From a9329d5845ecad0270a3bedb6af60dc48d9e22e3 Mon Sep 17 00:00:00 2001
From: Kamil Dudka <kdudka@fedoraproject.org>
Date: Wed, 2 Dec 2009 17:31:31 +0000
Subject: [PATCH] - avoid use of uninitialized value in lib/nss.c

---
 curl-7.19.7-nss-warning.patch | 24 ++++++++++++++++++++++++
 curl.spec                     |  7 ++++++-
 2 files changed, 30 insertions(+), 1 deletion(-)
 create mode 100644 curl-7.19.7-nss-warning.patch

diff --git a/curl-7.19.7-nss-warning.patch b/curl-7.19.7-nss-warning.patch
new file mode 100644
index 0000000..53d734a
--- /dev/null
+++ b/curl-7.19.7-nss-warning.patch
@@ -0,0 +1,24 @@
+diff --git a/lib/nss.c b/lib/nss.c
+index d1a9d1a..637663e 100644
+--- a/lib/nss.c
++++ b/lib/nss.c
+@@ -990,7 +990,9 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)
+ {
+   PRInt32 err;
+   PRFileDesc *model = NULL;
+-  PRBool ssl2, ssl3, tlsv1;
++  PRBool ssl2 = PR_FALSE;
++  PRBool ssl3 = PR_FALSE;
++  PRBool tlsv1 = PR_FALSE;
+   struct SessionHandle *data = conn->data;
+   curl_socket_t sockfd = conn->sock[sockindex];
+   struct ssl_connect_data *connssl = &conn->ssl[sockindex];
+@@ -1106,8 +1108,6 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)
+   if(SSL_OptionSet(model, SSL_HANDSHAKE_AS_CLIENT, PR_TRUE) != SECSuccess)
+     goto error;
+ 
+-  ssl2 = ssl3 = tlsv1 = PR_FALSE;
+-
+   switch (data->set.ssl.version) {
+   default:
+   case CURL_SSLVERSION_DEFAULT:
diff --git a/curl.spec b/curl.spec
index 77cb90d..9eebc3f 100644
--- a/curl.spec
+++ b/curl.spec
@@ -1,7 +1,7 @@
 Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
 Name: curl
 Version: 7.19.7
-Release: 4%{?dist}
+Release: 5%{?dist}
 License: MIT
 Group: Applications/Internet
 Source: http://curl.haxx.se/download/%{name}-%{version}.tar.lzma
@@ -9,6 +9,7 @@ Source2: curlbuild.h
 Patch1: curl-7.19.7-nss-nonblock.patch
 Patch2: curl-7.19.7-ssl-retry.patch
 Patch3: curl-7.19.7-modelfree.patch
+Patch4: curl-7.19.7-nss-warning.patch
 Patch101: curl-7.15.3-multilib.patch
 Patch102: curl-7.16.0-privlibs.patch
 Patch103: curl-7.19.4-debug.patch
@@ -84,6 +85,7 @@ use cURL's capabilities internally.
 %patch1 -p1
 %patch2 -p1
 %patch3 -p1
+%patch4 -p1
 
 # Fedora patches
 %patch101 -p1
@@ -173,6 +175,9 @@ rm -rf $RPM_BUILD_ROOT
 %{_datadir}/aclocal/libcurl.m4
 
 %changelog
+* Wed Dec 02 2009 Kamil Dudka <kdudka@redhat.com> 7.19.7-5
+- avoid use of uninitialized value in lib/nss.c
+
 * Tue Dec 01 2009 Kamil Dudka <kdudka@redhat.com> 7.19.7-4
 - do not require valgrind on s390 and s390x
 - temporarily disabled SCP/SFTP test-suite (#539444)