95 lines
2.8 KiB
Diff
95 lines
2.8 KiB
Diff
--- curl-7.19.6/lib/nss.c 2009-09-30 15:29:35.965297742 +0200
|
|
+++ /tmp/nss.c 2009-09-30 15:23:05.000000000 +0200
|
|
@@ -63,6 +63,7 @@
|
|
#include <secitem.h>
|
|
#include <secport.h>
|
|
#include <certdb.h>
|
|
+#include <base64.h>
|
|
|
|
#include "curl_memory.h"
|
|
#include "rawstr.h"
|
|
@@ -265,7 +266,7 @@ static int num_enabled_ciphers(void)
|
|
*/
|
|
static int is_file(const char *filename)
|
|
{
|
|
- struct stat st;
|
|
+ struct_stat st;
|
|
|
|
if(filename == NULL)
|
|
return 0;
|
|
@@ -963,26 +964,38 @@ CURLcode Curl_nss_connect(struct connect
|
|
/* FIXME. NSS doesn't support multiple databases open at the same time. */
|
|
PR_Lock(nss_initlock);
|
|
if(!initialized) {
|
|
+ struct_stat st;
|
|
|
|
- certDir = getenv("SSL_DIR"); /* Look in $SSL_DIR */
|
|
+ /* First we check if $SSL_DIR points to a valid dir */
|
|
+ certDir = getenv("SSL_DIR");
|
|
+ if(certDir) {
|
|
+ if((stat(certDir, &st) != 0) ||
|
|
+ (!S_ISDIR(st.st_mode))) {
|
|
+ certDir = NULL;
|
|
+ }
|
|
+ }
|
|
|
|
+ /* Now we check if the default location is a valid dir */
|
|
if(!certDir) {
|
|
- struct stat st;
|
|
-
|
|
- if(stat(SSL_DIR, &st) == 0)
|
|
- if(S_ISDIR(st.st_mode)) {
|
|
- certDir = (char *)SSL_DIR;
|
|
- }
|
|
+ if((stat(SSL_DIR, &st) == 0) &&
|
|
+ (S_ISDIR(st.st_mode))) {
|
|
+ certDir = (char *)SSL_DIR;
|
|
+ }
|
|
}
|
|
|
|
if (!NSS_IsInitialized()) {
|
|
initialized = 1;
|
|
+ infof(conn->data, "Initializing NSS with certpath: %s\n",
|
|
+ certDir ? certDir : "none");
|
|
if(!certDir) {
|
|
rv = NSS_NoDB_Init(NULL);
|
|
}
|
|
else {
|
|
- rv = NSS_Initialize(certDir, NULL, NULL, "secmod.db",
|
|
- NSS_INIT_READONLY);
|
|
+ char *certpath = PR_smprintf("%s%s",
|
|
+ NSS_VersionCheck("3.12.0") ? "sql:" : "",
|
|
+ certDir);
|
|
+ rv = NSS_Initialize(certpath, "", "", "", NSS_INIT_READONLY);
|
|
+ PR_smprintf_free(certpath);
|
|
}
|
|
if(rv != SECSuccess) {
|
|
infof(conn->data, "Unable to initialize NSS database\n");
|
|
@@ -1103,7 +1116,7 @@ CURLcode Curl_nss_connect(struct connect
|
|
}
|
|
}
|
|
else if(data->set.ssl.CApath) {
|
|
- struct stat st;
|
|
+ struct_stat st;
|
|
PRDir *dir;
|
|
PRDirEntry *entry;
|
|
|
|
@@ -1282,7 +1295,7 @@ int Curl_nss_send(struct connectdata *co
|
|
int rc;
|
|
|
|
if(data->set.timeout)
|
|
- timeout = PR_MillisecondsToInterval(data->set.timeout);
|
|
+ timeout = PR_MillisecondsToInterval((PRUint32)data->set.timeout);
|
|
else
|
|
timeout = PR_MillisecondsToInterval(DEFAULT_CONNECT_TIMEOUT);
|
|
|
|
@@ -1318,7 +1331,7 @@ ssize_t Curl_nss_recv(struct connectdata
|
|
PRInt32 timeout;
|
|
|
|
if(data->set.timeout)
|
|
- timeout = PR_SecondsToInterval(data->set.timeout);
|
|
+ timeout = PR_SecondsToInterval((PRUint32)data->set.timeout);
|
|
else
|
|
timeout = PR_MillisecondsToInterval(DEFAULT_CONNECT_TIMEOUT);
|
|
|