You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
102 lines
3.4 KiB
102 lines
3.4 KiB
From 543ba995e5beb83a754a8f844491446747c83572 Mon Sep 17 00:00:00 2001 |
|
From: Kamil Dudka <kdudka@redhat.com> |
|
Date: Thu, 8 Feb 2018 11:23:49 +0100 |
|
Subject: [PATCH] nss: use PK11_CreateManagedGenericObject() if available |
|
|
|
... so that the memory allocated by applications using libcurl does not |
|
grow per each TLS connection. |
|
|
|
Bug: https://bugzilla.redhat.com/1510247 |
|
|
|
Closes #2297 |
|
|
|
Upstream-commit: 1605d93a7b8ac4b7f348e304e018e9d15ffaabf0 |
|
Signed-off-by: Kamil Dudka <kdudka@redhat.com> |
|
--- |
|
configure | 10 ++++++++++ |
|
configure.ac | 9 +++++++++ |
|
lib/curl_config.h.in | 3 +++ |
|
lib/nss.c | 12 +++++++++++- |
|
4 files changed, 33 insertions(+), 1 deletion(-) |
|
|
|
diff --git a/configure b/configure |
|
index fc260ee..3c77748 100755 |
|
--- a/configure |
|
+++ b/configure |
|
@@ -23753,6 +23753,16 @@ $as_echo "$as_me: detected NSS version $version" >&6;} |
|
NSS_LIBS=$addlib |
|
|
|
|
|
+ ac_fn_c_check_func "$LINENO" "PK11_CreateManagedGenericObject" "ac_cv_func_PK11_CreateManagedGenericObject" |
|
+if test "x$ac_cv_func_PK11_CreateManagedGenericObject" = xyes; then : |
|
+ |
|
+ |
|
+$as_echo "#define HAVE_PK11_CREATEMANAGEDGENERICOBJECT 1" >>confdefs.h |
|
+ |
|
+ |
|
+fi |
|
+ |
|
+ |
|
if test "x$cross_compiling" != "xyes"; then |
|
LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$nssprefix/lib$libsuff" |
|
export LD_LIBRARY_PATH |
|
diff --git a/configure.ac b/configure.ac |
|
index 9612c2f..887ded9 100644 |
|
--- a/configure.ac |
|
+++ b/configure.ac |
|
@@ -2216,6 +2216,15 @@ if test "$curl_ssl_msg" = "$init_ssl_msg"; then |
|
NSS_LIBS=$addlib |
|
AC_SUBST([NSS_LIBS]) |
|
|
|
+ dnl PK11_CreateManagedGenericObject() was introduced in NSS 3.34 because |
|
+ dnl PK11_DestroyGenericObject() does not release resources allocated by |
|
+ dnl PK11_CreateGenericObject() early enough. |
|
+ AC_CHECK_FUNC(PK11_CreateManagedGenericObject, |
|
+ [ |
|
+ AC_DEFINE(HAVE_PK11_CREATEMANAGEDGENERICOBJECT, 1, |
|
+ [if you have the PK11_CreateManagedGenericObject function]) |
|
+ ]) |
|
+ |
|
dnl when shared libs were found in a path that the run-time |
|
dnl linker doesn't search through, we need to add it to |
|
dnl LD_LIBRARY_PATH to prevent further configure tests to fail |
|
diff --git a/lib/curl_config.h.in b/lib/curl_config.h.in |
|
index 19b66fa..9db354b 100644 |
|
--- a/lib/curl_config.h.in |
|
+++ b/lib/curl_config.h.in |
|
@@ -503,6 +503,9 @@ |
|
/* Define to 1 if you have the `pipe' function. */ |
|
#undef HAVE_PIPE |
|
|
|
+/* if you have the PK11_CreateManagedGenericObject function */ |
|
+#undef HAVE_PK11_CREATEMANAGEDGENERICOBJECT |
|
+ |
|
/* Define to 1 if you have a working poll function. */ |
|
#undef HAVE_POLL |
|
|
|
diff --git a/lib/nss.c b/lib/nss.c |
|
index 1b8abd3..31e5d75 100644 |
|
--- a/lib/nss.c |
|
+++ b/lib/nss.c |
|
@@ -399,7 +399,17 @@ static CURLcode nss_create_object(struct ssl_connect_data *ssl, |
|
PK11_SETATTRS(attrs, attr_cnt, CKA_TRUST, pval, sizeof(*pval)); |
|
} |
|
|
|
- obj = PK11_CreateGenericObject(slot, attrs, attr_cnt, PR_FALSE); |
|
+ /* PK11_CreateManagedGenericObject() was introduced in NSS 3.34 because |
|
+ * PK11_DestroyGenericObject() does not release resources allocated by |
|
+ * PK11_CreateGenericObject() early enough. */ |
|
+ obj = |
|
+#ifdef HAVE_PK11_CREATEMANAGEDGENERICOBJECT |
|
+ PK11_CreateManagedGenericObject |
|
+#else |
|
+ PK11_CreateGenericObject |
|
+#endif |
|
+ (slot, attrs, attr_cnt, PR_FALSE); |
|
+ |
|
PK11_FreeSlot(slot); |
|
if(!obj) |
|
return err; |
|
-- |
|
2.13.6 |
|
|
|
|