75 lines
1.9 KiB
Diff
75 lines
1.9 KiB
Diff
|
--- lib/fetch/common.c.orig 2016-04-24 19:23:10.086252434 +0200
|
||
|
+++ lib/fetch/common.c 2016-04-24 19:23:38.375203346 +0200
|
||
|
@@ -444,6 +444,8 @@ fetch_cache_put(conn_t *conn, int (*clos
|
||
|
|
||
|
|
||
|
#ifdef WITH_SSL
|
||
|
+
|
||
|
+#ifndef HAVE_STRNSTR
|
||
|
/*
|
||
|
* Find the first occurrence of find in s, where the search is limited to the
|
||
|
* first slen characters of s.
|
||
|
@@ -468,6 +470,7 @@ strnstr(const char *s, const char *find,
|
||
|
}
|
||
|
return ((char *)__UNCONST(s));
|
||
|
}
|
||
|
+#endif
|
||
|
|
||
|
/*
|
||
|
* Convert characters A-Z to lowercase (intentionally avoid any locale
|
||
|
@@ -640,8 +643,10 @@ fetch_ssl_get_numeric_addrinfo(const cha
|
||
|
hints.ai_protocol = 0;
|
||
|
hints.ai_flags = AI_NUMERICHOST;
|
||
|
/* port is not relevant for this purpose */
|
||
|
- if (getaddrinfo(host, "443", &hints, &res) != 0)
|
||
|
+ if (getaddrinfo(host, "443", &hints, &res) != 0) {
|
||
|
+ free(host);
|
||
|
return NULL;
|
||
|
+ }
|
||
|
free(host);
|
||
|
return res;
|
||
|
}
|
||
|
@@ -929,8 +934,18 @@ fetch_ssl_cb_verify_crt(int verified, X5
|
||
|
return (verified);
|
||
|
}
|
||
|
|
||
|
+static pthread_once_t ssl_init_once = PTHREAD_ONCE_INIT;
|
||
|
+
|
||
|
+static void
|
||
|
+ssl_init(void)
|
||
|
+{
|
||
|
+ /* Init the SSL library and context */
|
||
|
+ SSL_load_error_strings();
|
||
|
+ SSL_library_init();
|
||
|
+}
|
||
|
#endif
|
||
|
|
||
|
+
|
||
|
/*
|
||
|
* Enable SSL on a connection.
|
||
|
*/
|
||
|
@@ -943,16 +958,14 @@ fetch_ssl(conn_t *conn, const struct url
|
||
|
X509_NAME *name;
|
||
|
char *str;
|
||
|
|
||
|
- /* Init the SSL library and context */
|
||
|
- if (!SSL_library_init()){
|
||
|
- fprintf(stderr, "SSL library init failed\n");
|
||
|
- return (-1);
|
||
|
- }
|
||
|
-
|
||
|
- SSL_load_error_strings();
|
||
|
+ (void)pthread_once(&ssl_init_once, ssl_init);
|
||
|
|
||
|
- conn->ssl_meth = SSLv23_client_method();
|
||
|
- conn->ssl_ctx = SSL_CTX_new(conn->ssl_meth);
|
||
|
+ conn->ssl_ctx = SSL_CTX_new(SSLv23_client_method());
|
||
|
+ if (conn->ssl_ctx == NULL) {
|
||
|
+ fprintf(stderr, "failed to create SSL context\n");
|
||
|
+ ERR_print_errors_fp(stderr);
|
||
|
+ return -1;
|
||
|
+ }
|
||
|
SSL_CTX_set_mode(conn->ssl_ctx, SSL_MODE_AUTO_RETRY);
|
||
|
|
||
|
fetch_ssl_setup_transport_layer(conn->ssl_ctx, verbose);
|