From 3a7fae97dc994e8a1ac5f2253527c7b76c86e8be Mon Sep 17 00:00:00 2001
From: Remi Collet <fedora@famillecollet.com>
Date: Wed, 20 Mar 2013 12:53:53 +0100
Subject: curl: sync with 7.27.0-7 from F18

---
 0004-curl-7.27.0-52b6eda4.patch | 115 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 115 insertions(+)
 create mode 100644 0004-curl-7.27.0-52b6eda4.patch

(limited to '0004-curl-7.27.0-52b6eda4.patch')

diff --git a/0004-curl-7.27.0-52b6eda4.patch b/0004-curl-7.27.0-52b6eda4.patch
new file mode 100644
index 0000000..a6b751b
--- /dev/null
+++ b/0004-curl-7.27.0-52b6eda4.patch
@@ -0,0 +1,115 @@
+From fea7914a32b7d7a8ec4bbf4de0c2be74a32969bb Mon Sep 17 00:00:00 2001
+From: Kamil Dudka <kdudka@redhat.com>
+Date: Thu, 9 Aug 2012 09:40:00 +0200
+Subject: [PATCH 1/2] nss: do not print misleading NSS error codes
+
+[upstream commit 52b6eda4f2a006e33358c6964ef6a00b09ae59ab]
+---
+ lib/nss.c |   42 ++++++++++++++++++++++++++++++------------
+ 1 files changed, 30 insertions(+), 12 deletions(-)
+
+diff --git a/lib/nss.c b/lib/nss.c
+index b11796c..a8e08f4 100644
+--- a/lib/nss.c
++++ b/lib/nss.c
+@@ -1084,17 +1084,31 @@ int Curl_nss_close_all(struct SessionHandle *data)
+   return 0;
+ }
+ 
+-/* return true if the given error code is related to a client certificate */
+-static bool is_cc_error(PRInt32 err)
++/* return true if NSS can provide error code (and possibly msg) for the error */
++static bool is_nss_error(CURLcode err)
+ {
+   switch(err) {
+-  case SSL_ERROR_BAD_CERT_ALERT:
++  case CURLE_PEER_FAILED_VERIFICATION:
++  case CURLE_SSL_CACERT:
++  case CURLE_SSL_CACERT_BADFILE:
++  case CURLE_SSL_CERTPROBLEM:
++  case CURLE_SSL_CONNECT_ERROR:
++  case CURLE_SSL_CRL_BADFILE:
++  case CURLE_SSL_ISSUER_ERROR:
+     return true;
+ 
+-  case SSL_ERROR_REVOKED_CERT_ALERT:
+-    return true;
++  default:
++    return false;
++  }
++}
+ 
++/* return true if the given error code is related to a client certificate */
++static bool is_cc_error(PRInt32 err)
++{
++  switch(err) {
++  case SSL_ERROR_BAD_CERT_ALERT:
+   case SSL_ERROR_EXPIRED_CERT_ALERT:
++  case SSL_ERROR_REVOKED_CERT_ALERT:
+     return true;
+ 
+   default:
+@@ -1388,6 +1402,7 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)
+   time_left = Curl_timeleft(data, NULL, TRUE);
+   if(time_left < 0L) {
+     failf(data, "timed out before SSL handshake");
++    curlerr = CURLE_OPERATION_TIMEDOUT;
+     goto error;
+   }
+   timeout = PR_MillisecondsToInterval((PRUint32) time_left);
+@@ -1432,15 +1447,18 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)
+   /* reset the flag to avoid an infinite loop */
+   data->state.ssl_connect_retry = FALSE;
+ 
+-  err = PR_GetError();
+-  if(is_cc_error(err))
+-    curlerr = CURLE_SSL_CERTPROBLEM;
++  if(is_nss_error(curlerr)) {
++    /* read NSPR error code */
++    err = PR_GetError();
++    if(is_cc_error(err))
++      curlerr = CURLE_SSL_CERTPROBLEM;
+ 
+-  /* print the error number and error string */
+-  infof(data, "NSS error %d (%s)\n", err, nss_error_to_name(err));
++    /* print the error number and error string */
++    infof(data, "NSS error %d (%s)\n", err, nss_error_to_name(err));
+ 
+-  /* print a human-readable message describing the error if available */
+-  nss_print_error_message(data, err);
++    /* print a human-readable message describing the error if available */
++    nss_print_error_message(data, err);
++  }
+ 
+   if(model)
+     PR_Close(model);
+-- 
+1.7.1
+
+
+From b00ba010d0cd0a6ee77692fd4e38e6680b07a82e Mon Sep 17 00:00:00 2001
+From: Marc Hoersken <info@marc-hoersken.de>
+Date: Tue, 11 Sep 2012 09:49:23 +0200
+Subject: [PATCH 2/2] nss.c: Fixed warning: 'err' may be used uninitialized in this function
+
+[upstream commit e6ba0487013085afc5bc1ca7d7c8a15a13367ba6]
+---
+ lib/nss.c |    2 +-
+ 1 files changed, 1 insertions(+), 1 deletions(-)
+
+diff --git a/lib/nss.c b/lib/nss.c
+index a8e08f4..fef7c3d 100644
+--- a/lib/nss.c
++++ b/lib/nss.c
+@@ -1173,7 +1173,7 @@ static CURLcode nss_load_ca_certificates(struct connectdata *conn,
+ 
+ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)
+ {
+-  PRInt32 err;
++  PRErrorCode err = 0;
+   PRFileDesc *model = NULL;
+   PRBool ssl2 = PR_FALSE;
+   PRBool ssl3 = PR_FALSE;
+-- 
+1.7.1
+
-- 
cgit