Compare commits
486 Commits
nss-3_12_6
...
master
Author | SHA1 | Date | |
---|---|---|---|
|
614f823eb3 | ||
|
26f93fa193 | ||
|
047dc3ed4e | ||
|
fc0174ead1 | ||
|
3c018618ca | ||
|
65271d923d | ||
|
9ae0f0b9e1 | ||
|
2b122e4485 | ||
|
507a1cebf0 | ||
|
7f30e21d0f | ||
|
aa7d80b11e | ||
|
f512836b78 | ||
|
58ca69fcaf | ||
|
bd89f2ce5c | ||
|
9e1e74ca17 | ||
|
37c40ebd3d | ||
|
656c979c95 | ||
|
0b17c92d39 | ||
|
3c27dc2471 | ||
|
36505c331d | ||
|
6e689ce0cb | ||
|
703a4f9a95 | ||
|
1e2f8acd14 | ||
|
74b268dbd9 | ||
|
541296170e | ||
|
f3ad534c37 | ||
|
a8a8d020bf | ||
|
704f2e22d6 | ||
|
4f639ad73c | ||
|
8c9ed11be4 | ||
|
115989f50d | ||
|
2ec4745f30 | ||
|
626f1941fd | ||
|
16706fe38d | ||
|
d86af7693a | ||
|
fa84af3e06 | ||
|
2f14d11d0d | ||
|
3f3c20ae17 | ||
|
326f5d0c9a | ||
|
c5b7db61f4 | ||
|
7b734a0c80 | ||
|
c7e445694f | ||
|
3ea5d2fb0e | ||
|
4567b678cc | ||
|
141e716639 | ||
|
5deb5dd362 | ||
|
d3f6891026 | ||
|
df8d75ac51 | ||
|
b3b17b08a0 | ||
|
455711f1df | ||
|
0e03f768ab | ||
|
e5e5a75933 | ||
|
431c940fc5 | ||
|
41b9b6b6a1 | ||
|
f572eae5ce | ||
|
b250b65666 | ||
|
5221baae09 | ||
|
cab16c0490 | ||
|
af46412ffe | ||
|
e557c2c2a1 | ||
|
8be7f95db1 | ||
|
7bdb9fac17 | ||
|
71d6df3266 | ||
|
390eaefc52 | ||
|
4b42d21883 | ||
|
ec4d144b47 | ||
|
705e2b3229 | ||
|
26c062714a | ||
|
c29d479b7f | ||
|
18c140b4c2 | ||
|
bdf4e9ddaf | ||
|
93c1de8b0d | ||
|
db341dd2e0 | ||
|
89b8b47d46 | ||
|
e4c3da9da7 | ||
|
137780ff5d | ||
|
6f4f615c05 | ||
|
2b3aa61f20 | ||
|
3b822a7262 | ||
|
8d5d06f814 | ||
|
26f23aeeb6 | ||
|
dfa19ec931 | ||
|
e874285f92 | ||
|
abfbe95c8d | ||
|
e42c9742c4 | ||
|
93dca340cd | ||
|
a24d6b1353 | ||
|
418745fdce | ||
|
03874d1272 | ||
|
2007524db8 | ||
|
67567fd852 | ||
|
2eadf22a1d | ||
|
3edcb8bd09 | ||
|
b33603605a | ||
|
7504d3f5b2 | ||
|
51a16f5968 | ||
|
1689d12cbb | ||
|
0a70bce56d | ||
|
ccf407af47 | ||
|
08f152ebf9 | ||
|
bd239c046a | ||
|
6d15c06123 | ||
|
423cf344b1 | ||
|
cd77ff2c17 | ||
|
c4dce982fc | ||
|
24e850cb0b | ||
|
06c6c5b05b | ||
|
8a8a89e2ed | ||
|
c6bdcf333a | ||
|
3e4febd5a1 | ||
|
61169569b1 | ||
|
2d62c98a25 | ||
|
7ae9f54af6 | ||
|
3bbfdef75c | ||
|
7a90b2748d | ||
|
943827bba4 | ||
|
82b3129713 | ||
|
4b45ae6d65 | ||
|
314afd2133 | ||
|
b2ceaeb648 | ||
|
5ed56146a2 | ||
|
4a49c5748c | ||
|
405310c946 | ||
|
cd8db2917d | ||
|
17cd27bdca | ||
|
b6664ebb77 | ||
|
8b601d64b2 | ||
|
65a4d20cc7 | ||
|
07c729494a | ||
|
73106743c1 | ||
|
70bf1cefc1 | ||
|
877f068e97 | ||
|
82e9983e43 | ||
|
c6535e87bd | ||
|
8b6e6cc656 | ||
|
9168316fa8 | ||
|
1df1edced7 | ||
|
f52ebc585d | ||
|
387bb6b467 | ||
|
74f302809f | ||
|
ddcac56c2e | ||
|
e0be40e6f7 | ||
|
351f464ed1 | ||
|
7854e70d7e | ||
|
ff192a931a | ||
|
270f23d149 | ||
|
e666a29edf | ||
|
68e30820ed | ||
|
ef6c2f08e7 | ||
|
e51bf1ce38 | ||
|
3792f60887 | ||
|
1911d47990 | ||
|
f5c6a9ac04 | ||
|
85c6e70f3c | ||
|
c460de4d23 | ||
|
29b52f2caf | ||
|
fc09930b4d | ||
|
3648d70a92 | ||
|
2e6c8d6f71 | ||
|
299e9058d1 | ||
|
21d9cd13e1 | ||
|
b9c9bc550c | ||
|
ea86d5898c | ||
|
b22cf46b7c | ||
|
2a45956d5b | ||
|
e4343992f0 | ||
|
c0f6099656 | ||
|
69c688f3b5 | ||
|
fe44847276 | ||
|
c281a339e1 | ||
|
317de01a4d | ||
|
5953345108 | ||
|
f7ddea92df | ||
|
5fe1656484 | ||
|
0483a01742 | ||
|
65e0fbe683 | ||
|
337a03cdd8 | ||
|
34058a2a6e | ||
|
66122a0ff7 | ||
|
03da09b383 | ||
|
69b02be530 | ||
|
0a91ce3fe8 | ||
|
c13e32fe80 | ||
|
81b37a0f74 | ||
|
75207789dc | ||
|
82653be6b2 | ||
|
ae64727ebb | ||
|
a046ce773a | ||
|
17f536942a | ||
|
b10f7b1f18 | ||
|
c4f83dca30 | ||
|
8b92dbf50e | ||
|
f35af25385 | ||
|
0779a363b4 | ||
|
3a7ef4801d | ||
|
c0a0ca5eb2 | ||
|
856e33f728 | ||
|
a58533f703 | ||
|
f59c0d1275 | ||
|
9b7199b3db | ||
|
fa80ce0efb | ||
|
8687a87da5 | ||
|
8cfb70a447 | ||
|
8c142e52fe | ||
|
c70e45537d | ||
|
62096f81c3 | ||
|
a60e3001fe | ||
|
a7df0838aa | ||
|
3e2a0ea4de | ||
|
1765d80a6c | ||
|
0ac07fb221 | ||
|
64ca89cbe4 | ||
|
3e02cae346 | ||
|
db7f9bfa50 | ||
|
eaa519320e | ||
|
8025e7be74 | ||
|
fd6a1f2171 | ||
|
60816050f2 | ||
|
296fce6af9 | ||
|
f94fcb299b | ||
|
4d04992e9a | ||
|
37a942df5c | ||
|
0834927548 | ||
|
8b13702a67 | ||
|
4f24d9e6c9 | ||
|
23d7297fce | ||
|
9b8380a073 | ||
|
4c076bc0cd | ||
|
4fb9d07b7f | ||
|
a25fc11743 | ||
|
5d65d327f1 | ||
|
301ed12356 | ||
|
7285eaab48 | ||
|
d2ef6540b5 | ||
|
569d439b91 | ||
|
aae9602c01 | ||
|
6ab230bb01 | ||
|
b5567867a7 | ||
|
4f6555074f | ||
|
f37654e052 | ||
|
49e209f91d | ||
|
67a7a21b0e | ||
|
129e66ef0e | ||
|
658733b0d3 | ||
|
db7fe53123 | ||
|
a6a13f1a66 | ||
|
4b2b74e5e0 | ||
|
74d9e91174 | ||
|
306dd778f4 | ||
|
9b70717281 | ||
|
8f6f357e88 | ||
|
33f25f5720 | ||
|
da85237ace | ||
|
2285997461 | ||
|
1c902d0023 | ||
|
2c648570aa | ||
|
b4e6e308a6 | ||
|
5761e30a94 | ||
|
3888f3b230 | ||
|
8ae46fa97f | ||
|
fdb9637677 | ||
|
cf4a750103 | ||
|
8943f1ad54 | ||
|
efdced7007 | ||
|
65efb2c2f3 | ||
|
b8273ce04c | ||
|
e36079dd45 | ||
|
41e94360c9 | ||
|
2f66633263 | ||
|
f6ec57311f | ||
|
2249db62a6 | ||
|
30056fd35c | ||
|
2a8c1318ea | ||
|
59b5d52d9e | ||
|
21e8668243 | ||
|
7b5d7ea05f | ||
|
b03345792c | ||
|
0370142fd0 | ||
|
b3f05b9f44 | ||
|
96957e805a | ||
|
7a7f48e712 | ||
|
830ee96f85 | ||
|
ca00551ea7 | ||
|
b13dc44579 | ||
|
5a0d6572e1 | ||
|
edea054ffc | ||
|
765b3c410b | ||
|
461744f676 | ||
|
4e9cb6d944 | ||
|
e45858c07c | ||
|
6e1a26a079 | ||
|
19ad65d608 | ||
|
fef81756fd | ||
|
b5d7c8e158 | ||
|
247ec13766 | ||
|
fdff72cd4e | ||
|
f2639d5e85 | ||
|
b89655218d | ||
|
93eeb31cf1 | ||
|
e4dd1babb0 | ||
|
edf5ff0634 | ||
|
c2e20984e1 | ||
|
192d1d33fb | ||
|
3be7379237 | ||
|
982583d915 | ||
|
b11609d88a | ||
|
0889879046 | ||
|
1f01ab68b1 | ||
|
61aa73d6e8 | ||
|
53a120c4af | ||
|
ab9d670692 | ||
|
99a740d2ee | ||
|
bd7e7ae750 | ||
|
f304d0d0cf | ||
|
18cd8ce5de | ||
|
967fa1be0d | ||
|
7011f18b86 | ||
|
6b33cec549 | ||
|
e1a1b3583b | ||
|
580fd0d7b9 | ||
|
a27d98a9ec | ||
|
c38003c691 | ||
|
41064271a8 | ||
|
034c16be36 | ||
|
99d4b15c76 | ||
|
4fe7a90965 | ||
|
5203007534 | ||
|
310e64d3c2 | ||
|
c408966515 | ||
|
89045d8452 | ||
|
51c4dcf0e0 | ||
|
39b507ea3c | ||
|
19fee62ac7 | ||
|
7d1bd46bd6 | ||
|
3ccc11c806 | ||
|
85a1075a8d | ||
|
ca7f73c317 | ||
|
6e9d7578fc | ||
|
81470bd3c4 | ||
|
b6f8eca453 | ||
|
1f56c5ccc5 | ||
|
40928cb8e3 | ||
|
d5f0675cc9 | ||
|
def217ea25 | ||
|
aecd53f653 | ||
|
543ae9ce83 | ||
|
109e79922c | ||
|
1584b7eb6a | ||
|
e8491da33f | ||
|
3fe2df48eb | ||
|
f67889f49c | ||
|
2980194bf3 | ||
|
321e446e77 | ||
|
cb85c9e1da | ||
|
953f3cef9d | ||
|
1c8a4130f1 | ||
|
5fe8f41a13 | ||
|
a32a69acd9 | ||
|
dc20ddf3a8 | ||
|
190ec81eec | ||
|
0598777c8d | ||
|
cc7766a55d | ||
|
28928af492 | ||
|
4a87b24862 | ||
|
7b078b5247 | ||
|
e13d622bc5 | ||
|
bc4ac545c9 | ||
|
3586aff4e7 | ||
|
a1e61fa589 | ||
|
c26c5b1326 | ||
|
bc8d177729 | ||
|
4f63c4864b | ||
|
d7c5a94ba8 | ||
|
a7fb38e80b | ||
|
e2ce6e022c | ||
|
5c50a33200 | ||
|
6f6f1203b3 | ||
|
778a865dab | ||
|
321ca50d42 | ||
|
7232ae1bc7 | ||
|
c409805d45 | ||
|
656b5456ab | ||
|
976de5ebbe | ||
|
508cdeae12 | ||
|
6e1b6bdc24 | ||
|
a21a33ed09 | ||
|
4a912ae4d0 | ||
|
0b0026515f | ||
|
c40f16fc52 | ||
|
ab4de6fd80 | ||
|
87fcbd4706 | ||
|
4847c439c7 | ||
|
a8a5670437 | ||
|
882fcb9fcf | ||
|
4c53349943 | ||
|
a2f2732911 | ||
|
114f631980 | ||
|
cab275f8b6 | ||
|
40064d5204 | ||
|
1850759856 | ||
|
453276ca4d | ||
|
f76d0921cd | ||
|
5f7dfcf00d | ||
|
612496b72d | ||
|
d7e6ef54a1 | ||
|
fa715a1966 | ||
|
9cfe30c547 | ||
|
f5fbb3f944 | ||
|
f3c92abf85 | ||
|
c45196731a | ||
|
4c96b0e51a | ||
|
40b4497eee | ||
|
2cded812be | ||
|
7292dd3723 | ||
|
27e3c89861 | ||
|
50867d6093 | ||
|
89b371d9fc | ||
|
c5201d23da | ||
|
c51d121d29 | ||
|
53ccaaaa26 | ||
|
06f202356f | ||
|
1e21f59c8c | ||
|
958c0f4fd5 | ||
|
4a3d4a018a | ||
|
759a662b45 | ||
|
40dcb92ab3 | ||
|
5cb30e27e1 | ||
|
2becd412b2 | ||
|
8e3710e2cf | ||
|
1c9dbe330c | ||
|
b26040bb25 | ||
|
ff85d0f4c8 | ||
|
c647f9551c | ||
|
ebb7b25b6f | ||
|
88149c181c | ||
|
37584d01a1 | ||
|
a3ec3dfe11 | ||
|
9218303306 | ||
|
99c5eddfda | ||
|
f2b0bb17ab | ||
|
7edcfc8148 | ||
|
fbbc54fbf1 | ||
|
0b1d72fd87 | ||
|
f1e2b65a89 | ||
|
591ce17ea2 | ||
|
0578cf1b19 | ||
|
c2a52bb832 | ||
|
b84ca16585 | ||
|
ba88c56bfa | ||
|
688080c659 | ||
|
1533b72660 | ||
|
1970b5d230 | ||
|
f9076c4e22 | ||
|
90bba8e3ec | ||
|
6bcb3eb1cd | ||
|
19b99b2cd7 | ||
|
26452cb3f5 | ||
|
aff15a114b | ||
|
d06d666dbb | ||
|
88e3f7f389 | ||
|
c33feabbec | ||
|
2d16454a8b | ||
|
d2c868c9a3 | ||
|
8867167583 | ||
|
e10b9063cb | ||
|
4edf8a9398 | ||
|
9287622223 | ||
|
b1a6f7df84 | ||
|
e3bf0236f1 | ||
|
911a125478 | ||
|
43678392b1 | ||
|
99bd1bfc40 | ||
|
037460c0f7 | ||
|
4b75d3d442 | ||
|
319760bdff | ||
|
116eba883e | ||
|
f42072dcd7 | ||
|
2f6ca3a1fa | ||
|
e2b63134ba | ||
|
b936bcd440 | ||
|
cd2a7788c9 | ||
|
dfe95ffa5f | ||
|
e498f6c61b | ||
|
362e48244d | ||
|
a7f6c1391e | ||
|
fa433fc6ea |
@ -1,8 +0,0 @@
|
|||||||
nss-3.12.6-stripped.tar.bz2
|
|
||||||
nss-pem-20100412.tar.bz2
|
|
||||||
blank-cert8.db
|
|
||||||
blank-key3.db
|
|
||||||
blank-secmod.db
|
|
||||||
blank-cert9.db
|
|
||||||
blank-key4.db
|
|
||||||
PayPalEE.cert
|
|
51
.gitignore
vendored
Normal file
51
.gitignore
vendored
Normal file
@ -0,0 +1,51 @@
|
|||||||
|
blank-cert8.db
|
||||||
|
blank-key3.db
|
||||||
|
blank-secmod.db
|
||||||
|
blank-cert9.db
|
||||||
|
blank-key4.db
|
||||||
|
PayPalEE.cert
|
||||||
|
TestCA.ca.cert
|
||||||
|
TestUser50.cert
|
||||||
|
TestUser51.cert
|
||||||
|
/PayPalRootCA.cert
|
||||||
|
/PayPalICA.cert
|
||||||
|
/nss-3.25.0.tar.gz
|
||||||
|
/nss-3.26.0.tar.gz
|
||||||
|
/nss-3.27.0.tar.gz
|
||||||
|
/nss-3.27.2.tar.gz
|
||||||
|
/nss-3.28.1.tar.gz
|
||||||
|
/nss-3.29.0.tar.gz
|
||||||
|
/nss-3.29.1.tar.gz
|
||||||
|
/nss-3.30.0.tar.gz
|
||||||
|
/nss-3.30.2.tar.gz
|
||||||
|
/nss-3.31.0.tar.gz
|
||||||
|
/nss-3.32.0.tar.gz
|
||||||
|
/nss-3.32.1.tar.gz
|
||||||
|
/nss-3.33.0.tar.gz
|
||||||
|
/nss-3.34.0.tar.gz
|
||||||
|
/nss-3.35.0.tar.gz
|
||||||
|
/nss-3.36.0.tar.gz
|
||||||
|
/nss-3.36.1.tar.gz
|
||||||
|
/nss-3.37.1.tar.gz
|
||||||
|
/nss-3.37.3.tar.gz
|
||||||
|
/nss-3.38.0.tar.gz
|
||||||
|
/nss-3.39.tar.gz
|
||||||
|
/nss-3.40.1.tar.gz
|
||||||
|
/nss-3.41.tar.gz
|
||||||
|
/nss-3.42.tar.gz
|
||||||
|
/nss-3.42.1.tar.gz
|
||||||
|
/nss-3.43.tar.gz
|
||||||
|
/nss-3.44.tar.gz
|
||||||
|
/nss-3.44.1.tar.gz
|
||||||
|
/nss-3.45.tar.gz
|
||||||
|
/nss-3.46.tar.gz
|
||||||
|
/nss-3.46.1.tar.gz
|
||||||
|
/nss-3.47.tar.gz
|
||||||
|
/nss-3.47.1.tar.gz
|
||||||
|
/nss-3.48.tar.gz
|
||||||
|
/nss-3.49.tar.gz
|
||||||
|
/nss-3.49.2.tar.gz
|
||||||
|
/nss-3.50.tar.gz
|
||||||
|
/nss-3.51.tar.gz
|
||||||
|
/nss-3.51.1.tar.gz
|
||||||
|
/nss-3.52.tar.gz
|
21
Makefile
21
Makefile
@ -1,21 +0,0 @@
|
|||||||
# Makefile for source rpm: nss
|
|
||||||
# $Id: Makefile,v 1.2 2007/10/15 19:11:25 notting Exp $
|
|
||||||
NAME := nss
|
|
||||||
SPECFILE = $(firstword $(wildcard *.spec))
|
|
||||||
|
|
||||||
define find-makefile-common
|
|
||||||
for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
|
|
||||||
endef
|
|
||||||
|
|
||||||
MAKEFILE_COMMON := $(shell $(find-makefile-common))
|
|
||||||
|
|
||||||
ifeq ($(MAKEFILE_COMMON),)
|
|
||||||
# attempt a checkout
|
|
||||||
define checkout-makefile-common
|
|
||||||
test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2
|
|
||||||
endef
|
|
||||||
|
|
||||||
MAKEFILE_COMMON := $(shell $(checkout-makefile-common))
|
|
||||||
endif
|
|
||||||
|
|
||||||
include $(MAKEFILE_COMMON)
|
|
68
STAGE2-nss
Normal file
68
STAGE2-nss
Normal file
@ -0,0 +1,68 @@
|
|||||||
|
#requires nspr
|
||||||
|
#requires perl
|
||||||
|
#requires nss-util
|
||||||
|
#requires nss-softokn
|
||||||
|
|
||||||
|
mcd $BUILDDIR/nss
|
||||||
|
|
||||||
|
export BUILD_OPT=1
|
||||||
|
export PKG_CONFIG_ALLOW_SYSTEM_LIBS=1
|
||||||
|
export PKG_CONFIG_ALLOW_SYSTEM_CFLAGS=1
|
||||||
|
export NSPR_INCLUDE_DIR=/usr/include/nspr
|
||||||
|
export NSPR_LIB_DIR=/usr/lib${SUFFIX}
|
||||||
|
export NSS_USE_SYSTEM_SQLITE=1
|
||||||
|
export NSS_BUILD_WITHOUT_SOFTOKEN=1
|
||||||
|
export USE_SYSTEM_SOFTOKEN=1
|
||||||
|
export SOFTOKEN_LIB_DIR=/usr/lib${SUFFIX}
|
||||||
|
export NSSUTIL_INCLUDE_DIR=/usr/include/nss3
|
||||||
|
export NSSUTIL_LIB_DIR=/usr/lib${SUFFIX}
|
||||||
|
export USE_SYSTEM_NSSUTIL=1
|
||||||
|
export FREEBL_INCLUDE_DIR=/usr/include/nss3
|
||||||
|
export FREEBL_LIB_DIR=/usr/lib${SUFFIX}
|
||||||
|
export USE_SYSTEM_FREEBL=1
|
||||||
|
export NSS_USE_SYSTEM_FREEBL=1
|
||||||
|
export FREEBL_NO_DEPEND=1
|
||||||
|
export IN_TREE_FREEBL_HEADERS_FIRST=1
|
||||||
|
export NSS_BLTEST_NOT_AVAILABLE=1
|
||||||
|
export NSS_NO_SSL2_NO_EXPORT=1
|
||||||
|
export NSS_ECC_MORE_THAN_SUITE_B=1
|
||||||
|
export NSS_NO_PKCS11_BYPASS=1
|
||||||
|
#export NSDISTMODE="copy"
|
||||||
|
|
||||||
|
if [ "$SUFFIX" = "64" ]; then
|
||||||
|
USE_64=1
|
||||||
|
export USE_64
|
||||||
|
fi
|
||||||
|
|
||||||
|
(cd $SRC/nss-3.* && mkdir -p dist/private/nss && cp nss/lib/ckfw/nssck.api dist/private/nss/)
|
||||||
|
|
||||||
|
make -C $SRC/nss-3.*/nss/coreconf
|
||||||
|
make -C $SRC/nss-3.*/nss/lib/dbm
|
||||||
|
|
||||||
|
# nss/nssinit.c, ssl/sslcon.c, smime/smimeutil.c and ckfw/builtins/binst.c
|
||||||
|
# need nss/verref.h which is exported privately, move it to where it can be found.
|
||||||
|
(cd $SRC/nss-3.* && mkdir -p dist/private/nss && cp -a nss/verref.h dist/private/nss/)
|
||||||
|
|
||||||
|
make -C $SRC/nss-3.*/nss
|
||||||
|
cd $SRC/nss-3.*/nss/coreconf
|
||||||
|
make install
|
||||||
|
cd $SRC/nss-3.*/nss/lib/dbm
|
||||||
|
make install
|
||||||
|
cd $SRC/nss-3.*/nss
|
||||||
|
make install
|
||||||
|
# Copy the binary libraries we want
|
||||||
|
NSSLIBS="libnss3.so libnssckbi.so libnsspem.so libnsssysinit.so libsmime3.so libssl3.so"
|
||||||
|
# BOZO: temporarily disable FIPS140 support
|
||||||
|
#NSSLIBCHKS="libnssdbm3.chk libfreebl3.chk libsoftokn3.chk"
|
||||||
|
NSSLIBCHKS=""
|
||||||
|
# END BOZO
|
||||||
|
cd $SRC/nss-3.*
|
||||||
|
for file in $NSSLIBS $NSSLIBCHKS
|
||||||
|
do
|
||||||
|
install -p -m 755 dist/*.OBJ/lib/$file /usr/lib${SUFFIX}/
|
||||||
|
done
|
||||||
|
# Copy the include files we want
|
||||||
|
for file in $SRC/nss-*/dist/public/nss/*.h
|
||||||
|
do
|
||||||
|
install -p -m 644 $file /usr/include/nss3/
|
||||||
|
done
|
59
cert8.db.xml
Normal file
59
cert8.db.xml
Normal file
@ -0,0 +1,59 @@
|
|||||||
|
<?xml version='1.0' encoding='utf-8'?>
|
||||||
|
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
|
||||||
|
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
|
||||||
|
<!ENTITY date SYSTEM "date.xml">
|
||||||
|
<!ENTITY version SYSTEM "version.xml">
|
||||||
|
]>
|
||||||
|
|
||||||
|
<refentry id="cert8.db">
|
||||||
|
|
||||||
|
<refentryinfo>
|
||||||
|
<date>&date;</date>
|
||||||
|
<title>Network Security Services</title>
|
||||||
|
<productname>nss</productname>
|
||||||
|
<productnumber>&version;</productnumber>
|
||||||
|
</refentryinfo>
|
||||||
|
|
||||||
|
<refmeta>
|
||||||
|
<refentrytitle>cert8.db</refentrytitle>
|
||||||
|
<manvolnum>5</manvolnum>
|
||||||
|
</refmeta>
|
||||||
|
|
||||||
|
<refnamediv>
|
||||||
|
<refname>cert8.db</refname>
|
||||||
|
<refpurpose>Legacy NSS certificate database</refpurpose>
|
||||||
|
</refnamediv>
|
||||||
|
|
||||||
|
<refsection id="description">
|
||||||
|
<title>Description</title>
|
||||||
|
<para><emphasis>cert8.db</emphasis> is an NSS certificate database.</para>
|
||||||
|
<para>This certificate database is in the legacy database format. Consider migrating to cert9.db and key4.db which are the new sqlite-based shared database format with support for concurrent access.
|
||||||
|
</para>
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
<refsection>
|
||||||
|
<title>Files</title>
|
||||||
|
<para><filename>/etc/pki/nssdb/cert8.db</filename></para>
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
<refsection>
|
||||||
|
<title>See also</title>
|
||||||
|
<para>cert9.db(5), key4.db(5), pkcs11.txt(5), </para>
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
<refsection id="authors">
|
||||||
|
<title>Authors</title>
|
||||||
|
<para>The nss libraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.</para>
|
||||||
|
<para>Authors: Elio Maldonado <emaldona@redhat.com>.</para>
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
<!-- don't change -->
|
||||||
|
<refsection id="license">
|
||||||
|
<title>LICENSE</title>
|
||||||
|
<para>Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||||
|
</para>
|
||||||
|
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
|
||||||
|
</refentry>
|
59
cert9.db.xml
Normal file
59
cert9.db.xml
Normal file
@ -0,0 +1,59 @@
|
|||||||
|
<?xml version='1.0' encoding='utf-8'?>
|
||||||
|
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
|
||||||
|
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
|
||||||
|
<!ENTITY date SYSTEM "date.xml">
|
||||||
|
<!ENTITY version SYSTEM "version.xml">
|
||||||
|
]>
|
||||||
|
|
||||||
|
<refentry id="cert9.db">
|
||||||
|
|
||||||
|
<refentryinfo>
|
||||||
|
<date>&date;</date>
|
||||||
|
<title>Network Security Services</title>
|
||||||
|
<productname>nss</productname>
|
||||||
|
<productnumber>&version;</productnumber>
|
||||||
|
</refentryinfo>
|
||||||
|
|
||||||
|
<refmeta>
|
||||||
|
<refentrytitle>cert9.db</refentrytitle>
|
||||||
|
<manvolnum>5</manvolnum>
|
||||||
|
</refmeta>
|
||||||
|
|
||||||
|
<refnamediv>
|
||||||
|
<refname>cert9.db</refname>
|
||||||
|
<refpurpose>NSS certificate database</refpurpose>
|
||||||
|
</refnamediv>
|
||||||
|
|
||||||
|
<refsection id="description">
|
||||||
|
<title>Description</title>
|
||||||
|
<para><emphasis>cert9.db</emphasis> is an NSS certificate database.</para>
|
||||||
|
<para>This certificate database is the sqlite-based shared database with support for concurrent access.
|
||||||
|
</para>
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
<refsection>
|
||||||
|
<title>Files</title>
|
||||||
|
<para><filename>/etc/pki/nssdb/cert9.db</filename></para>
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
<refsection>
|
||||||
|
<title>See also</title>
|
||||||
|
<para>pkcs11.txt(5)</para>
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
<refsection id="authors">
|
||||||
|
<title>Authors</title>
|
||||||
|
<para>The nss libraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.</para>
|
||||||
|
<para>Authors: Elio Maldonado <emaldona@redhat.com>.</para>
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
<!-- don't change -->
|
||||||
|
<refsection id="license">
|
||||||
|
<title>LICENSE</title>
|
||||||
|
<para>Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||||
|
</para>
|
||||||
|
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
|
||||||
|
</refentry>
|
13
iquote.patch
Normal file
13
iquote.patch
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
diff -up nss/coreconf/location.mk.iquote nss/coreconf/location.mk
|
||||||
|
--- nss/coreconf/location.mk.iquote 2017-07-27 16:09:32.000000000 +0200
|
||||||
|
+++ nss/coreconf/location.mk 2017-09-06 13:23:14.633611555 +0200
|
||||||
|
@@ -75,4 +75,9 @@ ifndef SQLITE_LIB_NAME
|
||||||
|
SQLITE_LIB_NAME = sqlite3
|
||||||
|
endif
|
||||||
|
|
||||||
|
+# Prefer in-tree headers over system headers
|
||||||
|
+ifdef IN_TREE_FREEBL_HEADERS_FIRST
|
||||||
|
+ INCLUDES += -iquote $(DIST)/../public/nss -iquote $(DIST)/../private/nss
|
||||||
|
+endif
|
||||||
|
+
|
||||||
|
MK_LOCATION = included
|
59
key3.db.xml
Normal file
59
key3.db.xml
Normal file
@ -0,0 +1,59 @@
|
|||||||
|
<?xml version='1.0' encoding='utf-8'?>
|
||||||
|
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
|
||||||
|
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
|
||||||
|
<!ENTITY date SYSTEM "date.xml">
|
||||||
|
<!ENTITY version SYSTEM "version.xml">
|
||||||
|
]>
|
||||||
|
|
||||||
|
<refentry id="key3.db">
|
||||||
|
|
||||||
|
<refentryinfo>
|
||||||
|
<date>&date;</date>
|
||||||
|
<title>Network Security Services</title>
|
||||||
|
<productname>nss</productname>
|
||||||
|
<productnumber>&version;</productnumber>
|
||||||
|
</refentryinfo>
|
||||||
|
|
||||||
|
<refmeta>
|
||||||
|
<refentrytitle>key3.db</refentrytitle>
|
||||||
|
<manvolnum>5</manvolnum>
|
||||||
|
</refmeta>
|
||||||
|
|
||||||
|
<refnamediv>
|
||||||
|
<refname>key3.db</refname>
|
||||||
|
<refpurpose>Legacy NSS certificate database</refpurpose>
|
||||||
|
</refnamediv>
|
||||||
|
|
||||||
|
<refsection id="description">
|
||||||
|
<title>Description</title>
|
||||||
|
<para><emphasis>key3.db</emphasis> is an NSS certificate database.</para>
|
||||||
|
<para>This is a key database in the legacy database format. Consider migrating to cert9.db and key4.db which which are the new sqlite-based shared database format with support for concurrent access.
|
||||||
|
</para>
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
<refsection>
|
||||||
|
<title>Files</title>
|
||||||
|
<para><filename>/etc/pki/nssdb/key3.db</filename></para>
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
<refsection>
|
||||||
|
<title>See also</title>
|
||||||
|
<para>cert9.db(5), key4.db(5), pkcs11.txt(5), </para>
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
<refsection id="authors">
|
||||||
|
<title>Authors</title>
|
||||||
|
<para>The nss libraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.</para>
|
||||||
|
<para>Authors: Elio Maldonado <emaldona@redhat.com>.</para>
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
<!-- don't change -->
|
||||||
|
<refsection id="license">
|
||||||
|
<title>LICENSE</title>
|
||||||
|
<para>Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||||
|
</para>
|
||||||
|
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
|
||||||
|
</refentry>
|
59
key4.db.xml
Normal file
59
key4.db.xml
Normal file
@ -0,0 +1,59 @@
|
|||||||
|
<?xml version='1.0' encoding='utf-8'?>
|
||||||
|
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
|
||||||
|
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
|
||||||
|
<!ENTITY date SYSTEM "date.xml">
|
||||||
|
<!ENTITY version SYSTEM "version.xml">
|
||||||
|
]>
|
||||||
|
|
||||||
|
<refentry id="key4.db">
|
||||||
|
|
||||||
|
<refentryinfo>
|
||||||
|
<date>&date;</date>
|
||||||
|
<title>Network Security Services</title>
|
||||||
|
<productname>nss</productname>
|
||||||
|
<productnumber>&version;</productnumber>
|
||||||
|
</refentryinfo>
|
||||||
|
|
||||||
|
<refmeta>
|
||||||
|
<refentrytitle>key4.db</refentrytitle>
|
||||||
|
<manvolnum>5</manvolnum>
|
||||||
|
</refmeta>
|
||||||
|
|
||||||
|
<refnamediv>
|
||||||
|
<refname>key4.db</refname>
|
||||||
|
<refpurpose>NSS certificate database</refpurpose>
|
||||||
|
</refnamediv>
|
||||||
|
|
||||||
|
<refsection id="description">
|
||||||
|
<title>Description</title>
|
||||||
|
<para><emphasis>key4.db</emphasis> is an NSS key database.</para>
|
||||||
|
<para>This key database is the sqlite-based shared database format with support for concurrent access.
|
||||||
|
</para>
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
<refsection>
|
||||||
|
<title>Files</title>
|
||||||
|
<para><filename>/etc/pki/nssdb/key4.db</filename></para>
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
<refsection>
|
||||||
|
<title>See also</title>
|
||||||
|
<para>pkcs11.txt(5)</para>
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
<refsection id="authors">
|
||||||
|
<title>Authors</title>
|
||||||
|
<para>The nss libraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.</para>
|
||||||
|
<para>Authors: Elio Maldonado <emaldona@redhat.com>.</para>
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
<!-- don't change -->
|
||||||
|
<refsection id="license">
|
||||||
|
<title>LICENSE</title>
|
||||||
|
<para>Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||||
|
</para>
|
||||||
|
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
|
||||||
|
</refentry>
|
62
nss-539183.patch
Normal file
62
nss-539183.patch
Normal file
@ -0,0 +1,62 @@
|
|||||||
|
--- nss/cmd/httpserv/httpserv.c.539183 2016-05-21 18:31:39.879585420 -0700
|
||||||
|
+++ nss/cmd/httpserv/httpserv.c 2016-05-21 18:37:22.374464057 -0700
|
||||||
|
@@ -953,23 +953,23 @@
|
||||||
|
getBoundListenSocket(unsigned short port)
|
||||||
|
{
|
||||||
|
PRFileDesc *listen_sock;
|
||||||
|
int listenQueueDepth = 5 + (2 * maxThreads);
|
||||||
|
PRStatus prStatus;
|
||||||
|
PRNetAddr addr;
|
||||||
|
PRSocketOptionData opt;
|
||||||
|
|
||||||
|
- addr.inet.family = PR_AF_INET;
|
||||||
|
- addr.inet.ip = PR_INADDR_ANY;
|
||||||
|
- addr.inet.port = PR_htons(port);
|
||||||
|
+ if (PR_SetNetAddr(PR_IpAddrAny, PR_AF_INET6, port, &addr) != PR_SUCCESS) {
|
||||||
|
+ errExit("PR_SetNetAddr");
|
||||||
|
+ }
|
||||||
|
|
||||||
|
- listen_sock = PR_NewTCPSocket();
|
||||||
|
+ listen_sock = PR_OpenTCPSocket(PR_AF_INET6);
|
||||||
|
if (listen_sock == NULL) {
|
||||||
|
- errExit("PR_NewTCPSocket");
|
||||||
|
+ errExit("PR_OpenTCPSockett");
|
||||||
|
}
|
||||||
|
|
||||||
|
opt.option = PR_SockOpt_Nonblocking;
|
||||||
|
opt.value.non_blocking = PR_FALSE;
|
||||||
|
prStatus = PR_SetSocketOption(listen_sock, &opt);
|
||||||
|
if (prStatus < 0) {
|
||||||
|
PR_Close(listen_sock);
|
||||||
|
errExit("PR_SetSocketOption(PR_SockOpt_Nonblocking)");
|
||||||
|
--- nss/cmd/selfserv/selfserv.c.539183 2016-05-21 18:31:39.882585367 -0700
|
||||||
|
+++ nss/cmd/selfserv/selfserv.c 2016-05-21 18:41:43.092801174 -0700
|
||||||
|
@@ -1711,23 +1711,23 @@
|
||||||
|
getBoundListenSocket(unsigned short port)
|
||||||
|
{
|
||||||
|
PRFileDesc *listen_sock;
|
||||||
|
int listenQueueDepth = 5 + (2 * maxThreads);
|
||||||
|
PRStatus prStatus;
|
||||||
|
PRNetAddr addr;
|
||||||
|
PRSocketOptionData opt;
|
||||||
|
|
||||||
|
- addr.inet.family = PR_AF_INET;
|
||||||
|
- addr.inet.ip = PR_INADDR_ANY;
|
||||||
|
- addr.inet.port = PR_htons(port);
|
||||||
|
+ if (PR_SetNetAddr(PR_IpAddrAny, PR_AF_INET6, port, &addr) != PR_SUCCESS) {
|
||||||
|
+ errExit("PR_SetNetAddr");
|
||||||
|
+ }
|
||||||
|
|
||||||
|
- listen_sock = PR_NewTCPSocket();
|
||||||
|
+ listen_sock = PR_OpenTCPSocket(PR_AF_INET6);
|
||||||
|
if (listen_sock == NULL) {
|
||||||
|
- errExit("PR_NewTCPSocket");
|
||||||
|
+ errExit("PR_OpenTCPSocket error");
|
||||||
|
}
|
||||||
|
|
||||||
|
opt.option = PR_SockOpt_Nonblocking;
|
||||||
|
opt.value.non_blocking = PR_FALSE;
|
||||||
|
prStatus = PR_SetSocketOption(listen_sock, &opt);
|
||||||
|
if (prStatus < 0) {
|
||||||
|
PR_Close(listen_sock);
|
||||||
|
errExit("PR_SetSocketOption(PR_SockOpt_Nonblocking)");
|
132
nss-config.xml
Normal file
132
nss-config.xml
Normal file
@ -0,0 +1,132 @@
|
|||||||
|
<?xml version='1.0' encoding='utf-8'?>
|
||||||
|
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
|
||||||
|
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
|
||||||
|
<!ENTITY date SYSTEM "date.xml">
|
||||||
|
<!ENTITY version SYSTEM "version.xml">
|
||||||
|
]>
|
||||||
|
|
||||||
|
<refentry id="nss-config">
|
||||||
|
|
||||||
|
<refentryinfo>
|
||||||
|
<date>&date;</date>
|
||||||
|
<title>Network Security Services</title>
|
||||||
|
<productname>nss</productname>
|
||||||
|
<productnumber>&version;</productnumber>
|
||||||
|
</refentryinfo>
|
||||||
|
|
||||||
|
<refmeta>
|
||||||
|
<refentrytitle>nss-config</refentrytitle>
|
||||||
|
<manvolnum>1</manvolnum>
|
||||||
|
</refmeta>
|
||||||
|
|
||||||
|
<refnamediv>
|
||||||
|
<refname>nss-config</refname>
|
||||||
|
<refpurpose>Return meta information about nss libraries</refpurpose>
|
||||||
|
</refnamediv>
|
||||||
|
|
||||||
|
<refsynopsisdiv>
|
||||||
|
<cmdsynopsis>
|
||||||
|
<command>nss-config</command>
|
||||||
|
<arg><option>--prefix</option></arg>
|
||||||
|
<arg><option>--exec-prefix</option></arg>
|
||||||
|
<arg><option>--includedir</option></arg>
|
||||||
|
<arg><option>--libs</option></arg>
|
||||||
|
<arg><option>--cflags</option></arg>
|
||||||
|
<arg><option>--libdir</option></arg>
|
||||||
|
<arg><option>--version</option></arg>
|
||||||
|
</cmdsynopsis>
|
||||||
|
</refsynopsisdiv>
|
||||||
|
|
||||||
|
<refsection id="description">
|
||||||
|
<title>Description</title>
|
||||||
|
|
||||||
|
<para><command>nss-config</command> is a shell scrip
|
||||||
|
tool which can be used to obtain gcc options for building client pacakges of nspt. </para>
|
||||||
|
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
<refsection>
|
||||||
|
<title>Options</title>
|
||||||
|
|
||||||
|
<variablelist>
|
||||||
|
<varlistentry>
|
||||||
|
<term><option>--prefix</option></term>
|
||||||
|
<listitem><simpara>Returns the top level system directory under which the nss libraries are installed.</simpara></listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term><option>--exec-prefix</option></term>
|
||||||
|
<listitem><simpara>returns the top level system directory under which any nss binaries would be installed.</simpara></listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term><option>--includedir</option> <replaceable>count</replaceable></term>
|
||||||
|
<listitem><simpara>returns the path to the directory were the nss libraries are installed.</simpara></listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term><option>--version</option></term>
|
||||||
|
<listitem><simpara>returns the upstream version of nss in the form major_version-minor_version-patch_version.</simpara></listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term><option>--libs</option></term>
|
||||||
|
<listitem><simpara>returns the compiler linking flags.</simpara></listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term><option>--cflags</option></term>
|
||||||
|
<listitem><simpara>returns the compiler include flags.</simpara></listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term><option>--libdir</option></term>
|
||||||
|
<listitem><simpara>returns the path to the directory were the nss libraries are installed.</simpara></listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
|
</variablelist>
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
<refsection>
|
||||||
|
<title>Examples</title>
|
||||||
|
|
||||||
|
<para>The following example will query for both include path and linkage flags:
|
||||||
|
|
||||||
|
<programlisting>
|
||||||
|
/usr/bin/nss-config --cflags --libs
|
||||||
|
</programlisting>
|
||||||
|
|
||||||
|
</para>
|
||||||
|
|
||||||
|
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
<refsection>
|
||||||
|
<title>Files</title>
|
||||||
|
|
||||||
|
<para><filename>/usr/bin/nss-config</filename></para>
|
||||||
|
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
<refsection>
|
||||||
|
<title>See also</title>
|
||||||
|
<para>pkg-config(1)</para>
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
<refsection id="authors">
|
||||||
|
<title>Authors</title>
|
||||||
|
<para>The nss liraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.</para>
|
||||||
|
<para>
|
||||||
|
Authors: Elio Maldonado <emaldona@redhat.com>.
|
||||||
|
</para>
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
<!-- don't change -->
|
||||||
|
<refsection id="license">
|
||||||
|
<title>LICENSE</title>
|
||||||
|
<para>Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||||
|
</para>
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
</refentry>
|
||||||
|
|
@ -1,12 +0,0 @@
|
|||||||
diff -up ./mozilla/security/nss/lib/ckfw/manifest.mn.prepem ./mozilla/security/nss/lib/ckfw/manifest.mn
|
|
||||||
--- ./mozilla/security/nss/lib/ckfw/manifest.mn.prepem 2008-08-05 16:34:23.000000000 -0700
|
|
||||||
+++ ./mozilla/security/nss/lib/ckfw/manifest.mn 2008-08-05 16:34:30.000000000 -0700
|
|
||||||
@@ -38,7 +38,7 @@ MANIFEST_CVS_ID = "@(#) $RCSfile: manife
|
|
||||||
|
|
||||||
CORE_DEPTH = ../../..
|
|
||||||
|
|
||||||
-DIRS = builtins
|
|
||||||
+DIRS = builtins pem
|
|
||||||
|
|
||||||
PRIVATE_EXPORTS = \
|
|
||||||
ck.h \
|
|
21
nss-gcm-param-default-pkcs11v2.patch
Normal file
21
nss-gcm-param-default-pkcs11v2.patch
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
diff -up ./lib/util/pkcs11n.h.aes_gcm_pkcs11_v2 ./lib/util/pkcs11n.h
|
||||||
|
--- ./lib/util/pkcs11n.h.aes_gcm_pkcs11_v2 2020-05-13 13:44:11.312405744 -0700
|
||||||
|
+++ ./lib/util/pkcs11n.h 2020-05-13 13:45:23.951723660 -0700
|
||||||
|
@@ -605,7 +605,7 @@ typedef struct CK_NSS_GCM_PARAMS {
|
||||||
|
typedef CK_NSS_GCM_PARAMS CK_PTR CK_NSS_GCM_PARAMS_PTR;
|
||||||
|
|
||||||
|
/* deprecated #defines. Drop in future NSS releases */
|
||||||
|
-#ifdef NSS_PKCS11_2_0_COMPAT
|
||||||
|
+#ifndef NSS_PKCS11_3_0_STRICT
|
||||||
|
|
||||||
|
/* defines that were changed between NSS's PKCS #11 and the Oasis headers */
|
||||||
|
#define CKF_EC_FP CKF_EC_F_P
|
||||||
|
@@ -664,7 +664,7 @@ typedef CK_NSS_GCM_PARAMS CK_PTR CK_GCM_
|
||||||
|
#define CKT_NETSCAPE_VALID CKT_NSS_VALID
|
||||||
|
#define CKT_NETSCAPE_VALID_DELEGATOR CKT_NSS_VALID_DELEGATOR
|
||||||
|
#else
|
||||||
|
-/* use the new CK_GCM_PARAMS if NSS_PKCS11_2_0_COMPAT is not defined */
|
||||||
|
+/* use the new CK_GCM_PARAMS if NSS_PKCS11_3_0_STRICT is defined */
|
||||||
|
typedef struct CK_GCM_PARAMS_V3 CK_GCM_PARAMS;
|
||||||
|
typedef CK_GCM_PARAMS_V3 CK_PTR CK_GCM_PARAMS_PTR;
|
||||||
|
#endif
|
31
nss-kremlin-ppc64le.patch
Normal file
31
nss-kremlin-ppc64le.patch
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
Index: nss/lib/freebl/verified/kremlin/include/kremlin/internal/types.h
|
||||||
|
===================================================================
|
||||||
|
--- nss.orig/lib/freebl/verified/kremlin/include/kremlin/internal/types.h
|
||||||
|
+++ nss/lib/freebl/verified/kremlin/include/kremlin/internal/types.h
|
||||||
|
@@ -56,9 +56,10 @@ typedef const char *Prims_string;
|
||||||
|
!defined(__clang__)
|
||||||
|
#include <emmintrin.h>
|
||||||
|
typedef __m128i FStar_UInt128_uint128;
|
||||||
|
-#elif !defined(KRML_VERIFIED_UINT128) && !defined(_MSC_VER) && \
|
||||||
|
+#elif !defined(KRML_VERIFIED_UINT128) && !defined(_MSC_VER) && \
|
||||||
|
(defined(__x86_64__) || defined(__x86_64) || defined(__aarch64__) || \
|
||||||
|
- (defined(__powerpc64__) && defined(__LITTLE_ENDIAN__)))
|
||||||
|
+ (defined(__powerpc64__) && defined(__LITTLE_ENDIAN__)) || \
|
||||||
|
+ defined(__s390x__))
|
||||||
|
typedef unsigned __int128 FStar_UInt128_uint128;
|
||||||
|
#elif !defined(KRML_VERIFIED_UINT128) && defined(_MSC_VER) && defined(__clang__)
|
||||||
|
typedef __uint128_t FStar_UInt128_uint128;
|
||||||
|
Index: nss/lib/freebl/verified/kremlin/kremlib/dist/minimal/fstar_uint128_gcc64.h
|
||||||
|
===================================================================
|
||||||
|
--- nss.orig/lib/freebl/verified/kremlin/kremlib/dist/minimal/fstar_uint128_gcc64.h
|
||||||
|
+++ nss/lib/freebl/verified/kremlin/kremlib/dist/minimal/fstar_uint128_gcc64.h
|
||||||
|
@@ -26,7 +26,8 @@
|
||||||
|
|
||||||
|
#if !defined(KRML_VERIFIED_UINT128) && (!defined(_MSC_VER) || defined(__clang__)) && \
|
||||||
|
(defined(__x86_64__) || defined(__x86_64) || defined(__aarch64__) || \
|
||||||
|
- (defined(__powerpc64__) && defined(__LITTLE_ENDIAN__)))
|
||||||
|
+ (defined(__powerpc64__) && defined(__LITTLE_ENDIAN__)) || \
|
||||||
|
+ defined(__s390x__))
|
||||||
|
|
||||||
|
/* GCC + using native unsigned __int128 support */
|
||||||
|
|
@ -1,52 +0,0 @@
|
|||||||
diff -up ./mozilla/security/nss/lib/Makefile.nolocalsql ./mozilla/security/nss/lib/Makefile
|
|
||||||
--- ./mozilla/security/nss/lib/Makefile.nolocalsql 2010-02-27 16:40:25.891777537 -0800
|
|
||||||
+++ ./mozilla/security/nss/lib/Makefile 2010-02-27 16:41:59.175902327 -0800
|
|
||||||
@@ -62,11 +62,11 @@ ifndef USE_SYSTEM_ZLIB
|
|
||||||
ZLIB_SRCDIR = zlib # Add the zlib directory to DIRS.
|
|
||||||
endif
|
|
||||||
|
|
||||||
-ifndef MOZILLA_CLIENT
|
|
||||||
-ifndef NSS_USE_SYSTEM_SQLITE
|
|
||||||
-SQLITE_SRCDIR = sqlite # Add the sqlite directory to DIRS.
|
|
||||||
-endif
|
|
||||||
-endif
|
|
||||||
+#ifndef MOZILLA_CLIENT
|
|
||||||
+#ifndef NSS_USE_SYSTEM_SQLITE
|
|
||||||
+#SQLITE_SRCDIR = sqlite # Add the sqlite directory to DIRS.
|
|
||||||
+#endif
|
|
||||||
+#endif
|
|
||||||
|
|
||||||
ifndef MOZILLA_CLIENT
|
|
||||||
ifeq ($(OS_ARCH),Linux)
|
|
||||||
diff -up ./mozilla/security/nss/lib/softoken/legacydb/manifest.mn.nolocalsql ./mozilla/security/nss/lib/softoken/legacydb/manifest.mn
|
|
||||||
--- ./mozilla/security/nss/lib/softoken/legacydb/manifest.mn.nolocalsql 2010-02-27 16:44:24.998777709 -0800
|
|
||||||
+++ ./mozilla/security/nss/lib/softoken/legacydb/manifest.mn 2010-02-27 16:45:08.533803472 -0800
|
|
||||||
@@ -46,9 +46,9 @@ MAPFILE = $(OBJDIR)/nssdbm.def
|
|
||||||
|
|
||||||
DEFINES += -DSHLIB_SUFFIX=\"$(DLL_SUFFIX)\" -DSHLIB_PREFIX=\"$(DLL_PREFIX)\" -DSOFTOKEN_LIB_NAME=\"$(notdir $(SHARED_LIBRARY))\"
|
|
||||||
|
|
||||||
-ifdef MOZILLA_CLIENT
|
|
||||||
-INCLUDES += -I$(DIST)/include/sqlite3
|
|
||||||
-endif
|
|
||||||
+#ifdef MOZILLA_CLIENT
|
|
||||||
+#INCLUDES += -I$(DIST)/include/sqlite3
|
|
||||||
+#endif
|
|
||||||
|
|
||||||
CSRCS = \
|
|
||||||
dbmshim.c \
|
|
||||||
diff -up ./mozilla/security/nss/lib/softoken/manifest.mn.nolocalsql ./mozilla/security/nss/lib/softoken/manifest.mn
|
|
||||||
--- ./mozilla/security/nss/lib/softoken/manifest.mn.nolocalsql 2010-02-27 16:42:52.213902231 -0800
|
|
||||||
+++ ./mozilla/security/nss/lib/softoken/manifest.mn 2010-02-27 16:43:34.040776788 -0800
|
|
||||||
@@ -47,9 +47,9 @@ MAPFILE = $(OBJDIR)/softokn.def
|
|
||||||
|
|
||||||
DEFINES += -DSHLIB_SUFFIX=\"$(DLL_SUFFIX)\" -DSHLIB_PREFIX=\"$(DLL_PREFIX)\" -DSOFTOKEN_LIB_NAME=\"$(notdir $(SHARED_LIBRARY))\" -DSHLIB_VERSION=\"$(LIBRARY_VERSION)\"
|
|
||||||
|
|
||||||
-ifdef MOZILLA_CLIENT
|
|
||||||
-INCLUDES += -I$(DIST)/include/sqlite3
|
|
||||||
-endif
|
|
||||||
+#ifdef MOZILLA_CLIENT
|
|
||||||
+#INCLUDES += -I$(DIST)/include/sqlite3
|
|
||||||
+#endif
|
|
||||||
|
|
||||||
EXPORTS = \
|
|
||||||
secmodt.h \
|
|
4
nss-p11-kit.config
Normal file
4
nss-p11-kit.config
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
name=p11-kit-proxy
|
||||||
|
library=p11-kit-proxy.so
|
||||||
|
|
||||||
|
|
94
nss-signtool-format.patch
Normal file
94
nss-signtool-format.patch
Normal file
@ -0,0 +1,94 @@
|
|||||||
|
diff --git a/cmd/modutil/install.c b/cmd/modutil/install.c
|
||||||
|
--- a/cmd/modutil/install.c
|
||||||
|
+++ b/cmd/modutil/install.c
|
||||||
|
@@ -825,17 +825,20 @@ rm_dash_r(char *path)
|
||||||
|
|
||||||
|
dir = PR_OpenDir(path);
|
||||||
|
if (!dir) {
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Recursively delete all entries in the directory */
|
||||||
|
while ((entry = PR_ReadDir(dir, PR_SKIP_BOTH)) != NULL) {
|
||||||
|
- sprintf(filename, "%s/%s", path, entry->name);
|
||||||
|
+ if (snprintf(filename, sizeof(filename), "%s/%s", path, entry->name) >= sizeof(filename)) {
|
||||||
|
+ PR_CloseDir(dir);
|
||||||
|
+ return -1;
|
||||||
|
+ }
|
||||||
|
if (rm_dash_r(filename)) {
|
||||||
|
PR_CloseDir(dir);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (PR_CloseDir(dir) != PR_SUCCESS) {
|
||||||
|
return -1;
|
||||||
|
diff --git a/cmd/signtool/util.c b/cmd/signtool/util.c
|
||||||
|
--- a/cmd/signtool/util.c
|
||||||
|
+++ b/cmd/signtool/util.c
|
||||||
|
@@ -132,17 +132,20 @@ rm_dash_r(char *path)
|
||||||
|
if (!dir) {
|
||||||
|
PR_fprintf(errorFD, "Error: Unable to open directory %s.\n", path);
|
||||||
|
errorCount++;
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Recursively delete all entries in the directory */
|
||||||
|
while ((entry = PR_ReadDir(dir, PR_SKIP_BOTH)) != NULL) {
|
||||||
|
- sprintf(filename, "%s/%s", path, entry->name);
|
||||||
|
+ if (snprintf(filename, sizeof(filename), "%s/%s", path, entry->name) >= sizeof(filename)) {
|
||||||
|
+ errorCount++;
|
||||||
|
+ return -1;
|
||||||
|
+ }
|
||||||
|
if (rm_dash_r(filename))
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (PR_CloseDir(dir) != PR_SUCCESS) {
|
||||||
|
PR_fprintf(errorFD, "Error: Could not close %s.\n", path);
|
||||||
|
errorCount++;
|
||||||
|
return -1;
|
||||||
|
diff --git a/lib/libpkix/pkix/util/pkix_list.c b/lib/libpkix/pkix/util/pkix_list.c
|
||||||
|
--- a/lib/libpkix/pkix/util/pkix_list.c
|
||||||
|
+++ b/lib/libpkix/pkix/util/pkix_list.c
|
||||||
|
@@ -1530,17 +1530,17 @@ cleanup:
|
||||||
|
*/
|
||||||
|
PKIX_Error *
|
||||||
|
PKIX_List_SetItem(
|
||||||
|
PKIX_List *list,
|
||||||
|
PKIX_UInt32 index,
|
||||||
|
PKIX_PL_Object *item,
|
||||||
|
void *plContext)
|
||||||
|
{
|
||||||
|
- PKIX_List *element;
|
||||||
|
+ PKIX_List *element = NULL;
|
||||||
|
|
||||||
|
PKIX_ENTER(LIST, "PKIX_List_SetItem");
|
||||||
|
PKIX_NULLCHECK_ONE(list);
|
||||||
|
|
||||||
|
if (list->immutable){
|
||||||
|
PKIX_ERROR(PKIX_OPERATIONNOTPERMITTEDONIMMUTABLELIST);
|
||||||
|
}
|
||||||
|
|
||||||
|
diff --git a/lib/libpkix/pkix_pl_nss/system/pkix_pl_oid.c b/lib/libpkix/pkix_pl_nss/system/pkix_pl_oid.c
|
||||||
|
--- a/lib/libpkix/pkix_pl_nss/system/pkix_pl_oid.c
|
||||||
|
+++ b/lib/libpkix/pkix_pl_nss/system/pkix_pl_oid.c
|
||||||
|
@@ -102,17 +102,17 @@ cleanup:
|
||||||
|
*/
|
||||||
|
static PKIX_Error *
|
||||||
|
pkix_pl_OID_Equals(
|
||||||
|
PKIX_PL_Object *first,
|
||||||
|
PKIX_PL_Object *second,
|
||||||
|
PKIX_Boolean *pResult,
|
||||||
|
void *plContext)
|
||||||
|
{
|
||||||
|
- PKIX_Int32 cmpResult;
|
||||||
|
+ PKIX_Int32 cmpResult = 0;
|
||||||
|
|
||||||
|
PKIX_ENTER(OID, "pkix_pl_OID_Equals");
|
||||||
|
PKIX_NULLCHECK_THREE(first, second, pResult);
|
||||||
|
|
||||||
|
PKIX_CHECK(pkix_pl_OID_Comparator
|
||||||
|
(first, second, &cmpResult, plContext),
|
||||||
|
PKIX_OIDCOMPARATORFAILED);
|
||||||
|
|
116
nss-softokn-config.in
Normal file
116
nss-softokn-config.in
Normal file
@ -0,0 +1,116 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
prefix=@prefix@
|
||||||
|
|
||||||
|
major_version=@MOD_MAJOR_VERSION@
|
||||||
|
minor_version=@MOD_MINOR_VERSION@
|
||||||
|
patch_version=@MOD_PATCH_VERSION@
|
||||||
|
|
||||||
|
usage()
|
||||||
|
{
|
||||||
|
cat <<EOF
|
||||||
|
Usage: nss-softokn-config [OPTIONS] [LIBRARIES]
|
||||||
|
Options:
|
||||||
|
[--prefix[=DIR]]
|
||||||
|
[--exec-prefix[=DIR]]
|
||||||
|
[--includedir[=DIR]]
|
||||||
|
[--libdir[=DIR]]
|
||||||
|
[--version]
|
||||||
|
[--libs]
|
||||||
|
[--cflags]
|
||||||
|
Dynamic Libraries:
|
||||||
|
softokn3 - Requires full dynamic linking
|
||||||
|
freebl3 - for internal use only (and glibc for self-integrity check)
|
||||||
|
nssdbm3 - for internal use only
|
||||||
|
Dymamically linked
|
||||||
|
EOF
|
||||||
|
exit $1
|
||||||
|
}
|
||||||
|
|
||||||
|
if test $# -eq 0; then
|
||||||
|
usage 1 1>&2
|
||||||
|
fi
|
||||||
|
|
||||||
|
while test $# -gt 0; do
|
||||||
|
case "$1" in
|
||||||
|
-*=*) optarg=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'` ;;
|
||||||
|
*) optarg= ;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
case $1 in
|
||||||
|
--prefix=*)
|
||||||
|
prefix=$optarg
|
||||||
|
;;
|
||||||
|
--prefix)
|
||||||
|
echo_prefix=yes
|
||||||
|
;;
|
||||||
|
--exec-prefix=*)
|
||||||
|
exec_prefix=$optarg
|
||||||
|
;;
|
||||||
|
--exec-prefix)
|
||||||
|
echo_exec_prefix=yes
|
||||||
|
;;
|
||||||
|
--includedir=*)
|
||||||
|
includedir=$optarg
|
||||||
|
;;
|
||||||
|
--includedir)
|
||||||
|
echo_includedir=yes
|
||||||
|
;;
|
||||||
|
--libdir=*)
|
||||||
|
libdir=$optarg
|
||||||
|
;;
|
||||||
|
--libdir)
|
||||||
|
echo_libdir=yes
|
||||||
|
;;
|
||||||
|
--version)
|
||||||
|
echo ${major_version}.${minor_version}.${patch_version}
|
||||||
|
;;
|
||||||
|
--cflags)
|
||||||
|
echo_cflags=yes
|
||||||
|
;;
|
||||||
|
--libs)
|
||||||
|
echo_libs=yes
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
usage 1 1>&2
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
shift
|
||||||
|
done
|
||||||
|
|
||||||
|
# Set variables that may be dependent upon other variables
|
||||||
|
if test -z "$exec_prefix"; then
|
||||||
|
exec_prefix=`pkg-config --variable=exec_prefix nss-softokn`
|
||||||
|
fi
|
||||||
|
if test -z "$includedir"; then
|
||||||
|
includedir=`pkg-config --variable=includedir nss-softokn`
|
||||||
|
fi
|
||||||
|
if test -z "$libdir"; then
|
||||||
|
libdir=`pkg-config --variable=libdir nss-softokn`
|
||||||
|
fi
|
||||||
|
|
||||||
|
if test "$echo_prefix" = "yes"; then
|
||||||
|
echo $prefix
|
||||||
|
fi
|
||||||
|
|
||||||
|
if test "$echo_exec_prefix" = "yes"; then
|
||||||
|
echo $exec_prefix
|
||||||
|
fi
|
||||||
|
|
||||||
|
if test "$echo_includedir" = "yes"; then
|
||||||
|
echo $includedir
|
||||||
|
fi
|
||||||
|
|
||||||
|
if test "$echo_libdir" = "yes"; then
|
||||||
|
echo $libdir
|
||||||
|
fi
|
||||||
|
|
||||||
|
if test "$echo_cflags" = "yes"; then
|
||||||
|
echo -I$includedir
|
||||||
|
fi
|
||||||
|
|
||||||
|
if test "$echo_libs" = "yes"; then
|
||||||
|
libdirs="-Wl,-rpath-link,$libdir -L$libdir"
|
||||||
|
echo $libdirs
|
||||||
|
fi
|
||||||
|
|
18
nss-softokn-dracut-module-setup.sh
Normal file
18
nss-softokn-dracut-module-setup.sh
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
|
||||||
|
# ex: ts=8 sw=4 sts=4 et filetype=sh
|
||||||
|
|
||||||
|
check() {
|
||||||
|
return 255
|
||||||
|
}
|
||||||
|
|
||||||
|
depends() {
|
||||||
|
return 0
|
||||||
|
}
|
||||||
|
|
||||||
|
install() {
|
||||||
|
local _dir
|
||||||
|
|
||||||
|
inst_libdir_file libfreeblpriv3.so libfreeblpriv3.chk \
|
||||||
|
libfreebl3.so
|
||||||
|
}
|
3
nss-softokn-dracut.conf
Normal file
3
nss-softokn-dracut.conf
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
# turn on nss-softokn module
|
||||||
|
|
||||||
|
add_dracutmodules+=" nss-softokn "
|
11
nss-softokn.pc.in
Normal file
11
nss-softokn.pc.in
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
prefix=%prefix%
|
||||||
|
exec_prefix=%exec_prefix%
|
||||||
|
libdir=%libdir%
|
||||||
|
includedir=%includedir%
|
||||||
|
|
||||||
|
Name: NSS-SOFTOKN
|
||||||
|
Description: Network Security Services Softoken PKCS #11 Module
|
||||||
|
Version: %SOFTOKEN_VERSION%
|
||||||
|
Requires: nspr >= %NSPR_VERSION%, nss-util >= %NSSUTIL_VERSION%
|
||||||
|
Libs: -L${libdir} -lfreebl3 -lnssdbm3 -lsoftokn3
|
||||||
|
Cflags: -I${includedir}
|
118
nss-util-config.in
Normal file
118
nss-util-config.in
Normal file
@ -0,0 +1,118 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
prefix=@prefix@
|
||||||
|
|
||||||
|
major_version=@MOD_MAJOR_VERSION@
|
||||||
|
minor_version=@MOD_MINOR_VERSION@
|
||||||
|
patch_version=@MOD_PATCH_VERSION@
|
||||||
|
|
||||||
|
usage()
|
||||||
|
{
|
||||||
|
cat <<EOF
|
||||||
|
Usage: nss-util-config [OPTIONS] [LIBRARIES]
|
||||||
|
Options:
|
||||||
|
[--prefix[=DIR]]
|
||||||
|
[--exec-prefix[=DIR]]
|
||||||
|
[--includedir[=DIR]]
|
||||||
|
[--libdir[=DIR]]
|
||||||
|
[--version]
|
||||||
|
[--libs]
|
||||||
|
[--cflags]
|
||||||
|
Dynamic Libraries:
|
||||||
|
nssutil
|
||||||
|
EOF
|
||||||
|
exit $1
|
||||||
|
}
|
||||||
|
|
||||||
|
if test $# -eq 0; then
|
||||||
|
usage 1 1>&2
|
||||||
|
fi
|
||||||
|
|
||||||
|
lib_nssutil=yes
|
||||||
|
|
||||||
|
while test $# -gt 0; do
|
||||||
|
case "$1" in
|
||||||
|
-*=*) optarg=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'` ;;
|
||||||
|
*) optarg= ;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
case $1 in
|
||||||
|
--prefix=*)
|
||||||
|
prefix=$optarg
|
||||||
|
;;
|
||||||
|
--prefix)
|
||||||
|
echo_prefix=yes
|
||||||
|
;;
|
||||||
|
--exec-prefix=*)
|
||||||
|
exec_prefix=$optarg
|
||||||
|
;;
|
||||||
|
--exec-prefix)
|
||||||
|
echo_exec_prefix=yes
|
||||||
|
;;
|
||||||
|
--includedir=*)
|
||||||
|
includedir=$optarg
|
||||||
|
;;
|
||||||
|
--includedir)
|
||||||
|
echo_includedir=yes
|
||||||
|
;;
|
||||||
|
--libdir=*)
|
||||||
|
libdir=$optarg
|
||||||
|
;;
|
||||||
|
--libdir)
|
||||||
|
echo_libdir=yes
|
||||||
|
;;
|
||||||
|
--version)
|
||||||
|
echo ${major_version}.${minor_version}.${patch_version}
|
||||||
|
;;
|
||||||
|
--cflags)
|
||||||
|
echo_cflags=yes
|
||||||
|
;;
|
||||||
|
--libs)
|
||||||
|
echo_libs=yes
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
usage 1 1>&2
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
shift
|
||||||
|
done
|
||||||
|
|
||||||
|
# Set variables that may be dependent upon other variables
|
||||||
|
if test -z "$exec_prefix"; then
|
||||||
|
exec_prefix=`pkg-config --variable=exec_prefix nss-util`
|
||||||
|
fi
|
||||||
|
if test -z "$includedir"; then
|
||||||
|
includedir=`pkg-config --variable=includedir nss-util`
|
||||||
|
fi
|
||||||
|
if test -z "$libdir"; then
|
||||||
|
libdir=`pkg-config --variable=libdir nss-util`
|
||||||
|
fi
|
||||||
|
|
||||||
|
if test "$echo_prefix" = "yes"; then
|
||||||
|
echo $prefix
|
||||||
|
fi
|
||||||
|
|
||||||
|
if test "$echo_exec_prefix" = "yes"; then
|
||||||
|
echo $exec_prefix
|
||||||
|
fi
|
||||||
|
|
||||||
|
if test "$echo_includedir" = "yes"; then
|
||||||
|
echo $includedir
|
||||||
|
fi
|
||||||
|
|
||||||
|
if test "$echo_libdir" = "yes"; then
|
||||||
|
echo $libdir
|
||||||
|
fi
|
||||||
|
|
||||||
|
if test "$echo_cflags" = "yes"; then
|
||||||
|
echo -I$includedir
|
||||||
|
fi
|
||||||
|
|
||||||
|
if test "$echo_libs" = "yes"; then
|
||||||
|
libdirs="-Wl,-rpath-link,$libdir -L$libdir"
|
||||||
|
if test -n "$lib_nssutil"; then
|
||||||
|
libdirs="$libdirs -lnssutil${major_version}"
|
||||||
|
fi
|
||||||
|
echo $libdirs
|
||||||
|
fi
|
||||||
|
|
11
nss-util.pc.in
Normal file
11
nss-util.pc.in
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
prefix=%prefix%
|
||||||
|
exec_prefix=%exec_prefix%
|
||||||
|
libdir=%libdir%
|
||||||
|
includedir=%includedir%
|
||||||
|
|
||||||
|
Name: NSS-UTIL
|
||||||
|
Description: Network Security Services Utility Library
|
||||||
|
Version: %NSSUTIL_VERSION%
|
||||||
|
Requires: nspr >= %NSPR_VERSION%
|
||||||
|
Libs: -L${libdir} -lnssutil3
|
||||||
|
Cflags: -I${includedir}
|
@ -7,5 +7,5 @@ Name: NSS
|
|||||||
Description: Network Security Services
|
Description: Network Security Services
|
||||||
Version: %NSS_VERSION%
|
Version: %NSS_VERSION%
|
||||||
Requires: nspr >= %NSPR_VERSION%, nss-util >= %NSSUTIL_VERSION%
|
Requires: nspr >= %NSPR_VERSION%, nss-util >= %NSSUTIL_VERSION%
|
||||||
Libs: -lssl3 -lsmime3 -lnss3
|
Libs: -L${libdir} -lssl3 -lsmime3 -lnss3
|
||||||
Cflags: -I${includedir}
|
Cflags: -I${includedir}
|
||||||
|
@ -1,127 +0,0 @@
|
|||||||
diff -up ./mozilla/security/nss/lib/ckfw/pem/pinst.c.596783 ./mozilla/security/nss/lib/ckfw/pem/pinst.c
|
|
||||||
--- ./mozilla/security/nss/lib/ckfw/pem/pinst.c.596783 2010-06-06 18:27:27.256318318 -0700
|
|
||||||
+++ ./mozilla/security/nss/lib/ckfw/pem/pinst.c 2010-06-06 20:45:28.158442982 -0700
|
|
||||||
@@ -151,7 +151,7 @@ GetCertFields(unsigned char *cert, int c
|
|
||||||
buf = issuer->data + issuer->len;
|
|
||||||
|
|
||||||
/* only wanted issuer/SN */
|
|
||||||
- if (valid == NULL) {
|
|
||||||
+ if (subject == NULL || valid == NULL || subjkey == NULL) {
|
|
||||||
return SECSuccess;
|
|
||||||
}
|
|
||||||
/* validity */
|
|
||||||
@@ -219,53 +219,93 @@ CreateObject(CK_OBJECT_CLASS objClass,
|
|
||||||
memset(&o->u.trust, 0, sizeof(o->u.trust));
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
+
|
|
||||||
+ o->nickname = (char *) nss_ZAlloc(NULL, strlen(nickname) + 1);
|
|
||||||
+ if (o->nickname == NULL)
|
|
||||||
+ goto fail;
|
|
||||||
+ strcpy(o->nickname, nickname);
|
|
||||||
+
|
|
||||||
+ sprintf(id, "%d", objid);
|
|
||||||
+ len = strlen(id) + 1; /* zero terminate */
|
|
||||||
+ o->id.data = (void *) nss_ZAlloc(NULL, len);
|
|
||||||
+ if (o->id.data == NULL)
|
|
||||||
+ goto fail;
|
|
||||||
+ (void) nsslibc_memcpy(o->id.data, id, len);
|
|
||||||
+ o->id.size = len;
|
|
||||||
+
|
|
||||||
o->objClass = objClass;
|
|
||||||
o->type = type;
|
|
||||||
o->slotID = slotID;
|
|
||||||
+
|
|
||||||
o->derCert = nss_ZNEW(NULL, SECItem);
|
|
||||||
+ if (o->derCert == NULL)
|
|
||||||
+ goto fail;
|
|
||||||
o->derCert->data = (void *) nss_ZAlloc(NULL, certDER->len);
|
|
||||||
+ if (o->derCert->data == NULL)
|
|
||||||
+ goto fail;
|
|
||||||
o->derCert->len = certDER->len;
|
|
||||||
nsslibc_memcpy(o->derCert->data, certDER->data, certDER->len);
|
|
||||||
|
|
||||||
switch (objClass) {
|
|
||||||
case CKO_CERTIFICATE:
|
|
||||||
case CKO_NETSCAPE_TRUST:
|
|
||||||
- GetCertFields(o->derCert->data,
|
|
||||||
- o->derCert->len, &issuer, &serial,
|
|
||||||
- &derSN, &subject, &valid, &subjkey);
|
|
||||||
+ if (SECSuccess != GetCertFields(o->derCert->data, o->derCert->len,
|
|
||||||
+ &issuer, &serial, &derSN, &subject,
|
|
||||||
+ &valid, &subjkey))
|
|
||||||
+ goto fail;
|
|
||||||
|
|
||||||
o->u.cert.subject.data = (void *) nss_ZAlloc(NULL, subject.len);
|
|
||||||
+ if (o->u.cert.subject.data == NULL)
|
|
||||||
+ goto fail;
|
|
||||||
o->u.cert.subject.size = subject.len;
|
|
||||||
nsslibc_memcpy(o->u.cert.subject.data, subject.data, subject.len);
|
|
||||||
|
|
||||||
o->u.cert.issuer.data = (void *) nss_ZAlloc(NULL, issuer.len);
|
|
||||||
+ if (o->u.cert.issuer.data == NULL) {
|
|
||||||
+ nss_ZFreeIf(o->u.cert.subject.data);
|
|
||||||
+ goto fail;
|
|
||||||
+ }
|
|
||||||
o->u.cert.issuer.size = issuer.len;
|
|
||||||
nsslibc_memcpy(o->u.cert.issuer.data, issuer.data, issuer.len);
|
|
||||||
|
|
||||||
o->u.cert.serial.data = (void *) nss_ZAlloc(NULL, serial.len);
|
|
||||||
+ if (o->u.cert.serial.data == NULL) {
|
|
||||||
+ nss_ZFreeIf(o->u.cert.issuer.data);
|
|
||||||
+ nss_ZFreeIf(o->u.cert.subject.data);
|
|
||||||
+ goto fail;
|
|
||||||
+ }
|
|
||||||
o->u.cert.serial.size = serial.len;
|
|
||||||
nsslibc_memcpy(o->u.cert.serial.data, serial.data, serial.len);
|
|
||||||
break;
|
|
||||||
case CKO_PRIVATE_KEY:
|
|
||||||
o->u.key.key.privateKey = nss_ZNEW(NULL, SECItem);
|
|
||||||
+ if (o->u.key.key.privateKey == NULL)
|
|
||||||
+ goto fail;
|
|
||||||
o->u.key.key.privateKey->data =
|
|
||||||
(void *) nss_ZAlloc(NULL, keyDER->len);
|
|
||||||
+ if (o->u.key.key.privateKey->data == NULL) {
|
|
||||||
+ nss_ZFreeIf(o->u.key.key.privateKey);
|
|
||||||
+ goto fail;
|
|
||||||
+ }
|
|
||||||
o->u.key.key.privateKey->len = keyDER->len;
|
|
||||||
nsslibc_memcpy(o->u.key.key.privateKey->data, keyDER->data,
|
|
||||||
keyDER->len);
|
|
||||||
}
|
|
||||||
|
|
||||||
- o->nickname = (char *) nss_ZAlloc(NULL, strlen(nickname) + 1);
|
|
||||||
- strcpy(o->nickname, nickname);
|
|
||||||
-
|
|
||||||
- sprintf(id, "%d", objid);
|
|
||||||
-
|
|
||||||
- len = strlen(id) + 1; /* zero terminate */
|
|
||||||
- o->id.data = (void *) nss_ZAlloc(NULL, len);
|
|
||||||
- (void) nsslibc_memcpy(o->id.data, id, len);
|
|
||||||
- o->id.size = len;
|
|
||||||
|
|
||||||
return o;
|
|
||||||
+
|
|
||||||
+fail:
|
|
||||||
+ if (o) {
|
|
||||||
+ if (o->derCert) {
|
|
||||||
+ nss_ZFreeIf(o->derCert->data);
|
|
||||||
+ nss_ZFreeIf(o->derCert);
|
|
||||||
+ }
|
|
||||||
+ nss_ZFreeIf(o->id.data);
|
|
||||||
+ nss_ZFreeIf(o->nickname);
|
|
||||||
+ nss_ZFreeIf(o);
|
|
||||||
+ }
|
|
||||||
+ return NULL;
|
|
||||||
}
|
|
||||||
|
|
||||||
pemInternalObject *
|
|
||||||
@@ -306,6 +346,8 @@ AddObjectIfNeeded(CK_OBJECT_CLASS objCla
|
|
||||||
/* object not found, we need to create it */
|
|
||||||
pemInternalObject *io = CreateObject(objClass, type, certDER, keyDER,
|
|
||||||
filename, objid, slotID);
|
|
||||||
+ if (io == NULL)
|
|
||||||
+ return NULL;
|
|
||||||
|
|
||||||
io->gobjIndex = count;
|
|
||||||
|
|
56
pkcs11.txt.xml
Normal file
56
pkcs11.txt.xml
Normal file
@ -0,0 +1,56 @@
|
|||||||
|
<?xml version='1.0' encoding='UTF-8'?>
|
||||||
|
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
|
||||||
|
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
|
||||||
|
<!ENTITY date SYSTEM "date.xml">
|
||||||
|
<!ENTITY version SYSTEM "version.xml">
|
||||||
|
]>
|
||||||
|
|
||||||
|
<refentry id="pkcs11.txt">
|
||||||
|
|
||||||
|
<refentryinfo>
|
||||||
|
<date>&date;</date>
|
||||||
|
<title>Network Security Services</title>
|
||||||
|
<productname>nss</productname>
|
||||||
|
<productnumber>&version;</productnumber>
|
||||||
|
</refentryinfo>
|
||||||
|
|
||||||
|
<refmeta>
|
||||||
|
<refentrytitle>pkcs11.txt</refentrytitle>
|
||||||
|
<manvolnum>5</manvolnum>
|
||||||
|
</refmeta>
|
||||||
|
|
||||||
|
<refnamediv>
|
||||||
|
<refname>pkcs11.txt</refname>
|
||||||
|
<refpurpose>NSS PKCS #11 module configuration file</refpurpose>
|
||||||
|
</refnamediv>
|
||||||
|
|
||||||
|
<refsection id="description">
|
||||||
|
<title>Description</title>
|
||||||
|
<para>
|
||||||
|
The pkcs11.txt file is used to configure initialization parameters for the nss security module and optionally other pkcs #11 modules.
|
||||||
|
</para>
|
||||||
|
<para>
|
||||||
|
For full documentation visit <ulink url="https://developer.mozilla.org/en-US/docs/PKCS11_Module_Specs">PKCS #11 Module Specs</ulink>.
|
||||||
|
</para>
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
<refsection>
|
||||||
|
<title>Files</title>
|
||||||
|
<para><filename>/etc/pki/nssdb/pkcs11.txt</filename></para>
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
<refsection id="authors">
|
||||||
|
<title>Authors</title>
|
||||||
|
<para>The nss libraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.</para>
|
||||||
|
<para>Authors: Elio Maldonado <emaldona@redhat.com>.</para>
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
<!-- don't change -->
|
||||||
|
<refsection id="license">
|
||||||
|
<title>LICENSE</title>
|
||||||
|
<para>Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||||
|
</para>
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
</refentry>
|
||||||
|
|
@ -1,16 +0,0 @@
|
|||||||
Index: ./mozilla/security/nss/lib/ssl/sslsock.c
|
|
||||||
===================================================================
|
|
||||||
RCS file: /cvsroot/mozilla/security/nss/lib/ssl/sslsock.c,v
|
|
||||||
retrieving revision 1.66
|
|
||||||
diff -u -p -r1.66 sslsock.c
|
|
||||||
--- ./mozilla/security/nss/lib/ssl/sslsock.c 26 Feb 2010 20:44:54 -0000 1.66
|
|
||||||
+++ ./mozilla/security/nss/lib/ssl/sslsock.c 1 Mar 2010 18:05:10 -0000
|
|
||||||
@@ -181,7 +181,7 @@ static sslOptions ssl_defaults = {
|
|
||||||
PR_FALSE, /* noLocks */
|
|
||||||
PR_FALSE, /* enableSessionTickets */
|
|
||||||
PR_FALSE, /* enableDeflate */
|
|
||||||
- 2, /* enableRenegotiation (default: requires extension) */
|
|
||||||
+ 3, /* enableRenegotiation (default: transitional)
|
|
||||||
PR_FALSE, /* requireSafeNegotiation */
|
|
||||||
};
|
|
||||||
|
|
63
secmod.db.xml
Normal file
63
secmod.db.xml
Normal file
@ -0,0 +1,63 @@
|
|||||||
|
<?xml version='1.0' encoding='utf-8'?>
|
||||||
|
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
|
||||||
|
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
|
||||||
|
<!ENTITY date SYSTEM "date.xml">
|
||||||
|
<!ENTITY version SYSTEM "version.xml">
|
||||||
|
]>
|
||||||
|
|
||||||
|
<refentry id="secmod.db">
|
||||||
|
|
||||||
|
<refentryinfo>
|
||||||
|
<date>&date;</date>
|
||||||
|
<title>Network Security Services</title>
|
||||||
|
<productname>nss</productname>
|
||||||
|
<productnumber>&version;</productnumber>
|
||||||
|
</refentryinfo>
|
||||||
|
|
||||||
|
<refmeta>
|
||||||
|
<refentrytitle>secmod.db</refentrytitle>
|
||||||
|
<manvolnum>5</manvolnum>
|
||||||
|
</refmeta>
|
||||||
|
|
||||||
|
<refnamediv>
|
||||||
|
<refname>secmod.db</refname>
|
||||||
|
<refpurpose>Legacy NSS security modules database</refpurpose>
|
||||||
|
</refnamediv>
|
||||||
|
|
||||||
|
<refsection id="description">
|
||||||
|
<title>Description</title>
|
||||||
|
<para><emphasis>secmod.db</emphasis> is an NSS security modules database.</para>
|
||||||
|
<para>The security modules database is used to keep track of the NSS security modules. The NSS security modules export their services via the PKCS #11 API which NSS uses as its Services Provider Interface.
|
||||||
|
</para>
|
||||||
|
<para>The command line utility <emphasis>modutil</emphasis> is used for managing PKCS #11 module information both within secmod.db files and within hardware tokens.
|
||||||
|
</para>
|
||||||
|
<para>For new applications the recommended way of tracking security modules is via the pkcs11.txt configuration file used in conjunction the new sqlite-based shared database format for certificate and key databases.
|
||||||
|
</para>
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
<refsection>
|
||||||
|
<title>Files</title>
|
||||||
|
<para><filename>/etc/pki/nssdb/secmod.db</filename></para>
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
<refsection>
|
||||||
|
<title>See also</title>
|
||||||
|
<para>modutil(1), cert8.db(5), cert9.db(5), key3.db(5), key4.db(5), pkcs11.txt(5)</para>
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
<refsection id="authors">
|
||||||
|
<title>Authors</title>
|
||||||
|
<para>The nss libraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.</para>
|
||||||
|
<para>Authors: Elio Maldonado <emaldona@redhat.com>.</para>
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
<!-- don't change -->
|
||||||
|
<refsection id="license">
|
||||||
|
<title>LICENSE</title>
|
||||||
|
<para>Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||||
|
</para>
|
||||||
|
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
|
||||||
|
</refentry>
|
@ -1,11 +1,10 @@
|
|||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
#
|
#
|
||||||
# Turns on or off the nss-sysinit module db by editing the
|
# Turns on or off the nss-sysinit module db by editing the
|
||||||
# global PKCS #11 congiguration file.
|
# global PKCS #11 congiguration file. Displays the status.
|
||||||
#
|
#
|
||||||
# This script can be invoked by the user as super user.
|
# This script can be invoked by the user as super user.
|
||||||
# It is invoked at nss-sysinit post install time with argument on
|
# It is invoked at nss-sysinit post install time with argument on.
|
||||||
# and at nss-sysinit pre uninstall with argument off.
|
|
||||||
#
|
#
|
||||||
usage()
|
usage()
|
||||||
{
|
{
|
||||||
@ -13,12 +12,13 @@ usage()
|
|||||||
Usage: setup-nsssysinit [on|off]
|
Usage: setup-nsssysinit [on|off]
|
||||||
on - turns on nsssysinit
|
on - turns on nsssysinit
|
||||||
off - turns off nsssysinit
|
off - turns off nsssysinit
|
||||||
|
status - reports whether nsssysinit is turned on or off
|
||||||
EOF
|
EOF
|
||||||
exit $1
|
exit $1
|
||||||
}
|
}
|
||||||
|
|
||||||
# validate
|
# validate
|
||||||
if test $# -eq 0; then
|
if [ $# -eq 0 ]; then
|
||||||
usage 1 1>&2
|
usage 1 1>&2
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@ -30,9 +30,18 @@ if [ ! -f $p11conf ]; then
|
|||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
on="1"
|
# check if nsssysinit is currently enabled or disabled
|
||||||
|
sysinit_enabled()
|
||||||
|
{
|
||||||
|
grep -q '^library=libnsssysinit' ${p11conf}
|
||||||
|
}
|
||||||
|
|
||||||
|
umask 022
|
||||||
case "$1" in
|
case "$1" in
|
||||||
on | ON )
|
on | ON )
|
||||||
|
if sysinit_enabled; then
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
cat ${p11conf} | \
|
cat ${p11conf} | \
|
||||||
sed -e 's/^library=$/library=libnsssysinit.so/' \
|
sed -e 's/^library=$/library=libnsssysinit.so/' \
|
||||||
-e '/^NSS/s/\(Flags=internal\)\(,[^m]\)/\1,moduleDBOnly\2/' > \
|
-e '/^NSS/s/\(Flags=internal\)\(,[^m]\)/\1,moduleDBOnly\2/' > \
|
||||||
@ -40,7 +49,7 @@ case "$1" in
|
|||||||
mv ${p11conf}.on ${p11conf}
|
mv ${p11conf}.on ${p11conf}
|
||||||
;;
|
;;
|
||||||
off | OFF )
|
off | OFF )
|
||||||
if [ ! `grep "^library=libnsssysinit" ${p11conf}` ]; then
|
if ! sysinit_enabled; then
|
||||||
exit 0
|
exit 0
|
||||||
fi
|
fi
|
||||||
cat ${p11conf} | \
|
cat ${p11conf} | \
|
||||||
@ -49,6 +58,10 @@ case "$1" in
|
|||||||
${p11conf}.off
|
${p11conf}.off
|
||||||
mv ${p11conf}.off ${p11conf}
|
mv ${p11conf}.off ${p11conf}
|
||||||
;;
|
;;
|
||||||
|
status )
|
||||||
|
echo -n 'NSS sysinit is '
|
||||||
|
sysinit_enabled && echo 'enabled' || echo 'disabled'
|
||||||
|
;;
|
||||||
* )
|
* )
|
||||||
usage 1 1>&2
|
usage 1 1>&2
|
||||||
;;
|
;;
|
||||||
|
106
setup-nsssysinit.xml
Normal file
106
setup-nsssysinit.xml
Normal file
@ -0,0 +1,106 @@
|
|||||||
|
<?xml version='1.0' encoding='utf-8'?>
|
||||||
|
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
|
||||||
|
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
|
||||||
|
<!ENTITY date SYSTEM "date.xml">
|
||||||
|
<!ENTITY version SYSTEM "version.xml">
|
||||||
|
]>
|
||||||
|
|
||||||
|
<refentry id="setup-nsssysinit">
|
||||||
|
|
||||||
|
<refentryinfo>
|
||||||
|
<date>&date;</date>
|
||||||
|
<title>Network Security Services</title>
|
||||||
|
<productname>nss</productname>
|
||||||
|
<productnumber>&version;</productnumber>
|
||||||
|
</refentryinfo>
|
||||||
|
|
||||||
|
<refmeta>
|
||||||
|
<refentrytitle>setup-nsssysinit</refentrytitle>
|
||||||
|
<manvolnum>1</manvolnum>
|
||||||
|
</refmeta>
|
||||||
|
|
||||||
|
<refnamediv>
|
||||||
|
<refname>setup-nsssysinit</refname>
|
||||||
|
<refpurpose>Query or enable the nss-sysinit module</refpurpose>
|
||||||
|
</refnamediv>
|
||||||
|
|
||||||
|
<refsynopsisdiv>
|
||||||
|
<cmdsynopsis>
|
||||||
|
<command>setup-nsssysinit</command>
|
||||||
|
<arg><option>on</option></arg>
|
||||||
|
<arg><option>off</option></arg>
|
||||||
|
<arg><option>status</option></arg>
|
||||||
|
</cmdsynopsis>
|
||||||
|
</refsynopsisdiv>
|
||||||
|
|
||||||
|
<refsection id="description">
|
||||||
|
<title>Description</title>
|
||||||
|
<para><command>setup-nsssysinit</command> is a shell script to query the status of the nss-sysinit module and when run with root priviledge it can enable or disable it. </para>
|
||||||
|
<para>Turns on or off the nss-sysinit module db by editing the global PKCS #11 configuration file. Displays the status. This script can be invoked by the user as super user. It is invoked at nss-sysinit post install time with argument on.
|
||||||
|
</para>
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
<refsection>
|
||||||
|
<title>Options</title>
|
||||||
|
|
||||||
|
<variablelist>
|
||||||
|
<varlistentry>
|
||||||
|
<term><option>on</option></term>
|
||||||
|
<listitem><simpara>Turn on nss-sysinit.</simpara></listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term><option>off</option></term>
|
||||||
|
<listitem><simpara>Turn on nss-sysinit.</simpara></listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term><option>status</option></term>
|
||||||
|
<listitem><simpara>returns whether nss-syinit is enabled or not.</simpara></listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
|
</variablelist>
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
<refsection>
|
||||||
|
<title>Examples</title>
|
||||||
|
|
||||||
|
<para>The following example will query for the status of nss-sysinit:
|
||||||
|
<programlisting>
|
||||||
|
/usr/bin/setup-nsssysinit status
|
||||||
|
</programlisting>
|
||||||
|
</para>
|
||||||
|
|
||||||
|
<para>The following example, when run as superuser, will turn on nss-sysinit:
|
||||||
|
<programlisting>
|
||||||
|
/usr/bin/setup-nsssysinit on
|
||||||
|
</programlisting>
|
||||||
|
</para>
|
||||||
|
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
<refsection>
|
||||||
|
<title>Files</title>
|
||||||
|
<para><filename>/usr/bin/setup-nsssysinit</filename></para>
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
<refsection>
|
||||||
|
<title>See also</title>
|
||||||
|
<para>pkg-config(1)</para>
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
<refsection id="authors">
|
||||||
|
<title>Authors</title>
|
||||||
|
<para>The nss libraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.</para>
|
||||||
|
<para>Authors: Elio Maldonado <emaldona@redhat.com>.</para>
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
<!-- don't change -->
|
||||||
|
<refsection id="license">
|
||||||
|
<title>LICENSE</title>
|
||||||
|
<para>Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||||
|
</para>
|
||||||
|
</refsection>
|
||||||
|
|
||||||
|
</refentry>
|
||||||
|
|
14
sources
14
sources
@ -1,8 +1,6 @@
|
|||||||
3902499c8e02b02d4944f21d3c6a839f nss-3.12.6-stripped.tar.bz2
|
SHA512 (blank-cert8.db) = ac131d15708c5f1b5e467831f919f4fc4ba13b60a4bb5fe260c845fa9afcd899a588d21ed52060abaa1bbb29f2b53af8b495d28407183cb03aff1974f95f1d3d
|
||||||
f32d884d178082ce8201f01e21f0d050 nss-pem-20100412.tar.bz2
|
SHA512 (blank-cert9.db) = 2f8eab4c0612210ee47db8a3a80c1b58a0b43849551af78c7da403fda3e3d4e7757838061ae56ccf5aac335cb54f254f0a9e6e9c0dd5920b4155a39264525b06
|
||||||
a5ae49867124ac75f029a9a33af31bad blank-cert8.db
|
SHA512 (blank-key3.db) = 01f7314e9fc8a7c9aa997652624cfcde213d18a6b3bb31840c1a60bbd662e56b5bc3221d13874abb42ce78163b225a6dfce2e1326cf6dd29366ad9c28ba5a71c
|
||||||
9315689bbd9f28ceebd47894f99fccbd blank-key3.db
|
SHA512 (blank-key4.db) = 8fedae93af7163da23fe9492ea8e785a44c291604fa98e58438448efb69c85d3253fc22b926d5c3209c62e58a86038fd4d78a1c4c068bc00600a7f3e5382ebe7
|
||||||
73bc040a0542bba387e6dd7fb9fd7d23 blank-secmod.db
|
SHA512 (blank-secmod.db) = 06a2dbd861839ef6315093459328b500d3832333a34b30e6fac4a2503af337f014a4d319f0f93322409e719142904ce8bc08252ae9a4f37f30d4c3312e900310
|
||||||
691e663ccc07b7a1eaa6f088e03bf8e2 blank-cert9.db
|
SHA512 (nss-3.52.tar.gz) = a45baf38717bceda03c292b2c01def680a24a846327e17d36044a85e30ed40c68220c78c0a2c3025c11778ee58f5d5eb0fff1b4cd274b95c408fb59e394e62c6
|
||||||
2ec9e0606ba40fe65196545564b7cc2a blank-key4.db
|
|
||||||
9bbc62615e6b2b22547375b5d39ddfe7 PayPalEE.cert
|
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
library=
|
library=libnsssysinit.so
|
||||||
name=NSS Internal PKCS #11 Module
|
name=NSS Internal PKCS #11 Module
|
||||||
parameters=configdir='sql:/etc/pki/nssdb' certPrefix='' keyPrefix='' secmod='secmod.db' flags= updatedir='' updateCertPrefix='' updateKeyPrefix='' updateid='' updateTokenDescription=''
|
parameters=configdir='sql:/etc/pki/nssdb' certPrefix='' keyPrefix='' secmod='secmod.db' flags= updatedir='' updateCertPrefix='' updateKeyPrefix='' updateid='' updateTokenDescription=''
|
||||||
NSS=Flags=internal,critical trustOrder=75 cipherOrder=100 slotParams=(1={slotFlags=[RSA,DSA,DH,RC2,RC4,DES,RANDOM,SHA1,MD5,MD2,SSL,TLS,AES,Camellia,SEED,SHA256,SHA512] askpw=any timeout=30})
|
NSS=Flags=internal,moduleDBOnly,critical trustOrder=75 cipherOrder=100 slotParams=(1={slotFlags=[RSA,DSA,DH,RC2,RC4,DES,RANDOM,SHA1,MD5,MD2,SSL,TLS,AES,Camellia,SEED,SHA256,SHA512] askpw=any timeout=30})
|
||||||
|
|
||||||
|
64
tests/NSS-tools-should-not-use-SHA1-by-default-when/Makefile
Normal file
64
tests/NSS-tools-should-not-use-SHA1-by-default-when/Makefile
Normal file
@ -0,0 +1,64 @@
|
|||||||
|
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
#
|
||||||
|
# Makefile of /CoreOS/nss/Regression/NSS-tools-should-not-use-SHA1-by-default-when
|
||||||
|
# Description: NSS tools should not use SHA1 by default when
|
||||||
|
# Author: Hubert Kario <hkario@redhat.com>
|
||||||
|
#
|
||||||
|
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
#
|
||||||
|
# Copyright (c) 2016 Red Hat, Inc.
|
||||||
|
#
|
||||||
|
# This copyrighted material is made available to anyone wishing
|
||||||
|
# to use, modify, copy, or redistribute it subject to the terms
|
||||||
|
# and conditions of the GNU General Public License version 2.
|
||||||
|
#
|
||||||
|
# This program is distributed in the hope that it will be
|
||||||
|
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||||
|
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||||
|
# PURPOSE. See the GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public
|
||||||
|
# License along with this program; if not, write to the Free
|
||||||
|
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
|
||||||
|
# Boston, MA 02110-1301, USA.
|
||||||
|
#
|
||||||
|
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
|
export TEST=/CoreOS/nss/Regression/NSS-tools-should-not-use-SHA1-by-default-when
|
||||||
|
export TESTVERSION=1.0
|
||||||
|
|
||||||
|
BUILT_FILES=
|
||||||
|
|
||||||
|
FILES=$(METADATA) runtest.sh Makefile PURPOSE
|
||||||
|
|
||||||
|
.PHONY: all install download clean
|
||||||
|
|
||||||
|
run: $(FILES) build
|
||||||
|
./runtest.sh
|
||||||
|
|
||||||
|
build: $(BUILT_FILES)
|
||||||
|
test -x runtest.sh || chmod a+x runtest.sh
|
||||||
|
|
||||||
|
clean:
|
||||||
|
rm -f *~ $(BUILT_FILES)
|
||||||
|
|
||||||
|
|
||||||
|
include /usr/share/rhts/lib/rhts-make.include
|
||||||
|
|
||||||
|
$(METADATA): Makefile
|
||||||
|
@echo "Owner: Hubert Kario <hkario@redhat.com>" > $(METADATA)
|
||||||
|
@echo "Name: $(TEST)" >> $(METADATA)
|
||||||
|
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
||||||
|
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
||||||
|
@echo "Description: NSS tools should not use SHA1 by default when" >> $(METADATA)
|
||||||
|
@echo "Type: Regression" >> $(METADATA)
|
||||||
|
@echo "TestTime: 10m" >> $(METADATA)
|
||||||
|
@echo "RunFor: nss openssl" >> $(METADATA)
|
||||||
|
@echo "Requires: nss nss-tools openssl" >> $(METADATA)
|
||||||
|
@echo "Priority: Normal" >> $(METADATA)
|
||||||
|
@echo "License: GPLv2" >> $(METADATA)
|
||||||
|
@echo "Confidential: no" >> $(METADATA)
|
||||||
|
@echo "Destructive: no" >> $(METADATA)
|
||||||
|
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
|
||||||
|
|
||||||
|
rhts-lint $(METADATA)
|
@ -0,0 +1,4 @@
|
|||||||
|
PURPOSE of NSS-tools-should-not-use-SHA1-by-default-when
|
||||||
|
Description: NSS tools should not use SHA1 by default when
|
||||||
|
Author: Hubert Kario <hkario@redhat.com>
|
||||||
|
Summary: NSS tools should not use SHA1 by default when generating digital signatures/certificates
|
125
tests/NSS-tools-should-not-use-SHA1-by-default-when/runtest.sh
Executable file
125
tests/NSS-tools-should-not-use-SHA1-by-default-when/runtest.sh
Executable file
@ -0,0 +1,125 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
||||||
|
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
#
|
||||||
|
# runtest.sh of NSS-tools-should-not-use-SHA1-by-default-when
|
||||||
|
# Description: NSS tools should not use SHA1 by default when
|
||||||
|
# Author: Hubert Kario <hkario@redhat.com>
|
||||||
|
#
|
||||||
|
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
#
|
||||||
|
# Copyright (c) 2016 Red Hat, Inc.
|
||||||
|
#
|
||||||
|
# This copyrighted material is made available to anyone wishing
|
||||||
|
# to use, modify, copy, or redistribute it subject to the terms
|
||||||
|
# and conditions of the GNU General Public License version 2.
|
||||||
|
#
|
||||||
|
# This program is distributed in the hope that it will be
|
||||||
|
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||||
|
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||||
|
# PURPOSE. See the GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public
|
||||||
|
# License along with this program; if not, write to the Free
|
||||||
|
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
|
||||||
|
# Boston, MA 02110-1301, USA.
|
||||||
|
#
|
||||||
|
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
|
# Include Beaker environment
|
||||||
|
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
||||||
|
|
||||||
|
PACKAGE="nss"
|
||||||
|
PACKAGES="nss openssl"
|
||||||
|
DBDIR="nssdb"
|
||||||
|
|
||||||
|
rlJournalStart
|
||||||
|
rlPhaseStartSetup
|
||||||
|
rlAssertRpm --all
|
||||||
|
rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory"
|
||||||
|
rlRun "pushd $TmpDir"
|
||||||
|
rlRun "mkdir nssdb"
|
||||||
|
rlRun "certutil -N -d $DBDIR --empty-password"
|
||||||
|
rlLogInfo "Create a JAR file"
|
||||||
|
rlRun "mkdir java-dir"
|
||||||
|
rlRun "pushd java-dir"
|
||||||
|
rlRun "mkdir META-INF mypackage"
|
||||||
|
rlRun "echo 'Main-Class: mypackage/MyMainFile' > META-INF/MANIFEST.MF"
|
||||||
|
rlRun "echo 'Those are not the droids you are looking for' > mypackage/MyMainFile.class"
|
||||||
|
#rlRun "jar -cfe package.jar mypackage/MyMainFile mypackage/MyMainFile.class"
|
||||||
|
rlRun "popd"
|
||||||
|
#rlRun "mv java-dir/package.jar ."
|
||||||
|
rlPhaseEnd
|
||||||
|
|
||||||
|
rlPhaseStartTest "Self signing certificates"
|
||||||
|
rlRun "dd if=/dev/urandom of=noise bs=1 count=32 >/dev/null"
|
||||||
|
rlRun "certutil -d $DBDIR -S -n 'CA' -t 'cTC,cTC,cTC' -s 'CN=CA' -x -z noise"
|
||||||
|
rlRun -s "certutil -d $DBDIR -L -n 'CA' -a | openssl x509 -noout -text"
|
||||||
|
rlAssertGrep "Signature Algorithm: sha256WithRSAEncryption" "$rlRun_LOG"
|
||||||
|
rlAssertNotGrep "Signature Algorithm: sha1WithRSAEncryption" $rlRun_LOG
|
||||||
|
rlPhaseEnd
|
||||||
|
|
||||||
|
rlPhaseStartTest "Signing certificates"
|
||||||
|
rlRun "dd if=/dev/urandom of=noise bs=1 count=32 >/dev/null"
|
||||||
|
rlRun "certutil -d $DBDIR -S -n 'server' -t 'u,u,u' -s 'CN=server.example.com' -c 'CA' -z noise --nsCertType sslClient,sslServer,objectSigning,smime"
|
||||||
|
rlRun -s "certutil -d $DBDIR -L -n 'server' -a | openssl x509 -noout -text"
|
||||||
|
rlAssertGrep "Signature Algorithm: sha256WithRSAEncryption" "$rlRun_LOG"
|
||||||
|
rlAssertNotGrep "Signature Algorithm: sha1WithRSAEncryption" $rlRun_LOG
|
||||||
|
rlPhaseEnd
|
||||||
|
|
||||||
|
rlPhaseStartTest "Certificate request"
|
||||||
|
rlRun "dd if=/dev/urandom of=noise bs=1 count=32 >/dev/null"
|
||||||
|
rlRun "mkdir srv2db"
|
||||||
|
rlRun "certutil -d srv2db -N --empty-password"
|
||||||
|
rlRun "certutil -d srv2db -R -s CN=www.example.com -o srv2.req -a -z noise"
|
||||||
|
rlRun -s "openssl req -noout -text -in srv2.req"
|
||||||
|
rlAssertGrep "Signature Algorithm: sha256WithRSAEncryption" "$rlRun_LOG"
|
||||||
|
rlAssertNotGrep "Signature Algorithm: sha1WithRSAEncryption" $rlRun_LOG
|
||||||
|
rlRun "certutil -d $DBDIR -C -c 'CA' -i srv2.req -a -o srv2.crt"
|
||||||
|
rlRun -s "openssl x509 -in srv2.crt -noout -text"
|
||||||
|
rlAssertGrep "Signature Algorithm: sha256WithRSAEncryption" "$rlRun_LOG"
|
||||||
|
rlAssertNotGrep "Signature Algorithm: sha1WithRSAEncryption" $rlRun_LOG
|
||||||
|
rlRun "rm -rf srv2db"
|
||||||
|
rlPhaseEnd
|
||||||
|
|
||||||
|
rlPhaseStartTest "Certificate request with SHA1"
|
||||||
|
rlRun "dd if=/dev/urandom of=noise bs=1 count=32 >/dev/null"
|
||||||
|
rlRun "mkdir srv2db"
|
||||||
|
rlRun "certutil -d srv2db -N --empty-password"
|
||||||
|
rlRun "certutil -d srv2db -R -s CN=www.example.com -o srv2.req -a -z noise -Z SHA1"
|
||||||
|
rlRun -s "openssl req -noout -text -in srv2.req"
|
||||||
|
rlAssertGrep "Signature Algorithm: sha1WithRSAEncryption" "$rlRun_LOG"
|
||||||
|
rlRun "certutil -d $DBDIR -C -c 'CA' -i srv2.req -a -o srv2.crt"
|
||||||
|
rlRun -s "openssl x509 -in srv2.crt -noout -text"
|
||||||
|
rlAssertGrep "Signature Algorithm: sha256WithRSAEncryption" "$rlRun_LOG"
|
||||||
|
rlAssertNotGrep "Signature Algorithm: sha1WithRSAEncryption" $rlRun_LOG
|
||||||
|
rlRun "rm -rf srv2db"
|
||||||
|
rlPhaseEnd
|
||||||
|
|
||||||
|
rlPhaseStartTest "Signing CMS messages"
|
||||||
|
rlRun "echo 'This is a document' > document.txt"
|
||||||
|
rlRun "cmsutil -S -d $DBDIR -N 'server' -i document.txt -o document.cms"
|
||||||
|
rlRun -s "openssl cms -in document.cms -inform der -noout -cmsout -print"
|
||||||
|
rlAssertGrep "algorithm: sha256" $rlRun_LOG
|
||||||
|
rlAssertNotGrep "algorithm: sha1" $rlRun_LOG
|
||||||
|
rlPhaseEnd
|
||||||
|
|
||||||
|
rlPhaseStartTest "CRL signing"
|
||||||
|
rlRun "echo $(date --utc +update=%Y%m%d%H%M%SZ) > script"
|
||||||
|
rlRun "echo $(date -d 'next week' --utc +nextupdate=%Y%m%d%H%M%SZ) >> script"
|
||||||
|
rlRun "echo addext crlNumber 0 1245 >>script"
|
||||||
|
rlRun "echo addcert 12 $(date -d 'yesterday' --utc +%Y%m%d%H%M%SZ) >>script"
|
||||||
|
rlRun "echo addext reasonCode 0 0 >>script"
|
||||||
|
rlRun "cat script"
|
||||||
|
rlRun "crlutil -G -c script -d $DBDIR -n CA -o ca.crl"
|
||||||
|
rlRun -s "openssl crl -in ca.crl -inform der -noout -text"
|
||||||
|
rlAssertGrep "Signature Algorithm: sha256WithRSAEncryption" $rlRun_LOG
|
||||||
|
rlAssertNotGrep "Signature Algorithm: sha1WithRSAEncryption" $rlRun_LOG
|
||||||
|
rlPhaseEnd
|
||||||
|
|
||||||
|
rlPhaseStartCleanup
|
||||||
|
rlRun "popd"
|
||||||
|
rlRun "rm -r $TmpDir" 0 "Removing tmp directory"
|
||||||
|
rlPhaseEnd
|
||||||
|
rlJournalPrintText
|
||||||
|
rlJournalEnd
|
12
tests/tests.yml
Normal file
12
tests/tests.yml
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
---
|
||||||
|
# This first play always runs on the local staging system
|
||||||
|
- hosts: localhost
|
||||||
|
roles:
|
||||||
|
- role: standard-test-beakerlib
|
||||||
|
tags:
|
||||||
|
- classic
|
||||||
|
tests:
|
||||||
|
- NSS-tools-should-not-use-SHA1-by-default-when
|
||||||
|
required_packages:
|
||||||
|
- nss-tools
|
||||||
|
- nss
|
@ -1,720 +0,0 @@
|
|||||||
Index: ./mozilla/security/nss/cmd/p7content/p7content.c
|
|
||||||
===================================================================
|
|
||||||
RCS file: /cvsroot/mozilla/security/nss/cmd/p7content/p7content.c,v
|
|
||||||
retrieving revision 1.12
|
|
||||||
diff -u -p -r1.12 p7content.c
|
|
||||||
--- ./mozilla/security/nss/cmd/p7content/p7content.c 4 Aug 2008 22:58:31 -0000 1.12
|
|
||||||
+++ ./mozilla/security/nss/cmd/p7content/p7content.c 2 Mar 2010 18:29:48 -0000
|
|
||||||
@@ -64,7 +64,7 @@ extern int fprintf(FILE *, char *, ...);
|
|
||||||
|
|
||||||
|
|
||||||
static void
|
|
||||||
-Usage(char *progName)
|
|
||||||
+Usage(const char *progName)
|
|
||||||
{
|
|
||||||
fprintf(stderr,
|
|
||||||
"Usage: %s [-d dbdir] [-i input] [-o output]\n",
|
|
||||||
@@ -195,6 +195,15 @@ DecodeAndPrintFile(FILE *out, PRFileDesc
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
+static void
|
|
||||||
+PrintMsgAndExit(const char *progName, char opt)
|
|
||||||
+{
|
|
||||||
+ fprintf(stderr, "%s: option -%c requires argument\n", progName, opt);
|
|
||||||
+ Usage(progName);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+#define REQUIRE_ARG(opt,value) if (!(value)) PrintMsgAndExit(progName, opt)
|
|
||||||
+
|
|
||||||
/*
|
|
||||||
* Print the contents of a PKCS7 message, indicating signatures, etc.
|
|
||||||
*/
|
|
||||||
@@ -222,10 +231,12 @@ main(int argc, char **argv)
|
|
||||||
while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
|
|
||||||
switch (optstate->option) {
|
|
||||||
case 'd':
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
SECU_ConfigDirectory(optstate->value);
|
|
||||||
break;
|
|
||||||
|
|
||||||
case 'i':
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
inFile = PR_Open(optstate->value, PR_RDONLY, 0);
|
|
||||||
if (!inFile) {
|
|
||||||
fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
|
|
||||||
@@ -235,6 +246,7 @@ main(int argc, char **argv)
|
|
||||||
break;
|
|
||||||
|
|
||||||
case 'o':
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
outFile = fopen(optstate->value, "w");
|
|
||||||
if (!outFile) {
|
|
||||||
fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
|
|
||||||
@@ -244,11 +256,13 @@ main(int argc, char **argv)
|
|
||||||
break;
|
|
||||||
|
|
||||||
case 'p':
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
pwdata.source = PW_PLAINTEXT;
|
|
||||||
pwdata.data = PORT_Strdup (optstate->value);
|
|
||||||
break;
|
|
||||||
|
|
||||||
case 'f':
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
pwdata.source = PW_FROMFILE;
|
|
||||||
pwdata.data = PORT_Strdup (optstate->value);
|
|
||||||
break;
|
|
||||||
Index: ./mozilla/security/nss/cmd/p7env/p7env.c
|
|
||||||
===================================================================
|
|
||||||
RCS file: /cvsroot/mozilla/security/nss/cmd/p7env/p7env.c,v
|
|
||||||
retrieving revision 1.10
|
|
||||||
diff -u -p -r1.10 p7env.c
|
|
||||||
--- ./mozilla/security/nss/cmd/p7env/p7env.c 11 Feb 2010 02:39:47 -0000 1.10
|
|
||||||
+++ ./mozilla/security/nss/cmd/p7env/p7env.c 2 Mar 2010 18:29:48 -0000
|
|
||||||
@@ -63,7 +63,7 @@ extern int fprintf(FILE *, char *, ...);
|
|
||||||
|
|
||||||
|
|
||||||
static void
|
|
||||||
-Usage(char *progName)
|
|
||||||
+Usage(const char *progName)
|
|
||||||
{
|
|
||||||
fprintf(stderr,
|
|
||||||
"Usage: %s -r recipient [-d dbdir] [-i input] [-o output]\n",
|
|
||||||
@@ -159,6 +159,15 @@ EncryptFile(FILE *outFile, FILE *inFile,
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
+static void
|
|
||||||
+PrintMsgAndExit(const char *progName, char opt)
|
|
||||||
+{
|
|
||||||
+ fprintf(stderr, "%s: option -%c requires argument\n", progName, opt);
|
|
||||||
+ Usage(progName);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+#define REQUIRE_ARG(opt,value) if (!(value)) PrintMsgAndExit(progName, opt)
|
|
||||||
+
|
|
||||||
int
|
|
||||||
main(int argc, char **argv)
|
|
||||||
{
|
|
||||||
@@ -194,10 +203,12 @@ main(int argc, char **argv)
|
|
||||||
break;
|
|
||||||
|
|
||||||
case 'd':
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
SECU_ConfigDirectory(optstate->value);
|
|
||||||
break;
|
|
||||||
|
|
||||||
case 'i':
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
inFile = fopen(optstate->value, "r");
|
|
||||||
if (!inFile) {
|
|
||||||
fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
|
|
||||||
@@ -207,6 +218,7 @@ main(int argc, char **argv)
|
|
||||||
break;
|
|
||||||
|
|
||||||
case 'o':
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
outFile = fopen(optstate->value, "wb");
|
|
||||||
if (!outFile) {
|
|
||||||
fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
|
|
||||||
@@ -216,6 +228,7 @@ main(int argc, char **argv)
|
|
||||||
break;
|
|
||||||
|
|
||||||
case 'r':
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
if (rcpt == NULL) {
|
|
||||||
recipients = rcpt = PORT_Alloc (sizeof(struct recipient));
|
|
||||||
} else {
|
|
||||||
Index: ./mozilla/security/nss/cmd/p7sign/p7sign.c
|
|
||||||
===================================================================
|
|
||||||
RCS file: /cvsroot/mozilla/security/nss/cmd/p7sign/p7sign.c,v
|
|
||||||
retrieving revision 1.14
|
|
||||||
diff -u -p -r1.14 p7sign.c
|
|
||||||
--- ./mozilla/security/nss/cmd/p7sign/p7sign.c 4 Aug 2008 22:58:28 -0000 1.14
|
|
||||||
+++ ./mozilla/security/nss/cmd/p7sign/p7sign.c 2 Mar 2010 18:29:48 -0000
|
|
||||||
@@ -67,7 +67,7 @@ extern int fprintf(FILE *, char *, ...);
|
|
||||||
static secuPWData pwdata = { PW_NONE, 0 };
|
|
||||||
|
|
||||||
static void
|
|
||||||
-Usage(char *progName)
|
|
||||||
+Usage(const char *progName)
|
|
||||||
{
|
|
||||||
fprintf(stderr,
|
|
||||||
"Usage: %s -k keyname [-d keydir] [-i input] [-o output]\n",
|
|
||||||
@@ -173,6 +173,15 @@ SignFile(FILE *outFile, PRFileDesc *inFi
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
+static void
|
|
||||||
+PrintMsgAndExit(const char *progName, char opt)
|
|
||||||
+{
|
|
||||||
+ fprintf(stderr, "%s: option -%c requires argument\n", progName, opt);
|
|
||||||
+ Usage(progName);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+#define REQUIRE_ARG(opt,value) if (!(value)) PrintMsgAndExit(progName, opt)
|
|
||||||
+
|
|
||||||
int
|
|
||||||
main(int argc, char **argv)
|
|
||||||
{
|
|
||||||
@@ -210,10 +219,12 @@ main(int argc, char **argv)
|
|
||||||
break;
|
|
||||||
|
|
||||||
case 'd':
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
SECU_ConfigDirectory(optstate->value);
|
|
||||||
break;
|
|
||||||
|
|
||||||
case 'i':
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
inFile = PR_Open(optstate->value, PR_RDONLY, 0);
|
|
||||||
if (!inFile) {
|
|
||||||
fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
|
|
||||||
@@ -223,10 +234,12 @@ main(int argc, char **argv)
|
|
||||||
break;
|
|
||||||
|
|
||||||
case 'k':
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
keyName = strdup(optstate->value);
|
|
||||||
break;
|
|
||||||
|
|
||||||
case 'o':
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
outFile = fopen(optstate->value, "wb");
|
|
||||||
if (!outFile) {
|
|
||||||
fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
|
|
||||||
@@ -235,11 +248,13 @@ main(int argc, char **argv)
|
|
||||||
}
|
|
||||||
break;
|
|
||||||
case 'p':
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
pwdata.source = PW_PLAINTEXT;
|
|
||||||
pwdata.data = strdup (optstate->value);
|
|
||||||
break;
|
|
||||||
|
|
||||||
case 'f':
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
pwdata.source = PW_FROMFILE;
|
|
||||||
pwdata.data = PORT_Strdup (optstate->value);
|
|
||||||
break;
|
|
||||||
Index: ./mozilla/security/nss/cmd/p7verify/p7verify.c
|
|
||||||
===================================================================
|
|
||||||
RCS file: /cvsroot/mozilla/security/nss/cmd/p7verify/p7verify.c,v
|
|
||||||
retrieving revision 1.10
|
|
||||||
diff -u -p -r1.10 p7verify.c
|
|
||||||
--- ./mozilla/security/nss/cmd/p7verify/p7verify.c 8 Aug 2008 23:47:57 -0000 1.10
|
|
||||||
+++ ./mozilla/security/nss/cmd/p7verify/p7verify.c 2 Mar 2010 18:29:48 -0000
|
|
||||||
@@ -126,7 +126,7 @@ DigestFile(unsigned char *digest, unsign
|
|
||||||
|
|
||||||
|
|
||||||
static void
|
|
||||||
-Usage(char *progName)
|
|
||||||
+Usage(const char *progName)
|
|
||||||
{
|
|
||||||
fprintf(stderr,
|
|
||||||
"Usage: %s -c content -s signature [-d dbdir] [-u certusage]\n",
|
|
||||||
@@ -209,6 +209,14 @@ HashDecodeAndVerify(FILE *out, FILE *con
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
+static void
|
|
||||||
+PrintMsgAndExit(const char *progName, char opt)
|
|
||||||
+{
|
|
||||||
+ fprintf(stderr, "%s: option -%c requires argument\n", progName, opt);
|
|
||||||
+ Usage(progName);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+#define REQUIRE_ARG(opt,arg) if (!(arg)) PrintMsgAndExit(progName, opt)
|
|
||||||
|
|
||||||
int
|
|
||||||
main(int argc, char **argv)
|
|
||||||
@@ -239,6 +247,7 @@ main(int argc, char **argv)
|
|
||||||
break;
|
|
||||||
|
|
||||||
case 'c':
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
contentFile = fopen(optstate->value, "r");
|
|
||||||
if (!contentFile) {
|
|
||||||
fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
|
|
||||||
@@ -248,10 +257,12 @@ main(int argc, char **argv)
|
|
||||||
break;
|
|
||||||
|
|
||||||
case 'd':
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
SECU_ConfigDirectory(optstate->value);
|
|
||||||
break;
|
|
||||||
|
|
||||||
case 'o':
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
outFile = fopen(optstate->value, "w");
|
|
||||||
if (!outFile) {
|
|
||||||
fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
|
|
||||||
@@ -261,6 +272,7 @@ main(int argc, char **argv)
|
|
||||||
break;
|
|
||||||
|
|
||||||
case 's':
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
signatureFile = PR_Open(optstate->value, PR_RDONLY, 0);
|
|
||||||
if (!signatureFile) {
|
|
||||||
fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
|
|
||||||
@@ -271,7 +283,7 @@ main(int argc, char **argv)
|
|
||||||
|
|
||||||
case 'u': {
|
|
||||||
int usageType;
|
|
||||||
-
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
usageType = atoi (strdup(optstate->value));
|
|
||||||
if (usageType < certUsageSSLClient || usageType > certUsageAnyCA)
|
|
||||||
return -1;
|
|
||||||
Index: ./mozilla/security/nss/cmd/strsclnt/strsclnt.c
|
|
||||||
===================================================================
|
|
||||||
RCS file: /cvsroot/mozilla/security/nss/cmd/strsclnt/strsclnt.c,v
|
|
||||||
retrieving revision 1.66
|
|
||||||
diff -u -p -r1.66 strsclnt.c
|
|
||||||
--- ./mozilla/security/nss/cmd/strsclnt/strsclnt.c 10 Feb 2010 18:07:20 -0000 1.66
|
|
||||||
+++ ./mozilla/security/nss/cmd/strsclnt/strsclnt.c 2 Mar 2010 18:29:51 -0000
|
|
||||||
@@ -1325,6 +1325,15 @@ done:
|
|
||||||
return rv;
|
|
||||||
}
|
|
||||||
|
|
||||||
+static void
|
|
||||||
+PrintMsgAndExit(const char *progName, char opt)
|
|
||||||
+{
|
|
||||||
+ fprintf(stderr, "%s: option -%c requires argument\n", progName, opt);
|
|
||||||
+ Usage(progName);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+#define REQUIRE_ARG(opt,value) if (!(value)) PrintMsgAndExit(progName, opt)
|
|
||||||
+
|
|
||||||
int
|
|
||||||
main(int argc, char **argv)
|
|
||||||
{
|
|
||||||
@@ -1364,33 +1373,57 @@ main(int argc, char **argv)
|
|
||||||
|
|
||||||
case 'B': bypassPKCS11 = PR_TRUE; break;
|
|
||||||
|
|
||||||
- case 'C': cipherString = optstate->value; break;
|
|
||||||
+ case 'C':
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
+ cipherString = optstate->value;
|
|
||||||
+ break;
|
|
||||||
|
|
||||||
case 'D': NoDelay = PR_TRUE; break;
|
|
||||||
|
|
||||||
case 'N': NoReuse = 1; break;
|
|
||||||
|
|
||||||
- case 'P': fullhs = PORT_Atoi(optstate->value); break;
|
|
||||||
+ case 'P':
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
+ fullhs = PORT_Atoi(optstate->value);
|
|
||||||
+ break;
|
|
||||||
|
|
||||||
case 'T': disableTLS = PR_TRUE; break;
|
|
||||||
|
|
||||||
case 'U': ThrottleUp = PR_TRUE; break;
|
|
||||||
|
|
||||||
- case 'a': sniHostName = PL_strdup(optstate->value); break;
|
|
||||||
+ case 'a':
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
+ sniHostName = PL_strdup(optstate->value);
|
|
||||||
+ break;
|
|
||||||
|
|
||||||
- case 'c': connections = PORT_Atoi(optstate->value); break;
|
|
||||||
+ case 'c':
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
+ connections = PORT_Atoi(optstate->value);
|
|
||||||
+ break;
|
|
||||||
|
|
||||||
- case 'd': dir = optstate->value; break;
|
|
||||||
+ case 'd':
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
+ dir = optstate->value;
|
|
||||||
+ break;
|
|
||||||
|
|
||||||
- case 'f': fileName = optstate->value; break;
|
|
||||||
+ case 'f':
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
+ fileName = optstate->value;
|
|
||||||
+ break;
|
|
||||||
|
|
||||||
case 'i': ignoreErrors = PR_TRUE; break;
|
|
||||||
|
|
||||||
- case 'n': nickName = PL_strdup(optstate->value); break;
|
|
||||||
+ case 'n':
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
+ nickName = PL_strdup(optstate->value);
|
|
||||||
+ break;
|
|
||||||
|
|
||||||
case 'o': MakeCertOK++; break;
|
|
||||||
|
|
||||||
- case 'p': port = PORT_Atoi(optstate->value); break;
|
|
||||||
+ case 'p':
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
+ port = PORT_Atoi(optstate->value);
|
|
||||||
+ break;
|
|
||||||
|
|
||||||
case 'q': QuitOnTimeout = PR_TRUE; break;
|
|
||||||
|
|
||||||
@@ -1407,11 +1440,13 @@ main(int argc, char **argv)
|
|
||||||
case 'v': verbose++; break;
|
|
||||||
|
|
||||||
case 'w':
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
pwdata.source = PW_PLAINTEXT;
|
|
||||||
pwdata.data = PL_strdup(optstate->value);
|
|
||||||
break;
|
|
||||||
|
|
||||||
case 'W':
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
pwdata.source = PW_FROMFILE;
|
|
||||||
pwdata.data = PL_strdup(optstate->value);
|
|
||||||
break;
|
|
||||||
@@ -1419,6 +1454,7 @@ main(int argc, char **argv)
|
|
||||||
case 'z': enableCompression = PR_TRUE; break;
|
|
||||||
|
|
||||||
case 0: /* positional parameter */
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
if (hostName) {
|
|
||||||
Usage(progName);
|
|
||||||
}
|
|
||||||
Index: ./mozilla/security/nss/cmd/tests/remtest.c
|
|
||||||
===================================================================
|
|
||||||
RCS file: /cvsroot/mozilla/security/nss/cmd/tests/remtest.c,v
|
|
||||||
retrieving revision 1.5
|
|
||||||
diff -u -p -r1.5 remtest.c
|
|
||||||
--- ./mozilla/security/nss/cmd/tests/remtest.c 8 Aug 2008 23:48:09 -0000 1.5
|
|
||||||
+++ ./mozilla/security/nss/cmd/tests/remtest.c 2 Mar 2010 18:29:51 -0000
|
|
||||||
@@ -69,6 +69,15 @@ Usage(char *progName)
|
|
||||||
exit(1);
|
|
||||||
}
|
|
||||||
|
|
||||||
+static void
|
|
||||||
+PrintMsgAndExit(const char *progName, char opt)
|
|
||||||
+{
|
|
||||||
+ fprintf(stderr, "%s: option -%c requires argument\n", progName, opt);
|
|
||||||
+ Usage(progName);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+#define REQUIRE_ARG(opt,value) if (!(value)) PrintMsgAndExit(progName, opt)
|
|
||||||
+
|
|
||||||
int main(int argc, char **argv)
|
|
||||||
{
|
|
||||||
char * certDir = NULL;
|
|
||||||
@@ -92,10 +101,12 @@ int main(int argc, char **argv)
|
|
||||||
switch (optstate->option) {
|
|
||||||
|
|
||||||
case 'd':
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
certDir = strdup(optstate->value);
|
|
||||||
certDir = SECU_ConfigDirectory(certDir);
|
|
||||||
break;
|
|
||||||
case 't':
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
tokenName = strdup(optstate->value);
|
|
||||||
break;
|
|
||||||
case 'r':
|
|
||||||
Index: ./mozilla/security/nss/cmd/tstclnt/tstclnt.c
|
|
||||||
===================================================================
|
|
||||||
RCS file: /cvsroot/mozilla/security/nss/cmd/tstclnt/tstclnt.c,v
|
|
||||||
retrieving revision 1.62
|
|
||||||
diff -u -p -r1.62 tstclnt.c
|
|
||||||
--- ./mozilla/security/nss/cmd/tstclnt/tstclnt.c 10 Feb 2010 18:07:21 -0000 1.62
|
|
||||||
+++ ./mozilla/security/nss/cmd/tstclnt/tstclnt.c 2 Mar 2010 18:29:51 -0000
|
|
||||||
@@ -497,6 +497,15 @@ separateReqHeader(const PRFileDesc* outF
|
|
||||||
Usage(progName); \
|
|
||||||
}
|
|
||||||
|
|
||||||
+static void
|
|
||||||
+PrintMsgAndExit(const char *progName, char opt)
|
|
||||||
+{
|
|
||||||
+ fprintf(stderr, "%s: option -%c requires argument\n", progName, opt);
|
|
||||||
+ Usage(progName);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+#define REQUIRE_ARG(opt,value) if (!(value)) PrintMsgAndExit(progName, opt)
|
|
||||||
+
|
|
||||||
int main(int argc, char **argv)
|
|
||||||
{
|
|
||||||
PRFileDesc * s;
|
|
||||||
@@ -563,38 +572,56 @@ int main(int argc, char **argv)
|
|
||||||
|
|
||||||
case 'B': bypassPKCS11 = 1; break;
|
|
||||||
|
|
||||||
- case 'S': skipProtoHeader = PR_TRUE; break;
|
|
||||||
+ case 'S': skipProtoHeader = PR_TRUE; break;
|
|
||||||
|
|
||||||
case 'T': disableTLS = 1; break;
|
|
||||||
|
|
||||||
- case 'a': if (!hs1SniHostName) {
|
|
||||||
- hs1SniHostName = PORT_Strdup(optstate->value);
|
|
||||||
- } else if (!hs2SniHostName) {
|
|
||||||
- hs2SniHostName = PORT_Strdup(optstate->value);
|
|
||||||
- } else {
|
|
||||||
- Usage(progName);
|
|
||||||
- }
|
|
||||||
- break;
|
|
||||||
-
|
|
||||||
- case 'c': cipherString = PORT_Strdup(optstate->value); break;
|
|
||||||
-
|
|
||||||
- case 'd': certDir = PORT_Strdup(optstate->value); break;
|
|
||||||
+ case 'a':
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
+ if (!hs1SniHostName) {
|
|
||||||
+ hs1SniHostName = PORT_Strdup(optstate->value);
|
|
||||||
+ } else if (!hs2SniHostName) {
|
|
||||||
+ hs2SniHostName = PORT_Strdup(optstate->value);
|
|
||||||
+ } else {
|
|
||||||
+ Usage(progName);
|
|
||||||
+ }
|
|
||||||
+ break;
|
|
||||||
+
|
|
||||||
+ case 'c':
|
|
||||||
+ REQUIRE_ARG(optstate->option,optstate->value);
|
|
||||||
+ cipherString = PORT_Strdup(optstate->value);
|
|
||||||
+ break;
|
|
||||||
+
|
|
||||||
+ case 'd':
|
|
||||||
+ REQUIRE_ARG(optstate->option,optstate->value);
|
|
||||||
+ certDir = PORT_Strdup(optstate->value);
|
|
||||||
+ break;
|
|
||||||
|
|
||||||
case 'f': clientSpeaksFirst = PR_TRUE; break;
|
|
||||||
|
|
||||||
- case 'h': host = PORT_Strdup(optstate->value); break;
|
|
||||||
+ case 'h':
|
|
||||||
+ REQUIRE_ARG(optstate->option,optstate->value);
|
|
||||||
+ host = PORT_Strdup(optstate->value);
|
|
||||||
+ break;
|
|
||||||
|
|
||||||
case 'm':
|
|
||||||
+ REQUIRE_ARG(optstate->option,optstate->value);
|
|
||||||
multiplier = atoi(optstate->value);
|
|
||||||
if (multiplier < 0)
|
|
||||||
multiplier = 0;
|
|
||||||
break;
|
|
||||||
|
|
||||||
- case 'n': nickname = PORT_Strdup(optstate->value); break;
|
|
||||||
+ case 'n':
|
|
||||||
+ REQUIRE_ARG(optstate->option,optstate->value);
|
|
||||||
+ nickname = PORT_Strdup(optstate->value);
|
|
||||||
+ break;
|
|
||||||
|
|
||||||
case 'o': override = 1; break;
|
|
||||||
|
|
||||||
- case 'p': portno = (PRUint16)atoi(optstate->value); break;
|
|
||||||
+ case 'p':
|
|
||||||
+ REQUIRE_ARG(optstate->option,optstate->value);
|
|
||||||
+ portno = (PRUint16)atoi(optstate->value);
|
|
||||||
+ break;
|
|
||||||
|
|
||||||
case 'q': pingServerFirst = PR_TRUE; break;
|
|
||||||
|
|
||||||
@@ -604,17 +631,22 @@ int main(int argc, char **argv)
|
|
||||||
|
|
||||||
case 'v': verbose++; break;
|
|
||||||
|
|
||||||
- case 'r': renegotiationsToDo = atoi(optstate->value); break;
|
|
||||||
-
|
|
||||||
- case 'w':
|
|
||||||
- pwdata.source = PW_PLAINTEXT;
|
|
||||||
- pwdata.data = PORT_Strdup(optstate->value);
|
|
||||||
- break;
|
|
||||||
-
|
|
||||||
- case 'W':
|
|
||||||
- pwdata.source = PW_FROMFILE;
|
|
||||||
- pwdata.data = PORT_Strdup(optstate->value);
|
|
||||||
- break;
|
|
||||||
+ case 'r':
|
|
||||||
+ REQUIRE_ARG(optstate->option,optstate->value);
|
|
||||||
+ renegotiationsToDo = atoi(optstate->value);
|
|
||||||
+ break;
|
|
||||||
+
|
|
||||||
+ case 'w':
|
|
||||||
+ REQUIRE_ARG(optstate->option,optstate->value);
|
|
||||||
+ pwdata.source = PW_PLAINTEXT;
|
|
||||||
+ pwdata.data = PORT_Strdup(optstate->value);
|
|
||||||
+ break;
|
|
||||||
+
|
|
||||||
+ case 'W':
|
|
||||||
+ REQUIRE_ARG(optstate->option,optstate->value);
|
|
||||||
+ pwdata.source = PW_FROMFILE;
|
|
||||||
+ pwdata.data = PORT_Strdup(optstate->value);
|
|
||||||
+ break;
|
|
||||||
|
|
||||||
case 'x': useExportPolicy = 1; break;
|
|
||||||
|
|
||||||
Index: ./mozilla/security/nss/cmd/vfychain/vfychain.c
|
|
||||||
===================================================================
|
|
||||||
RCS file: /cvsroot/mozilla/security/nss/cmd/vfychain/vfychain.c,v
|
|
||||||
retrieving revision 1.30
|
|
||||||
diff -u -p -r1.30 vfychain.c
|
|
||||||
--- ./mozilla/security/nss/cmd/vfychain/vfychain.c 1 Apr 2009 20:41:29 -0000 1.30
|
|
||||||
+++ ./mozilla/security/nss/cmd/vfychain/vfychain.c 2 Mar 2010 18:29:52 -0000
|
|
||||||
@@ -432,6 +432,15 @@ isOCSPEnabled()
|
|
||||||
return PR_FALSE;
|
|
||||||
}
|
|
||||||
|
|
||||||
+static void
|
|
||||||
+PrintMsgAndExit(const char *progName, char opt)
|
|
||||||
+{
|
|
||||||
+ fprintf(stderr, "%s: option -%c requires argument\n", progName, opt);
|
|
||||||
+ Usage(progName);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+#define REQUIRE_ARG(opt,value) if (!(value)) PrintMsgAndExit(progName, opt)
|
|
||||||
+
|
|
||||||
int
|
|
||||||
main(int argc, char *argv[], char *envp[])
|
|
||||||
{
|
|
||||||
@@ -469,12 +478,19 @@ main(int argc, char *argv[], char *envp[
|
|
||||||
switch(optstate->option) {
|
|
||||||
case 0 : /* positional parameter */ goto breakout;
|
|
||||||
case 'a' : isAscii = PR_TRUE; break;
|
|
||||||
- case 'b' : secStatus = DER_AsciiToTime(&time, optstate->value);
|
|
||||||
- if (secStatus != SECSuccess) Usage(progName); break;
|
|
||||||
- case 'd' : certDir = PL_strdup(optstate->value); break;
|
|
||||||
+ case 'b' :
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
+ secStatus = DER_AsciiToTime(&time, optstate->value);
|
|
||||||
+ if (secStatus != SECSuccess) Usage(progName);
|
|
||||||
+ break;
|
|
||||||
+ case 'd' :
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
+ certDir = PL_strdup(optstate->value);
|
|
||||||
+ break;
|
|
||||||
case 'e' : ocsp_fetchingFailureIsAFailure = PR_FALSE; break;
|
|
||||||
case 'f' : certFetching = PR_TRUE; break;
|
|
||||||
case 'g' :
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
if (revMethodsData[revDataIndex].testTypeStr ||
|
|
||||||
revMethodsData[revDataIndex].methodTypeStr) {
|
|
||||||
revDataIndex += 1;
|
|
||||||
@@ -489,11 +505,13 @@ main(int argc, char *argv[], char *envp[
|
|
||||||
revMethodsData[revDataIndex].
|
|
||||||
testTypeStr = PL_strdup(optstate->value); break;
|
|
||||||
case 'h' :
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
revMethodsData[revDataIndex].
|
|
||||||
testFlagsStr = PL_strdup(optstate->value);break;
|
|
||||||
case 'i' : vfyCounts = PORT_Atoi(optstate->value); break;
|
|
||||||
break;
|
|
||||||
case 'm' :
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
if (revMethodsData[revDataIndex].methodTypeStr) {
|
|
||||||
revDataIndex += 1;
|
|
||||||
if (revDataIndex == REV_METHOD_INDEX_MAX) {
|
|
||||||
@@ -506,24 +524,33 @@ main(int argc, char *argv[], char *envp[
|
|
||||||
useDefaultRevFlags = PR_FALSE;
|
|
||||||
revMethodsData[revDataIndex].
|
|
||||||
methodTypeStr = PL_strdup(optstate->value); break;
|
|
||||||
- case 'o' : oidStr = PL_strdup(optstate->value); break;
|
|
||||||
+ case 'o' :
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
+ oidStr = PL_strdup(optstate->value);
|
|
||||||
+ break;
|
|
||||||
case 'p' : usePkix += 1; break;
|
|
||||||
case 'r' : isAscii = PR_FALSE; break;
|
|
||||||
case 's' :
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
revMethodsData[revDataIndex].
|
|
||||||
- methodFlagsStr = PL_strdup(optstate->value); break;
|
|
||||||
+ methodFlagsStr = PL_strdup(optstate->value);
|
|
||||||
+ break;
|
|
||||||
case 't' : trusted = PR_TRUE; break;
|
|
||||||
- case 'u' : usage = PORT_Atoi(optstate->value);
|
|
||||||
+ case 'u' :
|
|
||||||
+ REQUIRE_ARG(optstate->option,optstate->value);
|
|
||||||
+ usage = PORT_Atoi(optstate->value);
|
|
||||||
if (usage < 0 || usage > 62) Usage(progName);
|
|
||||||
certUsage = ((SECCertificateUsage)1) << usage;
|
|
||||||
if (certUsage > certificateUsageHighest) Usage(progName);
|
|
||||||
break;
|
|
||||||
case 'w':
|
|
||||||
+ REQUIRE_ARG(optstate->option,optstate->value);
|
|
||||||
pwdata.source = PW_PLAINTEXT;
|
|
||||||
pwdata.data = PORT_Strdup(optstate->value);
|
|
||||||
break;
|
|
||||||
|
|
||||||
case 'W':
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
pwdata.source = PW_FROMFILE;
|
|
||||||
pwdata.data = PORT_Strdup(optstate->value);
|
|
||||||
break;
|
|
||||||
Index: ./mozilla/security/nss/cmd/vfyserv/vfyserv.c
|
|
||||||
===================================================================
|
|
||||||
RCS file: /cvsroot/mozilla/security/nss/cmd/vfyserv/vfyserv.c,v
|
|
||||||
retrieving revision 1.17
|
|
||||||
diff -u -p -r1.17 vfyserv.c
|
|
||||||
--- ./mozilla/security/nss/cmd/vfyserv/vfyserv.c 8 Aug 2008 23:48:12 -0000 1.17
|
|
||||||
+++ ./mozilla/security/nss/cmd/vfyserv/vfyserv.c 2 Mar 2010 18:29:52 -0000
|
|
||||||
@@ -419,6 +419,15 @@ client_main(unsigned short port,
|
|
||||||
Usage(progName); \
|
|
||||||
}
|
|
||||||
|
|
||||||
+static void
|
|
||||||
+PrintMsgAndExit(const char *progName, char opt)
|
|
||||||
+{
|
|
||||||
+ fprintf(stderr, "%s: option -%c requires argument\n", progName, opt);
|
|
||||||
+ Usage(progName);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+#define REQUIRE_ARG(opt,value) if (!(value)) PrintMsgAndExit(progName, opt)
|
|
||||||
+
|
|
||||||
int
|
|
||||||
main(int argc, char **argv)
|
|
||||||
{
|
|
||||||
@@ -442,23 +451,43 @@ main(int argc, char **argv)
|
|
||||||
optstate = PL_CreateOptState(argc, argv, "C:cd:f:l:n:p:ot:w:");
|
|
||||||
while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
|
|
||||||
switch(optstate->option) {
|
|
||||||
- case 'C' : cipherString = PL_strdup(optstate->value); break;
|
|
||||||
- case 'c' : dumpChain = PR_TRUE; break;
|
|
||||||
- case 'd' : certDir = PL_strdup(optstate->value); break;
|
|
||||||
- case 'l' : respUrl = PL_strdup(optstate->value); break;
|
|
||||||
- case 'p' : port = PORT_Atoi(optstate->value); break;
|
|
||||||
- case 'o' : doOcspCheck = PR_TRUE; break;
|
|
||||||
- case 't' : respCertName = PL_strdup(optstate->value); break;
|
|
||||||
- case 'w':
|
|
||||||
+ case 'C' :
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
+ cipherString = PL_strdup(optstate->value);
|
|
||||||
+ break;
|
|
||||||
+ case 'c' : dumpChain = PR_TRUE;
|
|
||||||
+ break;
|
|
||||||
+ case 'd' :
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
+ certDir = PL_strdup(optstate->value);
|
|
||||||
+ break;
|
|
||||||
+ case 'l' :
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
+ respUrl = PL_strdup(optstate->value);
|
|
||||||
+ break;
|
|
||||||
+ case 'p' :
|
|
||||||
+ REQUIRE_ARG(optstate->option,optstate->value);
|
|
||||||
+ port = PORT_Atoi(optstate->value);
|
|
||||||
+ break;
|
|
||||||
+ case 'o' : doOcspCheck = PR_TRUE;
|
|
||||||
+ break;
|
|
||||||
+ case 't' :
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
+ respCertName = PL_strdup(optstate->value);
|
|
||||||
+ break;
|
|
||||||
+ case 'w' :
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
pwdata.source = PW_PLAINTEXT;
|
|
||||||
pwdata.data = PORT_Strdup(optstate->value);
|
|
||||||
break;
|
|
||||||
-
|
|
||||||
case 'f':
|
|
||||||
+ REQUIRE_ARG(optstate->option, optstate->value);
|
|
||||||
pwdata.source = PW_FROMFILE;
|
|
||||||
pwdata.data = PORT_Strdup(optstate->value);
|
|
||||||
break;
|
|
||||||
- case '\0': hostName = PL_strdup(optstate->value); break;
|
|
||||||
+ case '\0':
|
|
||||||
+ REQUIRE_ARG(optstate->option,optstate->value);
|
|
||||||
+ hostName = PL_strdup(optstate->value); break;
|
|
||||||
default : Usage(progName);
|
|
||||||
}
|
|
||||||
}
|
|
Loading…
Reference in New Issue
Block a user