Merge branch 'master' into f15

Fix for Bug 695011 - segfaults on pem logging on debug builds
PEM module logging implemented using NSPR logging calls
Update the PayPalEE test certificate to a longer lived one
This commit is contained in:
Elio Maldonado 2011-04-12 12:52:18 -07:00
commit 11feb7633c
3 changed files with 115 additions and 2 deletions

View File

@ -0,0 +1,107 @@
From 5c61cdba435096ee6e65cee4dc9a473430643c07 Mon Sep 17 00:00:00 2001
From: Elio Maldonado <emaldona@redhat.com>
Date: Tue, 12 Apr 2011 09:31:48 -0700
Subject: [PATCH] Bug 695011 PEM logging
Use NSPR logging facilities for PEM logging to fix a segmenation violation
caused when user cannot for write a log file created by root
---
mozilla/security/nss/lib/ckfw/pem/ckpem.h | 7 ++++-
mozilla/security/nss/lib/ckfw/pem/util.c | 30 ++++++++++++++++------------
2 files changed, 22 insertions(+), 15 deletions(-)
diff --git a/mozilla/security/nss/lib/ckfw/pem/ckpem.h b/mozilla/security/nss/lib/ckfw/pem/ckpem.h
index 839d40b..720525e 100644
--- a/mozilla/security/nss/lib/ckfw/pem/ckpem.h
+++ b/mozilla/security/nss/lib/ckfw/pem/ckpem.h
@@ -1,3 +1,6 @@
+#ifndef CKPEM_H
+#define CKPEM_H
+
#include "nssckmdt.h"
#include "nssckfw.h"
#include "ckfwtm.h"
@@ -254,8 +257,8 @@ unsigned int pem_PrivateModulusLen(pemLOWKEYPrivateKey *privk);
/* ptoken.c */
NSSCKMDToken * pem_NewToken(NSSCKFWInstance *fwInstance, CK_RV *pError);
+/* util.c */
void open_log();
-void close_log();
void plog(const char *fmt, ...);
-#define PEM_H 1
+#endif /* CKPEM_H */
diff --git a/mozilla/security/nss/lib/ckfw/pem/util.c b/mozilla/security/nss/lib/ckfw/pem/util.c
index 853f418..fafb924 100644
--- a/mozilla/security/nss/lib/ckfw/pem/util.c
+++ b/mozilla/security/nss/lib/ckfw/pem/util.c
@@ -41,6 +41,7 @@
#include "prtime.h"
#include "prlong.h"
#include "prerror.h"
+#include "prlog.h"
#include "prprf.h"
#include "plgetopt.h"
#include "prenv.h"
@@ -51,6 +52,9 @@
#include "cryptohi.h"
#include "secpkcs7.h"
#include "secerr.h"
+
+#include "ckpem.h"
+
#include <stdarg.h>
#define CHUNK_SIZE 512
@@ -267,34 +271,34 @@ ReadDERFromFile(SECItem *** derlist, char *filename, PRBool ascii,
return -1;
}
-FILE *plogfile;
+#ifdef DEBUG
+#define LOGGING_BUFFER_SIZE 400
+#define PEM_DEFAULT_LOG_FILE "/tmp/pkcs11.log"
+static const char *pemLogModuleName = "PEM";
+static PRLogModuleInfo* pemLogModule;
+#endif
void open_log()
{
#ifdef DEBUG
- plogfile = fopen("/tmp/pkcs11.log", "a");
-#endif
+ const char *nsprLogFile = PR_GetEnv("NSPR_LOG_FILE");
- return;
-}
+ pemLogModule = PR_NewLogModule(pemLogModuleName);
-void close_log()
-{
-#ifdef DEBUG
- fclose(plogfile);
+ (void) PR_SetLogFile(nsprLogFile ? nsprLogFile : PEM_DEFAULT_LOG_FILE);
+ /* If false, the log file will remain what it was before */
#endif
- return;
}
void plog(const char *fmt, ...)
{
#ifdef DEBUG
+ char buf[LOGGING_BUFFER_SIZE];
va_list ap;
va_start(ap, fmt);
- vfprintf(plogfile, fmt, ap);
+ PR_vsnprintf(buf, sizeof(buf), fmt, ap);
va_end(ap);
-
- fflush(plogfile);
+ PR_LOG(pemLogModule, PR_LOG_DEBUG, ("%s", buf));
#endif
}
--
1.7.4.2

View File

@ -6,7 +6,7 @@
Summary: Network Security Services
Name: nss
Version: 3.12.9
Release: 14%{?dist}
Release: 15%{?dist}
License: MPLv1.1 or GPLv2+ or LGPLv2+
URL: http://www.mozilla.org/projects/security/pki/nss/
Group: System Environment/Libraries
@ -42,6 +42,7 @@ Source12: %{name}-pem-20101125.tar.bz2
Patch3: renegotiate-transitional.patch
Patch6: nss-enable-pem.patch
Patch7: nsspem-642433.patch
Patch8: 0001-Bug-695011-PEM-logging.patch
Patch11: honor-user-trust-preferences.patch
Patch12: allow-content-types-beyond-smime.patch
Patch13: nss-recurse.patch
@ -120,6 +121,7 @@ low level services.
%patch3 -p0 -b .transitional
%patch6 -p0 -b .libpem
%patch7 -p0 -b .642433
%patch8 -p1 -b .695011
%patch11 -p1 -b .643134
%patch12 -p1 -b .contenttypes
%patch13 -p1 -b .recurse
@ -519,6 +521,10 @@ rm -rf $RPM_BUILD_ROOT/%{_includedir}/nss3/nsslowhash.h
%changelog
* Mon Apr 11 2011 Elio Maldonado <emaldona@redhat.com> - 3.12.9-15
- Implement PEM logging using NSPR's own (#695011)
- Update the expired PayPalEE test certificate to one good until April 1, 2013
* Wed Mar 25 2011 Elio Maldonado <emaldona@redhat.com> - 3.12.9-14
- Update to NSS_3.12.9_WITH_CKBI_1_82_RTM

View File

@ -5,4 +5,4 @@ a5ae49867124ac75f029a9a33af31bad blank-cert8.db
73bc040a0542bba387e6dd7fb9fd7d23 blank-secmod.db
691e663ccc07b7a1eaa6f088e03bf8e2 blank-cert9.db
2ec9e0606ba40fe65196545564b7cc2a blank-key4.db
f3eaeb308918aeb0748707d8780f321c PayPalEE.cert
bf47cecad861efa77d1488ad4a73cb5b PayPalEE.cert