mirror of
https://github.com/moparisthebest/curl
synced 2024-08-13 17:03:50 -04:00
- Rob Crittenden brought a patch to "add some locking for thread-safety to NSS
implementation".
This commit is contained in:
parent
391e8afd1f
commit
23e5402bec
4
CHANGES
4
CHANGES
@ -6,6 +6,10 @@
|
|||||||
|
|
||||||
Changelog
|
Changelog
|
||||||
|
|
||||||
|
Daniel Stenberg (23 Sep 2008)
|
||||||
|
- Rob Crittenden brought a patch to "add some locking for thread-safety to NSS
|
||||||
|
implementation".
|
||||||
|
|
||||||
Daniel Stenberg (22 Sep 2008)
|
Daniel Stenberg (22 Sep 2008)
|
||||||
- Made the SOCKS code use the new Curl_read_plain() function to fix the bug
|
- Made the SOCKS code use the new Curl_read_plain() function to fix the bug
|
||||||
Markus Moeller reported: http://curl.haxx.se/mail/archive-2008-09/0016.html
|
Markus Moeller reported: http://curl.haxx.se/mail/archive-2008-09/0016.html
|
||||||
|
@ -25,6 +25,7 @@ This release includes the following bugfixes:
|
|||||||
o GnuTLS-based multi interface doing HTTPS over proxy failed
|
o GnuTLS-based multi interface doing HTTPS over proxy failed
|
||||||
o recv() failures cause CURLE_RECV_ERROR
|
o recv() failures cause CURLE_RECV_ERROR
|
||||||
o SFTP over SOCKS crash fixed
|
o SFTP over SOCKS crash fixed
|
||||||
|
o thread-safety issues addressed for NSS-powered libcurls
|
||||||
|
|
||||||
This release includes the following known bugs:
|
This release includes the following known bugs:
|
||||||
|
|
||||||
@ -39,6 +40,6 @@ advice from friends like these:
|
|||||||
|
|
||||||
Keith Mok, Yang Tse, Daniel Fandrich, Guenter Knauf, Dmitriy Sergeyev,
|
Keith Mok, Yang Tse, Daniel Fandrich, Guenter Knauf, Dmitriy Sergeyev,
|
||||||
Linus Nielsen Feltzing, Martin Drasar, Stefan Krause, Dmitry Kurochkin,
|
Linus Nielsen Feltzing, Martin Drasar, Stefan Krause, Dmitry Kurochkin,
|
||||||
Mike Revi, Andres Garcia, Michael Goffioul, Markus Moeller
|
Mike Revi, Andres Garcia, Michael Goffioul, Markus Moeller, Rob Crittenden
|
||||||
|
|
||||||
Thanks! (and sorry if I forgot to mention someone)
|
Thanks! (and sorry if I forgot to mention someone)
|
||||||
|
25
lib/nss.c
25
lib/nss.c
@ -78,7 +78,9 @@
|
|||||||
|
|
||||||
PRFileDesc *PR_ImportTCPSocket(PRInt32 osfd);
|
PRFileDesc *PR_ImportTCPSocket(PRInt32 osfd);
|
||||||
|
|
||||||
int initialized = 0;
|
PRLock * nss_initlock = NULL;
|
||||||
|
|
||||||
|
volatile int initialized = 0;
|
||||||
|
|
||||||
#define HANDSHAKE_TIMEOUT 30
|
#define HANDSHAKE_TIMEOUT 30
|
||||||
|
|
||||||
@ -837,8 +839,11 @@ static SECStatus SelectClientCert(void *arg, PRFileDesc *sock,
|
|||||||
*/
|
*/
|
||||||
int Curl_nss_init(void)
|
int Curl_nss_init(void)
|
||||||
{
|
{
|
||||||
if(!initialized)
|
/* curl_global_init() is not thread-safe so this test is ok */
|
||||||
|
if (nss_initlock == NULL) {
|
||||||
PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 256);
|
PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 256);
|
||||||
|
nss_initlock = PR_NewLock();
|
||||||
|
}
|
||||||
|
|
||||||
/* We will actually initialize NSS later */
|
/* We will actually initialize NSS later */
|
||||||
|
|
||||||
@ -848,7 +853,17 @@ int Curl_nss_init(void)
|
|||||||
/* Global cleanup */
|
/* Global cleanup */
|
||||||
void Curl_nss_cleanup(void)
|
void Curl_nss_cleanup(void)
|
||||||
{
|
{
|
||||||
|
/* This function isn't required to be threadsafe and this is only done
|
||||||
|
* as a safety feature.
|
||||||
|
*/
|
||||||
|
PR_Lock(nss_initlock);
|
||||||
|
if (initialized)
|
||||||
NSS_Shutdown();
|
NSS_Shutdown();
|
||||||
|
PR_Unlock(nss_initlock);
|
||||||
|
|
||||||
|
PR_DestroyLock(nss_initlock);
|
||||||
|
nss_initlock = NULL;
|
||||||
|
|
||||||
initialized = 0;
|
initialized = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -926,7 +941,8 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)
|
|||||||
return CURLE_OK;
|
return CURLE_OK;
|
||||||
|
|
||||||
/* FIXME. NSS doesn't support multiple databases open at the same time. */
|
/* FIXME. NSS doesn't support multiple databases open at the same time. */
|
||||||
if(!initialized) {
|
PR_Lock(nss_initlock);
|
||||||
|
if(!initialized && !NSS_IsInitialized()) {
|
||||||
initialized = 1;
|
initialized = 1;
|
||||||
|
|
||||||
certDir = getenv("SSL_DIR"); /* Look in $SSL_DIR */
|
certDir = getenv("SSL_DIR"); /* Look in $SSL_DIR */
|
||||||
@ -950,6 +966,8 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)
|
|||||||
if(rv != SECSuccess) {
|
if(rv != SECSuccess) {
|
||||||
infof(conn->data, "Unable to initialize NSS database\n");
|
infof(conn->data, "Unable to initialize NSS database\n");
|
||||||
curlerr = CURLE_SSL_CACERT_BADFILE;
|
curlerr = CURLE_SSL_CACERT_BADFILE;
|
||||||
|
initialized = 0;
|
||||||
|
PR_Unlock(nss_initlock);
|
||||||
goto error;
|
goto error;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -972,6 +990,7 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
PR_Unlock(nss_initlock);
|
||||||
|
|
||||||
model = PR_NewTCPSocket();
|
model = PR_NewTCPSocket();
|
||||||
if(!model)
|
if(!model)
|
||||||
|
Loading…
Reference in New Issue
Block a user