rpms/libnss
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

remove redhat coming possibly obsolete libnss-sysinit; install all libraries [release 3.27.1-3mamba;Sat Oct 08 2016]

Browse Source
This commit is contained in:
Silvan Calarco 2024-01-06 05:12:55 +01:00
parent 2ce8919909
commit 276caf6496
13 changed files with 177 additions and 513 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
libnss-3.12.3-enable-pem.patch
View File

@ -1,12 +0,0 @@
diff -up ./mozilla/security/nss/lib/ckfw/manifest.mn.prepem ./mozilla/security/nss/lib/ckfw/manifest.mn
--- ./mozilla/security/nss/lib/ckfw/manifest.mn.prepem 2008-08-05 16:34:23.000000000 -0700
+++ ./mozilla/security/nss/lib/ckfw/manifest.mn 2008-08-05 16:34:30.000000000 -0700
@@ -38,7 +38,7 @@ MANIFEST_CVS_ID = "@(#) $RCSfile: manife
CORE_DEPTH = ../../..
-DIRS = builtins
+DIRS = builtins pem
PRIVATE_EXPORTS = \
ck.h \

14
libnss-3.12.3-no-rpath.patch
View File

@ -1,14 +0,0 @@
--- ./mozilla/security/nss/cmd/platlibs.mk.withrpath 2007-02-19 07:17:06.000000000 +0100
+++ ./mozilla/security/nss/cmd/platlibs.mk 2007-02-19 07:18:07.000000000 +0100
@@ -52,9 +52,9 @@
ifeq ($(OS_ARCH), Linux)
ifeq ($(USE_64), 1)
-EXTRA_SHARED_LIBS += -Wl,-rpath,'$$ORIGIN/../lib64:$$ORIGIN/../lib'
+#EXTRA_SHARED_LIBS += -Wl,-rpath,'$$ORIGIN/../lib64:$$ORIGIN/../lib'
else
-EXTRA_SHARED_LIBS += -Wl,-rpath,'$$ORIGIN/../lib'
+#EXTRA_SHARED_LIBS += -Wl,-rpath,'$$ORIGIN/../lib'
endif
endif

52
libnss-3.12.3-nolocalsql.patch
View File

@ -1,52 +0,0 @@
diff -up ./mozilla/security/nss/lib/Makefile.nolocalsql ./mozilla/security/nss/lib/Makefile
--- ./mozilla/security/nss/lib/Makefile.nolocalsql 2007-07-19 23:36:49.000000000 +0200
+++ ./mozilla/security/nss/lib/Makefile 2009-04-14 17:07:40.000000000 +0200
@@ -62,11 +62,11 @@ ifeq ($(OS_TARGET), WINCE)
DIRS := $(filter-out fortcrypt,$(DIRS))
endif
-ifndef MOZILLA_CLIENT
-ifndef NSS_USE_SYSTEM_SQLITE
-DIRS := sqlite $(DIRS)
-endif
-endif
+#ifndef MOZILLA_CLIENT
+#ifndef NSS_USE_SYSTEM_SQLITE
+#DIRS := sqlite $(DIRS)
+#endif
+#endif
#######################################################################
# (5) Execute "global" rules. (OPTIONAL) #
diff -up ./mozilla/security/nss/lib/softoken/legacydb/manifest.mn.nolocalsql ./mozilla/security/nss/lib/softoken/legacydb/manifest.mn
--- ./mozilla/security/nss/lib/softoken/legacydb/manifest.mn.nolocalsql 2007-07-19 23:36:50.000000000 +0200
+++ ./mozilla/security/nss/lib/softoken/legacydb/manifest.mn 2009-04-14 17:07:40.000000000 +0200
@@ -46,9 +46,9 @@ MAPFILE = $(OBJDIR)/nssdbm.def
DEFINES += -DSHLIB_SUFFIX=\"$(DLL_SUFFIX)\" -DSHLIB_PREFIX=\"$(DLL_PREFIX)\" -DSOFTOKEN_LIB_NAME=\"$(notdir $(SHARED_LIBRARY))\"
-ifdef MOZILLA_CLIENT
-INCLUDES += -I$(DIST)/include/sqlite3
-endif
+#ifdef MOZILLA_CLIENT
+#INCLUDES += -I$(DIST)/include/sqlite3
+#endif
CSRCS = \
dbmshim.c \
diff -up ./mozilla/security/nss/lib/softoken/manifest.mn.nolocalsql ./mozilla/security/nss/lib/softoken/manifest.mn
--- ./mozilla/security/nss/lib/softoken/manifest.mn.nolocalsql 2009-03-25 17:21:37.000000000 +0100
+++ ./mozilla/security/nss/lib/softoken/manifest.mn 2009-04-14 17:07:40.000000000 +0200
@@ -47,9 +47,9 @@ MAPFILE = $(OBJDIR)/softokn.def
DEFINES += -DSHLIB_SUFFIX=\"$(DLL_SUFFIX)\" -DSHLIB_PREFIX=\"$(DLL_PREFIX)\" -DSOFTOKEN_LIB_NAME=\"$(notdir $(SHARED_LIBRARY))\" -DSHLIB_VERSION=\"$(LIBRARY_VERSION)\"
-ifdef MOZILLA_CLIENT
-INCLUDES += -I$(DIST)/include/sqlite3
-endif
+#ifdef MOZILLA_CLIENT
+#INCLUDES += -I$(DIST)/include/sqlite3
+#endif
EXPORTS = \
secmodt.h \

23
libnss-3.12.3-stubs-bug502133.patch
View File

@ -1,23 +0,0 @@
diff -rupN nss-3.12.3.99.3-orig/mozilla/security/nss/lib/freebl/stubs.c nss-3.12.3.99.3/mozilla/security/nss/lib/freebl/stubs.c
--- ./mozilla/security/nss/lib/freebl/stubs.c 2009-03-28 19:21:50.000000000 -0700
+++ ./mozilla/security/nss/lib/freebl/stubs.c 2009-06-08 20:37:20.000000000 -0700
@@ -558,8 +558,8 @@ FREEBL_InitStubs()
return SECFailure;
}
rv = freebl_InitNSPR(nspr);
- freebl_releaseLibrary(nspr);
if (rv != SECSuccess) {
+ freebl_releaseLibrary(nspr);
return rv;
}
}
@@ -570,8 +570,8 @@ FREEBL_InitStubs()
return SECFailure;
}
rv = freebl_InitNSSUtil(nssutil);
- freebl_releaseLibrary(nssutil);
if (rv != SECSuccess) {
+ freebl_releaseLibrary(nssutil);
return rv;
}
}

133
libnss-3.12.9-honor-user-trust-preferences.patch
View File

@ -1,133 +0,0 @@
Index: ./mozilla/security/nss/lib/pk11wrap/pk11load.c
===================================================================
RCS file: /cvsroot/mozilla/security/nss/lib/pk11wrap/pk11load.c,v
retrieving revision 1.30
diff -u -p -r1.30 pk11load.c
--- ./mozilla/security/nss/lib/pk11wrap/pk11load.c 30 Apr 2010 07:22:54 -0000 1.30
+++ ./mozilla/security/nss/lib/pk11wrap/pk11load.c 22 Jan 2011 05:39:07 -0000
@@ -178,8 +178,8 @@ secmod_handleReload(SECMODModule *oldMod
char *oldModuleSpec;
if (secmod_IsInternalKeySlot(newModule)) {
- pk11_SetInternalKeySlot(slot);
- }
+ pk11_FirstInternalKeySlot(slot);
+ }
newID = slot->slotID;
PK11_FreeSlot(slot);
for (thisChild=children, thisID=ids; thisChild && *thisChild;
@@ -550,6 +550,11 @@ secmod_LoadPKCS11Module(SECMODModule *mo
/* look down the slot info table */
PK11_LoadSlotList(mod->slots[i],mod->slotInfo,mod->slotInfoCount);
SECMOD_SetRootCerts(mod->slots[i],mod);
+ /* explicitly mark the internal slot as such if IsInternalKeySlot()
+ * is set */
+ if (secmod_IsInternalKeySlot(mod) && (i == (mod->isFIPS ? 0 : 1))) {
+ pk11_FirstInternalKeySlot(mod->slots[i]);
+ }
}
mod->slotCount = slotCount;
mod->slotInfoCount = 0;
Index: ./mozilla/security/nss/lib/pk11wrap/pk11priv.h
===================================================================
RCS file: /cvsroot/mozilla/security/nss/lib/pk11wrap/pk11priv.h,v
retrieving revision 1.13
diff -u -p -r1.13 pk11priv.h
--- ./mozilla/security/nss/lib/pk11wrap/pk11priv.h 27 Oct 2009 23:04:46 -0000 1.13
+++ ./mozilla/security/nss/lib/pk11wrap/pk11priv.h 22 Jan 2011 05:39:07 -0000
@@ -115,6 +115,7 @@ void PK11_InitSlot(SECMODModule *mod,CK_
PRBool PK11_NeedPWInitForSlot(PK11SlotInfo *slot);
SECStatus PK11_ReadSlotCerts(PK11SlotInfo *slot);
void pk11_SetInternalKeySlot(PK11SlotInfo *slot);
+void pk11_FirstInternalKeySlot(PK11SlotInfo *slot);
/*********************************************************************
* Mechanism Mapping functions
Index: ./mozilla/security/nss/lib/pk11wrap/pk11slot.c
===================================================================
RCS file: /cvsroot/mozilla/security/nss/lib/pk11wrap/pk11slot.c,v
retrieving revision 1.101
diff -u -p -r1.101 pk11slot.c
--- ./mozilla/security/nss/lib/pk11wrap/pk11slot.c 3 Apr 2010 18:27:31 -0000 1.101
+++ ./mozilla/security/nss/lib/pk11wrap/pk11slot.c 22 Jan 2011 05:39:08 -0000
@@ -1735,6 +1735,15 @@ pk11_SetInternalKeySlot(PK11SlotInfo *sl
pk11InternalKeySlot = slot ? PK11_ReferenceSlot(slot) : NULL;
}
+void
+pk11_FirstInternalKeySlot(PK11SlotInfo *slot)
+{
+ if (pk11InternalKeySlot) {
+ return;
+ }
+ pk11InternalKeySlot = slot ? PK11_ReferenceSlot(slot) : NULL;
+}
+
/* get the internal key slot. FIPS has only one slot for both key slots and
* default slots */
Index: ./mozilla/security/nss/lib/sysinit/nsssysinit.c
===================================================================
RCS file: /cvsroot/mozilla/security/nss/lib/sysinit/nsssysinit.c,v
retrieving revision 1.2
diff -u -p -r1.2 nsssysinit.c
--- ./mozilla/security/nss/lib/sysinit/nsssysinit.c 6 Feb 2010 04:56:37 -0000 1.2
+++ ./mozilla/security/nss/lib/sysinit/nsssysinit.c 22 Jan 2011 05:39:08 -0000
@@ -221,7 +221,7 @@ getFIPSMode(void)
* 2 for the key slot, and
* 3 for the crypto operations slot fips
*/
-#define ORDER_FLAGS "trustOrder=75 cipherOrder=100"
+#define ORDER_FLAGS "cipherOrder=100"
#define SLOT_FLAGS \
"[slotFlags=RSA,RC4,RC2,DES,DH,SHA1,MD5,MD2,SSL,TLS,AES,RANDOM" \
" askpw=any timeout=30 ]"
@@ -270,7 +270,7 @@ get_list(char *filename, char *stripped_
"library= "
"module=\"NSS User database\" "
"parameters=\"configdir='sql:%s' %s tokenDescription='NSS user database'\" "
- "NSS=\"%sflags=internal%s\"",
+ "NSS=\"trustOrder=75 %sflags=internal%s\"",
userdb, stripped_parameters, nssflags,
isFIPS ? ",FIPS" : "");
@@ -284,30 +284,6 @@ get_list(char *filename, char *stripped_
userdb, stripped_parameters);
}
-#if 0
- /* This doesn't actually work. If we register
- both this and the sysdb (in either order)
- then only one of them actually shows up */
-
- /* Using a NULL filename as a Boolean flag to
- * prevent registering both an application-defined
- * db and the system db. rhbz #546211.
- */
- PORT_Assert(filename);
- if (sysdb && PL_CompareStrings(filename, sysdb))
- filename = NULL;
- else if (userdb && PL_CompareStrings(filename, userdb))
- filename = NULL;
-
- if (filename && !userIsRoot()) {
- module_list[next++] = PR_smprintf(
- "library= "
- "module=\"NSS database\" "
- "parameters=\"configdir='sql:%s' tokenDescription='NSS database sql:%s'\" "
- "NSS=\"%sflags=internal\"",filename, filename, nssflags);
- }
-#endif
-
/* now the system database (always read only unless it's root) */
if (sysdb) {
const char *readonly = userCanModifySystemDB() ? "" : "flags=readonly";
@@ -315,7 +291,7 @@ get_list(char *filename, char *stripped_
"library= "
"module=\"NSS system database\" "
"parameters=\"configdir='sql:%s' tokenDescription='NSS system database' %s\" "
- "NSS=\"%sflags=internal,critical\"",sysdb, readonly, nssflags);
+ "NSS=\"trustOrder=80 %sflags=internal,critical\"",sysdb, readonly, nssflags);
}
/* that was the last module */

33
libnss-3.12.9-ipv6-type-connections-bug539183.patch
View File

@ -1,33 +0,0 @@
Index: mozilla/security/nss/cmd/selfserv/selfserv.c
===================================================================
RCS file: /cvsroot/mozilla/security/nss/cmd/selfserv/selfserv.c,v
retrieving revision 1.94
diff -p -u -8 -r1.94 selfserv.c
--- mozilla/security/nss/cmd/selfserv/selfserv.c 3 Apr 2010 18:27:27 -0000 1.94
+++ mozilla/security/nss/cmd/selfserv/selfserv.c 24 Feb 2011 02:28:02 -0000
@@ -1487,21 +1487,21 @@ PRFileDesc *
getBoundListenSocket(unsigned short port)
{
PRFileDesc * listen_sock;
int listenQueueDepth = 5 + (2 * maxThreads);
PRStatus prStatus;
PRNetAddr addr;
PRSocketOptionData opt;
- addr.inet.family = PR_AF_INET;
- addr.inet.ip = PR_INADDR_ANY;
- addr.inet.port = PR_htons(port);
+ if (PR_SetNetAddr(PR_IpAddrAny, PR_AF_INET6, port, &addr) != PR_SUCCESS) {
+ errExit("PR_SetNetAddr");
+ }
- listen_sock = PR_NewTCPSocket();
+ listen_sock = PR_OpenTCPSocket(PR_AF_INET6);
if (listen_sock == NULL) {
errExit("PR_NewTCPSocket");
}
opt.option = PR_SockOpt_Nonblocking;
opt.value.non_blocking = PR_FALSE;
prStatus = PR_SetSocketOption(listen_sock, &opt);
if (prStatus < 0) {

52
libnss-3.12.9-nsspem-642433.patch
View File

@ -1,52 +0,0 @@
diff -up ./mozilla/security/nss/lib/ckfw/pem/util.c.642433 ./mozilla/security/nss/lib/ckfw/pem/util.c
--- ./mozilla/security/nss/lib/ckfw/pem/util.c.642433 2010-11-25 10:49:27.000000000 -0800
+++ ./mozilla/security/nss/lib/ckfw/pem/util.c 2010-12-08 08:02:02.618304926 -0800
@@ -96,9 +96,6 @@ static SECItem *AllocItem(SECItem * item
return (result);
loser:
- if (result != NULL) {
- SECITEM_FreeItem(result, (item == NULL) ? PR_TRUE : PR_FALSE);
- }
return (NULL);
}
@@ -110,7 +107,7 @@ static SECStatus FileToItem(SECItem * ds
prStatus = PR_GetOpenFileInfo(src, &info);
- if (prStatus != PR_SUCCESS) {
+ if (prStatus != PR_SUCCESS || info.type == PR_FILE_DIRECTORY) {
return SECFailure;
}
@@ -126,8 +123,7 @@ static SECStatus FileToItem(SECItem * ds
return SECSuccess;
loser:
- SECITEM_FreeItem(dst, PR_FALSE);
- nss_ZFreeIf(dst);
+ nss_ZFreeIf(dst->data);
return SECFailure;
}
@@ -153,6 +149,10 @@ ReadDERFromFile(SECItem *** derlist, cha
/* Read in ascii data */
rv = FileToItem(&filedata, inFile);
+ if (rv != SECSuccess) {
+ PR_Close(inFile);
+ return -1;
+ }
asc = (char *) filedata.data;
if (!asc) {
PR_Close(inFile);
@@ -252,7 +252,7 @@ ReadDERFromFile(SECItem *** derlist, cha
} else {
/* Read in binary der */
rv = FileToItem(der, inFile);
- if (rv) {
+ if (rv != SECSuccess) {
PR_Close(inFile);
return -1;
}

12
libnss-3.12.9-renegotiate-transitional.patch
View File

@ -1,12 +0,0 @@
diff -up ./mozilla/security/nss/lib/ssl/sslsock.c.transitional ./mozilla/security/nss/lib/ssl/sslsock.c
--- ./mozilla/security/nss/lib/ssl/sslsock.c.transitional 2010-09-04 09:46:50.331327676 -0700
+++ ./mozilla/security/nss/lib/ssl/sslsock.c 2010-09-04 09:50:02.814325605 -0700
@@ -181,7 +181,7 @@ static sslOptions ssl_defaults = {
PR_FALSE, /* noLocks */
PR_FALSE, /* enableSessionTickets */
PR_FALSE, /* enableDeflate */
- 2, /* enableRenegotiation (default: requires extension) */
+ 3, /* enableRenegotiation (default: transitional) */
PR_FALSE, /* requireSafeNegotiation */
PR_FALSE, /* enableFalseStart */
};

11
libnss-3.12.9-system-nspr.patch
View File

@ -1,11 +0,0 @@
--- mozilla/security/nss/Makefile 2009-12-08 17:47:03.000000000 +0100
+++ mozilla/security/nss/Makefile-gil 2011-01-26 01:02:44.000000000 +0100
@@ -78,7 +78,7 @@
# (7) Execute "local" rules. (OPTIONAL). #
#######################################################################
-nss_build_all: build_coreconf build_nspr build_dbm all
+nss_build_all: build_coreconf build_dbm all
nss_clean_all: clobber_coreconf clobber_nspr clobber_dbm clobber

10
libnss-3.15.4-add-missing-RSA_BlockOAEP.patch
View File

@ -1,10 +0,0 @@
--- nss-3.15.4/nss/lib/freebl/rsapkcs.c.orig 2014-02-18 14:09:04.195114868 +0100
+++ nss-3.15.4/nss/lib/freebl/rsapkcs.c 2014-02-18 14:09:13.416071147 +0100
@@ -32,6 +32,7 @@
RSA_BlockUnused = 0, /* unused */
RSA_BlockPrivate = 1, /* pad for a private-key operation */
RSA_BlockPublic = 2, /* pad for a public-key operation */
+ RSA_BlockOAEP = 3,
RSA_BlockRaw = 4, /* simply justify the block appropriately */
RSA_BlockTotal
} RSA_BlockType;

45
libnss-3.15.1-lfs-buildfixes.patch → libnss-3.27.1-standalone-1.patch
View File

@ -1,13 +1,16 @@
Submitted By: Armin K. <krejzi at email dot com> Submitted By: Fernando de Oliveira <famobr at yahoo dot com dot br>
Date: 2013-07-02 Date: 2015-11-10
Initial Package Version: 3.15 Initial Package Version: 3.21
Upstream Status: Not applicable Upstream Status: Not applicable
Origin: Based on dj's original patch, rediffed and modified for 3.15 Origin: Based on dj's original patch, rediffed and
Description: Adds auto-generated nss.pc and nss-config script, and allows modified for 3.15 by Armin K.
building without nspr in the source tree. <krejzi at email dot com>
Description: Adds auto-generated nss.pc and nss-config script, and
allows building without nspr in the source tree.
--- a/nss/config/Makefile 1970-01-01 01:00:00.000000000 +0100 diff -Naur nss-3.21.orig/nss/config/Makefile nss-3.21/nss/config/Makefile
+++ b/nss/config/Makefile 2013-07-02 14:53:56.684750636 +0200 --- nss-3.21.orig/nss/config/Makefile 1969-12-31 21:00:00.000000000 -0300
+++ nss-3.21/nss/config/Makefile 2015-11-10 12:54:49.358835857 -0300
@@ -0,0 +1,40 @@ @@ -0,0 +1,40 @@
+CORE_DEPTH = .. +CORE_DEPTH = ..
+DEPTH = .. +DEPTH = ..
@ -49,8 +52,9 @@ Description: Adds auto-generated nss.pc and nss-config script, and a
+ +
+dummy: all export libs +dummy: all export libs
+ +
--- a/nss/config/nss-config.in 1970-01-01 01:00:00.000000000 +0100 diff -Naur nss-3.21.orig/nss/config/nss-config.in nss-3.21/nss/config/nss-config.in
+++ b/nss/config/nss-config.in 2013-07-02 14:52:58.328084334 +0200 --- nss-3.21.orig/nss/config/nss-config.in 1969-12-31 21:00:00.000000000 -0300
+++ nss-3.21/nss/config/nss-config.in 2015-11-10 12:54:49.359835835 -0300
@@ -0,0 +1,153 @@ @@ -0,0 +1,153 @@
+#!/bin/sh +#!/bin/sh
+ +
@ -205,8 +209,9 @@ Description: Adds auto-generated nss.pc and nss-config script, and a
+ echo $libdirs + echo $libdirs
+fi +fi
+ +
--- a/nss/config/nss.pc.in 1970-01-01 01:00:00.000000000 +0100 diff -Naur nss-3.21.orig/nss/config/nss.pc.in nss-3.21/nss/config/nss.pc.in
+++ b/nss/config/nss.pc.in 2013-07-02 14:52:58.328084334 +0200 --- nss-3.21.orig/nss/config/nss.pc.in 1969-12-31 21:00:00.000000000 -0300
+++ nss-3.21/nss/config/nss.pc.in 2015-11-10 12:54:49.359835835 -0300
@@ -0,0 +1,12 @@ @@ -0,0 +1,12 @@
+prefix=@prefix@ +prefix=@prefix@
+exec_prefix=@exec_prefix@ +exec_prefix=@exec_prefix@
@ -220,9 +225,10 @@ Description: Adds auto-generated nss.pc and nss-config script, and a
+Libs: -L@libdir@ -lnss@NSS_MAJOR_VERSION@ -lnssutil@NSS_MAJOR_VERSION@ -lsmime@NSS_MAJOR_VERSION@ -lssl@NSS_MAJOR_VERSION@ -lsoftokn@NSS_MAJOR_VERSION@ +Libs: -L@libdir@ -lnss@NSS_MAJOR_VERSION@ -lnssutil@NSS_MAJOR_VERSION@ -lsmime@NSS_MAJOR_VERSION@ -lssl@NSS_MAJOR_VERSION@ -lsoftokn@NSS_MAJOR_VERSION@
+Cflags: -I${includedir} +Cflags: -I${includedir}
+ +
--- a/nss/Makefile 2013-05-28 23:43:24.000000000 +0200 diff -Naur nss-3.21.orig/nss/Makefile nss-3.21/nss/Makefile
+++ b/nss/Makefile 2013-07-02 14:52:58.328084334 +0200 --- nss-3.21.orig/nss/Makefile 2015-11-09 02:12:59.000000000 -0300
@@ -44,7 +44,7 @@ +++ nss-3.21/nss/Makefile 2015-11-10 12:54:49.359835835 -0300
@@ -46,7 +46,7 @@
# (7) Execute "local" rules. (OPTIONAL). # # (7) Execute "local" rules. (OPTIONAL). #
####################################################################### #######################################################################
@ -231,11 +237,12 @@ Description: Adds auto-generated nss.pc and nss-config script, and a
nss_clean_all: clobber_nspr clobber nss_clean_all: clobber_nspr clobber
--- a/nss/manifest.mn 2013-05-28 23:43:24.000000000 +0200 diff -Naur nss-3.21.orig/nss/manifest.mn nss-3.21/nss/manifest.mn
+++ b/nss/manifest.mn 2013-07-02 14:52:58.331417666 +0200 --- nss-3.21.orig/nss/manifest.mn 2015-11-09 02:12:59.000000000 -0300
+++ nss-3.21/nss/manifest.mn 2015-11-10 12:59:22.439784449 -0300
@@ -10,4 +10,4 @@ @@ -10,4 +10,4 @@
RELEASE = nss RELEASE = nss
-DIRS = coreconf lib cmd -DIRS = coreconf lib cmd external_tests
+DIRS = coreconf lib cmd config +DIRS = coreconf lib cmd external_tests config

271
libnss.spec
View File

@ -4,15 +4,15 @@
%define with_test 0 %define with_test 0
%define with_nsspem 1 %define with_nsspem 1
Name: libnss Name: libnss
Version: 3.23 Version: 3.27.1
Release: 1mamba Release: 3mamba
Summary: Network Security Services Summary: Network Security Services
Group: System/Libraries Group: System/Libraries
Vendor: openmamba Vendor: openmamba
Distribution: openmamba Distribution: openmamba
Packager: Silvan Calarco <silvan.calarco@mambasoft.it> Packager: Silvan Calarco <silvan.calarco@mambasoft.it>
URL: http://www.mozilla.org/projects/security/pki/nss/ URL: http://www.mozilla.org/projects/security/pki/nss/
Source0: http://ftp.mozilla.org/pub/security/nss/releases/NSS_%{srcver}_RTM/src/nss-%{version}.tar.gz Source0: https://ftp.mozilla.org/pub/security/nss/releases/NSS_%{srcver}_RTM/src/nss-%{version}.tar.gz
Source1: nss.pc.in Source1: nss.pc.in
Source2: nss-config.in Source2: nss-config.in
Source3: blank-cert8.db Source3: blank-cert8.db
@ -29,36 +29,31 @@ Source9: setup-nsssysinit.sh
#Source10: libnss-pem-20140218.tar.bz2 #Source10: libnss-pem-20140218.tar.bz2
Source10: https://git.fedorahosted.org/git/nss-pem.git/master/nss-pem-%{version}.tar.bz2 Source10: https://git.fedorahosted.org/git/nss-pem.git/master/nss-pem-%{version}.tar.bz2
%endif %endif
Patch1: libnss-3.12.3-no-rpath.patch
Patch2: libnss-3.12.3-nolocalsql.patch
Patch3: libnss-3.12.9-renegotiate-transitional.patch
Patch4: libnss-3.12.9-enable-pem.patch Patch4: libnss-3.12.9-enable-pem.patch
Patch5: libnss-3.12.9-nsspem-642433.patch
Patch6: libnss-3.12.3-enable-pem.patch
Patch7: libnss-3.12.3-stubs-bug502133.patch
Patch8: libnss-3.12.9-honor-user-trust-preferences.patch
Patch9: libnss-3.12.9-system-nspr.patch
Patch10: libnss-3.15.1-opt_flags.patch Patch10: libnss-3.15.1-opt_flags.patch
Patch11: libnss-3.12.9-ipv6-type-connections-bug539183.patch Patch15: libnss-3.27.1-standalone-1.patch
Patch12: libnss-3.15.4-add-missing-RSA_BlockOAEP.patch
Patch13: libnss-3.15.1-lfs-buildfixes.patch
Patch14: nss-pem-3.22-buildfix.patch
License: GPL, MPL 1.1, LGPL License: GPL, MPL 1.1, LGPL
## AUTOBUILDREQ-BEGIN ## AUTOBUILDREQ-BEGIN
BuildRequires: glibc-devel BuildRequires: libgcc
BuildRequires: libnspr-devel BuildRequires: libnspr-devel
BuildRequires: libsqlite-devel BuildRequires: libsqlite-devel
BuildRequires: libstdc++6-devel
BuildRequires: libz-devel BuildRequires: libz-devel
## AUTOBUILDREQ-END ## AUTOBUILDREQ-END
BuildRequires: libnspr-devel >= 4.13
BuildRequires: gawk BuildRequires: gawk
BuildRequires: perl BuildRequires: perl
BuildRequires: pkgconfig BuildRequires: pkgconfig
BuildRequires: psmisc BuildRequires: psmisc
BuildRequires: libsqlite-devel >= 3.14.2.0
Requires: libnspr >= 4.13
Obsoletes: libmozilla-nss Obsoletes: libmozilla-nss
Provides: libmozilla-nss = %{?epoch:%epoch:}%{version}-%{release} Provides: libmozilla-nss = %{?epoch:%epoch:}%{version}-%{release}
Obsoletes: libmozilla Obsoletes: libmozilla
Conflicts: libmozilla <= 1.7.13-1 Conflicts: libmozilla <= 1.7.13-1
Requires: %{name}-sysinit = %{?epoch:%epoch:}%{version}-%{release} #Requires: %{name}-sysinit = %{?epoch:%epoch:}%{version}-%{release}
Provides: libnss-sysinit
Obsoletes: libnss-sysinit
BuildRoot: %{_tmppath}/%{name}-%{version}-root BuildRoot: %{_tmppath}/%{name}-%{version}-root
%description %description
@ -104,20 +99,17 @@ Default Operating System module that manages applications loading NSS globally o
%setup -q -n nss-%{version} %setup -q -n nss-%{version}
#-D -T #-D -T
#:<< __EOF #:<< __EOF
#%patch3 -p3
%if %with_nsspem %if %with_nsspem
tar -xf %{SOURCE10} tar -xf %{SOURCE10}
mv nss-pem-%{version}/nss/lib/ckfw/pem/ nss/lib/ckfw/ mv nss-pem-%{version}/nss/lib/ckfw/pem/ nss/lib/ckfw/
#%patch14 -p0
%patch4 -p3 %patch4 -p3
#%patch5 -p3
%endif %endif
#%patch8 -p1
#%patch9 -p0
%patch10 -p0 %patch10 -p0
#%patch11 -p0 %patch15 -p1
#%patch12 -p1
#%patch13 -p1 %ifarch x86_64
sed -i "s|/lib,|/lib64,|" nss/config/Makefile
%endif
%build %build
#:<< __EOF #:<< __EOF
@ -132,83 +124,91 @@ export NSPR_LIB_DIR
export NSS_USE_SYSTEM_SQLITE=1 export NSS_USE_SYSTEM_SQLITE=1
export OPT_FLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing" export OPT_FLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing"
%ifarch x86_64 ia64 %make -j1 -C nss \
export USE_64=1 BUILD_OPT=1 \
NSPR_INCLUDE_DIR=%{_includedir}/nspr \
USE_SYSTEM_ZLIB=1 \
ZLIB_LIBS=-lz \
%ifarch x86_64
USE_64=1 \
%endif %endif
NSS_USE_SYSTEM_SQLITE=1
make -C ./nss/coreconf #make -C ./nss/coreconf
make -C ./nss/lib/dbm #make -C ./nss/lib/dbm
make -C ./nss CORE_DEPTH=`pwd`/nss #make -C ./nss CORE_DEPTH=`pwd`/nss
#
cat %{SOURCE1} | sed -e "s,%%libdir%%,%{_libdir},g" \ #cat %{SOURCE1} | sed -e "s,%%libdir%%,%{_libdir},g" \
-e "s,%%prefix%%,%{_prefix},g" \ # -e "s,%%prefix%%,%{_prefix},g" \
-e "s,%%exec_prefix%%,%{_prefix},g" \ # -e "s,%%exec_prefix%%,%{_prefix},g" \
-e "s,%%includedir%%,%{_includedir}/nss3,g" \ # -e "s,%%includedir%%,%{_includedir}/nss3,g" \
-e "s,%%NSPR_VERSION%%,%{nspr_version},g" \ # -e "s,%%NSPR_VERSION%%,%{nspr_version},g" \
-e "s,%%NSS_VERSION%%,%{version},g" > custom_nss.pc # -e "s,%%NSS_VERSION%%,%{version},g" > custom_nss.pc
#
%define majver %(echo %version | cut -d. -f1) #%define majver %(echo %version | cut -d. -f1)
%define minver %(echo %version | cut -d. -f2) #%define minver %(echo %version | cut -d. -f2)
%define patchver %(echo %version | cut -d. -f3) #%define patchver %(echo %version | cut -d. -f3)
#
NSS_VMAJOR=%majver #NSS_VMAJOR=%majver
NSS_VMINOR=%minver #NSS_VMINOR=%minver
NSS_VPATCH=%patchver #NSS_VPATCH=%patchver
cat %{SOURCE2} | sed -e "s,@libdir@,%{_libdir},g" \ #cat %{SOURCE2} | sed -e "s,@libdir@,%{_libdir},g" \
-e "s,@prefix@,%{_prefix},g" \ # -e "s,@prefix@,%{_prefix},g" \
-e "s,@exec_prefix@,%{_prefix},g" \ # -e "s,@exec_prefix@,%{_prefix},g" \
-e "s,@includedir@,%{_includedir}/nss3,g" \ # -e "s,@includedir@,%{_includedir}/nss3,g" \
-e "s,@MOD_MAJOR_VERSION@,$NSS_VMAJOR,g" \ # -e "s,@MOD_MAJOR_VERSION@,$NSS_VMAJOR,g" \
-e "s,@MOD_MINOR_VERSION@,$NSS_VMINOR,g" \ # -e "s,@MOD_MINOR_VERSION@,$NSS_VMINOR,g" \
-e "s,@MOD_PATCH_VERSION@,$NSS_VPATCH,g" > custom_nss-config # -e "s,@MOD_PATCH_VERSION@,$NSS_VPATCH,g" > custom_nss-config
#
cat %{SOURCE9} > setup-nsssysinit.sh #cat %{SOURCE9} > setup-nsssysinit.sh
#
%if %with_test #% if %with_test
export BUILD_OPT=1 #export BUILD_OPT=1
export HOST="localhost" #export HOST="localhost"
export DOMSUF=" " #export DOMSUF=" "
export USE_IP=TRUE #export USE_IP=TRUE
export IP_ADDRESS="127.0.0.1" #export IP_ADDRESS="127.0.0.1"
cd nss/tests #cd nss/tests
./all.sh #./all.sh
#TEST_FAILURES=`grep -c FAILED ../../../tests_results/security/localhost.1/output.log` || : ##TEST_FAILURES=`grep -c FAILED ../../../tests_results/security/localhost.1/output.log` || :
#if [ $TEST_FAILURES -ne 0 ]; then ##if [ $TEST_FAILURES -ne 0 ]; then
# echo "error: test suite returned failure(s)" ## echo "error: test suite returned failure(s)"
# exit 1 ## exit 1
#fi ##fi
%endif #% endif
%install %install
[ "%{buildroot}" != / ] && rm -rf "%{buildroot}" [ "%{buildroot}" != / ] && rm -rf "%{buildroot}"
install -D -m 644 custom_nss.pc %{buildroot}%{_libdir}/pkgconfig/nss.pc
install -D -m 755 custom_nss-config %{buildroot}%{_bindir}/nss-config install -D -m644 dist/Linux*/lib/pkgconfig/nss.pc %{buildroot}%{_libdir}/pkgconfig/nss.pc
#install -D -m 644 custom_nss.pc %{buildroot}%{_libdir}/pkgconfig/nss.pc
#install -D -m 755 custom_nss-config %{buildroot}%{_bindir}/nss-config
# copy all the binary libraries # copy all the binary libraries
for file in libfreebl3.so libnss3.so libnssckbi.so libsmime3.so libsoftokn3.so libssl3.so libnssutil3.so libnssdbm3.so libnsssysinit.so; do install -d -m0755 %{buildroot}%{_bindir}
install -m 755 dist/*.OBJ/lib/$file %{buildroot}%{_libdir} for file in dist/*.OBJ/lib/*.so; do
install -m 755 $file %{buildroot}%{_libdir}
done done
%if %with_nsspem #% if %with_nsspem
install -m 755 dist/*.OBJ/lib/libnsspem.so %{buildroot}%{_libdir} #install -m 755 dist/*.OBJ/lib/libnsspem.so %{buildroot}%{_libdir}
%endif #% endif
# copy alle the chk files # copy alle the chk files
for file in libfreebl3.chk libsoftokn3.chk libnssdbm3.chk; do for file in dist/*.OBJ/lib/*.chk; do
install -m 644 dist/*.OBJ/lib/$file %{buildroot}%{_libdir} install -m 644 $file %{buildroot}%{_libdir}
done done
# install the empty NSS db files ## install the empty NSS db files
# legacy db ## legacy db
install -d %{buildroot}%{_sysconfdir}/pki/nssdb #install -d %{buildroot}%{_sysconfdir}/pki/nssdb
install -m 644 %{SOURCE3} %{buildroot}%{_sysconfdir}/pki/nssdb/cert8.db #install -m 644 %{SOURCE3} %{buildroot}%{_sysconfdir}/pki/nssdb/cert8.db
install -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/pki/nssdb/key3.db #install -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/pki/nssdb/key3.db
install -m 644 %{SOURCE5} %{buildroot}%{_sysconfdir}/pki/nssdb/secmod.db #install -m 644 %{SOURCE5} %{buildroot}%{_sysconfdir}/pki/nssdb/secmod.db
# shared db ## shared db
install -m 644 %{SOURCE6} %{buildroot}%{_sysconfdir}/pki/nssdb/cert9.db #install -m 644 %{SOURCE6} %{buildroot}%{_sysconfdir}/pki/nssdb/cert9.db
install -m 644 %{SOURCE7} %{buildroot}%{_sysconfdir}/pki/nssdb/key4.db #install -m 644 %{SOURCE7} %{buildroot}%{_sysconfdir}/pki/nssdb/key4.db
install -m 644 %{SOURCE8} %{buildroot}%{_sysconfdir}/pki/nssdb/pkcs11.txt #install -m 644 %{SOURCE8} %{buildroot}%{_sysconfdir}/pki/nssdb/pkcs11.txt
# copy the development libraries we want # copy the development libraries we want
for file in libcrmf.a libnssb.a libnssckfw.a; do for file in libcrmf.a libnssb.a libnssckfw.a; do
@ -216,7 +216,7 @@ for file in libcrmf.a libnssb.a libnssckfw.a; do
done done
# copy the binaries we want # copy the binaries we want
for file in certutil cmsutil crlutil modutil pk12util signtool signver ssltap; do for file in certutil cmsutil crlutil modutil nss-config pk12util signtool signver ssltap; do
install -m 755 dist/*.OBJ/bin/$file %{buildroot}%{_bindir} install -m 755 dist/*.OBJ/bin/$file %{buildroot}%{_bindir}
done done
@ -226,16 +226,18 @@ for file in atob btoa derdump ocspclnt pp selfserv shlibsign strsclnt symkeyutil
install -m 755 dist/*.OBJ/bin/$file %{buildroot}%{_libexecdir}/nss install -m 755 dist/*.OBJ/bin/$file %{buildroot}%{_libexecdir}/nss
done done
# pkcs11 configuration script ## pkcs11 configuration script
mkdir -p %{buildroot}%{_sbindir} #mkdir -p %{buildroot}%{_sbindir}
install -pm 755 setup-nsssysinit.sh %{buildroot}%{_sbindir}/setup-nsssysinit.sh #install -pm 755 %{SOURCE9} %{buildroot}%{_sbindir}/setup-nsssysinit.sh
# copy the include files # copy the include files
install -d %{buildroot}%{_includedir}/nss3 install -d %{buildroot}%{_includedir}/nss3
for file in dist/public/nss/*.h; do for file in dist/public/nss/*.h dist/private/nss/*.h; do
install -m 644 $file %{buildroot}%{_includedir}/nss3 install -m 644 $file %{buildroot}%{_includedir}/nss3
done done
ln -s nss3 %{buildroot}%{_includedir}/nss
%clean %clean
[ "%{buildroot}" != / ] && rm -rf "%{buildroot}" [ "%{buildroot}" != / ] && rm -rf "%{buildroot}"
@ -244,44 +246,47 @@ done
%files %files
%defattr(-,root,root) %defattr(-,root,root)
%{_libdir}/libfreebl3.so
%{_libdir}/libfreebl3.chk
%{_libdir}/libfreeblpriv3.chk
%{_libdir}/libfreeblpriv3.so
%{_libdir}/libgtest1.so
%{_libdir}/libnss3.so %{_libdir}/libnss3.so
%{_libdir}/libnssckbi.so
%{_libdir}/libnssdbm3.so
%{_libdir}/libnssdbm3.chk
%{_libdir}/libnsssysinit.so
%{_libdir}/libnssutil3.so
%{_libdir}/libssl3.so %{_libdir}/libssl3.so
%{_libdir}/libsmime3.so %{_libdir}/libsmime3.so
%{_libdir}/libsoftokn3.so %{_libdir}/libsoftokn3.so
%{_libdir}/libsoftokn3.chk %{_libdir}/libsoftokn3.chk
%{_libdir}/libnssckbi.so
%{_libdir}/libfreebl3.so
%{_libdir}/libfreebl3.chk
%{_libdir}/libnssutil3.so
%{_libdir}/libnssdbm3.so
%{_libdir}/libnssdbm3.chk
%if %with_nsspem %if %with_nsspem
%{_libdir}/libnsspem.so %{_libdir}/libnsspem.so
%endif %endif
%dir %{_sysconfdir}/pki/nssdb #%dir %{_sysconfdir}/pki/nssdb
%config(noreplace) %{_sysconfdir}/pki/nssdb/cert8.db #%config(noreplace) %{_sysconfdir}/pki/nssdb/cert8.db
%config(noreplace) %{_sysconfdir}/pki/nssdb/key3.db #%config(noreplace) %{_sysconfdir}/pki/nssdb/key3.db
%config(noreplace) %{_sysconfdir}/pki/nssdb/secmod.db #%config(noreplace) %{_sysconfdir}/pki/nssdb/secmod.db
%post sysinit #%post sysinit
/sbin/ldconfig #/sbin/ldconfig
%{_sbindir}/setup-nsssysinit.sh on #%{_sbindir}/setup-nsssysinit.sh on
%preun sysinit #%preun sysinit
if [ $1 = 0 ]; then #if [ $1 = 0 ]; then
%{_sbindir}/setup-nsssysinit.sh off # %{_sbindir}/setup-nsssysinit.sh off
fi #fi
%postun sysinit -p /sbin/ldconfig #%postun sysinit -p /sbin/ldconfig
%files sysinit #%files sysinit
%defattr(-,root,root) #%defattr(-,root,root)
%{_sbindir}/setup-nsssysinit.sh #%{_sbindir}/setup-nsssysinit.sh
%{_libdir}/libnsssysinit.so #%config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/pki/nssdb/cert9.db
%config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/pki/nssdb/cert9.db #%config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/pki/nssdb/key4.db
%config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/pki/nssdb/key4.db #%config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/pki/nssdb/pkcs11.txt
%config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/pki/nssdb/pkcs11.txt
%files tools %files tools
%defattr(-,root,root) %defattr(-,root,root)
@ -303,9 +308,35 @@ fi
%{_libdir}/libnssb.a %{_libdir}/libnssb.a
%{_libdir}/libnssckfw.a %{_libdir}/libnssckfw.a
%{_libdir}/pkgconfig/nss.pc %{_libdir}/pkgconfig/nss.pc
%{_includedir}/nss3/ %{_includedir}/nss
%dir %{_includedir}/nss3
%{_includedir}/nss3/*
%changelog %changelog
* Sat Oct 08 2016 Silvan Calarco <silvan.calarco@mambasoft.it> 3.27.1-3mamba
- remove redhat coming possibly obsolete libnss-sysinit; install all libraries
* Sat Oct 08 2016 Silvan Calarco <silvan.calarco@mambasoft.it> 3.27.1-2mamba
- rebuilt with libsqlite 3.14.2.0
* Fri Oct 07 2016 Silvan Calarco <silvan.calarco@mambasoft.it> 3.27.1-1mamba
- update to 3.27.1
* Fri Oct 07 2016 Silvan Calarco <silvan.calarco@mambasoft.it> 3.26-2mamba
- rebuilt with libnspr 4.13
* Fri Oct 07 2016 Automatic Build System <autodist@mambasoft.it> 3.26-1mamba
- automatic version update by autodist
* Wed Jul 06 2016 Automatic Build System <autodist@mambasoft.it> 3.25-2mamba
- automatic version update by autodist
* Tue Jul 05 2016 Automatic Build System <autodist@mambasoft.it> 3.25-1mamba
- automatic version update by autodist
* Wed Jun 08 2016 Automatic Build System <autodist@mambasoft.it> 3.24-1mamba
- automatic version update by autodist
* Thu May 05 2016 Automatic Build System <autodist@mambasoft.it> 3.23-1mamba * Thu May 05 2016 Automatic Build System <autodist@mambasoft.it> 3.23-1mamba
- automatic version update by autodist - automatic version update by autodist

22
nss-pem-3.22-buildfix.patch
View File

@ -1,22 +0,0 @@
--- nss/lib/ckfw/pem/pinst.c.orig 2016-02-19 18:32:43.545902319 +0100
+++ nss/lib/ckfw/pem/pinst.c 2016-02-19 18:32:50.773900029 +0100
@@ -581,7 +581,7 @@
objid = pem_nobjs + 1;
- nickname = getUniquePEMNicknameFromFilename(certfile, i);
+ nickname = getUniquePEMNicknameFromFilename(certfile, 0);
if (!nickname) {
error = CKR_GENERAL_ERROR;
goto loser;
--- nss/lib/ckfw/pem/pinst.c.orig 2016-02-19 18:54:07.225438587 +0100
+++ nss/lib/ckfw/pem/pinst.c 2016-02-19 18:54:37.368427084 +0100
@@ -534,7 +534,7 @@
AddCertificate(char *certfile, char *keyfile, PRBool cacert,
CK_SLOT_ID slotID)
{
- pemInternalObject *o;
+ pemInternalObject *o = NULL;
CK_RV error = 0;
int objid, i;
int nobjs = 0;