rpms
/
nss
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix certificates trust order (#643134) 

Modify nss-sysinit-userdb-first.patch to apply it last
This commit is contained in:
Elio Maldonado 2010-10-18 15:46:56 -07:00
parent 50867d6093
commit 27e3c89861
1 changed files with 30 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
nss-sysinit-fix-trustorder.patch Normal file
View File

@ -0,0 +1,30 @@
diff -up ./mozilla/security/nss/lib/sysinit/nsssysinit.c.fixtrust ./mozilla/security/nss/lib/sysinit/nsssysinit.c
--- ./mozilla/security/nss/lib/sysinit/nsssysinit.c.fixtrust 2010-10-15 12:02:51.445637701 -0700
+++ ./mozilla/security/nss/lib/sysinit/nsssysinit.c 2010-10-15 12:06:52.731762282 -0700
@@ -221,7 +221,7 @@ getFIPSMode(void)
* 2 for the key slot, and
* 3 for the crypto operations slot fips
*/
-#define ORDER_FLAGS "trustOrder=75 cipherOrder=100"
+#define ORDER_FLAGS "cipherOrder=100"
#define SLOT_FLAGS \
"[slotFlags=RSA,RC4,RC2,DES,DH,SHA1,MD5,MD2,SSL,TLS,AES,RANDOM" \
" askpw=any timeout=30 ]"
@@ -270,7 +270,7 @@ get_list(char *filename, char *stripped_
"library= "
"module=\"NSS User database\" "
"parameters=\"configdir='sql:%s' %s tokenDescription='NSS user database'\" "
- "NSS=\"%sflags=internal%s\"",
+ "NSS=\"trustOrder=75 %sflags=internal%s\"",
userdb, stripped_parameters, nssflags,
isFIPS ? ",FIPS" : "");
@@ -315,7 +315,7 @@ get_list(char *filename, char *stripped_
"library= "
"module=\"NSS system database\" "
"parameters=\"configdir='sql:%s' tokenDescription='NSS system database' %s\" "
- "NSS=\"%sflags=internal,critical\"",sysdb, readonly, nssflags);
+ "NSS=\"trustOrder=80 %sflags=internal,critical\"",sysdb, readonly, nssflags);
}
/* that was the last module */