summaryrefslogtreecommitdiffstats
path: root/0004-curl-7.21.7-d6f319f.patch
blob: 33f430d3f93d29f2ff43038b5e803785feaa4aa6 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
From 857fed6e245a9620b0f25a2f4ca6d6dc01584674 Mon Sep 17 00:00:00 2001
From: Kamil Dudka <kdudka@redhat.com>
Date: Mon, 15 Aug 2011 13:48:45 +0200
Subject: [PATCH] nss: start with no database if the selected database is
 broken

Bug: https://bugzilla.redhat.com/728562

Signed-off-by: Kamil Dudka <kdudka@redhat.com>
---
 lib/nss.c |   63 +++++++++++++++++++++++++++++++++++++-----------------------
 1 files changed, 39 insertions(+), 24 deletions(-)

diff --git a/lib/nss.c b/lib/nss.c
index 3dc0ba6..94a530b 100644
--- a/lib/nss.c
+++ b/lib/nss.c
@@ -898,10 +898,42 @@ isTLSIntoleranceError(PRInt32 err)
   }
 }
 
-static CURLcode init_nss(struct SessionHandle *data)
+static CURLcode nss_init_core(struct SessionHandle *data, const char *cert_dir)
+{
+  if(NSS_IsInitialized())
+    return CURLE_OK;
+
+  if(cert_dir) {
+    SECStatus rv;
+    const bool use_sql = NSS_VersionCheck("3.12.0");
+    char *certpath = aprintf("%s%s", use_sql ? "sql:" : "", cert_dir);
+    if(!certpath)
+      return CURLE_OUT_OF_MEMORY;
+
+    infof(data, "Initializing NSS with certpath: %s\n", certpath);
+    rv = NSS_Initialize(certpath, "", "", "", NSS_INIT_READONLY);
+    free(certpath);
+
+    if(rv == SECSuccess)
+      return CURLE_OK;
+
+    infof(data, "Unable to initialize NSS database\n");
+  }
+
+  infof(data, "Initializing NSS with certpath: none\n");
+  if(NSS_NoDB_Init(NULL) == SECSuccess)
+    return CURLE_OK;
+
+  infof(data, "Unable to initialize NSS\n");
+  return CURLE_SSL_CACERT_BADFILE;
+}
+
+static CURLcode nss_init(struct SessionHandle *data)
 {
   char *cert_dir;
   struct_stat st;
+  CURLcode rv;
+
   if(initialized)
     return CURLE_OK;
 
@@ -922,31 +954,14 @@ static CURLcode init_nss(struct SessionHandle *data)
     }
   }
 
-  if(!NSS_IsInitialized()) {
-    SECStatus rv;
-    initialized = 1;
-    infof(data, "Initializing NSS with certpath: %s\n",
-          cert_dir ? cert_dir : "none");
-    if(!cert_dir) {
-      rv = NSS_NoDB_Init(NULL);
-    }
-    else {
-      char *certpath =
-        PR_smprintf("%s%s", NSS_VersionCheck("3.12.0") ? "sql:" : "",
-                    cert_dir);
-      rv = NSS_Initialize(certpath, "", "", "", NSS_INIT_READONLY);
-      PR_smprintf_free(certpath);
-    }
-    if(rv != SECSuccess) {
-      infof(data, "Unable to initialize NSS database\n");
-      initialized = 0;
-      return CURLE_SSL_CACERT_BADFILE;
-    }
-  }
+  rv = nss_init_core(data, cert_dir);
+  if(rv)
+    return rv;
 
   if(num_enabled_ciphers() == 0)
     NSS_SetDomesticPolicy();
 
+  initialized = 1;
   return CURLE_OK;
 }
 
@@ -981,7 +996,7 @@ CURLcode Curl_nss_force_init(struct SessionHandle *data)
   }
 
   PR_Lock(nss_initlock);
-  rv = init_nss(data);
+  rv = nss_init(data);
   PR_Unlock(nss_initlock);
   return rv;
 }
@@ -1184,7 +1199,7 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)
 
   /* FIXME. NSS doesn't support multiple databases open at the same time. */
   PR_Lock(nss_initlock);
-  curlerr = init_nss(conn->data);
+  curlerr = nss_init(conn->data);
   if(CURLE_OK != curlerr) {
     PR_Unlock(nss_initlock);
     goto error;
-- 
1.7.4.4