[evolution/f14/master] Add patch for Gnome bug #626066 (login to NSS on demand) Add patch for Gnome bug #626066 (login to N
Milan Crha
mcrha at fedoraproject.org
Tue Sep 14 13:51:45 UTC 2010
commit 6d55933ea138eb608d8f8149d45cf71fd65dd63d
Author: Milan Crha <mcrha at redhat.com>
Date: Tue Sep 14 15:59:19 2010 +0200
Add patch for Gnome bug #626066 (login to NSS on demand)
Add patch for Gnome bug #626066 (login to NSS on demand)# with '#' will be ignored, and an empty message aborts the commit.
evolution-2.31.92-gn626066.patch | 137 ++++++++++++++++++++++++++++++++++++++
evolution.spec | 7 ++-
2 files changed, 143 insertions(+), 1 deletions(-)
---
diff --git a/evolution-2.31.92-gn626066.patch b/evolution-2.31.92-gn626066.patch
new file mode 100644
index 0000000..5d25293
--- /dev/null
+++ b/evolution-2.31.92-gn626066.patch
@@ -0,0 +1,137 @@
+From c33a84d443f6a340fc247531b6bc8c9997b52aba Mon Sep 17 00:00:00 2001
+From: David Woodhouse <David.Woodhouse at intel.com>
+Date: Mon, 13 Sep 2010 20:00:25 +0000
+Subject: Bug 626066 - log in to NSS database on demand for changing trust
+
+---
+diff --git a/smime/gui/cert-trust-dialog.c b/smime/gui/cert-trust-dialog.c
+index 9c87c66..66ce69b 100644
+--- a/smime/gui/cert-trust-dialog.c
++++ b/smime/gui/cert-trust-dialog.c
+@@ -73,7 +73,7 @@ ctd_response(GtkWidget *w, guint id, CertTrustDialogData *data)
+ e_cert_trust_add_peer_trust (&trust, FALSE,
+ gtk_toggle_button_get_active(GTK_TOGGLE_BUTTON (data->trust_button)),
+ FALSE);
+- CERT_ChangeCertTrust (CERT_GetDefaultCertDB(), icert, &trust);
++ e_cert_db_change_cert_trust (icert, &trust);
+ break;
+ case GTK_RESPONSE_ACCEPT: {
+ /* just *what on earth* was chris thinking here!?!?! copied from certificate-manager.c */
+@@ -101,7 +101,7 @@ ctd_response(GtkWidget *w, guint id, CertTrustDialogData *data)
+ trust_email,
+ trust_objsign);
+
+- CERT_ChangeCertTrust(CERT_GetDefaultCertDB(), icert, &trust);
++ e_cert_db_change_cert_trust (icert, &trust);
+ }
+
+ gtk_widget_destroy (dialog);
+diff --git a/smime/gui/certificate-manager.c b/smime/gui/certificate-manager.c
+index d0823b8..5a5b204 100644
+--- a/smime/gui/certificate-manager.c
++++ b/smime/gui/certificate-manager.c
+@@ -679,7 +679,7 @@ edit_ca (GtkWidget *widget, CertificateManagerData *cfm)
+ trust_email,
+ trust_objsign);
+
+- CERT_ChangeCertTrust (CERT_GetDefaultCertDB(), icert, &trust);
++ e_cert_db_change_cert_trust (icert, &trust);
+ }
+
+ gtk_widget_destroy (dialog);
+@@ -1097,18 +1097,13 @@ certificate_manager_config_new (EPreferencesWindow *window)
+ GtkWidget *parent;
+ GtkWidget *widget;
+ CertificateManagerData *cfm_data;
+- PK11SlotInfo* slot;
+- ECertDB *cert_db;
+
+ shell = e_preferences_window_get_shell (window);
+
+ g_return_val_if_fail (E_IS_SHELL (shell), NULL);
+
+ /* We need to peek the db here to make sure it (and NSS) are fully initialized. */
+-
+- cert_db = e_cert_db_peek();
+- slot = PK11_GetInternalKeySlot();
+- e_cert_db_login_to_slot(cert_db, slot);
++ e_cert_db_peek ();
+
+ cfm_data = g_new0 (CertificateManagerData, 1);
+
+diff --git a/smime/lib/e-cert-db.c b/smime/lib/e-cert-db.c
+index 2e23df2..48458fa 100644
+--- a/smime/lib/e-cert-db.c
++++ b/smime/lib/e-cert-db.c
+@@ -936,7 +936,18 @@ handle_ca_cert_download(ECertDB *cert_db, GList *certs, GError **error)
+ nickname,
+ &trust);
+
+- if (srv != SECSuccess && PORT_GetError() != SEC_ERROR_TOKEN_NOT_LOGGED_IN) {
++ /*
++ If this fails with SEC_ERROR_TOKEN_NOT_LOGGED_IN, it seems
++ that the import *has* worked, but the setting of trust bits
++ failed -- so only set the trust. This *has* to be an NSS bug?
++ */
++ if (srv != SECSuccess &&
++ PORT_GetError () == SEC_ERROR_TOKEN_NOT_LOGGED_IN &&
++ e_cert_db_login_to_slot (NULL, PK11_GetInternalKeySlot()))
++ srv = CERT_ChangeCertTrust (CERT_GetDefaultCertDB (),
++ tmpCert, &trust);
++
++ if (srv != SECSuccess) {
+ set_nss_error (error);
+ return FALSE;
+ }
+@@ -971,6 +982,27 @@ handle_ca_cert_download(ECertDB *cert_db, GList *certs, GError **error)
+ return TRUE;
+ }
+ }
++gboolean e_cert_db_change_cert_trust(CERTCertificate *cert, CERTCertTrust *trust)
++{
++ SECStatus srv;
++
++ srv = CERT_ChangeCertTrust (CERT_GetDefaultCertDB (),
++ cert, trust);
++ if (srv != SECSuccess &&
++ PORT_GetError () == SEC_ERROR_TOKEN_NOT_LOGGED_IN &&
++ e_cert_db_login_to_slot (NULL, PK11_GetInternalKeySlot()))
++ srv = CERT_ChangeCertTrust (CERT_GetDefaultCertDB (),
++ cert, trust);
++
++ if (srv != SECSuccess) {
++ glong err = PORT_GetError ();
++ g_warning ("CERT_ChangeCertTrust() failed: %s\n",
++ nss_error_to_string(err));
++ return FALSE;
++ }
++ return TRUE;
++}
++
+
+ /* deleting certificates */
+ gboolean
+@@ -998,8 +1030,7 @@ e_cert_db_delete_cert (ECertDB *certdb,
+ CERTCertTrust trust;
+
+ e_cert_trust_init_with_values (&trust, 0, 0, 0);
+- CERT_ChangeCertTrust(CERT_GetDefaultCertDB(),
+- cert, &trust);
++ e_cert_db_change_cert_trust (cert, &trust);
+ }
+
+ return TRUE;
+diff --git a/smime/lib/e-cert-db.h b/smime/lib/e-cert-db.h
+index 7d5f185..6e1bc5a 100644
+--- a/smime/lib/e-cert-db.h
++++ b/smime/lib/e-cert-db.h
+@@ -142,4 +142,7 @@ gboolean e_cert_db_export_pkcs12_file (ECertDB *cert_db,
+ gboolean e_cert_db_login_to_slot (ECertDB *cert_db,
+ PK11SlotInfo *slot);
+
++gboolean e_cert_db_change_cert_trust (CERTCertificate *cert,
++ CERTCertTrust *trust);
++
+ #endif /* _E_CERT_DB_H_ */
+--
+cgit v0.8.3.1
diff --git a/evolution.spec b/evolution.spec
index 90dc467..f462b0b 100644
--- a/evolution.spec
+++ b/evolution.spec
@@ -55,6 +55,9 @@ Patch12: evolution-2.9.1-im-context-reset.patch
# RH bug #589555
Patch13: evolution-2.30.1-help-contents.patch
+# RH bug #626066
+Patch14: evolution-2.31.92-gn626066.patch
+
## Dependencies ###
Requires(pre): GConf2
@@ -207,6 +210,7 @@ This package contains the plugin to import Microsoft Personal Storage Table
%patch10 -p1 -b .ldaphack
%patch12 -p1 -b .im-context-reset
%patch13 -p1 -b .help-contents
+%patch14 -p1 -b .gn626066
mkdir -p krb5-fakeprefix/include
mkdir -p krb5-fakeprefix/lib
@@ -615,8 +619,9 @@ rm -rf $RPM_BUILD_ROOT
%endif
%changelog
-* Mon Sep 13 2010 Milan Crha <mcrha at redhat.com> - 2.31.92.fc14
+* Mon Sep 13 2010 Milan Crha <mcrha at redhat.com> - 2.31.92-1.fc14
- Update to 2.31.92
+- Add patch for Gnome bug #626066 (login to NSS on demand)
* Mon Aug 30 2010 Milan Crha <mcrha at redhat.com> - 2.31.91-1.fc14
- Update to 2.31.91
More information about the scm-commits
mailing list