* Fri Jul 31 2010 Elio Maldonado <emaldona@redhat.com> - 3.12.6-9
- Fix nsssysinit to return userdb ahead of systemdb (#603313)
This commit is contained in:
Elio Maldonado
parent
9218303306
commit
a3ec3dfe11
65
nss-sysinit-userdb-first.patch
Executable file
65
nss-sysinit-userdb-first.patch
Executable file
@ -0,0 +1,65 @@
|
||||
diff -up ./mozilla/security/nss/lib/sysinit/nsssysinit.c.orig ./mozilla/security/nss/lib/sysinit/nsssysinit.c
|
||||
--- ./mozilla/security/nss/lib/sysinit/nsssysinit.c.orig 2010-06-17 09:17:30.732643399 -0700
|
||||
+++ ./mozilla/security/nss/lib/sysinit/nsssysinit.c 2010-06-17 09:20:22.691642397 -0700
|
||||
@@ -263,9 +263,18 @@ get_list(char *filename, char *stripped_
|
||||
sysdb = getSystemDB();
|
||||
userdb = getUserDB();
|
||||
|
||||
- /* Don't open root's user DB */
|
||||
+ /* return a list of databases to open. First the system database. */
|
||||
+ if (sysdb) {
|
||||
+ const char *readonly = userCanModifySystemDB() ? "" : "flags=readonly";
|
||||
+ module_list[next++] = PR_smprintf(
|
||||
+ "library= "
|
||||
+ "module=\"NSS system database\" "
|
||||
+ "parameters=\"configdir='sql:%s' tokenDescription='NSS system database' %s\" "
|
||||
+ "NSS=\"%sflags=internal,critical\"",sysdb, readonly, nssflags);
|
||||
+ }
|
||||
+
|
||||
+ /* Next the user database, but not for root. */
|
||||
if (userdb != NULL && !userIsRoot()) {
|
||||
- /* return a list of databases to open. First the user Database */
|
||||
module_list[next++] = PR_smprintf(
|
||||
"library= "
|
||||
"module=\"NSS User database\" "
|
||||
@@ -284,40 +293,6 @@ get_list(char *filename, char *stripped_
|
||||
userdb, stripped_parameters);
|
||||
}
|
||||
|
||||
-#if 0
|
||||
- /* This doesn't actually work. If we register
|
||||
- both this and the sysdb (in either order)
|
||||
- then only one of them actually shows up */
|
||||
-
|
||||
- /* Using a NULL filename as a Boolean flag to
|
||||
- * prevent registering both an application-defined
|
||||
- * db and the system db. rhbz #546211.
|
||||
- */
|
||||
- PORT_Assert(filename);
|
||||
- if (sysdb && PL_CompareStrings(filename, sysdb))
|
||||
- filename = NULL;
|
||||
- else if (userdb && PL_CompareStrings(filename, userdb))
|
||||
- filename = NULL;
|
||||
-
|
||||
- if (filename && !userIsRoot()) {
|
||||
- module_list[next++] = PR_smprintf(
|
||||
- "library= "
|
||||
- "module=\"NSS database\" "
|
||||
- "parameters=\"configdir='sql:%s' tokenDescription='NSS database sql:%s'\" "
|
||||
- "NSS=\"%sflags=internal\"",filename, filename, nssflags);
|
||||
- }
|
||||
-#endif
|
||||
-
|
||||
- /* now the system database (always read only unless it's root) */
|
||||
- if (sysdb) {
|
||||
- const char *readonly = userCanModifySystemDB() ? "" : "flags=readonly";
|
||||
- module_list[next++] = PR_smprintf(
|
||||
- "library= "
|
||||
- "module=\"NSS system database\" "
|
||||
- "parameters=\"configdir='sql:%s' tokenDescription='NSS system database' %s\" "
|
||||
- "NSS=\"%sflags=internal,critical\"",sysdb, readonly, nssflags);
|
||||
- }
|
||||
-
|
||||
/* that was the last module */
|
||||
module_list[next] = 0;
|
||||
|
||||
12
nss.spec
12
nss.spec
@ -6,7 +6,7 @@
|
||||
Summary: Network Security Services
|
||||
Name: nss
|
||||
Version: 3.12.6
|
||||
Release: 8%{?dist}
|
||||
Release: 9%{?dist}
|
||||
License: MPLv1.1 or GPLv2+ or LGPLv2+
|
||||
URL: http://www.mozilla.org/projects/security/pki/nss/
|
||||
Group: System Environment/Libraries
|
||||
@ -44,6 +44,7 @@ Patch3: renegotiate-transitional.patch
|
||||
Patch4: validate-arguments.patch
|
||||
Patch6: nss-enable-pem.patch
|
||||
Patch7: nsspem-596674.patch
|
||||
Patch8: nss-sysinit-userdb-first.patch
|
||||
|
||||
%description
|
||||
Network Security Services (NSS) is a set of libraries designed to
|
||||
@ -114,6 +115,7 @@ low level services.
|
||||
%patch4 -p0 -b .validate
|
||||
%patch6 -p0 -b .libpem
|
||||
%patch7 -p0 -b .596674
|
||||
%patch8 -p0 -b .603313
|
||||
|
||||
|
||||
%build
|
||||
@ -241,9 +243,8 @@ cd ./mozilla/security/nss/tests/
|
||||
# nss_tests: cipher libpkix cert dbtests tools fips sdr crmf smime ssl ocsp merge pkits chains
|
||||
# nss_ssl_tests: crl bypass_normal normal_bypass normal_fips fips_normal iopr
|
||||
# nss_ssl_run: cov auth stress
|
||||
|
||||
# Temporarily disabling the ssl test suites
|
||||
# until bug 539183 gets resolved
|
||||
# For example, to disable the ssl test suites
|
||||
# you would uncomment the following lines
|
||||
#%global nss_ssl_tests " "
|
||||
#%global nss_ssl_run " "
|
||||
|
||||
@ -487,6 +488,9 @@ rm -rf $RPM_BUILD_ROOT/%{_includedir}/nss3/nsslowhash.h
|
||||
|
||||
|
||||
%changelog
|
||||
* Fri Jul 31 2010 Elio Maldonado <emaldona@redhat.com> - 3.12.6-9
|
||||
- Fix nsssysinit to return userdb ahead of systemdb (#603313)
|
||||
|
||||
* Tue Jun 08 2010 Dennis Gilmore <dennis@ausil.us> - 3.12.6-8
|
||||
- Require and BuildRequire >= the listed version not =
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user