Merge branch 'master' into f15
Fix for Bug 695011 - segfaults on pem logging on debug builds PEM module logging implemented using NSPR logging calls Update the PayPalEE test certificate to a longer lived one
This commit is contained in:
commit
11feb7633c
107
0001-Bug-695011-PEM-logging.patch
Normal file
107
0001-Bug-695011-PEM-logging.patch
Normal file
@ -0,0 +1,107 @@
|
||||
From 5c61cdba435096ee6e65cee4dc9a473430643c07 Mon Sep 17 00:00:00 2001
|
||||
From: Elio Maldonado <emaldona@redhat.com>
|
||||
Date: Tue, 12 Apr 2011 09:31:48 -0700
|
||||
Subject: [PATCH] Bug 695011 PEM logging
|
||||
|
||||
Use NSPR logging facilities for PEM logging to fix a segmenation violation
|
||||
caused when user cannot for write a log file created by root
|
||||
---
|
||||
mozilla/security/nss/lib/ckfw/pem/ckpem.h | 7 ++++-
|
||||
mozilla/security/nss/lib/ckfw/pem/util.c | 30 ++++++++++++++++------------
|
||||
2 files changed, 22 insertions(+), 15 deletions(-)
|
||||
|
||||
diff --git a/mozilla/security/nss/lib/ckfw/pem/ckpem.h b/mozilla/security/nss/lib/ckfw/pem/ckpem.h
|
||||
index 839d40b..720525e 100644
|
||||
--- a/mozilla/security/nss/lib/ckfw/pem/ckpem.h
|
||||
+++ b/mozilla/security/nss/lib/ckfw/pem/ckpem.h
|
||||
@@ -1,3 +1,6 @@
|
||||
+#ifndef CKPEM_H
|
||||
+#define CKPEM_H
|
||||
+
|
||||
#include "nssckmdt.h"
|
||||
#include "nssckfw.h"
|
||||
#include "ckfwtm.h"
|
||||
@@ -254,8 +257,8 @@ unsigned int pem_PrivateModulusLen(pemLOWKEYPrivateKey *privk);
|
||||
/* ptoken.c */
|
||||
NSSCKMDToken * pem_NewToken(NSSCKFWInstance *fwInstance, CK_RV *pError);
|
||||
|
||||
+/* util.c */
|
||||
void open_log();
|
||||
-void close_log();
|
||||
void plog(const char *fmt, ...);
|
||||
|
||||
-#define PEM_H 1
|
||||
+#endif /* CKPEM_H */
|
||||
diff --git a/mozilla/security/nss/lib/ckfw/pem/util.c b/mozilla/security/nss/lib/ckfw/pem/util.c
|
||||
index 853f418..fafb924 100644
|
||||
--- a/mozilla/security/nss/lib/ckfw/pem/util.c
|
||||
+++ b/mozilla/security/nss/lib/ckfw/pem/util.c
|
||||
@@ -41,6 +41,7 @@
|
||||
#include "prtime.h"
|
||||
#include "prlong.h"
|
||||
#include "prerror.h"
|
||||
+#include "prlog.h"
|
||||
#include "prprf.h"
|
||||
#include "plgetopt.h"
|
||||
#include "prenv.h"
|
||||
@@ -51,6 +52,9 @@
|
||||
#include "cryptohi.h"
|
||||
#include "secpkcs7.h"
|
||||
#include "secerr.h"
|
||||
+
|
||||
+#include "ckpem.h"
|
||||
+
|
||||
#include <stdarg.h>
|
||||
|
||||
#define CHUNK_SIZE 512
|
||||
@@ -267,34 +271,34 @@ ReadDERFromFile(SECItem *** derlist, char *filename, PRBool ascii,
|
||||
return -1;
|
||||
}
|
||||
|
||||
-FILE *plogfile;
|
||||
+#ifdef DEBUG
|
||||
+#define LOGGING_BUFFER_SIZE 400
|
||||
+#define PEM_DEFAULT_LOG_FILE "/tmp/pkcs11.log"
|
||||
+static const char *pemLogModuleName = "PEM";
|
||||
+static PRLogModuleInfo* pemLogModule;
|
||||
+#endif
|
||||
|
||||
void open_log()
|
||||
{
|
||||
#ifdef DEBUG
|
||||
- plogfile = fopen("/tmp/pkcs11.log", "a");
|
||||
-#endif
|
||||
+ const char *nsprLogFile = PR_GetEnv("NSPR_LOG_FILE");
|
||||
|
||||
- return;
|
||||
-}
|
||||
+ pemLogModule = PR_NewLogModule(pemLogModuleName);
|
||||
|
||||
-void close_log()
|
||||
-{
|
||||
-#ifdef DEBUG
|
||||
- fclose(plogfile);
|
||||
+ (void) PR_SetLogFile(nsprLogFile ? nsprLogFile : PEM_DEFAULT_LOG_FILE);
|
||||
+ /* If false, the log file will remain what it was before */
|
||||
#endif
|
||||
- return;
|
||||
}
|
||||
|
||||
void plog(const char *fmt, ...)
|
||||
{
|
||||
#ifdef DEBUG
|
||||
+ char buf[LOGGING_BUFFER_SIZE];
|
||||
va_list ap;
|
||||
|
||||
va_start(ap, fmt);
|
||||
- vfprintf(plogfile, fmt, ap);
|
||||
+ PR_vsnprintf(buf, sizeof(buf), fmt, ap);
|
||||
va_end(ap);
|
||||
-
|
||||
- fflush(plogfile);
|
||||
+ PR_LOG(pemLogModule, PR_LOG_DEBUG, ("%s", buf));
|
||||
#endif
|
||||
}
|
||||
--
|
||||
1.7.4.2
|
||||
|
8
nss.spec
8
nss.spec
@ -6,7 +6,7 @@
|
||||
Summary: Network Security Services
|
||||
Name: nss
|
||||
Version: 3.12.9
|
||||
Release: 14%{?dist}
|
||||
Release: 15%{?dist}
|
||||
License: MPLv1.1 or GPLv2+ or LGPLv2+
|
||||
URL: http://www.mozilla.org/projects/security/pki/nss/
|
||||
Group: System Environment/Libraries
|
||||
@ -42,6 +42,7 @@ Source12: %{name}-pem-20101125.tar.bz2
|
||||
Patch3: renegotiate-transitional.patch
|
||||
Patch6: nss-enable-pem.patch
|
||||
Patch7: nsspem-642433.patch
|
||||
Patch8: 0001-Bug-695011-PEM-logging.patch
|
||||
Patch11: honor-user-trust-preferences.patch
|
||||
Patch12: allow-content-types-beyond-smime.patch
|
||||
Patch13: nss-recurse.patch
|
||||
@ -120,6 +121,7 @@ low level services.
|
||||
%patch3 -p0 -b .transitional
|
||||
%patch6 -p0 -b .libpem
|
||||
%patch7 -p0 -b .642433
|
||||
%patch8 -p1 -b .695011
|
||||
%patch11 -p1 -b .643134
|
||||
%patch12 -p1 -b .contenttypes
|
||||
%patch13 -p1 -b .recurse
|
||||
@ -519,6 +521,10 @@ rm -rf $RPM_BUILD_ROOT/%{_includedir}/nss3/nsslowhash.h
|
||||
|
||||
|
||||
%changelog
|
||||
* Mon Apr 11 2011 Elio Maldonado <emaldona@redhat.com> - 3.12.9-15
|
||||
- Implement PEM logging using NSPR's own (#695011)
|
||||
- Update the expired PayPalEE test certificate to one good until April 1, 2013
|
||||
|
||||
* Wed Mar 25 2011 Elio Maldonado <emaldona@redhat.com> - 3.12.9-14
|
||||
- Update to NSS_3.12.9_WITH_CKBI_1_82_RTM
|
||||
|
||||
|
2
sources
2
sources
@ -5,4 +5,4 @@ a5ae49867124ac75f029a9a33af31bad blank-cert8.db
|
||||
73bc040a0542bba387e6dd7fb9fd7d23 blank-secmod.db
|
||||
691e663ccc07b7a1eaa6f088e03bf8e2 blank-cert9.db
|
||||
2ec9e0606ba40fe65196545564b7cc2a blank-key4.db
|
||||
f3eaeb308918aeb0748707d8780f321c PayPalEE.cert
|
||||
bf47cecad861efa77d1488ad4a73cb5b PayPalEE.cert
|
||||
|
Loading…
Reference in New Issue
Block a user