diff options
| author | dequis <dx@dxzone.com.ar> | 2014-07-24 00:51:07 -0300 |
|---|---|---|
| committer | dequis <dx@dxzone.com.ar> | 2014-07-24 00:51:07 -0300 |
| commit | 59e66ff766cbef04883c1d7477d66c7e9b515833 (patch) | |
| tree | 6b0a969b50c3ac37430a7ddcdf63620067f02ec8 /irc.c | |
| parent | 269580c6302a677e07176494bd314c7e2a8f488f (diff) | |
Fix the NSS init after fork bug, and clean up lies in unix.c
This might look like a simple diff, but those 'lies' made this not very
straightforward.
The NSS bug itself is simple: NSS detects a fork happened after the
initialization, and refuses to work because shared CSPRNG state is bad.
The bug has been around for long time. I've been aware of it for 5
months, which says something about this mess. Trac link:
http://bugs.bitlbee.org/bitlbee/ticket/785
This wasn't a big deal because the main users of NSS (redhat) already
applied a different patch in their packages that workarounded the issue
somewhat accidentally. And this is the ticket for the 'lies' in unix.c:
http://bugs.bitlbee.org/bitlbee/ticket/1159
Basically a conflict with libotr that doesn't happen anymore. Read that
ticket for details on why ignoring those comments is acceptable.
Anyway: yay!
Diffstat (limited to 'irc.c')
| -rw-r--r-- | irc.c | 6 |
1 files changed, 6 insertions, 0 deletions
@@ -26,6 +26,7 @@ #include "bitlbee.h" #include "ipc.h" #include "dcc.h" +#include "lib/ssl_client.h" GSList *irc_connection_list; GSList *irc_plugins; @@ -170,6 +171,11 @@ irc_t *irc_new( int fd ) #ifdef WITH_PURPLE nogaim_init(); #endif + + /* SSL library initialization also should be done after the fork, to + avoid shared CSPRNG state. This is required by NSS, which refuses to + work if a fork is detected */ + ssl_init(); for( l = irc_plugins; l; l = l->next ) { |