- Revert to using current nss_softokn_version

- Patch to deal with lack of sha224 is no longer needed
2011-12-13 14:29:45 -08:00 · 2011-12-13 14:29:45 -08:00 · d5f0675cc9
parent def217ea25
commit d5f0675cc9
2 changed files with 10 additions and 112 deletions
--- a/nosha224.patch
+++ b/nosha224.patch
@ -1,101 +0,0 @@
-diff -up ./mozilla/security/nss/cmd/bltest/blapitest.c.nosha224 ./mozilla/security/nss/cmd/bltest/blapitest.c
--- ./mozilla/security/nss/cmd/bltest/blapitest.c.nosha224	2011-09-16 12:16:50.000000000 -0700
-+++ ./mozilla/security/nss/cmd/bltest/blapitest.c	2011-12-10 11:45:11.346011408 -0800
-@@ -686,7 +686,9 @@ typedef enum {
-     bltestMD2,		  /* Hash algorithms	   */
-     bltestMD5,		  /* .			   */
-     bltestSHA1,           /* .			   */
-+#ifndef NO_SHA224_AVAILABLE
-     bltestSHA224,         /* .			   */
-+#endif
-     bltestSHA256,         /* .			   */
-     bltestSHA384,         /* .			   */
-     bltestSHA512,         /* .			   */
-@@ -721,7 +723,9 @@ static char *mode_strings[] =
-     "md2",
-     "md5",
-     "sha1",
-+#ifndef NO_SHA224_AVAILABLE
-     "sha224",
-+#endif
-     "sha256",
-     "sha384",
-     "sha512",
-@@ -1761,6 +1765,7 @@ finish:
-     return rv;
- }
- 
-+#ifndef NO_SHA224_AVAILABLE
- SECStatus
- SHA224_restart(unsigned char *dest, const unsigned char *src, uint32 src_length)
- {
-@@ -1800,6 +1805,7 @@ finish:
-     SHA224_DestroyContext(cx, PR_TRUE);
-     return rv;
- }
-+#endif
- 
- SECStatus
- SHA256_restart(unsigned char *dest, const unsigned char *src, uint32 src_length)
-@@ -2093,6 +2099,7 @@ cipherInit(bltestCipherInfo *cipherInfo,
- 	cipherInfo->cipher.hashCipher = (restart) ? sha1_restart : SHA1_HashBuf;
- 	return SECSuccess;
- 	break;
-+#ifndef NO_SHA224_AVAILABLE
-     case bltestSHA224:
- 	restart = cipherInfo->params.hash.restart;
- 	SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
-@@ -2100,6 +2107,7 @@ cipherInit(bltestCipherInfo *cipherInfo,
- 	cipherInfo->cipher.hashCipher = (restart) ? SHA224_restart 
- 	                                          : SHA224_HashBuf;
- 	return SECSuccess;
-+#endif
- 	break;
-     case bltestSHA256:
- 	restart = cipherInfo->params.hash.restart;
-@@ -2542,7 +2550,9 @@ cipherFinish(bltestCipherInfo *cipherInf
-     case bltestMD2: /* hash contexts are ephemeral */
-     case bltestMD5:
-     case bltestSHA1:
-+#ifndef NO_SHA224_AVAILABLE
-     case bltestSHA224:
-+#endif
-     case bltestSHA256:
-     case bltestSHA384:
-     case bltestSHA512:
-@@ -2896,7 +2906,9 @@ get_params(PRArenaPool *arena, bltestPar
-     case bltestMD2:
-     case bltestMD5:
-     case bltestSHA1:
-+#ifndef NO_SHA224_AVAILABLE
-     case bltestSHA224:
-+#endif
-     case bltestSHA256:
-     case bltestSHA384:
-     case bltestSHA512:
-diff -up ./mozilla/security/nss/cmd/bltest/Makefile.nosha224 ./mozilla/security/nss/cmd/bltest/Makefile
--- ./mozilla/security/nss/cmd/bltest/Makefile.nosha224	2011-12-10 11:52:27.321001376 -0800
-+++ ./mozilla/security/nss/cmd/bltest/Makefile	2011-12-10 11:56:07.580996325 -0800
-@@ -62,6 +62,11 @@ include $(CORE_DEPTH)/coreconf/config.mk
- 
- include ../platlibs.mk
- 
-+# Don't compile code that requires SHA224 if it isn't avilable
-+# Such is the case when system freebl/softokn is the 3.12 one
-+#
-+CFLAGS+=-DNO_SHA224_AVAILABLE
-+
- #EXTRA_SHARED_LIBS += \
- #	-L/usr/lib \
- #	-lposix4 \
-diff -up ./mozilla/security/nss/tests/cipher/cipher.txt.nosha224 ./mozilla/security/nss/tests/cipher/cipher.txt
--- ./mozilla/security/nss/tests/cipher/cipher.txt.nosha224	2010-08-17 22:57:05.000000000 -0700
-+++ ./mozilla/security/nss/tests/cipher/cipher.txt	2011-12-04 22:03:47.317609956 -0800
-@@ -73,7 +73,6 @@
- 	0	md2_-H		MD2_Hash
- 	0	md5_-H		MD5_Hash
- 	0	sha1_-H		SHA1_Hash
-	0	sha224_-H	SHA224_Hash
- 	0	sha256_-H	SHA256_Hash
- 	0	sha384_-H	SHA384_Hash
- 	0	sha512_-H	SHA512_Hash
--- a/nss.spec
+++ b/nss.spec
@ -7,20 +7,20 @@
 Summary:          Network Security Services
 Name:             nss
 Version:          3.13.1
-Release:          8%{?dist}
+Release:          9%{?dist}
 License:          MPLv1.1 or GPLv2+ or LGPLv2+
 URL:              http://www.mozilla.org/projects/security/pki/nss/
 Group:            System Environment/Libraries
 Requires:         nspr >= %{nspr_version}
 Requires:         nss-util >= %{nss_util_version}
 # TODO: revert to same version as nss once we are done with the merge
-Requires:         nss-softokn%{_isa} >= %{nss_softokn_fips_version}
+Requires:         nss-softokn%{_isa} >= %{nss_softokn_version}
 Requires:         nss-system-init
 BuildRoot:        %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires:    nspr-devel >= %{nspr_version}
 # TODO: revert to same version as nss once we are done with the merge
 # Using '>=' but on RHEL the requires should be '='
-BuildRequires:    nss-softokn-devel >= %{nss_softokn_fips_version}
+BuildRequires:    nss-softokn-devel >= %{nss_softokn_version}
 BuildRequires:    nss-util-devel >= %{nss_util_version}
 BuildRequires:    sqlite-devel
 BuildRequires:    zlib-devel
@ -68,8 +68,6 @@ Patch23:          nss-ckbi-1.88.rtm.patch
 Patch25:          nsspem-use-system-freebl.patch
 # don't compile the fipstest application
 Patch26:          nofipstest.patch
-# sha224 isn't available when we use 3.12 softokn
-Patch27:          nosha224.patch
 # include this patch in the upstream pem review
 Patch28:          nsspem-bz754771.patch

@ -134,7 +132,7 @@ Requires:         nss-devel = %{version}-%{release}
 # TODO: revert to using nss_softokn_version once we are done with
 # the merge into to new rhel git repo
 # For RHEL we should have '=' instead of '>='
-Requires:         nss-softokn-freebl-devel >= %{nss_softokn_fips_version}
+Requires:         nss-softokn-freebl-devel >= %{nss_softokn_version}

 %description pkcs11-devel
 Library files for developing PKCS #11 modules using basic NSS 
@ -159,7 +157,6 @@ low level services.
 # link pem against buildroot's 3.12 freebl
 %patch25 -p0 -b .systemfreebl
 %patch26 -p0 -b .nofipstest
-%patch27 -p0 -b .nosha224
 %patch28 -p0 -b .754771


@ -233,9 +230,7 @@ export NSS_ECC_MORE_THAN_SUITE_B
 # Set up our package file
 # The nspr_version and nss_{util|softokn}_version globals used
 # here match the ones nss has for its Requires. 
-# TODO: using %%{nss_softokn_fips_version} for rhel
-# but for fefora we will revert to nss_softokn_version after
-# the merge is completed
+# Using the current %%{nss_softokn_version} for fedora again
 %{__mkdir_p} ./mozilla/dist/pkgconfig
 %{__cat} %{SOURCE1} | sed -e "s,%%libdir%%,%{_libdir},g" \
                          -e "s,%%prefix%%,%{_prefix},g" \
@ -244,7 +239,7 @@ export NSS_ECC_MORE_THAN_SUITE_B
                          -e "s,%%NSS_VERSION%%,%{version},g" \
                          -e "s,%%NSPR_VERSION%%,%{nspr_version},g" \
                          -e "s,%%NSSUTIL_VERSION%%,%{nss_util_version},g" \
-                          -e "s,%%SOFTOKEN_VERSION%%,%{nss_softokn_fips_version},g" > \
+                          -e "s,%%SOFTOKEN_VERSION%%,%{nss_softokn_version},g" > \
                          ./mozilla/dist/pkgconfig/nss.pc

 NSS_VMAJOR=`cat mozilla/security/nss/lib/nss/nss.h | grep "#define.*NSS_VMAJOR" | awk '{print $3}'`
@ -577,6 +572,10 @@ rm -rf $RPM_BUILD_ROOT/%{_includedir}/nss3/nsslowhash.h


 %changelog
+* Tue Dec 13 2011 elio maldonado <emaldona@redhat.com> - 3.13.1-9
+- Revert to using current nss_softokn_version
+- Patch to deal with lack of sha224 is no longer needed
+
 * Tue Dec 13 2011 Elio Maldonado <emaldona@redhat.com> - 3.13.1-8
 - Resolves: Bug 754771 - [PEM] an unregistered callback causes a SIGSEGV