Remove unused patch rendered obsolete by pem update
This commit is contained in:
Elio Maldonado
parent
2a45956d5b
commit
b22cf46b7c
5
nss.spec
5
nss.spec
@ -21,7 +21,7 @@ Name: nss
|
|||||||
Version: 3.23.0
|
Version: 3.23.0
|
||||||
# for Rawhide, please always use release >= 2
|
# for Rawhide, please always use release >= 2
|
||||||
# for Fedora release branches, please use release < 2 (1.0, 1.1, ...)
|
# for Fedora release branches, please use release < 2 (1.0, 1.1, ...)
|
||||||
Release: 3%{?dist}
|
Release: 4%{?dist}
|
||||||
License: MPLv2.0
|
License: MPLv2.0
|
||||||
URL: http://www.mozilla.org/projects/security/pki/nss/
|
URL: http://www.mozilla.org/projects/security/pki/nss/
|
||||||
Group: System Environment/Libraries
|
Group: System Environment/Libraries
|
||||||
@ -815,6 +815,9 @@ fi
|
|||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue Mar 08 2016 Elio Maldonado <emaldona@redhat.com> - 3.23.0-4
|
||||||
|
- Remove unused patch rendered obsolete by pem update
|
||||||
|
|
||||||
* Tue Mar 08 2016 Elio Maldonado <emaldona@redhat.com> - 3.23.0-3
|
* Tue Mar 08 2016 Elio Maldonado <emaldona@redhat.com> - 3.23.0-3
|
||||||
- Update pem sources to latest from nss-pem upstream
|
- Update pem sources to latest from nss-pem upstream
|
||||||
- Resolves: Bug 1300652 - [PEM] insufficient input validity checking while loading a private key
|
- Resolves: Bug 1300652 - [PEM] insufficient input validity checking while loading a private key
|
||||||
|
|||||||
@ -1,146 +0,0 @@
|
|||||||
diff -up ./nss/lib/ckfw/pem/ckpem.h.compile_Werror ./nss/lib/ckfw/pem/ckpem.h
|
|
||||||
--- ./nss/lib/ckfw/pem/ckpem.h.compile_Werror 2014-01-23 06:28:18.000000000 -0800
|
|
||||||
+++ ./nss/lib/ckfw/pem/ckpem.h 2015-11-13 12:07:29.219887390 -0800
|
|
||||||
@@ -233,6 +233,9 @@ struct pemLOWKEYPrivateKeyStr {
|
|
||||||
};
|
|
||||||
typedef struct pemLOWKEYPrivateKeyStr pemLOWKEYPrivateKey;
|
|
||||||
|
|
||||||
+/* NOTE: Discrepancy with the the way callers use of the return value as a count
|
|
||||||
+ * Fix this when we sync. up with the cleanup work being done at nss-pem project.
|
|
||||||
+ */
|
|
||||||
SECStatus ReadDERFromFile(SECItem ***derlist, char *filename, PRBool ascii, int *cipher, char **ivstring, PRBool certsonly);
|
|
||||||
const NSSItem * pem_FetchAttribute ( pemInternalObject *io, CK_ATTRIBUTE_TYPE type);
|
|
||||||
void pem_PopulateModulusExponent(pemInternalObject *io);
|
|
||||||
diff -up ./nss/lib/ckfw/pem/pinst.c.compile_Werror ./nss/lib/ckfw/pem/pinst.c
|
|
||||||
--- ./nss/lib/ckfw/pem/pinst.c.compile_Werror 2014-01-23 06:28:18.000000000 -0800
|
|
||||||
+++ ./nss/lib/ckfw/pem/pinst.c 2015-11-13 12:07:29.219887390 -0800
|
|
||||||
@@ -472,7 +472,9 @@ AddCertificate(char *certfile, char *key
|
|
||||||
char *ivstring = NULL;
|
|
||||||
int cipher;
|
|
||||||
|
|
||||||
- nobjs = ReadDERFromFile(&objs, certfile, PR_TRUE, &cipher, &ivstring, PR_TRUE /* certs only */);
|
|
||||||
+ /* TODO: Fix discrepancy between our usage of the return value as
|
|
||||||
+ * as an int (a count) and the declaration as a SECStatus. */
|
|
||||||
+ nobjs = (int) ReadDERFromFile(&objs, certfile, PR_TRUE, &cipher, &ivstring, PR_TRUE /* certs only */);
|
|
||||||
if (nobjs <= 0) {
|
|
||||||
nss_ZFreeIf(objs);
|
|
||||||
return CKR_GENERAL_ERROR;
|
|
||||||
@@ -515,8 +517,10 @@ AddCertificate(char *certfile, char *key
|
|
||||||
if (keyfile) { /* add the private key */
|
|
||||||
SECItem **keyobjs = NULL;
|
|
||||||
int kobjs = 0;
|
|
||||||
+ /* TODO: Fix discrepancy between our usage of the return value as
|
|
||||||
+ * as an int and the declaration as a SECStatus. */
|
|
||||||
kobjs =
|
|
||||||
- ReadDERFromFile(&keyobjs, keyfile, PR_TRUE, &cipher,
|
|
||||||
+ (int) ReadDERFromFile(&keyobjs, keyfile, PR_TRUE, &cipher,
|
|
||||||
&ivstring, PR_FALSE);
|
|
||||||
if (kobjs < 1) {
|
|
||||||
error = CKR_GENERAL_ERROR;
|
|
||||||
diff -up ./nss/lib/ckfw/pem/pobject.c.compile_Werror ./nss/lib/ckfw/pem/pobject.c
|
|
||||||
--- ./nss/lib/ckfw/pem/pobject.c.compile_Werror 2014-01-23 06:28:18.000000000 -0800
|
|
||||||
+++ ./nss/lib/ckfw/pem/pobject.c 2015-11-13 12:07:29.220887368 -0800
|
|
||||||
@@ -630,6 +630,11 @@ pem_DestroyInternalObject
|
|
||||||
if (io->u.key.ivstring)
|
|
||||||
free(io->u.key.ivstring);
|
|
||||||
break;
|
|
||||||
+ case pemAll:
|
|
||||||
+ /* pemAll is not used, keep the compiler happy
|
|
||||||
+ * TODO: investigate a proper solution
|
|
||||||
+ */
|
|
||||||
+ return;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (NULL != gobj)
|
|
||||||
@@ -1044,7 +1049,9 @@ pem_CreateObject
|
|
||||||
int nobjs = 0;
|
|
||||||
int i;
|
|
||||||
int objid;
|
|
||||||
+#if 0
|
|
||||||
pemToken *token;
|
|
||||||
+#endif
|
|
||||||
int cipher;
|
|
||||||
char *ivstring = NULL;
|
|
||||||
pemInternalObject *listObj = NULL;
|
|
||||||
@@ -1073,7 +1080,9 @@ pem_CreateObject
|
|
||||||
}
|
|
||||||
slotID = nssCKFWSlot_GetSlotID(fwSlot);
|
|
||||||
|
|
||||||
+#if 0
|
|
||||||
token = (pemToken *) mdToken->etc;
|
|
||||||
+#endif
|
|
||||||
|
|
||||||
/*
|
|
||||||
* only create keys and certs.
|
|
||||||
@@ -1114,7 +1123,11 @@ pem_CreateObject
|
|
||||||
}
|
|
||||||
|
|
||||||
if (objClass == CKO_CERTIFICATE) {
|
|
||||||
- nobjs = ReadDERFromFile(&derlist, filename, PR_TRUE, &cipher, &ivstring, PR_TRUE /* certs only */);
|
|
||||||
+ /* TODO: Fix discrepancy between our usage of the return value as
|
|
||||||
+ * as an int and the declaration as a SECStatus. Typecasting as a
|
|
||||||
+ * temporary workaround.
|
|
||||||
+ */
|
|
||||||
+ nobjs = (int) ReadDERFromFile(&derlist, filename, PR_TRUE, &cipher, &ivstring, PR_TRUE /* certs only */);
|
|
||||||
if (nobjs < 1)
|
|
||||||
goto loser;
|
|
||||||
|
|
||||||
diff -up ./nss/lib/ckfw/pem/rsawrapr.c.compile_Werror ./nss/lib/ckfw/pem/rsawrapr.c
|
|
||||||
--- ./nss/lib/ckfw/pem/rsawrapr.c.compile_Werror 2014-01-23 06:28:18.000000000 -0800
|
|
||||||
+++ ./nss/lib/ckfw/pem/rsawrapr.c 2015-11-13 12:07:29.220887368 -0800
|
|
||||||
@@ -93,6 +93,8 @@ pem_PublicModulusLen(NSSLOWKEYPublicKey
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
+/* unused functions */
|
|
||||||
+#if 0
|
|
||||||
static SHA1Context *SHA1_CloneContext(SHA1Context * original)
|
|
||||||
{
|
|
||||||
SHA1Context *clone = NULL;
|
|
||||||
@@ -215,6 +217,7 @@ oaep_xor_with_h2(unsigned char *salt, un
|
|
||||||
|
|
||||||
return SECSuccess;
|
|
||||||
}
|
|
||||||
+#endif /* unused functions */
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Format one block of data for public/private key encryption using
|
|
||||||
diff -up ./nss/lib/ckfw/pem/util.c.compile_Werror ./nss/lib/ckfw/pem/util.c
|
|
||||||
--- ./nss/lib/ckfw/pem/util.c.compile_Werror 2014-01-23 06:28:18.000000000 -0800
|
|
||||||
+++ ./nss/lib/ckfw/pem/util.c 2015-11-13 12:22:52.282196306 -0800
|
|
||||||
@@ -131,7 +131,8 @@ static SECStatus FileToItem(SECItem * ds
|
|
||||||
return SECFailure;
|
|
||||||
}
|
|
||||||
|
|
||||||
-int
|
|
||||||
+/* FIX: Returns a SECStatus yet callers take result as a count */
|
|
||||||
+SECStatus
|
|
||||||
ReadDERFromFile(SECItem *** derlist, char *filename, PRBool ascii,
|
|
||||||
int *cipher, char **ivstring, PRBool certsonly)
|
|
||||||
{
|
|
||||||
@@ -237,7 +238,12 @@ ReadDERFromFile(SECItem *** derlist, cha
|
|
||||||
goto loser;
|
|
||||||
}
|
|
||||||
if ((certsonly && !key) || (!certsonly && key)) {
|
|
||||||
+ error = CKR_OK;
|
|
||||||
PUT_Object(der, error);
|
|
||||||
+ if (error != CKR_OK) {
|
|
||||||
+ free(der);
|
|
||||||
+ goto loser;
|
|
||||||
+ }
|
|
||||||
} else {
|
|
||||||
free(der->data);
|
|
||||||
free(der);
|
|
||||||
@@ -255,7 +261,12 @@ ReadDERFromFile(SECItem *** derlist, cha
|
|
||||||
}
|
|
||||||
|
|
||||||
/* NOTE: This code path has never been tested. */
|
|
||||||
+ error = CKR_OK;
|
|
||||||
PUT_Object(der, error);
|
|
||||||
+ if (error != CKR_OK) {
|
|
||||||
+ free(der);
|
|
||||||
+ goto loser;
|
|
||||||
+ }
|
|
||||||
}
|
|
||||||
|
|
||||||
nss_ZFreeIf(filedata.data);
|
|
||||||
Loading…
Reference in New Issue
Block a user