rpms / bitlbee

Clone
Source Code
GIT

Files

el4 el5 el6 epel7 epel8 epel9 f10 f11 f12 f13 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f30 f31 f32 f33 f34 f35 f36 f37 f38 f39 f40 f7 f8 f9 fc6 main rawhide
  1.   el5
  2.   bitlbee-3.2.2-nss-forkdaemon.patch
Blob Blame History Raw 
From d77df0ab3fceaca84932f90948a24eec4f576fb0 Mon Sep 17 00:00:00 2001
From: dequis <dx@dxzone.com.ar>
Date: Wed, 9 Jul 2014 07:58:30 -0300
Subject: [PATCH] Fix the NSS init after fork bug, and clean up lies in unix.c

This might look like a simple diff, but those 'lies' made this not very
straightforward.

The NSS bug itself is simple: NSS detects a fork happened after the
initialization, and refuses to work because shared CSPRNG state is bad.
The bug has been around for long time. I've been aware of it for 5
months, which says something about this mess. Trac link:

http://bugs.bitlbee.org/bitlbee/ticket/785

This wasn't a big deal because the main users of NSS (redhat) already
applied a different patch in their packages that workarounded the issue
somewhat accidentally. And this is the ticket for the 'lies' in unix.c:

http://bugs.bitlbee.org/bitlbee/ticket/1159

Basically a conflict with libotr that doesn't happen anymore. Read that
ticket for details on why ignoring those comments is acceptable.

Anyway: yay!
---
 irc.c  | 6 ++++++
 unix.c | 9 ---------
 2 files changed, 6 insertions(+), 9 deletions(-)

diff --git a/irc.c b/irc.c
index 187004c..f864e31 100644
--- a/irc.c
+++ b/irc.c
@@ -26,6 +26,7 @@
 #include "bitlbee.h"
 #include "ipc.h"
 #include "dcc.h"
+#include "lib/ssl_client.h"
 
 GSList *irc_connection_list;
 GSList *irc_plugins;
@@ -170,6 +171,11 @@ irc_t *irc_new( int fd )
 #ifdef WITH_PURPLE
 	nogaim_init();
 #endif
+
+	/* SSL library initialization also should be done after the fork, to
+	   avoid shared CSPRNG state. This is required by NSS, which refuses to
+	   work if a fork is detected */
+	ssl_init();
 	
 	for( l = irc_plugins; l; l = l->next )
 	{
diff --git a/unix.c b/unix.c
index 1ea24af..329b33c 100644
--- a/unix.c
+++ b/unix.c
@@ -31,7 +31,6 @@
 #include "protocols/nogaim.h"
 #include "help.h"
 #include "ipc.h"
-#include "lib/ssl_client.h"
 #include "md5.h"
 #include "misc.h"
 #include <signal.h>
@@ -81,17 +80,9 @@ int main( int argc, char *argv[] )
 	nogaim_init();
 #endif
 	
- 	/* Ugly Note: libotr and gnutls both use libgcrypt. libgcrypt
- 	   has a process-global config state whose initialization happpens
- 	   twice if libotr and gnutls are used together. libotr installs custom
- 	   memory management functions for libgcrypt while our gnutls module
- 	   uses the defaults. Therefore we initialize OTR after SSL. *sigh* */
- 	ssl_init();
 #ifdef OTR_BI
  	otr_init();
 #endif
-	/* And in case OTR is loaded as a plugin, it'll also get loaded after
-	   this point. */
 	
 	srand( time( NULL ) ^ getpid() );
 	
-- 
2.0.0
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.