rpms/esc/devel esc-1.1.0-fix1.patch, NONE, 1.1 esc-1.1.0-fix2.patch, NONE, 1.1 esc-1.1.0-fix3.patch, NONE, 1.1 esc-1.1.0-fix4.patch, NONE, 1.1 esc-1.1.0-fix5.patch, NONE, 1.1 esc-1.1.0-fix6.patch, NONE, 1.1 esc-1.1.0-fix7.patch, NONE, 1.1 import.log, NONE, 1.1 .cvsignore, 1.4, 1.5 esc, 1.8, 1.9 esc.spec, 1.41, 1.42 sources, 1.5, 1.6 esc-1.0.1-admin-row-update.patch, 1.1, NONE esc-1.0.1-elif.patch, 1.1, NONE esc-1.0.1-lic-fix.patch, 1.1, NONE esc-1.0.1-log-fixes-1.patch, 1.1, NONE esc-1.0.1-log-fixes.patch, 1.1, NONE esc-1.0.1-nss-devel-fix.patch, 1.1, NONE esc-1.0.1-ui-fixes-1.patch, 1.1, NONE esc-1.0.1-xulrunner-sparc-fixes.patch, 1.1, NONE firefox-1.5-with-system-nss.patch, 1.1, NONE firefox.secalg.patch, 1.1, NONE
Jack Magne
jmagne at fedoraproject.org
Tue Sep 15 21:31:10 UTC 2009
Author: jmagne
Update of /cvs/pkgs/rpms/esc/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv23312/devel
Modified Files:
.cvsignore esc esc.spec sources
Added Files:
esc-1.1.0-fix1.patch esc-1.1.0-fix2.patch esc-1.1.0-fix3.patch
esc-1.1.0-fix4.patch esc-1.1.0-fix5.patch esc-1.1.0-fix6.patch
esc-1.1.0-fix7.patch import.log
Removed Files:
esc-1.0.1-admin-row-update.patch esc-1.0.1-elif.patch
esc-1.0.1-lic-fix.patch esc-1.0.1-log-fixes-1.patch
esc-1.0.1-log-fixes.patch esc-1.0.1-nss-devel-fix.patch
esc-1.0.1-ui-fixes-1.patch
esc-1.0.1-xulrunner-sparc-fixes.patch
firefox-1.5-with-system-nss.patch firefox.secalg.patch
Log Message:
Pick up latest improvements.
esc-1.1.0-fix1.patch:
Makefile.sdk | 12 ++++++++----
1 file changed, 8 insertions(+), 4 deletions(-)
--- NEW FILE esc-1.1.0-fix1.patch ---
--- ./esc/src/app/xpcom/tray/Makefile.sdk.fix1 2009-04-17 13:39:58.000000000 -0700
+++ ./esc/src/app/xpcom/tray/Makefile.sdk 2009-04-17 14:18:17.000000000 -0700
@@ -23,20 +23,20 @@
include $(CORE_DEPTH)/coreconf/rules.mk
ifeq ($(OS_ARCH),Linux)
-CXXFLAGS += $(MOZ_GTK_CFLAGS) $(MOZ_GTK2_CFLAGS) $(NOTIFY_CXX_FLAGS)
+CXXFLAGS += $(MOZ_GTK_CFLAGS) $(MOZ_GTK2_CFLAGS) $(NOTIFY_CXX_FLAGS) -fPIC
endif
# Change this to point at your Gecko SDK directory.
ifndef GECKO_SDK_PATH
-GECKO_SDK_PATH =/usr/lib/xulrunner-sdk-1.9pre/sdk
+GECKO_SDK_PATH =/usr/lib/xulrunner-sdk-1.9/sdk
endif
GECKO_SDK_INCLUDE_PATH=$(GECKO_SDK_PATH)/include
ifndef GECKO_INCLUDE_PATH
-GECKO_INCLUDE_PATH=/usr/include/xulrunner-sdk-1.9pre
+GECKO_INCLUDE_PATH=/usr/include/xulrunner-sdk-1.9
endif
ifndef GECKO_BIN_PATH
-GECKO_BIN_PATH=/usr/lib/xulrunner-1.9pre
+GECKO_BIN_PATH=/usr/lib/xulrunner-1.9
endif
ifeq ($(OS_ARCH),Darwin)
@@ -148,6 +148,10 @@
endif
+ifeq ($(OS_ARCH),Linux)
+GECKO_LD_LIBS= -L$(GECKO_SDK_PATH)/lib $(GECKO_SDK_PATH)/lib/libxpcomglue_s.a
+endif
+
# GCC only define which allows us to not have to #include mozilla-config
# in every .cpp file. If your not using GCC remove this line and add
esc-1.1.0-fix2.patch:
app/xul/esc/application.ini | 2 +-
app/xul/esc/chrome/content/esc/GenericAuth.xul | 2 +-
lib/coolkey/SmartCardMonitoringThread.cpp | 8 +++++++-
3 files changed, 9 insertions(+), 3 deletions(-)
--- NEW FILE esc-1.1.0-fix2.patch ---
--- ./esc/src/lib/coolkey/SmartCardMonitoringThread.cpp.fix2 2009-04-18 13:19:20.000000000 -0700
+++ ./esc/src/lib/coolkey/SmartCardMonitoringThread.cpp 2009-04-18 13:20:23.000000000 -0700
@@ -104,12 +104,16 @@
char tBuff[56];
PK11SlotInfo *slot;
+ #ifdef LINUX
+ sleep(3);
+ #endif
+
PR_LOG( coolKeyLogSC, PR_LOG_DEBUG,
("%s SmartCardMonitoringThread::Execute.\n",GetTStamp(tBuff,56)));
//
// populate token names for already inserted tokens.
//
- PK11SlotList *sl =
+ /* PK11SlotList *sl =
PK11_FindSlotsByNames(mModule->dllName, NULL, NULL, PR_TRUE);
PK11SlotListElement *sle;
@@ -123,6 +127,8 @@
PK11_FreeSlotList(sl);
}
+ */
+
// loop starts..
do {
--- ./esc/src/app/xul/esc/chrome/content/esc/GenericAuth.xul.fix2 2009-04-18 13:21:34.000000000 -0700
+++ ./esc/src/app/xul/esc/chrome/content/esc/GenericAuth.xul 2009-04-18 13:21:47.000000000 -0700
@@ -24,7 +24,7 @@
id="esc-window"
title="&genericAuthTitle;"
width="400"
- height="225"
+ height="240"
onload="UiLoad();"
onunload="UiUnload();"
xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
--- ./esc/src/app/xul/esc/application.ini.fix2 2009-04-18 13:20:51.000000000 -0700
+++ ./esc/src/app/xul/esc/application.ini 2009-04-18 13:21:02.000000000 -0700
@@ -25,7 +25,7 @@
Name=ESC
;
; This field specifies your application's version. This field is optional.
-Version=1.1.0-1
+Version=1.1.0-3
;
; This field specifies your application's build ID (timestamp). This field is
; required.
esc-1.1.0-fix3.patch:
application.ini | 2 +-
chrome/locale/en-US/esc.properties | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
--- NEW FILE esc-1.1.0-fix3.patch ---
--- ./esc/src/app/xul/esc/chrome/locale/en-US/esc.properties.fix3 2009-04-22 17:44:14.000000000 -0700
+++ ./esc/src/app/xul/esc/chrome/locale/en-US/esc.properties 2009-04-22 17:46:41.000000000 -0700
@@ -104,7 +104,7 @@
errorInvalidTokenTypeParams=The Smart Card Server cannot process the requested type of enrollment due to a misconfiguration.
errorCannotPublish=The Smart Card Server cannot publish your card's certificates to the certificate directory.
errorCommTokenDB=The Smart Card Server cannot connect to its internal database.
-errorTokenSuspended=Your smart card has been suspended.
+errorTokenSuspended=You are not allowed to perform this operation with this smart card.
errorPinResetable=You are not allowed to reset the password of this smart card.
errorConnLost=The Smart Card Manager has lost the connection to the Smart Card Server.
errorEntryTokenDB=The Smart Card Server cannot add your smart card to its internal database.
--- ./esc/src/app/xul/esc/application.ini.fix3 2009-04-22 17:38:49.000000000 -0700
+++ ./esc/src/app/xul/esc/application.ini 2009-04-22 17:39:14.000000000 -0700
@@ -25,7 +25,7 @@
Name=ESC
;
; This field specifies your application's version. This field is optional.
-Version=1.1.0-3
+Version=1.1.0-5
;
; This field specifies your application's build ID (timestamp). This field is
; required.
esc-1.1.0-fix4.patch:
app/xul/esc/application.ini | 2 +-
lib/coolkey/manifest.mn | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
--- NEW FILE esc-1.1.0-fix4.patch ---
--- ./esc/src/lib/coolkey/manifest.mn.fix4 2009-04-23 14:13:21.000000000 -0700
+++ ./esc/src/lib/coolkey/manifest.mn 2009-04-23 14:15:00.000000000 -0700
@@ -27,7 +27,7 @@
ifndef MOZ_OFFSET
MOZ_OFFSET = mozilla-1.7.13
endif
-DEFINES += -I$(CORE_DEPTH)/esc/app/xpcom -I$(SYS_INC)/nspr4 -I$(SYS_INC)/nss3 -I$(SYS_INC)/PCSC -I$(SYS_INC)/$(MOZ_OFFSET)/nspr -I$(SYS_INC)/$(MOZ_OFFSET)/nss -I$(XULRUNNER_BASE)/dist/public/nss -I$(XULRUNNER_BASE)/dist/include/nspr -I$(GECKO_SDK_PATH)/include/nspr -I$(GECKO_SDK_PATH)/include/nss
+DEFINES += -I$(CORE_DEPTH)/esc/app/xpcom -I$(SYS_INC)/nspr4 -I$(SYS_INC)/nss3 -I$(SYS_INC)/PCSC -I$(SYS_INC)/$(MOZ_OFFSET)/nspr -I$(SYS_INC)/$(MOZ_OFFSET)/nss -I$(XULRUNNER_BASE)/dist/public/nss -I$(XULRUNNER_BASE)/dist/include/nspr -I$(GECKO_SDK_PATH)/include/nspr -I$(GECKO_SDK_PATH)/include/nss -fno-strict-aliasing
MAPFILE = $(OBJDIR)/ckymanager.def
#EXTRA_LIBS += -L$(DIST)/lib -lckyapplet
--- ./esc/src/app/xul/esc/application.ini.fix4 2009-04-23 14:12:52.000000000 -0700
+++ ./esc/src/app/xul/esc/application.ini 2009-04-23 14:13:01.000000000 -0700
@@ -25,7 +25,7 @@
Name=ESC
;
; This field specifies your application's version. This field is optional.
-Version=1.1.0-5
+Version=1.1.0-6
;
; This field specifies your application's build ID (timestamp). This field is
; required.
esc-1.1.0-fix5.patch:
src/app/xul/esc/application.ini | 2
src/app/xul/esc/chrome/content/esc/ESC.js | 5 +
src/app/xul/esc/chrome/content/esc/certManager.xul | 1
src/app/xul/esc/chrome/content/esc/password.xul | 1
src/lib/coolkey/SmartCardMonitoringThread.cpp | 2
win32/build.sh | 13 ++++-
win32/setup.iss | 54 ++++++++-------------
7 files changed, 39 insertions(+), 39 deletions(-)
--- NEW FILE esc-1.1.0-fix5.patch ---
--- ./esc/src/lib/coolkey/SmartCardMonitoringThread.cpp.fix5 2009-06-08 14:14:44.000000000 -0700
+++ ./esc/src/lib/coolkey/SmartCardMonitoringThread.cpp 2009-06-08 14:15:03.000000000 -0700
@@ -159,7 +159,7 @@
/* if we think we have a token, but it's not the right one, or it's
* not there, then send a removal event */
- if (info && (!isPresent || (info->mSeries != PK11_GetSlotSeries(slot))) ) {
+ if (info && !isPresent) {
PR_LOG( coolKeyLogSC, PR_LOG_DEBUG,
("%s SmartCardMonitoringThread::Execute Token Removed : \n",GetTStamp(tBuff,56)));
--- ./esc/src/app/xul/esc/chrome/content/esc/certManager.xul.fix5 2009-06-08 13:46:19.000000000 -0700
+++ ./esc/src/app/xul/esc/chrome/content/esc/certManager.xul 2009-06-08 13:46:33.000000000 -0700
@@ -59,7 +59,6 @@
<script type="application/x-javascript" src="chrome://global/content/strres.js"/>
<script type="application/x-javascript" src="chrome://pippki/content/pippki.js"/>
<script type="application/x-javascript" src="chrome://pippki/content/certManager.js"/>
- <script type="application/x-javascript" src="escCertManager.js"/>
<vbox flex="1">
<tabbox id="certmanagertabs" flex="1" style="margin:5px">
--- ./esc/src/app/xul/esc/chrome/content/esc/password.xul.fix5 2009-06-08 14:04:16.000000000 -0700
+++ ./esc/src/app/xul/esc/chrome/content/esc/password.xul 2009-06-08 14:04:29.000000000 -0700
@@ -23,7 +23,6 @@
id="esc-window"
title="&getESCPassword;"
onload="PasswordLoad();"
- onunload="cleanup();"
xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
<stringbundle id="esc_strings" src="chrome://esc/locale/esc.properties"/>
--- ./esc/src/app/xul/esc/chrome/content/esc/ESC.js.fix5 2009-06-08 14:02:26.000000000 -0700
+++ ./esc/src/app/xul/esc/chrome/content/esc/ESC.js 2009-06-08 14:03:46.000000000 -0700
@@ -522,7 +522,10 @@
if(!string_id || !gStringBundle)
return null;
- str = gStringBundle.getString(string_id);
+ try {
+ str = gStringBundle.getString(string_id);
+ } catch(e) {
+ }
return str;
}
--- ./esc/src/app/xul/esc/application.ini.fix5 2009-06-08 13:44:59.000000000 -0700
+++ ./esc/src/app/xul/esc/application.ini 2009-06-08 13:45:15.000000000 -0700
@@ -25,7 +25,7 @@
Name=ESC
;
; This field specifies your application's version. This field is optional.
-Version=1.1.0-6
+Version=1.1.0-7
;
; This field specifies your application's build ID (timestamp). This field is
; required.
--- ./esc/win32/setup.iss.fix5 2009-06-08 14:16:04.000000000 -0700
+++ ./esc/win32/setup.iss 2009-06-08 14:16:26.000000000 -0700
@@ -4,43 +4,31 @@
[Setup]
AppName=Smart Card Manager
AppMutex=ESCMutex
-AppVerName=Smart Card Manager 1.1.0-3
-AppPublisher=Red Hat, Inc.
+AppVerName=Smart Card Manager 1.1.0-6
+AppPublisher=Fedora
CreateAppDir=true
Compression=lzma
SolidCompression=true
MinVersion=0,5.0.2195
ShowLanguageDialog=yes
-OutputBaseFilename=SmartCardManagerSetup-1.1.0-3.win32.i386
-DefaultDirName={pf}\Red Hat\ESC
+OutputBaseFilename=SmartCardManagerSetup-1.1.0-6.win32.i386
+DefaultDirName={pf}\Fedora\ESC
DisableProgramGroupPage=false
-DefaultGroupName=Red Hat
+DefaultGroupName=Fedora
SetupIconFile=BUILD\ESC\components\esc.ico
UninstallDisplayIcon={app}\components\esc.ico
-WizardImageFile=BUILD\ESC\chrome\content\esc\esc-image-large.bmp
+;WizardImageFile=BUILD\ESC\chrome\content\esc\esc-image-large.bmp
+WizardImageFile=esc-image-large.bmp
WizardSmallImageFile=BUILD\ESC\components\esc.bmp
AllowNoIcons=yes
LicenseFile=esc-license.txt
InfoBeforeFile=info-before.txt
InfoAfterFile=info-after.txt
PrivilegesRequired=admin
-VersionInfoVersion=1.1.0.3
+VersionInfoVersion=1.1.0.6
[Files]
-Source: BUILD\egate\slbmgpg.dll; DestDir: {win}\egate2.4; Flags: uninsneveruninstall
-Source: BUILD\egate\egate.cat; DestDir: {win}\egate2.4; Flags: uninsneveruninstall
-Source: BUILD\egate\egate.inf; DestDir: {win}\egate2.4; Flags: uninsneveruninstall
-Source: BUILD\egate\egate.sys; DestDir: {win}\egate2.4; Flags: uninsneveruninstall
-Source: BUILD\egate\egate_License.txt; DestDir: {win}\egate2.4; Flags: uninsneveruninstall
-Source: BUILD\egate\egatebus.cat; DestDir: {win}\egate2.4; Flags: uninsneveruninstall
-Source: BUILD\egate\egatebus.inf; DestDir: {win}\egate2.4; Flags: uninsneveruninstall
-Source: BUILD\egate\egatebus.sys; DestDir: {win}\egate2.4; Flags: uninsneveruninstall
-Source: BUILD\egate\egaterdr.cat; DestDir: {win}\egate2.4; Flags: uninsneveruninstall
-Source: BUILD\egate\egaterdr.inf; DestDir: {win}\egate2.4; Flags: uninsneveruninstall
-Source: BUILD\egate\egaterdr.sys; DestDir: {win}\egate2.4; Flags: uninsneveruninstall
-Source: BUILD\egate\egdrvins1.dll; DestDir: {win}\egate2.4; Flags: uninsneveruninstall
-Source: BUILD\egate\eginstall.exe; DestDir: {win}\egate2.4; Flags: ignoreversion
Source: BUILD\clkcsp.dll; DestDir: {sys}; Flags: regserver restartreplace
Source: BUILD\cspres.dll; DestDir: {sys}; Flags: restartreplace
Source: BUILD\pk11install.exe; DestDir: {app}\PKCS11
@@ -73,7 +61,6 @@
Source: BUILD\ESC\application.ini; DestDir: {app}
Source: BUILD\ESC\chrome\chrome.manifest; DestDir: {app}\chrome
Source: BUILD\ESC\chrome\content\esc\TRAY.js; DestDir: {app}\chrome\content\esc
-Source: BUILD\ESC\chrome\content\esc\CertInfo.js; DestDir: {app}\chrome\content\esc
;Source: BUILD\ESC\chrome\content\esc\certinfo.xul; DestDir: {app}\chrome\content\esc
Source: BUILD\ESC\chrome\content\esc\config.xul; DestDir: {app}\chrome\content\esc
Source: BUILD\ESC\chrome\content\esc\contents.rdf; DestDir: {app}\chrome\content\esc
@@ -110,19 +97,18 @@
Source: BUILD\ESC\xulrunner\mozctl.dll; DestDir: {app}\xulrunner
Source: BUILD\ESC\xulrunner\mozctlx.dll; DestDir: {app}\xulrunner
Source: BUILD\ESC\xulrunner\nspr4.dll; DestDir: {app}\xulrunner
-Source: BUILD\ESC\xulrunner\nspr4.dll; DestDir: {app}\PKCS11
+Source: BUILD\libnspr4.dll; DestDir: {app}\PKCS11
Source: BUILD\ESC\xulrunner\nss3.dll; DestDir: {app}\xulrunner
-Source: BUILD\ESC\xulrunner\nss3.dll; DestDir: {app}\PKCS11
Source: BUILD\ESC\xulrunner\nssckbi.dll; DestDir: {app}\xulrunner
Source: BUILD\ESC\xulrunner\plc4.dll; DestDir: {app}\xulrunner
-Source: BUILD\ESC\xulrunner\plc4.dll; DestDir: {app}\PKCS11
+Source: BUILD\libplc4.dll; DestDir: {app}\PKCS11
Source: BUILD\ESC\xulrunner\plds4.dll; DestDir: {app}\xulrunner
-Source: BUILD\ESC\xulrunner\plds4.dll; DestDir: {app}\PKCS11
+Source: BUILD\libplds4.dll; DestDir: {app}\PKCS11
Source: BUILD\ESC\xulrunner\README.txt; DestDir: {app}\xulrunner
Source: BUILD\ESC\xulrunner\smime3.dll; DestDir: {app}\xulrunner
Source: BUILD\ESC\xulrunner\softokn3.chk; DestDir: {app}\xulrunner
Source: BUILD\ESC\xulrunner\softokn3.dll; DestDir: {app}\xulrunner
-Source: BUILD\ESC\xulrunner\softokn3.dll; DestDir: {app}\PKCS11
+Source: BUILD\softokn3.dll; DestDir: {app}\PKCS11
Source: BUILD\ESC\xulrunner\ssl3.dll; DestDir: {app}\xulrunner
Source: BUILD\ESC\xulrunner\updater.exe; DestDir: {app}\xulrunner
Source: BUILD\ESC\xulrunner\xpcom.dll; DestDir: {app}\xulrunner
@@ -413,9 +399,6 @@
Source: BUILD\ESC\xulrunner\res\fonts\mathfontSTIXSize1.properties; DestDir: {app}\xulrunner\res\fonts
Source: BUILD\ESC\xulrunner\res\html\folder.png; DestDir: {app}\xulrunner\res\html
Source: BUILD\ESC\xulrunner\defaults\profile\localstore.rdf; DestDir: {app}\xulrunner\defaults\profile
-Source: BUILD\ESC\xulrunner\sqlite3.dll; DestDir: {app}\PKCS11
-Source: BUILD\ESC\xulrunner\mozcrt19.dll; DestDir: {app}\PKCS11
-Source: BUILD\ESC\xulrunner\nssutil3.dll; DestDir: {app}\PKCS11
Source: BUILD\ESC\xulrunner\dictionaries\en-US.aff; DestDir: {app}\dictionaries
Source: BUILD\ESC\xulrunner\dictionaries\en-US.dic; DestDir: {app}\dictionaries
Source: BUILD\ESC\xulrunner\modules\XPCOMUtils.jsm; DestDir: {app}\modules
@@ -429,7 +412,6 @@
[Run]
-Filename: {win}\egate2.4\eginstall.exe; Parameters: -f -l eginstall.txt; WorkingDir: {win}\egate2.4; Flags: waituntilterminated; StatusMsg: Installing smart card drivers....
Filename: {app}\PKCS11\pk11install.exe; Parameters: "-v ""name='CoolKey Module' library=coolkeypk11.dll NSS=""slotParams={{0x1=[slotFlags=PublicCerts]}"""""; WorkingDir: {sys}; StatusMsg: Configuring System for smart cards...
Filename: {app}\xulrunner\xulrunner.exe; Parameters: """--register-global"""
Filename: {app}\esc.exe; WorkingDir: {app}; StatusMsg: {code:GetEscStatusMsg}; Flags: nowait
@@ -450,12 +432,18 @@
Root: HKLM; Subkey: Software\Microsoft\Cryptography\Calais\SmartCards\Axalto Developer; ValueType: binary; ValueName: ATR; ValueData: 3b 75 94 00 00 62 02 02 00 00
; Now register the Gemalto 64K V2
-Root: HKLM; Subkey: Software\Microsoft\Cryptography\Calais\SmartCards\Gemalto 64K V2; ValueType: binary; ValueName: ATRMask: ValueData: ff ff ff ff ff ff ff ff ff ff; Flags: uninsdeletekey
+Root: HKLM; Subkey: Software\Microsoft\Cryptography\Calais\SmartCards\Gemalto 64K V2; ValueType: binary; ValueName: ATRMask; ValueData: ff ff 00 ff 00 ff ff ff 00 00; Flags: uninsdeletekey
-Root: HKLM; Subkey: Software\Microsoft\Cryptography\Calais\SmartCards\Gemalto 64 V2: ValueType: string; ValueName: Crypto Provider; ValueData: CoolKey PKCS #11 CSP
+Root: HKLM; Subkey: Software\Microsoft\Cryptography\Calais\SmartCards\Gemalto 64K V2; ValueType: string; ValueName: Crypto Provider; ValueData: CoolKey PKCS #11 CSP
-Root: HKLM; Subkey: Software\Microsoft\Cryptography\Calais\SmartCards\Gemalto 64 V2: ValueType: binary; ValueName: ATR; ValueData: 3b 95 95 40 ff ae 01 03 00 00
+Root: HKLM; Subkey: Software\Microsoft\Cryptography\Calais\SmartCards\Gemalto 64K V2; ValueType: binary; ValueName: ATR; ValueData: 3b 95 00 40 00 ae 01 03 00 00
+; Now register the Safenet 330J
+Root: HKLM; Subkey: Software\Microsoft\Cryptography\Calais\SmartCards\Safenet 330J; ValueType: binary; ValueName: ATRMask; ValueData: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00 00; Flags: uninsdeletekey
+
+Root: HKLM; Subkey: Software\Microsoft\Cryptography\Calais\SmartCards\Safenet 330J; ValueType: string; ValueName: Crypto Provider; ValueData: CoolKey PKCS #11 CSP
+
+Root: HKLM; Subkey: Software\Microsoft\Cryptography\Calais\SmartCards\Safenet 330J; ValueType: binary; ValueName: ATR; ValueData: 3b ec 00 ff 81 31 fe 45 a0 00 00 00 56 33 33 30 4a 33 06 00 00
Root: HKLM; Subkey: Software\
; Turn off the "pick a cert" dialog box
--- ./esc/win32/build.sh.fix5 2009-06-08 14:15:58.000000000 -0700
+++ ./esc/win32/build.sh 2009-06-08 14:16:33.000000000 -0700
@@ -37,6 +37,8 @@
NSS_ARCHIVE=$NSS_NAME-with-nspr-4.6.4
NSS_SOURCE_URL=https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_11_4_RTM/src/$NSS_ARCHIVE.tar.gz
+NSS_LIB_PATH=$NSS_NAME/mozilla/dist/WIN*/lib
+
#Inno installer values
#INNO_PATH="C:/Program Files/Inno Setup 5/ISCC.exe"
@@ -76,7 +78,7 @@
#ESC values
ESC_NAME=esc
-ESC_VERSION_NO=1.1.0-3
+ESC_VERSION_NO=1.1.0-6
#Cygwin values
@@ -462,6 +464,15 @@
cp esc-image-large.bmp BUILD/ESC/chrome/content/esc
+
+ #Transport the nss files needed for pk11install.exe
+
+ cp $NSS_LIB_PATH/softokn3.dll BUILD
+ cp $NSS_LIB_PATH/libplc4.dll BUILD
+ cp $NSS_LIB_PATH/libnspr4.dll BUILD
+ cp $NSS_LIB_PATH/libplds4.dll BUILD
+
+
# Build the INNO executable installer
"$INNO_PATH" setup.iss
esc-1.1.0-fix6.patch:
app/xpcom/Makefile.sdk | 4
app/xpcom/rhCoolKey.cpp | 255 ++++++++++++++++++++++++-
app/xpcom/rhCoolKey.h | 12 +
app/xpcom/rhICoolKey.idl | 2
app/xul/esc/chrome/content/esc/certManager.xul | 2
lib/NssHttpClient/engine.cpp | 77 ++++++-
lib/NssHttpClient/engine.h | 13 +
lib/NssHttpClient/manifest.mn | 2
lib/coolkey/CoolKey.cpp | 22 ++
lib/coolkey/CoolKey.h | 11 -
lib/coolkey/Makefile | 3
lib/coolkey/NSSManager.cpp | 87 ++++++++
lib/coolkey/NSSManager.h | 2
lib/coolkey/manifest.mn | 3
14 files changed, 468 insertions(+), 27 deletions(-)
--- NEW FILE esc-1.1.0-fix6.patch ---
--- ./esc/src/lib/NssHttpClient/engine.h.fix6 2009-06-19 16:07:39.000000000 -0700
+++ ./esc/src/lib/NssHttpClient/engine.h 2009-06-19 16:07:44.000000000 -0700
@@ -22,9 +22,17 @@
#include "response.h"
#include "request.h"
+struct BadCertData {
+ PRErrorCode error;
+ PRInt32 port;
+};
+
+typedef struct BadCertData BadCertData;
+
+
class __EXPORT Engine {
public:
- Engine() {};
+ Engine() { _certData = NULL; _sock=NULL;};
~Engine() {};
PRFileDesc *_doConnect(PRNetAddr *addr, PRBool SSLOn = PR_FALSE,
@@ -37,7 +45,8 @@
static PRIntervalTime globaltimeout;
PRFileDesc *_sock;
-
+ BadCertData *_certData;
+ BadCertData *getBadCertData() { return _certData;}
PRFileDesc *getSocket() { return _sock;}
bool connectionClosed ;
--- ./esc/src/lib/NssHttpClient/engine.cpp.fix6 2009-06-19 16:07:12.000000000 -0700
+++ ./esc/src/lib/NssHttpClient/engine.cpp 2009-06-19 16:07:29.000000000 -0700
@@ -16,6 +16,8 @@
* All rights reserved.
* END COPYRIGHT BLOCK **/
+#define FORCE_PR_LOG 1
+
#include <nspr.h>
#include "sslproto.h"
#include <prerror.h>
@@ -27,7 +29,7 @@
#include "certt.h"
#include "sslerr.h"
#include "secerr.h"
-
+#include "CoolKey.h"
#include "engine.h"
#include "http.h"
@@ -39,6 +41,9 @@
int cipherCount = 0;
int _doVerifyServerCert = 1;
+PRLogModuleInfo *httpEngineLog = PR_NewLogModule("coolKeyHttpEngine");
+
+
PRIntervalTime Engine::globaltimeout = PR_TicksPerSecond()*30;
/**
@@ -56,13 +61,26 @@
SECStatus secStatus = SECFailure;
PRErrorCode err;
+ char tBuff[56];
+
+ PR_LOG(httpEngineLog, PR_LOG_DEBUG,
+ ("%s myBadCertHandler enter. \n",GetTStamp(tBuff,56)));
+
/* log invalid cert here */
if ( !arg ) {
return secStatus;
}
- *(PRErrorCode *)arg = err = PORT_GetError();
+ err = PORT_GetError();
+
+ BadCertData *data = (BadCertData *) arg;
+ if(data) {
+ data->error = err;
+ }
+
+ PR_LOG(httpEngineLog, PR_LOG_DEBUG,
+ ("%s myBadCertHandler err: %d . \n",GetTStamp(tBuff,56),err));
/* If any of the cases in the switch are met, then we will proceed */
/* with the processing of the request anyway. Otherwise, the default */
@@ -91,6 +109,10 @@
break;
}
+ PR_LOG(httpEngineLog, PR_LOG_DEBUG,
+ ("%s myBadCertHandler status: %d . \n",GetTStamp(tBuff,56),secStatus));
+
+
return secStatus;
}
@@ -416,7 +438,6 @@
return;
}
-
void Engine::CloseConnection()
{
connectionClosed = true;
@@ -426,7 +447,14 @@
PR_Close(_sock);
_sock = NULL;
}
+
+ if(_certData)
+ {
+ delete _certData;
+ _certData = NULL;
+ }
}
+
/**
* Returns a file descriptor for I/O if the HTTP connection is successful
* @param addr PRnetAddr structure which points to the server to connect to
@@ -442,21 +470,19 @@
PRFileDesc *tcpsock = NULL;
PRFileDesc *sock = NULL;
connectionClosed = false;
+ _certData = new BadCertData();
tcpsock = PR_OpenTCPSocket(addr->raw.family);
-
if (!tcpsock) {
-
return NULL;
}
nodelay(tcpsock);
if (PR_TRUE == SSLOn) {
- sock=SSL_ImportFD(NULL, tcpsock);
-
+ sock=SSL_ImportFD(NULL, tcpsock);
if (!sock) {
//xxx log
if( tcpsock != NULL ) {
@@ -516,9 +542,23 @@
PRErrorCode errCode = 0;
- rv = SSL_BadCertHook( sock,
+ if(_certData) {
+ _certData->error = errCode;
+ _certData->port = PR_ntohs(PR_NetAddrInetPort(addr));
+ }
+
+ CoolKeyBadCertHandler overriddenHandler = CoolKeyGetBadCertHandler();
+
+ if(overriddenHandler) {
+ rv = SSL_BadCertHook( sock,
+ (SSLBadCertHandler)overriddenHandler,
+ (void *)_certData);
+ } else {
+ rv = SSL_BadCertHook( sock,
(SSLBadCertHandler)myBadCertHandler,
- &errCode );
+ (void *)_certData);
+ }
+
rv = SSL_SetURL( sock, serverName );
if (rv != SECSuccess ) {
@@ -536,8 +576,6 @@
sock = tcpsock;
}
-
-
if ( PR_Connect(sock, addr, timeout) == PR_FAILURE ) {
if( sock != NULL ) {
@@ -563,11 +601,17 @@
const PSHttpServer& server,
int timeout, PRBool expectChunked ,PRBool processStreamed) {
PRNetAddr addr;
- PRFileDesc *sock = NULL;
PSHttpResponse *resp = NULL;
PRBool response_code = 0;
+ char tBuff[56];
+
+ PR_LOG(httpEngineLog, PR_LOG_DEBUG,
+ ("%s HttpEngine::makeRequest enter. \n",GetTStamp(tBuff,56)));
+
+
+
server.getAddr(&addr);
char *nickName = request.getCertNickName();
@@ -575,8 +619,17 @@
char *serverName = (char *)server.getAddr();
_sock = _doConnect( &addr, request.isSSL(), 0, 0,nickName, 0, serverName );
+ PR_LOG(httpEngineLog, PR_LOG_DEBUG,
+ ("%s HttpEngine::makeRequest past doConnect sock: %p. \n",
+ GetTStamp(tBuff,56),_sock));
+
if ( _sock != NULL) {
PRBool status = request.send( _sock );
+
+ PR_LOG(httpEngineLog, PR_LOG_DEBUG,
+ ("%s HttpEngine::makeRequest past request.send status: %d. \n",
+ GetTStamp(tBuff,56),status));
+
if ( status ) {
resp = new PSHttpResponse( _sock, &request, timeout, expectChunked ,this);
response_code = resp->processResponse(processStreamed);
--- ./esc/src/lib/NssHttpClient/manifest.mn.fix6 2009-06-19 16:08:05.000000000 -0700
+++ ./esc/src/lib/NssHttpClient/manifest.mn 2009-06-19 16:08:13.000000000 -0700
@@ -24,7 +24,7 @@
MODULE = httpchunked
LIBRARY_NAME = $(MODULE)
SHARED_NAME = $(MODULE)
-REQUIRES = nss nspr
+REQUIRES = nss nspr ckymanager
ifndef MOZ_OFFSET
MOZ_OFFSET = mozilla-1.7.13
endif
--- ./esc/src/lib/coolkey/NSSManager.h.fix6 2009-06-19 16:06:41.000000000 -0700
+++ ./esc/src/lib/coolkey/NSSManager.h 2009-06-19 16:06:47.000000000 -0700
@@ -70,6 +70,8 @@
static HRESULT GetKeyCertNicknames( const CoolKey *aKey, vector<string> & aStrings );
+ static HRESULT GetKeyUID(const CoolKey *aKey, char *aBuf, int aBufLength);
+
static HRESULT GetKeyIssuedTo(const CoolKey *aKey, char *aBuf, int aBufLength);
static HRESULT GetKeyIssuer(const CoolKey *aKey, char *aBuf, int aBufLength);
--- ./esc/src/lib/coolkey/CoolKey.cpp.fix6 2009-06-19 16:02:43.000000000 -0700
+++ ./esc/src/lib/coolkey/CoolKey.cpp 2009-06-19 16:03:03.000000000 -0700
@@ -259,12 +259,14 @@
static CoolKeyRelease g_Release = NULL;
static CoolKeyGetConfigValue g_GetConfigValue = NULL;
static CoolKeySetConfigValue g_SetConfigValue = NULL;
+static CoolKeyBadCertHandler g_BadCertHandler = NULL;
char* CoolKeyVerifyPassword(PK11SlotInfo *,PRBool,void *);
COOLKEY_API HRESULT CoolKeySetCallbacks(CoolKeyDispatch dispatch,
CoolKeyReference reference, CoolKeyRelease release,
- CoolKeyGetConfigValue getconfigvalue,CoolKeySetConfigValue setconfigvalue)
+ CoolKeyGetConfigValue getconfigvalue,CoolKeySetConfigValue setconfigvalue,
+ CoolKeyBadCertHandler badcerthandler)
{
char tBuff[56];
g_Dispatch = dispatch;
@@ -272,6 +274,7 @@
g_Release = release;
g_GetConfigValue = getconfigvalue;
g_SetConfigValue = setconfigvalue;
+ g_BadCertHandler = badcerthandler;
char * suppressPINPrompt =(char*) CoolKeyGetConfig("esc.security.url");
@@ -997,6 +1000,16 @@
return NSSManager::GetKeyPolicy(aKey, aBuf, aBufLen);
}
+
+HRESULT
+CoolKeyGetUID(const CoolKey *aKey, char *aBuf, int aBufLength)
+{
+ if (!aKey || !aKey->mKeyID || !aBuf || aBufLength < 1)
+ return E_FAIL;
+
+ return NSSManager::GetKeyUID(aKey,aBuf,aBufLength);
+}
+
HRESULT
CoolKeyGetIssuedTo(const CoolKey *aKey, char *aBuf, int aBufLength)
{
@@ -1290,6 +1303,13 @@
return aCUID;
}
+CoolKeyBadCertHandler CoolKeyGetBadCertHandler()
+{
+ if(g_BadCertHandler)
+ return g_BadCertHandler;
+ return NULL;
+}
+
const char *CoolKeyGetConfig(const char *aValue)
{
if(!g_GetConfigValue || ! aValue)
--- ./esc/src/lib/coolkey/manifest.mn.fix6 2009-06-19 16:05:45.000000000 -0700
+++ ./esc/src/lib/coolkey/manifest.mn 2009-06-19 16:05:54.000000000 -0700
@@ -19,7 +19,6 @@
XULRUNNER_BASE=$(CORE_DEPTH)/dist/$(OBJDIR)//xulrunner_build
-
SYS_INC = /usr/include
MODULE = ckymanager
LIBRARY_NAME = $(MODULE)
@@ -41,7 +40,7 @@
SmartCardMonitoringThread.cpp \
$(NULL)
-EXPORTS = \
+EXPORTS = \
CoolKey.h \
$(NULL)
--- ./esc/src/lib/coolkey/NSSManager.cpp.fix6 2009-06-19 16:06:19.000000000 -0700
+++ ./esc/src/lib/coolkey/NSSManager.cpp 2009-06-19 16:06:28.000000000 -0700
@@ -369,7 +369,7 @@
aBuf[0]=0;
- PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("%s NSSManager::GetKeyIssuedTo \n",GetTStamp(tBuff,56)));
+ PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("%s NSSManager::GetKeyIssuer \n",GetTStamp(tBuff,56)));
if(!aKey )
return E_FAIL;
@@ -409,7 +409,7 @@
continue;
}
orgID = CERT_GetOrgName(&cert->subject);
- PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("%s NSSManager::GetKeyIssuedTo ourSlot %p curSlot %p org %s \n",GetTStamp(tBuff,56),slot,cert->slot,orgID));
+ PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("%s NSSManager::GetKeyIssuer ourSlot %p curSlot %p org %s \n",GetTStamp(tBuff,56),slot,cert->slot,orgID));
}
@@ -437,6 +437,85 @@
return S_OK;
}
+HRESULT NSSManager::GetKeyUID(const CoolKey *aKey, char *aBuf, int aBufLength)
+{
+ char tBuff[56];
+ if(!aBuf)
+ return E_FAIL;
+
+ aBuf[0]=0;
+
+ PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("%s NSSManager::GetKeyUID \n",GetTStamp(tBuff,56)));
+
+ if(!aKey )
+ return E_FAIL;
+
+ PK11SlotInfo *slot = GetSlotForKeyID(aKey);
+
+ if (!slot)
+ return E_FAIL;
+
+ CERTCertList *certs = PK11_ListCerts(PK11CertListAll,NULL);
+
+ if (!certs)
+ {
+ PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("%sNSSManager::GetKeyUID no certs found! \n",GetTStamp(tBuff,56)));
+ PK11_FreeSlot(slot);
+ return E_FAIL;
+ }
+
+ CERTCertListNode *node= NULL;
+
+ char *certID = NULL;
+
+ for( node = CERT_LIST_HEAD(certs);
+ ! CERT_LIST_END(node, certs);
+ node = CERT_LIST_NEXT(node))
+ {
+ if(node->cert)
+ {
+ CERTCertificate *cert = node->cert;
+
+ if(cert)
+ {
+ if(cert->slot == slot)
+ {
+ if(IsCACert(cert))
+ {
+ continue;
+ }
+
+ certID = CERT_GetCertUid(&cert->subject);
+
+ PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("%s NSSManager::GetKeyUID ourSlot %p curSlot %p certID %s \n",GetTStamp(tBuff,56),slot,cert->slot,certID));
+
+ }
+
+ if(certID)
+ break;
+ }
+ }
+
+ }
+
+ if(certID && ((int)strlen(certID) < aBufLength))
+ {
+ strcpy(aBuf,certID);
+ }
+
+ if(certs)
+ CERT_DestroyCertList(certs);
+
+ if(slot)
+ PK11_FreeSlot(slot);
+
+ if(certID)
+ PORT_Free(certID);
+
+ return S_OK;
+}
+
+
HRESULT NSSManager::GetKeyIssuedTo(const CoolKey *aKey, char *aBuf, int aBufLength)
{
char tBuff[56];
@@ -487,6 +566,10 @@
certID = CERT_GetCommonName(&cert->subject);
+ if(!certID) {
+ certID = CERT_GetCertUid(&cert->subject);
+ }
+
PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("%s NSSManager::GetKeyIssuedTo ourSlot %p curSlot %p certID %s \n",GetTStamp(tBuff,56),slot,cert->slot,certID));
}
--- ./esc/src/lib/coolkey/CoolKey.h.fix6 2009-06-19 16:04:59.000000000 -0700
+++ ./esc/src/lib/coolkey/CoolKey.h 2009-06-19 16:05:05.000000000 -0700
@@ -26,6 +26,7 @@
// platforms (coreconf will do the appropriate processing.
#define COOLKEY_API
+#include "ssl.h"
#include <string.h>
#include <stdlib.h>
#include <vector>
@@ -100,7 +101,7 @@
typedef HRESULT (*CoolKeySetConfigValue)(const char *name,const char *value);
typedef const char * (*CoolKeyGetConfigValue)(const char *name);
-
+typedef SECStatus (*CoolKeyBadCertHandler)(void *arg, PRFileDesc *fd);
extern "C" {
@@ -112,7 +113,8 @@
COOLKEY_API HRESULT CoolKeyUnregisterListener(CoolKeyListener* aListener);
COOLKEY_API HRESULT CoolKeySetCallbacks(CoolKeyDispatch dispatch,
CoolKeyReference reference, CoolKeyRelease release,
- CoolKeyGetConfigValue getconfigvalue,CoolKeySetConfigValue setconfigvalue);
+ CoolKeyGetConfigValue getconfigvalue,CoolKeySetConfigValue setconfigvalue,
+ CoolKeyBadCertHandler badcerthandler=NULL);
COOLKEY_API bool CoolKeyRequiresAuthentication(const CoolKey *aKey);
COOLKEY_API bool CoolKeyHasApplet(const CoolKey *aKey);
@@ -133,6 +135,8 @@
COOLKEY_API HRESULT CoolKeyGetCertInfo(const CoolKey *aKey, char *aCertNickname, std::string & aCertInfo);
+COOLKEY_API HRESULT CoolKeyGetUID(const CoolKey *aKey, char *aBuf, int aBufLength);
+
COOLKEY_API HRESULT CoolKeyGetIssuedTo(const CoolKey *aKey, char *aBuf, int aBufLength);
COOLKEY_API HRESULT CoolKeyGetIssuer(const CoolKey *aKey, char *aBuf, int aBufLength);
@@ -257,6 +261,9 @@
const char *CoolKeyGetConfig(const char *aName);
HRESULT CoolKeySetConfig(const char *aName,const char *aValue);
+CoolKeyBadCertHandler CoolKeyGetBadCertHandler();
+
+
}
--- ./esc/src/lib/coolkey/Makefile.fix6 2009-06-19 16:05:24.000000000 -0700
+++ ./esc/src/lib/coolkey/Makefile 2009-06-19 16:05:32.000000000 -0700
@@ -35,6 +35,9 @@
echo "Build Linux or Windows."
make -f common.mk
+export::
+ make -f common.mk export
+
endif
ifeq ($(OS_ARCH),Darwin)
--- ./esc/src/app/xul/esc/chrome/content/esc/certManager.xul.fix6 2009-06-19 16:01:21.000000000 -0700
+++ ./esc/src/app/xul/esc/chrome/content/esc/certManager.xul 2009-06-19 16:01:43.000000000 -0700
@@ -65,7 +65,7 @@
<tabs id="certMgrTabbox" onselect="CertsTabsSelected();">
<tab id="mine_tab" label="&certmgr.tab.mine;" selected="true"/>
<tab id="others_tab" hidden="true" label="&certmgr.tab.others2;"/>
- <tab id="websites_tab" hidden="true" label="&certmgr.tab.websites3;"/>
+ <tab id="websites_tab" hidden="false" label="&certmgr.tab.websites3;"/>
<tab id="ca_tab" hidden="false" label="&certmgr.tab.ca;"/>
<tab id="orphan_tab" hidden="true" label="&certmgr.tab.orphan2;"/>
--- ./esc/src/app/xpcom/rhCoolKey.cpp.fix6 2009-06-19 15:56:20.000000000 -0700
+++ ./esc/src/app/xpcom/rhCoolKey.cpp 2009-06-19 15:57:48.000000000 -0700
@@ -30,7 +30,7 @@
#else
#include "nsServiceManagerUtils.h"
#endif
-
+#include "pipnss/nsICertOverrideService.h"
#include "nsIPrefBranch.h"
#include "nsIPrefService.h"
#include "nsCOMPtr.h"
@@ -69,6 +69,7 @@
#endif
#define PSM_COMPONENT_CONTRACTID "@mozilla.org/psm;1"
+#define NS_CERTOVERRIDE_CONTRACTID "@mozilla.org/security/certoverride;1"
static const nsIID kIModuleIID = NS_IMODULE_IID;
static const nsIID kIFactoryIID = NS_IFACTORY_IID;
@@ -89,6 +90,7 @@
std::list< nsCOMPtr <rhIKeyNotify> > rhCoolKey::gNotifyListeners;
+PRLock* rhCoolKey::certCBLock=NULL;
PRBool rhCoolKey::gAutoEnrollBlankTokens = PR_FALSE;
@@ -190,6 +192,13 @@
mCSPListener = nsnull;
#endif
+ certCBLock = PR_NewLock();
+
+ if(!certCBLock) {
+ PR_LOG( coolKeyLog, PR_LOG_ERROR, ("%s Failed to create lock exiting! \n",GetTStamp(tBuff,56)));
+ exit(1);
+ }
+
PRBool res = InitInstance();
if(res == PR_FALSE)
@@ -207,6 +216,10 @@
char tBuff[56];
PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("%s rhCoolKey::~rhCoolKey: %p \n",GetTStamp(tBuff,56),this));
+
+ if(certCBLock) {
+ PR_DestroyLock(certCBLock);
+ }
}
void rhCoolKey::ShutDownInstance()
@@ -255,6 +268,212 @@
return S_OK;
}
+struct BadCertData {
+ PRErrorCode error;
+ PRInt32 port;
+};
+
+typedef struct BadCertData BadCertData;
+
+SECStatus rhCoolKey::badCertHandler(void *arg, PRFileDesc *fd)
+{
+ SECStatus secStatus = SECFailure;
+ PRErrorCode err;
+ char *host = NULL;
+ PRInt32 port = 0;
+ CERTCertificate *serverCert = NULL;
+ PRUint32 errorBits = 0;
+ char tBuff[56];
+
+ PR_Lock(certCBLock);
+
+ if (!arg || !fd) {
+ PR_Unlock(certCBLock);
+ return secStatus;
+ }
+
+ // Retrieve callback data from NssHttpClient
+ // Caller cleans up this data
+ BadCertData *data = (BadCertData *) arg;
+ data->error = err = PORT_GetError();
+
+
+ /* If any of the cases in the switch are met, then we will proceed */
+
+ switch (err) {
+ case SEC_ERROR_INVALID_AVA:
+ case SEC_ERROR_INVALID_TIME:
+ case SEC_ERROR_BAD_SIGNATURE:
+ case SEC_ERROR_EXPIRED_CERTIFICATE:
+ case SEC_ERROR_UNKNOWN_ISSUER:
+ case SEC_ERROR_UNTRUSTED_CERT:
+ case SEC_ERROR_CERT_VALID:
+ case SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE:
+ case SEC_ERROR_CRL_EXPIRED:
+ case SEC_ERROR_CRL_BAD_SIGNATURE:
+ case SEC_ERROR_EXTENSION_VALUE_INVALID:
+ case SEC_ERROR_CA_CERT_INVALID:
+ case SEC_ERROR_CERT_USAGES_INVALID:
+ case SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION:
+ case SEC_ERROR_EXTENSION_NOT_FOUND: // Added by Rob 5/21/2002
+ secStatus = SECSuccess;
+ break;
+ default:
+ secStatus = SECFailure;
+ break;
+ }
+
+ if(secStatus == SECSuccess) {
+ PR_Unlock(certCBLock);
+ return secStatus;
+ }
+
+ // Collect errors to compare with override service output
+ switch(err) {
+ case SEC_ERROR_UNTRUSTED_ISSUER:
+ errorBits |= nsICertOverrideService::ERROR_UNTRUSTED;
+ break;
+ case SSL_ERROR_BAD_CERT_DOMAIN:
+ errorBits |= nsICertOverrideService::ERROR_MISMATCH;
+ break;
+ case SEC_ERROR_EXPIRED_CERTIFICATE:
+ errorBits |= nsICertOverrideService::ERROR_TIME;
+ default:
+ break;
+ };
+
+ // Now proceed to see if we have an exception.
+ // Get the server certificate that was rejected.
+ serverCert = SSL_PeerCertificate(fd);
+
+ if(!serverCert) {
+ PR_Unlock(certCBLock);
+ return secStatus;
+ }
+
+ port = data->port;
+ host = SSL_RevealURL(fd);
+
+ if(!host || port <= 0) {
+ PR_Unlock(certCBLock);
+ return secStatus;
+ }
+
+ PR_LOG(coolKeyLog, PR_LOG_DEBUG,
+ ("%s rhCoolKey::badCertHandler enter: error: %d url: %s port: %d \n",
+ GetTStamp(tBuff,56),err,host,port)
+ );
+
+ PRBool isTemporaryOverride = PR_FALSE;
+ PRUint32 overrideBits = 0;
+ PRBool overrideResult = PR_FALSE;
+
+ // Use the nsICertOverrideService to see if we have
+ // previously trusted this certificate.
+ nsCOMPtr<nsICertOverrideService> overrideService =
+ do_GetService(NS_CERTOVERRIDE_CONTRACTID);
+
+ const nsEmbedCString nsHost(host);
+ nsEmbedCString hashAlg,fingerPrint;
+
+ nsresult nsrv;
+ unsigned char* fingerprint=NULL;
+ if(overrideService) {
+ nsrv = overrideService->GetValidityOverride((const nsACString &)nsHost,
+ port,(nsACString &)hashAlg,
+ (nsACString&)fingerPrint,&overrideBits,
+ &isTemporaryOverride,&overrideResult
+ );
+ if(nsrv == NS_OK) {
+ PR_LOG(coolKeyLog, PR_LOG_DEBUG,
+ ("%s rhCoolKey::badCertHandler res %d print %s len %d bits %u temp %d alg: %s \n",
+ GetTStamp(tBuff,56),overrideResult,fingerPrint.get(),
+ fingerPrint.Length(),overrideBits, isTemporaryOverride,hashAlg.get())
+ );
+ }
+
+ PRBool certMatches = PR_FALSE;
+
+ if( (nsrv == NS_OK) && overrideResult) {
+ SECItem oid;
+ oid.data = nsnull;
+ oid.len = 0;
+ SECStatus srv = SEC_StringToOID(nsnull, &oid,
+ hashAlg.get(), hashAlg.Length());
+
+ if (srv != SECSuccess) {
+ PR_Free(host);
+ host=NULL;
+ CERT_DestroyCertificate(serverCert);
+ serverCert=NULL;
+ PR_Unlock(certCBLock);
+ return secStatus;
+ }
+
+ SECOidTag oid_tag = SECOID_FindOIDTag(&oid);
+
+ unsigned int hash_len = HASH_ResultLenByOidTag(oid_tag);
+ fingerprint = new unsigned char[hash_len];
+
+ if(!fingerprint) {
+ CERT_DestroyCertificate(serverCert);
+ serverCert=NULL;
+ PR_Unlock(certCBLock);
+ return secStatus;
+ }
+
+ SECItem computedPrint;
+ memset(fingerprint, 0, sizeof fingerprint);
+ PK11_HashBuf(oid_tag, fingerprint,
+ serverCert->derCert.data, serverCert->derCert.len);
+ CERT_DestroyCertificate(serverCert);
+ serverCert=NULL;
+
+ computedPrint.data=fingerprint;
+ computedPrint.len=hash_len;
+
+ char *formattedPrint = CERT_Hexify(&computedPrint,1);
+ char *inputPrint = (char *)fingerPrint.get();
+
+ //Compare fingerprints.
+
+ if(formattedPrint && inputPrint) {
+ if(!PL_strcmp(formattedPrint, inputPrint))
+ certMatches = PR_TRUE;
+ }
+ PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("%s certMatches: %d \n",
+ GetTStamp(tBuff,56),certMatches)
+ );
+
+ if(formattedPrint) {
+ PORT_Free(formattedPrint);
+ formattedPrint = NULL;
+ }
+ } else {
+ PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("%s override test failed. \n",
+ GetTStamp(tBuff,56))
+ );
+ }
+
+ if( certMatches ) {
+ if(overrideBits | errorBits)
+ secStatus = SECSuccess;
+ }
+ }
+
+ PR_Free(host);
+ host = NULL;
+ if(fingerprint) {
+ delete [] fingerprint;
+ fingerprint = NULL;
+ }
+
+ PR_Unlock(certCBLock);
+
+ return secStatus;
+}
+
+
HRESULT rhCoolKey::doSetCoolKeyConfigValue(const char *aName, const char *aValue)
{
@@ -340,7 +559,7 @@
nssComponent
= do_GetService(PSM_COMPONENT_CONTRACTID);
- CoolKeySetCallbacks(Dispatch,Reference, Release,doGetCoolKeyConfigValue ,doSetCoolKeyConfigValue);
+ CoolKeySetCallbacks(Dispatch,Reference, Release,doGetCoolKeyConfigValue ,doSetCoolKeyConfigValue,badCertHandler);
mProxy = CreateProxyObject();
@@ -1262,6 +1481,38 @@
}
/* string GetCoolKeyIssuedTo (in unsigned long aKeyType, in string aKeyID); */
+NS_IMETHODIMP rhCoolKey::GetCoolKeyUID(PRUint32 aKeyType, const char *aKeyID, char **uid)
+{
+ char tBuff[56];
+ if (!aKeyID) {
+ return NS_ERROR_FAILURE;
+ }
+
+ AutoCoolKey key(aKeyType, ( char *)aKeyID);
+
+ char buff[512];
+ int bufLength = 512;
+ buff[0] = 0;
+
+ CoolKeyGetUID(&key, (char *) buff, bufLength);
+
+ if(!buff[0])
+ {
+ return NS_OK;
+ }
+
+ PR_LOG(coolKeyLog,PR_LOG_DEBUG,("%s rhCoolKey::RhGetCoolKeyGetUID %s \n",GetTStamp(tBuff,56),(char *) buff));
+
+ char *temp = (char *) nsMemory::Clone(buff,sizeof(char) * strlen(buff) + 1);
+
+ *uid = temp;
+
+ return NS_OK;
+
+}
+
+
+/* string GetCoolKeyIssuedTo (in unsigned long aKeyType, in string aKeyID); */
NS_IMETHODIMP rhCoolKey::GetCoolKeyIssuedTo(PRUint32 aKeyType, const char *aKeyID, char **issuedTo)
{
char tBuff[56];
--- ./esc/src/app/xpcom/rhICoolKey.idl.fix6 2009-06-19 16:00:20.000000000 -0700
+++ ./esc/src/app/xpcom/rhICoolKey.idl 2009-06-19 16:00:32.000000000 -0700
@@ -66,6 +66,8 @@
string GetCoolKeyCertInfo(in unsigned long aKeyType, in string aKeyID, in string aCertNickname);
+ string GetCoolKeyUID(in unsigned long aKeyType, in string aKeyID);
+
string GetCoolKeyIssuedTo(in unsigned long aKeyType, in string aKeyID);
string GetCoolKeyIssuer(in unsigned long aKeyType, in string aKeyID);
--- ./esc/src/app/xpcom/Makefile.sdk.fix6 2009-06-19 15:54:52.000000000 -0700
+++ ./esc/src/app/xpcom/Makefile.sdk 2009-06-19 15:55:43.000000000 -0700
@@ -109,7 +109,7 @@
CPPFLAGS += -fno-rtti \
-fno-exceptions \
-fshort-wchar -fPIC
-GECKO_LD_LIBS=-L$(GECKO_SDK_PATH)/lib $(GECKO_SDK_PATH)/lib/libxpcomglue.a -lnss3 -lcrmf -lssl3 -lsmime3 -lplds4 -lplc4 -lnspr4 -lpthread -ldl
+GECKO_LD_LIBS=-L$(GECKO_SDK_PATH)/lib $(GECKO_SDK_PATH)/lib/libxpcomglue.a -lnssutil3 -lnss3 -lcrmf -lssl3 -lsmime3 -lplds4 -lplc4 -lnspr4 -lpthread -ldl
endif
ifeq ($(OS_ARCH),WINNT)
@@ -145,7 +145,7 @@
GECKO_INCLUDES += -I $(GECKO_SDK_PATH)/sdk/include
OBJECT = rhCoolKey.obj
OBJECTCSP = CoolKeyCSP.obj
-COOL_LDFLAGS = -IMPLIB:fake-import /LIBPATH:$(CORE_DIST)/lib ckymanager.lib httpchunked.lib $(GECKO_LD_LIBS) nss3.lib ssl3.lib smime3.lib softokn3.lib /LIBPATH:$(CKY_LIB_LDD) libckyapplet.lib crypt32.lib kernel32.lib user32.lib gdi32.lib winmm.lib wsock32.lib advapi32.lib /NODEFAULTLIB:libc.lib
+COOL_LDFLAGS = -IMPLIB:fake-import /LIBPATH:$(CORE_DIST)/lib ckymanager.lib httpchunked.lib $(GECKO_LD_LIBS) nssutil3.lib nss3.lib ssl3.lib smime3.lib softokn3.lib /LIBPATH:$(CKY_LIB_LDD) libckyapplet.lib crypt32.lib kernel32.lib user32.lib gdi32.lib winmm.lib wsock32.lib advapi32.lib /NODEFAULTLIB:libc.lib
endif
ifeq ($(OS_ARCH),Darwin)
--- ./esc/src/app/xpcom/rhCoolKey.h.fix6 2009-06-19 15:58:21.000000000 -0700
+++ ./esc/src/app/xpcom/rhCoolKey.h 2009-06-19 15:58:28.000000000 -0700
@@ -22,6 +22,15 @@
#include "nsIGenericFactory.h"
#include "nsEmbedString.h"
#include <list>
+#include "nspr.h"
+#include "prio.h"
+#include "ssl.h"
+#include "pk11func.h"
+#include "cert.h"
+#include "sslerr.h"
+#include "secerr.h"
+#include "sechash.h"
+
#include "CoolKey.h"
#include "nsCOMPtr.h"
#include "nsIObserver.h"
@@ -92,6 +101,7 @@
static HRESULT doSetCoolKeyConfigValue(const char *aName, const char *aValue);
static const char *doGetCoolKeyConfigValue(const char *aName );
+ static SECStatus badCertHandler(void *arg, PRFileDesc *fd);
protected:
/* additional members */
@@ -107,6 +117,8 @@
static std::list< nsCOMPtr <rhIKeyNotify> > gNotifyListeners;
+ static PRLock* certCBLock;
+
rhICoolKey* mProxy;
static PRBool gAutoEnrollBlankTokens;
esc-1.1.0-fix7.patch:
app/xul/esc/application.ini | 2 -
lib/NssHttpClient/httpClientNss.cpp | 49 ++++++++++++++++++++++++++++++++++--
2 files changed, 48 insertions(+), 3 deletions(-)
--- NEW FILE esc-1.1.0-fix7.patch ---
--- ./esc/src/lib/NssHttpClient/httpClientNss.cpp.fix7 2009-06-22 13:00:20.000000000 -0700
+++ ./esc/src/lib/NssHttpClient/httpClientNss.cpp 2009-06-22 13:05:07.000000000 -0700
@@ -64,8 +64,53 @@
PSHttpResponse *HttpClientNss::httpSendChunked(char *host_port, char *uri, char *method, char *body,PSChunkedResponseCallback cb,void *uw,PRBool doSSL,int messageTimeout )
{
-
- PSHttpServer server(host_port, PR_AF_INET);
+ char *pPort = NULL;
+ char *pPortActual = NULL;
+
+ char hostName[512];
+
+ /*
+ * Isolate the host name, account for IPV6 numeric addresses.
+ *
+ */
+
+ if(host_port)
+ strncpy(hostName,host_port,512);
+
+ pPort = hostName;
+ while(1) {
+ pPort = strchr(pPort, ':');
+ if (pPort) {
+ pPortActual = pPort;
+ pPort++;
+ } else
+ break;
+ }
+
+ if(pPortActual)
+ *pPortActual = '\0';
+
+ /*
+ * Rifle through the values for the host
+ */
+
+ PRAddrInfo *ai;
+ void *iter;
+ PRNetAddr addr;
+ int family = PR_AF_INET;
+
+ ai = PR_GetAddrInfoByName(hostName, PR_AF_UNSPEC, PR_AI_ADDRCONFIG);
+ if (ai) {
+ printf("%s\n", PR_GetCanonNameFromAddrInfo(ai));
+ iter = NULL;
+ while ((iter = PR_EnumerateAddrInfo(iter, ai, 0, &addr)) != NULL) {
+ family = PR_NetAddrFamily(&addr);
+ break;
+ }
+ PR_FreeAddrInfo(ai);
+ }
+
+ PSHttpServer server(host_port, family);
PSHttpRequest request( &server, uri, HTTP11, 0 );
_request = &request;
--- ./esc/src/app/xul/esc/application.ini.fix7 2009-06-22 15:34:32.000000000 -0700
+++ ./esc/src/app/xul/esc/application.ini 2009-06-22 15:35:11.000000000 -0700
@@ -25,7 +25,7 @@
Name=ESC
;
; This field specifies your application's version. This field is optional.
-Version=1.1.0-7
+Version=1.1.0-9
;
; This field specifies your application's build ID (timestamp). This field is
; required.
--- NEW FILE import.log ---
esc-1_1_0-10_fc12:HEAD:esc-1.1.0-10.fc12.src.rpm:1253050190
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/esc/devel/.cvsignore,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -p -r1.4 -r1.5
--- .cvsignore 13 Mar 2007 20:34:09 -0000 1.4
+++ .cvsignore 15 Sep 2009 21:31:03 -0000 1.5
@@ -1,2 +1 @@
-esc-1.0.1.tar.bz2
-xulrunner-1.8.0.4-source.tar.bz2
+esc-1.1.0.tar.bz2
Index: esc
===================================================================
RCS file: /cvs/pkgs/rpms/esc/devel/esc,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -p -r1.8 -r1.9
--- esc 17 Jul 2007 18:47:04 -0000 1.8
+++ esc 15 Sep 2009 21:31:03 -0000 1.9
@@ -18,10 +18,6 @@
# END COPYRIGHT BLOCK
-
-
-DO_SECMODE="false"
-SECURITY_URL=
DO_FORCEMODE="false"
DO_SHOW_VERSION="false"
ESC_ARGS=
@@ -30,7 +26,7 @@ ESC_ARGS=
ESC_PROFILE_BASE=~/.redhat/esc
ESC_LOG_FILE=esc.log
-ESC_PATH=$LIBDIR/esc-1.0.1
+ESC_PATH=$LIBDIR/esc-1.1.0
ESC_BIN_PATH=/usr/bin
ESC_EXEC=esc
ESCD_EXEC=escd
@@ -97,25 +93,10 @@ function processArgs {
#echo "Do show version!"
DO_SHOW_VERSION="true"
fi
- if [ $DO_SECMODE == "true" ]
- then
- #echo "Sec Mode Url $arg"
- SECURITY_URL=$arg
- fi
- if [ $arg == "-secmode" ]
- then
- DO_SECMODE="true"
- #echo "Do security mode!"
- fi
done
-
- if [ $DO_SECMODE == "true" ]
- then
- #echo "Launch ESC in security mode!"
- ARGS="--secmode $SECURITY_URL"
- fi
}
+
processArgs $*
if [ ! -d $ESC_PROFILE_BASE ]
@@ -180,7 +161,6 @@ else
#echo "esc not already running start up and bring up window."
./$ESC_EXEC &
sleep 4
-
#echo "done sleeping bring up esc window."
./$ESC_EXEC
exit 0
Index: esc.spec
===================================================================
RCS file: /cvs/pkgs/rpms/esc/devel/esc.spec,v
retrieving revision 1.41
retrieving revision 1.42
diff -u -p -r1.41 -r1.42
--- esc.spec 24 Jul 2009 22:17:11 -0000 1.41
+++ esc.spec 15 Sep 2009 21:31:05 -0000 1.42
@@ -1,41 +1,37 @@
Name: esc
-Version: 1.0.1
-Release: 15%{?dist}
+Version: 1.1.0
+Release: 10%{?dist}
Summary: Enterprise Security Client Smart Card Client
-License: GPL+
+License: GPL
URL: http://directory.fedora.redhat.com/wiki/CoolKey
Group: Applications/Internet
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
-Patch1: firefox-1.5-with-system-nss.patch
-Patch2: firefox-1.1-nss-system-nspr.patch
-Patch3: esc-1.0.1-admin-row-update.patch
-Patch4: esc-1.0.1-ui-fixes-1.patch
-Patch5: esc-1.0.1-log-fixes.patch
-Patch6: esc-1.0.1-log-fixes-1.patch
-Patch7: esc-1.0.1-lic-fix.patch
-Patch8: esc-1.0.1-misc.patch
-Patch9: esc-1.0.1-nss-devel-fix.patch
-Patch10: firefox.secalg.patch
-Patch11: esc-1.0.1-xulrunner-sparc-fixes.patch
-Patch12: esc-1.0.1-elif.patch
+Patch1: esc-1.1.0-fix1.patch
+Patch2: esc-1.1.0-fix2.patch
+Patch3: esc-1.1.0-fix3.patch
+Patch4: esc-1.1.0-fix4.patch
+Patch5: esc-1.1.0-fix5.patch
+Patch6: esc-1.1.0-fix6.patch
+Patch7: esc-1.1.0-fix7.patch
BuildRequires: doxygen fontconfig-devel freetype-devel >= 2.1
BuildRequires: glib2-devel libIDL-devel atk-devel gtk2-devel libjpeg-devel
BuildRequires: pango-devel libpng-devel pkgconfig zlib-devel
BuildRequires: nspr-devel nss-devel
BuildRequires: autoconf213 libX11-devel libXt-devel
+BuildRequires: xulrunner xulrunner-devel
BuildRequires: pcsc-lite-devel coolkey-devel
BuildRequires: desktop-file-utils zip binutils libnotify-devel
BuildRequires: dbus-devel
Requires: pcsc-lite ifd-egate coolkey nss nspr
Requires: zip dbus >= 0.90 libnotify >= 0.4.2
+Requires: xulrunner
# 390 does not have coolkey or smartCards
-# Xulrunner won't compile on ppc64 or sparc64 right now.
-ExcludeArch: s390 s390x ppc64 sparc64
+ExcludeArch: s390 s390x
# We can't allow the internal xulrunner to leak out
AutoReqProv: 0
@@ -53,13 +49,14 @@ AutoReqProv: 0
%define docdir %{_defaultdocdir}/%{escname}
%define escappdir src/app/xpcom
%define escxuldir src/app/xul/esc
+%define escxulchromeicons %{escxuldir}/chrome/icons/default
+%define escdaemon escd
Source0: %{escname}.tar.bz2
Source1: esc
Source2: esc.desktop
-Source3: xulrunner-1.8.0.4-source.tar.bz2
-Source4: esc.png
+Source3: esc.png
%description
@@ -70,49 +67,44 @@ cryptographic smartcards.
%setup -q -c -n %{escname}
-#Perform esc patching
+#patch esc
+%patch1 -p1 -b .fix1
+%patch2 -p1 -b .fix2
%patch3 -p1 -b .fix3
%patch4 -p1 -b .fix4
%patch5 -p1 -b .fix5
%patch6 -p1 -b .fix6
%patch7 -p1 -b .fix7
-%patch8 -p1 -b .fix8
-%patch9 -p1 -b .fix9
-
-
-#Unpack xulrunner where esc expects it to be.
-
-%setup -T -D -a 3 -n %{escname}/esc/dist/src
-
-#Perform the patching of xulrunner
-
-cd mozilla
-
-%patch1 -p1 -b .fix1
-%patch2 -p1 -b .fix2
-%patch10 -p1 -b .secalg
-%patch11 -p1 -b .sparc
-%patch12 -p1 -b .elif
%build
-%ifarch x86_64 ppc64 ia64 sparc64
+GECKO_SDK_PATH=%{_libdir}/xulrunner-sdk-1.9.1/sdk
+GECKO_BIN_PATH=%{_libdir}/xulrunner-1.9.1
+GECKO_INCLUDE_PATH=%{_includedir}/xulrunner-sdk-1.9.1
+
+%ifarch x86_64 ppc64 ia64
USE_64=1
export USE_64
%endif
+export GECKO_SDK_PATH
+export GECKO_BIN_PATH
+export GECKO_INCLUDE_PATH
# last setup call moved the current directory
-cd ../..
+cd esc
+#cd ../..
-cp %{SOURCE4} %{escxuldir}/%{esc_chromepath}
+cp %{SOURCE3} %{escxuldir}/%{esc_chromepath}
+rm -f %{escxulchromeicons}/*.ico
+cp %{escxulchromeicons}/esc-window.xpm %{escxulchromeicons}/default.xpm
-make BUILD_OPT=1 HAVE_LIB_NOTIFY=1 ESC_VERSION=%{version}-%{release}
+make BUILD_OPT=1 HAVE_LIB_NOTIFY=1 ESC_VERSION=%{version}-%{release} USE_XUL_SDK=1
%install
-cd ../../src/app/xpcom
+cd esc/src/app/xpcom
mkdir -p $RPM_BUILD_ROOT/%{escbindir}
mkdir -p $RPM_BUILD_ROOT/%{icondir}
@@ -125,18 +117,17 @@ mkdir -p $RPM_BUILD_ROOT/%{docdir}
sed -e 's;\$LIBDIR;'%{_libdir}';g' %{SOURCE1} > $RPM_BUILD_ROOT/%{escbindir}/%{name}
-
chmod 755 $RPM_BUILD_ROOT/%{escbindir}/esc
mkdir -p $RPM_BUILD_ROOT/%{escdir}
-%ifarch x86_64 ppc64 ia64 sparc64
+%ifarch x86_64 ppc64 ia64
USE_64=1
export USE_64
%endif
-make BUILD_OPT=1 install DESTDIR=$RPM_BUILD_ROOT/%{escdir}
+make BUILD_OPT=1 USE_XUL_SDK=1 install DESTDIR=$RPM_BUILD_ROOT/%{escdir}
rm -rf $RPM_BUILD_ROOT/%{escdir}/usr
@@ -151,6 +142,11 @@ cp %{SOURCE2} $RPM_BUILD_ROOT/%{autostar
cd %{_builddir}
cp %{escname}/esc/LICENSE $RPM_BUILD_ROOT/%{docdir}
+chmod 755 -R $RPM_BUILD_ROOT/%{escdir}/chrome
+chmod 755 -R $RPM_BUILD_ROOT/%{escdir}/defaults
+chmod 755 $RPM_BUILD_ROOT/%{escdir}/application.ini
+
+
%clean
rm -rf $RPM_BUILD_ROOT
@@ -158,44 +154,38 @@ rm -rf $RPM_BUILD_ROOT
%files
%defattr(-,root,root,-)
-%dir %{escdir}
%{escdir}/esc
%{escdir}/escd
%{escbindir}/esc
%{escdir}/application.ini
-%dir %{escdir}/chrome
%{escdir}/chrome/chrome.manifest
-%{escdir}/chrome/content/
-%{escdir}/chrome/locale/
-%dir %{escdir}/chrome/icons
-%{escdir}/chrome/icons/default/
-%{escdir}/components/
+%{escdir}/chrome/content
+%{escdir}/chrome/locale
+%{escdir}/chrome/icons/default
+%{escdir}/components
-%dir %{escdir}/defaults
-%dir %{escdir}/defaults/preferences
%{escdir}/defaults/preferences/esc-prefs.js
-%{escdir}/xulrunner/
+#%{escdir}/xulrunner
%{icondir}/esc.png
%{pixmapdir}/esc.png
%{autostartdir}/esc.desktop
%{_datadir}/%{appdir}/esc.desktop
-%dir %{docdir}
%doc %{docdir}/LICENSE
-%preun
-
-killall --exact -q escd
-exit 0
-
%post
touch --no-create %{_datadir}/icons/hicolor || :
if [ -x %{_bindir}/gtk-update-icon-cache ]; then
%{_bindir}/gtk-update-icon-cache --quiet %{_datadir}/icons/hicolor || :
fi
+%preun
+
+killall --exact -q escd
+exit 0
+
%postun
touch --no-create %{_datadir}/icons/hicolor || :
if [ -x %{_bindir}/gtk-update-icon-cache ]; then
@@ -203,45 +193,70 @@ if [ -x %{_bindir}/gtk-update-icon-cache
fi
%changelog
-* Fri Jul 24 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.0.1-15
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
-
-* Tue Apr 14 2009 Robert Scheck <robert at fedoraproject.org> - 1.0.1-14
-- Added a patch to correct the wrong elif preprocessor statement
-
-* Tue Feb 24 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.0.1-13
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
-
-* Sat Nov 8 2008 Michael Schwendt <mschwendt at fedoraproject.org> - 1.0.1-12
-- Include lots of missing directories (#233833) and mark
- recursively included directories in files list with a trailing slash.
-
-* Tue Sep 30 2008 Tom "spot" Callaway <tcallawa at redhat.com> - 1.0.1-11
-- xulrunner still broken for sparc64
-
-* Tue Sep 30 2008 Tom "spot" Callaway <tcallawa at redhat.com> - 1.0.1-10
-- fix esc for sparc/sparc64
-
-* Wed Feb 13 2008 Jack Magne <jmagne at redhat.com>
-- Fix xulrunner build problem.
-* Fri Jan 18 2008 Jack Magne <jmagne at redhat.com>
-- Fix tray icon menu issue #253248.
-* Thu Aug 30 2007 Jack Magne <jmagne at redhat.com>
-- License field change- 1.0.1-7
-* Wed Aug 29 2007 Fedora Release Engineering <rel-eng at fedoraproject dot org> - 1.0.1-6
-- Rebuild for selinux ppc32 issue.
-
-* Tue Jul 17 2007 Jack Magne <jmagne at redhat.com>- 1.0.1-5
-- Further fixes to the diagnostics logging.
-* Wed Jun 20 2007 Jack Magne <jmagne at redhat.com>- 1.0.1-4
-- Fixes to the diagnostics log files and esc error messages.
-* Thu Apr 26 2007 Jack Magne <jmagne at redhat.com>- 1.0.1-3
-- Many UI usability fixes.
-* Tue Apr 03 2007 Jack Magne <jmagne at redhat.com>- 1.0.1-2
-* Mon Mar 05 2007 Jack Magne <jmagne at redhat.com>- 1.0.1-1
-- Stability fixes
-* Fri Oct 27 2006 Jack Magne <jmagne at redhat.com>- 1.0.0-19
-- More mac and win fixes.
+* Tue Sep 15 2009 Jack Magne <jmagne at redhat.com>= 1.1.0-10
+- Pick up latest improvements.
+* Mon Jun 22 2009 Jack Magne <jmagne at redhat.com>= 1.1.0-9
+- Related: #496410, also IPV6 support.
+* Fri Jun 19 2009 Jack Magne <jmagne at redhat.com>= 1.1.0-8
+- Related: #496410, SSL Conn fix.
+* Mon Jun 8 2009 Jack Magne <jmagne at redhat.com>- 1.1.0-7
+- Releated: #496410.
+* Thu Apr 23 2009 Jack Magne <jmagne at redhat.com>- 1.1.0-6
+- Related: #496410. Appease rpmdiff.
+* Wed Apr 22 2009 Jack Magne <jmagne at redhat.com>- 1.1.0-5
+- Related: #496410, addresses 494981, better error message.
+* Wed Apr 22 2009 Jack Magne <jmagne at redhat.com>- 1.1.0-4
+- Move to latest rebased code. Related #496410.
+* Thu Dec 04 2008 Jack Magne <jmagne at redhat.com>- 1.0.0-39
+- Resolves #469202 - Cert Viewer issue
+* Tue Nov 11 2008 Jack Magne <jmagne at redhat.com>- 1.0.0-38
+- Resolves #471923 - ESC Connection issue.
+* Thu Oct 16 2008 Jack Magne <jmagne at redhat.com>- 1.0.0-37
+- Resolves #467126 - Blank authentication dialog problem.
+* Fri Sep 26 2008 Jack Magne <jmagne at redhat.com>- 1.0.0-36
+- Related #200475 - Require the xulrunner package, Resolves #248493
+* Thu Sep 18 2008 Jack Magne <jmagne at redhat.com>- 1.0.0-35
+- Related 200475, make rpmdiff tests happy.
+* Tue Sep 16 2008 Jack Magne <jmagne at redhat.com>- 1.0.0-34
+- Resolves #200475 #253081 #437238
+* Thu Jan 10 2008 Jack Magne <jmagne at redhat.com>- 1.0.0-33
+- Resolves #25324a8 #253268
+* Thu Jul 12 2007 Jack Magne <jmagne at redhat.com>- 1.0.0-32
+- Resolves #248071 - ESC RPM unistall failure if daemon not running.
+* Fri Jun 22 2007 Jack Magne <jmagne at redhat.com>- 1.0.0-31
+- Related #208038 - Top things to put in diagnostics log
+* Wed Jun 20 2007 Jack Magne <jmagne at redhat.com>- 1.0.0-30
+- Related #204021
+* Fri Jun 8 2007 Jack Magne <jmagne at redhat.com>- 1.0-0-29
+- Related #212010
+* Fri Jun 8 2007 Jack Magne <jmagne at redhat.com>- 1.0.0-28
+- Resolves #212010
+* Tue Jun 5 2007 Jack Magne <jmagne at redhat.com>- 1.0.0-27
+- Resolves #203466 Better error message strings.
+* Mon May 21 2007 Jack Magne <jmagne at redhat.com>- 1.0.0-26
+- Related: #206783 Fix the launcher script to work with new logging.
+* Fri May 11 2007 Jack Magne <jmagne at redhat.com>- 1.0.0-25
+- Resolves: #206783.
+* Mon Apr 23 2007 Jack Magne <jmagne at redhat.com>- 1.0.0-24
+- More Desktop appearance fixes.
+- Related: #208749
+* Mon Apr 23 2007 Jack Magne <jmagne at redhat.com>- 1.0.0-23
+- Desktop appearance fixes.
+- Related: #208749
+* Thu Apr 19 2007 Jack Magne <jmagne at redhat.com>- 1.0.0-22
+- Second drop of 5.1 fixes.
+- Resolves: #203934, #203935, #204959, #206780, #206792, #207721
+- Resolves: #207816, #206791
+- Related: #208749
+* Wed Apr 18 2007 Jack Magne <jmagne at redhat.com>- 1.0.0-21
+- First 5.1 fixes.
+- Resolves: #203757, #203806, #204661, #205856, #206788, #206791
+- Resolves: #208037, #208333, #210589, #210590, #213912, #226913
+- Resolves: #204021, #205498, #224436
+* Tue Nov 28 2006 Jack Magne <jmagne at redhat.com>- 1.0.0-20
+- fix for bug to commit config changes immediately. Bug #210988
+* Wed Nov 15 2006 Jack Magne <jmagne at redhat.com>- 1.0.0-19
+-fix for escd double free problem. Bug #209882
* Tue Oct 24 2006 Jack Magne <jmagne at redhat.com>- 1.0.0-18
-rebuilt on RHEL-5 branch
* Sun Oct 4 2006 Jack Magne <jmagne at redhat.com>- 1.0.0-17
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/esc/devel/sources,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -p -r1.5 -r1.6
--- sources 13 Mar 2007 20:34:09 -0000 1.5
+++ sources 15 Sep 2009 21:31:06 -0000 1.6
@@ -1,2 +1 @@
-3d3def2acd3c8d04dff47af5312a707c esc-1.0.1.tar.bz2
-4dc09831aa4e94fda5182a4897ed08e9 xulrunner-1.8.0.4-source.tar.bz2
+76dc573edfd410f3fdd08ad0010b9205 esc-1.1.0.tar.bz2
--- esc-1.0.1-admin-row-update.patch DELETED ---
--- esc-1.0.1-elif.patch DELETED ---
--- esc-1.0.1-lic-fix.patch DELETED ---
--- esc-1.0.1-log-fixes-1.patch DELETED ---
--- esc-1.0.1-log-fixes.patch DELETED ---
--- esc-1.0.1-nss-devel-fix.patch DELETED ---
--- esc-1.0.1-ui-fixes-1.patch DELETED ---
--- esc-1.0.1-xulrunner-sparc-fixes.patch DELETED ---
--- firefox-1.5-with-system-nss.patch DELETED ---
--- firefox.secalg.patch DELETED ---
More information about the scm-commits
mailing list