[patch] PR461: don't use the NSS provider bundled with the browser
Deepak Bhole
dbhole at redhat.com
Mon Apr 12 13:54:49 PDT 2010
* Matthias Klose <doko at ubuntu.com> [2010-04-12 16:53]:
> On 12.04.2010 22:36, Deepak Bhole wrote:
>
> >There is a problem with the patch (see below).
> [...]
>
> sorry, sent an outdated version. updated patch attached
>
> Matthias
I tried the attached patch with upstream Firefox 3.6.3 and the exception
no longer shows up. Chromium appears to work fine as well.
Please go ahead and commit.
Cheers,
Deepak
> 2010-04-12 Matthias Klose <doko at ubuntu.com>
>
> PR icedtea/461
> * plugin/icedteanp/IcedTeaNPPlugin.cc (plugin_filter_ld_library_path):
> New, filter out paths in LD_LIBRARY_PATH which start with
> MOZILLA_FIVE_HOME.
> (plugin_filter_environment): New, build environment to pass to the
> appletviewer process.
> (plugin_test_appletviewer, plugin_start_appletviewer): Start the new
> process with the filtered environment.
>
> diff -r 96b7c3d81af1 plugin/icedteanp/IcedTeaNPPlugin.cc
> --- a/plugin/icedteanp/IcedTeaNPPlugin.cc Mon Apr 12 13:40:58 2010 +0200
> +++ b/plugin/icedteanp/IcedTeaNPPlugin.cc Mon Apr 12 22:22:24 2010 +0200
> @@ -1412,6 +1412,78 @@
> return FALSE;
> }
>
> +// remove all components from LD_LIBRARY_PATH, which start with
> +// MOZILLA_FIVE_HOME; firefox has its own NSS based security provider,
> +// which conflicts with the one configured in nss.cfg.
> +static gchar*
> +plugin_filter_ld_library_path(gchar *path_old)
> +{
> + gchar *moz_home = g_strdup (g_getenv ("MOZILLA_FIVE_HOME"));
> + gchar *moz_prefix;
> + gchar *path_new;
> + gchar** components;
> + int i1, i2;
> +
> + if (moz_home == NULL || path_old == NULL || strlen (path_old) == 0)
> + return path_old;
> + if (g_str_has_suffix (moz_home, "/"))
> + moz_home[strlen (moz_home - 1)] = '\0';
> + moz_prefix = g_strconcat (moz_home, "/", NULL);
> +
> + components = g_strsplit (path_old, ":", -1);
> + for (i1 = 0, i2 = 0; components[i1] != NULL; i1++)
> + {
> + if (g_strcmp0 (components[i1], moz_home) == 0
> + || g_str_has_prefix (components[i1], moz_home))
> + components[i2] = components[i1];
> + else
> + components[i2++] = components[i1];
> + }
> + components[i2] = NULL;
> +
> + if (i1 > i2)
> + path_new = g_strjoinv (":", components);
> + g_strfreev (components);
> + g_free (moz_home);
> + g_free (moz_prefix);
> + g_free (path_old);
> +
> + if (path_new == NULL || strlen (path_new) == 0)
> + {
> + PLUGIN_DEBUG_0ARG("Unset LD_LIBRARY_PATH\n");
> + return NULL;
> + }
> + else
> + {
> + PLUGIN_DEBUG_1ARG ("Set LD_LIBRARY_PATH: %s\n", path_new);
> + return path_new;
> + }
> +}
> +
> +// build the environment to pass to the external plugin process
> +static gchar**
> +plugin_filter_environment(void)
> +{
> + gchar **var_names = g_listenv();
> + gchar **new_env = (gchar**) malloc(sizeof(gchar*) * g_strv_length (var_names));
> + int i_var, i_env;
> +
> + for (i_var = 0, i_env = 0; var_names[i_var] != NULL; i_var++)
> + {
> + gchar *env_value = g_strdup (g_getenv (var_names[i_var]));
> +
> + if (g_str_has_prefix (var_names[i_var], "LD_LIBRARY_PATH"))
> + env_value = plugin_filter_ld_library_path (env_value);
> + if (env_value != NULL)
> + {
> + new_env[i_env++] = g_strdup_printf ("%s=%s", var_names[i_var], env_value);
> + g_free (env_value);
> + }
> + }
> + new_env[i_env] = NULL;
> + return new_env;
> +}
> +
> static NPError
> plugin_test_appletviewer ()
> {
> @@ -1419,13 +1491,16 @@
> NPError error = NPERR_NO_ERROR;
>
> gchar* command_line[3] = { NULL, NULL, NULL };
> + gchar** environment;
>
> command_line[0] = g_strdup (appletviewer_executable);
> command_line[1] = g_strdup("-version");
> command_line[2] = NULL;
>
> + environment = plugin_filter_environment();
>
> - if (!g_spawn_async (NULL, command_line, NULL, (GSpawnFlags) 0,
> + if (!g_spawn_async (NULL, command_line, environment,
> + (GSpawnFlags) 0,
> NULL, NULL, NULL, &channel_error))
> {
> if (channel_error)
> @@ -1440,6 +1515,8 @@
> error = NPERR_GENERIC_ERROR;
> }
>
> + g_strfreev (environment);
> +
> g_free (command_line[0]);
> command_line[0] = NULL;
> g_free (command_line[1]);
> @@ -1458,6 +1535,7 @@
> NPError error = NPERR_NO_ERROR;
>
> gchar** command_line;
> + gchar** environment;
>
> if (plugin_debug)
> {
> @@ -1480,7 +1558,10 @@
> command_line[4] = NULL;
> }
>
> - if (!g_spawn_async (NULL, command_line, NULL, (GSpawnFlags) G_SPAWN_DO_NOT_REAP_CHILD,
> + environment = plugin_filter_environment();
> +
> + if (!g_spawn_async (NULL, command_line, environment,
> + (GSpawnFlags) G_SPAWN_DO_NOT_REAP_CHILD,
> NULL, NULL, &appletviewer_pid, &channel_error))
> {
> if (channel_error)
> @@ -1495,6 +1576,8 @@
> error = NPERR_GENERIC_ERROR;
> }
>
> + g_strfreev (environment);
> +
> g_free (command_line[0]);
> command_line[0] = NULL;
> g_free (command_line[1]);
More information about the distro-pkg-dev
mailing list