summaryrefslogtreecommitdiffstats
path: root/0006-curl-7.27.0-68d2830e.patch
diff options
context:
space:
mode:
authorRemi Collet <fedora@famillecollet.com>2014-12-20 09:04:54 +0100
committerRemi Collet <fedora@famillecollet.com>2014-12-20 09:04:54 +0100
commit01d72d81f7e86f9433a81792cd61038506fe0048 (patch)
treed02a2a1ba7ab3e5242d5fe85dc39204a67de1e19 /0006-curl-7.27.0-68d2830e.patch
parent758da2152b096a93ff7e8f80fe1b7d46dcf11159 (diff)
curl: sync with 7.29.0-19 from RHEL-7 (for EL-5)HEADmaster
Diffstat (limited to '0006-curl-7.27.0-68d2830e.patch')
-rw-r--r--0006-curl-7.27.0-68d2830e.patch68
1 files changed, 0 insertions, 68 deletions
diff --git a/0006-curl-7.27.0-68d2830e.patch b/0006-curl-7.27.0-68d2830e.patch
deleted file mode 100644
index be8c558..0000000
--- a/0006-curl-7.27.0-68d2830e.patch
+++ /dev/null
@@ -1,68 +0,0 @@
-From c011938e10bf3af5896d0f7f5ecffc22150303f3 Mon Sep 17 00:00:00 2001
-From: Kamil Dudka <kdudka@redhat.com>
-Date: Mon, 3 Dec 2012 13:17:50 +0100
-Subject: [PATCH 1/3] nss: prevent NSS from crashing on client auth hook failure
-
-Although it is not explicitly stated in the documentation, NSS uses
-*pRetCert and *pRetKey even if the client authentication hook returns
-a failure. Namely, if we destroy *pRetCert without clearing *pRetCert
-afterwards, NSS destroys the certificate once again, which causes a
-double free.
-
-Reported by: Bob Relyea
-
-[upstream commit 68d2830ee9df50961e481e81c1baaa290c33f03e]
----
- lib/nss.c | 17 +++++++++++------
- 1 files changed, 11 insertions(+), 6 deletions(-)
-
-diff --git a/lib/nss.c b/lib/nss.c
-index 22b53bf..794eccb 100644
---- a/lib/nss.c
-+++ b/lib/nss.c
-@@ -757,6 +757,8 @@ static SECStatus SelectClientCert(void *arg, PRFileDesc *sock,
- static const char pem_slotname[] = "PEM Token #1";
- SECItem cert_der = { 0, NULL, 0 };
- void *proto_win = SSL_RevealPinArg(sock);
-+ struct CERTCertificateStr *cert;
-+ struct SECKEYPrivateKeyStr *key;
-
- PK11SlotInfo *slot = PK11_FindSlotByName(pem_slotname);
- if(NULL == slot) {
-@@ -771,24 +773,27 @@ static SECStatus SelectClientCert(void *arg, PRFileDesc *sock,
- return SECFailure;
- }
-
-- *pRetCert = PK11_FindCertFromDERCertItem(slot, &cert_der, proto_win);
-+ cert = PK11_FindCertFromDERCertItem(slot, &cert_der, proto_win);
- SECITEM_FreeItem(&cert_der, PR_FALSE);
-- if(NULL == *pRetCert) {
-+ if(NULL == cert) {
- failf(data, "NSS: client certificate from file not found");
- PK11_FreeSlot(slot);
- return SECFailure;
- }
-
-- *pRetKey = PK11_FindPrivateKeyFromCert(slot, *pRetCert, NULL);
-+ key = PK11_FindPrivateKeyFromCert(slot, cert, NULL);
- PK11_FreeSlot(slot);
-- if(NULL == *pRetKey) {
-+ if(NULL == key) {
- failf(data, "NSS: private key from file not found");
-- CERT_DestroyCertificate(*pRetCert);
-+ CERT_DestroyCertificate(cert);
- return SECFailure;
- }
-
- infof(data, "NSS: client certificate from file\n");
-- display_cert_info(data, *pRetCert);
-+ display_cert_info(data, cert);
-+
-+ *pRetCert = cert;
-+ *pRetKey = key;
- return SECSuccess;
- }
-
---
-1.7.1
-