[nss-softokn] - Bug 770999 - Fix segmentation violation when turning on fips mode
Elio Maldonado
emaldonado at fedoraproject.org
Fri Dec 30 22:42:05 UTC 2011
commit d63e2bcec060be760e870391f96419e8163e6b2e
Author: Elio Maldonado <emaldona at redhat.com>
Date: Fri Dec 30 14:40:31 2011 -0800
- Bug 770999 - Fix segmentation violation when turning on fips mode
- Replace the prelink patch with the one submitted upstream
- Reintroduce the iquote patch but don't apply it unless needed
iquote.patch | 25 +++++++++++++++++++++++++
nss-softokn-3.12.4-prelink.patch | 24 +++++++-----------------
nss-softokn.spec | 19 ++++++++++++++++++-
3 files changed, 50 insertions(+), 18 deletions(-)
---
diff --git a/iquote.patch b/iquote.patch
new file mode 100644
index 0000000..30a0ef6
--- /dev/null
+++ b/iquote.patch
@@ -0,0 +1,25 @@
+diff -up ./mozilla/security/coreconf/location.mk.iquote ./mozilla/security/coreconf/location.mk
+--- ./mozilla/security/coreconf/location.mk.iquote 2010-06-11 17:58:32.000000000 -0700
++++ ./mozilla/security/coreconf/location.mk 2011-12-13 21:36:05.966187158 -0800
+@@ -85,6 +85,10 @@ endif
+
+ ifdef NSSUTIL_INCLUDE_DIR
+ INCLUDES += -I$(NSSUTIL_INCLUDE_DIR)
++ ifdef IN_TREE_FREEBL_HEADERS_FIRST
++ INCLUDES += -iquote $(DIST)/../public/nss
++ INCLUDES += -iquote $(DIST)/../private/nss
++ endif
+ endif
+
+ ifndef NSSUTIL_LIB_DIR
+diff -up ./mozilla/security/nss/cmd/bltest/Makefile.iquote ./mozilla/security/nss/cmd/bltest/Makefile
+--- ./mozilla/security/nss/cmd/bltest/Makefile.iquote 2004-04-25 08:02:39.000000000 -0700
++++ ./mozilla/security/nss/cmd/bltest/Makefile 2011-12-13 21:39:40.891182125 -0800
+@@ -77,6 +77,7 @@ include $(CORE_DEPTH)/coreconf/rules.mk
+ # (6) Execute "component" rules. (OPTIONAL) #
+ #######################################################################
+
++INCLUDES += -iquote $(DIST)/../private/nss
+
+
+ #######################################################################
diff --git a/nss-softokn-3.12.4-prelink.patch b/nss-softokn-3.12.4-prelink.patch
index 2ac26a3..0c55e5b 100644
--- a/nss-softokn-3.12.4-prelink.patch
+++ b/nss-softokn-3.12.4-prelink.patch
@@ -1,20 +1,10 @@
-diff -up ./mozilla/security/nss/lib/freebl/Makefile.prelink ./mozilla/security/nss/lib/freebl/Makefile
-diff -up ./mozilla/security/nss/lib/freebl/shvfy.c.prelink ./mozilla/security/nss/lib/freebl/shvfy.c
---- ./mozilla/security/nss/lib/freebl/shvfy.c.prelink 2011-12-13 09:02:42.554226434 -0800
-+++ ./mozilla/security/nss/lib/freebl/shvfy.c 2011-12-13 09:05:51.152222223 -0800
-@@ -486,6 +486,9 @@ BLAPI_SHVerifyFile(const char *shName)
-
-
- loser:
-+ if (shName != NULL) {
-+ PR_Free(shName);
-+ }
- if (checkName != NULL) {
- PORT_Free(checkName);
- }
-diff -up ./mozilla/security/nss/lib/freebl/stubs.c.prelink ./mozilla/security/nss/lib/freebl/stubs.c
---- ./mozilla/security/nss/lib/freebl/stubs.c.prelink 2011-12-13 09:02:13.210227199 -0800
-+++ ./mozilla/security/nss/lib/freebl/stubs.c 2011-12-13 09:07:01.296220776 -0800
+Index: mozilla/security/nss/lib/freebl/stubs.c
+===================================================================
+RCS file: /cvsroot/mozilla/security/nss/lib/freebl/stubs.c,v
+retrieving revision 1.11
+diff -u -p -r1.11 stubs.c
+--- mozilla/security/nss/lib/freebl/stubs.c 30 Mar 2011 01:20:12 -0000 1.11
++++ mozilla/security/nss/lib/freebl/stubs.c 20 Oct 2011 15:45:40 -0000
@@ -156,6 +156,7 @@ STUB_DECLARE(void,PR_DestroyCondVar,(PRC
STUB_DECLARE(void,PR_Free,(void *ptr));
STUB_DECLARE(char * ,PR_GetLibraryFilePathname,(const char *name,
diff --git a/nss-softokn.spec b/nss-softokn.spec
index 9190ba5..1ac32db 100644
--- a/nss-softokn.spec
+++ b/nss-softokn.spec
@@ -17,7 +17,7 @@
Summary: Network Security Services Softoken Module
Name: nss-softokn
Version: 3.13.1
-Release: 14%{?dist}
+Release: 15%{?dist}
License: MPLv1.1 or GPLv2+ or LGPLv2+
URL: http://www.mozilla.org/projects/security/pki/nss/
Group: System Environment/Libraries
@@ -56,6 +56,14 @@ Patch2: nss-softokn-3.12.4-prelink.patch
Patch5: drbg.patch
# TODO: Open upstream bug and submmit a patch for this
Patch8: softoken-minimal-test-dependencies.patch
+# This patch uses the gcc-iquote dir option documented at
+# http://gcc.gnu.org/onlinedocs/gcc/Directory-Options.html#Directory-Options
+# to place the in-tree directories at the head of the list on list of directories
+# to be searched for for header files. This is ensures a build even when system freebl
+# headers are older. Such is the case when we are starting a major update.
+# NSSUTIL_INCLUDE_DIR, after all, contains both util and freebl headers.
+# Once has been bootstapped the patch may be removed, but it doesn't hurt to keep it.
+Patch9: iquote.patch
%description
Network Security Services Softoken Cryptographic Module
@@ -109,6 +117,8 @@ Header and Library files for doing development with Network Security Services.
%patch2 -p0 -b .prelink
%patch5 -p0 -b .drbg
%patch8 -p0 -b .crypto
+# activate if needed when doing a major update with new apis
+#%patch9 -p0 -b .iquote
%build
@@ -153,6 +163,9 @@ USE_64=1
export USE_64
%endif
+# uncomment if the iguote patch is activated
+#export IN_TREE_FREEBL_HEADERS_FIRST=1
+
# Compile softokn plus needed support
%{__make} -C ./mozilla/security/coreconf
%{__make} -C ./mozilla/security/dbm
@@ -373,6 +386,10 @@ done
%{_includedir}/nss3/shsign.h
%changelog
+* Fri Dec 30 2011 Elio Maldonado <emaldona at redhat.com> - 3.13.1-15
+- Bug 770999 - Fix segmentation violation when turning on fips mode
+- Reintroduce the iquote patch but don't apply it unless needed
+
* Tue Dec 13 2011 Elio Maldonado <emaldona at redhat.com> - 3.12.9-14
- Restore the update to 3.13.1
- Update the patch for freebl to deal with prelinked shared libraries
More information about the scm-commits
mailing list