rpms/nss/F-13 renegotiate-transitional.patch, NONE, 1.1 validate-arguments.patch, NONE, 1.1 .cvsignore, 1.30, 1.31 sources, 1.32, 1.33 nss.spec, 1.140, 1.141
Elio Maldonado
emaldonado at fedoraproject.org
Sat Mar 6 23:04:34 UTC 2010
- Previous message: rpms/nss/F-13 533125-ammend.patch, 1.1, NONE 540387.patch, 1.1, NONE 545779.patch, 1.1, NONE 546221.patch, 1.4, NONE 547860.patch, 1.2, NONE 553638.patch, 1.2, NONE nss-no-rpath.patch, 1.1, NONE nss-sysinit.patch, 1.2, NONE
- Next message: rpms/nss/F-13 nss-nolocalsql.patch,1.8,1.9
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: emaldonado
Update of /cvs/pkgs/rpms/nss/F-13
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv26020
Modified Files:
.cvsignore sources nss.spec
Added Files:
renegotiate-transitional.patch validate-arguments.patch
Log Message:
Update to 3.12.6
renegotiate-transitional.patch:
sslsock.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- NEW FILE renegotiate-transitional.patch ---
Index: ./mozilla/security/nss/lib/ssl/sslsock.c
===================================================================
RCS file: /cvsroot/mozilla/security/nss/lib/ssl/sslsock.c,v
retrieving revision 1.66
diff -u -p -r1.66 sslsock.c
--- ./mozilla/security/nss/lib/ssl/sslsock.c 26 Feb 2010 20:44:54 -0000 1.66
+++ ./mozilla/security/nss/lib/ssl/sslsock.c 1 Mar 2010 18:05:10 -0000
@@ -181,7 +181,7 @@ static sslOptions ssl_defaults = {
PR_FALSE, /* noLocks */
PR_FALSE, /* enableSessionTickets */
PR_FALSE, /* enableDeflate */
- 2, /* enableRenegotiation (default: requires extension) */
+ 3, /* enableRenegotiation (default: transitional)
PR_FALSE, /* requireSafeNegotiation */
};
validate-arguments.patch:
p7content/p7content.c | 16 ++++++++-
p7env/p7env.c | 15 ++++++++
p7sign/p7sign.c | 17 +++++++++
p7verify/p7verify.c | 16 ++++++++-
strsclnt/strsclnt.c | 52 +++++++++++++++++++++++++-----
tests/remtest.c | 11 ++++++
tstclnt/tstclnt.c | 86 ++++++++++++++++++++++++++++++++++----------------
vfychain/vfychain.c | 39 +++++++++++++++++++---
vfyserv/vfyserv.c | 49 ++++++++++++++++++++++------
9 files changed, 245 insertions(+), 56 deletions(-)
--- NEW FILE validate-arguments.patch ---
Index: ./mozilla/security/nss/cmd/p7content/p7content.c
===================================================================
RCS file: /cvsroot/mozilla/security/nss/cmd/p7content/p7content.c,v
retrieving revision 1.12
diff -u -p -r1.12 p7content.c
--- ./mozilla/security/nss/cmd/p7content/p7content.c 4 Aug 2008 22:58:31 -0000 1.12
+++ ./mozilla/security/nss/cmd/p7content/p7content.c 2 Mar 2010 18:29:48 -0000
@@ -64,7 +64,7 @@ extern int fprintf(FILE *, char *, ...);
static void
-Usage(char *progName)
+Usage(const char *progName)
{
fprintf(stderr,
"Usage: %s [-d dbdir] [-i input] [-o output]\n",
@@ -195,6 +195,15 @@ DecodeAndPrintFile(FILE *out, PRFileDesc
return 0;
}
+static void
+PrintMsgAndExit(const char *progName, char opt)
+{
+ fprintf(stderr, "%s: option -%c requires argument\n", progName, opt);
+ Usage(progName);
+}
+
+#define REQUIRE_ARG(opt,value) if (!(value)) PrintMsgAndExit(progName, opt)
+
/*
* Print the contents of a PKCS7 message, indicating signatures, etc.
*/
@@ -222,10 +231,12 @@ main(int argc, char **argv)
while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
switch (optstate->option) {
case 'd':
+ REQUIRE_ARG(optstate->option, optstate->value);
SECU_ConfigDirectory(optstate->value);
break;
case 'i':
+ REQUIRE_ARG(optstate->option, optstate->value);
inFile = PR_Open(optstate->value, PR_RDONLY, 0);
if (!inFile) {
fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
@@ -235,6 +246,7 @@ main(int argc, char **argv)
break;
case 'o':
+ REQUIRE_ARG(optstate->option, optstate->value);
outFile = fopen(optstate->value, "w");
if (!outFile) {
fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
@@ -244,11 +256,13 @@ main(int argc, char **argv)
break;
case 'p':
+ REQUIRE_ARG(optstate->option, optstate->value);
pwdata.source = PW_PLAINTEXT;
pwdata.data = PORT_Strdup (optstate->value);
break;
case 'f':
+ REQUIRE_ARG(optstate->option, optstate->value);
pwdata.source = PW_FROMFILE;
pwdata.data = PORT_Strdup (optstate->value);
break;
Index: ./mozilla/security/nss/cmd/p7env/p7env.c
===================================================================
RCS file: /cvsroot/mozilla/security/nss/cmd/p7env/p7env.c,v
retrieving revision 1.10
diff -u -p -r1.10 p7env.c
--- ./mozilla/security/nss/cmd/p7env/p7env.c 11 Feb 2010 02:39:47 -0000 1.10
+++ ./mozilla/security/nss/cmd/p7env/p7env.c 2 Mar 2010 18:29:48 -0000
@@ -63,7 +63,7 @@ extern int fprintf(FILE *, char *, ...);
static void
-Usage(char *progName)
+Usage(const char *progName)
{
fprintf(stderr,
"Usage: %s -r recipient [-d dbdir] [-i input] [-o output]\n",
@@ -159,6 +159,15 @@ EncryptFile(FILE *outFile, FILE *inFile,
return 0;
}
+static void
+PrintMsgAndExit(const char *progName, char opt)
+{
+ fprintf(stderr, "%s: option -%c requires argument\n", progName, opt);
+ Usage(progName);
+}
+
+#define REQUIRE_ARG(opt,value) if (!(value)) PrintMsgAndExit(progName, opt)
+
int
main(int argc, char **argv)
{
@@ -194,10 +203,12 @@ main(int argc, char **argv)
break;
case 'd':
+ REQUIRE_ARG(optstate->option, optstate->value);
SECU_ConfigDirectory(optstate->value);
break;
case 'i':
+ REQUIRE_ARG(optstate->option, optstate->value);
inFile = fopen(optstate->value, "r");
if (!inFile) {
fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
@@ -207,6 +218,7 @@ main(int argc, char **argv)
break;
case 'o':
+ REQUIRE_ARG(optstate->option, optstate->value);
outFile = fopen(optstate->value, "wb");
if (!outFile) {
fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
@@ -216,6 +228,7 @@ main(int argc, char **argv)
break;
case 'r':
+ REQUIRE_ARG(optstate->option, optstate->value);
if (rcpt == NULL) {
recipients = rcpt = PORT_Alloc (sizeof(struct recipient));
} else {
Index: ./mozilla/security/nss/cmd/p7sign/p7sign.c
===================================================================
RCS file: /cvsroot/mozilla/security/nss/cmd/p7sign/p7sign.c,v
retrieving revision 1.14
diff -u -p -r1.14 p7sign.c
--- ./mozilla/security/nss/cmd/p7sign/p7sign.c 4 Aug 2008 22:58:28 -0000 1.14
+++ ./mozilla/security/nss/cmd/p7sign/p7sign.c 2 Mar 2010 18:29:48 -0000
@@ -67,7 +67,7 @@ extern int fprintf(FILE *, char *, ...);
static secuPWData pwdata = { PW_NONE, 0 };
static void
-Usage(char *progName)
+Usage(const char *progName)
{
fprintf(stderr,
"Usage: %s -k keyname [-d keydir] [-i input] [-o output]\n",
@@ -173,6 +173,15 @@ SignFile(FILE *outFile, PRFileDesc *inFi
return 0;
}
+static void
+PrintMsgAndExit(const char *progName, char opt)
+{
+ fprintf(stderr, "%s: option -%c requires argument\n", progName, opt);
+ Usage(progName);
+}
+
+#define REQUIRE_ARG(opt,value) if (!(value)) PrintMsgAndExit(progName, opt)
+
int
main(int argc, char **argv)
{
@@ -210,10 +219,12 @@ main(int argc, char **argv)
break;
case 'd':
+ REQUIRE_ARG(optstate->option, optstate->value);
SECU_ConfigDirectory(optstate->value);
break;
case 'i':
+ REQUIRE_ARG(optstate->option, optstate->value);
inFile = PR_Open(optstate->value, PR_RDONLY, 0);
if (!inFile) {
fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
@@ -223,10 +234,12 @@ main(int argc, char **argv)
break;
case 'k':
+ REQUIRE_ARG(optstate->option, optstate->value);
keyName = strdup(optstate->value);
break;
case 'o':
+ REQUIRE_ARG(optstate->option, optstate->value);
outFile = fopen(optstate->value, "wb");
if (!outFile) {
fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
@@ -235,11 +248,13 @@ main(int argc, char **argv)
}
break;
case 'p':
+ REQUIRE_ARG(optstate->option, optstate->value);
pwdata.source = PW_PLAINTEXT;
pwdata.data = strdup (optstate->value);
break;
case 'f':
+ REQUIRE_ARG(optstate->option, optstate->value);
pwdata.source = PW_FROMFILE;
pwdata.data = PORT_Strdup (optstate->value);
break;
Index: ./mozilla/security/nss/cmd/p7verify/p7verify.c
===================================================================
RCS file: /cvsroot/mozilla/security/nss/cmd/p7verify/p7verify.c,v
retrieving revision 1.10
diff -u -p -r1.10 p7verify.c
--- ./mozilla/security/nss/cmd/p7verify/p7verify.c 8 Aug 2008 23:47:57 -0000 1.10
+++ ./mozilla/security/nss/cmd/p7verify/p7verify.c 2 Mar 2010 18:29:48 -0000
@@ -126,7 +126,7 @@ DigestFile(unsigned char *digest, unsign
static void
-Usage(char *progName)
+Usage(const char *progName)
{
fprintf(stderr,
"Usage: %s -c content -s signature [-d dbdir] [-u certusage]\n",
@@ -209,6 +209,14 @@ HashDecodeAndVerify(FILE *out, FILE *con
return 0;
}
+static void
+PrintMsgAndExit(const char *progName, char opt)
+{
+ fprintf(stderr, "%s: option -%c requires argument\n", progName, opt);
+ Usage(progName);
+}
+
+#define REQUIRE_ARG(opt,arg) if (!(arg)) PrintMsgAndExit(progName, opt)
int
main(int argc, char **argv)
@@ -239,6 +247,7 @@ main(int argc, char **argv)
break;
case 'c':
+ REQUIRE_ARG(optstate->option, optstate->value);
contentFile = fopen(optstate->value, "r");
if (!contentFile) {
fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
@@ -248,10 +257,12 @@ main(int argc, char **argv)
break;
case 'd':
+ REQUIRE_ARG(optstate->option, optstate->value);
SECU_ConfigDirectory(optstate->value);
break;
case 'o':
+ REQUIRE_ARG(optstate->option, optstate->value);
outFile = fopen(optstate->value, "w");
if (!outFile) {
fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
@@ -261,6 +272,7 @@ main(int argc, char **argv)
break;
case 's':
+ REQUIRE_ARG(optstate->option, optstate->value);
signatureFile = PR_Open(optstate->value, PR_RDONLY, 0);
if (!signatureFile) {
fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
@@ -271,7 +283,7 @@ main(int argc, char **argv)
case 'u': {
int usageType;
-
+ REQUIRE_ARG(optstate->option, optstate->value);
usageType = atoi (strdup(optstate->value));
if (usageType < certUsageSSLClient || usageType > certUsageAnyCA)
return -1;
Index: ./mozilla/security/nss/cmd/strsclnt/strsclnt.c
===================================================================
RCS file: /cvsroot/mozilla/security/nss/cmd/strsclnt/strsclnt.c,v
retrieving revision 1.66
diff -u -p -r1.66 strsclnt.c
--- ./mozilla/security/nss/cmd/strsclnt/strsclnt.c 10 Feb 2010 18:07:20 -0000 1.66
+++ ./mozilla/security/nss/cmd/strsclnt/strsclnt.c 2 Mar 2010 18:29:51 -0000
@@ -1325,6 +1325,15 @@ done:
return rv;
}
+static void
+PrintMsgAndExit(const char *progName, char opt)
+{
+ fprintf(stderr, "%s: option -%c requires argument\n", progName, opt);
+ Usage(progName);
+}
+
+#define REQUIRE_ARG(opt,value) if (!(value)) PrintMsgAndExit(progName, opt)
+
int
main(int argc, char **argv)
{
@@ -1364,33 +1373,57 @@ main(int argc, char **argv)
case 'B': bypassPKCS11 = PR_TRUE; break;
- case 'C': cipherString = optstate->value; break;
+ case 'C':
+ REQUIRE_ARG(optstate->option, optstate->value);
+ cipherString = optstate->value;
+ break;
case 'D': NoDelay = PR_TRUE; break;
case 'N': NoReuse = 1; break;
- case 'P': fullhs = PORT_Atoi(optstate->value); break;
+ case 'P':
+ REQUIRE_ARG(optstate->option, optstate->value);
+ fullhs = PORT_Atoi(optstate->value);
+ break;
case 'T': disableTLS = PR_TRUE; break;
case 'U': ThrottleUp = PR_TRUE; break;
- case 'a': sniHostName = PL_strdup(optstate->value); break;
+ case 'a':
+ REQUIRE_ARG(optstate->option, optstate->value);
+ sniHostName = PL_strdup(optstate->value);
+ break;
- case 'c': connections = PORT_Atoi(optstate->value); break;
+ case 'c':
+ REQUIRE_ARG(optstate->option, optstate->value);
+ connections = PORT_Atoi(optstate->value);
+ break;
- case 'd': dir = optstate->value; break;
+ case 'd':
+ REQUIRE_ARG(optstate->option, optstate->value);
+ dir = optstate->value;
+ break;
- case 'f': fileName = optstate->value; break;
+ case 'f':
+ REQUIRE_ARG(optstate->option, optstate->value);
+ fileName = optstate->value;
+ break;
case 'i': ignoreErrors = PR_TRUE; break;
- case 'n': nickName = PL_strdup(optstate->value); break;
+ case 'n':
+ REQUIRE_ARG(optstate->option, optstate->value);
+ nickName = PL_strdup(optstate->value);
+ break;
case 'o': MakeCertOK++; break;
- case 'p': port = PORT_Atoi(optstate->value); break;
+ case 'p':
+ REQUIRE_ARG(optstate->option, optstate->value);
+ port = PORT_Atoi(optstate->value);
+ break;
case 'q': QuitOnTimeout = PR_TRUE; break;
@@ -1407,11 +1440,13 @@ main(int argc, char **argv)
case 'v': verbose++; break;
case 'w':
+ REQUIRE_ARG(optstate->option, optstate->value);
pwdata.source = PW_PLAINTEXT;
pwdata.data = PL_strdup(optstate->value);
break;
case 'W':
+ REQUIRE_ARG(optstate->option, optstate->value);
pwdata.source = PW_FROMFILE;
pwdata.data = PL_strdup(optstate->value);
break;
@@ -1419,6 +1454,7 @@ main(int argc, char **argv)
case 'z': enableCompression = PR_TRUE; break;
case 0: /* positional parameter */
+ REQUIRE_ARG(optstate->option, optstate->value);
if (hostName) {
Usage(progName);
}
Index: ./mozilla/security/nss/cmd/tests/remtest.c
===================================================================
RCS file: /cvsroot/mozilla/security/nss/cmd/tests/remtest.c,v
retrieving revision 1.5
diff -u -p -r1.5 remtest.c
--- ./mozilla/security/nss/cmd/tests/remtest.c 8 Aug 2008 23:48:09 -0000 1.5
+++ ./mozilla/security/nss/cmd/tests/remtest.c 2 Mar 2010 18:29:51 -0000
@@ -69,6 +69,15 @@ Usage(char *progName)
exit(1);
}
+static void
+PrintMsgAndExit(const char *progName, char opt)
+{
+ fprintf(stderr, "%s: option -%c requires argument\n", progName, opt);
+ Usage(progName);
+}
+
+#define REQUIRE_ARG(opt,value) if (!(value)) PrintMsgAndExit(progName, opt)
+
int main(int argc, char **argv)
{
char * certDir = NULL;
@@ -92,10 +101,12 @@ int main(int argc, char **argv)
switch (optstate->option) {
case 'd':
+ REQUIRE_ARG(optstate->option, optstate->value);
certDir = strdup(optstate->value);
certDir = SECU_ConfigDirectory(certDir);
break;
case 't':
+ REQUIRE_ARG(optstate->option, optstate->value);
tokenName = strdup(optstate->value);
break;
case 'r':
Index: ./mozilla/security/nss/cmd/tstclnt/tstclnt.c
===================================================================
RCS file: /cvsroot/mozilla/security/nss/cmd/tstclnt/tstclnt.c,v
retrieving revision 1.62
diff -u -p -r1.62 tstclnt.c
--- ./mozilla/security/nss/cmd/tstclnt/tstclnt.c 10 Feb 2010 18:07:21 -0000 1.62
+++ ./mozilla/security/nss/cmd/tstclnt/tstclnt.c 2 Mar 2010 18:29:51 -0000
@@ -497,6 +497,15 @@ separateReqHeader(const PRFileDesc* outF
Usage(progName); \
}
+static void
+PrintMsgAndExit(const char *progName, char opt)
+{
+ fprintf(stderr, "%s: option -%c requires argument\n", progName, opt);
+ Usage(progName);
+}
+
+#define REQUIRE_ARG(opt,value) if (!(value)) PrintMsgAndExit(progName, opt)
+
int main(int argc, char **argv)
{
PRFileDesc * s;
@@ -563,38 +572,56 @@ int main(int argc, char **argv)
case 'B': bypassPKCS11 = 1; break;
- case 'S': skipProtoHeader = PR_TRUE; break;
+ case 'S': skipProtoHeader = PR_TRUE; break;
case 'T': disableTLS = 1; break;
- case 'a': if (!hs1SniHostName) {
- hs1SniHostName = PORT_Strdup(optstate->value);
- } else if (!hs2SniHostName) {
- hs2SniHostName = PORT_Strdup(optstate->value);
- } else {
- Usage(progName);
- }
- break;
-
- case 'c': cipherString = PORT_Strdup(optstate->value); break;
-
- case 'd': certDir = PORT_Strdup(optstate->value); break;
+ case 'a':
+ REQUIRE_ARG(optstate->option, optstate->value);
+ if (!hs1SniHostName) {
+ hs1SniHostName = PORT_Strdup(optstate->value);
+ } else if (!hs2SniHostName) {
+ hs2SniHostName = PORT_Strdup(optstate->value);
+ } else {
+ Usage(progName);
+ }
+ break;
+
+ case 'c':
+ REQUIRE_ARG(optstate->option,optstate->value);
+ cipherString = PORT_Strdup(optstate->value);
+ break;
+
+ case 'd':
+ REQUIRE_ARG(optstate->option,optstate->value);
+ certDir = PORT_Strdup(optstate->value);
+ break;
case 'f': clientSpeaksFirst = PR_TRUE; break;
- case 'h': host = PORT_Strdup(optstate->value); break;
+ case 'h':
+ REQUIRE_ARG(optstate->option,optstate->value);
+ host = PORT_Strdup(optstate->value);
+ break;
case 'm':
+ REQUIRE_ARG(optstate->option,optstate->value);
multiplier = atoi(optstate->value);
if (multiplier < 0)
multiplier = 0;
break;
- case 'n': nickname = PORT_Strdup(optstate->value); break;
+ case 'n':
+ REQUIRE_ARG(optstate->option,optstate->value);
+ nickname = PORT_Strdup(optstate->value);
+ break;
case 'o': override = 1; break;
- case 'p': portno = (PRUint16)atoi(optstate->value); break;
+ case 'p':
+ REQUIRE_ARG(optstate->option,optstate->value);
+ portno = (PRUint16)atoi(optstate->value);
+ break;
case 'q': pingServerFirst = PR_TRUE; break;
@@ -604,17 +631,22 @@ int main(int argc, char **argv)
case 'v': verbose++; break;
- case 'r': renegotiationsToDo = atoi(optstate->value); break;
-
- case 'w':
- pwdata.source = PW_PLAINTEXT;
- pwdata.data = PORT_Strdup(optstate->value);
- break;
-
- case 'W':
- pwdata.source = PW_FROMFILE;
- pwdata.data = PORT_Strdup(optstate->value);
- break;
+ case 'r':
+ REQUIRE_ARG(optstate->option,optstate->value);
+ renegotiationsToDo = atoi(optstate->value);
+ break;
+
+ case 'w':
+ REQUIRE_ARG(optstate->option,optstate->value);
+ pwdata.source = PW_PLAINTEXT;
+ pwdata.data = PORT_Strdup(optstate->value);
+ break;
+
+ case 'W':
+ REQUIRE_ARG(optstate->option,optstate->value);
+ pwdata.source = PW_FROMFILE;
+ pwdata.data = PORT_Strdup(optstate->value);
+ break;
case 'x': useExportPolicy = 1; break;
Index: ./mozilla/security/nss/cmd/vfychain/vfychain.c
===================================================================
RCS file: /cvsroot/mozilla/security/nss/cmd/vfychain/vfychain.c,v
retrieving revision 1.30
diff -u -p -r1.30 vfychain.c
--- ./mozilla/security/nss/cmd/vfychain/vfychain.c 1 Apr 2009 20:41:29 -0000 1.30
+++ ./mozilla/security/nss/cmd/vfychain/vfychain.c 2 Mar 2010 18:29:52 -0000
@@ -432,6 +432,15 @@ isOCSPEnabled()
return PR_FALSE;
}
+static void
+PrintMsgAndExit(const char *progName, char opt)
+{
+ fprintf(stderr, "%s: option -%c requires argument\n", progName, opt);
+ Usage(progName);
+}
+
+#define REQUIRE_ARG(opt,value) if (!(value)) PrintMsgAndExit(progName, opt)
+
int
main(int argc, char *argv[], char *envp[])
{
@@ -469,12 +478,19 @@ main(int argc, char *argv[], char *envp[
switch(optstate->option) {
case 0 : /* positional parameter */ goto breakout;
case 'a' : isAscii = PR_TRUE; break;
- case 'b' : secStatus = DER_AsciiToTime(&time, optstate->value);
- if (secStatus != SECSuccess) Usage(progName); break;
- case 'd' : certDir = PL_strdup(optstate->value); break;
+ case 'b' :
+ REQUIRE_ARG(optstate->option, optstate->value);
+ secStatus = DER_AsciiToTime(&time, optstate->value);
+ if (secStatus != SECSuccess) Usage(progName);
+ break;
+ case 'd' :
+ REQUIRE_ARG(optstate->option, optstate->value);
+ certDir = PL_strdup(optstate->value);
+ break;
case 'e' : ocsp_fetchingFailureIsAFailure = PR_FALSE; break;
case 'f' : certFetching = PR_TRUE; break;
case 'g' :
+ REQUIRE_ARG(optstate->option, optstate->value);
if (revMethodsData[revDataIndex].testTypeStr ||
revMethodsData[revDataIndex].methodTypeStr) {
revDataIndex += 1;
@@ -489,11 +505,13 @@ main(int argc, char *argv[], char *envp[
revMethodsData[revDataIndex].
testTypeStr = PL_strdup(optstate->value); break;
case 'h' :
+ REQUIRE_ARG(optstate->option, optstate->value);
revMethodsData[revDataIndex].
testFlagsStr = PL_strdup(optstate->value);break;
case 'i' : vfyCounts = PORT_Atoi(optstate->value); break;
break;
case 'm' :
+ REQUIRE_ARG(optstate->option, optstate->value);
if (revMethodsData[revDataIndex].methodTypeStr) {
revDataIndex += 1;
if (revDataIndex == REV_METHOD_INDEX_MAX) {
@@ -506,24 +524,33 @@ main(int argc, char *argv[], char *envp[
useDefaultRevFlags = PR_FALSE;
revMethodsData[revDataIndex].
methodTypeStr = PL_strdup(optstate->value); break;
- case 'o' : oidStr = PL_strdup(optstate->value); break;
+ case 'o' :
+ REQUIRE_ARG(optstate->option, optstate->value);
+ oidStr = PL_strdup(optstate->value);
+ break;
case 'p' : usePkix += 1; break;
case 'r' : isAscii = PR_FALSE; break;
case 's' :
+ REQUIRE_ARG(optstate->option, optstate->value);
revMethodsData[revDataIndex].
- methodFlagsStr = PL_strdup(optstate->value); break;
+ methodFlagsStr = PL_strdup(optstate->value);
+ break;
case 't' : trusted = PR_TRUE; break;
- case 'u' : usage = PORT_Atoi(optstate->value);
+ case 'u' :
+ REQUIRE_ARG(optstate->option,optstate->value);
+ usage = PORT_Atoi(optstate->value);
if (usage < 0 || usage > 62) Usage(progName);
certUsage = ((SECCertificateUsage)1) << usage;
if (certUsage > certificateUsageHighest) Usage(progName);
break;
case 'w':
+ REQUIRE_ARG(optstate->option,optstate->value);
pwdata.source = PW_PLAINTEXT;
pwdata.data = PORT_Strdup(optstate->value);
break;
case 'W':
+ REQUIRE_ARG(optstate->option, optstate->value);
pwdata.source = PW_FROMFILE;
pwdata.data = PORT_Strdup(optstate->value);
break;
Index: ./mozilla/security/nss/cmd/vfyserv/vfyserv.c
===================================================================
RCS file: /cvsroot/mozilla/security/nss/cmd/vfyserv/vfyserv.c,v
retrieving revision 1.17
diff -u -p -r1.17 vfyserv.c
--- ./mozilla/security/nss/cmd/vfyserv/vfyserv.c 8 Aug 2008 23:48:12 -0000 1.17
+++ ./mozilla/security/nss/cmd/vfyserv/vfyserv.c 2 Mar 2010 18:29:52 -0000
@@ -419,6 +419,15 @@ client_main(unsigned short port,
Usage(progName); \
}
+static void
+PrintMsgAndExit(const char *progName, char opt)
+{
+ fprintf(stderr, "%s: option -%c requires argument\n", progName, opt);
+ Usage(progName);
+}
+
+#define REQUIRE_ARG(opt,value) if (!(value)) PrintMsgAndExit(progName, opt)
+
int
main(int argc, char **argv)
{
@@ -442,23 +451,43 @@ main(int argc, char **argv)
optstate = PL_CreateOptState(argc, argv, "C:cd:f:l:n:p:ot:w:");
while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
switch(optstate->option) {
- case 'C' : cipherString = PL_strdup(optstate->value); break;
- case 'c' : dumpChain = PR_TRUE; break;
- case 'd' : certDir = PL_strdup(optstate->value); break;
- case 'l' : respUrl = PL_strdup(optstate->value); break;
- case 'p' : port = PORT_Atoi(optstate->value); break;
- case 'o' : doOcspCheck = PR_TRUE; break;
- case 't' : respCertName = PL_strdup(optstate->value); break;
- case 'w':
+ case 'C' :
+ REQUIRE_ARG(optstate->option, optstate->value);
+ cipherString = PL_strdup(optstate->value);
+ break;
+ case 'c' : dumpChain = PR_TRUE;
+ break;
+ case 'd' :
+ REQUIRE_ARG(optstate->option, optstate->value);
+ certDir = PL_strdup(optstate->value);
+ break;
+ case 'l' :
+ REQUIRE_ARG(optstate->option, optstate->value);
+ respUrl = PL_strdup(optstate->value);
+ break;
+ case 'p' :
+ REQUIRE_ARG(optstate->option,optstate->value);
+ port = PORT_Atoi(optstate->value);
+ break;
+ case 'o' : doOcspCheck = PR_TRUE;
+ break;
+ case 't' :
+ REQUIRE_ARG(optstate->option, optstate->value);
+ respCertName = PL_strdup(optstate->value);
+ break;
+ case 'w' :
+ REQUIRE_ARG(optstate->option, optstate->value);
pwdata.source = PW_PLAINTEXT;
pwdata.data = PORT_Strdup(optstate->value);
break;
-
case 'f':
+ REQUIRE_ARG(optstate->option, optstate->value);
pwdata.source = PW_FROMFILE;
pwdata.data = PORT_Strdup(optstate->value);
break;
- case '\0': hostName = PL_strdup(optstate->value); break;
+ case '\0':
+ REQUIRE_ARG(optstate->option,optstate->value);
+ hostName = PL_strdup(optstate->value); break;
default : Usage(progName);
}
}
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/nss/F-13/.cvsignore,v
retrieving revision 1.30
retrieving revision 1.31
diff -u -p -r1.30 -r1.31
--- .cvsignore 12 Jan 2010 22:25:57 -0000 1.30
+++ .cvsignore 6 Mar 2010 23:04:34 -0000 1.31
@@ -1,4 +1,4 @@
-nss-3.12.5-stripped.tar.bz2
+nss-3.12.6-stripped.tar.bz2
nss-pem-20091210.tar.bz2
blank-cert8.db
blank-key3.db
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/nss/F-13/sources,v
retrieving revision 1.32
retrieving revision 1.33
diff -u -p -r1.32 -r1.33
--- sources 12 Jan 2010 22:25:57 -0000 1.32
+++ sources 6 Mar 2010 23:04:34 -0000 1.33
@@ -1,4 +1,4 @@
-51c5958153b6c01fada2e74cedc66835 nss-3.12.5-stripped.tar.bz2
+3902499c8e02b02d4944f21d3c6a839f nss-3.12.6-stripped.tar.bz2
82c2c72c961f2783c8e975a42fa939cf nss-pem-20091210.tar.bz2
a5ae49867124ac75f029a9a33af31bad blank-cert8.db
9315689bbd9f28ceebd47894f99fccbd blank-key3.db
Index: nss.spec
===================================================================
RCS file: /cvs/pkgs/rpms/nss/F-13/nss.spec,v
retrieving revision 1.140
retrieving revision 1.141
diff -u -p -r1.140 -r1.141
--- nss.spec 25 Jan 2010 22:10:27 -0000 1.140
+++ nss.spec 6 Mar 2010 23:04:34 -0000 1.141
@@ -1,24 +1,24 @@
-%global nspr_version 4.8
-%global nss_util_version 3.12.5
+%global nspr_version 4.8.4
+%global nss_util_version 3.12.6
%global nss_softokn_version 3.12.4
%global nss_softokn_fips_version 3.12.4
%global unsupported_tools_directory %{_libdir}/nss/unsupported-tools
Summary: Network Security Services
Name: nss
-Version: 3.12.5
-Release: 9%{?dist}
+Version: 3.12.6
+Release: 1.1%{?dist}
License: MPLv1.1 or GPLv2+ or LGPLv2+
URL: http://www.mozilla.org/projects/security/pki/nss/
Group: System Environment/Libraries
Requires: nspr >= %{nspr_version}
-Requires: nss-util >= %{nss_util_version}
+Requires: nss-util = %{nss_util_version}
Requires: nss-softokn%{_isa} = %{nss_softokn_fips_version}
Requires: nss-system-init
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: nspr-devel >= %{nspr_version}
BuildRequires: nss-softokn-devel = %{nss_softokn_version}
-BuildRequires: nss-util-devel >= %{nss_util_version}
+BuildRequires: nss-util-devel = %{nss_util_version}
BuildRequires: sqlite-devel
BuildRequires: zlib-devel
BuildRequires: pkgconfig
@@ -40,14 +40,9 @@ Source9: setup-nsssysinit.sh
Source12: %{name}-pem-20091210.tar.bz2
Patch2: nss-nolocalsql.patch
+Patch3: renegotiate-transitional.patch
+Patch4: validate-arguments.patch
Patch6: nss-enable-pem.patch
-Patch7: 533125-ammend.patch
-Patch8: nss-sysinit.patch
-Patch9: 540387.patch
-Patch10: 545779.patch
-Patch11: 546221.patch
-Patch12: 547860.patch
-Patch13: 553638.patch
%description
Network Security Services (NSS) is a set of libraries designed to
@@ -112,15 +107,11 @@ low level services.
%setup -q
%setup -q -T -D -n %{name}-%{version} -a 12
-%patch2 -p0
+%patch2 -p0 -b .nolocalsql
+%patch3 -p0 -b .transitional
+%patch4 -p0 -b .validate
%patch6 -p0 -b .libpem
-%patch7 -p0 -b .533125
-%patch8 -p0 -b .sysinit
-%patch9 -p1 -b .540387
-%patch10 -p0 -b .545779
-%patch11 -p1 -b .546221
-%patch12 -p1 -b .547860
-%patch13 -p1 -b .553638
+
%build
@@ -242,6 +233,12 @@ rm -rf ./mozilla/tests_results
cd ./mozilla/security/nss/tests/
# all.sh is the test suite script
+# don't need to run all the tests when testing packaging
+# nss_cycles: standard pkix upgradedb sharedb
+# nss_tests: cipher libpkix cert dbtests tools fips sdr crmf smime ssl ocsp merge pkits chains
+# nss_ssl_tests: crl bypass_normal normal_bypass normal_fips fips_normal iopr
+# nss_ssl_run: cov auth stress
+
# Temporarily disabling the ssl test suites
# until bug 539183 gets resolved
%global nss_ssl_tests " "
@@ -487,6 +484,11 @@ rm -rf $RPM_BUILD_ROOT/%{_includedir}/ns
%changelog
+* Sat Mar 06 2010 Elio Maldonado <emaldona at redhat.com> - 3.12.6-1.1
+- Update to 3.12.6
+- Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period
+- Patch tools to validate command line options arguments
+
* Mon Jan 25 2010 Elio Maldonado <emaldona at redhat.com> - 3.12.5-8
- Fix curl related regression and general patch code clean up
- Previous message: rpms/nss/F-13 533125-ammend.patch, 1.1, NONE 540387.patch, 1.1, NONE 545779.patch, 1.1, NONE 546221.patch, 1.4, NONE 547860.patch, 1.2, NONE 553638.patch, 1.2, NONE nss-no-rpath.patch, 1.1, NONE nss-sysinit.patch, 1.2, NONE
- Next message: rpms/nss/F-13 nss-nolocalsql.patch,1.8,1.9
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the scm-commits
mailing list