* Mon Apr 22 2013 Kai Engert <kaie@redhat.com> - 3.14.3-2

- Add upstream patch to fix rhbz#872761
2013-04-22 15:28:47 +02:00 · 2013-04-22 15:28:47 +02:00 · 7a5aba2bfb
parent 10de960df7
commit 7a5aba2bfb
2 changed files with 64 additions and 1 deletions
--- a/nss-872761.patch
+++ b/nss-872761.patch
@ -0,0 +1,58 @@
+Index: mozilla/security/nss/cmd/lib/secutil.c
+===================================================================
+RCS file: /cvsroot/mozilla/security/nss/cmd/lib/secutil.c,v
+retrieving revision 1.126
+diff -u -u -r1.126 secutil.c
+--- mozilla/security/nss/cmd/lib/secutil.c	7 Jan 2013 04:11:49 -0000	1.126
+++ mozilla/security/nss/cmd/lib/secutil.c	19 Apr 2013 22:43:02 -0000
+@@ -504,6 +504,8 @@
+ 
+ 	/* Read in ascii data */
+ 	rv = SECU_FileToItem(&filedata, inFile);
+	if (rv != SECSuccess)
+	    return rv;
+ 	asc = (char *)filedata.data;
+ 	if (!asc) {
+ 	    fprintf(stderr, "unable to read data from input file\n");
+@@ -519,20 +521,28 @@
+ 		body = PORT_Strchr(asc, '\r'); /* maybe this is a MAC file */
+ 	    if (body)
+ 		trailer = strstr(++body, "-----END");
+-	    if (trailer != NULL) {
+	    if (trailer != NULL)
+ 		*trailer = '\0';
+-	    } else {
+	    if (!body || !trailer) {
+ 		fprintf(stderr, "input has header but no trailer\n");
+ 		PORT_Free(filedata.data);
+ 		return SECFailure;
+ 	    }
+ 	} else {
+-	    body = asc;
+	    /* need one additional byte for zero terminator */
+	    rv = SECITEM_ReallocItem(NULL, &filedata, filedata.len, filedata.len+1);
+	    if (rv != SECSuccess) {
+		PORT_Free(filedata.data);
+		return rv;
+	    }
+	    filedata.len = filedata.len+1;
+	    body = (char*)filedata.data;
+	    body[filedata.len-1] = '\0';
+ 	}
+      
+ 	/* Convert to binary */
+ 	rv = ATOB_ConvertAsciiToItem(der, body);
+-	if (rv) {
+	if (rv != SECSuccess) {
+ 	    fprintf(stderr, "error converting ascii to binary (%s)\n",
+ 		    SECU_Strerror(PORT_GetError()));
+ 	    PORT_Free(filedata.data);
+@@ -543,7 +553,7 @@
+     } else {
+ 	/* Read in binary der */
+ 	rv = SECU_FileToItem(der, inFile);
+-	if (rv) {
+	if (rv != SECSuccess) {
+ 	    fprintf(stderr, "error converting der (%s)\n", 
+ 		    SECU_Strerror(PORT_GetError()));
+ 	    return SECFailure;
--- a/nss.spec
+++ b/nss.spec
@ -11,7 +11,7 @@
 Summary:          Network Security Services
 Name:             nss
 Version:          3.14.3
-Release:          1%{?dist}
+Release:          2%{?dist}
 License:          MPLv2.0
 URL:              http://www.mozilla.org/projects/security/pki/nss/
 Group:            System Environment/Libraries
@ -67,6 +67,7 @@ Patch3:           renegotiate-transitional.patch
 Patch6:           nss-enable-pem.patch
 Patch16:          nss-539183.patch
 Patch18:          nss-646045.patch
+Patch19:          nss-872761.patch
 # must statically link pem against the freebl in the buildroot
 # Needed only when freebl on tree has new APIS
 Patch25:          nsspem-use-system-freebl.patch
@ -157,6 +158,7 @@ low level services.
 %patch6 -p0 -b .libpem
 %patch16 -p0 -b .539183
 %patch18 -p0 -b .646045
+%patch19 -p0 -b .872761
 # link pem against buildroot's freebl, essential when mixing and matching
 %patch25 -p0 -b .systemfreebl
 # activate for stable and beta branches
@ -611,6 +613,9 @@ rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/nsslowhash.h


 %changelog
+* Mon Apr 22 2013 Kai Engert <kaie@redhat.com> - 3.14.3-2
+- Add upstream patch to fix rhbz#872761
+
 * Fri Feb 15 2013 Elio Maldonado <emaldona@redhat.com> - 3.14.3-1
 - Update to NSS_3_14_3_RTM
 - sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3