[nss-softokn/f15: 3/3] Update to NSS_3_13_4_RTM
Elio Maldonado
emaldonado at fedoraproject.org
Sat Apr 7 18:14:10 UTC 2012
commit d97ee9f7ec487ea38e0c2cd614cc494e45916ff9
Author: Elio Maldonado <emaldona at redhat.com>
Date: Sat Apr 7 11:13:03 2012 -0700
Update to NSS_3_13_4_RTM
.gitignore | 2 +-
linux3.patch | 31 -----
mozilla-crypto-strip.sh | 128 +++++++++++++++++++
nss-softokn-3.12.4-fips-fix.patch | 11 --
nss-softokn-710298.patch | 14 --
nss-softokn-748524.patch | 157 -----------------------
nss-softokn.spec | 48 +++++---
softoken-minimal-test-dependencies.patch | 200 +++++++++++++----------------
sources | 2 +-
9 files changed, 250 insertions(+), 343 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 40e7163..8443d70 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1 @@
-nss-softokn-3.13.3-stripped.tar.bz2
+/nss-softokn-3.13.4-stripped.tar.bz2
diff --git a/mozilla-crypto-strip.sh b/mozilla-crypto-strip.sh
new file mode 100755
index 0000000..4edcbf0
--- /dev/null
+++ b/mozilla-crypto-strip.sh
@@ -0,0 +1,128 @@
+#!/bin/sh
+set -e
+
+if test -z $1
+then
+ echo "usage: $0 <input-tarball>"
+ exit
+fi
+
+ORIGDIR=`pwd`
+WORKDIR=nss_ecc_strip_working_dir
+EXTENSION=`echo $1 | sed -r 's#^(.*)(.tar.bz2|.tbz2|.tar.gz|.tgz)$#\2#'`
+BASE=`echo $1 | sed -r 's#^(.*)(.tar.bz2|.tbz2|.tar.gz|.tgz)$#\1#'`
+COMPRESS=""
+
+if test "x$EXTENSION" = "x.tar.bz2" || test "x$EXTENSION" = "x.tbz2"
+then
+ COMPRESS="j"
+fi
+
+if test "x$EXTENSION" = "x.tar.gz" || test "x$EXTENSION" = "x.tgz"
+then
+ COMPRESS="z"
+fi
+
+if test "x$COMPRESS" = "x"
+then
+ echo "unable to process, input file $1 has unsupported extension"
+ exit
+fi
+
+echo "== extension is $EXTENSION - ok"
+echo "== new extension will be $JEXTENSION"
+echo "== cleaning old workdir $WORKDIR"
+
+rm -rf $WORKDIR
+mkdir $WORKDIR
+
+echo "== extracting input archive $1"
+tar -x -$COMPRESS -C $WORKDIR -f $1
+
+echo "changing into $WORKDIR"
+pushd $WORKDIR
+
+DIRCOUNT=`ls -1 | wc -l`
+if test $DIRCOUNT -ne 1
+then
+ echo "unable to process, $1 contains more than one toplevel directory"
+ exit
+fi
+
+TOPDIR=`ls -1`
+if test "x$TOPDIR" != "xmozilla"
+then
+ # try to deal with a single additional subdirectory above "mozilla"
+ echo "== skipping toplevel directory $TOPDIR"
+ cd $TOPDIR
+fi
+
+DIRCOUNT=`ls -1 | wc -l`
+if test $DIRCOUNT -ne 1
+then
+ echo "unable to process, $1 contains more than one second level directory"
+ exit
+fi
+
+SINGLEDIR=`ls -1`
+if test "x$SINGLEDIR" != "xmozilla"
+then
+ echo "unable to process, first or second level directory is not mozilla"
+ exit
+fi
+
+echo "== input archive accepted, now processing"
+
+REALFREEBLDIR=mozilla/security/nss/lib/freebl
+FREEBLDIR=./$REALFREEBLDIR
+
+rm -rf ./mozilla/security/nss/cmd/ecperf
+
+mv ${FREEBLDIR}/ecl/ecl-exp.h ${FREEBLDIR}/save
+rm -rf ${FREEBLDIR}/ecl/tests
+rm -rf ${FREEBLDIR}/ecl/CVS
+for i in ${FREEBLDIR}/ecl/* ; do
+echo clobbering $i
+ > $i
+done
+mv ${FREEBLDIR}/save ${FREEBLDIR}/ecl/ecl-exp.h
+
+for j in ${FREEBLDIR}/ec.*; do
+ echo unifdef $j
+ cat $j | \
+ awk 'BEGIN {ech=1; prt=0;} \
+ /^#[ \t]*ifdef.*NSS_ENABLE_ECC/ {ech--; next;} \
+ /^#[ \t]*if/ {if(ech < 1) ech--;} \
+ {if(ech>0) {;print $0};} \
+ /^#[ \t]*endif/ {if(ech < 1) ech++;} \
+ {if (prt && (ech<=0)) {;print $0}; } \
+ {if (ech>0) {prt=0;} } \
+ /^#[ \t]*else/ {if (ech == 0) prt=1;}' > $j.hobbled && \
+ mv $j.hobbled $j
+done
+
+echo "== returning to original directory"
+popd
+
+JCOMPRESS=j
+JEXTENSION=.tar.bz2
+NEWARCHIVE=$BASE-stripped$JEXTENSION
+echo "== finally producing new archive $NEWARCHIVE"
+tar -c -$JCOMPRESS -C $WORKDIR -f $NEWARCHIVE $TOPDIR
+
+echo "== all done, listing of old and new archive:"
+ls -l $1
+ls -l $NEWARCHIVE
+
+LISTING_DIR=""
+if test "x$TOPDIR" != "xmozilla"
+then
+ LISTING_DIR="$TOPDIR/$REALFREEBLDIR/ecl"
+else
+ LISTING_DIR="$REALFREEBLDIR/ecl"
+fi
+
+echo "== FYI, producing listing of stripped dir in new archive"
+tar -t -v -$JCOMPRESS -C $WORKDIR -f $NEWARCHIVE $LISTING_DIR
+
+
diff --git a/nss-softokn.spec b/nss-softokn.spec
index 270c290..8d07b95 100644
--- a/nss-softokn.spec
+++ b/nss-softokn.spec
@@ -1,6 +1,6 @@
%global nspr_version 4.9
%global nss_name nss
-%global nss_util_version 3.13.3
+%global nss_util_version 3.13.4
%global unsupported_tools_directory %{_libdir}/nss/unsupported-tools
%global saved_files_dir %{_libdir}/nss/saved
@@ -16,8 +16,8 @@
Summary: Network Security Services Softoken Module
Name: nss-softokn
-Version: 3.13.3
-Release: 2.1%{?dist}
+Version: 3.13.4
+Release: 1%{?dist}
License: MPLv1.1 or GPLv2+ or LGPLv2+
URL: http://www.mozilla.org/projects/security/pki/nss/
Group: System Environment/Libraries
@@ -35,19 +35,27 @@ BuildRequires: psmisc
BuildRequires: perl
Source0: %{name}-%{version}-stripped.tar.bz2
-# The nss-softokn tar ball is a subset of nss-{version}-stripped.tar.bz2,
-# Therefore we use the nss-split-softokn.sh script to keep only what we need.
-# Download the nss tarball via git from the nss project and follow these
-# steps to make the tarball for nss-util out of the one for nss:
-# fedpkg clone nss
+# The nss-softokn tar ball is a subset of nss-{version}-stripped.tar.bz2.
+# We use the nss-split-softokn.sh script to keep only what we need.
+# We first produce the full source archive from from the upstream,
+# nss-{version}-stripped.tar.gz, by running mozilla-crypto-strip.sh
+# to remove any non-free sources and then split off nss-softokn from nss
+# via nss-split-util.sh ${version}
+# Detailed Steps:
# fedpkg clone nss-softokn
# cd nss-softokn
-# cp ../../nss/devel/${version}-stripped.tar.bz2 .
+# Download the nss-{version}-stripped.tar.gz tarball from upstream
+# Strip-off unwanted sources with
+# ./mozilla-crypto-srip.sh nss-{version}-stripped.tar.gz
+# which produces nss-{version}-stripped.tar.bz2
+# Make the source tarball for nss-softokn out of the nss stripped one:
# sh ./nss-split-softokn.sh ${version}
# A file named {name}-{version}-stripped.tar.bz2 should appear
-Source1: nss-split-softokn.sh
-Source2: nss-softokn.pc.in
-Source3: nss-softokn-config.in
+# which is ready for uploading to the lookaside cache.
+Source1: mozilla-crypto-strip.sh
+Source2: nss-split-softokn.sh
+Source3: nss-softokn.pc.in
+Source4: nss-softokn-config.in
Patch1: add-relro-linker-option.patch
# Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=562116
@@ -105,7 +113,7 @@ BuildRequires: nss-util-devel >= %{nss_util_version}
BuildRequires: nss-devel >= 3.12.2.99.3-11
%description devel
-Header and Library files for doing development with Network Security Services.
+Header and library files for doing development with Network Security Services.
%prep
@@ -115,7 +123,7 @@ Header and Library files for doing development with Network Security Services.
%patch5 -p0 -b .drbg
%patch8 -p0 -b .crypto
# activate if needed when doing a major update with new apis
-%patch9 -p0 -b .iquote
+#%patch9 -p0 -b .iquote
%build
@@ -171,8 +179,8 @@ USE_64=1
export USE_64
%endif
-# uncommenting since the iquote patch is activated
-export IN_TREE_FREEBL_HEADERS_FIRST=1
+# uncomment if the iquote patch is activated
+#export IN_TREE_FREEBL_HEADERS_FIRST=1
# Compile softokn plus needed support
%{__make} -C ./mozilla/security/coreconf
@@ -183,7 +191,7 @@ export IN_TREE_FREEBL_HEADERS_FIRST=1
# The nspr_version and nss_util_version globals used here
# must match the ones nss-softokn has for its Requires.
%{__mkdir_p} ./mozilla/dist/pkgconfig
-%{__cat} %{SOURCE2} | sed -e "s,%%libdir%%,%{_libdir},g" \
+%{__cat} %{SOURCE3} | sed -e "s,%%libdir%%,%{_libdir},g" \
-e "s,%%prefix%%,%{_prefix},g" \
-e "s,%%exec_prefix%%,%{_prefix},g" \
-e "s,%%includedir%%,%{_includedir}/nss3,g" \
@@ -200,7 +208,7 @@ export SOFTOKEN_VMAJOR
export SOFTOKEN_VMINOR
export SOFTOKEN_VPATCH
-%{__cat} %{SOURCE3} | sed -e "s, at libdir@,%{_libdir},g" \
+%{__cat} %{SOURCE4} | sed -e "s, at libdir@,%{_libdir},g" \
-e "s, at prefix@,%{_prefix},g" \
-e "s, at exec_prefix@,%{_prefix},g" \
-e "s, at includedir@,%{_includedir}/nss3,g" \
@@ -334,6 +342,7 @@ done
%{__install} -p -m 644 ./mozilla/dist/pkgconfig/nss-softokn.pc $RPM_BUILD_ROOT/%{_libdir}/pkgconfig/nss-softokn.pc
%{__install} -p -m 755 ./mozilla/dist/pkgconfig/nss-softokn-config $RPM_BUILD_ROOT/%{_bindir}/nss-softokn-config
+
%clean
%{__rm} -rf $RPM_BUILD_ROOT
@@ -393,6 +402,9 @@ done
%{_includedir}/nss3/shsign.h
%changelog
+* Sat Apr 07 2012 Elio Maldonado <emaldona at redhat.com> - 3.13.4-1
+- Update to NSS_3_13_4
+
* Wed Mar 28 2012 Elio Maldonado <emaldona at redhat.com> - 3.13.3-2.1
- Resolves: Bug 805719 - Library needs partial RELRO support added
diff --git a/softoken-minimal-test-dependencies.patch b/softoken-minimal-test-dependencies.patch
index 01c439b..52abbff 100644
--- a/softoken-minimal-test-dependencies.patch
+++ b/softoken-minimal-test-dependencies.patch
@@ -1,6 +1,6 @@
diff -up ./mozilla/security/nss/cmd/lib/manifest.mn.crypto ./mozilla/security/nss/cmd/lib/manifest.mn
--- ./mozilla/security/nss/cmd/lib/manifest.mn.crypto 2011-09-16 12:16:50.000000000 -0700
-+++ ./mozilla/security/nss/cmd/lib/manifest.mn 2012-03-01 13:52:51.826116574 -0800
++++ ./mozilla/security/nss/cmd/lib/manifest.mn 2012-04-01 13:15:51.536584250 -0700
@@ -48,11 +48,6 @@ PRIVATE_EXPORTS = secutil.h \
$(NULL)
@@ -14,8 +14,8 @@ diff -up ./mozilla/security/nss/cmd/lib/manifest.mn.crypto ./mozilla/security/ns
$(NULL)
diff -up ./mozilla/security/nss/cmd/lib/secutil.c.crypto ./mozilla/security/nss/cmd/lib/secutil.c
---- ./mozilla/security/nss/cmd/lib/secutil.c.crypto 2011-11-16 11:12:30.000000000 -0800
-+++ ./mozilla/security/nss/cmd/lib/secutil.c 2012-03-01 13:58:46.550116160 -0800
+--- ./mozilla/security/nss/cmd/lib/secutil.c.crypto 2012-03-10 06:55:34.000000000 -0800
++++ ./mozilla/security/nss/cmd/lib/secutil.c 2012-04-01 13:15:51.538584248 -0700
@@ -48,10 +48,7 @@
#include "prenv.h"
#include "prnetdb.h"
@@ -27,7 +27,7 @@ diff -up ./mozilla/security/nss/cmd/lib/secutil.c.crypto ./mozilla/security/nss/
#include <stdarg.h>
#if !defined(_WIN32_WCE)
#include <sys/stat.h>
-@@ -62,37 +59,16 @@
+@@ -62,29 +59,9 @@
#include <unistd.h>
#endif
@@ -54,11 +54,11 @@ diff -up ./mozilla/security/nss/cmd/lib/secutil.c.crypto ./mozilla/security/nss/
-
-#include "nssutil.h"
-#include "ssl.h"
--
+extern long DER_GetInteger(SECItem *src);
- void
- SECU_PrintErrMsg(FILE *out, int level, char *progName, char *msg, ...)
+ static PRBool wrapEnabled = PR_TRUE;
+
+@@ -105,7 +82,7 @@ SECU_PrintErrMsg(FILE *out, int level, c
{
va_list args;
PRErrorCode err = PORT_GetError();
@@ -67,7 +67,7 @@ diff -up ./mozilla/security/nss/cmd/lib/secutil.c.crypto ./mozilla/security/nss/
va_start(args, msg);
-@@ -112,7 +88,7 @@ SECU_PrintError(char *progName, char *ms
+@@ -125,7 +102,7 @@ SECU_PrintError(char *progName, char *ms
{
va_list args;
PRErrorCode err = PORT_GetError();
@@ -76,7 +76,7 @@ diff -up ./mozilla/security/nss/cmd/lib/secutil.c.crypto ./mozilla/security/nss/
va_start(args, msg);
-@@ -142,446 +118,6 @@ SECU_PrintSystemError(char *progName, ch
+@@ -155,446 +132,6 @@ SECU_PrintSystemError(char *progName, ch
va_end(args);
}
@@ -523,7 +523,7 @@ diff -up ./mozilla/security/nss/cmd/lib/secutil.c.crypto ./mozilla/security/nss/
SECStatus
secu_StdinToItem(SECItem *dst)
{
-@@ -703,65 +239,6 @@ loser:
+@@ -716,65 +253,6 @@ loser:
return SECFailure;
}
@@ -589,7 +589,7 @@ diff -up ./mozilla/security/nss/cmd/lib/secutil.c.crypto ./mozilla/security/nss/
#define INDENT_MULT 4
void
SECU_Indent(FILE *out, int level)
-@@ -914,23 +391,6 @@ SECU_PrintBuf(FILE *out, const char *msg
+@@ -932,23 +410,6 @@ SECU_PrintBuf(FILE *out, const char *msg
}
}
@@ -613,11 +613,12 @@ diff -up ./mozilla/security/nss/cmd/lib/secutil.c.crypto ./mozilla/security/nss/
/* This expents i->data[0] to be the MSB of the integer.
** if you want to print a DER-encoded integer (with the tag and length)
-@@ -975,2427 +435,100 @@ SECU_PrintInteger(FILE *out, SECItem *i,
+@@ -993,2461 +454,100 @@ SECU_PrintInteger(FILE *out, SECItem *i,
}
static void
--secu_PrintRawString(FILE *out, SECItem *si, const char *m, int level)
+-secu_PrintRawStringQuotesOptional(FILE *out, SECItem *si, const char *m,
+- int level, PRBool quotes)
+secu_PrintRSAPublicKey(FILE *out, SECKEYPublicKey *pk, char *m, int level)
{
- int column;
@@ -631,11 +632,13 @@ diff -up ./mozilla/security/nss/cmd/lib/secutil.c.crypto ./mozilla/security/nss/
- SECU_Indent(out, level);
- column = level*INDENT_MULT;
- }
-- fprintf(out, "\""); column++;
+- if (quotes) {
+- fprintf(out, "\""); column++;
+- }
-
- for (i = 0; i < si->len; i++) {
- unsigned char val = si->data[i];
-- if (column > 76) {
+- if (wrapEnabled && column > 76) {
- secu_Newline(out);
- SECU_Indent(out, level); column = level*INDENT_MULT;
- }
@@ -643,21 +646,29 @@ diff -up ./mozilla/security/nss/cmd/lib/secutil.c.crypto ./mozilla/security/nss/
- fprintf(out,"%c", printable[val]); column++;
- }
-
-- fprintf(out, "\""); column++;
-- if (column != level*INDENT_MULT || column > 76) {
+- if (quotes) {
+- fprintf(out, "\""); column++;
+- }
+- if (wrapEnabled &&
+- (column != level*INDENT_MULT || column > 76)) {
- secu_Newline(out);
+ SECU_Indent(out, level); fprintf(out, "%s:\n", m);
+ SECU_PrintInteger(out, &pk->u.rsa.modulus, "Modulus", level+1);
+ SECU_PrintInteger(out, &pk->u.rsa.publicExponent, "Exponent", level+1);
+ if (pk->u.rsa.publicExponent.len == 1 &&
+ pk->u.rsa.publicExponent.data[0] == 1) {
-+ SECU_Indent(out, level +1); fprintf(out, "Error: INVALID RSA KEY!\n");
++ SECU_Indent(out, level +1); fprintf(out, "Error: INVALID RSA KEY!\n");
}
}
+ static void
+-secu_PrintRawString(FILE *out, SECItem *si, const char *m, int level)
+-{
+- secu_PrintRawStringQuotesOptional(out, si, m, level, PR_TRUE);
+-}
+-
-void
-SECU_PrintString(FILE *out, SECItem *si, char *m, int level)
-+static void
+secu_PrintDSAPublicKey(FILE *out, SECKEYPublicKey *pk, char *m, int level)
{
- SECItem my = *si;
@@ -761,15 +772,11 @@ diff -up ./mozilla/security/nss/cmd/lib/secutil.c.crypto ./mozilla/security/nss/
{
- int64 time;
- SECStatus rv;
-+ int j;
-+ char *target = a[i].longform;
-
+-
- rv = DER_UTCTimeToTime(&time, t);
- if (rv != SECSuccess)
- return;
-+ if (!target)
-+ return PR_FALSE;
-
+-
- secu_PrintTime(out, time, m, level);
-}
-
@@ -2098,7 +2105,8 @@ diff -up ./mozilla/security/nss/cmd/lib/secutil.c.crypto ./mozilla/security/nss/
-}
-
-void
--SECU_PrintName(FILE *out, CERTName *name, const char *msg, int level)
+-SECU_PrintNameQuotesOptional(FILE *out, CERTName *name, const char *msg,
+- int level, PRBool quotes)
-{
- char *nameStr = NULL;
- char *str;
@@ -2119,7 +2127,7 @@ diff -up ./mozilla/security/nss/cmd/lib/secutil.c.crypto ./mozilla/security/nss/
- my.data = (unsigned char *)str;
- my.len = PORT_Strlen(str);
-#if 1
-- secu_PrintRawString(out, &my, msg, level);
+- secu_PrintRawStringQuotesOptional(out, &my, msg, level, quotes);
-#else
- SECU_Indent(out, level); fprintf(out, "%s: ", msg);
- fprintf(out, str);
@@ -2129,6 +2137,12 @@ diff -up ./mozilla/security/nss/cmd/lib/secutil.c.crypto ./mozilla/security/nss/
-}
-
-void
+-SECU_PrintName(FILE *out, CERTName *name, const char *msg, int level)
+-{
+- SECU_PrintNameQuotesOptional(out, name, msg, level, PR_TRUE);
+-}
+-
+-void
-printflags(char *trusts, unsigned int flags)
-{
- if (flags & CERTDB_VALID_CA)
@@ -2442,8 +2456,15 @@ diff -up ./mozilla/security/nss/cmd/lib/secutil.c.crypto ./mozilla/security/nss/
- fpItem.data = fingerprint;
- fpItem.len = MD5_LENGTH;
- fpStr = CERT_Hexify(&fpItem, 1);
-- SECU_Indent(out, level); fprintf(out, "%s (MD5):\n", m);
-- SECU_Indent(out, level+1); fprintf(out, "%s\n", fpStr);
+- SECU_Indent(out, level); fprintf(out, "%s (MD5):", m);
+- if (wrapEnabled) {
+- fprintf(out, "\n");
+- SECU_Indent(out, level+1);
+- }
+- else {
+- fprintf(out, " ");
+- }
+- fprintf(out, "%s\n", fpStr);
- PORT_Free(fpStr);
- fpStr = NULL;
- if (rv != SECSuccess && !err)
@@ -2455,10 +2476,18 @@ diff -up ./mozilla/security/nss/cmd/lib/secutil.c.crypto ./mozilla/security/nss/
- fpItem.data = fingerprint;
- fpItem.len = SHA1_LENGTH;
- fpStr = CERT_Hexify(&fpItem, 1);
-- SECU_Indent(out, level); fprintf(out, "%s (SHA1):\n", m);
-- SECU_Indent(out, level+1); fprintf(out, "%s\n", fpStr);
+- SECU_Indent(out, level); fprintf(out, "%s (SHA1):", m);
+- if (wrapEnabled) {
+- fprintf(out, "\n");
+- SECU_Indent(out, level+1);
+- }
+- else {
+- fprintf(out, " ");
+- }
+- fprintf(out, "%s\n", fpStr);
- PORT_Free(fpStr);
-- fprintf(out, "\n");
+- if (wrapEnabled)
+- fprintf(out, "\n");
-
- if (err)
- PORT_SetError(err);
@@ -2596,7 +2625,7 @@ diff -up ./mozilla/security/nss/cmd/lib/secutil.c.crypto ./mozilla/security/nss/
- if (crl->entries != NULL) {
- iv = 0;
- while ((entry = crl->entries[iv++]) != NULL) {
-- sprintf(om, "Entry (%x):\n", iv);
+- sprintf(om, "Entry %d (0x%x):\n", iv, iv);
- SECU_Indent(out, level + 1); fputs(om, out);
- SECU_PrintInteger(out, &(entry->serialNumber), "Serial Number",
- level + 2);
@@ -2774,7 +2803,9 @@ diff -up ./mozilla/security/nss/cmd/lib/secutil.c.crypto ./mozilla/security/nss/
- return rv;
- }
- }
--
++ int j;
++ char *target = a[i].longform;
+
- /* Parse and list CRL's (if any) */
- if (src->crls != NULL) {
- SECU_Indent(out, level + 1);
@@ -2792,7 +2823,9 @@ diff -up ./mozilla/security/nss/cmd/lib/secutil.c.crypto ./mozilla/security/nss/
- level + 3);
- }
- }
--
++ if (!target)
++ return PR_FALSE;
+
- /* Parse and list signatures (if any) */
- if (src->signerInfos != NULL) {
- SECU_Indent(out, level + 1);
@@ -3106,7 +3139,7 @@ diff -up ./mozilla/security/nss/cmd/lib/secutil.c.crypto ./mozilla/security/nss/
#if defined(DEBUG) || defined(FORCE_PR_ASSERT)
/* Returns true iff a[i].flag has a duplicate in a[i+1 : count-1] */
-@@ -3610,145 +743,6 @@ SECU_PrintPRandOSError(char *progName)
+@@ -3662,145 +762,6 @@ SECU_PrintPRandOSError(char *progName)
}
}
@@ -3252,7 +3285,7 @@ diff -up ./mozilla/security/nss/cmd/lib/secutil.c.crypto ./mozilla/security/nss/
SECOidTag
SECU_StringToSignatureAlgTag(const char *alg)
{
-@@ -3776,299 +770,6 @@ SECU_StringToSignatureAlgTag(const char
+@@ -3828,299 +789,6 @@ SECU_StringToSignatureAlgTag(const char
return hashAlgTag;
}
@@ -3552,7 +3585,7 @@ diff -up ./mozilla/security/nss/cmd/lib/secutil.c.crypto ./mozilla/security/nss/
/* Caller ensures that dst is at least item->len*2+1 bytes long */
void
SECU_SECItemToHex(const SECItem * item, char * dst)
-@@ -4131,40 +832,3 @@ SECU_SECItemHexStringToBinary(SECItem* s
+@@ -4183,40 +851,3 @@ SECU_SECItemHexStringToBinary(SECItem* s
srcdest->len /= 2;
return SECSuccess;
}
@@ -3594,8 +3627,8 @@ diff -up ./mozilla/security/nss/cmd/lib/secutil.c.crypto ./mozilla/security/nss/
-
-
diff -up ./mozilla/security/nss/cmd/lib/secutil.h.crypto ./mozilla/security/nss/cmd/lib/secutil.h
---- ./mozilla/security/nss/cmd/lib/secutil.h.crypto 2011-11-16 11:12:30.000000000 -0800
-+++ ./mozilla/security/nss/cmd/lib/secutil.h 2012-03-01 13:52:51.842116753 -0800
+--- ./mozilla/security/nss/cmd/lib/secutil.h.crypto 2012-03-10 04:10:45.000000000 -0800
++++ ./mozilla/security/nss/cmd/lib/secutil.h 2012-04-01 13:15:51.539584248 -0700
@@ -38,7 +38,10 @@
#include "seccomon.h"
@@ -3607,7 +3640,7 @@ diff -up ./mozilla/security/nss/cmd/lib/secutil.h.crypto ./mozilla/security/nss/
#include "prerror.h"
#include "base64.h"
#include "key.h"
-@@ -47,226 +50,31 @@
+@@ -47,25 +50,6 @@
#include "secder.h"
#include <stdio.h>
@@ -3628,15 +3661,15 @@ diff -up ./mozilla/security/nss/cmd/lib/secutil.h.crypto ./mozilla/security/nss/
-#define NS_CRL_HEADER "-----BEGIN CRL-----"
-#define NS_CRL_TRAILER "-----END CRL-----"
-
- #define SECU_Strerror PORT_ErrorToString
-
--#ifdef SECUTIL_NEW
--typedef int (*SECU_PPFunc)(PRFileDesc *out, SECItem *item,
-- char *msg, int level);
--#else
--typedef int (*SECU_PPFunc)(FILE *out, SECItem *item, char *msg, int level);
--#endif
+-#define SECU_Strerror PORT_ErrorToString
-
+ #ifdef SECUTIL_NEW
+ typedef int (*SECU_PPFunc)(PRFileDesc *out, SECItem *item,
+ char *msg, int level);
+@@ -73,203 +57,29 @@ typedef int (*SECU_PPFunc)(PRFileDesc *o
+ typedef int (*SECU_PPFunc)(FILE *out, SECItem *item, char *msg, int level);
+ #endif
+
-typedef struct {
- enum {
- PW_NONE = 0,
@@ -3732,6 +3765,9 @@ diff -up ./mozilla/security/nss/cmd/lib/secutil.h.crypto ./mozilla/security/nss/
- struct CERTCertificateStr **pRetCert,
- struct SECKEYPrivateKeyStr **pRetKey);
-
+-extern PRBool SECU_GetWrapEnabled();
+-extern void SECU_EnableWrap(PRBool enable);
+-
/* print out an error message */
extern void SECU_PrintError(char *progName, char *msg, ...);
@@ -3834,63 +3870,7 @@ diff -up ./mozilla/security/nss/cmd/lib/secutil.h.crypto ./mozilla/security/nss/
/* Dump contents of an RSA public key */
extern int SECU_PrintRSAPublicKey(FILE *out, SECItem *der, char *m, int level);
-@@ -278,55 +86,10 @@ extern int SECU_PrintSubjectPublicKeyInf
- extern int SECU_PrintPrivateKey(FILE *out, SECItem *der, char *m, int level);
- #endif
-
--/* Print the MD5 and SHA1 fingerprints of a cert */
--extern int SECU_PrintFingerprints(FILE *out, SECItem *derCert, char *m,
-- int level);
--
--/* Pretty-print any PKCS7 thing */
--extern int SECU_PrintPKCS7ContentInfo(FILE *out, SECItem *der, char *m,
-- int level);
--
- /* Init PKCS11 stuff */
- extern SECStatus SECU_PKCS11Init(PRBool readOnly);
-
--/* Dump contents of signed data */
--extern int SECU_PrintSignedData(FILE *out, SECItem *der, const char *m,
-- int level, SECU_PPFunc inner);
--
--/* Print cert data and its trust flags */
--extern SECStatus SEC_PrintCertificateAndTrust(CERTCertificate *cert,
-- const char *label,
-- CERTCertTrust *trust);
--
--extern int SECU_PrintCrl(FILE *out, SECItem *der, char *m, int level);
--
--extern void
--SECU_PrintCRLInfo(FILE *out, CERTCrl *crl, char *m, int level);
--
- extern void SECU_PrintString(FILE *out, SECItem *si, char *m, int level);
--extern void SECU_PrintAny(FILE *out, SECItem *i, char *m, int level);
--
--extern void SECU_PrintPolicy(FILE *out, SECItem *value, char *msg, int level);
--extern void SECU_PrintPrivKeyUsagePeriodExtension(FILE *out, SECItem *value,
-- char *msg, int level);
--
--extern void SECU_PrintExtensions(FILE *out, CERTCertExtension **extensions,
-- char *msg, int level);
--
--extern void SECU_PrintName(FILE *out, CERTName *name, const char *msg,
-- int level);
--extern void SECU_PrintRDN(FILE *out, CERTRDN *rdn, const char *msg, int level);
--
--#ifdef SECU_GetPassword
--/* Convert a High public Key to a Low public Key */
--extern SECKEYLowPublicKey *SECU_ConvHighToLow(SECKEYPublicKey *pubHighKey);
--#endif
--
--extern char *SECU_GetModulePassword(PK11SlotInfo *slot, PRBool retry, void *arg);
--
--extern SECStatus DER_PrettyPrint(FILE *out, SECItem *it, PRBool raw);
--
--extern char *SECU_SECModDBName(void);
-
- extern void SECU_PrintPRandOSError(char *progName);
-
-@@ -335,70 +98,6 @@ extern SECStatus SECU_RegisterDynamicOid
+@@ -341,70 +151,6 @@ extern SECStatus SECU_RegisterDynamicOid
/* Identifies hash algorithm tag by its string representation. */
extern SECOidTag SECU_StringToSignatureAlgTag(const char *alg);
@@ -3963,7 +3943,7 @@ diff -up ./mozilla/security/nss/cmd/lib/secutil.h.crypto ./mozilla/security/nss/
SECU_SECItemToHex(const SECItem * item, char * dst);
diff -up ./mozilla/security/nss/cmd/manifest.mn.crypto ./mozilla/security/nss/cmd/manifest.mn
--- ./mozilla/security/nss/cmd/manifest.mn.crypto 2010-12-06 09:22:48.000000000 -0800
-+++ ./mozilla/security/nss/cmd/manifest.mn 2012-03-01 13:52:51.842116753 -0800
++++ ./mozilla/security/nss/cmd/manifest.mn 2012-04-01 13:15:51.540584249 -0700
@@ -41,46 +41,9 @@ DEPTH = ../..
REQUIRES = nss nspr libdbm
@@ -4013,7 +3993,7 @@ diff -up ./mozilla/security/nss/cmd/manifest.mn.crypto ./mozilla/security/nss/cm
TEMPORARILY_DONT_BUILD = \
diff -up ./mozilla/security/nss/cmd/platlibs.mk.crypto ./mozilla/security/nss/cmd/platlibs.mk
--- ./mozilla/security/nss/cmd/platlibs.mk.crypto 2010-06-11 17:58:33.000000000 -0700
-+++ ./mozilla/security/nss/cmd/platlibs.mk 2012-03-01 13:52:51.846127126 -0800
++++ ./mozilla/security/nss/cmd/platlibs.mk 2012-04-01 13:15:51.540584249 -0700
@@ -92,43 +92,13 @@ DEFINES += -DNSS_USE_STATIC_LIBS
# $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS)
CRYPTOLIB=$(SOFTOKEN_LIB_DIR)/$(LIB_PREFIX)freebl.$(LIB_SUFFIX)
@@ -4108,8 +4088,8 @@ diff -up ./mozilla/security/nss/cmd/platlibs.mk.crypto ./mozilla/security/nss/cm
-L$(NSSUTIL_LIB_DIR) \
-lnssutil3 \
diff -up ./mozilla/security/nss/tests/all.sh.crypto ./mozilla/security/nss/tests/all.sh
---- ./mozilla/security/nss/tests/all.sh.crypto 2010-01-29 11:58:40.000000000 -0800
-+++ ./mozilla/security/nss/tests/all.sh 2012-03-01 13:52:51.849115992 -0800
+--- ./mozilla/security/nss/tests/all.sh.crypto 2012-04-01 13:21:51.519603762 -0700
++++ ./mozilla/security/nss/tests/all.sh 2012-04-01 13:22:41.577606476 -0700
@@ -303,10 +303,10 @@ run_cycles()
############################## main code ###############################
diff --git a/sources b/sources
index 3d79706..a9e4773 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-f2cb15dd1e1119bb718de1730a5b6a0f nss-softokn-3.13.3-stripped.tar.bz2
+3d5704a383dbed469c0864afeac70fd2 nss-softokn-3.13.4-stripped.tar.bz2
More information about the scm-commits
mailing list