Merge branch 'f19' into f18 - to update to nss-3.15.1
This commit is contained in:
commit
e52ccd19ae
|
@ -7,6 +7,5 @@ PayPalEE.cert
|
|||
TestCA.ca.cert
|
||||
TestUser50.cert
|
||||
TestUser51.cert
|
||||
/nss-pem-20120811.tar.bz2
|
||||
/dummy-sources-for-testing
|
||||
/nss-3.14.3-stripped.tar.bz2
|
||||
/nss-pem-20130405.tar.bz2
|
||||
/nss-3.15.1-stripped.tar.bz2
|
||||
|
|
|
@ -10,10 +10,10 @@ Subject: [PATCH] Sync up with upstream softokn changes
|
|||
mozilla/security/nss/lib/ckfw/pem/rsawrapr.c | 338 +++++++-------------------
|
||||
1 files changed, 82 insertions(+), 256 deletions(-)
|
||||
|
||||
diff --git a/mozilla/security/nss/lib/ckfw/pem/rsawrapr.c b/mozilla/security/nss/lib/ckfw/pem/rsawrapr.c
|
||||
diff --git a/nss/lib/ckfw/pem/rsawrapr.c b/nss/lib/ckfw/pem/rsawrapr.c
|
||||
index 5ac4f39..3780d30 100644
|
||||
--- a/mozilla/security/nss/lib/ckfw/pem/rsawrapr.c
|
||||
+++ b/mozilla/security/nss/lib/ckfw/pem/rsawrapr.c
|
||||
--- a/nss/lib/ckfw/pem/rsawrapr.c
|
||||
+++ b/nss/lib/ckfw/pem/rsawrapr.c
|
||||
@@ -46,6 +46,7 @@
|
||||
#include "sechash.h"
|
||||
#include "base.h"
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
--- mozilla/security/nss/lib/ckfw/pem/psession.c
|
||||
+++ mozilla/security/nss/lib/ckfw/pem/psession.c
|
||||
--- nss/lib/ckfw/pem/psession.c
|
||||
+++ nss/lib/ckfw/pem/psession.c
|
||||
@@ -230,6 +230,7 @@ pem_mdSession_Login
|
||||
unsigned int len = 0;
|
||||
NSSLOWKEYPrivateKey *lpk = NULL;
|
||||
|
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -1,7 +1,7 @@
|
|||
diff -up mozilla/security/coreconf/Linux.mk.relro mozilla/security/coreconf/Linux.mk
|
||||
--- mozilla/security/coreconf/Linux.mk.relro 2010-08-12 18:32:29.000000000 -0700
|
||||
+++ mozilla/security/coreconf/Linux.mk 2011-09-27 16:12:22.234743170 -0700
|
||||
@@ -179,6 +179,12 @@ FREEBL_NO_DEPEND = 1
|
||||
diff -up nss/coreconf/Linux.mk.relro nss/coreconf/Linux.mk
|
||||
--- nss/coreconf/Linux.mk.relro 2013-04-09 14:29:45.943228682 -0700
|
||||
+++ nss/coreconf/Linux.mk 2013-04-09 14:31:26.194953927 -0700
|
||||
@@ -174,6 +174,12 @@ endif
|
||||
endif
|
||||
endif
|
||||
|
||||
|
|
|
@ -0,0 +1,9 @@
|
|||
diff -up nss/tests/ocsp/ocsp.sh.skipoutbound nss/tests/ocsp/ocsp.sh
|
||||
--- nss/tests/ocsp/ocsp.sh.skipoutbound 2013-04-24 18:04:30.203307355 -0700
|
||||
+++ nss/tests/ocsp/ocsp.sh 2013-04-24 18:06:27.967176794 -0700
|
||||
@@ -115,4 +115,4 @@ ocsp_stapling()
|
||||
################## main #################################################
|
||||
ocsp_init
|
||||
ocsp_iopr_run
|
||||
-ocsp_stapling
|
||||
+#ocsp_stapling
|
|
@ -0,0 +1,2 @@
|
|||
Dummy source file that we by uploading it lets us verify that nss builds
|
||||
do not cause the 'fedpkg upload' or 'fedpg new-sources' commands to hang.
|
|
@ -0,0 +1,38 @@
|
|||
diff -up nss/cmd/bltest/Makefile.iquote nss/cmd/bltest/Makefile
|
||||
--- nss/cmd/bltest/Makefile.iquote 2013-06-27 10:58:08.000000000 -0700
|
||||
+++ nss/cmd/bltest/Makefile 2013-07-02 15:02:26.656643246 -0700
|
||||
@@ -45,6 +45,7 @@ include $(CORE_DEPTH)/coreconf/rules.mk
|
||||
# (6) Execute "component" rules. (OPTIONAL) #
|
||||
#######################################################################
|
||||
|
||||
+INCLUDES += -iquote $(DIST)/../private/nss
|
||||
|
||||
|
||||
#######################################################################
|
||||
diff -up nss/cmd/lib/Makefile.iquote nss/cmd/lib/Makefile
|
||||
--- nss/cmd/lib/Makefile.iquote 2013-07-02 15:07:47.260622471 -0700
|
||||
+++ nss/cmd/lib/Makefile 2013-07-02 15:08:47.219179157 -0700
|
||||
@@ -38,7 +38,8 @@ include $(CORE_DEPTH)/coreconf/rules.mk
|
||||
# (6) Execute "component" rules. (OPTIONAL) #
|
||||
#######################################################################
|
||||
|
||||
-
|
||||
+INCLUDES += -iquote $(DIST)/../private/nss
|
||||
+INCLUDES += -iquote $(DIST)/../public/nss
|
||||
|
||||
#######################################################################
|
||||
# (7) Execute "local" rules. (OPTIONAL). #
|
||||
diff -up nss/coreconf/location.mk.iquote nss/coreconf/location.mk
|
||||
--- nss/coreconf/location.mk.iquote 2013-06-27 10:58:08.000000000 -0700
|
||||
+++ nss/coreconf/location.mk 2013-07-02 15:02:26.656643246 -0700
|
||||
@@ -45,6 +45,10 @@ endif
|
||||
|
||||
ifdef NSS_INCLUDE_DIR
|
||||
INCLUDES += -I$(NSS_INCLUDE_DIR)
|
||||
+ ifdef IN_TREE_FREEBL_HEADERS_FIRST
|
||||
+ INCLUDES += -iquote $(DIST)/../public/nss
|
||||
+ INCLUDES += -iquote $(DIST)/../private/nss
|
||||
+ endif
|
||||
endif
|
||||
|
||||
ifndef NSS_LIB_DIR
|
|
@ -50,9 +50,9 @@ then
|
|||
fi
|
||||
|
||||
TOPDIR=`ls -1`
|
||||
if test "x$TOPDIR" != "xmozilla"
|
||||
if test "x$TOPDIR" != "xnss"
|
||||
then
|
||||
# try to deal with a single additional subdirectory above "mozilla"
|
||||
# try to deal with a single additional subdirectory above "nss"
|
||||
echo "== skipping toplevel directory $TOPDIR"
|
||||
cd $TOPDIR
|
||||
fi
|
||||
|
@ -65,18 +65,18 @@ then
|
|||
fi
|
||||
|
||||
SINGLEDIR=`ls -1`
|
||||
if test "x$SINGLEDIR" != "xmozilla"
|
||||
if test "x$SINGLEDIR" != "xnss"
|
||||
then
|
||||
echo "unable to process, first or second level directory is not mozilla"
|
||||
echo "unable to process, first or second level directory is not nss"
|
||||
exit
|
||||
fi
|
||||
|
||||
echo "== input archive accepted, now processing"
|
||||
|
||||
REALFREEBLDIR=mozilla/security/nss/lib/freebl
|
||||
REALFREEBLDIR=nss/lib/freebl
|
||||
FREEBLDIR=./$REALFREEBLDIR
|
||||
|
||||
rm -rf ./mozilla/security/nss/cmd/ecperf
|
||||
rm -rf ./nss/cmd/ecperf
|
||||
|
||||
mv ${FREEBLDIR}/ecl/ecl-exp.h ${FREEBLDIR}/save
|
||||
rm -rf ${FREEBLDIR}/ecl/tests
|
||||
|
|
|
@ -1,39 +0,0 @@
|
|||
diff -up ./mozilla/security/nss/cmd/Makefile.nosoftokentests ./mozilla/security/nss/cmd/Makefile
|
||||
--- ./mozilla/security/nss/cmd/Makefile.nosoftokentests 2012-12-22 14:06:13.193304912 -0800
|
||||
+++ ./mozilla/security/nss/cmd/Makefile 2012-12-22 14:10:04.942248630 -0800
|
||||
@@ -14,6 +14,14 @@ ifdef BUILD_LIBPKIX_TESTS
|
||||
DIRS += libpkix
|
||||
endif
|
||||
|
||||
+# nss-softoken only tests
|
||||
+BLTEST_SRCDIR=
|
||||
+FIPSTEST_SRCDIR=
|
||||
+ifeq ($(NSS_BUILD_SOFTOKEN_ONLY),1)
|
||||
+BLTEST_SRCDIR=bltest # Add the bltest directory to DIRS.
|
||||
+FIPSTEST_SRCDIR=fipstest # Add the fipstest directory to DIRS.
|
||||
+endif
|
||||
+
|
||||
LOWHASHTEST_SRCDIR=
|
||||
ifeq ($(FREEBL_LOWHASH),1)
|
||||
LOWHASHTEST_SRCDIR = lowhashtest # Add the lowhashtest directory to DIRS.
|
||||
diff -up ./mozilla/security/nss/cmd/manifest.mn.nosoftokentests ./mozilla/security/nss/cmd/manifest.mn
|
||||
--- ./mozilla/security/nss/cmd/manifest.mn.nosoftokentests 2012-12-22 14:06:35.191293837 -0800
|
||||
+++ ./mozilla/security/nss/cmd/manifest.mn 2012-12-22 14:11:22.342263467 -0800
|
||||
@@ -11,7 +11,7 @@ REQUIRES = nss nspr libdbm
|
||||
DIRS = lib \
|
||||
addbuiltin \
|
||||
atob \
|
||||
- bltest \
|
||||
+ $(BLTEST_SRCDIR) \
|
||||
btoa \
|
||||
certcgi \
|
||||
certutil \
|
||||
@@ -23,7 +23,7 @@ DIRS = lib \
|
||||
derdump \
|
||||
digest \
|
||||
httpserv \
|
||||
- fipstest \
|
||||
+ $(FIPSTEST_SRCDIR) \
|
||||
$(LOWHASHTEST_SRCDIR) \
|
||||
listsuites \
|
||||
makepqg \
|
|
@ -1,10 +1,11 @@
|
|||
diff -up ./mozilla/security/nss/tests/chains/scenarios/scenarios.noocsptest ./mozilla/security/nss/tests/chains/scenarios/scenarios
|
||||
--- ./mozilla/security/nss/tests/chains/scenarios/scenarios.noocsptest 2013-01-06 19:56:15.000000000 -0800
|
||||
+++ ./mozilla/security/nss/tests/chains/scenarios/scenarios 2013-02-01 08:38:28.140615299 -0800
|
||||
@@ -50,6 +50,5 @@ bridgewithpolicyextensionandmapping.cfg
|
||||
diff -up nss/tests/chains/scenarios/scenarios.noocsptest nss/tests/chains/scenarios/scenarios
|
||||
--- nss/tests/chains/scenarios/scenarios.noocsptest 2013-06-27 10:58:08.000000000 -0700
|
||||
+++ nss/tests/chains/scenarios/scenarios 2013-07-02 16:13:27.075038930 -0700
|
||||
@@ -50,7 +50,6 @@ bridgewithpolicyextensionandmapping.cfg
|
||||
realcerts.cfg
|
||||
dsa.cfg
|
||||
revoc.cfg
|
||||
-ocsp.cfg
|
||||
crldp.cfg
|
||||
trustanchors.cfg
|
||||
nameconstraints.cfg
|
||||
|
|
|
@ -1,10 +1,6 @@
|
|||
Index: ./mozilla/security/nss/cmd/httpserv/httpserv.c
|
||||
===================================================================
|
||||
RCS file: /cvsroot/mozilla/security/nss/cmd/httpserv/httpserv.c,v
|
||||
retrieving revision 1.1
|
||||
diff -u -p -r1.1 httpserv.c
|
||||
--- ./mozilla/security/nss/cmd/httpserv/httpserv.c 28 Jun 2012 11:11:06 -0000 1.1
|
||||
+++ ./mozilla/security/nss/cmd/httpserv/httpserv.c 21 Oct 2012 22:22:10 -0000
|
||||
diff -up nss/cmd/httpserv/httpserv.c.539183 nss/cmd/httpserv/httpserv.c
|
||||
--- nss/cmd/httpserv/httpserv.c.539183 2013-05-28 14:43:24.000000000 -0700
|
||||
+++ nss/cmd/httpserv/httpserv.c 2013-05-30 22:16:46.685373471 -0700
|
||||
@@ -661,14 +661,18 @@ getBoundListenSocket(unsigned short port
|
||||
PRStatus prStatus;
|
||||
PRNetAddr addr;
|
||||
|
@ -29,14 +25,10 @@ diff -u -p -r1.1 httpserv.c
|
|||
}
|
||||
|
||||
opt.option = PR_SockOpt_Nonblocking;
|
||||
Index: ./mozilla/security/nss/cmd/selfserv/selfserv.c
|
||||
===================================================================
|
||||
RCS file: /cvsroot/mozilla/security/nss/cmd/selfserv/selfserv.c,v
|
||||
retrieving revision 1.102
|
||||
diff -u -p -r1.102 selfserv.c
|
||||
--- ./mozilla/security/nss/cmd/selfserv/selfserv.c 27 Sep 2012 17:13:34 -0000 1.102
|
||||
+++ ./mozilla/security/nss/cmd/selfserv/selfserv.c 21 Oct 2012 22:22:10 -0000
|
||||
@@ -1483,14 +1483,18 @@ getBoundListenSocket(unsigned short port
|
||||
diff -up nss/cmd/selfserv/selfserv.c.539183 nss/cmd/selfserv/selfserv.c
|
||||
--- nss/cmd/selfserv/selfserv.c.539183 2013-05-28 14:43:24.000000000 -0700
|
||||
+++ nss/cmd/selfserv/selfserv.c 2013-05-30 22:16:46.688373495 -0700
|
||||
@@ -1687,14 +1687,18 @@ getBoundListenSocket(unsigned short port
|
||||
PRStatus prStatus;
|
||||
PRNetAddr addr;
|
||||
PRSocketOptionData opt;
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
diff -up ./mozilla/security/nss/tests/dbtests/dbtests.sh.noroot ./mozilla/security/nss/tests/dbtests/dbtests.sh
|
||||
--- ./mozilla/security/nss/tests/dbtests/dbtests.sh.noroot 2011-04-06 09:56:07.207701000 -0700
|
||||
+++ ./mozilla/security/nss/tests/dbtests/dbtests.sh 2011-04-06 10:19:54.159552000 -0700
|
||||
@@ -201,6 +201,9 @@ dbtest_main()
|
||||
diff -up nss/tests/dbtests/dbtests.sh.646045 nss/tests/dbtests/dbtests.sh
|
||||
--- nss/tests/dbtests/dbtests.sh.646045 2013-04-04 13:31:55.000000000 -0700
|
||||
+++ nss/tests/dbtests/dbtests.sh 2013-04-04 15:57:46.298127149 -0700
|
||||
@@ -168,6 +168,9 @@ dbtest_main()
|
||||
cat $RONLY_DIR/* > /dev/null
|
||||
fi
|
||||
|
||||
|
@ -11,7 +11,7 @@ diff -up ./mozilla/security/nss/tests/dbtests/dbtests.sh.noroot ./mozilla/securi
|
|||
${BINDIR}/dbtest -d $RONLY_DIR
|
||||
ret=$?
|
||||
if [ $ret -ne 46 ]; then
|
||||
@@ -208,6 +211,10 @@ dbtest_main()
|
||||
@@ -175,6 +178,10 @@ dbtest_main()
|
||||
else
|
||||
html_passed "Dbtest r/w didn't work in an readonly dir $ret"
|
||||
fi
|
||||
|
@ -22,7 +22,7 @@ diff -up ./mozilla/security/nss/tests/dbtests/dbtests.sh.noroot ./mozilla/securi
|
|||
${BINDIR}/certutil -D -n "TestUser" -d .
|
||||
ret=$?
|
||||
if [ $ret -ne 255 ]; then
|
||||
@@ -215,6 +222,9 @@ dbtest_main()
|
||||
@@ -182,6 +189,9 @@ dbtest_main()
|
||||
else
|
||||
html_passed "Certutil didn't work in an readonly dir $ret"
|
||||
fi
|
||||
|
|
|
@ -0,0 +1,132 @@
|
|||
<?xml version='1.0' encoding='utf-8'?>
|
||||
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
|
||||
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
|
||||
<!ENTITY date SYSTEM "date.xml">
|
||||
<!ENTITY version SYSTEM "version.xml">
|
||||
]>
|
||||
|
||||
<refentry id="nss-config">
|
||||
|
||||
<refentryinfo>
|
||||
<date>&date;</date>
|
||||
<title>Network Security Services</title>
|
||||
<productname>nss</productname>
|
||||
<productnumber>&version;</productnumber>
|
||||
</refentryinfo>
|
||||
|
||||
<refmeta>
|
||||
<refentrytitle>nss-config</refentrytitle>
|
||||
<manvolnum>1</manvolnum>
|
||||
</refmeta>
|
||||
|
||||
<refnamediv>
|
||||
<refname>nss-config</refname>
|
||||
<refpurpose>Return meta information about nss libraries</refpurpose>
|
||||
</refnamediv>
|
||||
|
||||
<refsynopsisdiv>
|
||||
<cmdsynopsis>
|
||||
<command>nss-config</command>
|
||||
<arg><option>--prefix</option></arg>
|
||||
<arg><option>--exec-prefix</option></arg>
|
||||
<arg><option>--includedir</option></arg>
|
||||
<arg><option>--libs</option></arg>
|
||||
<arg><option>--cflags</option></arg>
|
||||
<arg><option>--libdir</option></arg>
|
||||
<arg><option>--version</option></arg>
|
||||
</cmdsynopsis>
|
||||
</refsynopsisdiv>
|
||||
|
||||
<refsection id="description">
|
||||
<title>Description</title>
|
||||
|
||||
<para><command>nss-config</command> is a shell scrip
|
||||
tool which can be used to obtain gcc options for building client pacakges of nspt. </para>
|
||||
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>Options</title>
|
||||
|
||||
<variablelist>
|
||||
<varlistentry>
|
||||
<term><option>--prefix</option></term>
|
||||
<listitem><simpara>Returns the top level system directory under which the nss libraries are installed.</simpara></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>--exec-prefix</option></term>
|
||||
<listitem><simpara>returns the top level system directory under which any nss binaries would be installed.</simpara></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>--includedir</option> <replaceable>count</replaceable></term>
|
||||
<listitem><simpara>returns the path to the directory were the nss libraries are installed.</simpara></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>--version</option></term>
|
||||
<listitem><simpara>returns the upstream version of nss in the form major_version-minor_version-patch_version.</simpara></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>--libs</option></term>
|
||||
<listitem><simpara>returns the compiler linking flags.</simpara></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>--cflags</option></term>
|
||||
<listitem><simpara>returns the compiler include flags.</simpara></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>--libdir</option></term>
|
||||
<listitem><simpara>returns the path to the directory were the nss libraries are installed.</simpara></listitem>
|
||||
</varlistentry>
|
||||
|
||||
</variablelist>
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>Examples</title>
|
||||
|
||||
<para>The following example will query for both include path and linkage flags:
|
||||
|
||||
<programlisting>
|
||||
/usr/bin/nss-config --cflags --libs
|
||||
</programlisting>
|
||||
|
||||
</para>
|
||||
|
||||
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>Files</title>
|
||||
|
||||
<para><filename>/usr/bin/nss-config</filename></para>
|
||||
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>See also</title>
|
||||
<para>pkg-config(1)</para>
|
||||
</refsection>
|
||||
|
||||
<refsection id="authors">
|
||||
<title>Authors</title>
|
||||
<para>The nss liraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.</para>
|
||||
<para>
|
||||
Authors: Elio Maldonado <emaldona@redhat.com>.
|
||||
</para>
|
||||
</refsection>
|
||||
|
||||
<!-- don't change -->
|
||||
<refsection id="license">
|
||||
<title>LICENSE</title>
|
||||
<para>Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||
</para>
|
||||
</refsection>
|
||||
|
||||
</refentry>
|
||||
|
|
@ -1,9 +1,9 @@
|
|||
diff -up ./mozilla/security/nss/lib/ckfw/manifest.mn.prepem ./mozilla/security/nss/lib/ckfw/manifest.mn
|
||||
--- ./mozilla/security/nss/lib/ckfw/manifest.mn.prepem 2008-08-05 16:34:23.000000000 -0700
|
||||
+++ ./mozilla/security/nss/lib/ckfw/manifest.mn 2008-08-05 16:34:30.000000000 -0700
|
||||
@@ -38,7 +38,7 @@ MANIFEST_CVS_ID = "@(#) $RCSfile: manife
|
||||
diff -up nss/lib/ckfw/manifest.mn.libpem nss/lib/ckfw/manifest.mn
|
||||
--- nss/lib/ckfw/manifest.mn.libpem 2013-05-28 14:43:24.000000000 -0700
|
||||
+++ nss/lib/ckfw/manifest.mn 2013-05-30 22:14:49.247459672 -0700
|
||||
@@ -5,7 +5,7 @@
|
||||
|
||||
CORE_DEPTH = ../../..
|
||||
CORE_DEPTH = ../..
|
||||
|
||||
-DIRS = builtins
|
||||
+DIRS = builtins pem
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
diff -up nss/cmd/Makefile.skipthem nss/cmd/Makefile
|
||||
--- nss/cmd/Makefile.nobltest 2013-05-28 14:43:24.000000000 -0700
|
||||
+++ nss/cmd/Makefile 2013-06-15 11:51:11.669655168 -0700
|
||||
@@ -14,10 +14,10 @@ ifdef BUILD_LIBPKIX_TESTS
|
||||
DIRS += libpkix
|
||||
endif
|
||||
|
||||
-ifeq ($(NSS_BUILD_WITHOUT_SOFTOKEN),1)
|
||||
+ifeq ($(NSS_BLTEST_NOT_AVAILABLE),1)
|
||||
BLTEST_SRCDIR =
|
||||
-FIPSTEST_SRCDIR =
|
||||
-SHLIBSIGN_SRCDIR =
|
||||
+FIPSTEST_SRCDIR =
|
||||
+SHLIBSIGN_SRCDIR = shlibsign
|
||||
else
|
||||
BLTEST_SRCDIR = bltest
|
||||
FIPSTEST_SRCDIR = fipstest
|
|
@ -1,16 +1,16 @@
|
|||
diff -up ./mozilla/security/nss/lib/ssl/sslsock.c.cbcrandomivoff ./mozilla/security/nss/lib/ssl/sslsock.c
|
||||
--- ./mozilla/security/nss/lib/ssl/sslsock.c.cbcrandomivoff 2013-02-01 10:14:36.960458329 -0800
|
||||
+++ ./mozilla/security/nss/lib/ssl/sslsock.c 2013-02-01 10:17:16.532265855 -0800
|
||||
@@ -153,7 +153,7 @@ static sslOptions ssl_defaults = {
|
||||
diff -up nss/lib/ssl/sslsock.c.cbcrandomivoff nss/lib/ssl/sslsock.c
|
||||
--- nss/lib/ssl/sslsock.c.cbcrandomivoff 2013-05-30 22:20:52.181292812 -0700
|
||||
+++ nss/lib/ssl/sslsock.c 2013-05-30 22:20:52.194292913 -0700
|
||||
@@ -152,7 +152,7 @@ static sslOptions ssl_defaults = {
|
||||
3, /* enableRenegotiation (default: transitional) */
|
||||
PR_FALSE, /* requireSafeNegotiation */
|
||||
PR_FALSE, /* enableFalseStart */
|
||||
- PR_TRUE /* cbcRandomIV */
|
||||
+ PR_FALSE /* cbcRandomIV */ /* defaults to off for compatibility */
|
||||
- PR_TRUE, /* cbcRandomIV */
|
||||
+ PR_FALSE, /* cbcRandomIV */ /* defaults to off for compatibility */
|
||||
PR_FALSE /* enableOCSPStapling */
|
||||
};
|
||||
|
||||
/*
|
||||
@@ -2837,9 +2837,9 @@ ssl_SetDefaultsFromEnvironment(void)
|
||||
@@ -2906,9 +2906,9 @@ ssl_SetDefaultsFromEnvironment(void)
|
||||
PR_TRUE));
|
||||
}
|
||||
ev = getenv("NSS_SSL_CBC_RANDOM_IV");
|
||||
|
|
|
@ -1,15 +1,16 @@
|
|||
diff -up ./mozilla/security/nss/lib/ssl/derive.c.nobypass ./mozilla/security/nss/lib/ssl/derive.c
|
||||
diff -up ./mozilla/security/nss/lib/ssl/sslsock.c.nobypass ./mozilla/security/nss/lib/ssl/sslsock.c
|
||||
--- ./mozilla/security/nss/lib/ssl/sslsock.c.nobypass 2012-10-07 15:12:25.455307540 -0700
|
||||
+++ ./mozilla/security/nss/lib/ssl/sslsock.c 2012-10-07 15:21:27.229346754 -0700
|
||||
@@ -547,8 +547,8 @@ static PRStatus SSL_BypassRegisterShutdo
|
||||
diff -up nss/lib/ssl/sslsock.c.nobypass nss/lib/ssl/sslsock.c
|
||||
--- nss/lib/ssl/sslsock.c.nobypass 2013-05-30 22:23:37.305583715 -0700
|
||||
+++ nss/lib/ssl/sslsock.c 2013-05-30 22:23:37.311583762 -0700
|
||||
@@ -553,8 +553,10 @@ static PRStatus SSL_BypassRegisterShutdo
|
||||
static PRStatus SSL_BypassSetup(void)
|
||||
{
|
||||
#ifdef NO_PKCS11_BYPASS
|
||||
- /* Guarantee binary compatibility */
|
||||
- return PR_SUCCESS;
|
||||
+ /* We can safely return failure as we have never supported it */
|
||||
+ return PR_FALSE;
|
||||
+ /* No need in our case to guarantee binary compatibility and
|
||||
+ * we can safely return failure as we have never supported it
|
||||
+ */
|
||||
+ return PR_FAILURE;
|
||||
#else
|
||||
return PR_CallOnce(&setupBypassOnce, &SSL_BypassRegisterShutdown);
|
||||
#endif
|
||||
|
|
|
@ -0,0 +1,38 @@
|
|||
diff -up nss/tests/all.sh.crypto nss/tests/all.sh
|
||||
--- nss/tests/all.sh.crypto 2013-05-28 14:43:24.000000000 -0700
|
||||
+++ nss/tests/all.sh 2013-06-13 12:14:12.741082184 -0700
|
||||
@@ -299,9 +299,10 @@ fi
|
||||
# created, we check for modutil to know whether the build
|
||||
# is complete. If a new file is created after that, the
|
||||
# following test for modutil should check for that instead.
|
||||
+# Except when building softoken only where shlibsign is the last one built.
|
||||
+export LAST_BUILT=[ ${NSS_BUILD_SOFTOKEN_ONLY} -eq "1" ] && shlibsign || modutil
|
||||
|
||||
-if [ ! -f ${DIST}/${OBJDIR}/bin/modutil -a \
|
||||
- ! -f ${DIST}/${OBJDIR}/bin/modutil.exe ]; then
|
||||
+if [ ! -f ${DIST}/${OBJDIR}/bin/${LAST_BUILT}${PROG_SUFFIX} -a ]; then
|
||||
echo "Build Incomplete. Aborting test." >> ${LOGFILE}
|
||||
html_head "Testing Initialization"
|
||||
Exit "Checking for build"
|
||||
diff -up nss/tests/cipher/cipher.sh.crypto nss/tests/cipher/cipher.sh
|
||||
--- nss/tests/cipher/cipher.sh.crypto 2013-05-28 14:43:24.000000000 -0700
|
||||
+++ nss/tests/cipher/cipher.sh 2013-06-13 11:58:00.956064976 -0700
|
||||
@@ -129,6 +129,16 @@ if [ ! -x ${DIST}/${OBJDIR}/bin/bltest${
|
||||
return 0
|
||||
fi
|
||||
cipher_init
|
||||
-cipher_main
|
||||
-cipher_gcm
|
||||
+if [ "${NSS_BUILD_SOFTOKEN_ONLY}" = "1" ]; then
|
||||
+ echo "Skipping cipher_gcm because this is a softoken only build"
|
||||
+ cipher_main
|
||||
+elif [ "${NSS_BUILD_WITHOUT_SOFTOKEN}" = "1" ]; then
|
||||
+ echo "Skipping cipher_main because this an nss without softoken build"
|
||||
+ cipher_gcm
|
||||
+else
|
||||
+ # default is to run both
|
||||
+ cipher_init
|
||||
+ cipher_main
|
||||
+ cipher_gcm
|
||||
+fi
|
||||
cipher_cleanup
|
301
nss.spec
301
nss.spec
|
@ -1,8 +1,9 @@
|
|||
%global nspr_version 4.9.5
|
||||
%global nss_util_version 3.14.3
|
||||
%global nspr_version 4.10
|
||||
%global nss_util_version 3.15.1
|
||||
%global nss_softokn_fips_version 3.12.9
|
||||
%global nss_softokn_version 3.14.3
|
||||
%global nss_softokn_version 3.15.1
|
||||
%global unsupported_tools_directory %{_libdir}/nss/unsupported-tools
|
||||
%global allTools "certutil cmsutil crlutil derdump modutil pk12util pp signtool signver ssltap vfychain vfyserv"
|
||||
|
||||
# Define if using a source archive like "nss-version.with.ckbi.version".
|
||||
# To "disable", add "#" to start of line, AND a space after "%".
|
||||
|
@ -10,8 +11,8 @@
|
|||
|
||||
Summary: Network Security Services
|
||||
Name: nss
|
||||
Version: 3.14.3
|
||||
Release: 2%{?dist}
|
||||
Version: 3.15.1
|
||||
Release: 1%{?dist}
|
||||
License: MPLv2.0
|
||||
URL: http://www.mozilla.org/projects/security/pki/nss/
|
||||
Group: System Environment/Libraries
|
||||
|
@ -60,17 +61,18 @@ Source7: blank-key4.db
|
|||
Source8: system-pkcs11.txt
|
||||
Source9: setup-nsssysinit.sh
|
||||
Source10: PayPalEE.cert
|
||||
Source12: %{name}-pem-20120811.tar.bz2
|
||||
Source12: %{name}-pem-20130405.tar.bz2
|
||||
Source17: TestCA.ca.cert
|
||||
Source18: TestUser50.cert
|
||||
Source19: TestUser51.cert
|
||||
Source20: nss-config.xml
|
||||
Source21: setup-nsssysinit.xml
|
||||
|
||||
Patch2: add-relro-linker-option.patch
|
||||
Patch3: renegotiate-transitional.patch
|
||||
Patch6: nss-enable-pem.patch
|
||||
Patch16: nss-539183.patch
|
||||
Patch18: nss-646045.patch
|
||||
Patch19: nss-872761.patch
|
||||
# must statically link pem against the freebl in the buildroot
|
||||
# Needed only when freebl on tree has new APIS
|
||||
Patch25: nsspem-use-system-freebl.patch
|
||||
|
@ -80,10 +82,18 @@ Patch29: nss-ssl-cbc-random-iv-off-by-default.patch
|
|||
Patch39: nss-ssl-enforce-no-pkcs11-bypass.path
|
||||
# TODO: Remove this patch when the ocsp test are fixed
|
||||
Patch40: nss-3.14.0.0-disble-ocsp-test.patch
|
||||
# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=835919
|
||||
Patch43: no-softoken-freebl-tests.patch
|
||||
Patch44: 0001-sync-up-with-upstream-softokn-changes.patch
|
||||
Patch45: Bug-896651-pem-dont-trash-keys-on-failed-login.patch
|
||||
# The ocsp stapling tests currently require access to the
|
||||
# kuix.de test server but koji forbids outbount connections
|
||||
Patch46: disable-ocsp-stapling-tests.patch
|
||||
# Fedora / RHEL-only patch, the templates directory was originally introduced to support mod_revocator
|
||||
Patch47: utilwrap-include-templates.patch
|
||||
# TODO submit this patch upstream
|
||||
Patch48: nss-versus-softoken-tests.patch
|
||||
# TODO remove when we switch to building nss without softoken
|
||||
Patch49: nss-skip-bltest-and-fipstest.patch
|
||||
Patch50: iquote.patch
|
||||
|
||||
%description
|
||||
Network Security Services (NSS) is a set of libraries designed to
|
||||
|
@ -131,6 +141,7 @@ Requires: nss-util-devel
|
|||
Requires: nss-softokn-devel
|
||||
Requires: nspr-devel >= %{nspr_version}
|
||||
Requires: pkgconfig
|
||||
BuildRequires: xmlto
|
||||
|
||||
%description devel
|
||||
Header and Library files for doing development with Network Security Services.
|
||||
|
@ -153,10 +164,10 @@ low level services.
|
|||
|
||||
%prep
|
||||
%setup -q
|
||||
%{__cp} %{SOURCE10} -f ./mozilla/security/nss/tests/libpkix/certs
|
||||
%{__cp} %{SOURCE17} -f ./mozilla/security/nss/tests/libpkix/certs
|
||||
%{__cp} %{SOURCE18} -f ./mozilla/security/nss/tests/libpkix/certs
|
||||
%{__cp} %{SOURCE19} -f ./mozilla/security/nss/tests/libpkix/certs
|
||||
%{__cp} %{SOURCE10} -f ./nss/tests/libpkix/certs
|
||||
%{__cp} %{SOURCE17} -f ./nss/tests/libpkix/certs
|
||||
%{__cp} %{SOURCE18} -f ./nss/tests/libpkix/certs
|
||||
%{__cp} %{SOURCE19} -f ./nss/tests/libpkix/certs
|
||||
%setup -q -T -D -n %{name}-%{version} -a 12
|
||||
|
||||
%patch2 -p0 -b .relro
|
||||
|
@ -164,16 +175,36 @@ low level services.
|
|||
%patch6 -p0 -b .libpem
|
||||
%patch16 -p0 -b .539183
|
||||
%patch18 -p0 -b .646045
|
||||
%patch19 -p0 -b .872761
|
||||
# link pem against buildroot's freebl, essential when mixing and matching
|
||||
%patch25 -p0 -b .systemfreebl
|
||||
# activate for stable and beta branches
|
||||
%patch29 -p0 -b .cbcrandomivoff
|
||||
%patch39 -p1 -b .nobypass
|
||||
%patch40 -p1 -b .noocsptest
|
||||
%patch43 -p0 -b .nosoftokentests
|
||||
%patch39 -p0 -b .nobypass
|
||||
%patch40 -p0 -b .noocsptest
|
||||
%patch44 -p1 -b .syncupwithupstream
|
||||
%patch45 -p0 -b .notrash
|
||||
%patch46 -p0 -b .skipoutbound
|
||||
%patch47 -p0 -b .templates
|
||||
%patch48 -p0 -b .crypto
|
||||
%patch49 -p0 -b .skipthem
|
||||
%patch50 -p0 -b .iquote
|
||||
|
||||
#########################################################
|
||||
# Higher-level libraries and test tools need access to
|
||||
# module-private headers from util, freebl, and softoken
|
||||
# until fixed upstream we must copy some headers locally
|
||||
#########################################################
|
||||
|
||||
pemNeedsFromSoftoken="lowkeyi lowkeyti softoken softoknt"
|
||||
for file in ${pemNeedsFromSoftoken}; do
|
||||
%{__cp} ./nss/lib/softoken/${file}.h ./nss/lib/ckfw/pem/
|
||||
done
|
||||
|
||||
# Copying these header util the upstream bug is accepted
|
||||
# Upstream https://bugzilla.mozilla.org/show_bug.cgi?id=820207
|
||||
%{__cp} ./nss/lib/softoken/lowkeyi.h ./nss/cmd/rsaperf
|
||||
%{__cp} ./nss/lib/softoken/lowkeyti.h ./nss/cmd/rsaperf
|
||||
|
||||
|
||||
%build
|
||||
|
||||
|
@ -207,9 +238,25 @@ NSPR_LIB_DIR=%{_libdir}
|
|||
export NSPR_INCLUDE_DIR
|
||||
export NSPR_LIB_DIR
|
||||
|
||||
export NSSUTIL_INCLUDE_DIR=`/usr/bin/pkg-config --cflags-only-I nss-util | sed 's/-I//'`
|
||||
export NSSUTIL_LIB_DIR=%{_libdir}
|
||||
|
||||
export FREEBL_INCLUDE_DIR=`/usr/bin/pkg-config --cflags-only-I nss-softokn | sed 's/-I//'`
|
||||
export FREEBL_LIB_DIR=%{_libdir}
|
||||
export USE_SYSTEM_FREEBL=1
|
||||
# FIXME choose one or the other style and submit a patch upstream
|
||||
# wtc has suggested using NSS_USE_SYSTEM_FREEBL
|
||||
export NSS_USE_SYSTEM_FREEBL=1
|
||||
|
||||
export FREEBL_LIBS=`/usr/bin/pkg-config --libs nss-softokn`
|
||||
|
||||
export SOFTOKEN_LIB_DIR=%{_libdir}
|
||||
# use the system ones
|
||||
export USE_SYSTEM_NSSUTIL=1
|
||||
export USE_SYSTEM_SOFTOKEN=1
|
||||
|
||||
# tell the upstream build system what we are doing
|
||||
export NSS_BUILD_WITHOUT_SOFTOKEN=1
|
||||
|
||||
NSS_USE_SYSTEM_SQLITE=1
|
||||
export NSS_USE_SYSTEM_SQLITE
|
||||
|
@ -219,25 +266,19 @@ USE_64=1
|
|||
export USE_64
|
||||
%endif
|
||||
|
||||
##### phase 1: build freebl/softokn shared libraries
|
||||
# there no ecc in freebl
|
||||
unset NSS_ENABLE_ECC
|
||||
# Compile softoken plus needed support
|
||||
%{__make} -C ./mozilla/security/coreconf
|
||||
%{__make} -C ./mozilla/security/dbm
|
||||
# uncomment if the iquote patch is activated
|
||||
export IN_TREE_FREEBL_HEADERS_FIRST=1
|
||||
|
||||
%{__make} -C ./mozilla/security/nss/lib/util export
|
||||
%{__make} -C ./mozilla/security/nss/lib/freebl export
|
||||
%{__make} -C ./mozilla/security/nss/lib/softoken export
|
||||
|
||||
%{__make} -C ./mozilla/security/nss/lib/util
|
||||
%{__make} -C ./mozilla/security/nss/lib/freebl
|
||||
%{__make} -C ./mozilla/security/nss/lib/softoken
|
||||
|
||||
# stash away the bltest and fipstest to build them last
|
||||
tar cf build_these_later.tar ./mozilla/security/nss/cmd/bltest ./mozilla/security/nss/cmd/fipstest
|
||||
rm -rf ./mozilla/security/nss/cmd/bltest
|
||||
rm -rf ./mozilla/security/nss/cmd/fipstest
|
||||
##### phase 1: remove util/freebl/softoken and low level tools
|
||||
#
|
||||
######## Remove freebl, softoken and util
|
||||
%{__rm} -rf ./mozilla/security/nss/lib/freebl
|
||||
%{__rm} -rf ./mozilla/security/nss/lib/softoken
|
||||
%{__rm} -rf ./mozilla/security/nss/lib/util
|
||||
######## Remove nss-softokn test tools
|
||||
%{__rm} -rf ./mozilla/security/nss/cmd/bltest
|
||||
%{__rm} -rf ./mozilla/security/nss/cmd/fipstest
|
||||
%{__rm} -rf ./mozilla/security/nss/cmd/rsaperf_low
|
||||
|
||||
##### phase 2: build the rest of nss
|
||||
# nss supports pluggable ecc
|
||||
|
@ -246,26 +287,27 @@ export NSS_ENABLE_ECC
|
|||
NSS_ECC_MORE_THAN_SUITE_B=1
|
||||
export NSS_ECC_MORE_THAN_SUITE_B
|
||||
|
||||
# We only ship the nss proper libraries, no softoken nor util, yet
|
||||
# we must compile with the entire source tree because nss needs
|
||||
# private exports from util. The install section will ensure not
|
||||
# to override nss-util and nss-softoken headers already installed.
|
||||
#
|
||||
%{__make} -C ./mozilla/security/coreconf
|
||||
%{__make} -C ./mozilla/security/dbm
|
||||
%{__make} -C ./mozilla/security/nss
|
||||
export NSS_BLTEST_NOT_AVAILABLE=1
|
||||
%{__make} -C ./nss/coreconf
|
||||
%{__make} -C ./nss/lib/dbm
|
||||
%{__make} -C ./nss
|
||||
unset NSS_BLTEST_NOT_AVAILABLE
|
||||
|
||||
##### phase 3: build bltest and fipstest
|
||||
tar xf build_these_later.tar
|
||||
unset NSS_ENABLE_ECC; %{__make} -C ./mozilla/security/nss/cmd/bltest
|
||||
unset NSS_ENABLE_ECC; %{__make} -C ./mozilla/security/nss/cmd/fipstest
|
||||
%{__rm} -f build_these_later.tar
|
||||
# build the man pages clean
|
||||
pushd ./nss
|
||||
%{__make} clean_docs build_docs
|
||||
popd
|
||||
|
||||
# and copy them here
|
||||
for m in "%{allTools}"; do
|
||||
cp ./nss/doc/nroff/${m}.1 .
|
||||
done
|
||||
|
||||
# Set up our package file
|
||||
# The nspr_version and nss_{util|softokn}_version globals used
|
||||
# here match the ones nss has for its Requires.
|
||||
# Using the current %%{nss_softokn_version} for fedora again
|
||||
%{__mkdir_p} ./mozilla/dist/pkgconfig
|
||||
%{__mkdir_p} ./dist/pkgconfig
|
||||
%{__cat} %{SOURCE1} | sed -e "s,%%libdir%%,%{_libdir},g" \
|
||||
-e "s,%%prefix%%,%{_prefix},g" \
|
||||
-e "s,%%exec_prefix%%,%{_prefix},g" \
|
||||
|
@ -274,14 +316,14 @@ unset NSS_ENABLE_ECC; %{__make} -C ./mozilla/security/nss/cmd/fipstest
|
|||
-e "s,%%NSPR_VERSION%%,%{nspr_version},g" \
|
||||
-e "s,%%NSSUTIL_VERSION%%,%{nss_util_version},g" \
|
||||
-e "s,%%SOFTOKEN_VERSION%%,%{nss_softokn_version},g" > \
|
||||
./mozilla/dist/pkgconfig/nss.pc
|
||||
./dist/pkgconfig/nss.pc
|
||||
|
||||
NSS_VMAJOR=`cat mozilla/security/nss/lib/nss/nss.h | grep "#define.*NSS_VMAJOR" | awk '{print $3}'`
|
||||
NSS_VMINOR=`cat mozilla/security/nss/lib/nss/nss.h | grep "#define.*NSS_VMINOR" | awk '{print $3}'`
|
||||
NSS_VPATCH=`cat mozilla/security/nss/lib/nss/nss.h | grep "#define.*NSS_VPATCH" | awk '{print $3}'`
|
||||
NSS_VMAJOR=`cat nss/lib/nss/nss.h | grep "#define.*NSS_VMAJOR" | awk '{print $3}'`
|
||||
NSS_VMINOR=`cat nss/lib/nss/nss.h | grep "#define.*NSS_VMINOR" | awk '{print $3}'`
|
||||
NSS_VPATCH=`cat nss/lib/nss/nss.h | grep "#define.*NSS_VPATCH" | awk '{print $3}'`
|
||||
|
||||
export NSS_VMAJOR
|
||||
export NSS_VMINOR
|
||||
export NSS_VMAJOR
|
||||
export NSS_VMINOR
|
||||
export NSS_VPATCH
|
||||
|
||||
%{__cat} %{SOURCE2} | sed -e "s,@libdir@,%{_libdir},g" \
|
||||
|
@ -291,16 +333,30 @@ export NSS_VPATCH
|
|||
-e "s,@MOD_MAJOR_VERSION@,$NSS_VMAJOR,g" \
|
||||
-e "s,@MOD_MINOR_VERSION@,$NSS_VMINOR,g" \
|
||||
-e "s,@MOD_PATCH_VERSION@,$NSS_VPATCH,g" \
|
||||
> ./mozilla/dist/pkgconfig/nss-config
|
||||
> ./dist/pkgconfig/nss-config
|
||||
|
||||
chmod 755 ./mozilla/dist/pkgconfig/nss-config
|
||||
chmod 755 ./dist/pkgconfig/nss-config
|
||||
|
||||
%{__cat} %{SOURCE9} > ./mozilla/dist/pkgconfig/setup-nsssysinit.sh
|
||||
chmod 755 ./mozilla/dist/pkgconfig/setup-nsssysinit.sh
|
||||
%{__cat} %{SOURCE9} > ./dist/pkgconfig/setup-nsssysinit.sh
|
||||
chmod 755 ./dist/pkgconfig/setup-nsssysinit.sh
|
||||
|
||||
%{__cp} ./mozilla/security/nss/lib/ckfw/nssck.api ./mozilla/dist/private/nss/
|
||||
%{__cp} ./nss/lib/ckfw/nssck.api ./dist/private/nss/
|
||||
|
||||
date +"%e %B %Y" | tr -d '\n' > date.xml
|
||||
echo -n %{version} > version.xml
|
||||
|
||||
for m in %{SOURCE20} %{SOURCE21}; do
|
||||
cp ${m} .
|
||||
done
|
||||
for m in nss-config.xml setup-nsssysinit.xml; do
|
||||
xmlto man ${m}
|
||||
done
|
||||
|
||||
%check
|
||||
if [ $DISABLETEST -eq 1 ]; then
|
||||
echo "testing disabled"
|
||||
exit 0
|
||||
fi
|
||||
|
||||
# Begin -- copied from the build section
|
||||
FREEBL_NO_DEPEND=1
|
||||
|
@ -313,10 +369,16 @@ export BUILD_OPT
|
|||
USE_64=1
|
||||
export USE_64
|
||||
%endif
|
||||
|
||||
export NSS_BLTEST_NOT_AVAILABLE=1
|
||||
|
||||
# needed for the fips manging test
|
||||
export SOFTOKEN_LIB_DIR=%{_libdir}
|
||||
|
||||
# End -- copied from the build section
|
||||
|
||||
# enable the following line to force a test failure
|
||||
# find ./mozilla -name \*.chk | xargs rm -f
|
||||
# find ./nss -name \*.chk | xargs rm -f
|
||||
|
||||
# Run test suite.
|
||||
# In order to support multiple concurrent executions of the test suite
|
||||
|
@ -329,34 +391,34 @@ export USE_64
|
|||
# Using xargs doesn't mix well with spaces in filenames, in order to
|
||||
# avoid weird quoting we'll require that no spaces are being used.
|
||||
|
||||
SPACEISBAD=`find ./mozilla/security/nss/tests | grep -c ' '` ||:
|
||||
SPACEISBAD=`find ./nss/tests | grep -c ' '` ||:
|
||||
if [ $SPACEISBAD -ne 0 ]; then
|
||||
echo "error: filenames containing space are not supported (xargs)"
|
||||
exit 1
|
||||
fi
|
||||
MYRAND=`perl -e 'print 9000 + int rand 1000'`; echo $MYRAND ||:
|
||||
RANDSERV=selfserv_${MYRAND}; echo $RANDSERV ||:
|
||||
DISTBINDIR=`ls -d ./mozilla/dist/*.OBJ/bin`; echo $DISTBINDIR ||:
|
||||
DISTBINDIR=`ls -d ./dist/*.OBJ/bin`; echo $DISTBINDIR ||:
|
||||
pushd `pwd`
|
||||
cd $DISTBINDIR
|
||||
ln -s selfserv $RANDSERV
|
||||
popd
|
||||
# man perlrun, man perlrequick
|
||||
# replace word-occurrences of selfserv with selfserv_$MYRAND
|
||||
find ./mozilla/security/nss/tests -type f |\
|
||||
find ./nss/tests -type f |\
|
||||
grep -v "\.db$" |grep -v "\.crl$" | grep -v "\.crt$" |\
|
||||
grep -vw CVS |xargs grep -lw selfserv |\
|
||||
xargs -l perl -pi -e "s/\bselfserv\b/$RANDSERV/g" ||:
|
||||
|
||||
killall $RANDSERV || :
|
||||
|
||||
rm -rf ./mozilla/tests_results
|
||||
cd ./mozilla/security/nss/tests/
|
||||
rm -rf ./tests_results
|
||||
cd ./nss/tests/
|
||||
# all.sh is the test suite script
|
||||
|
||||
# don't need to run all the tests when testing packaging
|
||||
# nss_cycles: standard pkix upgradedb sharedb
|
||||
nss_tests="cipher libpkix cert dbtests tools fips sdr crmf smime ssl merge pkits chains"
|
||||
nss_tests="cipher libpkix cert dbtests tools fips sdr crmf smime ssl ocsp merge pkits chains"
|
||||
# nss_ssl_tests: crl bypass_normal normal_bypass normal_fips fips_normal iopr
|
||||
# nss_ssl_run: cov auth stress
|
||||
#
|
||||
|
@ -367,11 +429,11 @@ nss_tests="cipher libpkix cert dbtests tools fips sdr crmf smime ssl merge pkits
|
|||
|
||||
HOST=localhost DOMSUF=localdomain PORT=$MYRAND NSS_CYCLES=%{?nss_cycles} NSS_TESTS=%{?nss_tests} NSS_SSL_TESTS=%{?nss_ssl_tests} NSS_SSL_RUN=%{?nss_ssl_run} ./all.sh
|
||||
|
||||
cd ../../../../
|
||||
cd ../../
|
||||
|
||||
killall $RANDSERV || :
|
||||
|
||||
TEST_FAILURES=`grep -c FAILED ./mozilla/tests_results/security/localhost.1/output.log` || :
|
||||
TEST_FAILURES=`grep -c FAILED ./tests_results/security/localhost.1/output.log` || :
|
||||
# test suite is failing on arm and has for awhile let's run the test suite but make it non fatal on arm
|
||||
%ifnarch %{arm}
|
||||
if [ $TEST_FAILURES -ne 0 ]; then
|
||||
|
@ -394,10 +456,15 @@ echo "test suite completed"
|
|||
%{__mkdir_p} $RPM_BUILD_ROOT/%{unsupported_tools_directory}
|
||||
%{__mkdir_p} $RPM_BUILD_ROOT/%{_libdir}/pkgconfig
|
||||
|
||||
mkdir -p $RPM_BUILD_ROOT%{_mandir}/man1
|
||||
|
||||
touch $RPM_BUILD_ROOT%{_libdir}/libnssckbi.so
|
||||
%{__install} -p -m 755 dist/*.OBJ/lib/libnssckbi.so $RPM_BUILD_ROOT/%{_libdir}/nss/libnssckbi.so
|
||||
|
||||
# Copy the binary libraries we want
|
||||
for file in libnss3.so libnssckbi.so libnsspem.so libnsssysinit.so libsmime3.so libssl3.so
|
||||
for file in libnss3.so libnsspem.so libnsssysinit.so libsmime3.so libssl3.so
|
||||
do
|
||||
%{__install} -p -m 755 mozilla/dist/*.OBJ/lib/$file $RPM_BUILD_ROOT/%{_libdir}
|
||||
%{__install} -p -m 755 dist/*.OBJ/lib/$file $RPM_BUILD_ROOT/%{_libdir}
|
||||
done
|
||||
|
||||
# Install the empty NSS db files
|
||||
|
@ -414,81 +481,46 @@ done
|
|||
# Copy the development libraries we want
|
||||
for file in libcrmf.a libnssb.a libnssckfw.a
|
||||
do
|
||||
%{__install} -p -m 644 mozilla/dist/*.OBJ/lib/$file $RPM_BUILD_ROOT/%{_libdir}
|
||||
%{__install} -p -m 644 dist/*.OBJ/lib/$file $RPM_BUILD_ROOT/%{_libdir}
|
||||
done
|
||||
|
||||
# Copy the binaries we want
|
||||
for file in certutil cmsutil crlutil modutil pk12util signtool signver ssltap
|
||||
do
|
||||
%{__install} -p -m 755 mozilla/dist/*.OBJ/bin/$file $RPM_BUILD_ROOT/%{_bindir}
|
||||
%{__install} -p -m 755 dist/*.OBJ/bin/$file $RPM_BUILD_ROOT/%{_bindir}
|
||||
done
|
||||
|
||||
# Copy the binaries we ship as unsupported
|
||||
for file in atob btoa derdump ocspclnt pp selfserv strsclnt symkeyutil tstclnt vfyserv vfychain
|
||||
do
|
||||
%{__install} -p -m 755 mozilla/dist/*.OBJ/bin/$file $RPM_BUILD_ROOT/%{unsupported_tools_directory}
|
||||
%{__install} -p -m 755 dist/*.OBJ/bin/$file $RPM_BUILD_ROOT/%{unsupported_tools_directory}
|
||||
done
|
||||
|
||||
# Copy the include files we want
|
||||
for file in mozilla/dist/public/nss/*.h
|
||||
for file in dist/public/nss/*.h
|
||||
do
|
||||
%{__install} -p -m 644 $file $RPM_BUILD_ROOT/%{_includedir}/nss3
|
||||
done
|
||||
|
||||
# Copy the template files we want
|
||||
for file in mozilla/dist/private/nss/nssck.api
|
||||
for file in dist/private/nss/nssck.api
|
||||
do
|
||||
%{__install} -p -m 644 $file $RPM_BUILD_ROOT/%{_includedir}/nss3/templates
|
||||
done
|
||||
|
||||
# Copy the package configuration files
|
||||
%{__install} -p -m 644 ./mozilla/dist/pkgconfig/nss.pc $RPM_BUILD_ROOT/%{_libdir}/pkgconfig/nss.pc
|
||||
%{__install} -p -m 755 ./mozilla/dist/pkgconfig/nss-config $RPM_BUILD_ROOT/%{_bindir}/nss-config
|
||||
%{__install} -p -m 644 ./dist/pkgconfig/nss.pc $RPM_BUILD_ROOT/%{_libdir}/pkgconfig/nss.pc
|
||||
%{__install} -p -m 755 ./dist/pkgconfig/nss-config $RPM_BUILD_ROOT/%{_bindir}/nss-config
|
||||
# Copy the pkcs #11 configuration script
|
||||
%{__install} -p -m 755 ./mozilla/dist/pkgconfig/setup-nsssysinit.sh $RPM_BUILD_ROOT/%{_bindir}/setup-nsssysinit.sh
|
||||
|
||||
#remove the nss-util-devel headers
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/base64.h
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/ciferfam.h
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/nssb64.h
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/nssb64t.h
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/nsslocks.h
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/nssilock.h
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/nssilckt.h
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/nssrwlk.h
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/nssrwlkt.h
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/nssutil.h
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/pkcs11.h
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/pkcs11f.h
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/pkcs11n.h
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/pkcs11p.h
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/pkcs11t.h
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/pkcs11u.h
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/portreg.h
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/secasn1.h
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/secasn1t.h
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/seccomon.h
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/secder.h
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/secdert.h
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/secdig.h
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/secdigt.h
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/secerr.h
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/secitem.h
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/secoid.h
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/secoidt.h
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/secport.h
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/utilrename.h
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/utilmodt.h
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/utilpars.h
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/utilparst.h
|
||||
|
||||
#remove headers shipped nss-softokn-devel and nss-softokn-freebl-devel
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/alghmac.h
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/blapit.h
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/ecl-exp.h
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/hasht.h
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/shsign.h
|
||||
rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/nsslowhash.h
|
||||
%{__install} -p -m 755 ./dist/pkgconfig/setup-nsssysinit.sh $RPM_BUILD_ROOT/%{_bindir}/setup-nsssysinit.sh
|
||||
# Copy the man pages for scripts
|
||||
for f in nss-config setup-nsssysinit; do
|
||||
install -c -m 644 ${f}.1 $RPM_BUILD_ROOT%{_mandir}/man1/${f}.1
|
||||
done
|
||||
# Copy the man pages the nss tools
|
||||
for f in "%{allTools}"; do
|
||||
install -c -m 644 ${f}.1 $RPM_BUILD_ROOT%{_mandir}/man1/${f}.1
|
||||
done
|
||||
|
||||
%clean
|
||||
%{__rm} -rf $RPM_BUILD_ROOT
|
||||
|
@ -522,6 +554,7 @@ rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/nsslowhash.h
|
|||
%config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/pki/nssdb/key4.db
|
||||
%config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/pki/nssdb/pkcs11.txt
|
||||
%{_bindir}/setup-nsssysinit.sh
|
||||
%attr(0644,root,root) %doc /usr/share/man/man1/setup-nsssysinit.1.gz
|
||||
|
||||
%files tools
|
||||
%defattr(-,root,root)
|
||||
|
@ -544,12 +577,28 @@ rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/nsslowhash.h
|
|||
%{unsupported_tools_directory}/tstclnt
|
||||
%{unsupported_tools_directory}/vfyserv
|
||||
%{unsupported_tools_directory}/vfychain
|
||||
# instead of %{_mandir}/man*/* let's list them explicitely
|
||||
# supported tools
|
||||
%attr(0644,root,root) %doc /usr/share/man/man1/certutil.1.gz
|
||||
%attr(0644,root,root) %doc /usr/share/man/man1/cmsutil.1.gz
|
||||
%attr(0644,root,root) %doc /usr/share/man/man1/crlutil.1.gz
|
||||
%attr(0644,root,root) %doc /usr/share/man/man1/modutil.1.gz
|
||||
%attr(0644,root,root) %doc /usr/share/man/man1/pk12util.1.gz
|
||||
%attr(0644,root,root) %doc /usr/share/man/man1/signtool.1.gz
|
||||
%attr(0644,root,root) %doc /usr/share/man/man1/signver.1.gz
|
||||
# unsupported tools
|
||||
%attr(0644,root,root) %doc /usr/share/man/man1/derdump.1.gz
|
||||
%attr(0644,root,root) %doc /usr/share/man/man1/pp.1.gz
|
||||
%attr(0644,root,root) %doc /usr/share/man/man1/ssltap.1.gz
|
||||
%attr(0644,root,root) %doc /usr/share/man/man1/vfychain.1.gz
|
||||
%attr(0644,root,root) %doc /usr/share/man/man1/vfyserv.1.gz
|
||||
|
||||
%files devel
|
||||
%defattr(-,root,root)
|
||||
%{_libdir}/libcrmf.a
|
||||
%{_libdir}/pkgconfig/nss.pc
|
||||
%{_bindir}/nss-config
|
||||
%attr(0644,root,root) %doc /usr/share/man/man1/nss-config.1.gz
|
||||
|
||||
%dir %{_includedir}/nss3
|
||||
%{_includedir}/nss3/cert.h
|
||||
|
@ -619,6 +668,14 @@ rm -f $RPM_BUILD_ROOT/%{_includedir}/nss3/nsslowhash.h
|
|||
|
||||
|
||||
%changelog
|
||||
* Sun Jul 21 2013 Elio Maldonado <emaldona@redhat.com> - 3.15.1-1
|
||||
- Update to NSS_3_15_1_RTM
|
||||
- Enable iquote.patch to access newly introduced types
|
||||
- Install man pages for nss-config and setup-nsssysinit
|
||||
- Resolves: rhbz#606020 - nss security tools lack man pages
|
||||
- Resolves: rhbz#689918 -build nss without softoken or util sources in the tree
|
||||
- Fix NSS_VMAJOR, NSS_VMINOR, and NSS_VPATCH generation for nss-config
|
||||
|
||||
* Mon Apr 22 2013 Kai Engert <kaie@redhat.com> - 3.14.3-2
|
||||
- Add upstream patch to fix rhbz#872761
|
||||
- Update expired test certificates (fixed in upstream bug 852781)
|
||||
|
|
|
@ -1,19 +1,6 @@
|
|||
diff -up ./mozilla/security/coreconf/Linux.mk.sytemfreebl ./mozilla/security/coreconf/Linux.mk
|
||||
--- ./mozilla/security/coreconf/Linux.mk.sytemfreebl 2011-12-03 22:07:23.924156119 -0800
|
||||
+++ ./mozilla/security/coreconf/Linux.mk 2011-12-03 22:08:28.322328345 -0800
|
||||
@@ -182,6 +182,9 @@ endif
|
||||
USE_SYSTEM_ZLIB = 1
|
||||
ZLIB_LIBS = -lz
|
||||
|
||||
+USE_SYSTEM_FREEBL = 1
|
||||
+FREEBL_LIBS = -lfreebl3
|
||||
+
|
||||
# The -rpath '$$ORIGIN' linker option instructs this library to search for its
|
||||
# dependencies in the same directory where it resides.
|
||||
ifeq ($(BUILD_SUN_PKG), 1)
|
||||
diff -up ./mozilla/security/nss/lib/ckfw/pem/config.mk.extras ./mozilla/security/nss/lib/ckfw/pem/config.mk
|
||||
--- ./mozilla/security/nss/lib/ckfw/pem/config.mk.extras 2010-11-25 10:01:17.000000000 -0800
|
||||
+++ ./mozilla/security/nss/lib/ckfw/pem/config.mk 2011-06-21 18:20:04.484985568 -0700
|
||||
diff -up nss/lib/ckfw/pem/config.mk.systemfreebl nss/lib/ckfw/pem/config.mk
|
||||
--- nss/lib/ckfw/pem/config.mk.systemfreebl 2012-08-11 09:06:59.000000000 -0700
|
||||
+++ nss/lib/ckfw/pem/config.mk 2013-04-04 16:02:33.805744145 -0700
|
||||
@@ -41,6 +41,11 @@ CONFIG_CVS_ID = "@(#) $RCSfile: config.m
|
||||
# are specifed as dependencies within rules.mk.
|
||||
#
|
||||
|
@ -49,9 +36,9 @@ diff -up ./mozilla/security/nss/lib/ckfw/pem/config.mk.extras ./mozilla/security
|
|||
+EXTRA_LIBS += $(FREEBL_LIBS)
|
||||
+endif
|
||||
+
|
||||
diff -up ./mozilla/security/nss/lib/ckfw/pem/Makefile.extras ./mozilla/security/nss/lib/ckfw/pem/Makefile
|
||||
--- ./mozilla/security/nss/lib/ckfw/pem/Makefile.extras 2010-11-25 10:01:17.000000000 -0800
|
||||
+++ ./mozilla/security/nss/lib/ckfw/pem/Makefile 2011-06-21 18:25:25.959136920 -0700
|
||||
diff -up nss/lib/ckfw/pem/Makefile.systemfreebl nss/lib/ckfw/pem/Makefile
|
||||
--- nss/lib/ckfw/pem/Makefile.systemfreebl 2012-08-11 09:06:59.000000000 -0700
|
||||
+++ nss/lib/ckfw/pem/Makefile 2013-04-04 16:02:33.806744154 -0700
|
||||
@@ -43,8 +43,7 @@ include config.mk
|
||||
EXTRA_LIBS = \
|
||||
$(DIST)/lib/$(LIB_PREFIX)nssckfw.$(LIB_SUFFIX) \
|
||||
|
@ -82,9 +69,9 @@ diff -up ./mozilla/security/nss/lib/ckfw/pem/Makefile.extras ./mozilla/security/
|
|||
$(NULL)
|
||||
endif
|
||||
|
||||
diff -up ./mozilla/security/nss/lib/ckfw/pem/manifest.mn.extras ./mozilla/security/nss/lib/ckfw/pem/manifest.mn
|
||||
--- ./mozilla/security/nss/lib/ckfw/pem/manifest.mn.extras 2010-11-25 10:01:17.000000000 -0800
|
||||
+++ ./mozilla/security/nss/lib/ckfw/pem/manifest.mn 2011-06-21 18:20:04.485985661 -0700
|
||||
diff -up nss/lib/ckfw/pem/manifest.mn.systemfreebl nss/lib/ckfw/pem/manifest.mn
|
||||
--- nss/lib/ckfw/pem/manifest.mn.systemfreebl 2012-08-11 09:06:59.000000000 -0700
|
||||
+++ nss/lib/ckfw/pem/manifest.mn 2013-04-04 16:02:33.807744163 -0700
|
||||
@@ -65,4 +65,4 @@ REQUIRES = nspr
|
||||
|
||||
LIBRARY_NAME = nsspem
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
diff -up mozilla/security/nss/lib/ssl/sslsock.c.transitional mozilla/security/nss/lib/ssl/sslsock.c
|
||||
--- mozilla/security/nss/lib/ssl/sslsock.c.transitional 2011-10-06 10:37:47.156659000 -0700
|
||||
+++ mozilla/security/nss/lib/ssl/sslsock.c 2011-10-06 10:38:32.276704000 -0700
|
||||
@@ -182,7 +182,7 @@ static sslOptions ssl_defaults = {
|
||||
diff -up nss/lib/ssl/sslsock.c.transitional nss/lib/ssl/sslsock.c
|
||||
--- nss/lib/ssl/sslsock.c.transitional 2013-05-30 22:10:54.882675807 -0700
|
||||
+++ nss/lib/ssl/sslsock.c 2013-05-30 22:12:11.909260024 -0700
|
||||
@@ -149,7 +149,7 @@ static sslOptions ssl_defaults = {
|
||||
PR_FALSE, /* noLocks */
|
||||
PR_FALSE, /* enableSessionTickets */
|
||||
PR_FALSE, /* enableDeflate */
|
||||
|
@ -9,4 +9,4 @@ diff -up mozilla/security/nss/lib/ssl/sslsock.c.transitional mozilla/security/ns
|
|||
+ 3, /* enableRenegotiation (default: transitional) */
|
||||
PR_FALSE, /* requireSafeNegotiation */
|
||||
PR_FALSE, /* enableFalseStart */
|
||||
PR_TRUE /* cbcRandomIV */
|
||||
PR_TRUE, /* cbcRandomIV */
|
||||
|
|
|
@ -0,0 +1,110 @@
|
|||
<?xml version='1.0' encoding='utf-8'?>
|
||||
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
|
||||
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
|
||||
<!ENTITY date SYSTEM "date.xml">
|
||||
<!ENTITY version SYSTEM "version.xml">
|
||||
]>
|
||||
|
||||
<refentry id="setup-nsssysinit">
|
||||
|
||||
<refentryinfo>
|
||||
<date>&date;</date>
|
||||
<title>Network Security Services</title>
|
||||
<productname>nss</productname>
|
||||
<productnumber>&version;</productnumber>
|
||||
</refentryinfo>
|
||||
|
||||
<refmeta>
|
||||
<refentrytitle>setup-nsssysinit</refentrytitle>
|
||||
<manvolnum>1</manvolnum>
|
||||
</refmeta>
|
||||
|
||||
<refnamediv>
|
||||
<refname>setup-nsssysinit</refname>
|
||||
<refpurpose>Query or enable the nss-sysinit module</refpurpose>
|
||||
</refnamediv>
|
||||
|
||||
<refsynopsisdiv>
|
||||
<cmdsynopsis>
|
||||
<command>setup-nsssysinit</command>
|
||||
<arg><option>--prefix</option></arg>
|
||||
<arg><option>--exec-prefix</option></arg>
|
||||
<arg><option>--includedir</option></arg>
|
||||
<arg><option>--libs</option></arg>
|
||||
<arg><option>--cflags</option></arg>
|
||||
<arg><option>--libdir</option></arg>
|
||||
<arg><option>--version</option></arg>
|
||||
</cmdsynopsis>
|
||||
</refsynopsisdiv>
|
||||
|
||||
<refsection id="description">
|
||||
<title>Description</title>
|
||||
<para><command>setup-nsssysinit</command> is a shell script to query the status of the nss-sysinit module and when run with root priviledge it can enable or disable it. </para>
|
||||
<para>Turns on or off the nss-sysinit module db by editing the global PKCS #11 configuration file. Displays the status. This script can be invoked by the user as super user. It is invoked at nss-sysinit post install time with argument on.
|
||||
</para>
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>Options</title>
|
||||
|
||||
<variablelist>
|
||||
<varlistentry>
|
||||
<term><option>--on</option></term>
|
||||
<listitem><simpara>Turn on nss-sysinit.</simpara></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>--off</option></term>
|
||||
<listitem><simpara>Turn on nss-sysinit.</simpara></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>--status</option> <replaceable>count</replaceable></term>
|
||||
<listitem><simpara>returns whether nss-syinit is enabled or not.</simpara></listitem>
|
||||
</varlistentry>
|
||||
|
||||
</variablelist>
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>Examples</title>
|
||||
|
||||
<para>The following example will query for the status of nss-sysinit:
|
||||
<programlisting>
|
||||
/usr/bin/setup-nsssysinit --status
|
||||
</programlisting>
|
||||
</para>
|
||||
|
||||
<para>The following example, when run as superuser, will turn on nss-sysinit:
|
||||
<programlisting>
|
||||
/usr/bin/setup-nsssysinit --on
|
||||
</programlisting>
|
||||
</para>
|
||||
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>Files</title>
|
||||
<para><filename>/usr/sbin/setup-nsssysinit</filename></para>
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>See also</title>
|
||||
<para>pkg-config(1)</para>
|
||||
</refsection>
|
||||
|
||||
<refsection id="authors">
|
||||
<title>Authors</title>
|
||||
<para>The nss liraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.</para>
|
||||
<para>Authors: Elio Maldonado <emaldona@redhat.com>.</para>
|
||||
</refsection>
|
||||
|
||||
<!-- don't change -->
|
||||
<refsection id="license">
|
||||
<title>LICENSE</title>
|
||||
<para>Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||
</para>
|
||||
</refsection>
|
||||
|
||||
</refentry>
|
||||
|
5
sources
5
sources
|
@ -7,6 +7,5 @@ a5ae49867124ac75f029a9a33af31bad blank-cert8.db
|
|||
f998b70c1be25e8bb9f5fdb5d50eb6f2 TestCA.ca.cert
|
||||
1b7b6808cd77d5df29bf5bb9e5fac967 TestUser50.cert
|
||||
ab0b56dd505a995425c03e5266f7c8d6 TestUser51.cert
|
||||
2a06bf7b815d1a666cc3587b895506ce nss-pem-20120811.tar.bz2
|
||||
0be54f196b5da7e9008eb13a71bc2cb0 dummy-sources-for-testing
|
||||
43be35fcc852361748b59ba8ecd2e239 nss-3.14.3-stripped.tar.bz2
|
||||
ee649aa333d24c8e364140cc24860ff6 nss-3.15.1-stripped.tar.bz2
|
||||
8b9cf94e7ed23586ab3f618366b6acb6 nss-pem-20130405.tar.bz2
|
||||
|
|
|
@ -0,0 +1,14 @@
|
|||
diff -up nss/lib/nss/config.mk.templates nss/lib/nss/config.mk
|
||||
--- nss/lib/nss/config.mk.templates 2013-06-18 11:32:07.590089155 -0700
|
||||
+++ nss/lib/nss/config.mk 2013-06-18 11:33:28.732763345 -0700
|
||||
@@ -3,6 +3,10 @@
|
||||
# License, v. 2.0. If a copy of the MPL was not distributed with this
|
||||
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||
|
||||
+#ifeq ($(NSS_BUILD_WITHOUT_SOFTOKEN),1)
|
||||
+INCLUDES += -I/usr/include/nss3/templates
|
||||
+#endif
|
||||
+
|
||||
# can't do this in manifest.mn because OS_TARGET isn't defined there.
|
||||
ifeq (,$(filter-out WIN%,$(OS_TARGET)))
|
||||
|
Loading…
Reference in New Issue