Changeset 59e66ff for irc.c


Ignore:
Timestamp:
2014-07-24T03:51:07Z (5 years ago)
Author:
dequis <dx@…>
Branches:
master
Children:
632627e
Parents:
269580c
Message:

Fix the NSS init after fork bug, and clean up lies in unix.c

This might look like a simple diff, but those 'lies' made this not very
straightforward.

The NSS bug itself is simple: NSS detects a fork happened after the
initialization, and refuses to work because shared CSPRNG state is bad.
The bug has been around for long time. I've been aware of it for 5
months, which says something about this mess. Trac link:

http://bugs.bitlbee.org/bitlbee/ticket/785

This wasn't a big deal because the main users of NSS (redhat) already
applied a different patch in their packages that workarounded the issue
somewhat accidentally. And this is the ticket for the 'lies' in unix.c:

http://bugs.bitlbee.org/bitlbee/ticket/1159

Basically a conflict with libotr that doesn't happen anymore. Read that
ticket for details on why ignoring those comments is acceptable.

Anyway: yay!

File:
1 edited

Legend:

Unmodified
Added
Removed
  • irc.c

    r269580c r59e66ff  
    2727#include "ipc.h"
    2828#include "dcc.h"
     29#include "lib/ssl_client.h"
    2930
    3031GSList *irc_connection_list;
     
    171172        nogaim_init();
    172173#endif
     174
     175        /* SSL library initialization also should be done after the fork, to
     176           avoid shared CSPRNG state. This is required by NSS, which refuses to
     177           work if a fork is detected */
     178        ssl_init();
    173179       
    174180        for( l = irc_plugins; l; l = l->next )
Note: See TracChangeset for help on using the changeset viewer.