Loading CHANGES +4 −0 Original line number Diff line number Diff line Loading @@ -6,6 +6,10 @@ Changelog Daniel Stenberg (23 Sep 2008) - Rob Crittenden brought a patch to "add some locking for thread-safety to NSS implementation". Daniel Stenberg (22 Sep 2008) - Made the SOCKS code use the new Curl_read_plain() function to fix the bug Markus Moeller reported: http://curl.haxx.se/mail/archive-2008-09/0016.html Loading RELEASE-NOTES +2 −1 Original line number Diff line number Diff line Loading @@ -25,6 +25,7 @@ This release includes the following bugfixes: o GnuTLS-based multi interface doing HTTPS over proxy failed o recv() failures cause CURLE_RECV_ERROR o SFTP over SOCKS crash fixed o thread-safety issues addressed for NSS-powered libcurls This release includes the following known bugs: Loading @@ -39,6 +40,6 @@ advice from friends like these: Keith Mok, Yang Tse, Daniel Fandrich, Guenter Knauf, Dmitriy Sergeyev, Linus Nielsen Feltzing, Martin Drasar, Stefan Krause, Dmitry Kurochkin, Mike Revi, Andres Garcia, Michael Goffioul, Markus Moeller Mike Revi, Andres Garcia, Michael Goffioul, Markus Moeller, Rob Crittenden Thanks! (and sorry if I forgot to mention someone) lib/nss.c +23 −4 Original line number Diff line number Diff line Loading @@ -78,7 +78,9 @@ PRFileDesc *PR_ImportTCPSocket(PRInt32 osfd); int initialized = 0; PRLock * nss_initlock = NULL; volatile int initialized = 0; #define HANDSHAKE_TIMEOUT 30 Loading Loading @@ -837,8 +839,11 @@ static SECStatus SelectClientCert(void *arg, PRFileDesc *sock, */ int Curl_nss_init(void) { if(!initialized) /* curl_global_init() is not thread-safe so this test is ok */ if (nss_initlock == NULL) { PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 256); nss_initlock = PR_NewLock(); } /* We will actually initialize NSS later */ Loading @@ -848,7 +853,17 @@ int Curl_nss_init(void) /* Global cleanup */ void Curl_nss_cleanup(void) { /* This function isn't required to be threadsafe and this is only done * as a safety feature. */ PR_Lock(nss_initlock); if (initialized) NSS_Shutdown(); PR_Unlock(nss_initlock); PR_DestroyLock(nss_initlock); nss_initlock = NULL; initialized = 0; } Loading Loading @@ -926,7 +941,8 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex) return CURLE_OK; /* FIXME. NSS doesn't support multiple databases open at the same time. */ if(!initialized) { PR_Lock(nss_initlock); if(!initialized && !NSS_IsInitialized()) { initialized = 1; certDir = getenv("SSL_DIR"); /* Look in $SSL_DIR */ Loading @@ -950,6 +966,8 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex) if(rv != SECSuccess) { infof(conn->data, "Unable to initialize NSS database\n"); curlerr = CURLE_SSL_CACERT_BADFILE; initialized = 0; PR_Unlock(nss_initlock); goto error; } Loading @@ -972,6 +990,7 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex) } #endif } PR_Unlock(nss_initlock); model = PR_NewTCPSocket(); if(!model) Loading Loading
CHANGES +4 −0 Original line number Diff line number Diff line Loading @@ -6,6 +6,10 @@ Changelog Daniel Stenberg (23 Sep 2008) - Rob Crittenden brought a patch to "add some locking for thread-safety to NSS implementation". Daniel Stenberg (22 Sep 2008) - Made the SOCKS code use the new Curl_read_plain() function to fix the bug Markus Moeller reported: http://curl.haxx.se/mail/archive-2008-09/0016.html Loading
RELEASE-NOTES +2 −1 Original line number Diff line number Diff line Loading @@ -25,6 +25,7 @@ This release includes the following bugfixes: o GnuTLS-based multi interface doing HTTPS over proxy failed o recv() failures cause CURLE_RECV_ERROR o SFTP over SOCKS crash fixed o thread-safety issues addressed for NSS-powered libcurls This release includes the following known bugs: Loading @@ -39,6 +40,6 @@ advice from friends like these: Keith Mok, Yang Tse, Daniel Fandrich, Guenter Knauf, Dmitriy Sergeyev, Linus Nielsen Feltzing, Martin Drasar, Stefan Krause, Dmitry Kurochkin, Mike Revi, Andres Garcia, Michael Goffioul, Markus Moeller Mike Revi, Andres Garcia, Michael Goffioul, Markus Moeller, Rob Crittenden Thanks! (and sorry if I forgot to mention someone)
lib/nss.c +23 −4 Original line number Diff line number Diff line Loading @@ -78,7 +78,9 @@ PRFileDesc *PR_ImportTCPSocket(PRInt32 osfd); int initialized = 0; PRLock * nss_initlock = NULL; volatile int initialized = 0; #define HANDSHAKE_TIMEOUT 30 Loading Loading @@ -837,8 +839,11 @@ static SECStatus SelectClientCert(void *arg, PRFileDesc *sock, */ int Curl_nss_init(void) { if(!initialized) /* curl_global_init() is not thread-safe so this test is ok */ if (nss_initlock == NULL) { PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 256); nss_initlock = PR_NewLock(); } /* We will actually initialize NSS later */ Loading @@ -848,7 +853,17 @@ int Curl_nss_init(void) /* Global cleanup */ void Curl_nss_cleanup(void) { /* This function isn't required to be threadsafe and this is only done * as a safety feature. */ PR_Lock(nss_initlock); if (initialized) NSS_Shutdown(); PR_Unlock(nss_initlock); PR_DestroyLock(nss_initlock); nss_initlock = NULL; initialized = 0; } Loading Loading @@ -926,7 +941,8 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex) return CURLE_OK; /* FIXME. NSS doesn't support multiple databases open at the same time. */ if(!initialized) { PR_Lock(nss_initlock); if(!initialized && !NSS_IsInitialized()) { initialized = 1; certDir = getenv("SSL_DIR"); /* Look in $SSL_DIR */ Loading @@ -950,6 +966,8 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex) if(rv != SECSuccess) { infof(conn->data, "Unable to initialize NSS database\n"); curlerr = CURLE_SSL_CACERT_BADFILE; initialized = 0; PR_Unlock(nss_initlock); goto error; } Loading @@ -972,6 +990,7 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex) } #endif } PR_Unlock(nss_initlock); model = PR_NewTCPSocket(); if(!model) Loading
