]> git.ipfire.org Git - people/ms/ipfire-3.x.git/blob - nss-softokn/patches/nss-softokn-3.12.4-prelink.patch
projects / people / ms / ipfire-3.x.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Move all packages to root.
[people/ms/ipfire-3.x.git] / nss-softokn / patches / nss-softokn-3.12.4-prelink.patch
1 diff -up ./mozilla/security/nss/lib/freebl/Makefile.prelink ./mozilla/security/nss/lib/freebl/Makefile
2 --- ./mozilla/security/nss/lib/freebl/Makefile.prelink 2010-09-04 14:13:58.846327263 -0700
3 +++ ./mozilla/security/nss/lib/freebl/Makefile 2010-09-04 14:15:11.544326993 -0700
4 @@ -82,6 +82,12 @@ ifeq ($(FREEBL_NO_DEPEND),1)
5 else
6 MAPFILE_SOURCE = freebl.def
7 endif
8 +ifdef FREEBL_USE_PRELINK
9 + DEFINES += -DFREEBL_USE_PRELINK
10 +endif
11 +ifdef FREEBL_PRELINK_COMMAND
12 + DEFINES +=-DFREEBL_PRELINK_COMMAND=\"$(FREEBL_PRELINK_COMMAND)\"
13 +endif
14 # NSS_X86 means the target is a 32-bits x86 CPU architecture
15 # NSS_X64 means the target is a 64-bits x64 CPU architecture
16 # NSS_X86_OR_X64 means the target is either x86 or x64
17 diff -up ./mozilla/security/nss/lib/freebl/shvfy.c.prelink ./mozilla/security/nss/lib/freebl/shvfy.c
18 --- ./mozilla/security/nss/lib/freebl/shvfy.c.prelink 2010-09-04 14:16:01.518326988 -0700
19 +++ ./mozilla/security/nss/lib/freebl/shvfy.c 2010-09-04 14:25:44.770326384 -0700
20 @@ -48,6 +48,168 @@
21 #include "stdio.h"
22 #include "prmem.h"
23
24 +#ifdef FREEBL_USE_PRELINK
25 +#ifndef FREELB_PRELINK_COMMAND
26 +#define FREEBL_PRELINK_COMMAND "/usr/sbin/prelink -u -o -"
27 +#endif
28 +#include "private/pprio.h"
29 +
30 +#include <stdlib.h>
31 +#include <unistd.h>
32 +#include <fcntl.h>
33 +#include <sys/wait.h>
34 +#include <sys/stat.h>
35 +
36 +PRFileDesc *
37 +bl_OpenUnPrelink(const char *shName, int *pid)
38 +{
39 + char *command= strdup(FREEBL_PRELINK_COMMAND);
40 + char *argString = NULL;
41 + char **argv = NULL;
42 + char *shNameArg = NULL;
43 + char *cp;
44 + pid_t child;
45 + int argc = 0, argNext = 0;
46 + struct stat statBuf;
47 + int pipefd[2] = {-1,-1};
48 + int ret;
49 +
50 + *pid = 0;
51 +
52 + /* make sure the prelink command exists first. If not, fall back to
53 + * just reading the file */
54 + for (cp = command; *cp ; cp++) {
55 + if (*cp == ' ') {
56 + *cp++ = 0;
57 + argString = cp;
58 + break;
59 + }
60 + }
61 + memset (&statBuf, 0, sizeof(statBuf));
62 + /* stat the file, follow the link */
63 + ret = stat(command, &statBuf);
64 + if (ret < 0) {
65 + free(command);
66 + return PR_Open(shName, PR_RDONLY, 0);
67 + }
68 + /* file exits, make sure it's an executable */
69 + if (!S_ISREG(statBuf.st_mode) ||
70 + ((statBuf.st_mode & (S_IXUSR|S_IXGRP|S_IXOTH)) == 0)) {
71 + free(command);
72 + return PR_Open(shName, PR_RDONLY, 0);
73 + }
74 +
75 + /* OK, the prelink command exists and looks correct, use it */
76 + /* build the arglist while we can still malloc */
77 + /* count the args if any */
78 + if (argString && *argString) {
79 + /* argString may have leading spaces, strip them off*/
80 + for (cp = argString; *cp && *cp == ' '; cp++);
81 + argString = cp;
82 + if (*cp) {
83 + /* there is at least one arg.. */
84 + argc = 1;
85 + }
86 +
87 + /* count the rest: Note there is no provision for escaped
88 + * spaces here */
89 + for (cp = argString; *cp ; cp++) {
90 + if (*cp == ' ') {
91 + while (*cp && *cp == ' ') cp++;
92 + if (*cp) argc++;
93 + }
94 + }
95 + }
96 +
97 + /* add the additional args: argv[0] (command), shName, NULL*/
98 + argc += 3;
99 + argv = PORT_NewArray(char *, argc);
100 + if (argv == NULL) {
101 + goto loser;
102 + }
103 +
104 + /* fill in the arglist */
105 + argv[argNext++] = command;
106 + if (argString && *argString) {
107 + argv[argNext++] = argString;
108 + for (cp = argString; *cp; cp++) {
109 + if (*cp == ' ') {
110 + *cp++ = 0;
111 + while (*cp && *cp == ' ') cp++;
112 + if (*cp) argv[argNext++] = cp;
113 + }
114 + }
115 + }
116 + /* exec doesn't advertise taking const char **argv, do the paranoid
117 + * copy */
118 + shNameArg = strdup(shName);
119 + if (shNameArg == NULL) {
120 + goto loser;
121 + }
122 + argv[argNext++] = shNameArg;
123 + argv[argNext++] = 0;
124 +
125 + ret = pipe(pipefd);
126 + if (ret < 0) {
127 + goto loser;
128 + }
129 +
130 + /* use vfork() so we don't trigger the pthread_at_fork() handlers */
131 + child = vfork();
132 + if (child < 0) goto loser;
133 + if (child == 0) {
134 + /* set up the file descriptors */
135 + close(0);
136 + /* associate pipefd[1] with stdout */
137 + if (pipefd[1] != 1) dup2(pipefd[1], 1);
138 + close(2);
139 + close(pipefd[0]);
140 + /* should probably close the other file descriptors? */
141 +
142 +
143 + execv(command, argv);
144 + /* avoid at_exit() handlers */
145 + _exit(1); /* shouldn't reach here except on an error */
146 + }
147 + close(pipefd[1]);
148 + pipefd[1] = -1;
149 +
150 + /* this is safe because either vfork() as full fork() semantics, and thus
151 + * already has it's own address space, or because vfork() has paused
152 + * the parent util the exec or exit */
153 + free(command);
154 + free(shNameArg);
155 + PORT_Free(argv);
156 +
157 + *pid = child;
158 +
159 + return PR_ImportPipe(pipefd[0]);
160 +
161 +loser:
162 + if (pipefd[0] != -1) {
163 + close(pipefd[0]);
164 + }
165 + if (pipefd[1] != -1) {
166 + close(pipefd[1]);
167 + }
168 + free(command);
169 + free(shNameArg);
170 + PORT_Free(argv);
171 +
172 + return NULL;
173 +}
174 +
175 +void
176 +bl_CloseUnPrelink( PRFileDesc *file, int pid)
177 +{
178 + /* close the file descriptor */
179 + PR_Close(file);
180 + /* reap the child */
181 + if (pid) {
182 + waitpid(pid, NULL, 0);
183 + }
184 +}
185 +#endif
186
187 /* #define DEBUG_SHVERIFY 1 */
188
189 @@ -117,6 +279,9 @@ BLAPI_SHVerify(const char *name, PRFuncP
190 SECStatus rv;
191 DSAPublicKey key;
192 int count;
193 +#ifdef FREEBL_USE_PRELINK
194 + int pid = 0;
195 +#endif
196
197 PRBool result = PR_FALSE; /* if anything goes wrong,
198 * the signature does not verify */
199 @@ -197,7 +362,11 @@ BLAPI_SHVerify(const char *name, PRFuncP
200 checkFD = NULL;
201
202 /* open our library file */
203 +#ifdef FREEBL_USE_PRELINK
204 + shFD = bl_OpenUnPrelink(shName,&pid);
205 +#else
206 shFD = PR_Open(shName, PR_RDONLY, 0);
207 +#endif
208 if (shFD == NULL) {
209 #ifdef DEBUG_SHVERIFY
210 fprintf(stderr, "Failed to open the library file %s: (%d, %d)\n",
211 @@ -218,7 +387,11 @@ BLAPI_SHVerify(const char *name, PRFuncP
212 SHA1_Update(hashcx, buf, bytesRead);
213 count += bytesRead;
214 }
215 +#ifdef FREEBL_USE_PRELINK
216 + bl_CloseUnPrelink(shFD, pid);
217 +#else
218 PR_Close(shFD);
219 +#endif
220 shFD = NULL;
221
222 SHA1_End(hashcx, hash.data, &hash.len, hash.len);
223 diff -up ./mozilla/security/nss/lib/freebl/stubs.c.prelink ./mozilla/security/nss/lib/freebl/stubs.c
224 --- ./mozilla/security/nss/lib/freebl/stubs.c.prelink 2010-09-04 14:26:27.454327120 -0700
225 +++ ./mozilla/security/nss/lib/freebl/stubs.c 2010-09-04 14:31:56.778327428 -0700
226 @@ -69,6 +69,7 @@
227 #include <secport.h>
228 #include <secitem.h>
229 #include <blapi.h>
230 +#include <private/pprio.h>
231
232 #define FREEBL_NO_WEAK 1
233
234 @@ -157,6 +158,8 @@ STUB_DECLARE(void,PR_Lock,(PRLock *lock)
235 STUB_DECLARE(PRLock *,PR_NewLock,(void));
236 STUB_DECLARE(PRFileDesc *,PR_Open,(const char *name, PRIntn flags,
237 PRIntn mode));
238 +STUB_DECLARE(PRFileDesc *,PR_ImportFile,(PROsfd osfd));
239 +STUB_DECLARE(PRFileDesc *,PR_ImportPipe,(PROsfd osfd));
240 STUB_DECLARE(PRInt32,PR_Read,(PRFileDesc *fd, void *buf, PRInt32 amount));
241 STUB_DECLARE(PROffset32,PR_Seek,(PRFileDesc *fd, PROffset32 offset,
242 PRSeekWhence whence));
243 @@ -295,6 +298,34 @@ PR_Open_stub(const char *name, PRIntn fl
244 return (PRFileDesc *)lfd;
245 }
246
247 +extern PRFileDesc *
248 +PR_ImportFile_stub(PROsfd fd)
249 +{
250 + int *lfd = NULL;
251 +
252 + STUB_SAFE_CALL1(PR_ImportFile, fd);
253 +
254 + lfd = PORT_New_stub(int);
255 + if (lfd != NULL) {
256 + *lfd = fd;
257 + }
258 + return (PRFileDesc *)lfd;
259 +}
260 +
261 +extern PRFileDesc *
262 +PR_ImportPipe_stub(PROsfd fd)
263 +{
264 + int *lfd = NULL;
265 +
266 + STUB_SAFE_CALL1(PR_ImportPipe, fd);
267 +
268 + lfd = PORT_New_stub(int);
269 + if (lfd != NULL) {
270 + *lfd = fd;
271 + }
272 + return (PRFileDesc *)lfd;
273 +}
274 +
275 extern PRStatus
276 PR_Close_stub(PRFileDesc *fd)
277 {
278 @@ -492,6 +523,8 @@ freebl_InitNSPR(void *lib)
279 {
280 STUB_FETCH_FUNCTION(PR_Free);
281 STUB_FETCH_FUNCTION(PR_Open);
282 + STUB_FETCH_FUNCTION(PR_ImportFile);
283 + STUB_FETCH_FUNCTION(PR_ImportPipe);
284 STUB_FETCH_FUNCTION(PR_Close);
285 STUB_FETCH_FUNCTION(PR_Read);
286 STUB_FETCH_FUNCTION(PR_Seek);
287 diff -up ./mozilla/security/nss/lib/freebl/stubs.h.prelink ./mozilla/security/nss/lib/freebl/stubs.h
288 --- ./mozilla/security/nss/lib/freebl/stubs.h.prelink 2010-09-04 14:26:41.822327256 -0700
289 +++ ./mozilla/security/nss/lib/freebl/stubs.h 2010-09-04 14:32:53.498540767 -0700
290 @@ -78,6 +78,8 @@
291 #define PR_Lock PR_Lock_stub
292 #define PR_NewLock PR_NewLock_stub
293 #define PR_Open PR_Open_stub
294 +#define PR_ImportFile PR_ImportFile_stub
295 +#define PR_ImportPipe PR_ImportPipe_stub
296 #define PR_Read PR_Read_stub
297 #define PR_Seek PR_Seek_stub
298 #define PR_Sleep PR_Sleep_stub
Michael's tree of IPFire 3.x.