rpm/rpm-4.4.2.2-cryptoinit.patch

diff -up rpm-4.4.2.2/rpmio/digest.c.nss-init rpm-4.4.2.2/rpmio/digest.c
--- rpm-4.4.2.2/rpmio/digest.c.nss-init	2007-11-15 15:00:41.000000000 +0200
+++ rpm-4.4.2.2/rpmio/digest.c	2007-11-15 15:00:41.000000000 +0200
@@ -78,9 +78,6 @@ rpmDigestInit(pgpHashAlgo hashalgo, rpmD
     HASH_HashType type;
     DIGEST_CTX ctx = xcalloc(1, sizeof(*ctx));
 
-    if (NSS_NoDB_Init(NULL) != SECSuccess)
-	return NULL;
-
     ctx->flags = flags;
 
     type = getHashType(hashalgo);
diff -up rpm-4.4.2.2/rpmio/rpmpgp.h.nss-init rpm-4.4.2.2/rpmio/rpmpgp.h
--- rpm-4.4.2.2/rpmio/rpmpgp.h.nss-init	2007-11-15 15:00:41.000000000 +0200
+++ rpm-4.4.2.2/rpmio/rpmpgp.h	2007-11-15 15:00:41.000000000 +0200
@@ -1380,6 +1380,15 @@ unsigned int pgpCRC(const byte *octets, 
 }
 
 /** \ingroup rpmio
+ * Perform cryptography initialization.
+ * It must be called before any cryptography can be used within rpm.
+ * It's not normally necessary to call it directly as it's called in
+ * general rpm initialization routines.
+ * @return		0 on success, -1 on failure
+ */
+int rpmInitCrypto(void);
+
+/** \ingroup rpmio
  * Duplicate a digest context.
  * @param octx		existing digest context
  * @return		duplicated digest context
diff -up rpm-4.4.2.2/rpmio/rpmpgp.c.nss-init rpm-4.4.2.2/rpmio/rpmpgp.c
--- rpm-4.4.2.2/rpmio/rpmpgp.c.nss-init	2007-11-15 15:00:41.000000000 +0200
+++ rpm-4.4.2.2/rpmio/rpmpgp.c	2007-11-15 15:00:41.000000000 +0200
@@ -17,6 +17,8 @@ static int _debug = 0;
 /*@unchecked@*/
 static int _print = 0;
 
+static int _crypto_initialized = 0;
+
 /*@unchecked@*/ /*@null@*/
 static pgpDig _dig = NULL;
 
@@ -1094,7 +1096,6 @@ int pgpPrtPkt(const byte *pkt, unsigned 
 pgpDig pgpNewDig(void)
 {
     pgpDig dig = xcalloc(1, sizeof(*dig));
-    NSS_NoDB_Init(NULL);
 
     return dig;
 }
@@ -1404,5 +1405,18 @@ char * pgpArmorWrap(int atype, const uns
 
     return val;
 }
-
 /*@=boundsread@*/
+
+int rpmInitCrypto(void) {
+    int rc = 0;
+
+    if (!_crypto_initialized && NSS_NoDB_Init(NULL) != SECSuccess) {
+        rc = -1;
+    } else {
+        _crypto_initialized = 1;
+    }
+
+    return rc;
+}
+
+
diff -up rpm-4.4.2.2/tools/debugedit.c.nss-init rpm-4.4.2.2/tools/debugedit.c
--- rpm-4.4.2.2/tools/debugedit.c.nss-init	2007-11-15 15:01:42.000000000 +0200
+++ rpm-4.4.2.2/tools/debugedit.c	2007-11-15 15:02:23.000000000 +0200
@@ -1318,6 +1318,8 @@ handle_build_id (DSO *dso, Elf_Data *bui
   void *digest = NULL;
   size_t len;
 
+  rpmInitCrypto();
+
   while (i-- > 0)
     {
       algorithm = algorithms[i];
diff -up rpm-4.4.2.2/lib/rpmrc.c.nss-init rpm-4.4.2.2/lib/rpmrc.c
--- rpm-4.4.2.2/lib/rpmrc.c.nss-init	2007-09-11 09:28:15.000000000 +0300
+++ rpm-4.4.2.2/lib/rpmrc.c	2007-11-15 15:00:41.000000000 +0200
@@ -1850,6 +1850,10 @@ static int rpmReadRC(/*@null@*/ const ch
 
 int rpmReadConfigFiles(const char * file, const char * target)
 {
+    /* Initialize crypto engine as early as possible */
+    if (rpmInitCrypto() < 0) {
+	return -1;
+    }	
 
     /* Preset target macros */
     /*@-nullstate@*/	/* FIX: target can be NULL */
- Initialize NSS as early as possible (#382091) 2007-11-15 09:09:45 +00:00			`diff -up rpm-4.4.2.2/rpmio/digest.c.nss-init rpm-4.4.2.2/rpmio/digest.c`
- Unbreak debugedit (missing crypto initialization) 2007-11-15 13:14:38 +00:00			`--- rpm-4.4.2.2/rpmio/digest.c.nss-init 2007-11-15 15:00:41.000000000 +0200`
			`+++ rpm-4.4.2.2/rpmio/digest.c 2007-11-15 15:00:41.000000000 +0200`
- Initialize NSS as early as possible (#382091) 2007-11-15 09:09:45 +00:00			`@@ -78,9 +78,6 @@ rpmDigestInit(pgpHashAlgo hashalgo, rpmD`
			`HASH_HashType type;`
			`DIGEST_CTX ctx = xcalloc(1, sizeof(*ctx));`

			`- if (NSS_NoDB_Init(NULL) != SECSuccess)`
			`- return NULL;`
			`-`
			`ctx->flags = flags;`

			`type = getHashType(hashalgo);`
			`diff -up rpm-4.4.2.2/rpmio/rpmpgp.h.nss-init rpm-4.4.2.2/rpmio/rpmpgp.h`
- Unbreak debugedit (missing crypto initialization) 2007-11-15 13:14:38 +00:00			`--- rpm-4.4.2.2/rpmio/rpmpgp.h.nss-init 2007-11-15 15:00:41.000000000 +0200`
			`+++ rpm-4.4.2.2/rpmio/rpmpgp.h 2007-11-15 15:00:41.000000000 +0200`
- Initialize NSS as early as possible (#382091) 2007-11-15 09:09:45 +00:00			`@@ -1380,6 +1380,15 @@ unsigned int pgpCRC(const byte *octets,`
			`}`

			`/** \ingroup rpmio`
			`+ * Perform cryptography initialization.`
			`+ * It must be called before any cryptography can be used within rpm.`
			`+ * It's not normally necessary to call it directly as it's called in`
			`+ * general rpm initialization routines.`
			`+ * @return 0 on success, -1 on failure`
			`+ */`
			`+int rpmInitCrypto(void);`
			`+`
			`+/** \ingroup rpmio`
			`* Duplicate a digest context.`
			`* @param octx existing digest context`
			`* @return duplicated digest context`
			`diff -up rpm-4.4.2.2/rpmio/rpmpgp.c.nss-init rpm-4.4.2.2/rpmio/rpmpgp.c`
- Unbreak debugedit (missing crypto initialization) 2007-11-15 13:14:38 +00:00			`--- rpm-4.4.2.2/rpmio/rpmpgp.c.nss-init 2007-11-15 15:00:41.000000000 +0200`
			`+++ rpm-4.4.2.2/rpmio/rpmpgp.c 2007-11-15 15:00:41.000000000 +0200`
- Initialize NSS as early as possible (#382091) 2007-11-15 09:09:45 +00:00			`@@ -17,6 +17,8 @@ static int _debug = 0;`
			`/@unchecked@/`
			`static int _print = 0;`

			`+static int _crypto_initialized = 0;`
			`+`
			`/@unchecked@/ /@null@/`
			`static pgpDig _dig = NULL;`

			`@@ -1094,7 +1096,6 @@ int pgpPrtPkt(const byte *pkt, unsigned`
			`pgpDig pgpNewDig(void)`
			`{`
			`pgpDig dig = xcalloc(1, sizeof(*dig));`
			`- NSS_NoDB_Init(NULL);`

			`return dig;`
			`}`
			`@@ -1404,5 +1405,18 @@ char * pgpArmorWrap(int atype, const uns`

			`return val;`
			`}`
			`-`
			`/@=boundsread@/`
			`+`
			`+int rpmInitCrypto(void) {`
			`+ int rc = 0;`
			`+`
			`+ if (!_crypto_initialized && NSS_NoDB_Init(NULL) != SECSuccess) {`
			`+ rc = -1;`
			`+ } else {`
			`+ _crypto_initialized = 1;`
			`+ }`
			`+`
			`+ return rc;`
			`+}`
			`+`
			`+`
- Unbreak debugedit (missing crypto initialization) 2007-11-15 13:14:38 +00:00			`diff -up rpm-4.4.2.2/tools/debugedit.c.nss-init rpm-4.4.2.2/tools/debugedit.c`
			`--- rpm-4.4.2.2/tools/debugedit.c.nss-init 2007-11-15 15:01:42.000000000 +0200`
			`+++ rpm-4.4.2.2/tools/debugedit.c 2007-11-15 15:02:23.000000000 +0200`
			`@@ -1318,6 +1318,8 @@ handle_build_id (DSO dso, Elf_Data bui`
			`void *digest = NULL;`
			`size_t len;`

			`+ rpmInitCrypto();`
			`+`
			`while (i-- > 0)`
			`{`
			`algorithm = algorithms[i];`
- Initialize NSS as early as possible (#382091) 2007-11-15 09:09:45 +00:00			`diff -up rpm-4.4.2.2/lib/rpmrc.c.nss-init rpm-4.4.2.2/lib/rpmrc.c`
			`--- rpm-4.4.2.2/lib/rpmrc.c.nss-init 2007-09-11 09:28:15.000000000 +0300`
- Unbreak debugedit (missing crypto initialization) 2007-11-15 13:14:38 +00:00			`+++ rpm-4.4.2.2/lib/rpmrc.c 2007-11-15 15:00:41.000000000 +0200`
- Initialize NSS as early as possible (#382091) 2007-11-15 09:09:45 +00:00			`@@ -1850,6 +1850,10 @@ static int rpmReadRC(/@null@/ const ch`

			`int rpmReadConfigFiles(const char * file, const char * target)`
			`{`
			`+ /* Initialize crypto engine as early as possible */`
			`+ if (rpmInitCrypto() < 0) {`
			`+ return -1;`
			`+ }`

			`/* Preset target macros */`
			`/@-nullstate@/ /* FIX: target can be NULL */`