Patch2: curl-7.16.0-privlibs.patch
 Patch3: curl-7.17.1-badsocket.patch
 Patch4: curl-7.18.2-nssproxy.patch
+Patch5: curl-7.18.2-nss-thread-safety.patch
 Provides: webclient
 URL: http://curl.haxx.se/
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@ -50,6 +51,7 @@ use cURL's capabilities internally.
 %patch2 -p1 -b .privlibs
 %patch3 -p1 -b .badsocket
 %patch4 -p1 -b .nssproxy
+%patch5 -p1 -b .nssthreadsafety

 # Convert docs to UTF-8
 for f in CHANGES README; do
@ -118,6 +120,9 @@ rm -rf $RPM_BUILD_ROOT
 %{_datadir}/aclocal/libcurl.m4

 %changelog
+* Wed Sep 03 2008 Warren Togami <wtogami@redhat.com> 7.18.2-6
+- add thread safety to libcurl NSS cleanup() functions (#459297)
+
 * Fri Aug 22 2008 Tom "spot" Callaway <tcallawa@redhat.com> 7.18.2-5
 - undo mini libcurl.so.3