curl-library
[PATCH] nss: unconditionally require NSS_InitContext()
From: Kamil Dudka <kdudka_at_redhat.com>
Date: Mon, 2 Dec 2013 14:33:04 +0100
Date: Mon, 2 Dec 2013 14:33:04 +0100
... since we depend on NSS 3.14+ because of SSL_VersionRangeSet() anyway
---
configure.ac | 8 --------
lib/nss.c | 26 --------------------------
2 files changed, 0 insertions(+), 34 deletions(-)
diff --git a/configure.ac b/configure.ac
index 6a493fa..67c2334 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2088,14 +2088,6 @@ if test "$curl_ssl_msg" = "$init_ssl_msg"; then
if test "x$USE_NSS" = "xyes"; then
AC_MSG_NOTICE([detected NSS version $version])
- dnl NSS_InitContext() was introduced in NSS 3.12.5 and helps to prevent
- dnl collisions on NSS initialization/shutdown with other libraries
- AC_CHECK_FUNC(NSS_InitContext,
- [
- AC_DEFINE(HAVE_NSS_INITCONTEXT, 1, [if you have the NSS_InitContext function])
- AC_SUBST(HAVE_NSS_INITCONTEXT, [1])
- ])
-
dnl when shared libs were found in a path that the run-time
dnl linker doesn't search through, we need to add it to
dnl LD_LIBRARY_PATH to prevent further configure tests to fail
diff --git a/lib/nss.c b/lib/nss.c
index bd9f937..cdfed41 100644
--- a/lib/nss.c
+++ b/lib/nss.c
@@ -77,9 +77,7 @@ PRFileDesc *PR_ImportTCPSocket(PRInt32 osfd);
PRLock * nss_initlock = NULL;
PRLock * nss_crllock = NULL;
-#ifdef HAVE_NSS_INITCONTEXT
NSSInitContext * nss_context = NULL;
-#endif
volatile int initialized = 0;
@@ -893,7 +891,6 @@ isTLSIntoleranceError(PRInt32 err)
static CURLcode nss_init_core(struct SessionHandle *data, const char *cert_dir)
{
-#ifdef HAVE_NSS_INITCONTEXT
NSSInitParameters initparams;
if(nss_context != NULL)
@@ -901,12 +898,6 @@ static CURLcode nss_init_core(struct SessionHandle *data, const char *cert_dir)
memset((void *) &initparams, '\0', sizeof(initparams));
initparams.length = sizeof(initparams);
-#else /* HAVE_NSS_INITCONTEXT */
- SECStatus rv;
-
- if(NSS_IsInitialized())
- return CURLE_OK;
-#endif
if(cert_dir) {
const bool use_sql = NSS_VersionCheck("3.12.0");
@@ -915,35 +906,22 @@ static CURLcode nss_init_core(struct SessionHandle *data, const char *cert_dir)
return CURLE_OUT_OF_MEMORY;
infof(data, "Initializing NSS with certpath: %s\n", certpath);
-#ifdef HAVE_NSS_INITCONTEXT
nss_context = NSS_InitContext(certpath, "", "", "", &initparams,
NSS_INIT_READONLY | NSS_INIT_PK11RELOAD);
free(certpath);
if(nss_context != NULL)
return CURLE_OK;
-#else /* HAVE_NSS_INITCONTEXT */
- rv = NSS_Initialize(certpath, "", "", "", NSS_INIT_READONLY);
- free(certpath);
-
- if(rv == SECSuccess)
- return CURLE_OK;
-#endif
infof(data, "Unable to initialize NSS database\n");
}
infof(data, "Initializing NSS with certpath: none\n");
-#ifdef HAVE_NSS_INITCONTEXT
nss_context = NSS_InitContext("", "", "", "", &initparams, NSS_INIT_READONLY
| NSS_INIT_NOCERTDB | NSS_INIT_NOMODDB | NSS_INIT_FORCEOPEN
| NSS_INIT_NOROOTINIT | NSS_INIT_OPTIMIZESPACE | NSS_INIT_PK11RELOAD);
if(nss_context != NULL)
return CURLE_OK;
-#else /* HAVE_NSS_INITCONTEXT */
- if(NSS_NoDB_Init(NULL) == SECSuccess)
- return CURLE_OK;
-#endif
infof(data, "Unable to initialize NSS\n");
return CURLE_SSL_CACERT_BADFILE;
@@ -1039,12 +1017,8 @@ void Curl_nss_cleanup(void)
SECMOD_DestroyModule(mod);
mod = NULL;
}
-#ifdef HAVE_NSS_INITCONTEXT
NSS_ShutdownContext(nss_context);
nss_context = NULL;
-#else /* HAVE_NSS_INITCONTEXT */
- NSS_Shutdown();
-#endif
}
PR_Unlock(nss_initlock);
--
1.7.1
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2013-12-02