cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: NSS support quirks

From: Guenter <lists_at_gknw.net>
Date: Sun, 06 Sep 2009 19:25:00 +0200

Hi,
> From: Rob Crittenden <rcritten_at_redhat.com>
> Date: Fri, 13 Jun 2008 09:37:53 -0400
>
> Daniel Stenberg wrote:
>> On Fri, 13 Jun 2008, Arnaud Ebalard wrote:
>>
>>> Hum, it may be sth else but it seems that both errors are related to
>>> the code we provided for CRL and issuer check, which is untested with
>>> the nss backend. We mainly took into account some comments sent by Rob.
>>
>> Right, the missing CERT_* function comes from there.
>>
>> My annoyance is really not directed towards anyone of you who have
>> contributed code to libcurl but on the NSS project that seems to be
>> doing everything so hard to find, see and track.
>>
>>> As you might have noticed, building libcurl under Debian creates
>>> libcurl*-openssl and libcurl*-nss versions but does not provide any
>>> libcurl*-nss. Hence the lack of tests of our patches with nss.
>>
>> I never build (lib)curl using what Debian ships so I have no idea about
>> those things! I build my curl stuff from CVS...
>>
>
> This will fix the warnings.
>
> diff -u -r1.23 nss.c
> --- lib/nss.c 12 Jun 2008 22:00:35 -0000 1.23
> +++ lib/nss.c 13 Jun 2008 13:33:21 -0000
> @@ -62,6 +62,8 @@
> #include <prio.h>
> #include <secitem.h>
> #include <secport.h>
> +#include <nss3/base64.h>
> +#include <certdb.h>
>
> #include "memory.h"
> #include "easyif.h" /* for Curl_convert_from_utf8 prototype */
>
> This needs to explicitly use nss3/base64.h for the right include to be
> found since curl provides its own base64.h. I can see that breaking on
> some platforms. It worked ok for me on Fedora 8.
>
> The function CERT_CompareCerts() is trickier. It is an unexported
> function in NSS. The easy solution is to simply make a local private
> copy of it in nss.c. I can provide a patch if this is a way you'd be
> willing to go.
>
> rob

it seems that the base64.h include was fallen under the table, and I
still see these warnings:
http://curl.haxx.se/auto/log.cgi?id=20090906144436-25089#prob7
now that we have renamed our base64.h to curl_base64.h should we just add:
#include <base64.h>
or should we still use the nss3 prefix?

Gün,
Received on 2009-09-06