diff --git a/nss-646045.patch b/nss-646045.patch new file mode 100644 index 0000000..5492127 --- /dev/null +++ b/nss-646045.patch @@ -0,0 +1,34 @@ +diff -up ./mozilla/security/nss/tests/dbtests/dbtests.sh.noroot ./mozilla/security/nss/tests/dbtests/dbtests.sh +--- ./mozilla/security/nss/tests/dbtests/dbtests.sh.noroot 2011-04-06 09:56:07.207701000 -0700 ++++ ./mozilla/security/nss/tests/dbtests/dbtests.sh 2011-04-06 10:19:54.159552000 -0700 +@@ -201,6 +201,9 @@ dbtest_main() + cat $RONLY_DIR/* > /dev/null + fi + ++ # skipping the next two tests when user is root, ++ # otherwise they would fail due to rooty powers ++ if [[ $EUID -ne 0 ]] then + ${BINDIR}/dbtest -d $RONLY_DIR + ret=$? + if [ $ret -ne 46 ]; then +@@ -208,6 +211,10 @@ dbtest_main() + else + html_passed "Dbtest r/w didn't work in an readonly dir $ret" + fi ++ else ++ html_passed "Skipping Dbtest r/w in a readonly dir because user is root" ++ fi ++ if [[ $EUID -ne 0 ]] then + ${BINDIR}/certutil -D -n "TestUser" -d . + ret=$? + if [ $ret -ne 255 ]; then +@@ -215,6 +222,9 @@ dbtest_main() + else + html_passed "Certutil didn't work in an readonly dir $ret" + fi ++ else ++ html_passed "Skipping Certutil delete cert in an readonly directory test because user is root" ++ fi + + Echo "test opening the database ronly in a readonly directory" + diff --git a/nss.spec b/nss.spec index 13323ce..227b889 100644 --- a/nss.spec +++ b/nss.spec @@ -6,7 +6,7 @@ Summary: Network Security Services Name: nss Version: 3.12.10 -Release: 3%{?dist} +Release: 4%{?dist} License: MPLv1.1 or GPLv2+ or LGPLv2+ URL: http://www.mozilla.org/projects/security/pki/nss/ Group: System Environment/Libraries @@ -45,6 +45,7 @@ Patch7: nsspem-642433.patch Patch8: 0001-Bug-695011-PEM-logging.patch Patch16: nss-539183.patch Patch17: nss-703658.patch +Patch18: nss-646045.patch %description Network Security Services (NSS) is a set of libraries designed to @@ -120,6 +121,7 @@ low level services. %patch8 -p1 -b .695011 %patch16 -p0 -b .539183 %patch17 -p0 -b .703658 +%patch18 -p0 -b .646045 %build @@ -162,6 +164,21 @@ USE_64=1 export USE_64 %endif +##### phase 1: build freebl/softokn shared libraries +# there no ecc in freebl +unset NSS_ENABLE_ECC +# Compile softoken plus needed support +%{__make} -C ./mozilla/security/coreconf +%{__make} -C ./mozilla/security/dbm +%{__make} -C ./mozilla/security/nss + +##### phase 2: build the rest of nss +# nss supports pluggable ecc +NSS_ENABLE_ECC=1 +export NSS_ENABLE_ECC +NSS_ECC_MORE_THAN_SUITE_B=1 +export NSS_ECC_MORE_THAN_SUITE_B + # We only ship the nss proper libraries, no softoken nor util, yet # we must compile with the entire source tree because nss needs # private exports from util. The install section will ensure not @@ -515,11 +532,15 @@ rm -rf $RPM_BUILD_ROOT/%{_includedir}/nss3/nsslowhash.h %changelog +* Fri Jun 10 2011 Elio Maldonado - 3.12.10-4 +- Enable pluggable ecc support (#712556) +- Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045) + * Fri May 20 2011 Dennis Gilmore - 3.12.10-3 - make the testsuite non fatal on arm arches * Tue May 17 2011 Elio Maldonado - 3.12.10-2 -- Fix crmf hard-coded maximum size for wrapped private keys (#703658) +- Fix crmf hard-coded maximum size for wrapped private keys (#703656) * Fri May 06 2011 Elio Maldonado - 3.12.10-1 - Update to NSS_3_12_10_RTM