- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75
This commit is contained in:
parent
903b1142c1
commit
f66dc12e00
|
@ -1,2 +1,2 @@
|
|||
nss-pem-20080124.tar.bz2
|
||||
nss-3.12.3-stripped.tar.bz2
|
||||
nss-3.12.3.99.3-stripped.tar.bz2
|
||||
|
|
|
@ -1,11 +0,0 @@
|
|||
--- nss-3.12.2.99.3/mozilla/security/nss/lib/freebl/Makefile-save 2009-04-02 08:46:32.083530732 -0700
|
||||
+++ nss-3.12.2.99.3/mozilla/security/nss/lib/freebl/Makefile 2009-04-02 08:46:51.740542226 -0700
|
||||
@@ -133,7 +133,7 @@
|
||||
ifeq ($(OS_TARGET),Linux)
|
||||
ifeq ($(CPU_ARCH),x86_64)
|
||||
ASFILES = arcfour-amd64-gas.s mpi_amd64_gas.s
|
||||
- ASFLAGS += -march=opteron -m64 -fPIC
|
||||
+ ASFLAGS += -march=opteron -m64 -fPIC -Wa,--noexecstack
|
||||
DEFINES += -DNSS_BEVAND_ARCFOUR -DMPI_AMD64 -DMP_ASSEMBLY_MULTIPLY
|
||||
DEFINES += -DNSS_USE_COMBA
|
||||
DEFINES += -DMP_CHAR_STORE_SLOW -DMP_IS_LITTLE_ENDIAN
|
|
@ -1,42 +0,0 @@
|
|||
diff -up ./mozilla/security/nss/lib/freebl/nsslowhash.c.kernelfipsmode ./mozilla/security/nss/lib/freebl/nsslowhash.c
|
||||
--- ./mozilla/security/nss/lib/freebl/nsslowhash.c.kernelfipsmode 2008-11-27 16:20:44.000000000 +0100
|
||||
+++ ./mozilla/security/nss/lib/freebl/nsslowhash.c 2009-04-14 22:58:19.000000000 +0200
|
||||
@@ -267,6 +267,27 @@ struct NSSLOWHASHContextStr {
|
||||
|
||||
};
|
||||
|
||||
+static int nsslow_GetFIPSEnabled(void) {
|
||||
+#ifdef LINUX
|
||||
+ FILE *f;
|
||||
+ char d;
|
||||
+ size_t size;
|
||||
+
|
||||
+ f = fopen("/proc/sys/crypto/fips_enabled", "r");
|
||||
+ if (!f)
|
||||
+ return 0;
|
||||
+
|
||||
+ size = fread(&d, 1, 1, f);
|
||||
+ fclose(f);
|
||||
+ if (size != 1)
|
||||
+ return 0;
|
||||
+ if (d != '1')
|
||||
+ return 0;
|
||||
+#endif
|
||||
+ return 1;
|
||||
+}
|
||||
+
|
||||
+
|
||||
static int post = 0;
|
||||
|
||||
static NSSLOWInitContext dummyContext = { 0 };
|
||||
@@ -284,7 +305,9 @@ NSSLOW_Init(void)
|
||||
|
||||
|
||||
if (!post) {
|
||||
- crv = freebl_fipsPowerUpSelfTest();
|
||||
+ crv = CKR_OK;
|
||||
+ if (nsslow_GetFIPSEnabled())
|
||||
+ crv = freebl_fipsPowerUpSelfTest();
|
||||
if (crv != CKR_OK) {
|
||||
return NULL;
|
||||
}
|
10
nss.spec
10
nss.spec
|
@ -3,8 +3,8 @@
|
|||
|
||||
Summary: Network Security Services
|
||||
Name: nss
|
||||
Version: 3.12.3
|
||||
Release: 4%{?dist}
|
||||
Version: 3.12.3.99.3
|
||||
Release: 1%{?dist}
|
||||
License: MPLv1.1 or GPLv2+ or LGPLv2+
|
||||
URL: http://www.mozilla.org/projects/security/pki/nss/
|
||||
Group: System Environment/Libraries
|
||||
|
@ -35,8 +35,6 @@ Patch2: nss-nolocalsql.patch
|
|||
Patch4: nss-pem-bug483855.patch
|
||||
Patch5: nss-pem-bug429175.patch
|
||||
Patch6: nss-enable-pem.patch
|
||||
Patch7: nss-disable-freebl-execstack.patch
|
||||
Patch8: nss-freebl-kernelfipsmode
|
||||
|
||||
%description
|
||||
Network Security Services (NSS) is a set of libraries designed to
|
||||
|
@ -108,8 +106,6 @@ low level services.
|
|||
%patch4 -p0 -b .483855
|
||||
%patch5 -p0 -b .429175
|
||||
%patch6 -p0 -b .libpem
|
||||
%patch7 -p1
|
||||
%patch8 -p1
|
||||
|
||||
|
||||
%build
|
||||
|
@ -477,6 +473,8 @@ done
|
|||
|
||||
|
||||
%changelog
|
||||
* Fri Jun 05 2009 Kai Engert <kaie@redhat.com> - 3.12.3.99.3-1
|
||||
- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75
|
||||
* Fri May 08 2009 Kai Engert <kaie@redhat.com> - 3.12.3-4
|
||||
- add conflicts info in order to fix bug 499436
|
||||
* Tue Apr 14 2009 Kai Engert <kaie@redhat.com> - 3.12.3-3
|
||||
|
|
Loading…
Reference in New Issue