- Enable pluggable ecc support (#712556)

- Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045)
2011-06-11 18:05:04 -07:00 · 2011-06-11 18:05:04 -07:00 · 5c50a33200
parent 6f6f1203b3
commit 5c50a33200
2 changed files with 57 additions and 2 deletions
--- a/nss-646045.patch
+++ b/nss-646045.patch
@ -0,0 +1,34 @@
+diff -up ./mozilla/security/nss/tests/dbtests/dbtests.sh.noroot ./mozilla/security/nss/tests/dbtests/dbtests.sh
+--- ./mozilla/security/nss/tests/dbtests/dbtests.sh.noroot	2011-04-06 09:56:07.207701000 -0700
+++ ./mozilla/security/nss/tests/dbtests/dbtests.sh	2011-04-06 10:19:54.159552000 -0700
+@@ -201,6 +201,9 @@ dbtest_main()
+         cat $RONLY_DIR/* > /dev/null
+     fi
+ 
+    # skipping the next two tests when user is root,
+    # otherwise they would fail due to rooty powers
+    if [[ $EUID -ne 0 ]] then
+     ${BINDIR}/dbtest -d $RONLY_DIR
+     ret=$?
+     if [ $ret -ne 46 ]; then
+@@ -208,6 +211,10 @@ dbtest_main()
+     else
+       html_passed "Dbtest r/w didn't work in an readonly dir $ret" 
+     fi
+    else
+      html_passed "Skipping Dbtest r/w in a readonly dir because user is root" 
+    fi
+    if [[ $EUID -ne 0 ]] then
+     ${BINDIR}/certutil -D -n "TestUser" -d .
+     ret=$?
+     if [ $ret -ne 255 ]; then
+@@ -215,6 +222,9 @@ dbtest_main()
+     else
+         html_passed "Certutil didn't work in an readonly dir $ret"
+     fi
+    else
+      html_passed "Skipping Certutil delete cert in an readonly directory test because user is root" 
+    fi
+     
+     Echo "test opening the database ronly in a readonly directory"
+ 
--- a/nss.spec
+++ b/nss.spec
@ -6,7 +6,7 @@
 Summary:          Network Security Services
 Name:             nss
 Version:          3.12.10
-Release:          3%{?dist}
+Release:          4%{?dist}
 License:          MPLv1.1 or GPLv2+ or LGPLv2+
 URL:              http://www.mozilla.org/projects/security/pki/nss/
 Group:            System Environment/Libraries
@ -45,6 +45,7 @@ Patch7:           nsspem-642433.patch
 Patch8:           0001-Bug-695011-PEM-logging.patch
 Patch16:          nss-539183.patch
 Patch17:          nss-703658.patch
+Patch18:          nss-646045.patch

 %description
 Network Security Services (NSS) is a set of libraries designed to
@ -120,6 +121,7 @@ low level services.
 %patch8 -p1 -b .695011          
 %patch16 -p0 -b .539183
 %patch17 -p0 -b .703658
+%patch18 -p0 -b .646045


 %build
@ -162,6 +164,21 @@ USE_64=1
 export USE_64
 %endif

+##### phase 1: build freebl/softokn shared libraries
+# there no ecc in freebl
+unset NSS_ENABLE_ECC
+# Compile softoken plus needed support
+%{__make} -C ./mozilla/security/coreconf
+%{__make} -C ./mozilla/security/dbm
+%{__make} -C ./mozilla/security/nss
+
+##### phase 2: build the rest of nss
+# nss supports pluggable ecc
+NSS_ENABLE_ECC=1
+export NSS_ENABLE_ECC
+NSS_ECC_MORE_THAN_SUITE_B=1
+export NSS_ECC_MORE_THAN_SUITE_B
+
 # We only ship the nss proper libraries, no softoken nor util, yet                                   
 # we must compile with the entire source tree because nss needs                               
 # private exports from util. The install section will ensure not
@ -515,11 +532,15 @@ rm -rf $RPM_BUILD_ROOT/%{_includedir}/nss3/nsslowhash.h


 %changelog
+* Fri Jun 10 2011 Elio Maldonado <emaldona@redhat.com> - 3.12.10-4
+- Enable pluggable ecc support (#712556)
+- Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045)
+
 * Fri May 20 2011 Dennis Gilmore <dennis@ausil.us> - 3.12.10-3
 - make the testsuite non fatal on arm arches

 * Tue May 17 2011 Elio Maldonado <emaldona@redhat.com> - 3.12.10-2
- Fix crmf hard-coded maximum size for wrapped private keys (#703658)
+- Fix crmf hard-coded maximum size for wrapped private keys (#703656)

 * Fri May 06 2011 Elio Maldonado <emaldona@redhat.com> - 3.12.10-1
 - Update to NSS_3_12_10_RTM