Compare commits
62 Commits
Author | SHA1 | Date | |
---|---|---|---|
|
50cbda82a1 | ||
|
da88e559d7 | ||
|
ff4d21badd | ||
|
4b3a050e09 | ||
|
8b5f3e43f0 | ||
|
cf0b79176d | ||
|
9beb3fd357 | ||
|
ded5f79f77 | ||
|
8ff9d8e959 | ||
|
1b24056ef7 | ||
|
4e9256eccb | ||
|
11feb7633c | ||
|
c400a7a567 | ||
|
da8533319e | ||
|
1b4bbde082 | ||
|
0cac4288f2 | ||
|
4f8c61457c | ||
|
83140e6ec3 | ||
|
41067b8b40 | ||
|
5abae289d8 | ||
|
c2be9c41be | ||
|
527750ed60 | ||
|
92c7fb5676 | ||
|
576d83be9d | ||
|
3aff6cd3be | ||
|
e47aa30734 | ||
|
768a0d5745 | ||
|
68a35a4e2f | ||
|
c01002e05f | ||
|
5775837bbf | ||
|
cb9c7979b3 | ||
|
c7e7247590 | ||
|
125ad15fa4 | ||
|
6b07fe83cc | ||
|
ebac350c8b | ||
|
c4f8125ecb | ||
|
9c7cfa3932 | ||
|
c953934393 | ||
|
87235aed91 | ||
|
fdefa43e4d | ||
|
690f79c8fa | ||
|
0ade450edc | ||
|
e7079bbf54 | ||
|
b7d02ab064 | ||
|
94bf03b9c2 | ||
|
78e9db1518 | ||
|
9b182d22ed | ||
|
93c126b227 | ||
|
764f26ca9d | ||
|
6e2d989f14 | ||
|
96702ba123 | ||
|
64fa704d3a | ||
|
7cbeb9c7bc | ||
|
3ff6f4da98 | ||
|
d99a5ee0ec | ||
|
0a6cda68f8 | ||
|
6648a39610 | ||
|
6feac515e8 | ||
|
d8583442b1 | ||
|
c6b2155624 | ||
|
fbb4c50e05 | ||
|
5333c595c9 |
47
.gitignore
vendored
47
.gitignore
vendored
@ -1,51 +1,8 @@
|
||||
nss-3.12.10-stripped.tar.bz2
|
||||
nss-pem-20101125.tar.bz2
|
||||
blank-cert8.db
|
||||
blank-key3.db
|
||||
blank-secmod.db
|
||||
blank-cert9.db
|
||||
blank-key4.db
|
||||
PayPalEE.cert
|
||||
TestCA.ca.cert
|
||||
TestUser50.cert
|
||||
TestUser51.cert
|
||||
/PayPalRootCA.cert
|
||||
/PayPalICA.cert
|
||||
/nss-3.25.0.tar.gz
|
||||
/nss-3.26.0.tar.gz
|
||||
/nss-3.27.0.tar.gz
|
||||
/nss-3.27.2.tar.gz
|
||||
/nss-3.28.1.tar.gz
|
||||
/nss-3.29.0.tar.gz
|
||||
/nss-3.29.1.tar.gz
|
||||
/nss-3.30.0.tar.gz
|
||||
/nss-3.30.2.tar.gz
|
||||
/nss-3.31.0.tar.gz
|
||||
/nss-3.32.0.tar.gz
|
||||
/nss-3.32.1.tar.gz
|
||||
/nss-3.33.0.tar.gz
|
||||
/nss-3.34.0.tar.gz
|
||||
/nss-3.35.0.tar.gz
|
||||
/nss-3.36.0.tar.gz
|
||||
/nss-3.36.1.tar.gz
|
||||
/nss-3.37.1.tar.gz
|
||||
/nss-3.37.3.tar.gz
|
||||
/nss-3.38.0.tar.gz
|
||||
/nss-3.39.tar.gz
|
||||
/nss-3.40.1.tar.gz
|
||||
/nss-3.41.tar.gz
|
||||
/nss-3.42.tar.gz
|
||||
/nss-3.42.1.tar.gz
|
||||
/nss-3.43.tar.gz
|
||||
/nss-3.44.tar.gz
|
||||
/nss-3.44.1.tar.gz
|
||||
/nss-3.45.tar.gz
|
||||
/nss-3.46.tar.gz
|
||||
/nss-3.46.1.tar.gz
|
||||
/nss-3.47.tar.gz
|
||||
/nss-3.47.1.tar.gz
|
||||
/nss-3.48.tar.gz
|
||||
/nss-3.49.tar.gz
|
||||
/nss-3.49.2.tar.gz
|
||||
/nss-3.50.tar.gz
|
||||
/nss-3.51.tar.gz
|
||||
/nss-3.51.1.tar.gz
|
||||
/nss-3.52.tar.gz
|
||||
|
107
0001-Bug-695011-PEM-logging.patch
Normal file
107
0001-Bug-695011-PEM-logging.patch
Normal file
@ -0,0 +1,107 @@
|
||||
From 5c61cdba435096ee6e65cee4dc9a473430643c07 Mon Sep 17 00:00:00 2001
|
||||
From: Elio Maldonado <emaldona@redhat.com>
|
||||
Date: Tue, 12 Apr 2011 09:31:48 -0700
|
||||
Subject: [PATCH] Bug 695011 PEM logging
|
||||
|
||||
Use NSPR logging facilities for PEM logging to fix a segmenation violation
|
||||
caused when user cannot for write a log file created by root
|
||||
---
|
||||
mozilla/security/nss/lib/ckfw/pem/ckpem.h | 7 ++++-
|
||||
mozilla/security/nss/lib/ckfw/pem/util.c | 30 ++++++++++++++++------------
|
||||
2 files changed, 22 insertions(+), 15 deletions(-)
|
||||
|
||||
diff --git a/mozilla/security/nss/lib/ckfw/pem/ckpem.h b/mozilla/security/nss/lib/ckfw/pem/ckpem.h
|
||||
index 839d40b..720525e 100644
|
||||
--- a/mozilla/security/nss/lib/ckfw/pem/ckpem.h
|
||||
+++ b/mozilla/security/nss/lib/ckfw/pem/ckpem.h
|
||||
@@ -1,3 +1,6 @@
|
||||
+#ifndef CKPEM_H
|
||||
+#define CKPEM_H
|
||||
+
|
||||
#include "nssckmdt.h"
|
||||
#include "nssckfw.h"
|
||||
#include "ckfwtm.h"
|
||||
@@ -254,8 +257,8 @@ unsigned int pem_PrivateModulusLen(pemLOWKEYPrivateKey *privk);
|
||||
/* ptoken.c */
|
||||
NSSCKMDToken * pem_NewToken(NSSCKFWInstance *fwInstance, CK_RV *pError);
|
||||
|
||||
+/* util.c */
|
||||
void open_log();
|
||||
-void close_log();
|
||||
void plog(const char *fmt, ...);
|
||||
|
||||
-#define PEM_H 1
|
||||
+#endif /* CKPEM_H */
|
||||
diff --git a/mozilla/security/nss/lib/ckfw/pem/util.c b/mozilla/security/nss/lib/ckfw/pem/util.c
|
||||
index 853f418..fafb924 100644
|
||||
--- a/mozilla/security/nss/lib/ckfw/pem/util.c
|
||||
+++ b/mozilla/security/nss/lib/ckfw/pem/util.c
|
||||
@@ -41,6 +41,7 @@
|
||||
#include "prtime.h"
|
||||
#include "prlong.h"
|
||||
#include "prerror.h"
|
||||
+#include "prlog.h"
|
||||
#include "prprf.h"
|
||||
#include "plgetopt.h"
|
||||
#include "prenv.h"
|
||||
@@ -51,6 +52,9 @@
|
||||
#include "cryptohi.h"
|
||||
#include "secpkcs7.h"
|
||||
#include "secerr.h"
|
||||
+
|
||||
+#include "ckpem.h"
|
||||
+
|
||||
#include <stdarg.h>
|
||||
|
||||
#define CHUNK_SIZE 512
|
||||
@@ -267,34 +271,34 @@ ReadDERFromFile(SECItem *** derlist, char *filename, PRBool ascii,
|
||||
return -1;
|
||||
}
|
||||
|
||||
-FILE *plogfile;
|
||||
+#ifdef DEBUG
|
||||
+#define LOGGING_BUFFER_SIZE 400
|
||||
+#define PEM_DEFAULT_LOG_FILE "/tmp/pkcs11.log"
|
||||
+static const char *pemLogModuleName = "PEM";
|
||||
+static PRLogModuleInfo* pemLogModule;
|
||||
+#endif
|
||||
|
||||
void open_log()
|
||||
{
|
||||
#ifdef DEBUG
|
||||
- plogfile = fopen("/tmp/pkcs11.log", "a");
|
||||
-#endif
|
||||
+ const char *nsprLogFile = PR_GetEnv("NSPR_LOG_FILE");
|
||||
|
||||
- return;
|
||||
-}
|
||||
+ pemLogModule = PR_NewLogModule(pemLogModuleName);
|
||||
|
||||
-void close_log()
|
||||
-{
|
||||
-#ifdef DEBUG
|
||||
- fclose(plogfile);
|
||||
+ (void) PR_SetLogFile(nsprLogFile ? nsprLogFile : PEM_DEFAULT_LOG_FILE);
|
||||
+ /* If false, the log file will remain what it was before */
|
||||
#endif
|
||||
- return;
|
||||
}
|
||||
|
||||
void plog(const char *fmt, ...)
|
||||
{
|
||||
#ifdef DEBUG
|
||||
+ char buf[LOGGING_BUFFER_SIZE];
|
||||
va_list ap;
|
||||
|
||||
va_start(ap, fmt);
|
||||
- vfprintf(plogfile, fmt, ap);
|
||||
+ PR_vsnprintf(buf, sizeof(buf), fmt, ap);
|
||||
va_end(ap);
|
||||
-
|
||||
- fflush(plogfile);
|
||||
+ PR_LOG(pemLogModule, PR_LOG_DEBUG, ("%s", buf));
|
||||
#endif
|
||||
}
|
||||
--
|
||||
1.7.4.2
|
||||
|
68
STAGE2-nss
68
STAGE2-nss
@ -1,68 +0,0 @@
|
||||
#requires nspr
|
||||
#requires perl
|
||||
#requires nss-util
|
||||
#requires nss-softokn
|
||||
|
||||
mcd $BUILDDIR/nss
|
||||
|
||||
export BUILD_OPT=1
|
||||
export PKG_CONFIG_ALLOW_SYSTEM_LIBS=1
|
||||
export PKG_CONFIG_ALLOW_SYSTEM_CFLAGS=1
|
||||
export NSPR_INCLUDE_DIR=/usr/include/nspr
|
||||
export NSPR_LIB_DIR=/usr/lib${SUFFIX}
|
||||
export NSS_USE_SYSTEM_SQLITE=1
|
||||
export NSS_BUILD_WITHOUT_SOFTOKEN=1
|
||||
export USE_SYSTEM_SOFTOKEN=1
|
||||
export SOFTOKEN_LIB_DIR=/usr/lib${SUFFIX}
|
||||
export NSSUTIL_INCLUDE_DIR=/usr/include/nss3
|
||||
export NSSUTIL_LIB_DIR=/usr/lib${SUFFIX}
|
||||
export USE_SYSTEM_NSSUTIL=1
|
||||
export FREEBL_INCLUDE_DIR=/usr/include/nss3
|
||||
export FREEBL_LIB_DIR=/usr/lib${SUFFIX}
|
||||
export USE_SYSTEM_FREEBL=1
|
||||
export NSS_USE_SYSTEM_FREEBL=1
|
||||
export FREEBL_NO_DEPEND=1
|
||||
export IN_TREE_FREEBL_HEADERS_FIRST=1
|
||||
export NSS_BLTEST_NOT_AVAILABLE=1
|
||||
export NSS_NO_SSL2_NO_EXPORT=1
|
||||
export NSS_ECC_MORE_THAN_SUITE_B=1
|
||||
export NSS_NO_PKCS11_BYPASS=1
|
||||
#export NSDISTMODE="copy"
|
||||
|
||||
if [ "$SUFFIX" = "64" ]; then
|
||||
USE_64=1
|
||||
export USE_64
|
||||
fi
|
||||
|
||||
(cd $SRC/nss-3.* && mkdir -p dist/private/nss && cp nss/lib/ckfw/nssck.api dist/private/nss/)
|
||||
|
||||
make -C $SRC/nss-3.*/nss/coreconf
|
||||
make -C $SRC/nss-3.*/nss/lib/dbm
|
||||
|
||||
# nss/nssinit.c, ssl/sslcon.c, smime/smimeutil.c and ckfw/builtins/binst.c
|
||||
# need nss/verref.h which is exported privately, move it to where it can be found.
|
||||
(cd $SRC/nss-3.* && mkdir -p dist/private/nss && cp -a nss/verref.h dist/private/nss/)
|
||||
|
||||
make -C $SRC/nss-3.*/nss
|
||||
cd $SRC/nss-3.*/nss/coreconf
|
||||
make install
|
||||
cd $SRC/nss-3.*/nss/lib/dbm
|
||||
make install
|
||||
cd $SRC/nss-3.*/nss
|
||||
make install
|
||||
# Copy the binary libraries we want
|
||||
NSSLIBS="libnss3.so libnssckbi.so libnsspem.so libnsssysinit.so libsmime3.so libssl3.so"
|
||||
# BOZO: temporarily disable FIPS140 support
|
||||
#NSSLIBCHKS="libnssdbm3.chk libfreebl3.chk libsoftokn3.chk"
|
||||
NSSLIBCHKS=""
|
||||
# END BOZO
|
||||
cd $SRC/nss-3.*
|
||||
for file in $NSSLIBS $NSSLIBCHKS
|
||||
do
|
||||
install -p -m 755 dist/*.OBJ/lib/$file /usr/lib${SUFFIX}/
|
||||
done
|
||||
# Copy the include files we want
|
||||
for file in $SRC/nss-*/dist/public/nss/*.h
|
||||
do
|
||||
install -p -m 644 $file /usr/include/nss3/
|
||||
done
|
4457
builtins-nssckbi_1_87_rtm.patch
Normal file
4457
builtins-nssckbi_1_87_rtm.patch
Normal file
File diff suppressed because it is too large
Load Diff
637
builtins-nssckbi_1_88_rtm.patch
Normal file
637
builtins-nssckbi_1_88_rtm.patch
Normal file
@ -0,0 +1,637 @@
|
||||
diff -up ./mozilla/security/nss/lib/ckfw/builtins/certdata.c.ckbi188 ./mozilla/security/nss/lib/ckfw/builtins/certdata.c
|
||||
--- ./mozilla/security/nss/lib/ckfw/builtins/certdata.c.ckbi188 2011-11-03 13:52:25.634021626 -0700
|
||||
+++ ./mozilla/security/nss/lib/ckfw/builtins/certdata.c 2011-11-03 13:54:04.872021278 -0700
|
||||
@@ -35,7 +35,7 @@
|
||||
*
|
||||
* ***** END LICENSE BLOCK ***** */
|
||||
#ifdef DEBUG
|
||||
-static const char CVS_ID[] = "@(#) $RCSfile: certdata.c,v $ $Revision: 1.67.2.13 $ $Date: 2011/09/02 19:39:06 $""; @(#) $RCSfile: certdata.c,v $ $Revision: 1.67.2.13 $ $Date: 2011/09/02 19:39:06 $";
|
||||
+static const char CVS_ID[] = "@(#) $RCSfile: certdata.c,v $ $Revision: 1.67.2.14 $ $Date: 2011/11/03 15:12:14 $""; @(#) $RCSfile: certdata.c,v $ $Revision: 1.67.2.14 $ $Date: 2011/11/03 15:12:14 $";
|
||||
#endif /* DEBUG */
|
||||
|
||||
#ifndef BUILTINS_H
|
||||
@@ -1075,6 +1075,18 @@ static const CK_ATTRIBUTE_TYPE nss_built
|
||||
static const CK_ATTRIBUTE_TYPE nss_builtins_types_339 [] = {
|
||||
CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING, CKA_TRUST_STEP_UP_APPROVED
|
||||
};
|
||||
+static const CK_ATTRIBUTE_TYPE nss_builtins_types_340 [] = {
|
||||
+ CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
|
||||
+};
|
||||
+static const CK_ATTRIBUTE_TYPE nss_builtins_types_341 [] = {
|
||||
+ CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING, CKA_TRUST_STEP_UP_APPROVED
|
||||
+};
|
||||
+static const CK_ATTRIBUTE_TYPE nss_builtins_types_342 [] = {
|
||||
+ CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
|
||||
+};
|
||||
+static const CK_ATTRIBUTE_TYPE nss_builtins_types_343 [] = {
|
||||
+ CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING, CKA_TRUST_STEP_UP_APPROVED
|
||||
+};
|
||||
#ifdef DEBUG
|
||||
static const NSSItem nss_builtins_items_0 [] = {
|
||||
{ (void *)&cko_data, (PRUint32)sizeof(CK_OBJECT_CLASS) },
|
||||
@@ -1083,7 +1095,7 @@ static const NSSItem nss_builtins_items_
|
||||
{ (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
|
||||
{ (void *)"CVS ID", (PRUint32)7 },
|
||||
{ (void *)"NSS", (PRUint32)4 },
|
||||
- { (void *)"@(#) $RCSfile: certdata.c,v $ $Revision: 1.67.2.13 $ $Date: 2011/09/02 19:39:06 $""; @(#) $RCSfile: certdata.c,v $ $Revision: 1.67.2.13 $ $Date: 2011/09/02 19:39:06 $", (PRUint32)165 }
|
||||
+ { (void *)"@(#) $RCSfile: certdata.c,v $ $Revision: 1.67.2.14 $ $Date: 2011/11/03 15:12:14 $""; @(#) $RCSfile: certdata.c,v $ $Revision: 1.67.2.14 $ $Date: 2011/11/03 15:12:14 $", (PRUint32)165 }
|
||||
};
|
||||
#endif /* DEBUG */
|
||||
static const NSSItem nss_builtins_items_1 [] = {
|
||||
@@ -22600,6 +22612,266 @@ static const NSSItem nss_builtins_items_
|
||||
{ (void *)&ckt_netscape_untrusted, (PRUint32)sizeof(CK_TRUST) },
|
||||
{ (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
|
||||
};
|
||||
+static const NSSItem nss_builtins_items_340 [] = {
|
||||
+ { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
|
||||
+ { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
|
||||
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
|
||||
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
|
||||
+ { (void *)"Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (cyb)", (PRUint32)57 },
|
||||
+ { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
|
||||
+ { (void *)"\060\143\061\013\060\011\006\003\125\004\006\023\002\115\131\061"
|
||||
+"\033\060\031\006\003\125\004\012\023\022\104\151\147\151\143\145"
|
||||
+"\162\164\040\123\144\156\056\040\102\150\144\056\061\021\060\017"
|
||||
+"\006\003\125\004\013\023\010\064\065\067\066\060\070\055\113\061"
|
||||
+"\044\060\042\006\003\125\004\003\023\033\104\151\147\151\163\151"
|
||||
+"\147\156\040\123\145\162\166\145\162\040\111\104\040\050\105\156"
|
||||
+"\162\151\143\150\051"
|
||||
+, (PRUint32)101 },
|
||||
+ { (void *)"0", (PRUint32)2 },
|
||||
+ { (void *)"\060\165\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
|
||||
+"\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157"
|
||||
+"\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125"
|
||||
+"\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165"
|
||||
+"\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156"
|
||||
+"\143\056\061\043\060\041\006\003\125\004\003\023\032\107\124\105"
|
||||
+"\040\103\171\142\145\162\124\162\165\163\164\040\107\154\157\142"
|
||||
+"\141\154\040\122\157\157\164"
|
||||
+, (PRUint32)119 },
|
||||
+ { (void *)"\002\006\007\377\377\377\377\377"
|
||||
+, (PRUint32)8 },
|
||||
+ { (void *)"\060\202\003\315\060\202\003\066\240\003\002\001\002\002\006\007"
|
||||
+"\377\377\377\377\377\060\015\006\011\052\206\110\206\367\015\001"
|
||||
+"\001\005\005\000\060\165\061\013\060\011\006\003\125\004\006\023"
|
||||
+"\002\125\123\061\030\060\026\006\003\125\004\012\023\017\107\124"
|
||||
+"\105\040\103\157\162\160\157\162\141\164\151\157\156\061\047\060"
|
||||
+"\045\006\003\125\004\013\023\036\107\124\105\040\103\171\142\145"
|
||||
+"\162\124\162\165\163\164\040\123\157\154\165\164\151\157\156\163"
|
||||
+"\054\040\111\156\143\056\061\043\060\041\006\003\125\004\003\023"
|
||||
+"\032\107\124\105\040\103\171\142\145\162\124\162\165\163\164\040"
|
||||
+"\107\154\157\142\141\154\040\122\157\157\164\060\036\027\015\060"
|
||||
+"\067\060\067\061\067\061\065\061\067\064\071\132\027\015\061\062"
|
||||
+"\060\067\061\067\061\065\061\066\065\065\132\060\143\061\013\060"
|
||||
+"\011\006\003\125\004\006\023\002\115\131\061\033\060\031\006\003"
|
||||
+"\125\004\012\023\022\104\151\147\151\143\145\162\164\040\123\144"
|
||||
+"\156\056\040\102\150\144\056\061\021\060\017\006\003\125\004\013"
|
||||
+"\023\010\064\065\067\066\060\070\055\113\061\044\060\042\006\003"
|
||||
+"\125\004\003\023\033\104\151\147\151\163\151\147\156\040\123\145"
|
||||
+"\162\166\145\162\040\111\104\040\050\105\156\162\151\143\150\051"
|
||||
+"\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001\001"
|
||||
+"\005\000\003\201\215\000\060\201\211\002\201\201\000\255\250\144"
|
||||
+"\113\115\207\307\204\131\271\373\220\106\240\246\211\300\361\376"
|
||||
+"\325\332\124\202\067\015\231\053\105\046\012\350\126\260\177\312"
|
||||
+"\250\364\216\107\204\001\202\051\343\263\152\265\221\363\373\225"
|
||||
+"\205\274\162\250\144\350\012\100\234\305\364\161\256\173\173\152"
|
||||
+"\007\352\220\024\117\215\211\257\224\253\262\006\324\002\152\173"
|
||||
+"\230\037\131\271\072\315\124\372\040\337\262\052\012\351\270\335"
|
||||
+"\151\220\300\051\323\116\320\227\355\146\314\305\031\111\006\177"
|
||||
+"\372\136\054\174\173\205\033\062\102\337\173\225\045\002\003\001"
|
||||
+"\000\001\243\202\001\170\060\202\001\164\060\022\006\003\125\035"
|
||||
+"\023\001\001\377\004\010\060\006\001\001\377\002\001\000\060\134"
|
||||
+"\006\003\125\035\040\004\125\060\123\060\110\006\011\053\006\001"
|
||||
+"\004\001\261\076\001\000\060\073\060\071\006\010\053\006\001\005"
|
||||
+"\005\007\002\001\026\055\150\164\164\160\072\057\057\143\171\142"
|
||||
+"\145\162\164\162\165\163\164\056\157\155\156\151\162\157\157\164"
|
||||
+"\056\143\157\155\057\162\145\160\157\163\151\164\157\162\171\056"
|
||||
+"\143\146\155\060\007\006\005\140\203\112\001\001\060\016\006\003"
|
||||
+"\125\035\017\001\001\377\004\004\003\002\001\346\060\201\211\006"
|
||||
+"\003\125\035\043\004\201\201\060\177\241\171\244\167\060\165\061"
|
||||
+"\013\060\011\006\003\125\004\006\023\002\125\123\061\030\060\026"
|
||||
+"\006\003\125\004\012\023\017\107\124\105\040\103\157\162\160\157"
|
||||
+"\162\141\164\151\157\156\061\047\060\045\006\003\125\004\013\023"
|
||||
+"\036\107\124\105\040\103\171\142\145\162\124\162\165\163\164\040"
|
||||
+"\123\157\154\165\164\151\157\156\163\054\040\111\156\143\056\061"
|
||||
+"\043\060\041\006\003\125\004\003\023\032\107\124\105\040\103\171"
|
||||
+"\142\145\162\124\162\165\163\164\040\107\154\157\142\141\154\040"
|
||||
+"\122\157\157\164\202\002\001\245\060\105\006\003\125\035\037\004"
|
||||
+"\076\060\074\060\072\240\070\240\066\206\064\150\164\164\160\072"
|
||||
+"\057\057\167\167\167\056\160\165\142\154\151\143\055\164\162\165"
|
||||
+"\163\164\056\143\157\155\057\143\147\151\055\142\151\156\057\103"
|
||||
+"\122\114\057\062\060\061\070\057\143\144\160\056\143\162\154\060"
|
||||
+"\035\006\003\125\035\016\004\026\004\024\306\026\223\116\026\027"
|
||||
+"\354\026\256\214\224\166\363\206\155\305\164\156\204\167\060\015"
|
||||
+"\006\011\052\206\110\206\367\015\001\001\005\005\000\003\201\201"
|
||||
+"\000\166\000\173\246\170\053\146\035\216\136\066\306\244\216\005"
|
||||
+"\362\043\222\174\223\147\323\364\300\012\175\213\055\331\352\325"
|
||||
+"\157\032\363\341\112\051\132\042\204\115\120\057\113\014\362\377"
|
||||
+"\205\302\173\125\324\104\202\276\155\254\147\216\274\264\037\222"
|
||||
+"\234\121\200\032\024\366\156\253\141\210\013\255\034\177\367\113"
|
||||
+"\120\121\326\145\033\246\107\161\025\136\260\161\363\065\024\362"
|
||||
+"\067\275\143\310\325\360\223\132\064\137\330\075\350\135\367\305"
|
||||
+"\036\300\345\317\037\206\044\251\074\007\146\315\301\322\066\143"
|
||||
+"\131"
|
||||
+, (PRUint32)977 }
|
||||
+};
|
||||
+static const NSSItem nss_builtins_items_341 [] = {
|
||||
+ { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
|
||||
+ { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
|
||||
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
|
||||
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
|
||||
+ { (void *)"Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (cyb)", (PRUint32)57 },
|
||||
+ { (void *)"\125\120\257\354\277\350\303\255\304\013\343\255\014\247\344\025"
|
||||
+"\214\071\131\117"
|
||||
+, (PRUint32)20 },
|
||||
+ { (void *)"\322\336\256\120\244\230\055\157\067\267\206\122\310\055\113\152"
|
||||
+, (PRUint32)16 },
|
||||
+ { (void *)"\060\165\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
|
||||
+"\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157"
|
||||
+"\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125"
|
||||
+"\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165"
|
||||
+"\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156"
|
||||
+"\143\056\061\043\060\041\006\003\125\004\003\023\032\107\124\105"
|
||||
+"\040\103\171\142\145\162\124\162\165\163\164\040\107\154\157\142"
|
||||
+"\141\154\040\122\157\157\164"
|
||||
+, (PRUint32)119 },
|
||||
+ { (void *)"\002\006\007\377\377\377\377\377"
|
||||
+, (PRUint32)8 },
|
||||
+ { (void *)&ckt_netscape_untrusted, (PRUint32)sizeof(CK_TRUST) },
|
||||
+ { (void *)&ckt_netscape_untrusted, (PRUint32)sizeof(CK_TRUST) },
|
||||
+ { (void *)&ckt_netscape_untrusted, (PRUint32)sizeof(CK_TRUST) },
|
||||
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
|
||||
+};
|
||||
+static const NSSItem nss_builtins_items_342 [] = {
|
||||
+ { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
|
||||
+ { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
|
||||
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
|
||||
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
|
||||
+ { (void *)"Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (en)", (PRUint32)56 },
|
||||
+ { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
|
||||
+ { (void *)"\060\145\061\013\060\011\006\003\125\004\006\023\002\115\131\061"
|
||||
+"\033\060\031\006\003\125\004\012\023\022\104\151\147\151\143\145"
|
||||
+"\162\164\040\123\144\156\056\040\102\150\144\056\061\021\060\017"
|
||||
+"\006\003\125\004\013\023\010\064\065\067\066\060\070\055\113\061"
|
||||
+"\046\060\044\006\003\125\004\003\023\035\104\151\147\151\163\151"
|
||||
+"\147\156\040\123\145\162\166\145\162\040\111\104\040\055\040\050"
|
||||
+"\105\156\162\151\143\150\051"
|
||||
+, (PRUint32)103 },
|
||||
+ { (void *)"0", (PRUint32)2 },
|
||||
+ { (void *)"\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156"
|
||||
+"\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125"
|
||||
+"\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056"
|
||||
+"\156\145\164\057\103\120\123\137\062\060\064\070\040\151\156\143"
|
||||
+"\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151"
|
||||
+"\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006"
|
||||
+"\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105"
|
||||
+"\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164"
|
||||
+"\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164"
|
||||
+"\162\165\163\164\056\156\145\164\040\103\145\162\164\151\146\151"
|
||||
+"\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171"
|
||||
+"\040\050\062\060\064\070\051"
|
||||
+, (PRUint32)183 },
|
||||
+ { (void *)"\002\006\007\377\377\377\377\377"
|
||||
+, (PRUint32)8 },
|
||||
+ { (void *)"\060\202\004\320\060\202\003\270\240\003\002\001\002\002\006\007"
|
||||
+"\377\377\377\377\377\060\015\006\011\052\206\110\206\367\015\001"
|
||||
+"\001\005\005\000\060\201\264\061\024\060\022\006\003\125\004\012"
|
||||
+"\023\013\105\156\164\162\165\163\164\056\156\145\164\061\100\060"
|
||||
+"\076\006\003\125\004\013\024\067\167\167\167\056\145\156\164\162"
|
||||
+"\165\163\164\056\156\145\164\057\103\120\123\137\062\060\064\070"
|
||||
+"\040\151\156\143\157\162\160\056\040\142\171\040\162\145\146\056"
|
||||
+"\040\050\154\151\155\151\164\163\040\154\151\141\142\056\051\061"
|
||||
+"\045\060\043\006\003\125\004\013\023\034\050\143\051\040\061\071"
|
||||
+"\071\071\040\105\156\164\162\165\163\164\056\156\145\164\040\114"
|
||||
+"\151\155\151\164\145\144\061\063\060\061\006\003\125\004\003\023"
|
||||
+"\052\105\156\164\162\165\163\164\056\156\145\164\040\103\145\162"
|
||||
+"\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157"
|
||||
+"\162\151\164\171\040\050\062\060\064\070\051\060\036\027\015\061"
|
||||
+"\060\060\067\061\066\061\067\062\063\063\070\132\027\015\061\065"
|
||||
+"\060\067\061\066\061\067\065\063\063\070\132\060\145\061\013\060"
|
||||
+"\011\006\003\125\004\006\023\002\115\131\061\033\060\031\006\003"
|
||||
+"\125\004\012\023\022\104\151\147\151\143\145\162\164\040\123\144"
|
||||
+"\156\056\040\102\150\144\056\061\021\060\017\006\003\125\004\013"
|
||||
+"\023\010\064\065\067\066\060\070\055\113\061\046\060\044\006\003"
|
||||
+"\125\004\003\023\035\104\151\147\151\163\151\147\156\040\123\145"
|
||||
+"\162\166\145\162\040\111\104\040\055\040\050\105\156\162\151\143"
|
||||
+"\150\051\060\202\001\042\060\015\006\011\052\206\110\206\367\015"
|
||||
+"\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202"
|
||||
+"\001\001\000\305\211\344\364\015\006\100\222\131\307\032\263\065"
|
||||
+"\321\016\114\052\063\371\370\257\312\236\177\356\271\247\155\140"
|
||||
+"\364\124\350\157\325\233\363\033\143\061\004\150\162\321\064\026"
|
||||
+"\214\264\027\054\227\336\163\305\330\220\025\240\032\053\365\313"
|
||||
+"\263\110\206\104\360\035\210\114\316\101\102\032\357\365\014\336"
|
||||
+"\376\100\332\071\040\367\006\125\072\152\235\106\301\322\157\245"
|
||||
+"\262\310\127\076\051\243\234\340\351\205\167\146\350\230\247\044"
|
||||
+"\176\276\300\131\040\345\104\157\266\127\330\276\316\302\145\167"
|
||||
+"\130\306\141\101\321\164\004\310\177\111\102\305\162\251\162\026"
|
||||
+"\356\214\335\022\135\264\112\324\321\257\120\267\330\252\165\166"
|
||||
+"\150\255\076\135\252\060\155\141\250\253\020\133\076\023\277\063"
|
||||
+"\340\257\104\235\070\042\133\357\114\057\246\161\046\025\046\312"
|
||||
+"\050\214\331\372\216\216\251\242\024\065\342\233\044\210\264\364"
|
||||
+"\177\205\235\203\117\007\241\266\024\220\066\304\064\034\215\046"
|
||||
+"\141\155\023\157\170\276\350\217\047\307\113\204\226\243\206\150"
|
||||
+"\014\043\276\013\354\214\224\000\251\004\212\023\220\367\337\205"
|
||||
+"\154\014\261\002\003\001\000\001\243\202\001\064\060\202\001\060"
|
||||
+"\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001\006"
|
||||
+"\060\022\006\003\125\035\023\001\001\377\004\010\060\006\001\001"
|
||||
+"\377\002\001\000\060\047\006\003\125\035\045\004\040\060\036\006"
|
||||
+"\010\053\006\001\005\005\007\003\001\006\010\053\006\001\005\005"
|
||||
+"\007\003\002\006\010\053\006\001\005\005\007\003\004\060\063\006"
|
||||
+"\010\053\006\001\005\005\007\001\001\004\047\060\045\060\043\006"
|
||||
+"\010\053\006\001\005\005\007\060\001\206\027\150\164\164\160\072"
|
||||
+"\057\057\157\143\163\160\056\145\156\164\162\165\163\164\056\156"
|
||||
+"\145\164\060\104\006\003\125\035\040\004\075\060\073\060\071\006"
|
||||
+"\005\140\203\112\001\001\060\060\060\056\006\010\053\006\001\005"
|
||||
+"\005\007\002\001\026\042\150\164\164\160\072\057\057\167\167\167"
|
||||
+"\056\144\151\147\151\143\145\162\164\056\143\157\155\056\155\171"
|
||||
+"\057\143\160\163\056\150\164\155\060\062\006\003\125\035\037\004"
|
||||
+"\053\060\051\060\047\240\045\240\043\206\041\150\164\164\160\072"
|
||||
+"\057\057\143\162\154\056\145\156\164\162\165\163\164\056\156\145"
|
||||
+"\164\057\062\060\064\070\143\141\056\143\162\154\060\021\006\003"
|
||||
+"\125\035\016\004\012\004\010\114\116\314\045\050\003\051\201\060"
|
||||
+"\037\006\003\125\035\043\004\030\060\026\200\024\125\344\201\321"
|
||||
+"\021\200\276\330\211\271\010\243\061\371\241\044\011\026\271\160"
|
||||
+"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003"
|
||||
+"\202\001\001\000\227\114\357\112\072\111\254\162\374\060\040\153"
|
||||
+"\264\051\133\247\305\225\004\220\371\062\325\302\205\152\336\003"
|
||||
+"\241\067\371\211\000\260\132\254\125\176\333\103\065\377\311\001"
|
||||
+"\370\121\276\314\046\312\310\152\244\304\124\076\046\036\347\014"
|
||||
+"\243\315\227\147\224\335\246\102\353\134\315\217\071\171\153\063"
|
||||
+"\171\041\006\171\372\202\104\025\231\314\301\267\071\323\106\142"
|
||||
+"\174\262\160\353\157\316\040\252\076\031\267\351\164\202\234\264"
|
||||
+"\245\113\115\141\000\067\344\207\322\362\024\072\144\174\270\251"
|
||||
+"\173\141\340\223\042\347\325\237\076\107\346\066\166\240\123\330"
|
||||
+"\000\003\072\017\265\063\376\226\312\323\322\202\072\056\335\327"
|
||||
+"\110\341\344\247\151\314\034\351\231\112\347\312\160\105\327\013"
|
||||
+"\007\016\232\165\033\320\057\222\157\366\244\007\303\275\034\113"
|
||||
+"\246\204\266\175\250\232\251\322\247\051\361\013\127\151\036\227"
|
||||
+"\127\046\354\053\103\254\324\105\203\005\000\351\343\360\106\100"
|
||||
+"\007\372\352\261\121\163\223\034\245\335\123\021\067\310\052\247"
|
||||
+"\025\047\035\264\252\314\177\252\061\060\374\270\105\237\110\011"
|
||||
+"\355\020\342\305"
|
||||
+, (PRUint32)1236 }
|
||||
+};
|
||||
+static const NSSItem nss_builtins_items_343 [] = {
|
||||
+ { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
|
||||
+ { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
|
||||
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
|
||||
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
|
||||
+ { (void *)"Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (en)", (PRUint32)56 },
|
||||
+ { (void *)"\153\074\073\200\255\312\246\272\212\237\124\246\172\355\022\151"
|
||||
+"\005\155\061\046"
|
||||
+, (PRUint32)20 },
|
||||
+ { (void *)"\327\151\141\177\065\017\234\106\243\252\353\370\125\374\204\362"
|
||||
+, (PRUint32)16 },
|
||||
+ { (void *)"\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156"
|
||||
+"\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125"
|
||||
+"\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056"
|
||||
+"\156\145\164\057\103\120\123\137\062\060\064\070\040\151\156\143"
|
||||
+"\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151"
|
||||
+"\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006"
|
||||
+"\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105"
|
||||
+"\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164"
|
||||
+"\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164"
|
||||
+"\162\165\163\164\056\156\145\164\040\103\145\162\164\151\146\151"
|
||||
+"\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171"
|
||||
+"\040\050\062\060\064\070\051"
|
||||
+, (PRUint32)183 },
|
||||
+ { (void *)"\002\006\007\377\377\377\377\377"
|
||||
+, (PRUint32)8 },
|
||||
+ { (void *)&ckt_netscape_untrusted, (PRUint32)sizeof(CK_TRUST) },
|
||||
+ { (void *)&ckt_netscape_untrusted, (PRUint32)sizeof(CK_TRUST) },
|
||||
+ { (void *)&ckt_netscape_untrusted, (PRUint32)sizeof(CK_TRUST) },
|
||||
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
|
||||
+};
|
||||
|
||||
builtinsInternalObject
|
||||
nss_builtins_data[] = {
|
||||
@@ -22944,11 +23216,15 @@ nss_builtins_data[] = {
|
||||
{ 11, nss_builtins_types_336, nss_builtins_items_336, {NULL} },
|
||||
{ 13, nss_builtins_types_337, nss_builtins_items_337, {NULL} },
|
||||
{ 11, nss_builtins_types_338, nss_builtins_items_338, {NULL} },
|
||||
- { 13, nss_builtins_types_339, nss_builtins_items_339, {NULL} }
|
||||
+ { 13, nss_builtins_types_339, nss_builtins_items_339, {NULL} },
|
||||
+ { 11, nss_builtins_types_340, nss_builtins_items_340, {NULL} },
|
||||
+ { 13, nss_builtins_types_341, nss_builtins_items_341, {NULL} },
|
||||
+ { 11, nss_builtins_types_342, nss_builtins_items_342, {NULL} },
|
||||
+ { 13, nss_builtins_types_343, nss_builtins_items_343, {NULL} }
|
||||
};
|
||||
const PRUint32
|
||||
#ifdef DEBUG
|
||||
- nss_builtins_nObjects = 339+1;
|
||||
+ nss_builtins_nObjects = 343+1;
|
||||
#else
|
||||
- nss_builtins_nObjects = 339;
|
||||
+ nss_builtins_nObjects = 343;
|
||||
#endif /* DEBUG */
|
||||
diff -up ./mozilla/security/nss/lib/ckfw/builtins/certdata.txt.ckbi188 ./mozilla/security/nss/lib/ckfw/builtins/certdata.txt
|
||||
--- ./mozilla/security/nss/lib/ckfw/builtins/certdata.txt.ckbi188 2011-11-03 13:52:50.979012198 -0700
|
||||
+++ ./mozilla/security/nss/lib/ckfw/builtins/certdata.txt 2011-11-03 13:54:37.485020788 -0700
|
||||
@@ -34,7 +34,7 @@
|
||||
# the terms of any one of the MPL, the GPL or the LGPL.
|
||||
#
|
||||
# ***** END LICENSE BLOCK *****
|
||||
-CVS_ID "@(#) $RCSfile: certdata.txt,v $ $Revision: 1.64.2.13 $ $Date: 2011/09/02 19:39:06 $"
|
||||
+CVS_ID "@(#) $RCSfile: certdata.txt,v $ $Revision: 1.64.2.14 $ $Date: 2011/11/03 15:12:15 $"
|
||||
|
||||
#
|
||||
# certdata.txt
|
||||
@@ -23299,3 +23299,284 @@ CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSC
|
||||
CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_UNTRUSTED
|
||||
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_UNTRUSTED
|
||||
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
|
||||
+
|
||||
+#
|
||||
+# Certificate "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (cyb)"
|
||||
+#
|
||||
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
|
||||
+CKA_TOKEN CK_BBOOL CK_TRUE
|
||||
+CKA_PRIVATE CK_BBOOL CK_FALSE
|
||||
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
|
||||
+CKA_LABEL UTF8 "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (cyb)"
|
||||
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
|
||||
+CKA_SUBJECT MULTILINE_OCTAL
|
||||
+\060\143\061\013\060\011\006\003\125\004\006\023\002\115\131\061
|
||||
+\033\060\031\006\003\125\004\012\023\022\104\151\147\151\143\145
|
||||
+\162\164\040\123\144\156\056\040\102\150\144\056\061\021\060\017
|
||||
+\006\003\125\004\013\023\010\064\065\067\066\060\070\055\113\061
|
||||
+\044\060\042\006\003\125\004\003\023\033\104\151\147\151\163\151
|
||||
+\147\156\040\123\145\162\166\145\162\040\111\104\040\050\105\156
|
||||
+\162\151\143\150\051
|
||||
+END
|
||||
+CKA_ID UTF8 "0"
|
||||
+CKA_ISSUER MULTILINE_OCTAL
|
||||
+\060\165\061\013\060\011\006\003\125\004\006\023\002\125\123\061
|
||||
+\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157
|
||||
+\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125
|
||||
+\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165
|
||||
+\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156
|
||||
+\143\056\061\043\060\041\006\003\125\004\003\023\032\107\124\105
|
||||
+\040\103\171\142\145\162\124\162\165\163\164\040\107\154\157\142
|
||||
+\141\154\040\122\157\157\164
|
||||
+END
|
||||
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
|
||||
+\002\006\007\377\377\377\377\377
|
||||
+END
|
||||
+CKA_VALUE MULTILINE_OCTAL
|
||||
+\060\202\003\315\060\202\003\066\240\003\002\001\002\002\006\007
|
||||
+\377\377\377\377\377\060\015\006\011\052\206\110\206\367\015\001
|
||||
+\001\005\005\000\060\165\061\013\060\011\006\003\125\004\006\023
|
||||
+\002\125\123\061\030\060\026\006\003\125\004\012\023\017\107\124
|
||||
+\105\040\103\157\162\160\157\162\141\164\151\157\156\061\047\060
|
||||
+\045\006\003\125\004\013\023\036\107\124\105\040\103\171\142\145
|
||||
+\162\124\162\165\163\164\040\123\157\154\165\164\151\157\156\163
|
||||
+\054\040\111\156\143\056\061\043\060\041\006\003\125\004\003\023
|
||||
+\032\107\124\105\040\103\171\142\145\162\124\162\165\163\164\040
|
||||
+\107\154\157\142\141\154\040\122\157\157\164\060\036\027\015\060
|
||||
+\067\060\067\061\067\061\065\061\067\064\071\132\027\015\061\062
|
||||
+\060\067\061\067\061\065\061\066\065\065\132\060\143\061\013\060
|
||||
+\011\006\003\125\004\006\023\002\115\131\061\033\060\031\006\003
|
||||
+\125\004\012\023\022\104\151\147\151\143\145\162\164\040\123\144
|
||||
+\156\056\040\102\150\144\056\061\021\060\017\006\003\125\004\013
|
||||
+\023\010\064\065\067\066\060\070\055\113\061\044\060\042\006\003
|
||||
+\125\004\003\023\033\104\151\147\151\163\151\147\156\040\123\145
|
||||
+\162\166\145\162\040\111\104\040\050\105\156\162\151\143\150\051
|
||||
+\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001\001
|
||||
+\005\000\003\201\215\000\060\201\211\002\201\201\000\255\250\144
|
||||
+\113\115\207\307\204\131\271\373\220\106\240\246\211\300\361\376
|
||||
+\325\332\124\202\067\015\231\053\105\046\012\350\126\260\177\312
|
||||
+\250\364\216\107\204\001\202\051\343\263\152\265\221\363\373\225
|
||||
+\205\274\162\250\144\350\012\100\234\305\364\161\256\173\173\152
|
||||
+\007\352\220\024\117\215\211\257\224\253\262\006\324\002\152\173
|
||||
+\230\037\131\271\072\315\124\372\040\337\262\052\012\351\270\335
|
||||
+\151\220\300\051\323\116\320\227\355\146\314\305\031\111\006\177
|
||||
+\372\136\054\174\173\205\033\062\102\337\173\225\045\002\003\001
|
||||
+\000\001\243\202\001\170\060\202\001\164\060\022\006\003\125\035
|
||||
+\023\001\001\377\004\010\060\006\001\001\377\002\001\000\060\134
|
||||
+\006\003\125\035\040\004\125\060\123\060\110\006\011\053\006\001
|
||||
+\004\001\261\076\001\000\060\073\060\071\006\010\053\006\001\005
|
||||
+\005\007\002\001\026\055\150\164\164\160\072\057\057\143\171\142
|
||||
+\145\162\164\162\165\163\164\056\157\155\156\151\162\157\157\164
|
||||
+\056\143\157\155\057\162\145\160\157\163\151\164\157\162\171\056
|
||||
+\143\146\155\060\007\006\005\140\203\112\001\001\060\016\006\003
|
||||
+\125\035\017\001\001\377\004\004\003\002\001\346\060\201\211\006
|
||||
+\003\125\035\043\004\201\201\060\177\241\171\244\167\060\165\061
|
||||
+\013\060\011\006\003\125\004\006\023\002\125\123\061\030\060\026
|
||||
+\006\003\125\004\012\023\017\107\124\105\040\103\157\162\160\157
|
||||
+\162\141\164\151\157\156\061\047\060\045\006\003\125\004\013\023
|
||||
+\036\107\124\105\040\103\171\142\145\162\124\162\165\163\164\040
|
||||
+\123\157\154\165\164\151\157\156\163\054\040\111\156\143\056\061
|
||||
+\043\060\041\006\003\125\004\003\023\032\107\124\105\040\103\171
|
||||
+\142\145\162\124\162\165\163\164\040\107\154\157\142\141\154\040
|
||||
+\122\157\157\164\202\002\001\245\060\105\006\003\125\035\037\004
|
||||
+\076\060\074\060\072\240\070\240\066\206\064\150\164\164\160\072
|
||||
+\057\057\167\167\167\056\160\165\142\154\151\143\055\164\162\165
|
||||
+\163\164\056\143\157\155\057\143\147\151\055\142\151\156\057\103
|
||||
+\122\114\057\062\060\061\070\057\143\144\160\056\143\162\154\060
|
||||
+\035\006\003\125\035\016\004\026\004\024\306\026\223\116\026\027
|
||||
+\354\026\256\214\224\166\363\206\155\305\164\156\204\167\060\015
|
||||
+\006\011\052\206\110\206\367\015\001\001\005\005\000\003\201\201
|
||||
+\000\166\000\173\246\170\053\146\035\216\136\066\306\244\216\005
|
||||
+\362\043\222\174\223\147\323\364\300\012\175\213\055\331\352\325
|
||||
+\157\032\363\341\112\051\132\042\204\115\120\057\113\014\362\377
|
||||
+\205\302\173\125\324\104\202\276\155\254\147\216\274\264\037\222
|
||||
+\234\121\200\032\024\366\156\253\141\210\013\255\034\177\367\113
|
||||
+\120\121\326\145\033\246\107\161\025\136\260\161\363\065\024\362
|
||||
+\067\275\143\310\325\360\223\132\064\137\330\075\350\135\367\305
|
||||
+\036\300\345\317\037\206\044\251\074\007\146\315\301\322\066\143
|
||||
+\131
|
||||
+END
|
||||
+
|
||||
+# Trust for Certificate "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (cyb)"
|
||||
+CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
|
||||
+CKA_TOKEN CK_BBOOL CK_TRUE
|
||||
+CKA_PRIVATE CK_BBOOL CK_FALSE
|
||||
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
|
||||
+CKA_LABEL UTF8 "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (cyb)"
|
||||
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
|
||||
+\125\120\257\354\277\350\303\255\304\013\343\255\014\247\344\025
|
||||
+\214\071\131\117
|
||||
+END
|
||||
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
|
||||
+\322\336\256\120\244\230\055\157\067\267\206\122\310\055\113\152
|
||||
+END
|
||||
+CKA_ISSUER MULTILINE_OCTAL
|
||||
+\060\165\061\013\060\011\006\003\125\004\006\023\002\125\123\061
|
||||
+\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157
|
||||
+\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125
|
||||
+\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165
|
||||
+\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156
|
||||
+\143\056\061\043\060\041\006\003\125\004\003\023\032\107\124\105
|
||||
+\040\103\171\142\145\162\124\162\165\163\164\040\107\154\157\142
|
||||
+\141\154\040\122\157\157\164
|
||||
+END
|
||||
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
|
||||
+\002\006\007\377\377\377\377\377
|
||||
+END
|
||||
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_UNTRUSTED
|
||||
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_UNTRUSTED
|
||||
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_UNTRUSTED
|
||||
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
|
||||
+
|
||||
+#
|
||||
+# Certificate "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (en)"
|
||||
+#
|
||||
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
|
||||
+CKA_TOKEN CK_BBOOL CK_TRUE
|
||||
+CKA_PRIVATE CK_BBOOL CK_FALSE
|
||||
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
|
||||
+CKA_LABEL UTF8 "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (en)"
|
||||
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
|
||||
+CKA_SUBJECT MULTILINE_OCTAL
|
||||
+\060\145\061\013\060\011\006\003\125\004\006\023\002\115\131\061
|
||||
+\033\060\031\006\003\125\004\012\023\022\104\151\147\151\143\145
|
||||
+\162\164\040\123\144\156\056\040\102\150\144\056\061\021\060\017
|
||||
+\006\003\125\004\013\023\010\064\065\067\066\060\070\055\113\061
|
||||
+\046\060\044\006\003\125\004\003\023\035\104\151\147\151\163\151
|
||||
+\147\156\040\123\145\162\166\145\162\040\111\104\040\055\040\050
|
||||
+\105\156\162\151\143\150\051
|
||||
+END
|
||||
+CKA_ID UTF8 "0"
|
||||
+CKA_ISSUER MULTILINE_OCTAL
|
||||
+\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156
|
||||
+\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125
|
||||
+\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056
|
||||
+\156\145\164\057\103\120\123\137\062\060\064\070\040\151\156\143
|
||||
+\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151
|
||||
+\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006
|
||||
+\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105
|
||||
+\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164
|
||||
+\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164
|
||||
+\162\165\163\164\056\156\145\164\040\103\145\162\164\151\146\151
|
||||
+\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
|
||||
+\040\050\062\060\064\070\051
|
||||
+END
|
||||
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
|
||||
+\002\006\007\377\377\377\377\377
|
||||
+END
|
||||
+CKA_VALUE MULTILINE_OCTAL
|
||||
+\060\202\004\320\060\202\003\270\240\003\002\001\002\002\006\007
|
||||
+\377\377\377\377\377\060\015\006\011\052\206\110\206\367\015\001
|
||||
+\001\005\005\000\060\201\264\061\024\060\022\006\003\125\004\012
|
||||
+\023\013\105\156\164\162\165\163\164\056\156\145\164\061\100\060
|
||||
+\076\006\003\125\004\013\024\067\167\167\167\056\145\156\164\162
|
||||
+\165\163\164\056\156\145\164\057\103\120\123\137\062\060\064\070
|
||||
+\040\151\156\143\157\162\160\056\040\142\171\040\162\145\146\056
|
||||
+\040\050\154\151\155\151\164\163\040\154\151\141\142\056\051\061
|
||||
+\045\060\043\006\003\125\004\013\023\034\050\143\051\040\061\071
|
||||
+\071\071\040\105\156\164\162\165\163\164\056\156\145\164\040\114
|
||||
+\151\155\151\164\145\144\061\063\060\061\006\003\125\004\003\023
|
||||
+\052\105\156\164\162\165\163\164\056\156\145\164\040\103\145\162
|
||||
+\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157
|
||||
+\162\151\164\171\040\050\062\060\064\070\051\060\036\027\015\061
|
||||
+\060\060\067\061\066\061\067\062\063\063\070\132\027\015\061\065
|
||||
+\060\067\061\066\061\067\065\063\063\070\132\060\145\061\013\060
|
||||
+\011\006\003\125\004\006\023\002\115\131\061\033\060\031\006\003
|
||||
+\125\004\012\023\022\104\151\147\151\143\145\162\164\040\123\144
|
||||
+\156\056\040\102\150\144\056\061\021\060\017\006\003\125\004\013
|
||||
+\023\010\064\065\067\066\060\070\055\113\061\046\060\044\006\003
|
||||
+\125\004\003\023\035\104\151\147\151\163\151\147\156\040\123\145
|
||||
+\162\166\145\162\040\111\104\040\055\040\050\105\156\162\151\143
|
||||
+\150\051\060\202\001\042\060\015\006\011\052\206\110\206\367\015
|
||||
+\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202
|
||||
+\001\001\000\305\211\344\364\015\006\100\222\131\307\032\263\065
|
||||
+\321\016\114\052\063\371\370\257\312\236\177\356\271\247\155\140
|
||||
+\364\124\350\157\325\233\363\033\143\061\004\150\162\321\064\026
|
||||
+\214\264\027\054\227\336\163\305\330\220\025\240\032\053\365\313
|
||||
+\263\110\206\104\360\035\210\114\316\101\102\032\357\365\014\336
|
||||
+\376\100\332\071\040\367\006\125\072\152\235\106\301\322\157\245
|
||||
+\262\310\127\076\051\243\234\340\351\205\167\146\350\230\247\044
|
||||
+\176\276\300\131\040\345\104\157\266\127\330\276\316\302\145\167
|
||||
+\130\306\141\101\321\164\004\310\177\111\102\305\162\251\162\026
|
||||
+\356\214\335\022\135\264\112\324\321\257\120\267\330\252\165\166
|
||||
+\150\255\076\135\252\060\155\141\250\253\020\133\076\023\277\063
|
||||
+\340\257\104\235\070\042\133\357\114\057\246\161\046\025\046\312
|
||||
+\050\214\331\372\216\216\251\242\024\065\342\233\044\210\264\364
|
||||
+\177\205\235\203\117\007\241\266\024\220\066\304\064\034\215\046
|
||||
+\141\155\023\157\170\276\350\217\047\307\113\204\226\243\206\150
|
||||
+\014\043\276\013\354\214\224\000\251\004\212\023\220\367\337\205
|
||||
+\154\014\261\002\003\001\000\001\243\202\001\064\060\202\001\060
|
||||
+\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001\006
|
||||
+\060\022\006\003\125\035\023\001\001\377\004\010\060\006\001\001
|
||||
+\377\002\001\000\060\047\006\003\125\035\045\004\040\060\036\006
|
||||
+\010\053\006\001\005\005\007\003\001\006\010\053\006\001\005\005
|
||||
+\007\003\002\006\010\053\006\001\005\005\007\003\004\060\063\006
|
||||
+\010\053\006\001\005\005\007\001\001\004\047\060\045\060\043\006
|
||||
+\010\053\006\001\005\005\007\060\001\206\027\150\164\164\160\072
|
||||
+\057\057\157\143\163\160\056\145\156\164\162\165\163\164\056\156
|
||||
+\145\164\060\104\006\003\125\035\040\004\075\060\073\060\071\006
|
||||
+\005\140\203\112\001\001\060\060\060\056\006\010\053\006\001\005
|
||||
+\005\007\002\001\026\042\150\164\164\160\072\057\057\167\167\167
|
||||
+\056\144\151\147\151\143\145\162\164\056\143\157\155\056\155\171
|
||||
+\057\143\160\163\056\150\164\155\060\062\006\003\125\035\037\004
|
||||
+\053\060\051\060\047\240\045\240\043\206\041\150\164\164\160\072
|
||||
+\057\057\143\162\154\056\145\156\164\162\165\163\164\056\156\145
|
||||
+\164\057\062\060\064\070\143\141\056\143\162\154\060\021\006\003
|
||||
+\125\035\016\004\012\004\010\114\116\314\045\050\003\051\201\060
|
||||
+\037\006\003\125\035\043\004\030\060\026\200\024\125\344\201\321
|
||||
+\021\200\276\330\211\271\010\243\061\371\241\044\011\026\271\160
|
||||
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003
|
||||
+\202\001\001\000\227\114\357\112\072\111\254\162\374\060\040\153
|
||||
+\264\051\133\247\305\225\004\220\371\062\325\302\205\152\336\003
|
||||
+\241\067\371\211\000\260\132\254\125\176\333\103\065\377\311\001
|
||||
+\370\121\276\314\046\312\310\152\244\304\124\076\046\036\347\014
|
||||
+\243\315\227\147\224\335\246\102\353\134\315\217\071\171\153\063
|
||||
+\171\041\006\171\372\202\104\025\231\314\301\267\071\323\106\142
|
||||
+\174\262\160\353\157\316\040\252\076\031\267\351\164\202\234\264
|
||||
+\245\113\115\141\000\067\344\207\322\362\024\072\144\174\270\251
|
||||
+\173\141\340\223\042\347\325\237\076\107\346\066\166\240\123\330
|
||||
+\000\003\072\017\265\063\376\226\312\323\322\202\072\056\335\327
|
||||
+\110\341\344\247\151\314\034\351\231\112\347\312\160\105\327\013
|
||||
+\007\016\232\165\033\320\057\222\157\366\244\007\303\275\034\113
|
||||
+\246\204\266\175\250\232\251\322\247\051\361\013\127\151\036\227
|
||||
+\127\046\354\053\103\254\324\105\203\005\000\351\343\360\106\100
|
||||
+\007\372\352\261\121\163\223\034\245\335\123\021\067\310\052\247
|
||||
+\025\047\035\264\252\314\177\252\061\060\374\270\105\237\110\011
|
||||
+\355\020\342\305
|
||||
+END
|
||||
+
|
||||
+# Trust for Certificate "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (en)"
|
||||
+CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
|
||||
+CKA_TOKEN CK_BBOOL CK_TRUE
|
||||
+CKA_PRIVATE CK_BBOOL CK_FALSE
|
||||
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
|
||||
+CKA_LABEL UTF8 "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (en)"
|
||||
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
|
||||
+\153\074\073\200\255\312\246\272\212\237\124\246\172\355\022\151
|
||||
+\005\155\061\046
|
||||
+END
|
||||
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
|
||||
+\327\151\141\177\065\017\234\106\243\252\353\370\125\374\204\362
|
||||
+END
|
||||
+CKA_ISSUER MULTILINE_OCTAL
|
||||
+\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156
|
||||
+\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125
|
||||
+\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056
|
||||
+\156\145\164\057\103\120\123\137\062\060\064\070\040\151\156\143
|
||||
+\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151
|
||||
+\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006
|
||||
+\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105
|
||||
+\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164
|
||||
+\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164
|
||||
+\162\165\163\164\056\156\145\164\040\103\145\162\164\151\146\151
|
||||
+\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
|
||||
+\040\050\062\060\064\070\051
|
||||
+END
|
||||
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
|
||||
+\002\006\007\377\377\377\377\377
|
||||
+END
|
||||
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_UNTRUSTED
|
||||
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_UNTRUSTED
|
||||
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_UNTRUSTED
|
||||
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
|
||||
+
|
||||
diff -up ./mozilla/security/nss/lib/ckfw/builtins/nssckbi.h.ckbi188 ./mozilla/security/nss/lib/ckfw/builtins/nssckbi.h
|
||||
--- ./mozilla/security/nss/lib/ckfw/builtins/nssckbi.h.ckbi188 2011-11-03 13:53:16.192262303 -0700
|
||||
+++ ./mozilla/security/nss/lib/ckfw/builtins/nssckbi.h 2011-11-03 13:54:48.182013245 -0700
|
||||
@@ -77,8 +77,8 @@
|
||||
* of the comment in the CK_VERSION type definition.
|
||||
*/
|
||||
#define NSS_BUILTINS_LIBRARY_VERSION_MAJOR 1
|
||||
-#define NSS_BUILTINS_LIBRARY_VERSION_MINOR 87
|
||||
-#define NSS_BUILTINS_LIBRARY_VERSION "1.87"
|
||||
+#define NSS_BUILTINS_LIBRARY_VERSION_MINOR 88
|
||||
+#define NSS_BUILTINS_LIBRARY_VERSION "1.88"
|
||||
|
||||
/* These version numbers detail the semantic changes to the ckfw engine. */
|
||||
#define NSS_BUILTINS_HARDWARE_VERSION_MAJOR 1
|
59
cert8.db.xml
59
cert8.db.xml
@ -1,59 +0,0 @@
|
||||
<?xml version='1.0' encoding='utf-8'?>
|
||||
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
|
||||
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
|
||||
<!ENTITY date SYSTEM "date.xml">
|
||||
<!ENTITY version SYSTEM "version.xml">
|
||||
]>
|
||||
|
||||
<refentry id="cert8.db">
|
||||
|
||||
<refentryinfo>
|
||||
<date>&date;</date>
|
||||
<title>Network Security Services</title>
|
||||
<productname>nss</productname>
|
||||
<productnumber>&version;</productnumber>
|
||||
</refentryinfo>
|
||||
|
||||
<refmeta>
|
||||
<refentrytitle>cert8.db</refentrytitle>
|
||||
<manvolnum>5</manvolnum>
|
||||
</refmeta>
|
||||
|
||||
<refnamediv>
|
||||
<refname>cert8.db</refname>
|
||||
<refpurpose>Legacy NSS certificate database</refpurpose>
|
||||
</refnamediv>
|
||||
|
||||
<refsection id="description">
|
||||
<title>Description</title>
|
||||
<para><emphasis>cert8.db</emphasis> is an NSS certificate database.</para>
|
||||
<para>This certificate database is in the legacy database format. Consider migrating to cert9.db and key4.db which are the new sqlite-based shared database format with support for concurrent access.
|
||||
</para>
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>Files</title>
|
||||
<para><filename>/etc/pki/nssdb/cert8.db</filename></para>
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>See also</title>
|
||||
<para>cert9.db(5), key4.db(5), pkcs11.txt(5), </para>
|
||||
</refsection>
|
||||
|
||||
<refsection id="authors">
|
||||
<title>Authors</title>
|
||||
<para>The nss libraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.</para>
|
||||
<para>Authors: Elio Maldonado <emaldona@redhat.com>.</para>
|
||||
</refsection>
|
||||
|
||||
<!-- don't change -->
|
||||
<refsection id="license">
|
||||
<title>LICENSE</title>
|
||||
<para>Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||
</para>
|
||||
|
||||
</refsection>
|
||||
|
||||
|
||||
</refentry>
|
59
cert9.db.xml
59
cert9.db.xml
@ -1,59 +0,0 @@
|
||||
<?xml version='1.0' encoding='utf-8'?>
|
||||
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
|
||||
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
|
||||
<!ENTITY date SYSTEM "date.xml">
|
||||
<!ENTITY version SYSTEM "version.xml">
|
||||
]>
|
||||
|
||||
<refentry id="cert9.db">
|
||||
|
||||
<refentryinfo>
|
||||
<date>&date;</date>
|
||||
<title>Network Security Services</title>
|
||||
<productname>nss</productname>
|
||||
<productnumber>&version;</productnumber>
|
||||
</refentryinfo>
|
||||
|
||||
<refmeta>
|
||||
<refentrytitle>cert9.db</refentrytitle>
|
||||
<manvolnum>5</manvolnum>
|
||||
</refmeta>
|
||||
|
||||
<refnamediv>
|
||||
<refname>cert9.db</refname>
|
||||
<refpurpose>NSS certificate database</refpurpose>
|
||||
</refnamediv>
|
||||
|
||||
<refsection id="description">
|
||||
<title>Description</title>
|
||||
<para><emphasis>cert9.db</emphasis> is an NSS certificate database.</para>
|
||||
<para>This certificate database is the sqlite-based shared database with support for concurrent access.
|
||||
</para>
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>Files</title>
|
||||
<para><filename>/etc/pki/nssdb/cert9.db</filename></para>
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>See also</title>
|
||||
<para>pkcs11.txt(5)</para>
|
||||
</refsection>
|
||||
|
||||
<refsection id="authors">
|
||||
<title>Authors</title>
|
||||
<para>The nss libraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.</para>
|
||||
<para>Authors: Elio Maldonado <emaldona@redhat.com>.</para>
|
||||
</refsection>
|
||||
|
||||
<!-- don't change -->
|
||||
<refsection id="license">
|
||||
<title>LICENSE</title>
|
||||
<para>Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||
</para>
|
||||
|
||||
</refsection>
|
||||
|
||||
|
||||
</refentry>
|
13
iquote.patch
13
iquote.patch
@ -1,13 +0,0 @@
|
||||
diff -up nss/coreconf/location.mk.iquote nss/coreconf/location.mk
|
||||
--- nss/coreconf/location.mk.iquote 2017-07-27 16:09:32.000000000 +0200
|
||||
+++ nss/coreconf/location.mk 2017-09-06 13:23:14.633611555 +0200
|
||||
@@ -75,4 +75,9 @@ ifndef SQLITE_LIB_NAME
|
||||
SQLITE_LIB_NAME = sqlite3
|
||||
endif
|
||||
|
||||
+# Prefer in-tree headers over system headers
|
||||
+ifdef IN_TREE_FREEBL_HEADERS_FIRST
|
||||
+ INCLUDES += -iquote $(DIST)/../public/nss -iquote $(DIST)/../private/nss
|
||||
+endif
|
||||
+
|
||||
MK_LOCATION = included
|
59
key3.db.xml
59
key3.db.xml
@ -1,59 +0,0 @@
|
||||
<?xml version='1.0' encoding='utf-8'?>
|
||||
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
|
||||
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
|
||||
<!ENTITY date SYSTEM "date.xml">
|
||||
<!ENTITY version SYSTEM "version.xml">
|
||||
]>
|
||||
|
||||
<refentry id="key3.db">
|
||||
|
||||
<refentryinfo>
|
||||
<date>&date;</date>
|
||||
<title>Network Security Services</title>
|
||||
<productname>nss</productname>
|
||||
<productnumber>&version;</productnumber>
|
||||
</refentryinfo>
|
||||
|
||||
<refmeta>
|
||||
<refentrytitle>key3.db</refentrytitle>
|
||||
<manvolnum>5</manvolnum>
|
||||
</refmeta>
|
||||
|
||||
<refnamediv>
|
||||
<refname>key3.db</refname>
|
||||
<refpurpose>Legacy NSS certificate database</refpurpose>
|
||||
</refnamediv>
|
||||
|
||||
<refsection id="description">
|
||||
<title>Description</title>
|
||||
<para><emphasis>key3.db</emphasis> is an NSS certificate database.</para>
|
||||
<para>This is a key database in the legacy database format. Consider migrating to cert9.db and key4.db which which are the new sqlite-based shared database format with support for concurrent access.
|
||||
</para>
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>Files</title>
|
||||
<para><filename>/etc/pki/nssdb/key3.db</filename></para>
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>See also</title>
|
||||
<para>cert9.db(5), key4.db(5), pkcs11.txt(5), </para>
|
||||
</refsection>
|
||||
|
||||
<refsection id="authors">
|
||||
<title>Authors</title>
|
||||
<para>The nss libraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.</para>
|
||||
<para>Authors: Elio Maldonado <emaldona@redhat.com>.</para>
|
||||
</refsection>
|
||||
|
||||
<!-- don't change -->
|
||||
<refsection id="license">
|
||||
<title>LICENSE</title>
|
||||
<para>Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||
</para>
|
||||
|
||||
</refsection>
|
||||
|
||||
|
||||
</refentry>
|
59
key4.db.xml
59
key4.db.xml
@ -1,59 +0,0 @@
|
||||
<?xml version='1.0' encoding='utf-8'?>
|
||||
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
|
||||
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
|
||||
<!ENTITY date SYSTEM "date.xml">
|
||||
<!ENTITY version SYSTEM "version.xml">
|
||||
]>
|
||||
|
||||
<refentry id="key4.db">
|
||||
|
||||
<refentryinfo>
|
||||
<date>&date;</date>
|
||||
<title>Network Security Services</title>
|
||||
<productname>nss</productname>
|
||||
<productnumber>&version;</productnumber>
|
||||
</refentryinfo>
|
||||
|
||||
<refmeta>
|
||||
<refentrytitle>key4.db</refentrytitle>
|
||||
<manvolnum>5</manvolnum>
|
||||
</refmeta>
|
||||
|
||||
<refnamediv>
|
||||
<refname>key4.db</refname>
|
||||
<refpurpose>NSS certificate database</refpurpose>
|
||||
</refnamediv>
|
||||
|
||||
<refsection id="description">
|
||||
<title>Description</title>
|
||||
<para><emphasis>key4.db</emphasis> is an NSS key database.</para>
|
||||
<para>This key database is the sqlite-based shared database format with support for concurrent access.
|
||||
</para>
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>Files</title>
|
||||
<para><filename>/etc/pki/nssdb/key4.db</filename></para>
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>See also</title>
|
||||
<para>pkcs11.txt(5)</para>
|
||||
</refsection>
|
||||
|
||||
<refsection id="authors">
|
||||
<title>Authors</title>
|
||||
<para>The nss libraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.</para>
|
||||
<para>Authors: Elio Maldonado <emaldona@redhat.com>.</para>
|
||||
</refsection>
|
||||
|
||||
<!-- don't change -->
|
||||
<refsection id="license">
|
||||
<title>LICENSE</title>
|
||||
<para>Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||
</para>
|
||||
|
||||
</refsection>
|
||||
|
||||
|
||||
</refentry>
|
@ -1,62 +1,22 @@
|
||||
--- nss/cmd/httpserv/httpserv.c.539183 2016-05-21 18:31:39.879585420 -0700
|
||||
+++ nss/cmd/httpserv/httpserv.c 2016-05-21 18:37:22.374464057 -0700
|
||||
@@ -953,23 +953,23 @@
|
||||
getBoundListenSocket(unsigned short port)
|
||||
{
|
||||
PRFileDesc *listen_sock;
|
||||
int listenQueueDepth = 5 + (2 * maxThreads);
|
||||
PRStatus prStatus;
|
||||
PRNetAddr addr;
|
||||
diff -up ./mozilla/security/nss/cmd/selfserv/selfserv.c.539183 ./mozilla/security/nss/cmd/selfserv/selfserv.c
|
||||
--- ./mozilla/security/nss/cmd/selfserv/selfserv.c.539183 2011-04-27 15:24:07.922128850 -0700
|
||||
+++ ./mozilla/security/nss/cmd/selfserv/selfserv.c 2011-04-27 15:27:11.053271675 -0700
|
||||
@@ -1493,14 +1493,14 @@ getBoundListenSocket(unsigned short port
|
||||
PRSocketOptionData opt;
|
||||
PRUint16 socketDomain = PR_AF_INET;
|
||||
|
||||
- addr.inet.family = PR_AF_INET;
|
||||
- addr.inet.ip = PR_INADDR_ANY;
|
||||
- addr.inet.port = PR_htons(port);
|
||||
- addr.inet.ip = PR_INADDR_ANY;
|
||||
- addr.inet.port = PR_htons(port);
|
||||
+ if (PR_SetNetAddr(PR_IpAddrAny, PR_AF_INET6, port, &addr) != PR_SUCCESS) {
|
||||
+ errExit("PR_SetNetAddr");
|
||||
+ errExit("PR_SetNetAddr");
|
||||
+ }
|
||||
|
||||
- listen_sock = PR_NewTCPSocket();
|
||||
if (PR_GetEnv("NSS_USE_SDP")) {
|
||||
socketDomain = PR_AF_INET_SDP;
|
||||
}
|
||||
- listen_sock = PR_OpenTCPSocket(socketDomain);
|
||||
+ listen_sock = PR_OpenTCPSocket(PR_AF_INET6);
|
||||
if (listen_sock == NULL) {
|
||||
- errExit("PR_NewTCPSocket");
|
||||
+ errExit("PR_OpenTCPSockett");
|
||||
errExit("PR_OpenTCPSocket error");
|
||||
}
|
||||
|
||||
opt.option = PR_SockOpt_Nonblocking;
|
||||
opt.value.non_blocking = PR_FALSE;
|
||||
prStatus = PR_SetSocketOption(listen_sock, &opt);
|
||||
if (prStatus < 0) {
|
||||
PR_Close(listen_sock);
|
||||
errExit("PR_SetSocketOption(PR_SockOpt_Nonblocking)");
|
||||
--- nss/cmd/selfserv/selfserv.c.539183 2016-05-21 18:31:39.882585367 -0700
|
||||
+++ nss/cmd/selfserv/selfserv.c 2016-05-21 18:41:43.092801174 -0700
|
||||
@@ -1711,23 +1711,23 @@
|
||||
getBoundListenSocket(unsigned short port)
|
||||
{
|
||||
PRFileDesc *listen_sock;
|
||||
int listenQueueDepth = 5 + (2 * maxThreads);
|
||||
PRStatus prStatus;
|
||||
PRNetAddr addr;
|
||||
PRSocketOptionData opt;
|
||||
|
||||
- addr.inet.family = PR_AF_INET;
|
||||
- addr.inet.ip = PR_INADDR_ANY;
|
||||
- addr.inet.port = PR_htons(port);
|
||||
+ if (PR_SetNetAddr(PR_IpAddrAny, PR_AF_INET6, port, &addr) != PR_SUCCESS) {
|
||||
+ errExit("PR_SetNetAddr");
|
||||
+ }
|
||||
|
||||
- listen_sock = PR_NewTCPSocket();
|
||||
+ listen_sock = PR_OpenTCPSocket(PR_AF_INET6);
|
||||
if (listen_sock == NULL) {
|
||||
- errExit("PR_NewTCPSocket");
|
||||
+ errExit("PR_OpenTCPSocket error");
|
||||
}
|
||||
|
||||
opt.option = PR_SockOpt_Nonblocking;
|
||||
opt.value.non_blocking = PR_FALSE;
|
||||
prStatus = PR_SetSocketOption(listen_sock, &opt);
|
||||
if (prStatus < 0) {
|
||||
PR_Close(listen_sock);
|
||||
errExit("PR_SetSocketOption(PR_SockOpt_Nonblocking)");
|
||||
|
34
nss-646045.patch
Normal file
34
nss-646045.patch
Normal file
@ -0,0 +1,34 @@
|
||||
diff -up ./mozilla/security/nss/tests/dbtests/dbtests.sh.noroot ./mozilla/security/nss/tests/dbtests/dbtests.sh
|
||||
--- ./mozilla/security/nss/tests/dbtests/dbtests.sh.noroot 2011-04-06 09:56:07.207701000 -0700
|
||||
+++ ./mozilla/security/nss/tests/dbtests/dbtests.sh 2011-04-06 10:19:54.159552000 -0700
|
||||
@@ -201,6 +201,9 @@ dbtest_main()
|
||||
cat $RONLY_DIR/* > /dev/null
|
||||
fi
|
||||
|
||||
+ # skipping the next two tests when user is root,
|
||||
+ # otherwise they would fail due to rooty powers
|
||||
+ if [[ $EUID -ne 0 ]] then
|
||||
${BINDIR}/dbtest -d $RONLY_DIR
|
||||
ret=$?
|
||||
if [ $ret -ne 46 ]; then
|
||||
@@ -208,6 +211,10 @@ dbtest_main()
|
||||
else
|
||||
html_passed "Dbtest r/w didn't work in an readonly dir $ret"
|
||||
fi
|
||||
+ else
|
||||
+ html_passed "Skipping Dbtest r/w in a readonly dir because user is root"
|
||||
+ fi
|
||||
+ if [[ $EUID -ne 0 ]] then
|
||||
${BINDIR}/certutil -D -n "TestUser" -d .
|
||||
ret=$?
|
||||
if [ $ret -ne 255 ]; then
|
||||
@@ -215,6 +222,9 @@ dbtest_main()
|
||||
else
|
||||
html_passed "Certutil didn't work in an readonly dir $ret"
|
||||
fi
|
||||
+ else
|
||||
+ html_passed "Skipping Certutil delete cert in an readonly directory test because user is root"
|
||||
+ fi
|
||||
|
||||
Echo "test opening the database ronly in a readonly directory"
|
||||
|
47
nss-703658.patch
Normal file
47
nss-703658.patch
Normal file
@ -0,0 +1,47 @@
|
||||
Index: mozilla/security/nss/lib/crmf/crmfi.h
|
||||
===================================================================
|
||||
RCS file: /cvsroot/mozilla/security/nss/lib/crmf/crmfi.h,v
|
||||
retrieving revision 1.4
|
||||
diff -u -u -r1.4 crmfi.h
|
||||
--- mozilla/security/nss/lib/crmf/crmfi.h 15 Jan 2011 19:47:11 -0000 1.4
|
||||
+++ mozilla/security/nss/lib/crmf/crmfi.h 11 May 2011 20:06:26 -0000
|
||||
@@ -46,10 +46,38 @@
|
||||
#include "secasn1.h"
|
||||
#include "crmfit.h"
|
||||
#include "secerr.h"
|
||||
+#include "blapit.h"
|
||||
|
||||
#define CRMF_DEFAULT_ARENA_SIZE 1024
|
||||
-#define MAX_WRAPPED_KEY_LEN 2048
|
||||
|
||||
+/*
|
||||
+ * Explanation for the definition of MAX_WRAPPED_KEY_LEN:
|
||||
+ *
|
||||
+ * It's used for internal buffers to transport a wrapped private key.
|
||||
+ * The value is in BYTES.
|
||||
+ * We want to define a reasonable upper bound for this value.
|
||||
+ * Ideally this could be calculated, but in order to simplify the code
|
||||
+ * we want to estimate the maximum requires size.
|
||||
+ * See also mozilla bug 655850 for the full explanation.
|
||||
+ *
|
||||
+ * We know the largest wrapped keys are RSA keys.
|
||||
+ * We'll estimate the maximum size needed for wrapped RSA keys,
|
||||
+ * and assume it's sufficient for wrapped keys of any type we support.
|
||||
+ *
|
||||
+ * The maximum size of RSA keys in bits is defined elsewhere as
|
||||
+ * RSA_MAX_MODULUS_BITS
|
||||
+ *
|
||||
+ * The idea is to define MAX_WRAPPED_KEY_LEN based on the above.
|
||||
+ *
|
||||
+ * A wrapped RSA key requires about
|
||||
+ * ( ( RSA_MAX_MODULUS_BITS / 8 ) * 5.5) + 65
|
||||
+ * bytes.
|
||||
+ *
|
||||
+ * Therefore, a safe upper bound is:
|
||||
+ * ( ( RSA_MAX_MODULUS_BITS / 8 ) *8 ) = RSA_MAX_MODULUS_BITS
|
||||
+ *
|
||||
+ */
|
||||
+#define MAX_WRAPPED_KEY_LEN RSA_MAX_MODULUS_BITS
|
||||
|
||||
#define CRMF_BITS_TO_BYTES(bits) (((bits)+7)/8)
|
||||
#define CRMF_BYTES_TO_BITS(bytes) ((bytes)*8)
|
132
nss-config.xml
132
nss-config.xml
@ -1,132 +0,0 @@
|
||||
<?xml version='1.0' encoding='utf-8'?>
|
||||
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
|
||||
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
|
||||
<!ENTITY date SYSTEM "date.xml">
|
||||
<!ENTITY version SYSTEM "version.xml">
|
||||
]>
|
||||
|
||||
<refentry id="nss-config">
|
||||
|
||||
<refentryinfo>
|
||||
<date>&date;</date>
|
||||
<title>Network Security Services</title>
|
||||
<productname>nss</productname>
|
||||
<productnumber>&version;</productnumber>
|
||||
</refentryinfo>
|
||||
|
||||
<refmeta>
|
||||
<refentrytitle>nss-config</refentrytitle>
|
||||
<manvolnum>1</manvolnum>
|
||||
</refmeta>
|
||||
|
||||
<refnamediv>
|
||||
<refname>nss-config</refname>
|
||||
<refpurpose>Return meta information about nss libraries</refpurpose>
|
||||
</refnamediv>
|
||||
|
||||
<refsynopsisdiv>
|
||||
<cmdsynopsis>
|
||||
<command>nss-config</command>
|
||||
<arg><option>--prefix</option></arg>
|
||||
<arg><option>--exec-prefix</option></arg>
|
||||
<arg><option>--includedir</option></arg>
|
||||
<arg><option>--libs</option></arg>
|
||||
<arg><option>--cflags</option></arg>
|
||||
<arg><option>--libdir</option></arg>
|
||||
<arg><option>--version</option></arg>
|
||||
</cmdsynopsis>
|
||||
</refsynopsisdiv>
|
||||
|
||||
<refsection id="description">
|
||||
<title>Description</title>
|
||||
|
||||
<para><command>nss-config</command> is a shell scrip
|
||||
tool which can be used to obtain gcc options for building client pacakges of nspt. </para>
|
||||
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>Options</title>
|
||||
|
||||
<variablelist>
|
||||
<varlistentry>
|
||||
<term><option>--prefix</option></term>
|
||||
<listitem><simpara>Returns the top level system directory under which the nss libraries are installed.</simpara></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>--exec-prefix</option></term>
|
||||
<listitem><simpara>returns the top level system directory under which any nss binaries would be installed.</simpara></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>--includedir</option> <replaceable>count</replaceable></term>
|
||||
<listitem><simpara>returns the path to the directory were the nss libraries are installed.</simpara></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>--version</option></term>
|
||||
<listitem><simpara>returns the upstream version of nss in the form major_version-minor_version-patch_version.</simpara></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>--libs</option></term>
|
||||
<listitem><simpara>returns the compiler linking flags.</simpara></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>--cflags</option></term>
|
||||
<listitem><simpara>returns the compiler include flags.</simpara></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>--libdir</option></term>
|
||||
<listitem><simpara>returns the path to the directory were the nss libraries are installed.</simpara></listitem>
|
||||
</varlistentry>
|
||||
|
||||
</variablelist>
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>Examples</title>
|
||||
|
||||
<para>The following example will query for both include path and linkage flags:
|
||||
|
||||
<programlisting>
|
||||
/usr/bin/nss-config --cflags --libs
|
||||
</programlisting>
|
||||
|
||||
</para>
|
||||
|
||||
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>Files</title>
|
||||
|
||||
<para><filename>/usr/bin/nss-config</filename></para>
|
||||
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>See also</title>
|
||||
<para>pkg-config(1)</para>
|
||||
</refsection>
|
||||
|
||||
<refsection id="authors">
|
||||
<title>Authors</title>
|
||||
<para>The nss liraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.</para>
|
||||
<para>
|
||||
Authors: Elio Maldonado <emaldona@redhat.com>.
|
||||
</para>
|
||||
</refsection>
|
||||
|
||||
<!-- don't change -->
|
||||
<refsection id="license">
|
||||
<title>LICENSE</title>
|
||||
<para>Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||
</para>
|
||||
</refsection>
|
||||
|
||||
</refentry>
|
||||
|
12
nss-enable-pem.patch
Normal file
12
nss-enable-pem.patch
Normal file
@ -0,0 +1,12 @@
|
||||
diff -up ./mozilla/security/nss/lib/ckfw/manifest.mn.prepem ./mozilla/security/nss/lib/ckfw/manifest.mn
|
||||
--- ./mozilla/security/nss/lib/ckfw/manifest.mn.prepem 2008-08-05 16:34:23.000000000 -0700
|
||||
+++ ./mozilla/security/nss/lib/ckfw/manifest.mn 2008-08-05 16:34:30.000000000 -0700
|
||||
@@ -38,7 +38,7 @@ MANIFEST_CVS_ID = "@(#) $RCSfile: manife
|
||||
|
||||
CORE_DEPTH = ../../..
|
||||
|
||||
-DIRS = builtins
|
||||
+DIRS = builtins pem
|
||||
|
||||
PRIVATE_EXPORTS = \
|
||||
ck.h \
|
@ -1,21 +0,0 @@
|
||||
diff -up ./lib/util/pkcs11n.h.aes_gcm_pkcs11_v2 ./lib/util/pkcs11n.h
|
||||
--- ./lib/util/pkcs11n.h.aes_gcm_pkcs11_v2 2020-05-13 13:44:11.312405744 -0700
|
||||
+++ ./lib/util/pkcs11n.h 2020-05-13 13:45:23.951723660 -0700
|
||||
@@ -605,7 +605,7 @@ typedef struct CK_NSS_GCM_PARAMS {
|
||||
typedef CK_NSS_GCM_PARAMS CK_PTR CK_NSS_GCM_PARAMS_PTR;
|
||||
|
||||
/* deprecated #defines. Drop in future NSS releases */
|
||||
-#ifdef NSS_PKCS11_2_0_COMPAT
|
||||
+#ifndef NSS_PKCS11_3_0_STRICT
|
||||
|
||||
/* defines that were changed between NSS's PKCS #11 and the Oasis headers */
|
||||
#define CKF_EC_FP CKF_EC_F_P
|
||||
@@ -664,7 +664,7 @@ typedef CK_NSS_GCM_PARAMS CK_PTR CK_GCM_
|
||||
#define CKT_NETSCAPE_VALID CKT_NSS_VALID
|
||||
#define CKT_NETSCAPE_VALID_DELEGATOR CKT_NSS_VALID_DELEGATOR
|
||||
#else
|
||||
-/* use the new CK_GCM_PARAMS if NSS_PKCS11_2_0_COMPAT is not defined */
|
||||
+/* use the new CK_GCM_PARAMS if NSS_PKCS11_3_0_STRICT is defined */
|
||||
typedef struct CK_GCM_PARAMS_V3 CK_GCM_PARAMS;
|
||||
typedef CK_GCM_PARAMS_V3 CK_PTR CK_GCM_PARAMS_PTR;
|
||||
#endif
|
@ -1,31 +0,0 @@
|
||||
Index: nss/lib/freebl/verified/kremlin/include/kremlin/internal/types.h
|
||||
===================================================================
|
||||
--- nss.orig/lib/freebl/verified/kremlin/include/kremlin/internal/types.h
|
||||
+++ nss/lib/freebl/verified/kremlin/include/kremlin/internal/types.h
|
||||
@@ -56,9 +56,10 @@ typedef const char *Prims_string;
|
||||
!defined(__clang__)
|
||||
#include <emmintrin.h>
|
||||
typedef __m128i FStar_UInt128_uint128;
|
||||
-#elif !defined(KRML_VERIFIED_UINT128) && !defined(_MSC_VER) && \
|
||||
+#elif !defined(KRML_VERIFIED_UINT128) && !defined(_MSC_VER) && \
|
||||
(defined(__x86_64__) || defined(__x86_64) || defined(__aarch64__) || \
|
||||
- (defined(__powerpc64__) && defined(__LITTLE_ENDIAN__)))
|
||||
+ (defined(__powerpc64__) && defined(__LITTLE_ENDIAN__)) || \
|
||||
+ defined(__s390x__))
|
||||
typedef unsigned __int128 FStar_UInt128_uint128;
|
||||
#elif !defined(KRML_VERIFIED_UINT128) && defined(_MSC_VER) && defined(__clang__)
|
||||
typedef __uint128_t FStar_UInt128_uint128;
|
||||
Index: nss/lib/freebl/verified/kremlin/kremlib/dist/minimal/fstar_uint128_gcc64.h
|
||||
===================================================================
|
||||
--- nss.orig/lib/freebl/verified/kremlin/kremlib/dist/minimal/fstar_uint128_gcc64.h
|
||||
+++ nss/lib/freebl/verified/kremlin/kremlib/dist/minimal/fstar_uint128_gcc64.h
|
||||
@@ -26,7 +26,8 @@
|
||||
|
||||
#if !defined(KRML_VERIFIED_UINT128) && (!defined(_MSC_VER) || defined(__clang__)) && \
|
||||
(defined(__x86_64__) || defined(__x86_64) || defined(__aarch64__) || \
|
||||
- (defined(__powerpc64__) && defined(__LITTLE_ENDIAN__)))
|
||||
+ (defined(__powerpc64__) && defined(__LITTLE_ENDIAN__)) || \
|
||||
+ defined(__s390x__))
|
||||
|
||||
/* GCC + using native unsigned __int128 support */
|
||||
|
@ -1,4 +0,0 @@
|
||||
name=p11-kit-proxy
|
||||
library=p11-kit-proxy.so
|
||||
|
||||
|
@ -1,94 +0,0 @@
|
||||
diff --git a/cmd/modutil/install.c b/cmd/modutil/install.c
|
||||
--- a/cmd/modutil/install.c
|
||||
+++ b/cmd/modutil/install.c
|
||||
@@ -825,17 +825,20 @@ rm_dash_r(char *path)
|
||||
|
||||
dir = PR_OpenDir(path);
|
||||
if (!dir) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* Recursively delete all entries in the directory */
|
||||
while ((entry = PR_ReadDir(dir, PR_SKIP_BOTH)) != NULL) {
|
||||
- sprintf(filename, "%s/%s", path, entry->name);
|
||||
+ if (snprintf(filename, sizeof(filename), "%s/%s", path, entry->name) >= sizeof(filename)) {
|
||||
+ PR_CloseDir(dir);
|
||||
+ return -1;
|
||||
+ }
|
||||
if (rm_dash_r(filename)) {
|
||||
PR_CloseDir(dir);
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
|
||||
if (PR_CloseDir(dir) != PR_SUCCESS) {
|
||||
return -1;
|
||||
diff --git a/cmd/signtool/util.c b/cmd/signtool/util.c
|
||||
--- a/cmd/signtool/util.c
|
||||
+++ b/cmd/signtool/util.c
|
||||
@@ -132,17 +132,20 @@ rm_dash_r(char *path)
|
||||
if (!dir) {
|
||||
PR_fprintf(errorFD, "Error: Unable to open directory %s.\n", path);
|
||||
errorCount++;
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* Recursively delete all entries in the directory */
|
||||
while ((entry = PR_ReadDir(dir, PR_SKIP_BOTH)) != NULL) {
|
||||
- sprintf(filename, "%s/%s", path, entry->name);
|
||||
+ if (snprintf(filename, sizeof(filename), "%s/%s", path, entry->name) >= sizeof(filename)) {
|
||||
+ errorCount++;
|
||||
+ return -1;
|
||||
+ }
|
||||
if (rm_dash_r(filename))
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (PR_CloseDir(dir) != PR_SUCCESS) {
|
||||
PR_fprintf(errorFD, "Error: Could not close %s.\n", path);
|
||||
errorCount++;
|
||||
return -1;
|
||||
diff --git a/lib/libpkix/pkix/util/pkix_list.c b/lib/libpkix/pkix/util/pkix_list.c
|
||||
--- a/lib/libpkix/pkix/util/pkix_list.c
|
||||
+++ b/lib/libpkix/pkix/util/pkix_list.c
|
||||
@@ -1530,17 +1530,17 @@ cleanup:
|
||||
*/
|
||||
PKIX_Error *
|
||||
PKIX_List_SetItem(
|
||||
PKIX_List *list,
|
||||
PKIX_UInt32 index,
|
||||
PKIX_PL_Object *item,
|
||||
void *plContext)
|
||||
{
|
||||
- PKIX_List *element;
|
||||
+ PKIX_List *element = NULL;
|
||||
|
||||
PKIX_ENTER(LIST, "PKIX_List_SetItem");
|
||||
PKIX_NULLCHECK_ONE(list);
|
||||
|
||||
if (list->immutable){
|
||||
PKIX_ERROR(PKIX_OPERATIONNOTPERMITTEDONIMMUTABLELIST);
|
||||
}
|
||||
|
||||
diff --git a/lib/libpkix/pkix_pl_nss/system/pkix_pl_oid.c b/lib/libpkix/pkix_pl_nss/system/pkix_pl_oid.c
|
||||
--- a/lib/libpkix/pkix_pl_nss/system/pkix_pl_oid.c
|
||||
+++ b/lib/libpkix/pkix_pl_nss/system/pkix_pl_oid.c
|
||||
@@ -102,17 +102,17 @@ cleanup:
|
||||
*/
|
||||
static PKIX_Error *
|
||||
pkix_pl_OID_Equals(
|
||||
PKIX_PL_Object *first,
|
||||
PKIX_PL_Object *second,
|
||||
PKIX_Boolean *pResult,
|
||||
void *plContext)
|
||||
{
|
||||
- PKIX_Int32 cmpResult;
|
||||
+ PKIX_Int32 cmpResult = 0;
|
||||
|
||||
PKIX_ENTER(OID, "pkix_pl_OID_Equals");
|
||||
PKIX_NULLCHECK_THREE(first, second, pResult);
|
||||
|
||||
PKIX_CHECK(pkix_pl_OID_Comparator
|
||||
(first, second, &cmpResult, plContext),
|
||||
PKIX_OIDCOMPARATORFAILED);
|
||||
|
@ -1,116 +0,0 @@
|
||||
#!/bin/sh
|
||||
|
||||
prefix=@prefix@
|
||||
|
||||
major_version=@MOD_MAJOR_VERSION@
|
||||
minor_version=@MOD_MINOR_VERSION@
|
||||
patch_version=@MOD_PATCH_VERSION@
|
||||
|
||||
usage()
|
||||
{
|
||||
cat <<EOF
|
||||
Usage: nss-softokn-config [OPTIONS] [LIBRARIES]
|
||||
Options:
|
||||
[--prefix[=DIR]]
|
||||
[--exec-prefix[=DIR]]
|
||||
[--includedir[=DIR]]
|
||||
[--libdir[=DIR]]
|
||||
[--version]
|
||||
[--libs]
|
||||
[--cflags]
|
||||
Dynamic Libraries:
|
||||
softokn3 - Requires full dynamic linking
|
||||
freebl3 - for internal use only (and glibc for self-integrity check)
|
||||
nssdbm3 - for internal use only
|
||||
Dymamically linked
|
||||
EOF
|
||||
exit $1
|
||||
}
|
||||
|
||||
if test $# -eq 0; then
|
||||
usage 1 1>&2
|
||||
fi
|
||||
|
||||
while test $# -gt 0; do
|
||||
case "$1" in
|
||||
-*=*) optarg=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'` ;;
|
||||
*) optarg= ;;
|
||||
esac
|
||||
|
||||
case $1 in
|
||||
--prefix=*)
|
||||
prefix=$optarg
|
||||
;;
|
||||
--prefix)
|
||||
echo_prefix=yes
|
||||
;;
|
||||
--exec-prefix=*)
|
||||
exec_prefix=$optarg
|
||||
;;
|
||||
--exec-prefix)
|
||||
echo_exec_prefix=yes
|
||||
;;
|
||||
--includedir=*)
|
||||
includedir=$optarg
|
||||
;;
|
||||
--includedir)
|
||||
echo_includedir=yes
|
||||
;;
|
||||
--libdir=*)
|
||||
libdir=$optarg
|
||||
;;
|
||||
--libdir)
|
||||
echo_libdir=yes
|
||||
;;
|
||||
--version)
|
||||
echo ${major_version}.${minor_version}.${patch_version}
|
||||
;;
|
||||
--cflags)
|
||||
echo_cflags=yes
|
||||
;;
|
||||
--libs)
|
||||
echo_libs=yes
|
||||
;;
|
||||
*)
|
||||
usage 1 1>&2
|
||||
;;
|
||||
esac
|
||||
shift
|
||||
done
|
||||
|
||||
# Set variables that may be dependent upon other variables
|
||||
if test -z "$exec_prefix"; then
|
||||
exec_prefix=`pkg-config --variable=exec_prefix nss-softokn`
|
||||
fi
|
||||
if test -z "$includedir"; then
|
||||
includedir=`pkg-config --variable=includedir nss-softokn`
|
||||
fi
|
||||
if test -z "$libdir"; then
|
||||
libdir=`pkg-config --variable=libdir nss-softokn`
|
||||
fi
|
||||
|
||||
if test "$echo_prefix" = "yes"; then
|
||||
echo $prefix
|
||||
fi
|
||||
|
||||
if test "$echo_exec_prefix" = "yes"; then
|
||||
echo $exec_prefix
|
||||
fi
|
||||
|
||||
if test "$echo_includedir" = "yes"; then
|
||||
echo $includedir
|
||||
fi
|
||||
|
||||
if test "$echo_libdir" = "yes"; then
|
||||
echo $libdir
|
||||
fi
|
||||
|
||||
if test "$echo_cflags" = "yes"; then
|
||||
echo -I$includedir
|
||||
fi
|
||||
|
||||
if test "$echo_libs" = "yes"; then
|
||||
libdirs="-Wl,-rpath-link,$libdir -L$libdir"
|
||||
echo $libdirs
|
||||
fi
|
||||
|
@ -1,18 +0,0 @@
|
||||
#!/bin/bash
|
||||
# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
|
||||
# ex: ts=8 sw=4 sts=4 et filetype=sh
|
||||
|
||||
check() {
|
||||
return 255
|
||||
}
|
||||
|
||||
depends() {
|
||||
return 0
|
||||
}
|
||||
|
||||
install() {
|
||||
local _dir
|
||||
|
||||
inst_libdir_file libfreeblpriv3.so libfreeblpriv3.chk \
|
||||
libfreebl3.so
|
||||
}
|
@ -1,3 +0,0 @@
|
||||
# turn on nss-softokn module
|
||||
|
||||
add_dracutmodules+=" nss-softokn "
|
@ -1,11 +0,0 @@
|
||||
prefix=%prefix%
|
||||
exec_prefix=%exec_prefix%
|
||||
libdir=%libdir%
|
||||
includedir=%includedir%
|
||||
|
||||
Name: NSS-SOFTOKN
|
||||
Description: Network Security Services Softoken PKCS #11 Module
|
||||
Version: %SOFTOKEN_VERSION%
|
||||
Requires: nspr >= %NSPR_VERSION%, nss-util >= %NSSUTIL_VERSION%
|
||||
Libs: -L${libdir} -lfreebl3 -lnssdbm3 -lsoftokn3
|
||||
Cflags: -I${includedir}
|
@ -1,118 +0,0 @@
|
||||
#!/bin/sh
|
||||
|
||||
prefix=@prefix@
|
||||
|
||||
major_version=@MOD_MAJOR_VERSION@
|
||||
minor_version=@MOD_MINOR_VERSION@
|
||||
patch_version=@MOD_PATCH_VERSION@
|
||||
|
||||
usage()
|
||||
{
|
||||
cat <<EOF
|
||||
Usage: nss-util-config [OPTIONS] [LIBRARIES]
|
||||
Options:
|
||||
[--prefix[=DIR]]
|
||||
[--exec-prefix[=DIR]]
|
||||
[--includedir[=DIR]]
|
||||
[--libdir[=DIR]]
|
||||
[--version]
|
||||
[--libs]
|
||||
[--cflags]
|
||||
Dynamic Libraries:
|
||||
nssutil
|
||||
EOF
|
||||
exit $1
|
||||
}
|
||||
|
||||
if test $# -eq 0; then
|
||||
usage 1 1>&2
|
||||
fi
|
||||
|
||||
lib_nssutil=yes
|
||||
|
||||
while test $# -gt 0; do
|
||||
case "$1" in
|
||||
-*=*) optarg=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'` ;;
|
||||
*) optarg= ;;
|
||||
esac
|
||||
|
||||
case $1 in
|
||||
--prefix=*)
|
||||
prefix=$optarg
|
||||
;;
|
||||
--prefix)
|
||||
echo_prefix=yes
|
||||
;;
|
||||
--exec-prefix=*)
|
||||
exec_prefix=$optarg
|
||||
;;
|
||||
--exec-prefix)
|
||||
echo_exec_prefix=yes
|
||||
;;
|
||||
--includedir=*)
|
||||
includedir=$optarg
|
||||
;;
|
||||
--includedir)
|
||||
echo_includedir=yes
|
||||
;;
|
||||
--libdir=*)
|
||||
libdir=$optarg
|
||||
;;
|
||||
--libdir)
|
||||
echo_libdir=yes
|
||||
;;
|
||||
--version)
|
||||
echo ${major_version}.${minor_version}.${patch_version}
|
||||
;;
|
||||
--cflags)
|
||||
echo_cflags=yes
|
||||
;;
|
||||
--libs)
|
||||
echo_libs=yes
|
||||
;;
|
||||
*)
|
||||
usage 1 1>&2
|
||||
;;
|
||||
esac
|
||||
shift
|
||||
done
|
||||
|
||||
# Set variables that may be dependent upon other variables
|
||||
if test -z "$exec_prefix"; then
|
||||
exec_prefix=`pkg-config --variable=exec_prefix nss-util`
|
||||
fi
|
||||
if test -z "$includedir"; then
|
||||
includedir=`pkg-config --variable=includedir nss-util`
|
||||
fi
|
||||
if test -z "$libdir"; then
|
||||
libdir=`pkg-config --variable=libdir nss-util`
|
||||
fi
|
||||
|
||||
if test "$echo_prefix" = "yes"; then
|
||||
echo $prefix
|
||||
fi
|
||||
|
||||
if test "$echo_exec_prefix" = "yes"; then
|
||||
echo $exec_prefix
|
||||
fi
|
||||
|
||||
if test "$echo_includedir" = "yes"; then
|
||||
echo $includedir
|
||||
fi
|
||||
|
||||
if test "$echo_libdir" = "yes"; then
|
||||
echo $libdir
|
||||
fi
|
||||
|
||||
if test "$echo_cflags" = "yes"; then
|
||||
echo -I$includedir
|
||||
fi
|
||||
|
||||
if test "$echo_libs" = "yes"; then
|
||||
libdirs="-Wl,-rpath-link,$libdir -L$libdir"
|
||||
if test -n "$lib_nssutil"; then
|
||||
libdirs="$libdirs -lnssutil${major_version}"
|
||||
fi
|
||||
echo $libdirs
|
||||
fi
|
||||
|
@ -1,11 +0,0 @@
|
||||
prefix=%prefix%
|
||||
exec_prefix=%exec_prefix%
|
||||
libdir=%libdir%
|
||||
includedir=%includedir%
|
||||
|
||||
Name: NSS-UTIL
|
||||
Description: Network Security Services Utility Library
|
||||
Version: %NSSUTIL_VERSION%
|
||||
Requires: nspr >= %NSPR_VERSION%
|
||||
Libs: -L${libdir} -lnssutil3
|
||||
Cflags: -I${includedir}
|
@ -7,5 +7,5 @@ Name: NSS
|
||||
Description: Network Security Services
|
||||
Version: %NSS_VERSION%
|
||||
Requires: nspr >= %NSPR_VERSION%, nss-util >= %NSSUTIL_VERSION%
|
||||
Libs: -L${libdir} -lssl3 -lsmime3 -lnss3
|
||||
Libs: -lssl3 -lsmime3 -lnss3
|
||||
Cflags: -I${includedir}
|
||||
|
52
nsspem-642433.patch
Normal file
52
nsspem-642433.patch
Normal file
@ -0,0 +1,52 @@
|
||||
diff -up ./mozilla/security/nss/lib/ckfw/pem/util.c.642433 ./mozilla/security/nss/lib/ckfw/pem/util.c
|
||||
--- ./mozilla/security/nss/lib/ckfw/pem/util.c.642433 2010-11-25 10:49:27.000000000 -0800
|
||||
+++ ./mozilla/security/nss/lib/ckfw/pem/util.c 2010-12-08 08:02:02.618304926 -0800
|
||||
@@ -96,9 +96,6 @@ static SECItem *AllocItem(SECItem * item
|
||||
return (result);
|
||||
|
||||
loser:
|
||||
- if (result != NULL) {
|
||||
- SECITEM_FreeItem(result, (item == NULL) ? PR_TRUE : PR_FALSE);
|
||||
- }
|
||||
return (NULL);
|
||||
}
|
||||
|
||||
@@ -110,7 +107,7 @@ static SECStatus FileToItem(SECItem * ds
|
||||
|
||||
prStatus = PR_GetOpenFileInfo(src, &info);
|
||||
|
||||
- if (prStatus != PR_SUCCESS) {
|
||||
+ if (prStatus != PR_SUCCESS || info.type == PR_FILE_DIRECTORY) {
|
||||
return SECFailure;
|
||||
}
|
||||
|
||||
@@ -126,8 +123,7 @@ static SECStatus FileToItem(SECItem * ds
|
||||
|
||||
return SECSuccess;
|
||||
loser:
|
||||
- SECITEM_FreeItem(dst, PR_FALSE);
|
||||
- nss_ZFreeIf(dst);
|
||||
+ nss_ZFreeIf(dst->data);
|
||||
return SECFailure;
|
||||
}
|
||||
|
||||
@@ -153,6 +149,10 @@ ReadDERFromFile(SECItem *** derlist, cha
|
||||
|
||||
/* Read in ascii data */
|
||||
rv = FileToItem(&filedata, inFile);
|
||||
+ if (rv != SECSuccess) {
|
||||
+ PR_Close(inFile);
|
||||
+ return -1;
|
||||
+ }
|
||||
asc = (char *) filedata.data;
|
||||
if (!asc) {
|
||||
PR_Close(inFile);
|
||||
@@ -252,7 +252,7 @@ ReadDERFromFile(SECItem *** derlist, cha
|
||||
} else {
|
||||
/* Read in binary der */
|
||||
rv = FileToItem(der, inFile);
|
||||
- if (rv) {
|
||||
+ if (rv != SECSuccess) {
|
||||
PR_Close(inFile);
|
||||
return -1;
|
||||
}
|
@ -1,56 +0,0 @@
|
||||
<?xml version='1.0' encoding='UTF-8'?>
|
||||
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
|
||||
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
|
||||
<!ENTITY date SYSTEM "date.xml">
|
||||
<!ENTITY version SYSTEM "version.xml">
|
||||
]>
|
||||
|
||||
<refentry id="pkcs11.txt">
|
||||
|
||||
<refentryinfo>
|
||||
<date>&date;</date>
|
||||
<title>Network Security Services</title>
|
||||
<productname>nss</productname>
|
||||
<productnumber>&version;</productnumber>
|
||||
</refentryinfo>
|
||||
|
||||
<refmeta>
|
||||
<refentrytitle>pkcs11.txt</refentrytitle>
|
||||
<manvolnum>5</manvolnum>
|
||||
</refmeta>
|
||||
|
||||
<refnamediv>
|
||||
<refname>pkcs11.txt</refname>
|
||||
<refpurpose>NSS PKCS #11 module configuration file</refpurpose>
|
||||
</refnamediv>
|
||||
|
||||
<refsection id="description">
|
||||
<title>Description</title>
|
||||
<para>
|
||||
The pkcs11.txt file is used to configure initialization parameters for the nss security module and optionally other pkcs #11 modules.
|
||||
</para>
|
||||
<para>
|
||||
For full documentation visit <ulink url="https://developer.mozilla.org/en-US/docs/PKCS11_Module_Specs">PKCS #11 Module Specs</ulink>.
|
||||
</para>
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>Files</title>
|
||||
<para><filename>/etc/pki/nssdb/pkcs11.txt</filename></para>
|
||||
</refsection>
|
||||
|
||||
<refsection id="authors">
|
||||
<title>Authors</title>
|
||||
<para>The nss libraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.</para>
|
||||
<para>Authors: Elio Maldonado <emaldona@redhat.com>.</para>
|
||||
</refsection>
|
||||
|
||||
<!-- don't change -->
|
||||
<refsection id="license">
|
||||
<title>LICENSE</title>
|
||||
<para>Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||
</para>
|
||||
</refsection>
|
||||
|
||||
</refentry>
|
||||
|
12
renegotiate-transitional.patch
Normal file
12
renegotiate-transitional.patch
Normal file
@ -0,0 +1,12 @@
|
||||
diff -up ./mozilla/security/nss/lib/ssl/sslsock.c.transitional ./mozilla/security/nss/lib/ssl/sslsock.c
|
||||
--- ./mozilla/security/nss/lib/ssl/sslsock.c.transitional 2010-09-04 09:46:50.331327676 -0700
|
||||
+++ ./mozilla/security/nss/lib/ssl/sslsock.c 2010-09-04 09:50:02.814325605 -0700
|
||||
@@ -181,7 +181,7 @@ static sslOptions ssl_defaults = {
|
||||
PR_FALSE, /* noLocks */
|
||||
PR_FALSE, /* enableSessionTickets */
|
||||
PR_FALSE, /* enableDeflate */
|
||||
- 2, /* enableRenegotiation (default: requires extension) */
|
||||
+ 3, /* enableRenegotiation (default: transitional) */
|
||||
PR_FALSE, /* requireSafeNegotiation */
|
||||
PR_FALSE, /* enableFalseStart */
|
||||
};
|
@ -1,63 +0,0 @@
|
||||
<?xml version='1.0' encoding='utf-8'?>
|
||||
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
|
||||
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
|
||||
<!ENTITY date SYSTEM "date.xml">
|
||||
<!ENTITY version SYSTEM "version.xml">
|
||||
]>
|
||||
|
||||
<refentry id="secmod.db">
|
||||
|
||||
<refentryinfo>
|
||||
<date>&date;</date>
|
||||
<title>Network Security Services</title>
|
||||
<productname>nss</productname>
|
||||
<productnumber>&version;</productnumber>
|
||||
</refentryinfo>
|
||||
|
||||
<refmeta>
|
||||
<refentrytitle>secmod.db</refentrytitle>
|
||||
<manvolnum>5</manvolnum>
|
||||
</refmeta>
|
||||
|
||||
<refnamediv>
|
||||
<refname>secmod.db</refname>
|
||||
<refpurpose>Legacy NSS security modules database</refpurpose>
|
||||
</refnamediv>
|
||||
|
||||
<refsection id="description">
|
||||
<title>Description</title>
|
||||
<para><emphasis>secmod.db</emphasis> is an NSS security modules database.</para>
|
||||
<para>The security modules database is used to keep track of the NSS security modules. The NSS security modules export their services via the PKCS #11 API which NSS uses as its Services Provider Interface.
|
||||
</para>
|
||||
<para>The command line utility <emphasis>modutil</emphasis> is used for managing PKCS #11 module information both within secmod.db files and within hardware tokens.
|
||||
</para>
|
||||
<para>For new applications the recommended way of tracking security modules is via the pkcs11.txt configuration file used in conjunction the new sqlite-based shared database format for certificate and key databases.
|
||||
</para>
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>Files</title>
|
||||
<para><filename>/etc/pki/nssdb/secmod.db</filename></para>
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>See also</title>
|
||||
<para>modutil(1), cert8.db(5), cert9.db(5), key3.db(5), key4.db(5), pkcs11.txt(5)</para>
|
||||
</refsection>
|
||||
|
||||
<refsection id="authors">
|
||||
<title>Authors</title>
|
||||
<para>The nss libraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.</para>
|
||||
<para>Authors: Elio Maldonado <emaldona@redhat.com>.</para>
|
||||
</refsection>
|
||||
|
||||
<!-- don't change -->
|
||||
<refsection id="license">
|
||||
<title>LICENSE</title>
|
||||
<para>Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||
</para>
|
||||
|
||||
</refsection>
|
||||
|
||||
|
||||
</refentry>
|
@ -1,106 +0,0 @@
|
||||
<?xml version='1.0' encoding='utf-8'?>
|
||||
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
|
||||
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
|
||||
<!ENTITY date SYSTEM "date.xml">
|
||||
<!ENTITY version SYSTEM "version.xml">
|
||||
]>
|
||||
|
||||
<refentry id="setup-nsssysinit">
|
||||
|
||||
<refentryinfo>
|
||||
<date>&date;</date>
|
||||
<title>Network Security Services</title>
|
||||
<productname>nss</productname>
|
||||
<productnumber>&version;</productnumber>
|
||||
</refentryinfo>
|
||||
|
||||
<refmeta>
|
||||
<refentrytitle>setup-nsssysinit</refentrytitle>
|
||||
<manvolnum>1</manvolnum>
|
||||
</refmeta>
|
||||
|
||||
<refnamediv>
|
||||
<refname>setup-nsssysinit</refname>
|
||||
<refpurpose>Query or enable the nss-sysinit module</refpurpose>
|
||||
</refnamediv>
|
||||
|
||||
<refsynopsisdiv>
|
||||
<cmdsynopsis>
|
||||
<command>setup-nsssysinit</command>
|
||||
<arg><option>on</option></arg>
|
||||
<arg><option>off</option></arg>
|
||||
<arg><option>status</option></arg>
|
||||
</cmdsynopsis>
|
||||
</refsynopsisdiv>
|
||||
|
||||
<refsection id="description">
|
||||
<title>Description</title>
|
||||
<para><command>setup-nsssysinit</command> is a shell script to query the status of the nss-sysinit module and when run with root priviledge it can enable or disable it. </para>
|
||||
<para>Turns on or off the nss-sysinit module db by editing the global PKCS #11 configuration file. Displays the status. This script can be invoked by the user as super user. It is invoked at nss-sysinit post install time with argument on.
|
||||
</para>
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>Options</title>
|
||||
|
||||
<variablelist>
|
||||
<varlistentry>
|
||||
<term><option>on</option></term>
|
||||
<listitem><simpara>Turn on nss-sysinit.</simpara></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>off</option></term>
|
||||
<listitem><simpara>Turn on nss-sysinit.</simpara></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>status</option></term>
|
||||
<listitem><simpara>returns whether nss-syinit is enabled or not.</simpara></listitem>
|
||||
</varlistentry>
|
||||
|
||||
</variablelist>
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>Examples</title>
|
||||
|
||||
<para>The following example will query for the status of nss-sysinit:
|
||||
<programlisting>
|
||||
/usr/bin/setup-nsssysinit status
|
||||
</programlisting>
|
||||
</para>
|
||||
|
||||
<para>The following example, when run as superuser, will turn on nss-sysinit:
|
||||
<programlisting>
|
||||
/usr/bin/setup-nsssysinit on
|
||||
</programlisting>
|
||||
</para>
|
||||
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>Files</title>
|
||||
<para><filename>/usr/bin/setup-nsssysinit</filename></para>
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>See also</title>
|
||||
<para>pkg-config(1)</para>
|
||||
</refsection>
|
||||
|
||||
<refsection id="authors">
|
||||
<title>Authors</title>
|
||||
<para>The nss libraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.</para>
|
||||
<para>Authors: Elio Maldonado <emaldona@redhat.com>.</para>
|
||||
</refsection>
|
||||
|
||||
<!-- don't change -->
|
||||
<refsection id="license">
|
||||
<title>LICENSE</title>
|
||||
<para>Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||
</para>
|
||||
</refsection>
|
||||
|
||||
</refentry>
|
||||
|
14
sources
14
sources
@ -1,6 +1,8 @@
|
||||
SHA512 (blank-cert8.db) = ac131d15708c5f1b5e467831f919f4fc4ba13b60a4bb5fe260c845fa9afcd899a588d21ed52060abaa1bbb29f2b53af8b495d28407183cb03aff1974f95f1d3d
|
||||
SHA512 (blank-cert9.db) = 2f8eab4c0612210ee47db8a3a80c1b58a0b43849551af78c7da403fda3e3d4e7757838061ae56ccf5aac335cb54f254f0a9e6e9c0dd5920b4155a39264525b06
|
||||
SHA512 (blank-key3.db) = 01f7314e9fc8a7c9aa997652624cfcde213d18a6b3bb31840c1a60bbd662e56b5bc3221d13874abb42ce78163b225a6dfce2e1326cf6dd29366ad9c28ba5a71c
|
||||
SHA512 (blank-key4.db) = 8fedae93af7163da23fe9492ea8e785a44c291604fa98e58438448efb69c85d3253fc22b926d5c3209c62e58a86038fd4d78a1c4c068bc00600a7f3e5382ebe7
|
||||
SHA512 (blank-secmod.db) = 06a2dbd861839ef6315093459328b500d3832333a34b30e6fac4a2503af337f014a4d319f0f93322409e719142904ce8bc08252ae9a4f37f30d4c3312e900310
|
||||
SHA512 (nss-3.52.tar.gz) = a45baf38717bceda03c292b2c01def680a24a846327e17d36044a85e30ed40c68220c78c0a2c3025c11778ee58f5d5eb0fff1b4cd274b95c408fb59e394e62c6
|
||||
05ccaacf0146ef7b74f100e9d2141633 nss-3.12.10-stripped.tar.bz2
|
||||
e63cddf74c07f0d818d1052ecc6fbb1f nss-pem-20101125.tar.bz2
|
||||
a5ae49867124ac75f029a9a33af31bad blank-cert8.db
|
||||
9315689bbd9f28ceebd47894f99fccbd blank-key3.db
|
||||
73bc040a0542bba387e6dd7fb9fd7d23 blank-secmod.db
|
||||
691e663ccc07b7a1eaa6f088e03bf8e2 blank-cert9.db
|
||||
2ec9e0606ba40fe65196545564b7cc2a blank-key4.db
|
||||
bf47cecad861efa77d1488ad4a73cb5b PayPalEE.cert
|
||||
|
@ -1,64 +0,0 @@
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Makefile of /CoreOS/nss/Regression/NSS-tools-should-not-use-SHA1-by-default-when
|
||||
# Description: NSS tools should not use SHA1 by default when
|
||||
# Author: Hubert Kario <hkario@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2016 Red Hat, Inc.
|
||||
#
|
||||
# This copyrighted material is made available to anyone wishing
|
||||
# to use, modify, copy, or redistribute it subject to the terms
|
||||
# and conditions of the GNU General Public License version 2.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public
|
||||
# License along with this program; if not, write to the Free
|
||||
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
|
||||
# Boston, MA 02110-1301, USA.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
export TEST=/CoreOS/nss/Regression/NSS-tools-should-not-use-SHA1-by-default-when
|
||||
export TESTVERSION=1.0
|
||||
|
||||
BUILT_FILES=
|
||||
|
||||
FILES=$(METADATA) runtest.sh Makefile PURPOSE
|
||||
|
||||
.PHONY: all install download clean
|
||||
|
||||
run: $(FILES) build
|
||||
./runtest.sh
|
||||
|
||||
build: $(BUILT_FILES)
|
||||
test -x runtest.sh || chmod a+x runtest.sh
|
||||
|
||||
clean:
|
||||
rm -f *~ $(BUILT_FILES)
|
||||
|
||||
|
||||
include /usr/share/rhts/lib/rhts-make.include
|
||||
|
||||
$(METADATA): Makefile
|
||||
@echo "Owner: Hubert Kario <hkario@redhat.com>" > $(METADATA)
|
||||
@echo "Name: $(TEST)" >> $(METADATA)
|
||||
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
||||
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
||||
@echo "Description: NSS tools should not use SHA1 by default when" >> $(METADATA)
|
||||
@echo "Type: Regression" >> $(METADATA)
|
||||
@echo "TestTime: 10m" >> $(METADATA)
|
||||
@echo "RunFor: nss openssl" >> $(METADATA)
|
||||
@echo "Requires: nss nss-tools openssl" >> $(METADATA)
|
||||
@echo "Priority: Normal" >> $(METADATA)
|
||||
@echo "License: GPLv2" >> $(METADATA)
|
||||
@echo "Confidential: no" >> $(METADATA)
|
||||
@echo "Destructive: no" >> $(METADATA)
|
||||
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
|
||||
|
||||
rhts-lint $(METADATA)
|
@ -1,4 +0,0 @@
|
||||
PURPOSE of NSS-tools-should-not-use-SHA1-by-default-when
|
||||
Description: NSS tools should not use SHA1 by default when
|
||||
Author: Hubert Kario <hkario@redhat.com>
|
||||
Summary: NSS tools should not use SHA1 by default when generating digital signatures/certificates
|
@ -1,125 +0,0 @@
|
||||
#!/bin/bash
|
||||
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# runtest.sh of NSS-tools-should-not-use-SHA1-by-default-when
|
||||
# Description: NSS tools should not use SHA1 by default when
|
||||
# Author: Hubert Kario <hkario@redhat.com>
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
#
|
||||
# Copyright (c) 2016 Red Hat, Inc.
|
||||
#
|
||||
# This copyrighted material is made available to anyone wishing
|
||||
# to use, modify, copy, or redistribute it subject to the terms
|
||||
# and conditions of the GNU General Public License version 2.
|
||||
#
|
||||
# This program is distributed in the hope that it will be
|
||||
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
# PURPOSE. See the GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public
|
||||
# License along with this program; if not, write to the Free
|
||||
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
|
||||
# Boston, MA 02110-1301, USA.
|
||||
#
|
||||
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
# Include Beaker environment
|
||||
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
||||
|
||||
PACKAGE="nss"
|
||||
PACKAGES="nss openssl"
|
||||
DBDIR="nssdb"
|
||||
|
||||
rlJournalStart
|
||||
rlPhaseStartSetup
|
||||
rlAssertRpm --all
|
||||
rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory"
|
||||
rlRun "pushd $TmpDir"
|
||||
rlRun "mkdir nssdb"
|
||||
rlRun "certutil -N -d $DBDIR --empty-password"
|
||||
rlLogInfo "Create a JAR file"
|
||||
rlRun "mkdir java-dir"
|
||||
rlRun "pushd java-dir"
|
||||
rlRun "mkdir META-INF mypackage"
|
||||
rlRun "echo 'Main-Class: mypackage/MyMainFile' > META-INF/MANIFEST.MF"
|
||||
rlRun "echo 'Those are not the droids you are looking for' > mypackage/MyMainFile.class"
|
||||
#rlRun "jar -cfe package.jar mypackage/MyMainFile mypackage/MyMainFile.class"
|
||||
rlRun "popd"
|
||||
#rlRun "mv java-dir/package.jar ."
|
||||
rlPhaseEnd
|
||||
|
||||
rlPhaseStartTest "Self signing certificates"
|
||||
rlRun "dd if=/dev/urandom of=noise bs=1 count=32 >/dev/null"
|
||||
rlRun "certutil -d $DBDIR -S -n 'CA' -t 'cTC,cTC,cTC' -s 'CN=CA' -x -z noise"
|
||||
rlRun -s "certutil -d $DBDIR -L -n 'CA' -a | openssl x509 -noout -text"
|
||||
rlAssertGrep "Signature Algorithm: sha256WithRSAEncryption" "$rlRun_LOG"
|
||||
rlAssertNotGrep "Signature Algorithm: sha1WithRSAEncryption" $rlRun_LOG
|
||||
rlPhaseEnd
|
||||
|
||||
rlPhaseStartTest "Signing certificates"
|
||||
rlRun "dd if=/dev/urandom of=noise bs=1 count=32 >/dev/null"
|
||||
rlRun "certutil -d $DBDIR -S -n 'server' -t 'u,u,u' -s 'CN=server.example.com' -c 'CA' -z noise --nsCertType sslClient,sslServer,objectSigning,smime"
|
||||
rlRun -s "certutil -d $DBDIR -L -n 'server' -a | openssl x509 -noout -text"
|
||||
rlAssertGrep "Signature Algorithm: sha256WithRSAEncryption" "$rlRun_LOG"
|
||||
rlAssertNotGrep "Signature Algorithm: sha1WithRSAEncryption" $rlRun_LOG
|
||||
rlPhaseEnd
|
||||
|
||||
rlPhaseStartTest "Certificate request"
|
||||
rlRun "dd if=/dev/urandom of=noise bs=1 count=32 >/dev/null"
|
||||
rlRun "mkdir srv2db"
|
||||
rlRun "certutil -d srv2db -N --empty-password"
|
||||
rlRun "certutil -d srv2db -R -s CN=www.example.com -o srv2.req -a -z noise"
|
||||
rlRun -s "openssl req -noout -text -in srv2.req"
|
||||
rlAssertGrep "Signature Algorithm: sha256WithRSAEncryption" "$rlRun_LOG"
|
||||
rlAssertNotGrep "Signature Algorithm: sha1WithRSAEncryption" $rlRun_LOG
|
||||
rlRun "certutil -d $DBDIR -C -c 'CA' -i srv2.req -a -o srv2.crt"
|
||||
rlRun -s "openssl x509 -in srv2.crt -noout -text"
|
||||
rlAssertGrep "Signature Algorithm: sha256WithRSAEncryption" "$rlRun_LOG"
|
||||
rlAssertNotGrep "Signature Algorithm: sha1WithRSAEncryption" $rlRun_LOG
|
||||
rlRun "rm -rf srv2db"
|
||||
rlPhaseEnd
|
||||
|
||||
rlPhaseStartTest "Certificate request with SHA1"
|
||||
rlRun "dd if=/dev/urandom of=noise bs=1 count=32 >/dev/null"
|
||||
rlRun "mkdir srv2db"
|
||||
rlRun "certutil -d srv2db -N --empty-password"
|
||||
rlRun "certutil -d srv2db -R -s CN=www.example.com -o srv2.req -a -z noise -Z SHA1"
|
||||
rlRun -s "openssl req -noout -text -in srv2.req"
|
||||
rlAssertGrep "Signature Algorithm: sha1WithRSAEncryption" "$rlRun_LOG"
|
||||
rlRun "certutil -d $DBDIR -C -c 'CA' -i srv2.req -a -o srv2.crt"
|
||||
rlRun -s "openssl x509 -in srv2.crt -noout -text"
|
||||
rlAssertGrep "Signature Algorithm: sha256WithRSAEncryption" "$rlRun_LOG"
|
||||
rlAssertNotGrep "Signature Algorithm: sha1WithRSAEncryption" $rlRun_LOG
|
||||
rlRun "rm -rf srv2db"
|
||||
rlPhaseEnd
|
||||
|
||||
rlPhaseStartTest "Signing CMS messages"
|
||||
rlRun "echo 'This is a document' > document.txt"
|
||||
rlRun "cmsutil -S -d $DBDIR -N 'server' -i document.txt -o document.cms"
|
||||
rlRun -s "openssl cms -in document.cms -inform der -noout -cmsout -print"
|
||||
rlAssertGrep "algorithm: sha256" $rlRun_LOG
|
||||
rlAssertNotGrep "algorithm: sha1" $rlRun_LOG
|
||||
rlPhaseEnd
|
||||
|
||||
rlPhaseStartTest "CRL signing"
|
||||
rlRun "echo $(date --utc +update=%Y%m%d%H%M%SZ) > script"
|
||||
rlRun "echo $(date -d 'next week' --utc +nextupdate=%Y%m%d%H%M%SZ) >> script"
|
||||
rlRun "echo addext crlNumber 0 1245 >>script"
|
||||
rlRun "echo addcert 12 $(date -d 'yesterday' --utc +%Y%m%d%H%M%SZ) >>script"
|
||||
rlRun "echo addext reasonCode 0 0 >>script"
|
||||
rlRun "cat script"
|
||||
rlRun "crlutil -G -c script -d $DBDIR -n CA -o ca.crl"
|
||||
rlRun -s "openssl crl -in ca.crl -inform der -noout -text"
|
||||
rlAssertGrep "Signature Algorithm: sha256WithRSAEncryption" $rlRun_LOG
|
||||
rlAssertNotGrep "Signature Algorithm: sha1WithRSAEncryption" $rlRun_LOG
|
||||
rlPhaseEnd
|
||||
|
||||
rlPhaseStartCleanup
|
||||
rlRun "popd"
|
||||
rlRun "rm -r $TmpDir" 0 "Removing tmp directory"
|
||||
rlPhaseEnd
|
||||
rlJournalPrintText
|
||||
rlJournalEnd
|
@ -1,12 +0,0 @@
|
||||
---
|
||||
# This first play always runs on the local staging system
|
||||
- hosts: localhost
|
||||
roles:
|
||||
- role: standard-test-beakerlib
|
||||
tags:
|
||||
- classic
|
||||
tests:
|
||||
- NSS-tools-should-not-use-SHA1-by-default-when
|
||||
required_packages:
|
||||
- nss-tools
|
||||
- nss
|
Loading…
Reference in New Issue
Block a user