|
|
f0f8d7 |
From 543ba995e5beb83a754a8f844491446747c83572 Mon Sep 17 00:00:00 2001
|
|
|
f0f8d7 |
From: Kamil Dudka <kdudka@redhat.com>
|
|
|
f0f8d7 |
Date: Thu, 8 Feb 2018 11:23:49 +0100
|
|
|
f0f8d7 |
Subject: [PATCH] nss: use PK11_CreateManagedGenericObject() if available
|
|
|
f0f8d7 |
|
|
|
f0f8d7 |
... so that the memory allocated by applications using libcurl does not
|
|
|
f0f8d7 |
grow per each TLS connection.
|
|
|
f0f8d7 |
|
|
|
f0f8d7 |
Bug: https://bugzilla.redhat.com/1510247
|
|
|
f0f8d7 |
|
|
|
f0f8d7 |
Closes #2297
|
|
|
f0f8d7 |
|
|
|
f0f8d7 |
Upstream-commit: 1605d93a7b8ac4b7f348e304e018e9d15ffaabf0
|
|
|
f0f8d7 |
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
|
|
f0f8d7 |
---
|
|
|
f0f8d7 |
configure | 10 ++++++++++
|
|
|
f0f8d7 |
configure.ac | 9 +++++++++
|
|
|
f0f8d7 |
lib/curl_config.h.in | 3 +++
|
|
|
f0f8d7 |
lib/nss.c | 12 +++++++++++-
|
|
|
f0f8d7 |
4 files changed, 33 insertions(+), 1 deletion(-)
|
|
|
f0f8d7 |
|
|
|
f0f8d7 |
diff --git a/configure b/configure
|
|
|
f0f8d7 |
index fc260ee..3c77748 100755
|
|
|
f0f8d7 |
--- a/configure
|
|
|
f0f8d7 |
+++ b/configure
|
|
|
f0f8d7 |
@@ -23753,6 +23753,16 @@ $as_echo "$as_me: detected NSS version $version" >&6;}
|
|
|
f0f8d7 |
NSS_LIBS=$addlib
|
|
|
f0f8d7 |
|
|
|
f0f8d7 |
|
|
|
f0f8d7 |
+ ac_fn_c_check_func "$LINENO" "PK11_CreateManagedGenericObject" "ac_cv_func_PK11_CreateManagedGenericObject"
|
|
|
f0f8d7 |
+if test "x$ac_cv_func_PK11_CreateManagedGenericObject" = xyes; then :
|
|
|
f0f8d7 |
+
|
|
|
f0f8d7 |
+
|
|
|
f0f8d7 |
+$as_echo "#define HAVE_PK11_CREATEMANAGEDGENERICOBJECT 1" >>confdefs.h
|
|
|
f0f8d7 |
+
|
|
|
f0f8d7 |
+
|
|
|
f0f8d7 |
+fi
|
|
|
f0f8d7 |
+
|
|
|
f0f8d7 |
+
|
|
|
f0f8d7 |
if test "x$cross_compiling" != "xyes"; then
|
|
|
f0f8d7 |
LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$nssprefix/lib$libsuff"
|
|
|
f0f8d7 |
export LD_LIBRARY_PATH
|
|
|
f0f8d7 |
diff --git a/configure.ac b/configure.ac
|
|
|
f0f8d7 |
index 9612c2f..887ded9 100644
|
|
|
f0f8d7 |
--- a/configure.ac
|
|
|
f0f8d7 |
+++ b/configure.ac
|
|
|
f0f8d7 |
@@ -2216,6 +2216,15 @@ if test "$curl_ssl_msg" = "$init_ssl_msg"; then
|
|
|
f0f8d7 |
NSS_LIBS=$addlib
|
|
|
f0f8d7 |
AC_SUBST([NSS_LIBS])
|
|
|
f0f8d7 |
|
|
|
f0f8d7 |
+ dnl PK11_CreateManagedGenericObject() was introduced in NSS 3.34 because
|
|
|
f0f8d7 |
+ dnl PK11_DestroyGenericObject() does not release resources allocated by
|
|
|
f0f8d7 |
+ dnl PK11_CreateGenericObject() early enough.
|
|
|
f0f8d7 |
+ AC_CHECK_FUNC(PK11_CreateManagedGenericObject,
|
|
|
f0f8d7 |
+ [
|
|
|
f0f8d7 |
+ AC_DEFINE(HAVE_PK11_CREATEMANAGEDGENERICOBJECT, 1,
|
|
|
f0f8d7 |
+ [if you have the PK11_CreateManagedGenericObject function])
|
|
|
f0f8d7 |
+ ])
|
|
|
f0f8d7 |
+
|
|
|
f0f8d7 |
dnl when shared libs were found in a path that the run-time
|
|
|
f0f8d7 |
dnl linker doesn't search through, we need to add it to
|
|
|
f0f8d7 |
dnl LD_LIBRARY_PATH to prevent further configure tests to fail
|
|
|
f0f8d7 |
diff --git a/lib/curl_config.h.in b/lib/curl_config.h.in
|
|
|
f0f8d7 |
index 19b66fa..9db354b 100644
|
|
|
f0f8d7 |
--- a/lib/curl_config.h.in
|
|
|
f0f8d7 |
+++ b/lib/curl_config.h.in
|
|
|
f0f8d7 |
@@ -503,6 +503,9 @@
|
|
|
f0f8d7 |
/* Define to 1 if you have the `pipe' function. */
|
|
|
f0f8d7 |
#undef HAVE_PIPE
|
|
|
f0f8d7 |
|
|
|
f0f8d7 |
+/* if you have the PK11_CreateManagedGenericObject function */
|
|
|
f0f8d7 |
+#undef HAVE_PK11_CREATEMANAGEDGENERICOBJECT
|
|
|
f0f8d7 |
+
|
|
|
f0f8d7 |
/* Define to 1 if you have a working poll function. */
|
|
|
f0f8d7 |
#undef HAVE_POLL
|
|
|
f0f8d7 |
|
|
|
f0f8d7 |
diff --git a/lib/nss.c b/lib/nss.c
|
|
|
f0f8d7 |
index 1b8abd3..31e5d75 100644
|
|
|
f0f8d7 |
--- a/lib/nss.c
|
|
|
f0f8d7 |
+++ b/lib/nss.c
|
|
|
f0f8d7 |
@@ -399,7 +399,17 @@ static CURLcode nss_create_object(struct ssl_connect_data *ssl,
|
|
|
f0f8d7 |
PK11_SETATTRS(attrs, attr_cnt, CKA_TRUST, pval, sizeof(*pval));
|
|
|
f0f8d7 |
}
|
|
|
f0f8d7 |
|
|
|
f0f8d7 |
- obj = PK11_CreateGenericObject(slot, attrs, attr_cnt, PR_FALSE);
|
|
|
f0f8d7 |
+ /* PK11_CreateManagedGenericObject() was introduced in NSS 3.34 because
|
|
|
f0f8d7 |
+ * PK11_DestroyGenericObject() does not release resources allocated by
|
|
|
f0f8d7 |
+ * PK11_CreateGenericObject() early enough. */
|
|
|
f0f8d7 |
+ obj =
|
|
|
f0f8d7 |
+#ifdef HAVE_PK11_CREATEMANAGEDGENERICOBJECT
|
|
|
f0f8d7 |
+ PK11_CreateManagedGenericObject
|
|
|
f0f8d7 |
+#else
|
|
|
f0f8d7 |
+ PK11_CreateGenericObject
|
|
|
f0f8d7 |
+#endif
|
|
|
f0f8d7 |
+ (slot, attrs, attr_cnt, PR_FALSE);
|
|
|
f0f8d7 |
+
|
|
|
f0f8d7 |
PK11_FreeSlot(slot);
|
|
|
f0f8d7 |
if(!obj)
|
|
|
f0f8d7 |
return err;
|
|
|
f0f8d7 |
--
|
|
|
f0f8d7 |
2.13.6
|
|
|
f0f8d7 |
|