From: Michael Tremer Date: Sun, 10 Feb 2013 21:58:07 +0000 (+0100) Subject: Remove nss and nspr. X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f81a1d0ac6102eee57464bed375d4aa51f869331;p=ipfire-3.x.git Remove nss and nspr. As there are plenty of other SSL implementations in this distribution, nss is dropped. --- diff --git a/nspr/nspr-config-vars.in b/nspr/nspr-config-vars.in deleted file mode 100644 index ebf0aa444..000000000 --- a/nspr/nspr-config-vars.in +++ /dev/null @@ -1,2 +0,0 @@ -ldflags=@LDFLAGS@ -os_libs=@OS_LIBS@ diff --git a/nspr/nspr.nm b/nspr/nspr.nm deleted file mode 100644 index c23b137b3..000000000 --- a/nspr/nspr.nm +++ /dev/null @@ -1,110 +0,0 @@ -############################################################################### -# IPFire.org - An Open Source Firewall Solution # -# Copyright (C) - IPFire Development Team # -############################################################################### - -name = nspr -version = 4.8.9 -release = 2 - -groups = System/Libraries -url = http://www.mozilla.org/projects/nspr/ -license = MPLv1.1 or GPLv2+ or LGPLv2+ -summary = Netscape Portable Runtime. - -description - NSPR provides platform independence for non-GUI operating system - facilities. These facilities include threads, thread synchronization, - normal file and network I/O, interval timing and calendar time, basic - memory management (malloc and free) and shared library linking. -end - -source_dl = ftp://ftp.mozilla.org/pub/mozilla.org/nspr/releases/v%{version}/src/ - -build - requires - pkg-config - end - - # Original nspr-config is not suitable for our distribution, - # because on different platforms it contains different dynamic content. - # Therefore we produce an adjusted copy of nspr-config that will be - # identical on all platforms. - # However, we need to use original nspr-config to produce some variables - # that go into nspr.pc for pkg-config. - - prepare - cd %{DIR_SRC} && %{MACRO_EXTRACT} %{DIR_DL}/%{sources} - - cp -vf %{DIR_APP}/mozilla/nsprpub/config/nspr-config.in \ - %{DIR_APP}/mozilla/nsprpub/config/nspr-config-pc.in - cp -vf %{DIR_SOURCE}/nspr-config-vars.in \ - %{DIR_APP}/mozilla/nsprpub/config/ - cd %{DIR_APP} - - %{MACRO_PATCHES} - end - - if "%{DISTRO_ARCH}" == "x86_64" - configure_options += \ - --enable-64bit - end - - if "%{DISTRO_ARCH}" == "armv7hl" - configure_options += \ - --enable-thumb2 - end - - configure_options += \ - --includedir=/usr/include/nspr4 \ - --enable-optimize="%{CFLAGS}" \ - --disable-debug - - build - %{DIR_APP}/mozilla/nsprpub/configure \ - %{configure_options} - - make - end - - install_cmds - mkdir -pv %{BUILDROOT}/usr/{bin,%{lib}} - mkdir -pv %{BUILDROOT}%{libdir}/pkgconfig - - cp -vf %{DIR_APP}/config/nspr-config-pc \ - %{BUILDROOT}/usr/bin/nspr-config - - sed \ - -e "s,%libdir%,%{libdir},g" \ - -e "s,%prefix%,/usr,g" \ - -e "s,%exec_prefix%,/usr,g" \ - -e "s,%includedir%,/usr/include/nspr4,g" \ - -e "s,%NSPR_VERSION%,%{version},g" \ - -e "s,%FULL_NSPR_LIBS%,-L%{libdir} -lnspr4 -lplc4 -lplds4 -ldl -lpthread,g" \ - -e "s,%FULL_NSPR_CFLAGS%,-I/usr/include/nspr4,g" \ - < %{DIR_SOURCE}/nspr.pc.in \ - > %{BUILDROOT}%{libdir}/pkgconfig/nspr.pc - - # Remove unneeded stuff - rm -rfv \ - %{BUILDROOT}/usr/bin/compile-et.pl \ - %{BUILDROOT}/usr/bin/prerr.properties \ - %{BUILDROOT}/usr/share/aclocal/nspr.m4 \ - %{BUILDROOT}/usr/include/nspr4/md - end -end - -packages - package %{name} - - package %{name}-devel - template DEVEL - - # libs are not versioned. - files += !%{libdir}/*.so - end - - package %{name}-debuginfo - template DEBUGINFO - end -end diff --git a/nspr/nspr.pc.in b/nspr/nspr.pc.in deleted file mode 100644 index 1d8f4a0ca..000000000 --- a/nspr/nspr.pc.in +++ /dev/null @@ -1,10 +0,0 @@ -prefix=%prefix% -exec_prefix=%exec_prefix% -libdir=%libdir% -includedir=%includedir% - -Name: NSPR -Description: The Netscape Portable Runtime -Version: %NSPR_VERSION% -Libs: %FULL_NSPR_LIBS% -Cflags: %FULL_NSPR_CFLAGS% diff --git a/nspr/patches/nspr-config-pc.patch b/nspr/patches/nspr-config-pc.patch deleted file mode 100644 index 24b112392..000000000 --- a/nspr/patches/nspr-config-pc.patch +++ /dev/null @@ -1,48 +0,0 @@ ---- a/bmozilla/nsprpub/config/nspr-config-pc.in.x123 2005-05-11 02:53:41.000000000 +0200 -+++ b/mozilla/nsprpub/config/nspr-config-pc.in 2006-05-24 20:52:12.000000000 +0200 -@@ -98,7 +98,7 @@ - includedir=@includedir@ - fi - if test -z "$libdir"; then -- libdir=@libdir@ -+ libdir=`pkg-config --variable=libdir nspr` - fi - - if test "$echo_prefix" = "yes"; then -@@ -132,12 +132,12 @@ - if test -n "$lib_nspr"; then - libdirs="$libdirs -lnspr${major_version}" - fi -- os_ldflags="@LDFLAGS@" -+ os_ldflags=`pkg-config --variable=ldflags nspr` - for i in $os_ldflags ; do - if echo $i | grep \^-L >/dev/null; then - libdirs="$libdirs $i" - fi - done -- echo $libdirs @OS_LIBS@ -+ echo $libdirs `pkg-config --variable=os_libs nspr` - fi - ---- a/mozilla/nsprpub/configure.in.x123 2006-05-24 20:52:12.000000000 +0200 -+++ b/mozilla/nsprpub/configure.in 2006-05-24 20:53:53.000000000 +0200 -@@ -2667,6 +2667,8 @@ - config/nsprincl.mk - config/nsprincl.sh - config/nspr-config -+config/nspr-config-pc -+config/nspr-config-vars - lib/Makefile - lib/ds/Makefile - lib/libc/Makefile ---- a/mozilla/nsprpub/configure.x123 2006-05-24 20:52:12.000000000 +0200 -+++ b/mozilla/nsprpub/configure 2006-05-24 20:54:05.000000000 +0200 -@@ -5899,6 +5899,8 @@ - config/nsprincl.mk - config/nsprincl.sh - config/nspr-config -+config/nspr-config-pc -+config/nspr-config-vars - lib/Makefile - lib/ds/Makefile - lib/libc/Makefile diff --git a/nss/PayPalEE.cert b/nss/PayPalEE.cert deleted file mode 100644 index e49d8bddf..000000000 Binary files a/nss/PayPalEE.cert and /dev/null differ diff --git a/nss/cert8.db b/nss/cert8.db deleted file mode 100644 index ac40a3325..000000000 Binary files a/nss/cert8.db and /dev/null differ diff --git a/nss/cert9.db b/nss/cert9.db deleted file mode 100644 index 1763264e7..000000000 Binary files a/nss/cert9.db and /dev/null differ diff --git a/nss/key3.db b/nss/key3.db deleted file mode 100644 index 31e397566..000000000 Binary files a/nss/key3.db and /dev/null differ diff --git a/nss/key4.db b/nss/key4.db deleted file mode 100644 index 6bd60cb0d..000000000 Binary files a/nss/key4.db and /dev/null differ diff --git a/nss/nss-config.in b/nss/nss-config.in deleted file mode 100644 index f8f893e71..000000000 --- a/nss/nss-config.in +++ /dev/null @@ -1,145 +0,0 @@ -#!/bin/sh - -prefix=@prefix@ - -major_version=@MOD_MAJOR_VERSION@ -minor_version=@MOD_MINOR_VERSION@ -patch_version=@MOD_PATCH_VERSION@ - -usage() -{ - cat <&2 -fi - -lib_ssl=yes -lib_smime=yes -lib_nss=yes -lib_nssutil=yes - -while test $# -gt 0; do - case "$1" in - -*=*) optarg=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'` ;; - *) optarg= ;; - esac - - case $1 in - --prefix=*) - prefix=$optarg - ;; - --prefix) - echo_prefix=yes - ;; - --exec-prefix=*) - exec_prefix=$optarg - ;; - --exec-prefix) - echo_exec_prefix=yes - ;; - --includedir=*) - includedir=$optarg - ;; - --includedir) - echo_includedir=yes - ;; - --libdir=*) - libdir=$optarg - ;; - --libdir) - echo_libdir=yes - ;; - --version) - echo ${major_version}.${minor_version}.${patch_version} - ;; - --cflags) - echo_cflags=yes - ;; - --libs) - echo_libs=yes - ;; - ssl) - lib_ssl=yes - ;; - smime) - lib_smime=yes - ;; - nss) - lib_nss=yes - ;; - nssutil) - lib_nssutil=yes - ;; - *) - usage 1 1>&2 - ;; - esac - shift -done - -# Set variables that may be dependent upon other variables -if test -z "$exec_prefix"; then - exec_prefix=`pkg-config --variable=exec_prefix nss` -fi -if test -z "$includedir"; then - includedir=`pkg-config --variable=includedir nss` -fi -if test -z "$libdir"; then - libdir=`pkg-config --variable=libdir nss` -fi - -if test "$echo_prefix" = "yes"; then - echo $prefix -fi - -if test "$echo_exec_prefix" = "yes"; then - echo $exec_prefix -fi - -if test "$echo_includedir" = "yes"; then - echo $includedir -fi - -if test "$echo_libdir" = "yes"; then - echo $libdir -fi - -if test "$echo_cflags" = "yes"; then - echo -I$includedir -fi - -if test "$echo_libs" = "yes"; then - libdirs="-Wl,-rpath-link,$libdir -L$libdir" - if test -n "$lib_ssl"; then - libdirs="$libdirs -lssl${major_version}" - fi - if test -n "$lib_smime"; then - libdirs="$libdirs -lsmime${major_version}" - fi - if test -n "$lib_nss"; then - libdirs="$libdirs -lnss${major_version}" - fi - if test -n "$lib_nssutil"; then - libdirs="$libdirs -lnssutil${major_version}" - fi - echo $libdirs -fi - diff --git a/nss/nss-util-config.in b/nss/nss-util-config.in deleted file mode 100644 index ef8751d0e..000000000 --- a/nss/nss-util-config.in +++ /dev/null @@ -1,118 +0,0 @@ -#!/bin/sh - -prefix=@prefix@ - -major_version=@MOD_MAJOR_VERSION@ -minor_version=@MOD_MINOR_VERSION@ -patch_version=@MOD_PATCH_VERSION@ - -usage() -{ - cat <&2 -fi - -lib_nssutil=yes - -while test $# -gt 0; do - case "$1" in - -*=*) optarg=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'` ;; - *) optarg= ;; - esac - - case $1 in - --prefix=*) - prefix=$optarg - ;; - --prefix) - echo_prefix=yes - ;; - --exec-prefix=*) - exec_prefix=$optarg - ;; - --exec-prefix) - echo_exec_prefix=yes - ;; - --includedir=*) - includedir=$optarg - ;; - --includedir) - echo_includedir=yes - ;; - --libdir=*) - libdir=$optarg - ;; - --libdir) - echo_libdir=yes - ;; - --version) - echo ${major_version}.${minor_version}.${patch_version} - ;; - --cflags) - echo_cflags=yes - ;; - --libs) - echo_libs=yes - ;; - *) - usage 1 1>&2 - ;; - esac - shift -done - -# Set variables that may be dependent upon other variables -if test -z "$exec_prefix"; then - exec_prefix=`pkg-config --variable=exec_prefix nss-util` -fi -if test -z "$includedir"; then - includedir=`pkg-config --variable=includedir nss-util` -fi -if test -z "$libdir"; then - libdir=`pkg-config --variable=libdir nss-util` -fi - -if test "$echo_prefix" = "yes"; then - echo $prefix -fi - -if test "$echo_exec_prefix" = "yes"; then - echo $exec_prefix -fi - -if test "$echo_includedir" = "yes"; then - echo $includedir -fi - -if test "$echo_libdir" = "yes"; then - echo $libdir -fi - -if test "$echo_cflags" = "yes"; then - echo -I$includedir -fi - -if test "$echo_libs" = "yes"; then - libdirs="-Wl,-rpath-link,$libdir -L$libdir" - if test -n "$lib_nssutil"; then - libdirs="$libdirs -lnssutil${major_version}" - fi - echo $libdirs -fi - diff --git a/nss/nss-util.pc.in b/nss/nss-util.pc.in deleted file mode 100644 index 1310248e9..000000000 --- a/nss/nss-util.pc.in +++ /dev/null @@ -1,11 +0,0 @@ -prefix=%prefix% -exec_prefix=%exec_prefix% -libdir=%libdir% -includedir=%includedir% - -Name: NSS-UTIL -Description: Network Security Services Utility Library -Version: %NSSUTIL_VERSION% -Requires: nspr >= %NSPR_VERSION% -Libs: -L${libdir} -lnssutil3 -Cflags: -I${includedir} diff --git a/nss/nss.nm b/nss/nss.nm deleted file mode 100644 index af0a2cfef..000000000 --- a/nss/nss.nm +++ /dev/null @@ -1,263 +0,0 @@ -############################################################################### -# IPFire.org - An Open Source Firewall Solution # -# Copyright (C) - IPFire Development Team # -############################################################################### - -name = nss -ver_major = 3 -ver_minor = 13 -ver_patch = 1 -version = %{ver_major}.%{ver_minor}.%{ver_patch} -release = 4 - -maintainer = Stefan Schantl -groups = System/Libraries -url = http://www.mozilla.org/projects/security/pki/nss/ -license = MPLv1.1 or GPLv2+ or LGPLv2+ -summary = Network Security Services. - -description - Network Security Services (NSS) is a set of libraries designed to - support cross-platform development of security-enabled client and - server applications. Applications built with NSS can support SSL v2 - and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 - v3 certificates, and other security standards. -end - -sources += \ - %{name}-pem-20100809.tar.bz2 - -source_dl = ftp://ftp.mozilla.org/pub/security/nss/releases/NSS_%{ver_major}_%{ver_minor}_%{ver_patch}_RTM/src/ - -build - requires - chrpath - nspr-devel - perl - pkg-config - psmisc - sqlite-devel - zlib-devel - end - - ## Define some global environment variables - - export FREEBL_NO_DEPEND=1 - - # Enable compiler optimizations and disable debugging code - export BUILD_OPT=1 - export XCFLAGS=%{CFLAGS} - - # Allow the usage of system libraries. - export PKG_CONFIG_ALLOW_SYSTEM_LIBS=1 - export PKG_CONFIG_ALLOW_SYSTEM_CFLAGS=1 - - # Define where to find nspr header files and libraries. - export NSPR_INCLUDE_DIR=/usr/include/nspr4 - export NSPR_LIB_DIR=%{libdir} - - # Disable support for SHA224. - export NO_SHA224_AVAILABLE=1 - - # Use sqlite from system. - export NSS_USE_SYSTEM_SQLITE=1 - - if "%{DISTRO_ARCH}" == "x86_64" - export USE_64=1 - end - - prepare - # Extract tarball. - cd %{DIR_SRC} && %{MACRO_EXTRACT} %{DIR_DL}/%{thisapp}.tar.gz - - # Extract pem tarball into nss directory. - cd %{DIR_APP} && %{MACRO_EXTRACT} %{DIR_DL}/%{name}-pem-20100809.tar.bz2 - - # Apply all patches - %{MACRO_PATCHES} - end - - build - make -C ./mozilla/security/coreconf - make -C ./mozilla/security/dbm - make -C ./mozilla/security/nss - end - - install - # We have to do the complete install stuff self. - - # Create directory layout. - mkdir -pv %{BUILDROOT}/usr/include/nss3 - mkdir -pv %{BUILDROOT}/usr/{bin,%{lib}} - mkdir -pv %{BUILDROOT}%{libdir}/pkgconfig - mkdir -pv %{BUILDROOT}%{libdir}/nss/unsupported-tools - - # Install all libraries. - install -p -v -m 755 mozilla/dist/*.OBJ/lib/libnss3.so \ - %{BUILDROOT}%{libdir} - install -p -v -m 755 mozilla/dist/*.OBJ/lib/libnssckbi.so \ - %{BUILDROOT}%{libdir} - install -p -v -m 755 mozilla/dist/*.OBJ/lib/libnsspem.so \ - %{BUILDROOT}%{libdir} - install -p -v -m 755 mozilla/dist/*.OBJ/lib/libnsssysinit.so \ - %{BUILDROOT}%{libdir} - install -p -v -m 755 mozilla/dist/*.OBJ/lib/libnssutil3.so \ - %{BUILDROOT}%{libdir} - install -p -v -m 755 mozilla/dist/*.OBJ/lib/libsmime3.so \ - %{BUILDROOT}%{libdir} - install -p -v -m 755 mozilla/dist/*.OBJ/lib/libssl3.so \ - %{BUILDROOT}%{libdir} - install -p -v -m 755 mozilla/dist/*.OBJ/lib/libsoftokn3.so \ - %{BUILDROOT}%{libdir} - install -p -v -m 755 mozilla/dist/*.OBJ/lib/libnssdbm3.so \ - %{BUILDROOT}%{libdir} - install -p -v -m 755 mozilla/dist/*.OBJ/lib/libfreebl3.so \ - %{BUILDROOT}/%{libdir} - - # Install the empty NSS db files - mkdir -pv %{BUILDROOT}/etc/pki/nssdb - cp -vf %{DIR_SOURCE}/*.db %{BUILDROOT}/etc/pki/nssdb/ - install -p -v -m 644 %{DIR_SOURCE}/system-pkcs11.txt \ - %{BUILDROOT}/etc/pki/nssdb/pkcs11.txt - - # Copy the binaries we want - install -p -v -m 755 mozilla/dist/*.OBJ/bin/certutil %{BUILDROOT}/usr/bin - install -p -v -m 755 mozilla/dist/*.OBJ/bin/cmsutil %{BUILDROOT}/usr/bin - install -p -v -m 755 mozilla/dist/*.OBJ/bin/crlutil %{BUILDROOT}/usr/bin - install -p -v -m 755 mozilla/dist/*.OBJ/bin/modutil %{BUILDROOT}/usr/bin - install -p -v -m 755 mozilla/dist/*.OBJ/bin/pk12util %{BUILDROOT}/usr/bin - install -p -v -m 755 mozilla/dist/*.OBJ/bin/signtool %{BUILDROOT}/usr/bin - install -p -v -m 755 mozilla/dist/*.OBJ/bin/signver %{BUILDROOT}/usr/bin - install -p -v -m 755 mozilla/dist/*.OBJ/bin/ssltap %{BUILDROOT}/usr/bin - chrpath --delete %{BUILDROOT}/usr/bin/* - - # Copy the binaries we ship as unsupported - install -p -v -m 755 mozilla/dist/*.OBJ/bin/atob %{BUILDROOT}%{libdir}/nss/unsupported-tools - install -p -v -m 755 mozilla/dist/*.OBJ/bin/btoa %{BUILDROOT}%{libdir}/nss/unsupported-tools - install -p -v -m 755 mozilla/dist/*.OBJ/bin/derdump %{BUILDROOT}%{libdir}/nss/unsupported-tools - install -p -v -m 755 mozilla/dist/*.OBJ/bin/ocspclnt %{BUILDROOT}%{libdir}/nss/unsupported-tools - install -p -v -m 755 mozilla/dist/*.OBJ/bin/pp %{BUILDROOT}%{libdir}/nss/unsupported-tools - install -p -v -m 755 mozilla/dist/*.OBJ/bin/selfserv %{BUILDROOT}%{libdir}/nss/unsupported-tools - install -p -v -m 755 mozilla/dist/*.OBJ/bin/shlibsign %{BUILDROOT}%{libdir}/nss/unsupported-tools - install -p -v -m 755 mozilla/dist/*.OBJ/bin/strsclnt %{BUILDROOT}%{libdir}/nss/unsupported-tools - install -p -v -m 755 mozilla/dist/*.OBJ/bin/symkeyutil %{BUILDROOT}%{libdir}/nss/unsupported-tools - install -p -v -m 755 mozilla/dist/*.OBJ/bin/tstclnt %{BUILDROOT}%{libdir}/nss/unsupported-tools - install -p -v -m 755 mozilla/dist/*.OBJ/bin/vfyserv %{BUILDROOT}%{libdir}/nss/unsupported-tools - install -p -v -m 755 mozilla/dist/*.OBJ/bin/vfychain %{BUILDROOT}%{libdir}/nss/unsupported-tools - chrpath --delete %{BUILDROOT}%{libdir}/nss/unsupported-tools/* - - for file in nss-config nss-util-config; do - sed -e "s,@libdir@,%{libdir},g" \ - -e "s,@prefix@,/usr,g" \ - -e "s,@exec_prefix@,/usr,g" \ - -e "s,@includedir@,/usr/include/nss3,g" \ - -e "s,@MOD_MAJOR_VERSION@,$(grep "#define.*NSS_VMAJOR" mozilla/security/nss/lib/nss/nss.h | awk '{print $3}'),g" \ - -e "s,@MOD_MINOR_VERSION@,$(grep "#define.*NSS_VMINOR" mozilla/security/nss/lib/nss/nss.h | awk '{print $3}'),g" \ - -e "s,@MOD_PATCH_VERSION@,$(grep "#define.*NSS_VPATCH" mozilla/security/nss/lib/nss/nss.h | awk '{print $3}'),g" \ - < %{DIR_SOURCE}/${file}.in \ - > %{BUILDROOT}/usr/bin/${file} - chmod -v 755 %{BUILDROOT}/usr/bin/${file} - done - - install -p -v -m 755 %{DIR_SOURCE}/setup-nsssysinit.sh %{BUILDROOT}/usr/bin - - # Generate file for pkg-config. - for file in nss.pc nss-util.pc; do - sed \ - -e "s,%libdir%,%{libdir},g" \ - -e "s,%prefix%,/usr,g" \ - -e "s,%exec_prefix%,/usr,g" \ - -e "s,%includedir%,/usr/include/nss3,g" \ - -e "s,%NSS_VERSION%,%{version},g" \ - -e "s,%NSPR_VERSION%,$(nspr-config --version),g" \ - < %{DIR_SOURCE}/${file}.in \ - > %{BUILDROOT}%{libdir}/pkgconfig/${file} - done - - # Copy the include files we want - cp -vf mozilla/dist/public/nss/*.h %{BUILDROOT}/usr/include/nss3 - cp -vf mozilla/dist/private/nss/blapi.h %{BUILDROOT}/usr/include/nss3 - chmod -v 644 %{BUILDROOT}/usr/include/nss3/*.h - end -end - -packages - package %{name} - - package %{name}-libs - template LIBS - - requires - nss-softokn=%{thisver} - nss-softokn-freebl=%{thisver} - end - - files - %{libdir}/*.so - end - end - - package %{name}-devel - template DEVEL - - requires - nspr-devel - nss=%{thisver} - end - - provides - nss-util-devel = %{thisver} - end - - # Mozilla does no versioning :( - files - /usr/bin/*-config - /usr/include - %{libdir}/pkgconfig - end - end - - package %{name}-softokn - summary = Network Security Services Softoken Module. - description - Network Security Services Softoken Cryptographic Module. - end - - requires = nss=%{thisver} - - files - %{libdir}/libnssdbm3.so - %{libdir}/libsoftokn3.so - %{libdir}/nss/unsupported-tools/shlibsign - end - end - - package %{name}-softokn-freebl - summary = Freebl library for the Network Security Services. - description - NSS Softoken Cryptographic Module Freelb Library. - end - - requires - nss=%{thisver} - nss-softokn=%{thisver} - end - - files = %{libdir}/libfreebl3.so - end - - package %{name}-util - summary = Network Security Services Utilities Library. - description - Utilities for Network Security Services and the Softoken module. - end - - requires = nss=%{thisver} - - files = %{libdir}/libnssutil3.so - end - - package %{name}-debuginfo - template DEBUGINFO - end -end diff --git a/nss/nss.pc.in b/nss/nss.pc.in deleted file mode 100644 index dddf868cf..000000000 --- a/nss/nss.pc.in +++ /dev/null @@ -1,11 +0,0 @@ -prefix=%prefix% -exec_prefix=%exec_prefix% -libdir=%libdir% -includedir=%includedir% - -Name: NSS -Description: Network Security Services -Version: %NSS_VERSION% -Requires: nspr >= %NSPR_VERSION% -Libs: -lssl3 -lsmime3 -lnss3 -Cflags: -I${includedir} diff --git a/nss/patches/0001-Bug-695011-PEM-logging.patch b/nss/patches/0001-Bug-695011-PEM-logging.patch deleted file mode 100644 index 2693d7cfb..000000000 --- a/nss/patches/0001-Bug-695011-PEM-logging.patch +++ /dev/null @@ -1,107 +0,0 @@ -From 5c61cdba435096ee6e65cee4dc9a473430643c07 Mon Sep 17 00:00:00 2001 -From: Elio Maldonado -Date: Tue, 12 Apr 2011 09:31:48 -0700 -Subject: [PATCH] Bug 695011 PEM logging - -Use NSPR logging facilities for PEM logging to fix a segmenation violation -caused when user cannot for write a log file created by root ---- - mozilla/security/nss/lib/ckfw/pem/ckpem.h | 7 ++++- - mozilla/security/nss/lib/ckfw/pem/util.c | 30 ++++++++++++++++------------ - 2 files changed, 22 insertions(+), 15 deletions(-) - -diff --git a/mozilla/security/nss/lib/ckfw/pem/ckpem.h b/mozilla/security/nss/lib/ckfw/pem/ckpem.h -index 839d40b..720525e 100644 ---- a/mozilla/security/nss/lib/ckfw/pem/ckpem.h -+++ b/mozilla/security/nss/lib/ckfw/pem/ckpem.h -@@ -1,3 +1,6 @@ -+#ifndef CKPEM_H -+#define CKPEM_H -+ - #include "nssckmdt.h" - #include "nssckfw.h" - #include "ckfwtm.h" -@@ -254,8 +257,8 @@ unsigned int pem_PrivateModulusLen(pemLOWKEYPrivateKey *privk); - /* ptoken.c */ - NSSCKMDToken * pem_NewToken(NSSCKFWInstance *fwInstance, CK_RV *pError); - -+/* util.c */ - void open_log(); --void close_log(); - void plog(const char *fmt, ...); - --#define PEM_H 1 -+#endif /* CKPEM_H */ -diff --git a/mozilla/security/nss/lib/ckfw/pem/util.c b/mozilla/security/nss/lib/ckfw/pem/util.c -index 853f418..fafb924 100644 ---- a/mozilla/security/nss/lib/ckfw/pem/util.c -+++ b/mozilla/security/nss/lib/ckfw/pem/util.c -@@ -41,6 +41,7 @@ - #include "prtime.h" - #include "prlong.h" - #include "prerror.h" -+#include "prlog.h" - #include "prprf.h" - #include "plgetopt.h" - #include "prenv.h" -@@ -51,6 +52,9 @@ - #include "cryptohi.h" - #include "secpkcs7.h" - #include "secerr.h" -+ -+#include "ckpem.h" -+ - #include - - #define CHUNK_SIZE 512 -@@ -267,34 +271,34 @@ ReadDERFromFile(SECItem *** derlist, char *filename, PRBool ascii, - return -1; - } - --FILE *plogfile; -+#ifdef DEBUG -+#define LOGGING_BUFFER_SIZE 400 -+#define PEM_DEFAULT_LOG_FILE "/tmp/pkcs11.log" -+static const char *pemLogModuleName = "PEM"; -+static PRLogModuleInfo* pemLogModule; -+#endif - - void open_log() - { - #ifdef DEBUG -- plogfile = fopen("/tmp/pkcs11.log", "a"); --#endif -+ const char *nsprLogFile = PR_GetEnv("NSPR_LOG_FILE"); - -- return; --} -+ pemLogModule = PR_NewLogModule(pemLogModuleName); - --void close_log() --{ --#ifdef DEBUG -- fclose(plogfile); -+ (void) PR_SetLogFile(nsprLogFile ? nsprLogFile : PEM_DEFAULT_LOG_FILE); -+ /* If false, the log file will remain what it was before */ - #endif -- return; - } - - void plog(const char *fmt, ...) - { - #ifdef DEBUG -+ char buf[LOGGING_BUFFER_SIZE]; - va_list ap; - - va_start(ap, fmt); -- vfprintf(plogfile, fmt, ap); -+ PR_vsnprintf(buf, sizeof(buf), fmt, ap); - va_end(ap); -- -- fflush(plogfile); -+ PR_LOG(pemLogModule, PR_LOG_DEBUG, ("%s", buf)); - #endif - } --- -1.7.4.2 - diff --git a/nss/patches/0001-libnsspem-rhbz-734760.patch b/nss/patches/0001-libnsspem-rhbz-734760.patch deleted file mode 100644 index 45b4024d7..000000000 --- a/nss/patches/0001-libnsspem-rhbz-734760.patch +++ /dev/null @@ -1,21 +0,0 @@ -diff -up ./mozilla/security/nss/lib/ckfw/pem/pobject.c.734760 ./mozilla/security/nss/lib/ckfw/pem/pobject.c ---- ./mozilla/security/nss/lib/ckfw/pem/pobject.c.734760 2011-09-10 10:21:38.819248564 -0700 -+++ ./mozilla/security/nss/lib/ckfw/pem/pobject.c 2011-09-10 10:28:47.970083785 -0700 -@@ -1117,7 +1117,7 @@ pem_CreateObject - - nobjs = ReadDERFromFile(&derlist, filename, PR_TRUE, &cipher, &ivstring, PR_TRUE /* certs only */); - if (nobjs < 1) -- return (NSSCKMDObject *) NULL; -+ goto loser; - - objid = -1; - /* Brute force: find the id of the key, if any, in this slot */ -@@ -1176,7 +1176,7 @@ pem_CreateObject - - nobjs = ReadDERFromFile(&derlist, filename, PR_TRUE, &cipher, &ivstring, PR_FALSE /* keys only */); - if (nobjs < 1) -- return (NSSCKMDObject *) NULL; -+ goto loser; - - certDER.len = 0; /* in case there is no equivalent cert */ - certDER.data = NULL; diff --git a/nss/patches/bz784672-protect-against-calls-before-nss_init.patch0 b/nss/patches/bz784672-protect-against-calls-before-nss_init.patch0 deleted file mode 100644 index 934ea3033..000000000 --- a/nss/patches/bz784672-protect-against-calls-before-nss_init.patch0 +++ /dev/null @@ -1,40 +0,0 @@ -diff -up mozilla/security/nss/lib/nss/nssinit.c.784672 mozilla/security/nss/lib/nss/nssinit.c ---- mozilla/security/nss/lib/nss/nssinit.c.784672 2012-01-26 14:43:46.232357231 -0800 -+++ mozilla/security/nss/lib/nss/nssinit.c 2012-01-26 14:50:55.830512565 -0800 -@@ -944,6 +944,12 @@ NSS_RegisterShutdown(NSS_ShutdownFunc sF - { - int i; - -+ /* make sure our lock and condition variable are initialized one and only -+ * one time */ -+ if (PR_CallOnce(&nssInitOnce, nss_doLockInit) != PR_SUCCESS) { -+ return SECFailure; -+ } -+ - PZ_Lock(nssInitLock); - if (!NSS_IsInitialized()) { - PZ_Unlock(nssInitLock); -@@ -1002,6 +1008,11 @@ NSS_UnregisterShutdown(NSS_ShutdownFunc - { - int i; - -+ /* make sure our lock and condition variable are initialized one and only -+ * one time */ -+ if (PR_CallOnce(&nssInitOnce, nss_doLockInit) != PR_SUCCESS) { -+ return SECFailure; -+ } - PZ_Lock(nssInitLock); - if (!NSS_IsInitialized()) { - PZ_Unlock(nssInitLock); -@@ -1192,6 +1203,11 @@ NSS_ShutdownContext(NSSInitContext *cont - { - SECStatus rv = SECSuccess; - -+ /* make sure our lock and condition variable are initialized one and only -+ * one time */ -+ if (PR_CallOnce(&nssInitOnce, nss_doLockInit) != PR_SUCCESS) { -+ return SECFailure; -+ } - PZ_Lock(nssInitLock); - /* If one or more threads are in the middle of init, wait for them - * to complete */ diff --git a/nss/patches/gnuc-minor-def-fix.patch b/nss/patches/gnuc-minor-def-fix.patch deleted file mode 100644 index f210af29e..000000000 --- a/nss/patches/gnuc-minor-def-fix.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up nss-3.13.1/mozilla/security/nss/lib/util/pkcs11n.h.fo nss-3.13.1/mozilla/security/nss/lib/util/pkcs11n.h ---- nss-3.13.1/mozilla/security/nss/lib/util/pkcs11n.h.fo 2011-11-10 12:44:17.683967574 -0600 -+++ nss-3.13.1/mozilla/security/nss/lib/util/pkcs11n.h 2011-11-10 12:44:24.146886778 -0600 -@@ -362,7 +362,7 @@ typedef CK_ULONG CK_TRUST; - * cast the resulting value to the deprecated type in the #define, thus - * producting the warning when the #define is used. - */ --#if (__GNUC__ == 4) && (__GNUC_MINOR < 5) -+#if (__GNUC__ == 4) && (__GNUC_MINOR__ < 5) - /* The mac doesn't like the friendlier deprecate messages. I'm assuming this - * is a gcc version issue rather than mac or ppc specific */ - typedef CK_TRUST __CKT_NSS_UNTRUSTED __attribute__((deprecated)); diff --git a/nss/patches/nofipstest.patch0 b/nss/patches/nofipstest.patch0 deleted file mode 100644 index 5f711bea6..000000000 --- a/nss/patches/nofipstest.patch0 +++ /dev/null @@ -1,19 +0,0 @@ -diff -up ./mozilla/security/nss/cmd/manifest.mn.nofipstest ./mozilla/security/nss/cmd/manifest.mn ---- ./mozilla/security/nss/cmd/manifest.mn.nofipstest 2011-12-03 22:54:40.969914919 -0800 -+++ ./mozilla/security/nss/cmd/manifest.mn 2011-12-03 22:55:12.348505822 -0800 -@@ -54,7 +54,6 @@ DIRS = lib \ - dbtest \ - derdump \ - digest \ -- fipstest \ - makepqg \ - multinit \ - ocspclnt \ -@@ -84,6 +83,7 @@ DIRS = lib \ - $(NULL) - - TEMPORARILY_DONT_BUILD = \ -+ fipstest \ - $(NULL) - - # rsaperf \ diff --git a/nss/patches/nosha224.patch0 b/nss/patches/nosha224.patch0 deleted file mode 100644 index bd9d35132..000000000 --- a/nss/patches/nosha224.patch0 +++ /dev/null @@ -1,618 +0,0 @@ -diff -up ./mozilla/security/coreconf/Linux.mk.nosha224 ./mozilla/security/coreconf/Linux.mk ---- ./mozilla/security/coreconf/Linux.mk.nosha224 2011-12-04 22:03:47.295609957 -0800 -+++ ./mozilla/security/coreconf/Linux.mk 2011-12-04 22:03:47.301609957 -0800 -@@ -188,6 +188,14 @@ NSSUTIL_LIBS = -lnssutil3 - USE_SYSTEM_FREEBL = 1 - FREEBL_LIBS = -lfreebl3 - -+# -+# Don't compile code that requires SHA224 if it isn't avilable -+# Such is the case when system freebl/softokn is the 3.12 one -+# -+ifdef NO_SHA224_AVAILABLE -+CFLAGS+=-DNO_SHA224_AVAILABLE -+endif -+ - # The -rpath '$$ORIGIN' linker option instructs this library to search for its - # dependencies in the same directory where it resides. - ifeq ($(BUILD_SUN_PKG), 1) -diff -up ./mozilla/security/nss/cmd/bltest/blapitest.c.nosha224 ./mozilla/security/nss/cmd/bltest/blapitest.c ---- ./mozilla/security/nss/cmd/bltest/blapitest.c.nosha224 2011-09-16 12:16:50.000000000 -0700 -+++ ./mozilla/security/nss/cmd/bltest/blapitest.c 2011-12-04 22:03:47.302609957 -0800 -@@ -686,7 +686,9 @@ typedef enum { - bltestMD2, /* Hash algorithms */ - bltestMD5, /* . */ - bltestSHA1, /* . */ -+#ifndef NO_SHA224_AVAILABLE - bltestSHA224, /* . */ -+#endif - bltestSHA256, /* . */ - bltestSHA384, /* . */ - bltestSHA512, /* . */ -@@ -721,7 +723,9 @@ static char *mode_strings[] = - "md2", - "md5", - "sha1", -+#ifndef NO_SHA224_AVAILABLE - "sha224", -+#endif - "sha256", - "sha384", - "sha512", -@@ -1761,6 +1765,7 @@ finish: - return rv; - } - -+#ifndef NO_SHA224_AVAILABLE - SECStatus - SHA224_restart(unsigned char *dest, const unsigned char *src, uint32 src_length) - { -@@ -1800,6 +1805,7 @@ finish: - SHA224_DestroyContext(cx, PR_TRUE); - return rv; - } -+#endif - - SECStatus - SHA256_restart(unsigned char *dest, const unsigned char *src, uint32 src_length) -@@ -2093,6 +2099,7 @@ cipherInit(bltestCipherInfo *cipherInfo, - cipherInfo->cipher.hashCipher = (restart) ? sha1_restart : SHA1_HashBuf; - return SECSuccess; - break; -+#ifndef NO_SHA224_AVAILABLE - case bltestSHA224: - restart = cipherInfo->params.hash.restart; - SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, -@@ -2100,6 +2107,7 @@ cipherInit(bltestCipherInfo *cipherInfo, - cipherInfo->cipher.hashCipher = (restart) ? SHA224_restart - : SHA224_HashBuf; - return SECSuccess; -+#endif - break; - case bltestSHA256: - restart = cipherInfo->params.hash.restart; -@@ -2542,7 +2550,9 @@ cipherFinish(bltestCipherInfo *cipherInf - case bltestMD2: /* hash contexts are ephemeral */ - case bltestMD5: - case bltestSHA1: -+#ifndef NO_SHA224_AVAILABLE - case bltestSHA224: -+#endif - case bltestSHA256: - case bltestSHA384: - case bltestSHA512: -@@ -2896,7 +2906,9 @@ get_params(PRArenaPool *arena, bltestPar - case bltestMD2: - case bltestMD5: - case bltestSHA1: -+#ifndef NO_SHA224_AVAILABLE - case bltestSHA224: -+#endif - case bltestSHA256: - case bltestSHA384: - case bltestSHA512: -diff -up ./mozilla/security/nss/cmd/chktest/chktest.c.nosha224 ./mozilla/security/nss/cmd/chktest/chktest.c ---- ./mozilla/security/nss/cmd/chktest/chktest.c.nosha224 2010-12-06 09:22:49.000000000 -0800 -+++ ./mozilla/security/nss/cmd/chktest/chktest.c 2011-12-04 22:03:47.304609957 -0800 -@@ -41,6 +41,10 @@ - #include "blapi.h" - #include "secutil.h" - -+#ifdef NO_SHA224_AVAILABLE -+PRBool BLAPI_SHVerifyFile(const char *shName); -+#endif -+ - static int Usage() - { - fprintf(stderr, "Usage: chktest \n"); -diff -up ./mozilla/security/nss/cmd/lib/secutil.c.nosha224 ./mozilla/security/nss/cmd/lib/secutil.c ---- ./mozilla/security/nss/cmd/lib/secutil.c.nosha224 2011-10-22 07:35:41.000000000 -0700 -+++ ./mozilla/security/nss/cmd/lib/secutil.c 2011-12-04 22:03:47.305609957 -0800 -@@ -86,6 +86,14 @@ static char consoleName[] = { - #include "nssutil.h" - #include "ssl.h" - -+/* Defined in ./mozilla/dist/public/nss/certdb.h which was included -+ * and also in ./mozilla/security/nss/lib/softoken/legacydb/pcertt.h -+ * but invisible here for some reason -+ */ -+#ifndef CERTDB_TERMINAL_RECORD -+#define CERTDB_TERMINAL_RECORD (1<<0) -+#endif -+ - - void - SECU_PrintErrMsg(FILE *out, int level, char *progName, char *msg, ...) -@@ -1509,6 +1517,8 @@ const SEC_ASN1Template secuPBEV2Params[] - { 0 } - }; - -+/* if no sha224 then no psapss either */ -+#ifndef NO_SHA224_AVAILABLE - void - secu_PrintRSAPSSParams(FILE *out, SECItem *value, char *m, int level) - { -@@ -1572,6 +1582,7 @@ secu_PrintRSAPSSParams(FILE *out, SECIte - } - PORT_FreeArena(pool, PR_FALSE); - } -+#endif - - void - secu_PrintKDF2Params(FILE *out, SECItem *value, char *m, int level) -@@ -1684,10 +1695,12 @@ SECU_PrintAlgorithmID(FILE *out, SECAlgo - return; - } - -+#ifndef NO_SHA224_AVAILABLE - if (algtag == SEC_OID_PKCS1_RSA_PSS_SIGNATURE) { - secu_PrintRSAPSSParams(out, &a->parameters, "Parameters", level+1); - return; - } -+#endif - - if (a->parameters.len == 0 - || (a->parameters.len == 2 -@@ -3763,8 +3776,10 @@ SECU_StringToSignatureAlgTag(const char - hashAlgTag = SEC_OID_MD5; - } else if (!PL_strcmp(alg, "SHA1")) { - hashAlgTag = SEC_OID_SHA1; -+#ifndef NO_SHA224_AVAILABLE - } else if (!PL_strcmp(alg, "SHA224")) { - hashAlgTag = SEC_OID_SHA224; -+#endif - } else if (!PL_strcmp(alg, "SHA256")) { - hashAlgTag = SEC_OID_SHA256; - } else if (!PL_strcmp(alg, "SHA384")) { -diff -up ./mozilla/security/nss/cmd/pk11mode/pk11mode.c.nosha224 ./mozilla/security/nss/cmd/pk11mode/pk11mode.c ---- ./mozilla/security/nss/cmd/pk11mode/pk11mode.c.nosha224 2011-12-04 22:07:27.230604899 -0800 -+++ ./mozilla/security/nss/cmd/pk11mode/pk11mode.c 2011-12-04 22:10:06.365601241 -0800 -@@ -883,21 +883,27 @@ CK_RV PKM_KeyTests(CK_FUNCTION_LIST_PTR - - mech_str digestMechs[] = { - {CKM_SHA_1, "CKM_SHA_1 "}, -+#ifndef NO_SHA224_AVAILABLE - {CKM_SHA224, "CKM_SHA224"}, -+#endif - {CKM_SHA256, "CKM_SHA256"}, - {CKM_SHA384, "CKM_SHA384"}, - {CKM_SHA512, "CKM_SHA512"} - }; - mech_str hmacMechs[] = { - {CKM_SHA_1_HMAC, "CKM_SHA_1_HMAC"}, -+#ifndef NO_SHA224_AVAILABLE - {CKM_SHA224_HMAC, "CKM_SHA224_HMAC"}, -+#endif - {CKM_SHA256_HMAC, "CKM_SHA256_HMAC"}, - {CKM_SHA384_HMAC, "CKM_SHA384_HMAC"}, - {CKM_SHA512_HMAC, "CKM_SHA512_HMAC"} - }; - mech_str sigRSAMechs[] = { - {CKM_SHA1_RSA_PKCS, "CKM_SHA1_RSA_PKCS"}, -+#ifndef NO_SHA224_AVAILABLE - {CKM_SHA224_RSA_PKCS, "CKM_SHA224_RSA_PKCS"}, -+#endif - {CKM_SHA256_RSA_PKCS, "CKM_SHA256_RSA_PKCS"}, - {CKM_SHA384_RSA_PKCS, "CKM_SHA384_RSA_PKCS"}, - {CKM_SHA512_RSA_PKCS, "CKM_SHA512_RSA_PKCS"} -diff -up ./mozilla/security/nss/lib/cryptohi/sechash.c.nosha224 ./mozilla/security/nss/lib/cryptohi/sechash.c ---- ./mozilla/security/nss/lib/cryptohi/sechash.c.nosha224 2011-06-21 15:47:54.000000000 -0700 -+++ ./mozilla/security/nss/lib/cryptohi/sechash.c 2011-12-04 22:03:47.306609957 -0800 -@@ -91,10 +91,12 @@ sha1_NewContext(void) { - return (void *) PK11_CreateDigestContext(SEC_OID_SHA1); - } - -+#ifndef NO_SHA224_AVAILABLE - static void * - sha224_NewContext(void) { - return (void *) PK11_CreateDigestContext(SEC_OID_SHA224); - } -+#endif - - static void * - sha256_NewContext(void) { -@@ -189,6 +191,7 @@ const SECHashObject SECHashObjects[] = { - SHA512_BLOCK_LENGTH, - HASH_AlgSHA512 - }, -+#ifndef NO_SHA224_AVAILABLE - { SHA224_LENGTH, - (void * (*)(void)) sha224_NewContext, - (void * (*)(void *)) PK11_CloneContext, -@@ -200,6 +203,7 @@ const SECHashObject SECHashObjects[] = { - SHA224_BLOCK_LENGTH, - HASH_AlgSHA224 - }, -+#endif - }; - - const SECHashObject * -@@ -217,7 +221,9 @@ HASH_GetHashTypeByOidTag(SECOidTag hashO - case SEC_OID_MD2: ht = HASH_AlgMD2; break; - case SEC_OID_MD5: ht = HASH_AlgMD5; break; - case SEC_OID_SHA1: ht = HASH_AlgSHA1; break; -+#ifndef NO_SHA224_AVAILABLE - case SEC_OID_SHA224: ht = HASH_AlgSHA224; break; -+#endif - case SEC_OID_SHA256: ht = HASH_AlgSHA256; break; - case SEC_OID_SHA384: ht = HASH_AlgSHA384; break; - case SEC_OID_SHA512: ht = HASH_AlgSHA512; break; -@@ -237,7 +243,9 @@ HASH_GetHashOidTagByHMACOidTag(SECOidTag - /* no oid exists for HMAC_MD2 */ - /* NSS does not define a oid for HMAC_MD4 */ - case SEC_OID_HMAC_SHA1: hashOid = SEC_OID_SHA1; break; -+#ifndef NO_SHA224_AVAILABLE - case SEC_OID_HMAC_SHA224: hashOid = SEC_OID_SHA224; break; -+#endif - case SEC_OID_HMAC_SHA256: hashOid = SEC_OID_SHA256; break; - case SEC_OID_HMAC_SHA384: hashOid = SEC_OID_SHA384; break; - case SEC_OID_HMAC_SHA512: hashOid = SEC_OID_SHA512; break; -@@ -257,7 +265,9 @@ HASH_GetHMACOidTagByHashOidTag(SECOidTag - /* no oid exists for HMAC_MD2 */ - /* NSS does not define a oid for HMAC_MD4 */ - case SEC_OID_SHA1: hmacOid = SEC_OID_HMAC_SHA1; break; -+#ifndef NO_SHA224_AVAILABLE - case SEC_OID_SHA224: hmacOid = SEC_OID_HMAC_SHA224; break; -+#endif - case SEC_OID_SHA256: hmacOid = SEC_OID_HMAC_SHA256; break; - case SEC_OID_SHA384: hmacOid = SEC_OID_HMAC_SHA384; break; - case SEC_OID_SHA512: hmacOid = SEC_OID_HMAC_SHA512; break; -diff -up ./mozilla/security/nss/lib/cryptohi/seckey.c.nosha224 ./mozilla/security/nss/lib/cryptohi/seckey.c ---- ./mozilla/security/nss/lib/cryptohi/seckey.c.nosha224 2011-10-22 07:35:42.000000000 -0700 -+++ ./mozilla/security/nss/lib/cryptohi/seckey.c 2011-12-04 22:03:47.307609957 -0800 -@@ -550,7 +550,9 @@ seckey_GetKeyType (SECOidTag tag) { - * should be handing us a cipher type */ - case SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION: - case SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION: -+#ifndef NO_SHA224_AVAILABLE - case SEC_OID_PKCS1_SHA224_WITH_RSA_ENCRYPTION: -+#endif - case SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION: - case SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION: - case SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION: -diff -up ./mozilla/security/nss/lib/cryptohi/secvfy.c.nosha224 ./mozilla/security/nss/lib/cryptohi/secvfy.c ---- ./mozilla/security/nss/lib/cryptohi/secvfy.c.nosha224 2011-10-22 07:35:42.000000000 -0700 -+++ ./mozilla/security/nss/lib/cryptohi/secvfy.c 2011-12-04 22:03:47.307609957 -0800 -@@ -240,11 +240,12 @@ sec_DecodeSigAlg(const SECKEYPublicKey * - case SEC_OID_PKCS1_RSA_PSS_SIGNATURE: - *hashalg = SEC_OID_UNKNOWN; /* get it from the RSA signature */ - break; -- -+#ifndef NO_SHA224_AVAILABLE - case SEC_OID_ANSIX962_ECDSA_SHA224_SIGNATURE: - case SEC_OID_PKCS1_SHA224_WITH_RSA_ENCRYPTION: - *hashalg = SEC_OID_SHA224; - break; -+#endif - case SEC_OID_ANSIX962_ECDSA_SHA256_SIGNATURE: - case SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION: - *hashalg = SEC_OID_SHA256; -@@ -279,8 +280,10 @@ sec_DecodeSigAlg(const SECKEYPublicKey * - len = SECKEY_PublicKeyStrength(key); - if (len < 28) { /* 28 bytes == 224 bits */ - *hashalg = SEC_OID_SHA1; -+#ifndef NO_SHA224_AVAILABLE - } else if (len < 32) { /* 32 bytes == 256 bits */ - *hashalg = SEC_OID_SHA224; -+#endif - } else if (len < 48) { /* 48 bytes == 384 bits */ - *hashalg = SEC_OID_SHA256; - } else if (len < 64) { /* 48 bytes == 512 bits */ -@@ -325,7 +328,9 @@ sec_DecodeSigAlg(const SECKEYPublicKey * - case SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION: - case SEC_OID_ISO_SHA_WITH_RSA_SIGNATURE: - case SEC_OID_ISO_SHA1_WITH_RSA_SIGNATURE: -+#ifndef NO_SHA224_AVAILABLE - case SEC_OID_PKCS1_SHA224_WITH_RSA_ENCRYPTION: -+#endif - case SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION: - case SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION: - case SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION: -@@ -347,7 +352,9 @@ sec_DecodeSigAlg(const SECKEYPublicKey * - *encalg = SEC_OID_MISSI_DSS; - break; - case SEC_OID_ANSIX962_ECDSA_SHA1_SIGNATURE: -+#ifndef NO_SHA224_AVAILABLE - case SEC_OID_ANSIX962_ECDSA_SHA224_SIGNATURE: -+#endif - case SEC_OID_ANSIX962_ECDSA_SHA256_SIGNATURE: - case SEC_OID_ANSIX962_ECDSA_SHA384_SIGNATURE: - case SEC_OID_ANSIX962_ECDSA_SHA512_SIGNATURE: -diff -up ./mozilla/security/nss/lib/freebl/blapi.h.nosha224 ./mozilla/security/nss/lib/freebl/blapi.h ---- ./mozilla/security/nss/lib/freebl/blapi.h.nosha224 2011-10-04 15:05:53.000000000 -0700 -+++ ./mozilla/security/nss/lib/freebl/blapi.h 2011-12-04 22:03:47.308609957 -0800 -@@ -1088,7 +1088,7 @@ extern SHA1Context * SHA1_Resurrect(unsi - extern void SHA1_Clone(SHA1Context *dest, SHA1Context *src); - - /******************************************/ -- -+#ifndef NO_SHA224_AVAILABLE - extern SHA224Context *SHA224_NewContext(void); - extern void SHA224_DestroyContext(SHA224Context *cx, PRBool freeit); - extern void SHA224_Begin(SHA224Context *cx); -@@ -1104,6 +1104,7 @@ extern unsigned int SHA224_FlattenSize(S - extern SECStatus SHA224_Flatten(SHA224Context *cx,unsigned char *space); - extern SHA224Context * SHA224_Resurrect(unsigned char *space, void *arg); - extern void SHA224_Clone(SHA224Context *dest, SHA224Context *src); -+#endif - - /******************************************/ - -diff -up ./mozilla/security/nss/lib/freebl/ldvector.c.nosha224 ./mozilla/security/nss/lib/freebl/ldvector.c ---- ./mozilla/security/nss/lib/freebl/ldvector.c.nosha224 2011-10-04 15:05:53.000000000 -0700 -+++ ./mozilla/security/nss/lib/freebl/ldvector.c 2011-12-04 22:03:47.309609957 -0800 -@@ -270,7 +270,7 @@ static const struct FREEBLVectorStr vect - JPAKE_Verify, - JPAKE_Round2, - JPAKE_Final, -- -+#ifndef NO_SHA224_AVAILABLE - /* End of Version 3.012 */ - - TLS_P_hash, -@@ -287,7 +287,7 @@ static const struct FREEBLVectorStr vect - SHA224_Resurrect, - SHA224_Clone, - BLAPI_SHVerifyFile -- -+#endif - /* End of Version 3.013 */ - }; - -diff -up ./mozilla/security/nss/lib/freebl/nsslowhash.c.nosha224 ./mozilla/security/nss/lib/freebl/nsslowhash.c ---- ./mozilla/security/nss/lib/freebl/nsslowhash.c.nosha224 2010-09-09 17:42:36.000000000 -0700 -+++ ./mozilla/security/nss/lib/freebl/nsslowhash.c 2011-12-04 22:03:47.309609957 -0800 -@@ -128,14 +128,14 @@ freebl_fips_SHA_PowerUpSelfTest( void ) - 0x0a,0x6d,0x07,0xba,0x1e,0xbd,0x8a,0x1b, - 0x72,0xf6,0xc7,0x22,0xf1,0x27,0x9f,0xf0, - 0xe0,0x68,0x47,0x7a}; -- -+#ifndef NO_SHA224_AVAILABLE - /* SHA-224 Known Digest Message (224-bits). */ - static const PRUint8 sha224_known_digest[] = { - 0x1c,0xc3,0x06,0x8e,0xce,0x37,0x68,0xfb, - 0x1a,0x82,0x4a,0xbe,0x2b,0x00,0x51,0xf8, - 0x9d,0xb6,0xe0,0x90,0x0d,0x00,0xc9,0x64, - 0x9a,0xb8,0x98,0x4e}; -- -+#endif - /* SHA-256 Known Digest Message (256-bits). */ - static const PRUint8 sha256_known_digest[] = { - 0x38,0xa9,0xc1,0xf0,0x35,0xf6,0x5d,0x61, -@@ -178,7 +178,7 @@ freebl_fips_SHA_PowerUpSelfTest( void ) - ( PORT_Memcmp( sha_computed_digest, sha1_known_digest, - SHA1_LENGTH ) != 0 ) ) - return( CKR_DEVICE_ERROR ); -- -+#ifndef NO_SHA224_AVAILABLE - /***************************************************/ - /* SHA-224 Single-Round Known Answer Hashing Test. */ - /***************************************************/ -@@ -190,7 +190,7 @@ freebl_fips_SHA_PowerUpSelfTest( void ) - ( PORT_Memcmp( sha_computed_digest, sha224_known_digest, - SHA224_LENGTH ) != 0 ) ) - return( CKR_DEVICE_ERROR ); -- -+#endif - /***************************************************/ - /* SHA-256 Single-Round Known Answer Hashing Test. */ - /***************************************************/ -diff -up ./mozilla/security/nss/lib/freebl/rawhash.c.nosha224 ./mozilla/security/nss/lib/freebl/rawhash.c ---- ./mozilla/security/nss/lib/freebl/rawhash.c.nosha224 2010-08-17 22:55:47.000000000 -0700 -+++ ./mozilla/security/nss/lib/freebl/rawhash.c 2011-12-04 22:03:47.309609957 -0800 -@@ -155,6 +155,7 @@ const SECHashObject SECRawHashObjects[] - SHA512_BLOCK_LENGTH, - HASH_AlgSHA512 - }, -+#ifndef NO_SHA224_AVAILABLE - { SHA224_LENGTH, - (void * (*)(void)) SHA224_NewContext, - (void * (*)(void *)) null_hash_clone_context, -@@ -166,6 +167,7 @@ const SECHashObject SECRawHashObjects[] - SHA224_BLOCK_LENGTH, - HASH_AlgSHA224 - }, -+#endif - }; - - const SECHashObject * -diff -up ./mozilla/security/nss/lib/freebl/sha512.c.nosha224 ./mozilla/security/nss/lib/freebl/sha512.c ---- ./mozilla/security/nss/lib/freebl/sha512.c.nosha224 2011-09-14 10:48:03.000000000 -0700 -+++ ./mozilla/security/nss/lib/freebl/sha512.c 2011-12-04 22:03:47.310609957 -0800 -@@ -544,6 +544,7 @@ void SHA256_Clone(SHA256Context *dest, S - memcpy(dest, src, sizeof *dest); - } - -+#ifndef NO_SHA224_AVAILABLE - /* ============= SHA224 implementation ================================== */ - - /* SHA-224 initial hash values */ -@@ -630,7 +631,7 @@ void SHA224_Clone(SHA224Context *dest, S - { - SHA256_Clone(dest, src); - } -- -+#endif - - /* ======= SHA512 and SHA384 common constants and defines ================= */ - -diff -up ./mozilla/security/nss/lib/softoken/fipstest.c.nosha224 ./mozilla/security/nss/lib/softoken/fipstest.c ---- ./mozilla/security/nss/lib/softoken/fipstest.c.nosha224 2011-03-29 08:12:43.000000000 -0700 -+++ ./mozilla/security/nss/lib/softoken/fipstest.c 2011-12-04 22:03:47.311609956 -0800 -@@ -865,12 +865,14 @@ sftk_fips_HMAC_PowerUpSelfTest( void ) - 0x3b, 0x57, 0x1d, 0x61, 0xe7, 0xb8, 0x84, 0x1e, - 0x5d, 0x0e, 0x1e, 0x11}; - -+#ifndef NO_SHA224_AVAILABLE - /* known SHA224 hmac (28 bytes) */ - static const PRUint8 known_SHA224_hmac[] = { - 0x1c, 0xc3, 0x06, 0x8e, 0xce, 0x37, 0x68, 0xfb, - 0x1a, 0x82, 0x4a, 0xbe, 0x2b, 0x00, 0x51, 0xf8, - 0x9d, 0xb6, 0xe0, 0x90, 0x0d, 0x00, 0xc9, 0x64, - 0x9a, 0xb8, 0x98, 0x4e}; -+#endif - - /* known SHA256 hmac (32 bytes) */ - static const PRUint8 known_SHA256_hmac[] = { -@@ -922,6 +924,7 @@ sftk_fips_HMAC_PowerUpSelfTest( void ) - /* HMAC SHA-224 Single-Round Known Answer Test. */ - /***************************************************/ - -+#ifndef NO_SHA224_AVAILABLE - hmac_status = sftk_fips_HMAC(hmac_computed, - HMAC_known_secret_key, - HMAC_known_secret_key_length, -@@ -933,6 +936,7 @@ sftk_fips_HMAC_PowerUpSelfTest( void ) - ( PORT_Memcmp( hmac_computed, known_SHA224_hmac, - SHA224_LENGTH ) != 0 ) ) - return( CKR_DEVICE_ERROR ); -+#endif - - /***************************************************/ - /* HMAC SHA-256 Single-Round Known Answer Test. */ -@@ -994,12 +998,14 @@ sftk_fips_SHA_PowerUpSelfTest( void ) - 0x72,0xf6,0xc7,0x22,0xf1,0x27,0x9f,0xf0, - 0xe0,0x68,0x47,0x7a}; - -+#ifndef NO_SHA224_AVAILABLE - /* SHA-224 Known Digest Message (224-bits). */ - static const PRUint8 sha224_known_digest[] = { - 0x89,0x5e,0x7f,0xfd,0x0e,0xd8,0x35,0x6f, - 0x64,0x6d,0xf2,0xde,0x5e,0xed,0xa6,0x7f, - 0x29,0xd1,0x12,0x73,0x42,0x84,0x95,0x4f, - 0x8e,0x08,0xe5,0xcb}; -+#endif - - /* SHA-256 Known Digest Message (256-bits). */ - static const PRUint8 sha256_known_digest[] = { -@@ -1048,6 +1054,7 @@ sftk_fips_SHA_PowerUpSelfTest( void ) - /* SHA-224 Single-Round Known Answer Hashing Test. */ - /***************************************************/ - -+#ifndef NO_SHA224_AVAILABLE - sha_status = SHA224_HashBuf( sha_computed_digest, known_hash_message, - FIPS_KNOWN_HASH_MESSAGE_LENGTH ); - -@@ -1055,6 +1062,7 @@ sftk_fips_SHA_PowerUpSelfTest( void ) - ( PORT_Memcmp( sha_computed_digest, sha224_known_digest, - SHA224_LENGTH ) != 0 ) ) - return( CKR_DEVICE_ERROR ); -+#endif - - /***************************************************/ - /* SHA-256 Single-Round Known Answer Hashing Test. */ -diff -up ./mozilla/security/nss/lib/softoken/pkcs11c.c.nosha224 ./mozilla/security/nss/lib/softoken/pkcs11c.c ---- ./mozilla/security/nss/lib/softoken/pkcs11c.c.nosha224 2011-09-21 11:49:16.000000000 -0700 -+++ ./mozilla/security/nss/lib/softoken/pkcs11c.c 2011-12-04 22:03:47.313609956 -0800 -@@ -1316,7 +1316,9 @@ CK_RV NSC_DigestInit(CK_SESSION_HANDLE h - INIT_MECH(CKM_MD2, MD2) - INIT_MECH(CKM_MD5, MD5) - INIT_MECH(CKM_SHA_1, SHA1) -+#ifndef NO_SHA224_AVAILABLE - INIT_MECH(CKM_SHA224, SHA224) -+#endif - INIT_MECH(CKM_SHA256, SHA256) - INIT_MECH(CKM_SHA384, SHA384) - INIT_MECH(CKM_SHA512, SHA512) -@@ -1440,7 +1442,9 @@ sftk_doSub ## mmm(SFTKSessionContext *co - DOSUB(MD2) - DOSUB(MD5) - DOSUB(SHA1) -+#ifndef NO_SHA224_AVAILABLE - DOSUB(SHA224) -+#endif - DOSUB(SHA256) - DOSUB(SHA384) - DOSUB(SHA512) -@@ -2013,7 +2017,9 @@ CK_RV NSC_SignInit(CK_SESSION_HANDLE hSe - INIT_RSA_SIGN_MECH(MD5) - INIT_RSA_SIGN_MECH(MD2) - INIT_RSA_SIGN_MECH(SHA1) -+#ifndef NO_SHA224_AVAILABLE - INIT_RSA_SIGN_MECH(SHA224) -+#endif - INIT_RSA_SIGN_MECH(SHA256) - INIT_RSA_SIGN_MECH(SHA384) - INIT_RSA_SIGN_MECH(SHA512) -@@ -2131,7 +2137,9 @@ finish_rsa: - - INIT_HMAC_MECH(MD2) - INIT_HMAC_MECH(MD5) -+#ifndef NO_SHA224_AVAILABLE - INIT_HMAC_MECH(SHA224) -+#endif - INIT_HMAC_MECH(SHA256) - INIT_HMAC_MECH(SHA384) - INIT_HMAC_MECH(SHA512) -@@ -2529,7 +2537,9 @@ CK_RV NSC_VerifyInit(CK_SESSION_HANDLE h - INIT_RSA_VFY_MECH(MD5) - INIT_RSA_VFY_MECH(MD2) - INIT_RSA_VFY_MECH(SHA1) -+#ifndef NO_SHA224_AVAILABLE - INIT_RSA_VFY_MECH(SHA224) -+#endif - INIT_RSA_VFY_MECH(SHA256) - INIT_RSA_VFY_MECH(SHA384) - INIT_RSA_VFY_MECH(SHA512) -@@ -2626,7 +2636,9 @@ finish_rsa: - - INIT_HMAC_MECH(MD2) - INIT_HMAC_MECH(MD5) -+#ifndef NO_SHA224_AVAILABLE - INIT_HMAC_MECH(SHA224) -+#endif - INIT_HMAC_MECH(SHA256) - INIT_HMAC_MECH(SHA384) - INIT_HMAC_MECH(SHA512) -diff -up ./mozilla/security/nss/lib/softoken/pkcs11.c.nosha224 ./mozilla/security/nss/lib/softoken/pkcs11.c ---- ./mozilla/security/nss/lib/softoken/pkcs11.c.nosha224 2011-01-21 16:12:04.000000000 -0800 -+++ ./mozilla/security/nss/lib/softoken/pkcs11.c 2011-12-04 22:03:47.316609956 -0800 -@@ -311,8 +311,10 @@ static const struct mechanismList mechan - CKF_SN_VR}, PR_TRUE}, - {CKM_SHA1_RSA_PKCS, {RSA_MIN_MODULUS_BITS,CK_MAX, - CKF_SN_VR}, PR_TRUE}, -+#ifndef NO_SHA224_AVAILABLE - {CKM_SHA224_RSA_PKCS, {RSA_MIN_MODULUS_BITS,CK_MAX, - CKF_SN_VR}, PR_TRUE}, -+#endif - {CKM_SHA256_RSA_PKCS, {RSA_MIN_MODULUS_BITS,CK_MAX, - CKF_SN_VR}, PR_TRUE}, - {CKM_SHA384_RSA_PKCS, {RSA_MIN_MODULUS_BITS,CK_MAX, -@@ -401,9 +403,11 @@ static const struct mechanismList mechan - {CKM_SHA_1, {0, 0, CKF_DIGEST}, PR_FALSE}, - {CKM_SHA_1_HMAC, {1, 128, CKF_SN_VR}, PR_TRUE}, - {CKM_SHA_1_HMAC_GENERAL, {1, 128, CKF_SN_VR}, PR_TRUE}, -+#ifndef NO_SHA224_AVAILABLE - {CKM_SHA224, {0, 0, CKF_DIGEST}, PR_FALSE}, - {CKM_SHA224_HMAC, {1, 128, CKF_SN_VR}, PR_TRUE}, - {CKM_SHA224_HMAC_GENERAL, {1, 128, CKF_SN_VR}, PR_TRUE}, -+#endif - {CKM_SHA256, {0, 0, CKF_DIGEST}, PR_FALSE}, - {CKM_SHA256_HMAC, {1, 128, CKF_SN_VR}, PR_TRUE}, - {CKM_SHA256_HMAC_GENERAL, {1, 128, CKF_SN_VR}, PR_TRUE}, -diff -up ./mozilla/security/nss/lib/softoken/rsawrapr.c.nosha224 ./mozilla/security/nss/lib/softoken/rsawrapr.c ---- ./mozilla/security/nss/lib/softoken/rsawrapr.c.nosha224 2011-10-22 07:35:43.000000000 -0700 -+++ ./mozilla/security/nss/lib/softoken/rsawrapr.c 2011-12-04 22:03:47.316609956 -0800 -@@ -1173,9 +1173,11 @@ GetHashTypeFromMechanism(CK_MECHANISM_TY - case CKM_SHA_1: - case CKG_MGF1_SHA1: - return HASH_AlgSHA1; -+#ifndef NO_SHA224_AVAILABLE - case CKM_SHA224: - case CKG_MGF1_SHA224: - return HASH_AlgSHA224; -+#endif - case CKM_SHA256: - case CKG_MGF1_SHA256: - return HASH_AlgSHA256; -diff -up ./mozilla/security/nss/tests/cipher/cipher.txt.nosha224 ./mozilla/security/nss/tests/cipher/cipher.txt ---- ./mozilla/security/nss/tests/cipher/cipher.txt.nosha224 2010-08-17 22:57:05.000000000 -0700 -+++ ./mozilla/security/nss/tests/cipher/cipher.txt 2011-12-04 22:03:47.317609956 -0800 -@@ -73,7 +73,6 @@ - 0 md2_-H MD2_Hash - 0 md5_-H MD5_Hash - 0 sha1_-H SHA1_Hash -- 0 sha224_-H SHA224_Hash - 0 sha256_-H SHA256_Hash - 0 sha384_-H SHA384_Hash - 0 sha512_-H SHA512_Hash diff --git a/nss/patches/nss-646045.patch0 b/nss/patches/nss-646045.patch0 deleted file mode 100644 index 5492127e8..000000000 --- a/nss/patches/nss-646045.patch0 +++ /dev/null @@ -1,34 +0,0 @@ -diff -up ./mozilla/security/nss/tests/dbtests/dbtests.sh.noroot ./mozilla/security/nss/tests/dbtests/dbtests.sh ---- ./mozilla/security/nss/tests/dbtests/dbtests.sh.noroot 2011-04-06 09:56:07.207701000 -0700 -+++ ./mozilla/security/nss/tests/dbtests/dbtests.sh 2011-04-06 10:19:54.159552000 -0700 -@@ -201,6 +201,9 @@ dbtest_main() - cat $RONLY_DIR/* > /dev/null - fi - -+ # skipping the next two tests when user is root, -+ # otherwise they would fail due to rooty powers -+ if [[ $EUID -ne 0 ]] then - ${BINDIR}/dbtest -d $RONLY_DIR - ret=$? - if [ $ret -ne 46 ]; then -@@ -208,6 +211,10 @@ dbtest_main() - else - html_passed "Dbtest r/w didn't work in an readonly dir $ret" - fi -+ else -+ html_passed "Skipping Dbtest r/w in a readonly dir because user is root" -+ fi -+ if [[ $EUID -ne 0 ]] then - ${BINDIR}/certutil -D -n "TestUser" -d . - ret=$? - if [ $ret -ne 255 ]; then -@@ -215,6 +222,9 @@ dbtest_main() - else - html_passed "Certutil didn't work in an readonly dir $ret" - fi -+ else -+ html_passed "Skipping Certutil delete cert in an readonly directory test because user is root" -+ fi - - Echo "test opening the database ronly in a readonly directory" - diff --git a/nss/patches/nss-ckbi-1.88.rtm.patch0 b/nss/patches/nss-ckbi-1.88.rtm.patch0 deleted file mode 100644 index c6de78952..000000000 --- a/nss/patches/nss-ckbi-1.88.rtm.patch0 +++ /dev/null @@ -1,637 +0,0 @@ -diff -up ./mozilla/security/nss/lib/ckfw/builtins/certdata.c.ckbi188 ./mozilla/security/nss/lib/ckfw/builtins/certdata.c ---- ./mozilla/security/nss/lib/ckfw/builtins/certdata.c.ckbi188 2011-11-03 16:29:17.081000000 -0700 -+++ ./mozilla/security/nss/lib/ckfw/builtins/certdata.c 2011-11-03 08:11:57.000000000 -0700 -@@ -35,7 +35,7 @@ - * - * ***** END LICENSE BLOCK ***** */ - #ifdef DEBUG --static const char CVS_ID[] = "@(#) $RCSfile: certdata.c,v $ $Revision: 1.82 $ $Date: 2011/09/02 19:40:56 $""; @(#) $RCSfile: certdata.c,v $ $Revision: 1.82 $ $Date: 2011/09/02 19:40:56 $"; -+static const char CVS_ID[] = "@(#) $RCSfile: certdata.c,v $ $Revision: 1.83 $ $Date: 2011/11/03 15:11:57 $""; @(#) $RCSfile: certdata.c,v $ $Revision: 1.83 $ $Date: 2011/11/03 15:11:57 $"; - #endif /* DEBUG */ - - #ifndef BUILTINS_H -@@ -1075,6 +1075,18 @@ static const CK_ATTRIBUTE_TYPE nss_built - static const CK_ATTRIBUTE_TYPE nss_builtins_types_339 [] = { - CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING, CKA_TRUST_STEP_UP_APPROVED - }; -+static const CK_ATTRIBUTE_TYPE nss_builtins_types_340 [] = { -+ CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE -+}; -+static const CK_ATTRIBUTE_TYPE nss_builtins_types_341 [] = { -+ CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING, CKA_TRUST_STEP_UP_APPROVED -+}; -+static const CK_ATTRIBUTE_TYPE nss_builtins_types_342 [] = { -+ CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE -+}; -+static const CK_ATTRIBUTE_TYPE nss_builtins_types_343 [] = { -+ CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING, CKA_TRUST_STEP_UP_APPROVED -+}; - #ifdef DEBUG - static const NSSItem nss_builtins_items_0 [] = { - { (void *)&cko_data, (PRUint32)sizeof(CK_OBJECT_CLASS) }, -@@ -1083,7 +1095,7 @@ static const NSSItem nss_builtins_items_ - { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, - { (void *)"CVS ID", (PRUint32)7 }, - { (void *)"NSS", (PRUint32)4 }, -- { (void *)"@(#) $RCSfile: certdata.c,v $ $Revision: 1.82 $ $Date: 2011/09/02 19:40:56 $""; @(#) $RCSfile: certdata.c,v $ $Revision: 1.82 $ $Date: 2011/09/02 19:40:56 $", (PRUint32)160 } -+ { (void *)"@(#) $RCSfile: certdata.c,v $ $Revision: 1.83 $ $Date: 2011/11/03 15:11:57 $""; @(#) $RCSfile: certdata.c,v $ $Revision: 1.83 $ $Date: 2011/11/03 15:11:57 $", (PRUint32)160 } - }; - #endif /* DEBUG */ - static const NSSItem nss_builtins_items_1 [] = { -@@ -22600,6 +22612,266 @@ static const NSSItem nss_builtins_items_ - { (void *)&ckt_nss_not_trusted, (PRUint32)sizeof(CK_TRUST) }, - { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) } - }; -+static const NSSItem nss_builtins_items_340 [] = { -+ { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, -+ { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, -+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, -+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, -+ { (void *)"Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (cyb)", (PRUint32)57 }, -+ { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) }, -+ { (void *)"\060\143\061\013\060\011\006\003\125\004\006\023\002\115\131\061" -+"\033\060\031\006\003\125\004\012\023\022\104\151\147\151\143\145" -+"\162\164\040\123\144\156\056\040\102\150\144\056\061\021\060\017" -+"\006\003\125\004\013\023\010\064\065\067\066\060\070\055\113\061" -+"\044\060\042\006\003\125\004\003\023\033\104\151\147\151\163\151" -+"\147\156\040\123\145\162\166\145\162\040\111\104\040\050\105\156" -+"\162\151\143\150\051" -+, (PRUint32)101 }, -+ { (void *)"0", (PRUint32)2 }, -+ { (void *)"\060\165\061\013\060\011\006\003\125\004\006\023\002\125\123\061" -+"\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157" -+"\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125" -+"\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165" -+"\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156" -+"\143\056\061\043\060\041\006\003\125\004\003\023\032\107\124\105" -+"\040\103\171\142\145\162\124\162\165\163\164\040\107\154\157\142" -+"\141\154\040\122\157\157\164" -+, (PRUint32)119 }, -+ { (void *)"\002\006\007\377\377\377\377\377" -+, (PRUint32)8 }, -+ { (void *)"\060\202\003\315\060\202\003\066\240\003\002\001\002\002\006\007" -+"\377\377\377\377\377\060\015\006\011\052\206\110\206\367\015\001" -+"\001\005\005\000\060\165\061\013\060\011\006\003\125\004\006\023" -+"\002\125\123\061\030\060\026\006\003\125\004\012\023\017\107\124" -+"\105\040\103\157\162\160\157\162\141\164\151\157\156\061\047\060" -+"\045\006\003\125\004\013\023\036\107\124\105\040\103\171\142\145" -+"\162\124\162\165\163\164\040\123\157\154\165\164\151\157\156\163" -+"\054\040\111\156\143\056\061\043\060\041\006\003\125\004\003\023" -+"\032\107\124\105\040\103\171\142\145\162\124\162\165\163\164\040" -+"\107\154\157\142\141\154\040\122\157\157\164\060\036\027\015\060" -+"\067\060\067\061\067\061\065\061\067\064\071\132\027\015\061\062" -+"\060\067\061\067\061\065\061\066\065\065\132\060\143\061\013\060" -+"\011\006\003\125\004\006\023\002\115\131\061\033\060\031\006\003" -+"\125\004\012\023\022\104\151\147\151\143\145\162\164\040\123\144" -+"\156\056\040\102\150\144\056\061\021\060\017\006\003\125\004\013" -+"\023\010\064\065\067\066\060\070\055\113\061\044\060\042\006\003" -+"\125\004\003\023\033\104\151\147\151\163\151\147\156\040\123\145" -+"\162\166\145\162\040\111\104\040\050\105\156\162\151\143\150\051" -+"\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001\001" -+"\005\000\003\201\215\000\060\201\211\002\201\201\000\255\250\144" -+"\113\115\207\307\204\131\271\373\220\106\240\246\211\300\361\376" -+"\325\332\124\202\067\015\231\053\105\046\012\350\126\260\177\312" -+"\250\364\216\107\204\001\202\051\343\263\152\265\221\363\373\225" -+"\205\274\162\250\144\350\012\100\234\305\364\161\256\173\173\152" -+"\007\352\220\024\117\215\211\257\224\253\262\006\324\002\152\173" -+"\230\037\131\271\072\315\124\372\040\337\262\052\012\351\270\335" -+"\151\220\300\051\323\116\320\227\355\146\314\305\031\111\006\177" -+"\372\136\054\174\173\205\033\062\102\337\173\225\045\002\003\001" -+"\000\001\243\202\001\170\060\202\001\164\060\022\006\003\125\035" -+"\023\001\001\377\004\010\060\006\001\001\377\002\001\000\060\134" -+"\006\003\125\035\040\004\125\060\123\060\110\006\011\053\006\001" -+"\004\001\261\076\001\000\060\073\060\071\006\010\053\006\001\005" -+"\005\007\002\001\026\055\150\164\164\160\072\057\057\143\171\142" -+"\145\162\164\162\165\163\164\056\157\155\156\151\162\157\157\164" -+"\056\143\157\155\057\162\145\160\157\163\151\164\157\162\171\056" -+"\143\146\155\060\007\006\005\140\203\112\001\001\060\016\006\003" -+"\125\035\017\001\001\377\004\004\003\002\001\346\060\201\211\006" -+"\003\125\035\043\004\201\201\060\177\241\171\244\167\060\165\061" -+"\013\060\011\006\003\125\004\006\023\002\125\123\061\030\060\026" -+"\006\003\125\004\012\023\017\107\124\105\040\103\157\162\160\157" -+"\162\141\164\151\157\156\061\047\060\045\006\003\125\004\013\023" -+"\036\107\124\105\040\103\171\142\145\162\124\162\165\163\164\040" -+"\123\157\154\165\164\151\157\156\163\054\040\111\156\143\056\061" -+"\043\060\041\006\003\125\004\003\023\032\107\124\105\040\103\171" -+"\142\145\162\124\162\165\163\164\040\107\154\157\142\141\154\040" -+"\122\157\157\164\202\002\001\245\060\105\006\003\125\035\037\004" -+"\076\060\074\060\072\240\070\240\066\206\064\150\164\164\160\072" -+"\057\057\167\167\167\056\160\165\142\154\151\143\055\164\162\165" -+"\163\164\056\143\157\155\057\143\147\151\055\142\151\156\057\103" -+"\122\114\057\062\060\061\070\057\143\144\160\056\143\162\154\060" -+"\035\006\003\125\035\016\004\026\004\024\306\026\223\116\026\027" -+"\354\026\256\214\224\166\363\206\155\305\164\156\204\167\060\015" -+"\006\011\052\206\110\206\367\015\001\001\005\005\000\003\201\201" -+"\000\166\000\173\246\170\053\146\035\216\136\066\306\244\216\005" -+"\362\043\222\174\223\147\323\364\300\012\175\213\055\331\352\325" -+"\157\032\363\341\112\051\132\042\204\115\120\057\113\014\362\377" -+"\205\302\173\125\324\104\202\276\155\254\147\216\274\264\037\222" -+"\234\121\200\032\024\366\156\253\141\210\013\255\034\177\367\113" -+"\120\121\326\145\033\246\107\161\025\136\260\161\363\065\024\362" -+"\067\275\143\310\325\360\223\132\064\137\330\075\350\135\367\305" -+"\036\300\345\317\037\206\044\251\074\007\146\315\301\322\066\143" -+"\131" -+, (PRUint32)977 } -+}; -+static const NSSItem nss_builtins_items_341 [] = { -+ { (void *)&cko_nss_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, -+ { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, -+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, -+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, -+ { (void *)"Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (cyb)", (PRUint32)57 }, -+ { (void *)"\125\120\257\354\277\350\303\255\304\013\343\255\014\247\344\025" -+"\214\071\131\117" -+, (PRUint32)20 }, -+ { (void *)"\322\336\256\120\244\230\055\157\067\267\206\122\310\055\113\152" -+, (PRUint32)16 }, -+ { (void *)"\060\165\061\013\060\011\006\003\125\004\006\023\002\125\123\061" -+"\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157" -+"\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125" -+"\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165" -+"\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156" -+"\143\056\061\043\060\041\006\003\125\004\003\023\032\107\124\105" -+"\040\103\171\142\145\162\124\162\165\163\164\040\107\154\157\142" -+"\141\154\040\122\157\157\164" -+, (PRUint32)119 }, -+ { (void *)"\002\006\007\377\377\377\377\377" -+, (PRUint32)8 }, -+ { (void *)&ckt_nss_not_trusted, (PRUint32)sizeof(CK_TRUST) }, -+ { (void *)&ckt_nss_not_trusted, (PRUint32)sizeof(CK_TRUST) }, -+ { (void *)&ckt_nss_not_trusted, (PRUint32)sizeof(CK_TRUST) }, -+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) } -+}; -+static const NSSItem nss_builtins_items_342 [] = { -+ { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, -+ { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, -+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, -+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, -+ { (void *)"Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (en)", (PRUint32)56 }, -+ { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) }, -+ { (void *)"\060\145\061\013\060\011\006\003\125\004\006\023\002\115\131\061" -+"\033\060\031\006\003\125\004\012\023\022\104\151\147\151\143\145" -+"\162\164\040\123\144\156\056\040\102\150\144\056\061\021\060\017" -+"\006\003\125\004\013\023\010\064\065\067\066\060\070\055\113\061" -+"\046\060\044\006\003\125\004\003\023\035\104\151\147\151\163\151" -+"\147\156\040\123\145\162\166\145\162\040\111\104\040\055\040\050" -+"\105\156\162\151\143\150\051" -+, (PRUint32)103 }, -+ { (void *)"0", (PRUint32)2 }, -+ { (void *)"\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156" -+"\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125" -+"\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056" -+"\156\145\164\057\103\120\123\137\062\060\064\070\040\151\156\143" -+"\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151" -+"\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006" -+"\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105" -+"\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164" -+"\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164" -+"\162\165\163\164\056\156\145\164\040\103\145\162\164\151\146\151" -+"\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171" -+"\040\050\062\060\064\070\051" -+, (PRUint32)183 }, -+ { (void *)"\002\006\007\377\377\377\377\377" -+, (PRUint32)8 }, -+ { (void *)"\060\202\004\320\060\202\003\270\240\003\002\001\002\002\006\007" -+"\377\377\377\377\377\060\015\006\011\052\206\110\206\367\015\001" -+"\001\005\005\000\060\201\264\061\024\060\022\006\003\125\004\012" -+"\023\013\105\156\164\162\165\163\164\056\156\145\164\061\100\060" -+"\076\006\003\125\004\013\024\067\167\167\167\056\145\156\164\162" -+"\165\163\164\056\156\145\164\057\103\120\123\137\062\060\064\070" -+"\040\151\156\143\157\162\160\056\040\142\171\040\162\145\146\056" -+"\040\050\154\151\155\151\164\163\040\154\151\141\142\056\051\061" -+"\045\060\043\006\003\125\004\013\023\034\050\143\051\040\061\071" -+"\071\071\040\105\156\164\162\165\163\164\056\156\145\164\040\114" -+"\151\155\151\164\145\144\061\063\060\061\006\003\125\004\003\023" -+"\052\105\156\164\162\165\163\164\056\156\145\164\040\103\145\162" -+"\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157" -+"\162\151\164\171\040\050\062\060\064\070\051\060\036\027\015\061" -+"\060\060\067\061\066\061\067\062\063\063\070\132\027\015\061\065" -+"\060\067\061\066\061\067\065\063\063\070\132\060\145\061\013\060" -+"\011\006\003\125\004\006\023\002\115\131\061\033\060\031\006\003" -+"\125\004\012\023\022\104\151\147\151\143\145\162\164\040\123\144" -+"\156\056\040\102\150\144\056\061\021\060\017\006\003\125\004\013" -+"\023\010\064\065\067\066\060\070\055\113\061\046\060\044\006\003" -+"\125\004\003\023\035\104\151\147\151\163\151\147\156\040\123\145" -+"\162\166\145\162\040\111\104\040\055\040\050\105\156\162\151\143" -+"\150\051\060\202\001\042\060\015\006\011\052\206\110\206\367\015" -+"\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202" -+"\001\001\000\305\211\344\364\015\006\100\222\131\307\032\263\065" -+"\321\016\114\052\063\371\370\257\312\236\177\356\271\247\155\140" -+"\364\124\350\157\325\233\363\033\143\061\004\150\162\321\064\026" -+"\214\264\027\054\227\336\163\305\330\220\025\240\032\053\365\313" -+"\263\110\206\104\360\035\210\114\316\101\102\032\357\365\014\336" -+"\376\100\332\071\040\367\006\125\072\152\235\106\301\322\157\245" -+"\262\310\127\076\051\243\234\340\351\205\167\146\350\230\247\044" -+"\176\276\300\131\040\345\104\157\266\127\330\276\316\302\145\167" -+"\130\306\141\101\321\164\004\310\177\111\102\305\162\251\162\026" -+"\356\214\335\022\135\264\112\324\321\257\120\267\330\252\165\166" -+"\150\255\076\135\252\060\155\141\250\253\020\133\076\023\277\063" -+"\340\257\104\235\070\042\133\357\114\057\246\161\046\025\046\312" -+"\050\214\331\372\216\216\251\242\024\065\342\233\044\210\264\364" -+"\177\205\235\203\117\007\241\266\024\220\066\304\064\034\215\046" -+"\141\155\023\157\170\276\350\217\047\307\113\204\226\243\206\150" -+"\014\043\276\013\354\214\224\000\251\004\212\023\220\367\337\205" -+"\154\014\261\002\003\001\000\001\243\202\001\064\060\202\001\060" -+"\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001\006" -+"\060\022\006\003\125\035\023\001\001\377\004\010\060\006\001\001" -+"\377\002\001\000\060\047\006\003\125\035\045\004\040\060\036\006" -+"\010\053\006\001\005\005\007\003\001\006\010\053\006\001\005\005" -+"\007\003\002\006\010\053\006\001\005\005\007\003\004\060\063\006" -+"\010\053\006\001\005\005\007\001\001\004\047\060\045\060\043\006" -+"\010\053\006\001\005\005\007\060\001\206\027\150\164\164\160\072" -+"\057\057\157\143\163\160\056\145\156\164\162\165\163\164\056\156" -+"\145\164\060\104\006\003\125\035\040\004\075\060\073\060\071\006" -+"\005\140\203\112\001\001\060\060\060\056\006\010\053\006\001\005" -+"\005\007\002\001\026\042\150\164\164\160\072\057\057\167\167\167" -+"\056\144\151\147\151\143\145\162\164\056\143\157\155\056\155\171" -+"\057\143\160\163\056\150\164\155\060\062\006\003\125\035\037\004" -+"\053\060\051\060\047\240\045\240\043\206\041\150\164\164\160\072" -+"\057\057\143\162\154\056\145\156\164\162\165\163\164\056\156\145" -+"\164\057\062\060\064\070\143\141\056\143\162\154\060\021\006\003" -+"\125\035\016\004\012\004\010\114\116\314\045\050\003\051\201\060" -+"\037\006\003\125\035\043\004\030\060\026\200\024\125\344\201\321" -+"\021\200\276\330\211\271\010\243\061\371\241\044\011\026\271\160" -+"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003" -+"\202\001\001\000\227\114\357\112\072\111\254\162\374\060\040\153" -+"\264\051\133\247\305\225\004\220\371\062\325\302\205\152\336\003" -+"\241\067\371\211\000\260\132\254\125\176\333\103\065\377\311\001" -+"\370\121\276\314\046\312\310\152\244\304\124\076\046\036\347\014" -+"\243\315\227\147\224\335\246\102\353\134\315\217\071\171\153\063" -+"\171\041\006\171\372\202\104\025\231\314\301\267\071\323\106\142" -+"\174\262\160\353\157\316\040\252\076\031\267\351\164\202\234\264" -+"\245\113\115\141\000\067\344\207\322\362\024\072\144\174\270\251" -+"\173\141\340\223\042\347\325\237\076\107\346\066\166\240\123\330" -+"\000\003\072\017\265\063\376\226\312\323\322\202\072\056\335\327" -+"\110\341\344\247\151\314\034\351\231\112\347\312\160\105\327\013" -+"\007\016\232\165\033\320\057\222\157\366\244\007\303\275\034\113" -+"\246\204\266\175\250\232\251\322\247\051\361\013\127\151\036\227" -+"\127\046\354\053\103\254\324\105\203\005\000\351\343\360\106\100" -+"\007\372\352\261\121\163\223\034\245\335\123\021\067\310\052\247" -+"\025\047\035\264\252\314\177\252\061\060\374\270\105\237\110\011" -+"\355\020\342\305" -+, (PRUint32)1236 } -+}; -+static const NSSItem nss_builtins_items_343 [] = { -+ { (void *)&cko_nss_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, -+ { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, -+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, -+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, -+ { (void *)"Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (en)", (PRUint32)56 }, -+ { (void *)"\153\074\073\200\255\312\246\272\212\237\124\246\172\355\022\151" -+"\005\155\061\046" -+, (PRUint32)20 }, -+ { (void *)"\327\151\141\177\065\017\234\106\243\252\353\370\125\374\204\362" -+, (PRUint32)16 }, -+ { (void *)"\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156" -+"\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125" -+"\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056" -+"\156\145\164\057\103\120\123\137\062\060\064\070\040\151\156\143" -+"\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151" -+"\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006" -+"\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105" -+"\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164" -+"\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164" -+"\162\165\163\164\056\156\145\164\040\103\145\162\164\151\146\151" -+"\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171" -+"\040\050\062\060\064\070\051" -+, (PRUint32)183 }, -+ { (void *)"\002\006\007\377\377\377\377\377" -+, (PRUint32)8 }, -+ { (void *)&ckt_nss_not_trusted, (PRUint32)sizeof(CK_TRUST) }, -+ { (void *)&ckt_nss_not_trusted, (PRUint32)sizeof(CK_TRUST) }, -+ { (void *)&ckt_nss_not_trusted, (PRUint32)sizeof(CK_TRUST) }, -+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) } -+}; - - builtinsInternalObject - nss_builtins_data[] = { -@@ -22944,11 +23216,15 @@ nss_builtins_data[] = { - { 11, nss_builtins_types_336, nss_builtins_items_336, {NULL} }, - { 13, nss_builtins_types_337, nss_builtins_items_337, {NULL} }, - { 11, nss_builtins_types_338, nss_builtins_items_338, {NULL} }, -- { 13, nss_builtins_types_339, nss_builtins_items_339, {NULL} } -+ { 13, nss_builtins_types_339, nss_builtins_items_339, {NULL} }, -+ { 11, nss_builtins_types_340, nss_builtins_items_340, {NULL} }, -+ { 13, nss_builtins_types_341, nss_builtins_items_341, {NULL} }, -+ { 11, nss_builtins_types_342, nss_builtins_items_342, {NULL} }, -+ { 13, nss_builtins_types_343, nss_builtins_items_343, {NULL} } - }; - const PRUint32 - #ifdef DEBUG -- nss_builtins_nObjects = 339+1; -+ nss_builtins_nObjects = 343+1; - #else -- nss_builtins_nObjects = 339; -+ nss_builtins_nObjects = 343; - #endif /* DEBUG */ -diff -up ./mozilla/security/nss/lib/ckfw/builtins/certdata.txt.ckbi188 ./mozilla/security/nss/lib/ckfw/builtins/certdata.txt ---- ./mozilla/security/nss/lib/ckfw/builtins/certdata.txt.ckbi188 2011-11-03 16:29:42.293000000 -0700 -+++ ./mozilla/security/nss/lib/ckfw/builtins/certdata.txt 2011-11-03 08:11:58.000000000 -0700 -@@ -34,7 +34,7 @@ - # the terms of any one of the MPL, the GPL or the LGPL. - # - # ***** END LICENSE BLOCK ***** --CVS_ID "@(#) $RCSfile: certdata.txt,v $ $Revision: 1.79 $ $Date: 2011/09/02 19:40:56 $" -+CVS_ID "@(#) $RCSfile: certdata.txt,v $ $Revision: 1.80 $ $Date: 2011/11/03 15:11:58 $" - - # - # certdata.txt -@@ -23299,3 +23299,284 @@ CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_N - CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED - CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED - CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE -+ -+# -+# Certificate "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (cyb)" -+# -+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE -+CKA_TOKEN CK_BBOOL CK_TRUE -+CKA_PRIVATE CK_BBOOL CK_FALSE -+CKA_MODIFIABLE CK_BBOOL CK_FALSE -+CKA_LABEL UTF8 "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (cyb)" -+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509 -+CKA_SUBJECT MULTILINE_OCTAL -+\060\143\061\013\060\011\006\003\125\004\006\023\002\115\131\061 -+\033\060\031\006\003\125\004\012\023\022\104\151\147\151\143\145 -+\162\164\040\123\144\156\056\040\102\150\144\056\061\021\060\017 -+\006\003\125\004\013\023\010\064\065\067\066\060\070\055\113\061 -+\044\060\042\006\003\125\004\003\023\033\104\151\147\151\163\151 -+\147\156\040\123\145\162\166\145\162\040\111\104\040\050\105\156 -+\162\151\143\150\051 -+END -+CKA_ID UTF8 "0" -+CKA_ISSUER MULTILINE_OCTAL -+\060\165\061\013\060\011\006\003\125\004\006\023\002\125\123\061 -+\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157 -+\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125 -+\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165 -+\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156 -+\143\056\061\043\060\041\006\003\125\004\003\023\032\107\124\105 -+\040\103\171\142\145\162\124\162\165\163\164\040\107\154\157\142 -+\141\154\040\122\157\157\164 -+END -+CKA_SERIAL_NUMBER MULTILINE_OCTAL -+\002\006\007\377\377\377\377\377 -+END -+CKA_VALUE MULTILINE_OCTAL -+\060\202\003\315\060\202\003\066\240\003\002\001\002\002\006\007 -+\377\377\377\377\377\060\015\006\011\052\206\110\206\367\015\001 -+\001\005\005\000\060\165\061\013\060\011\006\003\125\004\006\023 -+\002\125\123\061\030\060\026\006\003\125\004\012\023\017\107\124 -+\105\040\103\157\162\160\157\162\141\164\151\157\156\061\047\060 -+\045\006\003\125\004\013\023\036\107\124\105\040\103\171\142\145 -+\162\124\162\165\163\164\040\123\157\154\165\164\151\157\156\163 -+\054\040\111\156\143\056\061\043\060\041\006\003\125\004\003\023 -+\032\107\124\105\040\103\171\142\145\162\124\162\165\163\164\040 -+\107\154\157\142\141\154\040\122\157\157\164\060\036\027\015\060 -+\067\060\067\061\067\061\065\061\067\064\071\132\027\015\061\062 -+\060\067\061\067\061\065\061\066\065\065\132\060\143\061\013\060 -+\011\006\003\125\004\006\023\002\115\131\061\033\060\031\006\003 -+\125\004\012\023\022\104\151\147\151\143\145\162\164\040\123\144 -+\156\056\040\102\150\144\056\061\021\060\017\006\003\125\004\013 -+\023\010\064\065\067\066\060\070\055\113\061\044\060\042\006\003 -+\125\004\003\023\033\104\151\147\151\163\151\147\156\040\123\145 -+\162\166\145\162\040\111\104\040\050\105\156\162\151\143\150\051 -+\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001\001 -+\005\000\003\201\215\000\060\201\211\002\201\201\000\255\250\144 -+\113\115\207\307\204\131\271\373\220\106\240\246\211\300\361\376 -+\325\332\124\202\067\015\231\053\105\046\012\350\126\260\177\312 -+\250\364\216\107\204\001\202\051\343\263\152\265\221\363\373\225 -+\205\274\162\250\144\350\012\100\234\305\364\161\256\173\173\152 -+\007\352\220\024\117\215\211\257\224\253\262\006\324\002\152\173 -+\230\037\131\271\072\315\124\372\040\337\262\052\012\351\270\335 -+\151\220\300\051\323\116\320\227\355\146\314\305\031\111\006\177 -+\372\136\054\174\173\205\033\062\102\337\173\225\045\002\003\001 -+\000\001\243\202\001\170\060\202\001\164\060\022\006\003\125\035 -+\023\001\001\377\004\010\060\006\001\001\377\002\001\000\060\134 -+\006\003\125\035\040\004\125\060\123\060\110\006\011\053\006\001 -+\004\001\261\076\001\000\060\073\060\071\006\010\053\006\001\005 -+\005\007\002\001\026\055\150\164\164\160\072\057\057\143\171\142 -+\145\162\164\162\165\163\164\056\157\155\156\151\162\157\157\164 -+\056\143\157\155\057\162\145\160\157\163\151\164\157\162\171\056 -+\143\146\155\060\007\006\005\140\203\112\001\001\060\016\006\003 -+\125\035\017\001\001\377\004\004\003\002\001\346\060\201\211\006 -+\003\125\035\043\004\201\201\060\177\241\171\244\167\060\165\061 -+\013\060\011\006\003\125\004\006\023\002\125\123\061\030\060\026 -+\006\003\125\004\012\023\017\107\124\105\040\103\157\162\160\157 -+\162\141\164\151\157\156\061\047\060\045\006\003\125\004\013\023 -+\036\107\124\105\040\103\171\142\145\162\124\162\165\163\164\040 -+\123\157\154\165\164\151\157\156\163\054\040\111\156\143\056\061 -+\043\060\041\006\003\125\004\003\023\032\107\124\105\040\103\171 -+\142\145\162\124\162\165\163\164\040\107\154\157\142\141\154\040 -+\122\157\157\164\202\002\001\245\060\105\006\003\125\035\037\004 -+\076\060\074\060\072\240\070\240\066\206\064\150\164\164\160\072 -+\057\057\167\167\167\056\160\165\142\154\151\143\055\164\162\165 -+\163\164\056\143\157\155\057\143\147\151\055\142\151\156\057\103 -+\122\114\057\062\060\061\070\057\143\144\160\056\143\162\154\060 -+\035\006\003\125\035\016\004\026\004\024\306\026\223\116\026\027 -+\354\026\256\214\224\166\363\206\155\305\164\156\204\167\060\015 -+\006\011\052\206\110\206\367\015\001\001\005\005\000\003\201\201 -+\000\166\000\173\246\170\053\146\035\216\136\066\306\244\216\005 -+\362\043\222\174\223\147\323\364\300\012\175\213\055\331\352\325 -+\157\032\363\341\112\051\132\042\204\115\120\057\113\014\362\377 -+\205\302\173\125\324\104\202\276\155\254\147\216\274\264\037\222 -+\234\121\200\032\024\366\156\253\141\210\013\255\034\177\367\113 -+\120\121\326\145\033\246\107\161\025\136\260\161\363\065\024\362 -+\067\275\143\310\325\360\223\132\064\137\330\075\350\135\367\305 -+\036\300\345\317\037\206\044\251\074\007\146\315\301\322\066\143 -+\131 -+END -+ -+# Trust for Certificate "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (cyb)" -+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST -+CKA_TOKEN CK_BBOOL CK_TRUE -+CKA_PRIVATE CK_BBOOL CK_FALSE -+CKA_MODIFIABLE CK_BBOOL CK_FALSE -+CKA_LABEL UTF8 "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (cyb)" -+CKA_CERT_SHA1_HASH MULTILINE_OCTAL -+\125\120\257\354\277\350\303\255\304\013\343\255\014\247\344\025 -+\214\071\131\117 -+END -+CKA_CERT_MD5_HASH MULTILINE_OCTAL -+\322\336\256\120\244\230\055\157\067\267\206\122\310\055\113\152 -+END -+CKA_ISSUER MULTILINE_OCTAL -+\060\165\061\013\060\011\006\003\125\004\006\023\002\125\123\061 -+\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157 -+\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125 -+\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165 -+\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156 -+\143\056\061\043\060\041\006\003\125\004\003\023\032\107\124\105 -+\040\103\171\142\145\162\124\162\165\163\164\040\107\154\157\142 -+\141\154\040\122\157\157\164 -+END -+CKA_SERIAL_NUMBER MULTILINE_OCTAL -+\002\006\007\377\377\377\377\377 -+END -+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED -+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED -+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED -+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE -+ -+# -+# Certificate "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (en)" -+# -+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE -+CKA_TOKEN CK_BBOOL CK_TRUE -+CKA_PRIVATE CK_BBOOL CK_FALSE -+CKA_MODIFIABLE CK_BBOOL CK_FALSE -+CKA_LABEL UTF8 "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (en)" -+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509 -+CKA_SUBJECT MULTILINE_OCTAL -+\060\145\061\013\060\011\006\003\125\004\006\023\002\115\131\061 -+\033\060\031\006\003\125\004\012\023\022\104\151\147\151\143\145 -+\162\164\040\123\144\156\056\040\102\150\144\056\061\021\060\017 -+\006\003\125\004\013\023\010\064\065\067\066\060\070\055\113\061 -+\046\060\044\006\003\125\004\003\023\035\104\151\147\151\163\151 -+\147\156\040\123\145\162\166\145\162\040\111\104\040\055\040\050 -+\105\156\162\151\143\150\051 -+END -+CKA_ID UTF8 "0" -+CKA_ISSUER MULTILINE_OCTAL -+\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156 -+\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125 -+\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056 -+\156\145\164\057\103\120\123\137\062\060\064\070\040\151\156\143 -+\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151 -+\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006 -+\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105 -+\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164 -+\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164 -+\162\165\163\164\056\156\145\164\040\103\145\162\164\151\146\151 -+\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171 -+\040\050\062\060\064\070\051 -+END -+CKA_SERIAL_NUMBER MULTILINE_OCTAL -+\002\006\007\377\377\377\377\377 -+END -+CKA_VALUE MULTILINE_OCTAL -+\060\202\004\320\060\202\003\270\240\003\002\001\002\002\006\007 -+\377\377\377\377\377\060\015\006\011\052\206\110\206\367\015\001 -+\001\005\005\000\060\201\264\061\024\060\022\006\003\125\004\012 -+\023\013\105\156\164\162\165\163\164\056\156\145\164\061\100\060 -+\076\006\003\125\004\013\024\067\167\167\167\056\145\156\164\162 -+\165\163\164\056\156\145\164\057\103\120\123\137\062\060\064\070 -+\040\151\156\143\157\162\160\056\040\142\171\040\162\145\146\056 -+\040\050\154\151\155\151\164\163\040\154\151\141\142\056\051\061 -+\045\060\043\006\003\125\004\013\023\034\050\143\051\040\061\071 -+\071\071\040\105\156\164\162\165\163\164\056\156\145\164\040\114 -+\151\155\151\164\145\144\061\063\060\061\006\003\125\004\003\023 -+\052\105\156\164\162\165\163\164\056\156\145\164\040\103\145\162 -+\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157 -+\162\151\164\171\040\050\062\060\064\070\051\060\036\027\015\061 -+\060\060\067\061\066\061\067\062\063\063\070\132\027\015\061\065 -+\060\067\061\066\061\067\065\063\063\070\132\060\145\061\013\060 -+\011\006\003\125\004\006\023\002\115\131\061\033\060\031\006\003 -+\125\004\012\023\022\104\151\147\151\143\145\162\164\040\123\144 -+\156\056\040\102\150\144\056\061\021\060\017\006\003\125\004\013 -+\023\010\064\065\067\066\060\070\055\113\061\046\060\044\006\003 -+\125\004\003\023\035\104\151\147\151\163\151\147\156\040\123\145 -+\162\166\145\162\040\111\104\040\055\040\050\105\156\162\151\143 -+\150\051\060\202\001\042\060\015\006\011\052\206\110\206\367\015 -+\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202 -+\001\001\000\305\211\344\364\015\006\100\222\131\307\032\263\065 -+\321\016\114\052\063\371\370\257\312\236\177\356\271\247\155\140 -+\364\124\350\157\325\233\363\033\143\061\004\150\162\321\064\026 -+\214\264\027\054\227\336\163\305\330\220\025\240\032\053\365\313 -+\263\110\206\104\360\035\210\114\316\101\102\032\357\365\014\336 -+\376\100\332\071\040\367\006\125\072\152\235\106\301\322\157\245 -+\262\310\127\076\051\243\234\340\351\205\167\146\350\230\247\044 -+\176\276\300\131\040\345\104\157\266\127\330\276\316\302\145\167 -+\130\306\141\101\321\164\004\310\177\111\102\305\162\251\162\026 -+\356\214\335\022\135\264\112\324\321\257\120\267\330\252\165\166 -+\150\255\076\135\252\060\155\141\250\253\020\133\076\023\277\063 -+\340\257\104\235\070\042\133\357\114\057\246\161\046\025\046\312 -+\050\214\331\372\216\216\251\242\024\065\342\233\044\210\264\364 -+\177\205\235\203\117\007\241\266\024\220\066\304\064\034\215\046 -+\141\155\023\157\170\276\350\217\047\307\113\204\226\243\206\150 -+\014\043\276\013\354\214\224\000\251\004\212\023\220\367\337\205 -+\154\014\261\002\003\001\000\001\243\202\001\064\060\202\001\060 -+\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001\006 -+\060\022\006\003\125\035\023\001\001\377\004\010\060\006\001\001 -+\377\002\001\000\060\047\006\003\125\035\045\004\040\060\036\006 -+\010\053\006\001\005\005\007\003\001\006\010\053\006\001\005\005 -+\007\003\002\006\010\053\006\001\005\005\007\003\004\060\063\006 -+\010\053\006\001\005\005\007\001\001\004\047\060\045\060\043\006 -+\010\053\006\001\005\005\007\060\001\206\027\150\164\164\160\072 -+\057\057\157\143\163\160\056\145\156\164\162\165\163\164\056\156 -+\145\164\060\104\006\003\125\035\040\004\075\060\073\060\071\006 -+\005\140\203\112\001\001\060\060\060\056\006\010\053\006\001\005 -+\005\007\002\001\026\042\150\164\164\160\072\057\057\167\167\167 -+\056\144\151\147\151\143\145\162\164\056\143\157\155\056\155\171 -+\057\143\160\163\056\150\164\155\060\062\006\003\125\035\037\004 -+\053\060\051\060\047\240\045\240\043\206\041\150\164\164\160\072 -+\057\057\143\162\154\056\145\156\164\162\165\163\164\056\156\145 -+\164\057\062\060\064\070\143\141\056\143\162\154\060\021\006\003 -+\125\035\016\004\012\004\010\114\116\314\045\050\003\051\201\060 -+\037\006\003\125\035\043\004\030\060\026\200\024\125\344\201\321 -+\021\200\276\330\211\271\010\243\061\371\241\044\011\026\271\160 -+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003 -+\202\001\001\000\227\114\357\112\072\111\254\162\374\060\040\153 -+\264\051\133\247\305\225\004\220\371\062\325\302\205\152\336\003 -+\241\067\371\211\000\260\132\254\125\176\333\103\065\377\311\001 -+\370\121\276\314\046\312\310\152\244\304\124\076\046\036\347\014 -+\243\315\227\147\224\335\246\102\353\134\315\217\071\171\153\063 -+\171\041\006\171\372\202\104\025\231\314\301\267\071\323\106\142 -+\174\262\160\353\157\316\040\252\076\031\267\351\164\202\234\264 -+\245\113\115\141\000\067\344\207\322\362\024\072\144\174\270\251 -+\173\141\340\223\042\347\325\237\076\107\346\066\166\240\123\330 -+\000\003\072\017\265\063\376\226\312\323\322\202\072\056\335\327 -+\110\341\344\247\151\314\034\351\231\112\347\312\160\105\327\013 -+\007\016\232\165\033\320\057\222\157\366\244\007\303\275\034\113 -+\246\204\266\175\250\232\251\322\247\051\361\013\127\151\036\227 -+\127\046\354\053\103\254\324\105\203\005\000\351\343\360\106\100 -+\007\372\352\261\121\163\223\034\245\335\123\021\067\310\052\247 -+\025\047\035\264\252\314\177\252\061\060\374\270\105\237\110\011 -+\355\020\342\305 -+END -+ -+# Trust for Certificate "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (en)" -+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST -+CKA_TOKEN CK_BBOOL CK_TRUE -+CKA_PRIVATE CK_BBOOL CK_FALSE -+CKA_MODIFIABLE CK_BBOOL CK_FALSE -+CKA_LABEL UTF8 "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (en)" -+CKA_CERT_SHA1_HASH MULTILINE_OCTAL -+\153\074\073\200\255\312\246\272\212\237\124\246\172\355\022\151 -+\005\155\061\046 -+END -+CKA_CERT_MD5_HASH MULTILINE_OCTAL -+\327\151\141\177\065\017\234\106\243\252\353\370\125\374\204\362 -+END -+CKA_ISSUER MULTILINE_OCTAL -+\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156 -+\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125 -+\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056 -+\156\145\164\057\103\120\123\137\062\060\064\070\040\151\156\143 -+\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151 -+\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006 -+\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105 -+\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164 -+\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164 -+\162\165\163\164\056\156\145\164\040\103\145\162\164\151\146\151 -+\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171 -+\040\050\062\060\064\070\051 -+END -+CKA_SERIAL_NUMBER MULTILINE_OCTAL -+\002\006\007\377\377\377\377\377 -+END -+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED -+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED -+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED -+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE -+ -diff -up ./mozilla/security/nss/lib/ckfw/builtins/nssckbi.h.ckbi188 ./mozilla/security/nss/lib/ckfw/builtins/nssckbi.h ---- ./mozilla/security/nss/lib/ckfw/builtins/nssckbi.h.ckbi188 2011-11-03 16:30:05.063000000 -0700 -+++ ./mozilla/security/nss/lib/ckfw/builtins/nssckbi.h 2011-11-03 08:11:58.000000000 -0700 -@@ -77,8 +77,8 @@ - * of the comment in the CK_VERSION type definition. - */ - #define NSS_BUILTINS_LIBRARY_VERSION_MAJOR 1 --#define NSS_BUILTINS_LIBRARY_VERSION_MINOR 87 --#define NSS_BUILTINS_LIBRARY_VERSION "1.87" -+#define NSS_BUILTINS_LIBRARY_VERSION_MINOR 88 -+#define NSS_BUILTINS_LIBRARY_VERSION "1.88" - - /* These version numbers detail the semantic changes to the ckfw engine. */ - #define NSS_BUILTINS_HARDWARE_VERSION_MAJOR 1 diff --git a/nss/patches/nss-enable-pem.patch0 b/nss/patches/nss-enable-pem.patch0 deleted file mode 100644 index 665a14829..000000000 --- a/nss/patches/nss-enable-pem.patch0 +++ /dev/null @@ -1,12 +0,0 @@ -diff -up ./mozilla/security/nss/lib/ckfw/manifest.mn.prepem ./mozilla/security/nss/lib/ckfw/manifest.mn ---- ./mozilla/security/nss/lib/ckfw/manifest.mn.prepem 2008-08-05 16:34:23.000000000 -0700 -+++ ./mozilla/security/nss/lib/ckfw/manifest.mn 2008-08-05 16:34:30.000000000 -0700 -@@ -38,7 +38,7 @@ MANIFEST_CVS_ID = "@(#) $RCSfile: manife - - CORE_DEPTH = ../../.. - --DIRS = builtins -+DIRS = builtins pem - - PRIVATE_EXPORTS = \ - ck.h \ diff --git a/nss/patches/nss-fix-gcc47-secmodt.patch0 b/nss/patches/nss-fix-gcc47-secmodt.patch0 deleted file mode 100644 index 361555e0a..000000000 --- a/nss/patches/nss-fix-gcc47-secmodt.patch0 +++ /dev/null @@ -1,12 +0,0 @@ -diff -up ./mozilla/security/nss/lib/softoken/secmodt.h.gcc47 ./mozilla/security/nss/lib/softoken/secmodt.h ---- ./mozilla/security/nss/lib/softoken/secmodt.h.gcc47 2012-01-30 16:14:41.179494528 -0500 -+++ ./mozilla/security/nss/lib/softoken/secmodt.h 2012-01-30 16:14:48.287424482 -0500 -@@ -338,7 +338,7 @@ typedef PRUint32 PK11AttrFlags; - #define SECMOD_SLOT_FLAGS "slotFlags=[RSA,DSA,DH,RC2,RC4,DES,RANDOM,SHA1,MD5,MD2,SSL,TLS,AES,Camellia,SEED,SHA256,SHA512]" - - #define SECMOD_MAKE_NSS_FLAGS(fips,slot) \ --"Flags=internal,critical"fips" slotparams=("#slot"={"SECMOD_SLOT_FLAGS"})" -+"Flags=internal,critical" fips" slotparams=("#slot"={" SECMOD_SLOT_FLAGS"})" - - #define SECMOD_INT_NAME "NSS Internal PKCS #11 Module" - #define SECMOD_INT_FLAGS SECMOD_MAKE_NSS_FLAGS("",1) diff --git a/nss/patches/nss-ssl-cbc-random-iv-off-by-default.patch0 b/nss/patches/nss-ssl-cbc-random-iv-off-by-default.patch0 deleted file mode 100644 index 28dfa487d..000000000 --- a/nss/patches/nss-ssl-cbc-random-iv-off-by-default.patch0 +++ /dev/null @@ -1,25 +0,0 @@ -diff -up ./mozilla/security/nss/lib/ssl/sslsock.c.compatible ./mozilla/security/nss/lib/ssl/sslsock.c ---- ./mozilla/security/nss/lib/ssl/sslsock.c.compatible 2012-01-05 13:54:36.430389994 -0800 -+++ ./mozilla/security/nss/lib/ssl/sslsock.c 2012-01-05 13:55:25.810750394 -0800 -@@ -184,7 +184,7 @@ static sslOptions ssl_defaults = { - 3, /* enableRenegotiation (default: transitional) */ - PR_FALSE, /* requireSafeNegotiation */ - PR_FALSE, /* enableFalseStart */ -- PR_TRUE /* cbcRandomIV */ -+ PR_FALSE /* cbcRandomIV */ /* defaults to off for compatibility */ - }; - - sslSessionIDLookupFunc ssl_sid_lookup; -@@ -2359,9 +2359,9 @@ ssl_SetDefaultsFromEnvironment(void) - PR_TRUE)); - } - ev = getenv("NSS_SSL_CBC_RANDOM_IV"); -- if (ev && ev[0] == '0') { -- ssl_defaults.cbcRandomIV = PR_FALSE; -- SSL_TRACE(("SSL: cbcRandomIV set to 0")); -+ if (ev && ev[0] == '1') { -+ ssl_defaults.cbcRandomIV = PR_TRUE; -+ SSL_TRACE(("SSL: cbcRandomIV set to 1")); - } - } - #endif /* NSS_HAVE_GETENV */ diff --git a/nss/patches/nsspem-bz754771.patch0 b/nss/patches/nsspem-bz754771.patch0 deleted file mode 100644 index 1e64a428b..000000000 --- a/nss/patches/nsspem-bz754771.patch0 +++ /dev/null @@ -1,13 +0,0 @@ -diff -up ./mozilla/security/nss/lib/ckfw/pem/pinst.c.754771 ./mozilla/security/nss/lib/ckfw/pem/pinst.c ---- ./mozilla/security/nss/lib/ckfw/pem/pinst.c.754771 2011-12-12 09:38:51.839104295 -0800 -+++ ./mozilla/security/nss/lib/ckfw/pem/pinst.c 2011-12-12 09:44:40.437096761 -0800 -@@ -350,6 +350,9 @@ AddObjectIfNeeded(CK_OBJECT_CLASS objCla - if (io == NULL) - return NULL; - -+ /* initialize pointers to functions */ -+ pem_CreateMDObject(NULL, io, NULL); -+ - io->gobjIndex = count; - - /* add object to global array */ diff --git a/nss/patches/nsspem-createobject-initialize-pointer.patch0 b/nss/patches/nsspem-createobject-initialize-pointer.patch0 deleted file mode 100644 index cdfdea385..000000000 --- a/nss/patches/nsspem-createobject-initialize-pointer.patch0 +++ /dev/null @@ -1,11 +0,0 @@ -diff -up ./mozilla/security/nss/lib/ckfw/pem/pobject.c.717338 ./mozilla/security/nss/lib/ckfw/pem/pobject.c ---- ./mozilla/security/nss/lib/ckfw/pem/pobject.c.717338 2010-11-25 10:49:27.000000000 -0800 -+++ ./mozilla/security/nss/lib/ckfw/pem/pobject.c 2011-09-10 10:16:58.752726964 -0700 -@@ -1179,6 +1179,7 @@ pem_CreateObject - return (NSSCKMDObject *) NULL; - - certDER.len = 0; /* in case there is no equivalent cert */ -+ certDER.data = NULL; - - objid = -1; - for (i = 0; i < pem_nobjs; i++) { diff --git a/nss/patches/nsspem-init-inform-not-thread-safe.patch0 b/nss/patches/nsspem-init-inform-not-thread-safe.patch0 deleted file mode 100644 index 2df4fbe4a..000000000 --- a/nss/patches/nsspem-init-inform-not-thread-safe.patch0 +++ /dev/null @@ -1,129 +0,0 @@ ---- mozilla/security/nss/lib/ckfw/pem/pinst.c.736410 2010-11-25 11:51:52.000000000 -0800 -+++ mozilla/security/nss/lib/ckfw/pem/pinst.c 2011-09-13 16:59:49.325215540 -0700 -@@ -364,39 +364,37 @@ AddObjectIfNeeded(CK_OBJECT_CLASS objCla - size += PEM_ITEM_CHUNK; - } - gobj[count] = io; - count++; - pem_nobjs++; - - io->refCount ++; - return io; - } - - CK_RV - AddCertificate(char *certfile, char *keyfile, PRBool cacert, - CK_SLOT_ID slotID) - { - pemInternalObject *o; -- SECItem certDER; - CK_RV error = 0; - int objid, i; - int nobjs = 0; - SECItem **objs = NULL; - char *ivstring = NULL; - int cipher; - -- certDER.data = NULL; - nobjs = ReadDERFromFile(&objs, certfile, PR_TRUE, &cipher, &ivstring, PR_TRUE /* certs only */); - if (nobjs <= 0) { - nss_ZFreeIf(objs); - return CKR_GENERAL_ERROR; - } - - /* For now load as many certs as are in the file for CAs only */ - if (cacert) { - for (i = 0; i < nobjs; i++) { - char nickname[1024]; - objid = pem_nobjs + 1; - - snprintf(nickname, 1024, "%s - %d", certfile, i); - - o = AddObjectIfNeeded(CKO_CERTIFICATE, pemCert, objs[i], NULL, -@@ -456,72 +454,76 @@ AddCertificate(char *certfile, char *key - loser: - nss_ZFreeIf(objs); - nss_ZFreeIf(o); - return error; - } - - CK_RV - pem_Initialize - ( - NSSCKMDInstance * mdInstance, - NSSCKFWInstance * fwInstance, - NSSUTF8 * configurationData - ) - { - CK_RV rv; -- /* parse the initialization string and initialize CRLInstances */ -+ /* parse the initialization string */ - char **certstrings = NULL; -+ char *modparms = NULL; - PRInt32 numcerts = 0; - PRBool status, error = PR_FALSE; - int i; -+ CK_C_INITIALIZE_ARGS_PTR modArgs = NULL; -+ -+ if (!fwInstance) return CKR_ARGUMENTS_BAD; -+ -+ modArgs = NSSCKFWInstance_GetInitArgs(fwInstance); -+ if (modArgs && -+ ((modArgs->flags & CKF_OS_LOCKING_OK) || (modArgs->CreateMutex != 0))) { -+ return CKR_CANT_LOCK; -+ } - - if (pemInitialized) { - return CKR_OK; - } -+ - RNG_RNGInit(); - - open_log(); - - plog("pem_Initialize\n"); - -- unsigned char *modparms = NULL; -- if (!fwInstance) { -- return CKR_ARGUMENTS_BAD; -- } -- -- CK_C_INITIALIZE_ARGS_PTR modArgs = -- NSSCKFWInstance_GetInitArgs(fwInstance); - if (!modArgs || !modArgs->LibraryParameters) { - goto done; - } -- modparms = (unsigned char *) modArgs->LibraryParameters; -+ modparms = (char *) modArgs->LibraryParameters; - plog("Initialized with %s\n", modparms); - - /* - * The initialization string format is a space-delimited file of - * pairs of paths which are delimited by a semi-colon. The first - * entry of the pair is the path to the certificate file. The - * second is the path to the key file. - * - * CA certificates do not need the semi-colon. - * - * Example: - * /etc/certs/server.pem;/etc/certs/server.key /etc/certs/ca.pem - * - */ - status = -- pem_ParseString((const char *) modparms, ' ', &numcerts, -+ pem_ParseString(modparms, ' ', &numcerts, - &certstrings); - if (status == PR_FALSE) { - return CKR_ARGUMENTS_BAD; - } - - for (i = 0; i < numcerts && error != PR_TRUE; i++) { - char *cert = certstrings[i]; - PRInt32 attrcount = 0; - char **certattrs = NULL; - status = pem_ParseString(cert, ';', &attrcount, &certattrs); - if (status == PR_FALSE) { - error = PR_TRUE; - break; - } - diff --git a/nss/patches/renegotiate-transitional.patch0 b/nss/patches/renegotiate-transitional.patch0 deleted file mode 100644 index 989491db5..000000000 --- a/nss/patches/renegotiate-transitional.patch0 +++ /dev/null @@ -1,12 +0,0 @@ -diff -up mozilla/security/nss/lib/ssl/sslsock.c.transitional mozilla/security/nss/lib/ssl/sslsock.c ---- mozilla/security/nss/lib/ssl/sslsock.c.transitional 2011-10-06 10:37:47.156659000 -0700 -+++ mozilla/security/nss/lib/ssl/sslsock.c 2011-10-06 10:38:32.276704000 -0700 -@@ -182,7 +182,7 @@ static sslOptions ssl_defaults = { - PR_FALSE, /* noLocks */ - PR_FALSE, /* enableSessionTickets */ - PR_FALSE, /* enableDeflate */ -- 2, /* enableRenegotiation (default: requires extension) */ -+ 3, /* enableRenegotiation (default: transitional) */ - PR_FALSE, /* requireSafeNegotiation */ - PR_FALSE, /* enableFalseStart */ - PR_TRUE /* cbcRandomIV */ diff --git a/nss/secmod.db b/nss/secmod.db deleted file mode 100644 index 9a028078d..000000000 Binary files a/nss/secmod.db and /dev/null differ diff --git a/nss/setup-nsssysinit.sh b/nss/setup-nsssysinit.sh deleted file mode 100755 index 8e1f5f7dc..000000000 --- a/nss/setup-nsssysinit.sh +++ /dev/null @@ -1,68 +0,0 @@ -#!/bin/sh -# -# Turns on or off the nss-sysinit module db by editing the -# global PKCS #11 congiguration file. Displays the status. -# -# This script can be invoked by the user as super user. -# It is invoked at nss-sysinit post install time with argument on. -# -usage() -{ - cat <&2 -fi - -# the system-wide configuration file -p11conf="/etc/pki/nssdb/pkcs11.txt" -# must exist, otherwise report it and exit with failure -if [ ! -f $p11conf ]; then - echo "Could not find ${p11conf}" - exit 1 -fi - -# check if nsssysinit is currently enabled or disabled -sysinit_enabled() -{ - grep -q '^library=libnsssysinit' ${p11conf} -} - -umask 022 -case "$1" in - on | ON ) - if sysinit_enabled; then - exit 0 - fi - cat ${p11conf} | \ - sed -e 's/^library=$/library=libnsssysinit.so/' \ - -e '/^NSS/s/\(Flags=internal\)\(,[^m]\)/\1,moduleDBOnly\2/' > \ - ${p11conf}.on - mv ${p11conf}.on ${p11conf} - ;; - off | OFF ) - if ! sysinit_enabled; then - exit 0 - fi - cat ${p11conf} | \ - sed -e 's/^library=libnsssysinit.so/library=/' \ - -e '/^NSS/s/Flags=internal,moduleDBOnly/Flags=internal/' > \ - ${p11conf}.off - mv ${p11conf}.off ${p11conf} - ;; - status ) - echo -n 'NSS sysinit is ' - sysinit_enabled && echo 'enabled' || echo 'disabled' - ;; - * ) - usage 1 1>&2 - ;; -esac diff --git a/nss/system-pkcs11.txt b/nss/system-pkcs11.txt deleted file mode 100644 index c2f5704fa..000000000 --- a/nss/system-pkcs11.txt +++ /dev/null @@ -1,5 +0,0 @@ -library=libnsssysinit.so -name=NSS Internal PKCS #11 Module -parameters=configdir='sql:/etc/pki/nssdb' certPrefix='' keyPrefix='' secmod='secmod.db' flags= updatedir='' updateCertPrefix='' updateKeyPrefix='' updateid='' updateTokenDescription='' -NSS=Flags=internal,moduleDBOnly,critical trustOrder=75 cipherOrder=100 slotParams=(1={slotFlags=[RSA,DSA,DH,RC2,RC4,DES,RANDOM,SHA1,MD5,MD2,SSL,TLS,AES,Camellia,SEED,SHA256,SHA512] askpw=any timeout=30}) -