rpms / curl

Clone
Source Code
GIT

Files

f10 f11 f12 f13 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f30 f31 f32 f33 f34 f35 f36 f37 f38 f39 f40 f7 f8 f9 http2 main metalink olpc2 private-kdudka-bisect-curl-7.78.0 private-kdudka-debug-scp private-kdudka-libcurl-minimal private-kdudka-libcurl-nss private-kdudka-libcurl-openssl private-kdudka-rebase rawhide
  1.   f26
  2.   0015-curl-7.53.1-nss-obj-leak.patch
Blob Blame History Raw 
From 71b60fecb26c3e78db01090e03cf5f0eeb9c97e0 Mon Sep 17 00:00:00 2001
From: Kamil Dudka <kdudka@redhat.com>
Date: Thu, 8 Feb 2018 11:23:49 +0100
Subject: [PATCH] nss: use PK11_CreateManagedGenericObject() if available

... so that the memory allocated by applications using libcurl does not
grow per each TLS connection.

Bug: https://bugzilla.redhat.com/1510247

Closes #2297

Upstream-commit: 1605d93a7b8ac4b7f348e304e018e9d15ffaabf0
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
---
 configure            | 10 ++++++++++
 configure.ac         |  9 +++++++++
 lib/curl_config.h.in |  3 +++
 lib/vtls/nss.c       | 12 +++++++++++-
 4 files changed, 33 insertions(+), 1 deletion(-)

diff --git a/configure b/configure
index b7030ff..c525b5a 100755
--- a/configure
+++ b/configure
@@ -25091,6 +25091,16 @@ fi
       { $as_echo "$as_me:${as_lineno-$LINENO}: detected NSS version $version" >&5
 $as_echo "$as_me: detected NSS version $version" >&6;}
 
+                        ac_fn_c_check_func "$LINENO" "PK11_CreateManagedGenericObject" "ac_cv_func_PK11_CreateManagedGenericObject"
+if test "x$ac_cv_func_PK11_CreateManagedGenericObject" = xyes; then :
+
+
+$as_echo "#define HAVE_PK11_CREATEMANAGEDGENERICOBJECT 1" >>confdefs.h
+
+
+fi
+
+
             NSS_LIBS=$addlib
 
 
diff --git a/configure.ac b/configure.ac
index 1e76c49..dafbf0f 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2333,6 +2333,15 @@ if test "$curl_ssl_msg" = "$init_ssl_msg"; then
     if test "x$USE_NSS" = "xyes"; then
       AC_MSG_NOTICE([detected NSS version $version])
 
+      dnl PK11_CreateManagedGenericObject() was introduced in NSS 3.34 because
+      dnl PK11_DestroyGenericObject() does not release resources allocated by
+      dnl PK11_CreateGenericObject() early enough.
+      AC_CHECK_FUNC(PK11_CreateManagedGenericObject,
+        [
+          AC_DEFINE(HAVE_PK11_CREATEMANAGEDGENERICOBJECT, 1,
+                    [if you have the PK11_CreateManagedGenericObject function])
+        ])
+
       dnl needed when linking the curl tool without USE_EXPLICIT_LIB_DEPS
       NSS_LIBS=$addlib
       AC_SUBST([NSS_LIBS])
diff --git a/lib/curl_config.h.in b/lib/curl_config.h.in
index 60e9d23..b5fad6f 100644
--- a/lib/curl_config.h.in
+++ b/lib/curl_config.h.in
@@ -501,6 +501,9 @@
 /* Define to 1 if you have the `pipe' function. */
 #undef HAVE_PIPE
 
+/* if you have the PK11_CreateManagedGenericObject function */
+#undef HAVE_PK11_CREATEMANAGEDGENERICOBJECT
+
 /* Define to 1 if you have a working poll function. */
 #undef HAVE_POLL
 
diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c
index 4c90400..273e521 100644
--- a/lib/vtls/nss.c
+++ b/lib/vtls/nss.c
@@ -412,7 +412,17 @@ static CURLcode nss_create_object(struct ssl_connect_data *ssl,
     PK11_SETATTRS(attrs, attr_cnt, CKA_TRUST, pval, sizeof(*pval));
   }
 
-  obj = PK11_CreateGenericObject(slot, attrs, attr_cnt, PR_FALSE);
+  /* PK11_CreateManagedGenericObject() was introduced in NSS 3.34 because
+   * PK11_DestroyGenericObject() does not release resources allocated by
+   * PK11_CreateGenericObject() early enough.  */
+  obj =
+#ifdef HAVE_PK11_CREATEMANAGEDGENERICOBJECT
+    PK11_CreateManagedGenericObject
+#else
+    PK11_CreateGenericObject
+#endif
+    (slot, attrs, attr_cnt, PR_FALSE);
+
   PK11_FreeSlot(slot);
   if(!obj)
     return result;
-- 
2.13.6
Powered by Pagure 5.14.1
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.