rpms/nss/devel PayPalEE.cert, NONE, 1.1 PayPalICA.cert, NONE, 1.1 nss-bug488646.patch, NONE, 1.1 nss.spec, 1.70, 1.71

Kai Engert kengert at fedoraproject.org
Fri May 8 20:07:44 UTC 2009 

Author: kengert

Update of /cvs/extras/rpms/nss/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv21718

Modified Files:
	nss.spec 
Added Files:
	PayPalEE.cert PayPalICA.cert nss-bug488646.patch 
Log Message:
* Thu May 07 2009 Kai Engert <kaie at redhat.com> - 3.12.3-7
- re-enable test suite
- add patch for upstream bug 488646 and add newer paypal
  certs in order to make the test suite pass



--- NEW FILE PayPalEE.cert ---
0‚Ç0‚¯ _M¸
	*†H†÷

VeriSign, Inc.10UVeriSign Trust Network1;09U2Terms of use at https://www.verisign.com/rpa (c)061402U+VeriSign Class 3 Extended Validation SSL CA0
090428000000Z
100401235959Z0‚10+‚7<US10+‚7<Delaware10UV1.0, Clause 5.(b)10U301426710	UUS10U
95131-202110U
California10USan Jose10U	
2211 N 1st St10U
PayPal, Inc.10UInformation Systems10Uwww.paypal.com0Ÿ0
	*†H†÷

	*†H†÷


--- NEW FILE PayPalICA.cert ---
0‚ä0‚Ì [wYÆ„á^Ç'À2•)(k0
	*†H†÷

VeriSign, Inc.10UVeriSign Trust Network1:08U1(c) 2006 VeriSign, Inc. - For authorized use only1E0CU<VeriSign Class 3 Public Primary Certification Authority - G50
061108000000Z
161107235959Z0º10	UUS10U
VeriSign, Inc.10UVeriSign Trust Network1;09U2Terms of use at https://www.verisign.com/rpa (c)061402U+VeriSign Class 3 Extended Validation SSL CA0‚"0
	*†H†÷

‚
	*†H†÷

yqŸfÈ8Ï¶¹sFäÓ”Áå`µ%u-Ùi1ì͖ãvýètD¬¹M¿Qè¹ÔDN'Ë® Ñ~*|¶cGžvº—Ðçlm÷Co3)0wúùõN¸v³Í´ù ï=ÛæÊ­›ÐNÒ‡©
¦DsPÝp[í­~J¼"Õ¨&äÂ… 
Ù
nss-bug488646.patch:

--- NEW FILE nss-bug488646.patch ---
diff -up ./mozilla/security/nss/tests/chains/chains.sh.bug488646 ./mozilla/security/nss/tests/chains/chains.sh
--- ./mozilla/security/nss/tests/chains/chains.sh.bug488646	2009-05-08 21:37:48.000000000 +0200
+++ ./mozilla/security/nss/tests/chains/chains.sh	2009-05-08 21:38:03.000000000 +0200
@@ -695,6 +695,37 @@ verify_cert()
     fi
 }
 
+
+check_ocsp()
+{
+    OCSP_CERT=$1
+
+    CERT_NICK=`echo ${OCSP_CERT} | cut -d: -f1`
+    CERT_ISSUER=`echo ${OCSP_CERT} | cut -d: -f2`
+
+    if [ "${CERT_ISSUER}" = "x" ]; then
+        CERT_ISSUER=
+        CERT=${CERT_NICK}.cert
+        CERT_FILE="${QADIR}/libpkix/certs/${CERT}"
+    else
+        CERT=${CERT_NICK}${CERT_ISSUER}.der
+        CERT_FILE=${CERT}
+    fi
+
+    OCSP_HOST=$(${BINDIR}/pp -t certificate -i ${CERT_FILE} | grep URI | sed "s/.*:\/\///" | sed "s/:.*//")
+
+    if [ "${OS_ARCH}" = "WINNT" ]; then
+        ping -n 1 ${OCSP_HOST}
+        return $?
+    elif [ "${OS_ARCH}" = "HP-UX" ]; then
+        ping ${OCSP_HOST} -c 1
+        return $?
+    else
+        ping -c 1 ${OCSP_HOST}
+        return $?
+    fi
+}
+
 ############################ parse_result ##############################
 # local shell function to process expected result value
 # this function was created for case that expected result depends on
@@ -865,6 +896,13 @@ parse_config()
         "break")
             break
             ;;
+        "check_ocsp")
+            check_ocsp ${VALUE}
+            if [ $? -ne 0 ]; then
+                echo "OCSP server not accessible, skipping OCSP tests"
+                break;
+            fi
+            ;;
         "")
             if [ -n "${ENTITY}" ]; then
                 if [ -z "${DB}" ]; then
diff -up ./mozilla/security/nss/tests/chains/scenarios/ocsp.cfg.bug488646 ./mozilla/security/nss/tests/chains/scenarios/ocsp.cfg
--- ./mozilla/security/nss/tests/chains/scenarios/ocsp.cfg.bug488646	2009-05-08 21:37:58.000000000 +0200
+++ ./mozilla/security/nss/tests/chains/scenarios/ocsp.cfg	2009-05-08 21:38:03.000000000 +0200
@@ -1,5 +1,7 @@
 scenario OCSP
 
+check_ocsp OCSPEE11:x
+
 db OCSPRoot
 import OCSPRoot:x:CT,C,C
 


Index: nss.spec
===================================================================
RCS file: /cvs/extras/rpms/nss/devel/nss.spec,v
retrieving revision 1.70
retrieving revision 1.71
diff -u -p -r1.70 -r1.71
--- nss.spec	7 May 2009 20:26:11 -0000	1.70
+++ nss.spec	8 May 2009 20:07:13 -0000	1.71
@@ -4,7 +4,7 @@
 Summary:          Network Security Services
 Name:             nss
 Version:          3.12.3
-Release:          6%{?dist}
+Release:          7%{?dist}
 License:          MPLv1.1 or GPLv2+ or LGPLv2+
 URL:              http://www.mozilla.org/projects/security/pki/nss/
 Group:            System Environment/Libraries
@@ -29,6 +29,8 @@ Source4:          blank-key3.db
 Source5:          blank-secmod.db
 Source8:          nss-prelink.conf
 Source12:         %{name}-pem-20080124.tar.bz2
+Source13:         PayPalEE.cert
+Source14:         PayPalICA.cert
 
 Patch1:           nss-no-rpath.patch
 Patch2:           nss-nolocalsql.patch
@@ -37,6 +39,7 @@ Patch5:           nss-pem-bug429175.patc
 Patch6:           nss-enable-pem.patch
 Patch7:           nss-disable-freebl-execstack.patch
 Patch8:           nss-freebl-kernelfipsmode
+Patch9:           nss-bug488646.patch
 
 %description
 Network Security Services (NSS) is a set of libraries designed to
@@ -110,6 +113,11 @@ low level services.
 %patch6 -p0 -b .libpem
 %patch7 -p1
 %patch8 -p1
+%patch9 -p1 -b .bug488646
+
+#need newer certs to make test suite work
+#remove once we update to NSS 3.12.4
+cp %{SOURCE13} %{SOURCE14} mozilla/security/nss/tests/libpkix/certs
 
 
 %build
@@ -476,8 +484,10 @@ done
 
 
 %changelog
-* Thu May 07 2009 Kai Engert <kaie at redhat.com> - 3.12.3-6
+* Thu May 07 2009 Kai Engert <kaie at redhat.com> - 3.12.3-7
 - re-enable test suite
+- add patch for upstream bug 488646 and add newer paypal
+  certs in order to make the test suite pass
 * Wed May 06 2009 Kai Engert <kaie at redhat.com> - 3.12.3-4
 - add conflicts info in order to fix bug 499436
 * Tue Apr 14 2009 Kai Engert <kaie at redhat.com> - 3.12.3-3

More information about the scm-commits mailing list