Compare commits
29 Commits
| Author | SHA1 | Date |
|---|---|---|
Fedora Release Engineering
|
ad9f259b07 | |
Elio Maldonado
|
3847089745 | |
|
Elio Maldonado
|
a019d5df0a | |
|
Elio Maldonado
|
f14bf86b35 | |
|
Elio Maldonado
|
01a5faad2e | |
|
Elio Maldonado
|
27ea242c39 | |
|
Elio Maldonado
|
470672708d | |
|
Elio Maldonado
|
872f99e0b6 | |
|
Elio Maldonado
|
df5de31e62 | |
|
Elio Maldonado
|
bef7b702c9 | |
|
Elio Maldonado
|
8ac6baa628 | |
Bill Nottingham
|
f3c535575e | |
|
Elio Maldonado
|
f451ba7628 | |
|
Elio Maldonado
|
4771cbbb95 | |
|
Elio Maldonado
|
d0883a2977 | |
|
Elio Maldonado
|
dae1eb97ad | |
|
Elio Maldonado
|
6b27b03662 | |
|
Elio Maldonado
|
92de2ccb04 | |
|
Elio Maldonado
|
92c9a1ea47 | |
|
Elio Maldonado
|
e6c1d3be5f | |
|
Elio Maldonado
|
55d1bcf6c0 | |
|
Elio Maldonado
|
0d17828751 | |
|
Elio Maldonado
|
ae0361bd02 | |
|
Elio Maldonado
|
2a9e7af412 | |
Kai Engert
|
76d88608f5 | |
|
Kai Engert
|
330c8cea5c | |
|
Kai Engert
|
f66dc12e00 | |
|
Kai Engert
|
903b1142c1 | |
Jesse Keating
|
88036dabab |
|
|
@ -1,2 +0,0 @@
|
|||
nss-pem-20080124.tar.bz2
|
||||
nss-3.12.3-stripped.tar.bz2
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
nss-3.12.6-stripped.tar.bz2
|
||||
nss-pem-20091210.tar.bz2
|
||||
blank-cert8.db
|
||||
blank-key3.db
|
||||
blank-secmod.db
|
||||
21
Makefile
21
Makefile
|
|
@ -1,21 +0,0 @@
|
|||
# Makefile for source rpm: nss
|
||||
# $Id: Makefile,v 1.1 2005/12/15 19:34:51 caillon Exp $
|
||||
NAME := nss
|
||||
SPECFILE = $(firstword $(wildcard *.spec))
|
||||
|
||||
define find-makefile-common
|
||||
for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
|
||||
endef
|
||||
|
||||
MAKEFILE_COMMON := $(shell $(find-makefile-common))
|
||||
|
||||
ifeq ($(MAKEFILE_COMMON),)
|
||||
# attempt a checkout
|
||||
define checkout-makefile-common
|
||||
test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2
|
||||
endef
|
||||
|
||||
MAKEFILE_COMMON := $(shell $(checkout-makefile-common))
|
||||
endif
|
||||
|
||||
include $(MAKEFILE_COMMON)
|
||||
BIN
blank-cert8.db
BIN
blank-cert8.db
Binary file not shown.
BIN
blank-key3.db
BIN
blank-key3.db
Binary file not shown.
BIN
blank-secmod.db
BIN
blank-secmod.db
Binary file not shown.
|
|
@ -1,11 +0,0 @@
|
|||
--- nss-3.12.2.99.3/mozilla/security/nss/lib/freebl/Makefile-save 2009-04-02 08:46:32.083530732 -0700
|
||||
+++ nss-3.12.2.99.3/mozilla/security/nss/lib/freebl/Makefile 2009-04-02 08:46:51.740542226 -0700
|
||||
@@ -133,7 +133,7 @@
|
||||
ifeq ($(OS_TARGET),Linux)
|
||||
ifeq ($(CPU_ARCH),x86_64)
|
||||
ASFILES = arcfour-amd64-gas.s mpi_amd64_gas.s
|
||||
- ASFLAGS += -march=opteron -m64 -fPIC
|
||||
+ ASFLAGS += -march=opteron -m64 -fPIC -Wa,--noexecstack
|
||||
DEFINES += -DNSS_BEVAND_ARCFOUR -DMPI_AMD64 -DMP_ASSEMBLY_MULTIPLY
|
||||
DEFINES += -DNSS_USE_COMBA
|
||||
DEFINES += -DMP_CHAR_STORE_SLOW -DMP_IS_LITTLE_ENDIAN
|
||||
|
|
@ -1,42 +0,0 @@
|
|||
diff -up ./mozilla/security/nss/lib/freebl/nsslowhash.c.kernelfipsmode ./mozilla/security/nss/lib/freebl/nsslowhash.c
|
||||
--- ./mozilla/security/nss/lib/freebl/nsslowhash.c.kernelfipsmode 2008-11-27 16:20:44.000000000 +0100
|
||||
+++ ./mozilla/security/nss/lib/freebl/nsslowhash.c 2009-04-14 22:58:19.000000000 +0200
|
||||
@@ -267,6 +267,27 @@ struct NSSLOWHASHContextStr {
|
||||
|
||||
};
|
||||
|
||||
+static int nsslow_GetFIPSEnabled(void) {
|
||||
+#ifdef LINUX
|
||||
+ FILE *f;
|
||||
+ char d;
|
||||
+ size_t size;
|
||||
+
|
||||
+ f = fopen("/proc/sys/crypto/fips_enabled", "r");
|
||||
+ if (!f)
|
||||
+ return 0;
|
||||
+
|
||||
+ size = fread(&d, 1, 1, f);
|
||||
+ fclose(f);
|
||||
+ if (size != 1)
|
||||
+ return 0;
|
||||
+ if (d != '1')
|
||||
+ return 0;
|
||||
+#endif
|
||||
+ return 1;
|
||||
+}
|
||||
+
|
||||
+
|
||||
static int post = 0;
|
||||
|
||||
static NSSLOWInitContext dummyContext = { 0 };
|
||||
@@ -284,7 +305,9 @@ NSSLOW_Init(void)
|
||||
|
||||
|
||||
if (!post) {
|
||||
- crv = freebl_fipsPowerUpSelfTest();
|
||||
+ crv = CKR_OK;
|
||||
+ if (nsslow_GetFIPSEnabled())
|
||||
+ crv = freebl_fipsPowerUpSelfTest();
|
||||
if (crv != CKR_OK) {
|
||||
return NULL;
|
||||
}
|
||||
|
|
@ -1,14 +0,0 @@
|
|||
--- ./mozilla/security/nss/cmd/platlibs.mk.withrpath 2007-02-19 07:17:06.000000000 +0100
|
||||
+++ ./mozilla/security/nss/cmd/platlibs.mk 2007-02-19 07:18:07.000000000 +0100
|
||||
@@ -52,9 +52,9 @@
|
||||
|
||||
ifeq ($(OS_ARCH), Linux)
|
||||
ifeq ($(USE_64), 1)
|
||||
-EXTRA_SHARED_LIBS += -Wl,-rpath,'$$ORIGIN/../lib64:$$ORIGIN/../lib'
|
||||
+#EXTRA_SHARED_LIBS += -Wl,-rpath,'$$ORIGIN/../lib64:$$ORIGIN/../lib'
|
||||
else
|
||||
-EXTRA_SHARED_LIBS += -Wl,-rpath,'$$ORIGIN/../lib'
|
||||
+#EXTRA_SHARED_LIBS += -Wl,-rpath,'$$ORIGIN/../lib'
|
||||
endif
|
||||
endif
|
||||
|
||||
|
|
@ -1,26 +1,26 @@
|
|||
diff -up ./mozilla/security/nss/lib/Makefile.nolocalsql ./mozilla/security/nss/lib/Makefile
|
||||
--- ./mozilla/security/nss/lib/Makefile.nolocalsql 2007-07-19 23:36:49.000000000 +0200
|
||||
+++ ./mozilla/security/nss/lib/Makefile 2009-04-14 17:07:40.000000000 +0200
|
||||
@@ -62,11 +62,11 @@ ifeq ($(OS_TARGET), WINCE)
|
||||
DIRS := $(filter-out fortcrypt,$(DIRS))
|
||||
--- ./mozilla/security/nss/lib/Makefile.nolocalsql 2010-02-27 16:40:25.891777537 -0800
|
||||
+++ ./mozilla/security/nss/lib/Makefile 2010-02-27 16:41:59.175902327 -0800
|
||||
@@ -62,11 +62,11 @@ ifndef USE_SYSTEM_ZLIB
|
||||
ZLIB_SRCDIR = zlib # Add the zlib directory to DIRS.
|
||||
endif
|
||||
|
||||
-ifndef MOZILLA_CLIENT
|
||||
-ifndef NSS_USE_SYSTEM_SQLITE
|
||||
-DIRS := sqlite $(DIRS)
|
||||
-SQLITE_SRCDIR = sqlite # Add the sqlite directory to DIRS.
|
||||
-endif
|
||||
-endif
|
||||
+#ifndef MOZILLA_CLIENT
|
||||
+#ifndef NSS_USE_SYSTEM_SQLITE
|
||||
+#DIRS := sqlite $(DIRS)
|
||||
+#SQLITE_SRCDIR = sqlite # Add the sqlite directory to DIRS.
|
||||
+#endif
|
||||
+#endif
|
||||
|
||||
#######################################################################
|
||||
# (5) Execute "global" rules. (OPTIONAL) #
|
||||
ifndef MOZILLA_CLIENT
|
||||
ifeq ($(OS_ARCH),Linux)
|
||||
diff -up ./mozilla/security/nss/lib/softoken/legacydb/manifest.mn.nolocalsql ./mozilla/security/nss/lib/softoken/legacydb/manifest.mn
|
||||
--- ./mozilla/security/nss/lib/softoken/legacydb/manifest.mn.nolocalsql 2007-07-19 23:36:50.000000000 +0200
|
||||
+++ ./mozilla/security/nss/lib/softoken/legacydb/manifest.mn 2009-04-14 17:07:40.000000000 +0200
|
||||
--- ./mozilla/security/nss/lib/softoken/legacydb/manifest.mn.nolocalsql 2010-02-27 16:44:24.998777709 -0800
|
||||
+++ ./mozilla/security/nss/lib/softoken/legacydb/manifest.mn 2010-02-27 16:45:08.533803472 -0800
|
||||
@@ -46,9 +46,9 @@ MAPFILE = $(OBJDIR)/nssdbm.def
|
||||
|
||||
DEFINES += -DSHLIB_SUFFIX=\"$(DLL_SUFFIX)\" -DSHLIB_PREFIX=\"$(DLL_PREFIX)\" -DSOFTOKEN_LIB_NAME=\"$(notdir $(SHARED_LIBRARY))\"
|
||||
|
|
@ -35,8 +35,8 @@ diff -up ./mozilla/security/nss/lib/softoken/legacydb/manifest.mn.nolocalsql ./m
|
|||
CSRCS = \
|
||||
dbmshim.c \
|
||||
diff -up ./mozilla/security/nss/lib/softoken/manifest.mn.nolocalsql ./mozilla/security/nss/lib/softoken/manifest.mn
|
||||
--- ./mozilla/security/nss/lib/softoken/manifest.mn.nolocalsql 2009-03-25 17:21:37.000000000 +0100
|
||||
+++ ./mozilla/security/nss/lib/softoken/manifest.mn 2009-04-14 17:07:40.000000000 +0200
|
||||
--- ./mozilla/security/nss/lib/softoken/manifest.mn.nolocalsql 2010-02-27 16:42:52.213902231 -0800
|
||||
+++ ./mozilla/security/nss/lib/softoken/manifest.mn 2010-02-27 16:43:34.040776788 -0800
|
||||
@@ -47,9 +47,9 @@ MAPFILE = $(OBJDIR)/softokn.def
|
||||
|
||||
DEFINES += -DSHLIB_SUFFIX=\"$(DLL_SUFFIX)\" -DSHLIB_PREFIX=\"$(DLL_PREFIX)\" -DSOFTOKEN_LIB_NAME=\"$(notdir $(SHARED_LIBRARY))\" -DSHLIB_VERSION=\"$(LIBRARY_VERSION)\"
|
||||
|
|
|
|||
|
|
@ -1,12 +0,0 @@
|
|||
diff -u --recursive mozilla.orig/security/nss/lib/ckfw/pem/pobject.c mozilla/security/nss/lib/ckfw/pem/pobject.c
|
||||
--- mozilla.orig/security/nss/lib/ckfw/pem/pobject.c 2007-09-06 16:46:30.000000000 -0400
|
||||
+++ mozilla/security/nss/lib/ckfw/pem/pobject.c 2008-08-13 21:08:43.000000000 -0400
|
||||
@@ -160,7 +160,7 @@
|
||||
(void *) &ck_false, (PRUint32) sizeof(CK_BBOOL)
|
||||
};
|
||||
static const NSSItem pem_x509Item = {
|
||||
- (void *) &ckc_x509, (PRUint32) sizeof(CKC_X_509)
|
||||
+ (void *) &ckc_x509, (PRUint32) sizeof(CK_ULONG)
|
||||
};
|
||||
static const NSSItem pem_rsaItem = {
|
||||
(void *) &ckk_rsa, (PRUint32) sizeof(CK_KEY_TYPE)
|
||||
|
|
@ -1,15 +0,0 @@
|
|||
diff -ruNp mozilla.orig/security/nss/lib/ckfw/pem/pobject.c mozilla/security/nss/lib/ckfw/pem/pobject.c
|
||||
--- mozilla.orig/security/nss/lib/ckfw/pem/pobject.c 2009-02-28 15:03:36.719964516 +0100
|
||||
+++ mozilla/security/nss/lib/ckfw/pem/pobject.c 2009-02-28 15:03:55.964074075 +0100
|
||||
@@ -987,10 +987,7 @@ pem_CreateObject
|
||||
char *ivstring = NULL;
|
||||
|
||||
count = pem_nobjs;
|
||||
- if (count > 0)
|
||||
- size = ((count / PEM_ITEM_CHUNK) + 1) * PEM_ITEM_CHUNK;
|
||||
- else
|
||||
- size = 0;
|
||||
+ size = (count / PEM_ITEM_CHUNK) * PEM_ITEM_CHUNK;
|
||||
|
||||
/*
|
||||
* only create token objects
|
||||
|
|
@ -1,2 +1,3 @@
|
|||
-b /lib{,64}/libfreebl3.so
|
||||
-b /lib{,64}/libsoftokn3.so
|
||||
-b /lib{,64}/libnssdbm3.so
|
||||
|
|
|
|||
184
nss.spec
184
nss.spec
|
|
@ -1,10 +1,20 @@
|
|||
%define nspr_version 4.7
|
||||
%define unsupported_tools_directory %{_libdir}/nss/unsupported-tools
|
||||
%global nspr_version 4.8.4
|
||||
%global unsupported_tools_directory %{_libdir}/nss/unsupported-tools
|
||||
|
||||
# Produce .chk files for the final stripped binaries
|
||||
%define __spec_install_post \
|
||||
%{?__debug_package:%{__debug_install_post}} \
|
||||
%{__arch_install_post} \
|
||||
%{__os_install_post} \
|
||||
$RPM_BUILD_ROOT/%{unsupported_tools_directory}/shlibsign -i $RPM_BUILD_ROOT/%{_lib}/libsoftokn3.so \
|
||||
$RPM_BUILD_ROOT/%{unsupported_tools_directory}/shlibsign -i $RPM_BUILD_ROOT/%{_lib}/libfreebl3.so \
|
||||
$RPM_BUILD_ROOT/%{unsupported_tools_directory}/shlibsign -i $RPM_BUILD_ROOT/%{_libdir}/libnssdbm3.so \
|
||||
%{nil}
|
||||
|
||||
Summary: Network Security Services
|
||||
Name: nss
|
||||
Version: 3.12.3
|
||||
Release: 3%{?dist}
|
||||
Version: 3.12.6
|
||||
Release: 1.2%{?dist}
|
||||
License: MPLv1.1 or GPLv2+ or LGPLv2+
|
||||
URL: http://www.mozilla.org/projects/security/pki/nss/
|
||||
Group: System Environment/Libraries
|
||||
|
|
@ -28,15 +38,12 @@ Source3: blank-cert8.db
|
|||
Source4: blank-key3.db
|
||||
Source5: blank-secmod.db
|
||||
Source8: nss-prelink.conf
|
||||
Source12: %{name}-pem-20080124.tar.bz2
|
||||
Source12: %{name}-pem-20091210.tar.bz2
|
||||
|
||||
Patch1: nss-no-rpath.patch
|
||||
Patch2: nss-nolocalsql.patch
|
||||
Patch4: nss-pem-bug483855.patch
|
||||
Patch5: nss-pem-bug429175.patch
|
||||
Patch3: renegotiate-transitional.patch
|
||||
Patch4: validate-arguments.patch
|
||||
Patch6: nss-enable-pem.patch
|
||||
Patch7: nss-disable-freebl-execstack.patch
|
||||
Patch8: nss-freebl-kernelfipsmode
|
||||
|
||||
%description
|
||||
Network Security Services (NSS) is a set of libraries designed to
|
||||
|
|
@ -48,6 +55,7 @@ v3 certificates, and other security standards.
|
|||
%package softokn-freebl
|
||||
Summary: Freebl library for the Network Security Services
|
||||
Group: System Environment/Base
|
||||
Conflicts: nss < 3.12.2.99.3-5
|
||||
|
||||
%description softokn-freebl
|
||||
Network Security Services (NSS) is a set of libraries designed to
|
||||
|
|
@ -102,13 +110,10 @@ low level services.
|
|||
%setup -q
|
||||
%setup -q -T -D -n %{name}-%{version} -a 12
|
||||
|
||||
%patch1 -p0
|
||||
%patch2 -p0
|
||||
%patch4 -p0 -b .483855
|
||||
%patch5 -p0 -b .429175
|
||||
%patch2 -p0 -b .nolocalsql
|
||||
%patch3 -p0 -b .transitional
|
||||
%patch4 -p0 -b .validate
|
||||
%patch6 -p0 -b .libpem
|
||||
%patch7 -p1
|
||||
%patch8 -p1
|
||||
|
||||
|
||||
%build
|
||||
|
|
@ -124,9 +129,6 @@ export BUILD_OPT
|
|||
XCFLAGS=$RPM_OPT_FLAGS
|
||||
export XCFLAGS
|
||||
|
||||
#export NSPR_INCLUDE_DIR=`nspr-config --includedir`
|
||||
#export NSPR_LIB_DIR=`nspr-config --libdir`
|
||||
|
||||
PKG_CONFIG_ALLOW_SYSTEM_LIBS=1
|
||||
PKG_CONFIG_ALLOW_SYSTEM_CFLAGS=1
|
||||
|
||||
|
|
@ -152,14 +154,14 @@ export USE_64
|
|||
%{__make} -C ./mozilla/security/nss
|
||||
|
||||
# Set up our package file
|
||||
%{__mkdir_p} $RPM_BUILD_ROOT/%{_libdir}/pkgconfig
|
||||
%{__mkdir_p} ./mozilla/dist/pkgconfig
|
||||
%{__cat} %{SOURCE1} | sed -e "s,%%libdir%%,%{_libdir},g" \
|
||||
-e "s,%%prefix%%,%{_prefix},g" \
|
||||
-e "s,%%exec_prefix%%,%{_prefix},g" \
|
||||
-e "s,%%includedir%%,%{_includedir}/nss3,g" \
|
||||
-e "s,%%NSPR_VERSION%%,%{nspr_version},g" \
|
||||
-e "s,%%NSS_VERSION%%,%{version},g" > \
|
||||
$RPM_BUILD_ROOT/%{_libdir}/pkgconfig/nss.pc
|
||||
./mozilla/dist/pkgconfig/nss.pc
|
||||
|
||||
NSS_VMAJOR=`cat mozilla/security/nss/lib/nss/nss.h | grep "#define.*NSS_VMAJOR" | awk '{print $3}'`
|
||||
NSS_VMINOR=`cat mozilla/security/nss/lib/nss/nss.h | grep "#define.*NSS_VMINOR" | awk '{print $3}'`
|
||||
|
|
@ -169,7 +171,6 @@ export NSS_VMAJOR
|
|||
export NSS_VMINOR
|
||||
export NSS_VPATCH
|
||||
|
||||
%{__mkdir_p} $RPM_BUILD_ROOT/%{_bindir}
|
||||
%{__cat} %{SOURCE2} | sed -e "s,@libdir@,%{_libdir},g" \
|
||||
-e "s,@prefix@,%{_prefix},g" \
|
||||
-e "s,@exec_prefix@,%{_prefix},g" \
|
||||
|
|
@ -177,9 +178,9 @@ export NSS_VPATCH
|
|||
-e "s,@MOD_MAJOR_VERSION@,$NSS_VMAJOR,g" \
|
||||
-e "s,@MOD_MINOR_VERSION@,$NSS_VMINOR,g" \
|
||||
-e "s,@MOD_PATCH_VERSION@,$NSS_VPATCH,g" \
|
||||
> $RPM_BUILD_ROOT/%{_bindir}/nss-config
|
||||
> ./mozilla/dist/pkgconfig/nss-config
|
||||
|
||||
chmod 755 $RPM_BUILD_ROOT/%{_bindir}/nss-config
|
||||
chmod 755 ./mozilla/dist/pkgconfig/nss-config
|
||||
|
||||
# enable the following line to force a test failure
|
||||
# find ./mozilla -name \*.chk | xargs rm -f
|
||||
|
|
@ -216,39 +217,46 @@ find ./mozilla/security/nss/tests -type f |\
|
|||
|
||||
killall $RANDSERV || :
|
||||
|
||||
#temporarily disable the test suite because of bug 494266
|
||||
#rm -rf ./mozilla/tests_results
|
||||
#cd ./mozilla/security/nss/tests/
|
||||
## all.sh is the test suite script
|
||||
#HOST=localhost DOMSUF=localdomain PORT=$MYRAND ./all.sh
|
||||
#cd ../../../../
|
||||
rm -rf ./mozilla/tests_results
|
||||
cd ./mozilla/security/nss/tests/
|
||||
# all.sh is the test suite script
|
||||
|
||||
#killall $RANDSERV || :
|
||||
# don't need to run all the tests when testing packaging
|
||||
# nss_cycles: standard pkix upgradedb sharedb
|
||||
# nss_tests: cipher libpkix cert dbtests tools fips sdr crmf smime ssl ocsp merge pkits chains
|
||||
# nss_ssl_tests: crl bypass_normal normal_bypass normal_fips fips_normal iopr
|
||||
# nss_ssl_run: cov auth stress
|
||||
|
||||
#TEST_FAILURES=`grep -c FAILED ./mozilla/tests_results/security/localhost.1/output.log` || :
|
||||
#if [ $TEST_FAILURES -ne 0 ]; then
|
||||
# echo "error: test suite returned failure(s)"
|
||||
# exit 1
|
||||
#fi
|
||||
#echo "test suite completed"
|
||||
# Temporarily disabling the ssl test suites
|
||||
# until bug 539183 gets resolved
|
||||
#%global nss_ssl_tests " "
|
||||
#%global nss_ssl_run " "
|
||||
|
||||
HOST=localhost DOMSUF=localdomain PORT=$MYRAND NSS_CYCLES=%{?nss_cycles} NSS_TESTS=%{?nss_tests} NSS_SSL_TESTS=%{?nss_ssl_tests} NSS_SSL_RUN=%{?nss_ssl_run} ./all.sh
|
||||
|
||||
cd ../../../../
|
||||
|
||||
killall $RANDSERV || :
|
||||
|
||||
TEST_FAILURES=`grep -c FAILED ./mozilla/tests_results/security/localhost.1/output.log` || :
|
||||
if [ $TEST_FAILURES -ne 0 ]; then
|
||||
echo "error: test suite returned failure(s)"
|
||||
exit 1
|
||||
fi
|
||||
echo "test suite completed"
|
||||
|
||||
# Produce .chk files for the final stripped binaries
|
||||
%define __spec_install_post \
|
||||
%{?__debug_package:%{__debug_install_post}} \
|
||||
%{__arch_install_post} \
|
||||
%{__os_install_post} \
|
||||
$RPM_BUILD_ROOT/%{unsupported_tools_directory}/shlibsign -i $RPM_BUILD_ROOT/%{_lib}/libsoftokn3.so \
|
||||
$RPM_BUILD_ROOT/%{unsupported_tools_directory}/shlibsign -i $RPM_BUILD_ROOT/%{_lib}/libfreebl3.so \
|
||||
%{nil}
|
||||
|
||||
%install
|
||||
|
||||
%{__rm} -rf $RPM_BUILD_ROOT
|
||||
|
||||
# There is no make install target so we'll do it ourselves.
|
||||
|
||||
%{__mkdir_p} $RPM_BUILD_ROOT/%{_includedir}/nss3
|
||||
%{__mkdir_p} $RPM_BUILD_ROOT/%{_bindir}
|
||||
%{__mkdir_p} $RPM_BUILD_ROOT/%{_lib}
|
||||
%{__mkdir_p} $RPM_BUILD_ROOT/%{unsupported_tools_directory}
|
||||
%{__mkdir_p} $RPM_BUILD_ROOT/%{_libdir}/pkgconfig
|
||||
|
||||
# Copy the binary libraries we want
|
||||
for file in libsoftokn3.so libfreebl3.so libnss3.so libnssutil3.so \
|
||||
|
|
@ -259,61 +267,62 @@ do
|
|||
done
|
||||
|
||||
# Make sure chk files can be found in both places
|
||||
for file in libsoftokn3.chk libfreebl3.chk
|
||||
for file in libsoftokn3.chk libfreebl3.chk libnssdbm3.chk
|
||||
do
|
||||
ln -s ../../%{_lib}/$file $RPM_BUILD_ROOT/%{_libdir}/$file
|
||||
done
|
||||
|
||||
# Install the empty NSS db files
|
||||
%{__mkdir_p} $RPM_BUILD_ROOT/%{_sysconfdir}/pki/nssdb
|
||||
%{__install} -m 644 %{SOURCE3} $RPM_BUILD_ROOT/%{_sysconfdir}/pki/nssdb/cert8.db
|
||||
%{__install} -m 644 %{SOURCE4} $RPM_BUILD_ROOT/%{_sysconfdir}/pki/nssdb/key3.db
|
||||
%{__install} -m 644 %{SOURCE5} $RPM_BUILD_ROOT/%{_sysconfdir}/pki/nssdb/secmod.db
|
||||
%{__install} -p -m 644 %{SOURCE3} $RPM_BUILD_ROOT/%{_sysconfdir}/pki/nssdb/cert8.db
|
||||
%{__install} -p -m 644 %{SOURCE4} $RPM_BUILD_ROOT/%{_sysconfdir}/pki/nssdb/key3.db
|
||||
%{__install} -p -m 644 %{SOURCE5} $RPM_BUILD_ROOT/%{_sysconfdir}/pki/nssdb/secmod.db
|
||||
%{__mkdir_p} $RPM_BUILD_ROOT/%{_sysconfdir}/prelink.conf.d
|
||||
%{__install} -m 644 %{SOURCE8} $RPM_BUILD_ROOT/%{_sysconfdir}/prelink.conf.d/nss-prelink.conf
|
||||
%{__install} -p -m 644 %{SOURCE8} $RPM_BUILD_ROOT/%{_sysconfdir}/prelink.conf.d/nss-prelink.conf
|
||||
|
||||
# Copy the development libraries we want
|
||||
for file in libcrmf.a libnssb.a libnssckfw.a
|
||||
do
|
||||
%{__install} -m 644 mozilla/dist/*.OBJ/lib/$file $RPM_BUILD_ROOT/%{_libdir}
|
||||
%{__install} -p -m 644 mozilla/dist/*.OBJ/lib/$file $RPM_BUILD_ROOT/%{_libdir}
|
||||
done
|
||||
|
||||
# Copy the binaries we want
|
||||
for file in certutil cmsutil crlutil modutil pk12util signtool signver ssltap
|
||||
do
|
||||
%{__install} -m 755 mozilla/dist/*.OBJ/bin/$file $RPM_BUILD_ROOT/%{_bindir}
|
||||
%{__install} -p -m 755 mozilla/dist/*.OBJ/bin/$file $RPM_BUILD_ROOT/%{_bindir}
|
||||
done
|
||||
|
||||
# Copy the binaries we ship as unsupported
|
||||
for file in atob btoa derdump ocspclnt pp selfserv shlibsign strsclnt symkeyutil tstclnt vfyserv vfychain
|
||||
do
|
||||
%{__install} -m 755 mozilla/dist/*.OBJ/bin/$file $RPM_BUILD_ROOT/%{unsupported_tools_directory}
|
||||
%{__install} -p -m 755 mozilla/dist/*.OBJ/bin/$file $RPM_BUILD_ROOT/%{unsupported_tools_directory}
|
||||
done
|
||||
|
||||
# Copy the include files we want
|
||||
for file in mozilla/dist/public/nss/*.h
|
||||
do
|
||||
%{__install} -m 644 $file $RPM_BUILD_ROOT/%{_includedir}/nss3
|
||||
%{__install} -p -m 644 $file $RPM_BUILD_ROOT/%{_includedir}/nss3
|
||||
done
|
||||
|
||||
# Copy the package configuration files
|
||||
%{__install} -p -m 644 ./mozilla/dist/pkgconfig/nss.pc $RPM_BUILD_ROOT/%{_libdir}/pkgconfig/nss.pc
|
||||
%{__install} -p -m 755 ./mozilla/dist/pkgconfig/nss-config $RPM_BUILD_ROOT/%{_bindir}/nss-config
|
||||
|
||||
%clean
|
||||
%{__rm} -rf $RPM_BUILD_ROOT
|
||||
|
||||
|
||||
%post
|
||||
/sbin/ldconfig >/dev/null 2>/dev/null
|
||||
|
||||
|
||||
%postun
|
||||
/sbin/ldconfig >/dev/null 2>/dev/null
|
||||
|
||||
|
||||
%files
|
||||
%defattr(-,root,root)
|
||||
/%{_lib}/libnss3.so
|
||||
/%{_lib}/libnssutil3.so
|
||||
/%{_lib}/libnssdbm3.so
|
||||
/%{_lib}/libnssdbm3.chk
|
||||
/%{_lib}/libssl3.so
|
||||
/%{_lib}/libsmime3.so
|
||||
/%{_lib}/libsoftokn3.so
|
||||
|
|
@ -331,6 +340,7 @@ done
|
|||
%{_sysconfdir}/prelink.conf.d/nss-prelink.conf
|
||||
|
||||
%files softokn-freebl
|
||||
%defattr(-,root,root)
|
||||
/%{_lib}/libfreebl3.so
|
||||
/%{_lib}/libfreebl3.chk
|
||||
|
||||
|
|
@ -356,12 +366,12 @@ done
|
|||
%{unsupported_tools_directory}/vfyserv
|
||||
%{unsupported_tools_directory}/vfychain
|
||||
|
||||
|
||||
%files devel
|
||||
%defattr(-,root,root)
|
||||
%{_libdir}/libnss3.so
|
||||
%{_libdir}/libnssutil3.so
|
||||
%{_libdir}/libnssdbm3.so
|
||||
%{_libdir}/libnssdbm3.chk
|
||||
%{_libdir}/libssl3.so
|
||||
%{_libdir}/libsmime3.so
|
||||
%{_libdir}/libsoftokn3.so
|
||||
|
|
@ -476,6 +486,64 @@ done
|
|||
|
||||
|
||||
%changelog
|
||||
* Sat Mar 06 2010 Elio Maldonado <emaldona@redhat.com> - 3.12.6-1.2
|
||||
- Rebuilt with all tests enabled
|
||||
|
||||
* Sat Mar 06 2010 Elio Maldonado <emaldona@redhat.com> - 3.12.6-1.1
|
||||
- Update to 3.12.6
|
||||
- Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period
|
||||
- Patch some tools to validate command line options arguments
|
||||
|
||||
* Tue Jan 12 2010 Elio Maldonado <emaldona@redhat.com> - 3.12.5-3.1
|
||||
- Update to latest pem module sources
|
||||
- Get the blank databases from the lookaside cache
|
||||
|
||||
* Thu Jan 07 2010 Elio Maldonado <emaldona@redhat.com> - 3.12.5-3
|
||||
- Temporarily disabling ssl tests until bug 539183 gets resolved
|
||||
|
||||
* Thu Jan 07 2010 Elio Maldonado <emaldona@redhat.com> - 3.12.5-2
|
||||
- rebuilt with properly formatted release number
|
||||
|
||||
* Fri Dec 06 2009 Elio Maldonado<emaldona@redhat.com> - 3.12.5-1
|
||||
- Update to 3.12.5
|
||||
|
||||
* Thu Sep 17 2009 Elio Maldonado<emaldona@redhat.com> - 3.12.4-3
|
||||
- Add nssdbm3.so to nss-prelink.conf, rhbz#524075
|
||||
|
||||
* Tue Sep 15 2009 Elio Maldonado<emaldona@redhat.com> - 3.12.4-2
|
||||
- Fix inability to toggle fips mode when using legacy db - 483855
|
||||
|
||||
* Mon Sep 07 2009 Elio Maldonado<emaldona@redhat.com> - 3.12.4-1
|
||||
- Update to 3.12.4
|
||||
- Update the nss pem enabling source archive to roll in bug fixes
|
||||
- pem module implements memory management for internal objects - 509705
|
||||
- pem module doesn't crash when processing malformed key files - 512019
|
||||
- preserve timestamps and ensure proper execute bits on installed files
|
||||
|
||||
* Mon Jun 22 2009 Elio Maldonado <emaldona@redhat.com> - 3.12.3.99.3-2.11.4
|
||||
- Fixed problems uncovered by mass rebuild with new version of rpmbuild
|
||||
* Mon Jun 22 2009 Elio Maldonado <emaldona@redhat.com> - 3.12.3.99.3-2.11.3
|
||||
- updated pem module incorporates various patches
|
||||
- fix off-by-one error when computing size to reduce memory leak, rhbz#483855
|
||||
- fix data type to work on x86_64 systems, rhbz #429175
|
||||
- fix various memory leaks and free internal objects on module unload, rhbz#501080
|
||||
- fix to not clone internal objects in collect_objects(), rhbz#501118
|
||||
- fix to not bypass initialization if module arguments are omitted, rhbz#501058
|
||||
- fix gcc warnings, rhbz#500815
|
||||
- fix to support arbitrarily long password while loading a private key, rhbz#500180
|
||||
- fix memory leak in make_key and memory leaks and return values in pem_mdSession_Login, rhbz#501191
|
||||
* Fri Jun 08 2009 Elio Maldonado <emaldona@redhat.com> - 3.12.3.99.3-2.11.2
|
||||
- correct version and release number in this log
|
||||
* Fri Jun 08 2009 Elio Maldonado <emaldona@redhat.com> - 2.11.2
|
||||
- add patch for bug 502133 upstream bug 496997
|
||||
* Fri Jun 05 2009 Kai Engert <kaie@redhat.com> - 3.12.3.99.3-2.11.1
|
||||
- rebuild with higher release number for upgrade sanity
|
||||
* Fri Jun 05 2009 Kai Engert <kaie@redhat.com> - 3.12.3.99.3-2
|
||||
- reenable test suite
|
||||
* Fri Jun 05 2009 Kai Engert <kaie@redhat.com> - 3.12.3.99.3-1
|
||||
- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75
|
||||
* Fri May 08 2009 Kai Engert <kaie@redhat.com> - 3.12.3-4
|
||||
- add conflicts info in order to fix bug 499436
|
||||
* Tue Apr 14 2009 Kai Engert <kaie@redhat.com> - 3.12.3-3
|
||||
- ship .chk files instead of running shlibsign at install time
|
||||
- include .chk file in softokn-freebl subpackage
|
||||
|
|
|
|||
|
|
@ -0,0 +1,16 @@
|
|||
Index: ./mozilla/security/nss/lib/ssl/sslsock.c
|
||||
===================================================================
|
||||
RCS file: /cvsroot/mozilla/security/nss/lib/ssl/sslsock.c,v
|
||||
retrieving revision 1.66
|
||||
diff -u -p -r1.66 sslsock.c
|
||||
--- ./mozilla/security/nss/lib/ssl/sslsock.c 26 Feb 2010 20:44:54 -0000 1.66
|
||||
+++ ./mozilla/security/nss/lib/ssl/sslsock.c 1 Mar 2010 18:05:10 -0000
|
||||
@@ -181,7 +181,7 @@ static sslOptions ssl_defaults = {
|
||||
PR_FALSE, /* noLocks */
|
||||
PR_FALSE, /* enableSessionTickets */
|
||||
PR_FALSE, /* enableDeflate */
|
||||
- 2, /* enableRenegotiation (default: requires extension) */
|
||||
+ 3, /* enableRenegotiation (default: transitional)
|
||||
PR_FALSE, /* requireSafeNegotiation */
|
||||
};
|
||||
|
||||
7
sources
7
sources
|
|
@ -1,2 +1,5 @@
|
|||
084675e4f793ed82e1ba78f76745ada8 nss-pem-20080124.tar.bz2
|
||||
de43077b1fb888bccf155506ec12e40a nss-3.12.3-stripped.tar.bz2
|
||||
3902499c8e02b02d4944f21d3c6a839f nss-3.12.6-stripped.tar.bz2
|
||||
82c2c72c961f2783c8e975a42fa939cf nss-pem-20091210.tar.bz2
|
||||
a5ae49867124ac75f029a9a33af31bad blank-cert8.db
|
||||
9315689bbd9f28ceebd47894f99fccbd blank-key3.db
|
||||
73bc040a0542bba387e6dd7fb9fd7d23 blank-secmod.db
|
||||
|
|
|
|||
|
|
@ -0,0 +1,720 @@
|
|||
Index: ./mozilla/security/nss/cmd/p7content/p7content.c
|
||||
===================================================================
|
||||
RCS file: /cvsroot/mozilla/security/nss/cmd/p7content/p7content.c,v
|
||||
retrieving revision 1.12
|
||||
diff -u -p -r1.12 p7content.c
|
||||
--- ./mozilla/security/nss/cmd/p7content/p7content.c 4 Aug 2008 22:58:31 -0000 1.12
|
||||
+++ ./mozilla/security/nss/cmd/p7content/p7content.c 2 Mar 2010 18:29:48 -0000
|
||||
@@ -64,7 +64,7 @@ extern int fprintf(FILE *, char *, ...);
|
||||
|
||||
|
||||
static void
|
||||
-Usage(char *progName)
|
||||
+Usage(const char *progName)
|
||||
{
|
||||
fprintf(stderr,
|
||||
"Usage: %s [-d dbdir] [-i input] [-o output]\n",
|
||||
@@ -195,6 +195,15 @@ DecodeAndPrintFile(FILE *out, PRFileDesc
|
||||
return 0;
|
||||
}
|
||||
|
||||
+static void
|
||||
+PrintMsgAndExit(const char *progName, char opt)
|
||||
+{
|
||||
+ fprintf(stderr, "%s: option -%c requires argument\n", progName, opt);
|
||||
+ Usage(progName);
|
||||
+}
|
||||
+
|
||||
+#define REQUIRE_ARG(opt,value) if (!(value)) PrintMsgAndExit(progName, opt)
|
||||
+
|
||||
/*
|
||||
* Print the contents of a PKCS7 message, indicating signatures, etc.
|
||||
*/
|
||||
@@ -222,10 +231,12 @@ main(int argc, char **argv)
|
||||
while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
|
||||
switch (optstate->option) {
|
||||
case 'd':
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
SECU_ConfigDirectory(optstate->value);
|
||||
break;
|
||||
|
||||
case 'i':
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
inFile = PR_Open(optstate->value, PR_RDONLY, 0);
|
||||
if (!inFile) {
|
||||
fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
|
||||
@@ -235,6 +246,7 @@ main(int argc, char **argv)
|
||||
break;
|
||||
|
||||
case 'o':
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
outFile = fopen(optstate->value, "w");
|
||||
if (!outFile) {
|
||||
fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
|
||||
@@ -244,11 +256,13 @@ main(int argc, char **argv)
|
||||
break;
|
||||
|
||||
case 'p':
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
pwdata.source = PW_PLAINTEXT;
|
||||
pwdata.data = PORT_Strdup (optstate->value);
|
||||
break;
|
||||
|
||||
case 'f':
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
pwdata.source = PW_FROMFILE;
|
||||
pwdata.data = PORT_Strdup (optstate->value);
|
||||
break;
|
||||
Index: ./mozilla/security/nss/cmd/p7env/p7env.c
|
||||
===================================================================
|
||||
RCS file: /cvsroot/mozilla/security/nss/cmd/p7env/p7env.c,v
|
||||
retrieving revision 1.10
|
||||
diff -u -p -r1.10 p7env.c
|
||||
--- ./mozilla/security/nss/cmd/p7env/p7env.c 11 Feb 2010 02:39:47 -0000 1.10
|
||||
+++ ./mozilla/security/nss/cmd/p7env/p7env.c 2 Mar 2010 18:29:48 -0000
|
||||
@@ -63,7 +63,7 @@ extern int fprintf(FILE *, char *, ...);
|
||||
|
||||
|
||||
static void
|
||||
-Usage(char *progName)
|
||||
+Usage(const char *progName)
|
||||
{
|
||||
fprintf(stderr,
|
||||
"Usage: %s -r recipient [-d dbdir] [-i input] [-o output]\n",
|
||||
@@ -159,6 +159,15 @@ EncryptFile(FILE *outFile, FILE *inFile,
|
||||
return 0;
|
||||
}
|
||||
|
||||
+static void
|
||||
+PrintMsgAndExit(const char *progName, char opt)
|
||||
+{
|
||||
+ fprintf(stderr, "%s: option -%c requires argument\n", progName, opt);
|
||||
+ Usage(progName);
|
||||
+}
|
||||
+
|
||||
+#define REQUIRE_ARG(opt,value) if (!(value)) PrintMsgAndExit(progName, opt)
|
||||
+
|
||||
int
|
||||
main(int argc, char **argv)
|
||||
{
|
||||
@@ -194,10 +203,12 @@ main(int argc, char **argv)
|
||||
break;
|
||||
|
||||
case 'd':
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
SECU_ConfigDirectory(optstate->value);
|
||||
break;
|
||||
|
||||
case 'i':
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
inFile = fopen(optstate->value, "r");
|
||||
if (!inFile) {
|
||||
fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
|
||||
@@ -207,6 +218,7 @@ main(int argc, char **argv)
|
||||
break;
|
||||
|
||||
case 'o':
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
outFile = fopen(optstate->value, "wb");
|
||||
if (!outFile) {
|
||||
fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
|
||||
@@ -216,6 +228,7 @@ main(int argc, char **argv)
|
||||
break;
|
||||
|
||||
case 'r':
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
if (rcpt == NULL) {
|
||||
recipients = rcpt = PORT_Alloc (sizeof(struct recipient));
|
||||
} else {
|
||||
Index: ./mozilla/security/nss/cmd/p7sign/p7sign.c
|
||||
===================================================================
|
||||
RCS file: /cvsroot/mozilla/security/nss/cmd/p7sign/p7sign.c,v
|
||||
retrieving revision 1.14
|
||||
diff -u -p -r1.14 p7sign.c
|
||||
--- ./mozilla/security/nss/cmd/p7sign/p7sign.c 4 Aug 2008 22:58:28 -0000 1.14
|
||||
+++ ./mozilla/security/nss/cmd/p7sign/p7sign.c 2 Mar 2010 18:29:48 -0000
|
||||
@@ -67,7 +67,7 @@ extern int fprintf(FILE *, char *, ...);
|
||||
static secuPWData pwdata = { PW_NONE, 0 };
|
||||
|
||||
static void
|
||||
-Usage(char *progName)
|
||||
+Usage(const char *progName)
|
||||
{
|
||||
fprintf(stderr,
|
||||
"Usage: %s -k keyname [-d keydir] [-i input] [-o output]\n",
|
||||
@@ -173,6 +173,15 @@ SignFile(FILE *outFile, PRFileDesc *inFi
|
||||
return 0;
|
||||
}
|
||||
|
||||
+static void
|
||||
+PrintMsgAndExit(const char *progName, char opt)
|
||||
+{
|
||||
+ fprintf(stderr, "%s: option -%c requires argument\n", progName, opt);
|
||||
+ Usage(progName);
|
||||
+}
|
||||
+
|
||||
+#define REQUIRE_ARG(opt,value) if (!(value)) PrintMsgAndExit(progName, opt)
|
||||
+
|
||||
int
|
||||
main(int argc, char **argv)
|
||||
{
|
||||
@@ -210,10 +219,12 @@ main(int argc, char **argv)
|
||||
break;
|
||||
|
||||
case 'd':
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
SECU_ConfigDirectory(optstate->value);
|
||||
break;
|
||||
|
||||
case 'i':
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
inFile = PR_Open(optstate->value, PR_RDONLY, 0);
|
||||
if (!inFile) {
|
||||
fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
|
||||
@@ -223,10 +234,12 @@ main(int argc, char **argv)
|
||||
break;
|
||||
|
||||
case 'k':
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
keyName = strdup(optstate->value);
|
||||
break;
|
||||
|
||||
case 'o':
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
outFile = fopen(optstate->value, "wb");
|
||||
if (!outFile) {
|
||||
fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
|
||||
@@ -235,11 +248,13 @@ main(int argc, char **argv)
|
||||
}
|
||||
break;
|
||||
case 'p':
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
pwdata.source = PW_PLAINTEXT;
|
||||
pwdata.data = strdup (optstate->value);
|
||||
break;
|
||||
|
||||
case 'f':
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
pwdata.source = PW_FROMFILE;
|
||||
pwdata.data = PORT_Strdup (optstate->value);
|
||||
break;
|
||||
Index: ./mozilla/security/nss/cmd/p7verify/p7verify.c
|
||||
===================================================================
|
||||
RCS file: /cvsroot/mozilla/security/nss/cmd/p7verify/p7verify.c,v
|
||||
retrieving revision 1.10
|
||||
diff -u -p -r1.10 p7verify.c
|
||||
--- ./mozilla/security/nss/cmd/p7verify/p7verify.c 8 Aug 2008 23:47:57 -0000 1.10
|
||||
+++ ./mozilla/security/nss/cmd/p7verify/p7verify.c 2 Mar 2010 18:29:48 -0000
|
||||
@@ -126,7 +126,7 @@ DigestFile(unsigned char *digest, unsign
|
||||
|
||||
|
||||
static void
|
||||
-Usage(char *progName)
|
||||
+Usage(const char *progName)
|
||||
{
|
||||
fprintf(stderr,
|
||||
"Usage: %s -c content -s signature [-d dbdir] [-u certusage]\n",
|
||||
@@ -209,6 +209,14 @@ HashDecodeAndVerify(FILE *out, FILE *con
|
||||
return 0;
|
||||
}
|
||||
|
||||
+static void
|
||||
+PrintMsgAndExit(const char *progName, char opt)
|
||||
+{
|
||||
+ fprintf(stderr, "%s: option -%c requires argument\n", progName, opt);
|
||||
+ Usage(progName);
|
||||
+}
|
||||
+
|
||||
+#define REQUIRE_ARG(opt,arg) if (!(arg)) PrintMsgAndExit(progName, opt)
|
||||
|
||||
int
|
||||
main(int argc, char **argv)
|
||||
@@ -239,6 +247,7 @@ main(int argc, char **argv)
|
||||
break;
|
||||
|
||||
case 'c':
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
contentFile = fopen(optstate->value, "r");
|
||||
if (!contentFile) {
|
||||
fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
|
||||
@@ -248,10 +257,12 @@ main(int argc, char **argv)
|
||||
break;
|
||||
|
||||
case 'd':
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
SECU_ConfigDirectory(optstate->value);
|
||||
break;
|
||||
|
||||
case 'o':
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
outFile = fopen(optstate->value, "w");
|
||||
if (!outFile) {
|
||||
fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
|
||||
@@ -261,6 +272,7 @@ main(int argc, char **argv)
|
||||
break;
|
||||
|
||||
case 's':
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
signatureFile = PR_Open(optstate->value, PR_RDONLY, 0);
|
||||
if (!signatureFile) {
|
||||
fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
|
||||
@@ -271,7 +283,7 @@ main(int argc, char **argv)
|
||||
|
||||
case 'u': {
|
||||
int usageType;
|
||||
-
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
usageType = atoi (strdup(optstate->value));
|
||||
if (usageType < certUsageSSLClient || usageType > certUsageAnyCA)
|
||||
return -1;
|
||||
Index: ./mozilla/security/nss/cmd/strsclnt/strsclnt.c
|
||||
===================================================================
|
||||
RCS file: /cvsroot/mozilla/security/nss/cmd/strsclnt/strsclnt.c,v
|
||||
retrieving revision 1.66
|
||||
diff -u -p -r1.66 strsclnt.c
|
||||
--- ./mozilla/security/nss/cmd/strsclnt/strsclnt.c 10 Feb 2010 18:07:20 -0000 1.66
|
||||
+++ ./mozilla/security/nss/cmd/strsclnt/strsclnt.c 2 Mar 2010 18:29:51 -0000
|
||||
@@ -1325,6 +1325,15 @@ done:
|
||||
return rv;
|
||||
}
|
||||
|
||||
+static void
|
||||
+PrintMsgAndExit(const char *progName, char opt)
|
||||
+{
|
||||
+ fprintf(stderr, "%s: option -%c requires argument\n", progName, opt);
|
||||
+ Usage(progName);
|
||||
+}
|
||||
+
|
||||
+#define REQUIRE_ARG(opt,value) if (!(value)) PrintMsgAndExit(progName, opt)
|
||||
+
|
||||
int
|
||||
main(int argc, char **argv)
|
||||
{
|
||||
@@ -1364,33 +1373,57 @@ main(int argc, char **argv)
|
||||
|
||||
case 'B': bypassPKCS11 = PR_TRUE; break;
|
||||
|
||||
- case 'C': cipherString = optstate->value; break;
|
||||
+ case 'C':
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
+ cipherString = optstate->value;
|
||||
+ break;
|
||||
|
||||
case 'D': NoDelay = PR_TRUE; break;
|
||||
|
||||
case 'N': NoReuse = 1; break;
|
||||
|
||||
- case 'P': fullhs = PORT_Atoi(optstate->value); break;
|
||||
+ case 'P':
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
+ fullhs = PORT_Atoi(optstate->value);
|
||||
+ break;
|
||||
|
||||
case 'T': disableTLS = PR_TRUE; break;
|
||||
|
||||
case 'U': ThrottleUp = PR_TRUE; break;
|
||||
|
||||
- case 'a': sniHostName = PL_strdup(optstate->value); break;
|
||||
+ case 'a':
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
+ sniHostName = PL_strdup(optstate->value);
|
||||
+ break;
|
||||
|
||||
- case 'c': connections = PORT_Atoi(optstate->value); break;
|
||||
+ case 'c':
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
+ connections = PORT_Atoi(optstate->value);
|
||||
+ break;
|
||||
|
||||
- case 'd': dir = optstate->value; break;
|
||||
+ case 'd':
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
+ dir = optstate->value;
|
||||
+ break;
|
||||
|
||||
- case 'f': fileName = optstate->value; break;
|
||||
+ case 'f':
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
+ fileName = optstate->value;
|
||||
+ break;
|
||||
|
||||
case 'i': ignoreErrors = PR_TRUE; break;
|
||||
|
||||
- case 'n': nickName = PL_strdup(optstate->value); break;
|
||||
+ case 'n':
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
+ nickName = PL_strdup(optstate->value);
|
||||
+ break;
|
||||
|
||||
case 'o': MakeCertOK++; break;
|
||||
|
||||
- case 'p': port = PORT_Atoi(optstate->value); break;
|
||||
+ case 'p':
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
+ port = PORT_Atoi(optstate->value);
|
||||
+ break;
|
||||
|
||||
case 'q': QuitOnTimeout = PR_TRUE; break;
|
||||
|
||||
@@ -1407,11 +1440,13 @@ main(int argc, char **argv)
|
||||
case 'v': verbose++; break;
|
||||
|
||||
case 'w':
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
pwdata.source = PW_PLAINTEXT;
|
||||
pwdata.data = PL_strdup(optstate->value);
|
||||
break;
|
||||
|
||||
case 'W':
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
pwdata.source = PW_FROMFILE;
|
||||
pwdata.data = PL_strdup(optstate->value);
|
||||
break;
|
||||
@@ -1419,6 +1454,7 @@ main(int argc, char **argv)
|
||||
case 'z': enableCompression = PR_TRUE; break;
|
||||
|
||||
case 0: /* positional parameter */
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
if (hostName) {
|
||||
Usage(progName);
|
||||
}
|
||||
Index: ./mozilla/security/nss/cmd/tests/remtest.c
|
||||
===================================================================
|
||||
RCS file: /cvsroot/mozilla/security/nss/cmd/tests/remtest.c,v
|
||||
retrieving revision 1.5
|
||||
diff -u -p -r1.5 remtest.c
|
||||
--- ./mozilla/security/nss/cmd/tests/remtest.c 8 Aug 2008 23:48:09 -0000 1.5
|
||||
+++ ./mozilla/security/nss/cmd/tests/remtest.c 2 Mar 2010 18:29:51 -0000
|
||||
@@ -69,6 +69,15 @@ Usage(char *progName)
|
||||
exit(1);
|
||||
}
|
||||
|
||||
+static void
|
||||
+PrintMsgAndExit(const char *progName, char opt)
|
||||
+{
|
||||
+ fprintf(stderr, "%s: option -%c requires argument\n", progName, opt);
|
||||
+ Usage(progName);
|
||||
+}
|
||||
+
|
||||
+#define REQUIRE_ARG(opt,value) if (!(value)) PrintMsgAndExit(progName, opt)
|
||||
+
|
||||
int main(int argc, char **argv)
|
||||
{
|
||||
char * certDir = NULL;
|
||||
@@ -92,10 +101,12 @@ int main(int argc, char **argv)
|
||||
switch (optstate->option) {
|
||||
|
||||
case 'd':
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
certDir = strdup(optstate->value);
|
||||
certDir = SECU_ConfigDirectory(certDir);
|
||||
break;
|
||||
case 't':
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
tokenName = strdup(optstate->value);
|
||||
break;
|
||||
case 'r':
|
||||
Index: ./mozilla/security/nss/cmd/tstclnt/tstclnt.c
|
||||
===================================================================
|
||||
RCS file: /cvsroot/mozilla/security/nss/cmd/tstclnt/tstclnt.c,v
|
||||
retrieving revision 1.62
|
||||
diff -u -p -r1.62 tstclnt.c
|
||||
--- ./mozilla/security/nss/cmd/tstclnt/tstclnt.c 10 Feb 2010 18:07:21 -0000 1.62
|
||||
+++ ./mozilla/security/nss/cmd/tstclnt/tstclnt.c 2 Mar 2010 18:29:51 -0000
|
||||
@@ -497,6 +497,15 @@ separateReqHeader(const PRFileDesc* outF
|
||||
Usage(progName); \
|
||||
}
|
||||
|
||||
+static void
|
||||
+PrintMsgAndExit(const char *progName, char opt)
|
||||
+{
|
||||
+ fprintf(stderr, "%s: option -%c requires argument\n", progName, opt);
|
||||
+ Usage(progName);
|
||||
+}
|
||||
+
|
||||
+#define REQUIRE_ARG(opt,value) if (!(value)) PrintMsgAndExit(progName, opt)
|
||||
+
|
||||
int main(int argc, char **argv)
|
||||
{
|
||||
PRFileDesc * s;
|
||||
@@ -563,38 +572,56 @@ int main(int argc, char **argv)
|
||||
|
||||
case 'B': bypassPKCS11 = 1; break;
|
||||
|
||||
- case 'S': skipProtoHeader = PR_TRUE; break;
|
||||
+ case 'S': skipProtoHeader = PR_TRUE; break;
|
||||
|
||||
case 'T': disableTLS = 1; break;
|
||||
|
||||
- case 'a': if (!hs1SniHostName) {
|
||||
- hs1SniHostName = PORT_Strdup(optstate->value);
|
||||
- } else if (!hs2SniHostName) {
|
||||
- hs2SniHostName = PORT_Strdup(optstate->value);
|
||||
- } else {
|
||||
- Usage(progName);
|
||||
- }
|
||||
- break;
|
||||
-
|
||||
- case 'c': cipherString = PORT_Strdup(optstate->value); break;
|
||||
-
|
||||
- case 'd': certDir = PORT_Strdup(optstate->value); break;
|
||||
+ case 'a':
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
+ if (!hs1SniHostName) {
|
||||
+ hs1SniHostName = PORT_Strdup(optstate->value);
|
||||
+ } else if (!hs2SniHostName) {
|
||||
+ hs2SniHostName = PORT_Strdup(optstate->value);
|
||||
+ } else {
|
||||
+ Usage(progName);
|
||||
+ }
|
||||
+ break;
|
||||
+
|
||||
+ case 'c':
|
||||
+ REQUIRE_ARG(optstate->option,optstate->value);
|
||||
+ cipherString = PORT_Strdup(optstate->value);
|
||||
+ break;
|
||||
+
|
||||
+ case 'd':
|
||||
+ REQUIRE_ARG(optstate->option,optstate->value);
|
||||
+ certDir = PORT_Strdup(optstate->value);
|
||||
+ break;
|
||||
|
||||
case 'f': clientSpeaksFirst = PR_TRUE; break;
|
||||
|
||||
- case 'h': host = PORT_Strdup(optstate->value); break;
|
||||
+ case 'h':
|
||||
+ REQUIRE_ARG(optstate->option,optstate->value);
|
||||
+ host = PORT_Strdup(optstate->value);
|
||||
+ break;
|
||||
|
||||
case 'm':
|
||||
+ REQUIRE_ARG(optstate->option,optstate->value);
|
||||
multiplier = atoi(optstate->value);
|
||||
if (multiplier < 0)
|
||||
multiplier = 0;
|
||||
break;
|
||||
|
||||
- case 'n': nickname = PORT_Strdup(optstate->value); break;
|
||||
+ case 'n':
|
||||
+ REQUIRE_ARG(optstate->option,optstate->value);
|
||||
+ nickname = PORT_Strdup(optstate->value);
|
||||
+ break;
|
||||
|
||||
case 'o': override = 1; break;
|
||||
|
||||
- case 'p': portno = (PRUint16)atoi(optstate->value); break;
|
||||
+ case 'p':
|
||||
+ REQUIRE_ARG(optstate->option,optstate->value);
|
||||
+ portno = (PRUint16)atoi(optstate->value);
|
||||
+ break;
|
||||
|
||||
case 'q': pingServerFirst = PR_TRUE; break;
|
||||
|
||||
@@ -604,17 +631,22 @@ int main(int argc, char **argv)
|
||||
|
||||
case 'v': verbose++; break;
|
||||
|
||||
- case 'r': renegotiationsToDo = atoi(optstate->value); break;
|
||||
-
|
||||
- case 'w':
|
||||
- pwdata.source = PW_PLAINTEXT;
|
||||
- pwdata.data = PORT_Strdup(optstate->value);
|
||||
- break;
|
||||
-
|
||||
- case 'W':
|
||||
- pwdata.source = PW_FROMFILE;
|
||||
- pwdata.data = PORT_Strdup(optstate->value);
|
||||
- break;
|
||||
+ case 'r':
|
||||
+ REQUIRE_ARG(optstate->option,optstate->value);
|
||||
+ renegotiationsToDo = atoi(optstate->value);
|
||||
+ break;
|
||||
+
|
||||
+ case 'w':
|
||||
+ REQUIRE_ARG(optstate->option,optstate->value);
|
||||
+ pwdata.source = PW_PLAINTEXT;
|
||||
+ pwdata.data = PORT_Strdup(optstate->value);
|
||||
+ break;
|
||||
+
|
||||
+ case 'W':
|
||||
+ REQUIRE_ARG(optstate->option,optstate->value);
|
||||
+ pwdata.source = PW_FROMFILE;
|
||||
+ pwdata.data = PORT_Strdup(optstate->value);
|
||||
+ break;
|
||||
|
||||
case 'x': useExportPolicy = 1; break;
|
||||
|
||||
Index: ./mozilla/security/nss/cmd/vfychain/vfychain.c
|
||||
===================================================================
|
||||
RCS file: /cvsroot/mozilla/security/nss/cmd/vfychain/vfychain.c,v
|
||||
retrieving revision 1.30
|
||||
diff -u -p -r1.30 vfychain.c
|
||||
--- ./mozilla/security/nss/cmd/vfychain/vfychain.c 1 Apr 2009 20:41:29 -0000 1.30
|
||||
+++ ./mozilla/security/nss/cmd/vfychain/vfychain.c 2 Mar 2010 18:29:52 -0000
|
||||
@@ -432,6 +432,15 @@ isOCSPEnabled()
|
||||
return PR_FALSE;
|
||||
}
|
||||
|
||||
+static void
|
||||
+PrintMsgAndExit(const char *progName, char opt)
|
||||
+{
|
||||
+ fprintf(stderr, "%s: option -%c requires argument\n", progName, opt);
|
||||
+ Usage(progName);
|
||||
+}
|
||||
+
|
||||
+#define REQUIRE_ARG(opt,value) if (!(value)) PrintMsgAndExit(progName, opt)
|
||||
+
|
||||
int
|
||||
main(int argc, char *argv[], char *envp[])
|
||||
{
|
||||
@@ -469,12 +478,19 @@ main(int argc, char *argv[], char *envp[
|
||||
switch(optstate->option) {
|
||||
case 0 : /* positional parameter */ goto breakout;
|
||||
case 'a' : isAscii = PR_TRUE; break;
|
||||
- case 'b' : secStatus = DER_AsciiToTime(&time, optstate->value);
|
||||
- if (secStatus != SECSuccess) Usage(progName); break;
|
||||
- case 'd' : certDir = PL_strdup(optstate->value); break;
|
||||
+ case 'b' :
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
+ secStatus = DER_AsciiToTime(&time, optstate->value);
|
||||
+ if (secStatus != SECSuccess) Usage(progName);
|
||||
+ break;
|
||||
+ case 'd' :
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
+ certDir = PL_strdup(optstate->value);
|
||||
+ break;
|
||||
case 'e' : ocsp_fetchingFailureIsAFailure = PR_FALSE; break;
|
||||
case 'f' : certFetching = PR_TRUE; break;
|
||||
case 'g' :
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
if (revMethodsData[revDataIndex].testTypeStr ||
|
||||
revMethodsData[revDataIndex].methodTypeStr) {
|
||||
revDataIndex += 1;
|
||||
@@ -489,11 +505,13 @@ main(int argc, char *argv[], char *envp[
|
||||
revMethodsData[revDataIndex].
|
||||
testTypeStr = PL_strdup(optstate->value); break;
|
||||
case 'h' :
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
revMethodsData[revDataIndex].
|
||||
testFlagsStr = PL_strdup(optstate->value);break;
|
||||
case 'i' : vfyCounts = PORT_Atoi(optstate->value); break;
|
||||
break;
|
||||
case 'm' :
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
if (revMethodsData[revDataIndex].methodTypeStr) {
|
||||
revDataIndex += 1;
|
||||
if (revDataIndex == REV_METHOD_INDEX_MAX) {
|
||||
@@ -506,24 +524,33 @@ main(int argc, char *argv[], char *envp[
|
||||
useDefaultRevFlags = PR_FALSE;
|
||||
revMethodsData[revDataIndex].
|
||||
methodTypeStr = PL_strdup(optstate->value); break;
|
||||
- case 'o' : oidStr = PL_strdup(optstate->value); break;
|
||||
+ case 'o' :
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
+ oidStr = PL_strdup(optstate->value);
|
||||
+ break;
|
||||
case 'p' : usePkix += 1; break;
|
||||
case 'r' : isAscii = PR_FALSE; break;
|
||||
case 's' :
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
revMethodsData[revDataIndex].
|
||||
- methodFlagsStr = PL_strdup(optstate->value); break;
|
||||
+ methodFlagsStr = PL_strdup(optstate->value);
|
||||
+ break;
|
||||
case 't' : trusted = PR_TRUE; break;
|
||||
- case 'u' : usage = PORT_Atoi(optstate->value);
|
||||
+ case 'u' :
|
||||
+ REQUIRE_ARG(optstate->option,optstate->value);
|
||||
+ usage = PORT_Atoi(optstate->value);
|
||||
if (usage < 0 || usage > 62) Usage(progName);
|
||||
certUsage = ((SECCertificateUsage)1) << usage;
|
||||
if (certUsage > certificateUsageHighest) Usage(progName);
|
||||
break;
|
||||
case 'w':
|
||||
+ REQUIRE_ARG(optstate->option,optstate->value);
|
||||
pwdata.source = PW_PLAINTEXT;
|
||||
pwdata.data = PORT_Strdup(optstate->value);
|
||||
break;
|
||||
|
||||
case 'W':
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
pwdata.source = PW_FROMFILE;
|
||||
pwdata.data = PORT_Strdup(optstate->value);
|
||||
break;
|
||||
Index: ./mozilla/security/nss/cmd/vfyserv/vfyserv.c
|
||||
===================================================================
|
||||
RCS file: /cvsroot/mozilla/security/nss/cmd/vfyserv/vfyserv.c,v
|
||||
retrieving revision 1.17
|
||||
diff -u -p -r1.17 vfyserv.c
|
||||
--- ./mozilla/security/nss/cmd/vfyserv/vfyserv.c 8 Aug 2008 23:48:12 -0000 1.17
|
||||
+++ ./mozilla/security/nss/cmd/vfyserv/vfyserv.c 2 Mar 2010 18:29:52 -0000
|
||||
@@ -419,6 +419,15 @@ client_main(unsigned short port,
|
||||
Usage(progName); \
|
||||
}
|
||||
|
||||
+static void
|
||||
+PrintMsgAndExit(const char *progName, char opt)
|
||||
+{
|
||||
+ fprintf(stderr, "%s: option -%c requires argument\n", progName, opt);
|
||||
+ Usage(progName);
|
||||
+}
|
||||
+
|
||||
+#define REQUIRE_ARG(opt,value) if (!(value)) PrintMsgAndExit(progName, opt)
|
||||
+
|
||||
int
|
||||
main(int argc, char **argv)
|
||||
{
|
||||
@@ -442,23 +451,43 @@ main(int argc, char **argv)
|
||||
optstate = PL_CreateOptState(argc, argv, "C:cd:f:l:n:p:ot:w:");
|
||||
while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
|
||||
switch(optstate->option) {
|
||||
- case 'C' : cipherString = PL_strdup(optstate->value); break;
|
||||
- case 'c' : dumpChain = PR_TRUE; break;
|
||||
- case 'd' : certDir = PL_strdup(optstate->value); break;
|
||||
- case 'l' : respUrl = PL_strdup(optstate->value); break;
|
||||
- case 'p' : port = PORT_Atoi(optstate->value); break;
|
||||
- case 'o' : doOcspCheck = PR_TRUE; break;
|
||||
- case 't' : respCertName = PL_strdup(optstate->value); break;
|
||||
- case 'w':
|
||||
+ case 'C' :
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
+ cipherString = PL_strdup(optstate->value);
|
||||
+ break;
|
||||
+ case 'c' : dumpChain = PR_TRUE;
|
||||
+ break;
|
||||
+ case 'd' :
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
+ certDir = PL_strdup(optstate->value);
|
||||
+ break;
|
||||
+ case 'l' :
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
+ respUrl = PL_strdup(optstate->value);
|
||||
+ break;
|
||||
+ case 'p' :
|
||||
+ REQUIRE_ARG(optstate->option,optstate->value);
|
||||
+ port = PORT_Atoi(optstate->value);
|
||||
+ break;
|
||||
+ case 'o' : doOcspCheck = PR_TRUE;
|
||||
+ break;
|
||||
+ case 't' :
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
+ respCertName = PL_strdup(optstate->value);
|
||||
+ break;
|
||||
+ case 'w' :
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
pwdata.source = PW_PLAINTEXT;
|
||||
pwdata.data = PORT_Strdup(optstate->value);
|
||||
break;
|
||||
-
|
||||
case 'f':
|
||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||
pwdata.source = PW_FROMFILE;
|
||||
pwdata.data = PORT_Strdup(optstate->value);
|
||||
break;
|
||||
- case '\0': hostName = PL_strdup(optstate->value); break;
|
||||
+ case '\0':
|
||||
+ REQUIRE_ARG(optstate->option,optstate->value);
|
||||
+ hostName = PL_strdup(optstate->value); break;
|
||||
default : Usage(progName);
|
||||
}
|
||||
}
|
||||
Loading…
Reference in New Issue