rpms/esc
6
0
Fork 0
Code Issues Pull Requests Releases Activity

Pick up latest improvements.

Browse Source
This commit is contained in:
Jack Magne 2009-09-15 21:31:06 +00:00
parent 8f98baf36b
commit 0070dfee97
22 changed files with 1424 additions and 3729 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.cvsignore
View File

@ -1,2 +1 @@
esc-1.0.1.tar.bz2
xulrunner-1.8.0.4-source.tar.bz2
esc-1.1.0.tar.bz2

24
esc
View File

@ -18,10 +18,6 @@
# END COPYRIGHT BLOCK
DO_SECMODE="false"
SECURITY_URL=
DO_FORCEMODE="false"
DO_SHOW_VERSION="false"
ESC_ARGS=
@ -30,7 +26,7 @@ ESC_ARGS=
ESC_PROFILE_BASE=~/.redhat/esc
ESC_LOG_FILE=esc.log
ESC_PATH=$LIBDIR/esc-1.0.1
ESC_PATH=$LIBDIR/esc-1.1.0
ESC_BIN_PATH=/usr/bin
ESC_EXEC=esc
ESCD_EXEC=escd
@ -97,25 +93,10 @@ function processArgs {
#echo "Do show version!"
DO_SHOW_VERSION="true"
fi
if [ $DO_SECMODE == "true" ]
then
#echo "Sec Mode Url $arg"
SECURITY_URL=$arg
fi
if [ $arg == "-secmode" ]
then
DO_SECMODE="true"
#echo "Do security mode!"
fi
done
if [ $DO_SECMODE == "true" ]
then
#echo "Launch ESC in security mode!"
ARGS="--secmode $SECURITY_URL"
fi
}
processArgs $*
if [ ! -d $ESC_PROFILE_BASE ]
@ -180,7 +161,6 @@ else
#echo "esc not already running start up and bring up window."
./$ESC_EXEC &
sleep 4
#echo "done sleeping bring up esc window."
./$ESC_EXEC
exit 0

37
esc-1.0.1-admin-row-update.patch
View File

@ -1,37 +0,0 @@
--- ./esc/src/app/xul/esc/chrome/content/esc/ESC.js.fix3 2007-04-03 11:00:47.000000000 -0700
+++ ./esc/src/app/xul/esc/chrome/content/esc/ESC.js 2007-04-03 11:00:51.000000000 -0700
@@ -2249,6 +2249,7 @@
}
function UpdateAdminListRow( keyType, keyID)
{
+
if(!gAdminPage)
return;
@@ -2527,6 +2528,7 @@
{
recordMessage("EnrollCoolKey failed.");
}
+
if(gAdminPage)
{
UpdateAdminListRow(keyType,keyID);
@@ -3778,11 +3780,14 @@
UpdateEnrollmentArea(keyType,keyID,1);
}
- if(gAdminPage)
+
+ var adminWnd = IsPageWindowPresent(ADMIN_WINDOW);
+
+ if(adminWnd)
{
- SelectRowByKeyID(keyType, keyID);
- UpdateAdminListRow(keyType,keyID);
- UpdateAdminKeyDetailsArea(keyType,keyID);
+ adminWnd.SelectRowByKeyID(keyType, keyID);
+ adminWnd.UpdateAdminListRow(keyType,keyID);
+ adminWnd.UpdateAdminKeyDetailsArea(keyType,keyID);
}
}

14
esc-1.0.1-elif.patch
View File

@ -1,14 +0,0 @@
Patch by Robert Scheck <robert@fedoraproject.org> for esc >= 1.0.1, that corrects
the preprocessor conditional from empty (wrong) elif to else.
--- mozilla/toolkit/xre/nsAppRunner.cpp 2006-04-06 19:27:00.000000000 +0200
+++ mozilla/toolkit/xre/nsAppRunner.cpp.elif 2009-04-14 05:35:25.000000000 +0200
@@ -1157,7 +1157,7 @@
if (NS_FAILED(rv))
return rv;
-#elif
+#else
#error Oops, you need platform-specific code here
#endif

11
esc-1.0.1-lic-fix.patch
View File

@ -1,11 +0,0 @@
--- ./esc/src/app/xul/esc/application.ini.fix7 2007-08-30 10:13:53.000000000 -0700
+++ ./esc/src/app/xul/esc/application.ini 2007-08-30 10:14:19.000000000 -0700
@@ -25,7 +25,7 @@
Name=ESC
;
; This field specifies your application's version. This field is optional.
-Version=1.0.1-5
+Version=1.0.1-7
;
; This field specifies your application's build ID (timestamp). This field is
; required.

131
esc-1.0.1-log-fixes-1.patch
View File

@ -1,131 +0,0 @@
--- ./esc/src/lib/coolkey/NSSManager.cpp.fix6 2007-07-17 13:37:43.000000000 -0700
+++ ./esc/src/lib/coolkey/NSSManager.cpp 2007-07-17 13:38:40.000000000 -0700
@@ -46,11 +46,13 @@
static PRLogModuleInfo *coolKeyLogNSS = PR_NewLogModule("coolKeyNSS");
+unsigned int NSSManager::lastError;
NSSManager::NSSManager()
{
char tBuff[56];
PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("%s NSSManager::NSSManager:\n",GetTStamp(tBuff,56)));
mpSCMonitoringThread = NULL;
+ NSSManager::lastError = NSS_NO_ERROR;
#ifdef LINUX
systemCertDB = NULL;
#endif
@@ -111,6 +113,8 @@
if(!userModule || !userModule->loaded)
{
PR_LOG( coolKeyLogNSS, PR_LOG_ALWAYS, ("%s NSSManager::InitNSS problem loading PKCS11 module. No keys will be recognized!\n",GetTStamp(tBuff,56)));
+
+ NSSManager::lastError = NSS_ERROR_LOAD_COOLKEY;
return E_FAIL;
}
@@ -132,6 +136,7 @@
mpSCMonitoringThread = new SmartCardMonitoringThread(userModule);
if (!mpSCMonitoringThread) {
SECMOD_UnloadUserModule(userModule);
+ NSSManager::lastError = NSS_ERROR_SMART_CARD_THREAD;
return E_FAIL;
}
mpSCMonitoringThread->Start();
--- ./esc/src/lib/coolkey/CoolKey.cpp.fix6 2007-07-17 13:37:29.000000000 -0700
+++ ./esc/src/lib/coolkey/CoolKey.cpp 2007-07-17 13:38:28.000000000 -0700
@@ -1325,7 +1325,10 @@
return E_FAIL;
if(g_Log->IsInitialized())
+ {
+ CoolKeyLogNSSStatus();
return S_OK;
+ }
else
return E_FAIL;
}
@@ -1348,6 +1351,35 @@
return S_OK;
}
+COOLKEY_API HRESULT CoolKeyLogNSSStatus()
+{
+
+ char tBuff[56];
+ if (g_NSSManager)
+ {
+ unsigned int error = g_NSSManager->GetLastInitError();
+
+ if(error == NSS_NO_ERROR)
+ {
+ CoolKeyLogMsg( PR_LOG_ALWAYS, "%s NSS system intialized successfully!\n",GetTStamp(tBuff,56));
+ return S_OK;
+ }
+
+ if(error == NSS_ERROR_LOAD_COOLKEY)
+ {
+ CoolKeyLogMsg( PR_LOG_ERROR, "%s Failed to load CoolKey module! Keys will not be recognized!\n",GetTStamp(tBuff,56));
+ }
+
+ if(error == NSS_ERROR_SMART_CARD_THREAD)
+ {
+ CoolKeyLogMsg( PR_LOG_ERROR, "%s Problem initializing the Smart Card thread! Keys will not be recognized!\n",GetTStamp(tBuff,56));
+ }
+ }
+
+ return S_OK;
+
+}
+
//Utility function to get Time Stamp
char *GetTStamp(char *aTime,int aSize)
{
--- ./esc/src/lib/coolkey/NSSManager.h.fix6 2007-07-17 13:37:51.000000000 -0700
+++ ./esc/src/lib/coolkey/NSSManager.h 2007-07-17 13:38:43.000000000 -0700
@@ -26,6 +26,10 @@
#define PROMISCUOUS_PARAMETER "noAppletOK=yes"
#define NSS_PUBLIC_CERTS "slotFlags=PublicCerts"
+#define NSS_NO_ERROR 0
+#define NSS_ERROR_LOAD_COOLKEY 1
+#define NSS_ERROR_SMART_CARD_THREAD 2
+
#ifndef NSSMANAGER_H
#define NSSMANAGER_H
@@ -70,11 +74,14 @@
static HRESULT GetKeyIssuer(const CoolKey *aKey, char *aBuf, int aBufLength);
+ static unsigned int GetLastInitError() { return lastError;}
private:
static bool IsCACert(CERTCertificate *cert);
+ static unsigned int lastError;
+
#ifdef LINUX
PK11SlotInfo *systemCertDB;
#endif
--- ./esc/src/lib/coolkey/CoolKey.h.fix6 2007-07-17 13:37:35.000000000 -0700
+++ ./esc/src/lib/coolkey/CoolKey.h 2007-07-17 13:38:33.000000000 -0700
@@ -180,6 +180,7 @@
COOLKEY_API HRESULT CoolKeyLogMsg(int logLevel, const char *fmt, ...);
+COOLKEY_API HRESULT CoolKeyLogNSSStatus();
//Utility time function
char *GetTStamp(char *aTime,int aSize);
--- ./esc/src/app/xul/esc/application.ini.fix6 2007-07-17 13:36:59.000000000 -0700
+++ ./esc/src/app/xul/esc/application.ini 2007-07-17 13:37:16.000000000 -0700
@@ -25,7 +25,7 @@
Name=ESC
;
; This field specifies your application's version. This field is optional.
-Version=1.0.1-4
+Version=1.0.1-5
;
; This field specifies your application's build ID (timestamp). This field is
; required.

782
esc-1.0.1-log-fixes.patch
View File

@ -1,782 +0,0 @@
--- ./esc/src/lib/coolkey/CoolKey.cpp.fix5 2007-06-20 11:41:52.000000000 -0700
+++ ./esc/src/lib/coolkey/CoolKey.cpp 2007-06-20 11:46:20.000000000 -0700
@@ -16,6 +16,7 @@
* END COPYRIGHT BLOCK **/
#define FORCE_PR_LOG 1
+#define LINE_BUF_SIZE 512
#include "SlotUtils.h"
@@ -46,6 +47,161 @@
HRESULT ClearActiveKeyList(void);
ActiveKeyNode *GetNodeInActiveKeyList(const CoolKey *aKey);
+class CoolKeyLogger {
+public:
+
+ CoolKeyLogger(char *logFileName, int maxNumLines);
+ ~CoolKeyLogger();
+
+ void LogMsg(int logLevel, const char *fmt, ...);
+ void LogMsg(int logLevel,const char *msg, va_list argp);
+
+ void init();
+
+ int IsInitialized() { return initialized; }
+
+private:
+
+ void LockLog();
+ void UnlockLog();
+
+ PRLock *logLock;
+
+ int maxLines;
+
+ char *pathName;
+ PRFileDesc *fd;
+
+ int initialized;
+
+};
+
+CoolKeyLogger::CoolKeyLogger(char *logFileName, int maxNumLines)
+{
+ fd = NULL;
+ logLock = NULL;
+
+ maxLines = maxNumLines;
+ if(logFileName)
+ pathName = strdup(logFileName);
+ initialized = 0;
+}
+
+CoolKeyLogger::~CoolKeyLogger()
+{
+ char tBuff[56];
+
+ PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("%s ~CoolKeyLogger:\n",GetTStamp(tBuff,56)));
+ LockLog();
+
+ PR_Close(fd);
+
+ fd = NULL;
+
+ UnlockLog();
+
+ PR_DestroyLock(logLock);
+
+ logLock = NULL;
+
+ if(pathName)
+ free(pathName);
+
+ pathName = NULL;
+}
+
+void CoolKeyLogger::LockLog()
+{
+ PR_Lock(logLock);
+}
+
+void CoolKeyLogger::UnlockLog()
+{
+ PR_Unlock(logLock);
+}
+
+void CoolKeyLogger::init()
+{
+ char tBuff[56];
+
+ PRFileInfo info;
+
+ if( !pathName)
+ return;
+
+ logLock = PR_NewLock();
+
+ PRStatus rv = PR_GetFileInfo(pathName,&info);
+
+ int fileSize = 0;
+
+ if(rv == PR_SUCCESS)
+ {
+ fileSize = info.size;
+ PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("%s File info size %d! \n",GetTStamp(tBuff,56),fileSize));
+ }
+
+ //Assume average line size of about 40
+
+ if((fileSize / 40) > maxLines)
+ {
+
+ PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("%s Number of lines too big, truncate file %d! \n",GetTStamp(tBuff,56),fileSize / 80));
+
+ fd = PR_Open(pathName, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE, 0600);
+ }
+ else
+ {
+ fd = PR_Open(pathName, PR_WRONLY | PR_CREATE_FILE | PR_APPEND, 0600);
+ }
+
+ if(!fd)
+ return;
+
+ initialized = 1;
+
+ return;
+}
+
+void CoolKeyLogger::LogMsg(int logLevel, const char *fmt, ...)
+{
+ va_list ap;
+ char line[LINE_BUF_SIZE];
+
+ if(!initialized)
+ return;
+
+ va_start(ap, fmt);
+
+ int end = PR_vsnprintf(line, sizeof(line)-1, fmt, ap);
+
+ LockLog();
+
+ PR_Write(fd,line,end);
+
+ UnlockLog();
+
+ va_end(ap);
+}
+
+void CoolKeyLogger::LogMsg(int logLevel, const char *msg, va_list argp)
+{
+ char line[LINE_BUF_SIZE];
+
+ if(!initialized)
+ return;
+
+ int end = PR_vsnprintf(line, sizeof(line)-1, msg, argp);
+
+ LockLog();
+
+ PR_Write(fd,line,end);
+
+ UnlockLog();
+}
+
+static CoolKeyLogger *g_Log = NULL;
+
COOLKEY_API HRESULT CoolKeyInit(const char *aAppDir)
{
char tBuff[56];
@@ -92,6 +248,9 @@
g_NSSManager = 0;
}
+ if(g_Log)
+ delete g_Log ;
+
return S_OK;
}
@@ -903,7 +1062,7 @@
assert(cardCtxt);
if (!cardCtxt) {
- PR_LOG( coolKeyLog, PR_LOG_ERROR, ("%s Attempting to get key issuer info. Can't create Card Context !.\n",GetTStamp(tBuff,56)));
+ CoolKeyLogMsg( PR_LOG_ERROR, "%s Attempting to get key issuer info. Can't create Card Context !.\n",GetTStamp(tBuff,56));
result = E_FAIL;
goto done;
}
@@ -911,7 +1070,7 @@
conn = CKYCardConnection_Create(cardCtxt);
assert(conn);
if (!conn) {
- PR_LOG( coolKeyLog, PR_LOG_ERROR, ("%s Attempting to get key issuer info. Can't create Card Connection!\n",GetTStamp(tBuff,56)));
+ CoolKeyLogMsg( PR_LOG_ERROR, "%s Attempting to get key issuer info. Can't create Card Connection!\n",GetTStamp(tBuff,56));
result = E_FAIL;
goto done;
}
@@ -919,14 +1078,14 @@
readerName = GetReaderNameForKeyID(aKey);
assert(readerName);
if (!readerName) {
- PR_LOG( coolKeyLog, PR_LOG_ERROR, ("%s Attempting to get key issuer info. Can't get reader name!\n",GetTStamp(tBuff,56)));
+ CoolKeyLogMsg( PR_LOG_ERROR, "%s Attempting to get key issuer info. Can't get reader name!\n",GetTStamp(tBuff,56));
result = E_FAIL;
goto done;
}
status = CKYCardConnection_Connect(conn, readerName);
if (status != CKYSUCCESS) {
- PR_LOG( coolKeyLog, PR_LOG_ERROR, ("%s Attempting to get key issuer info. Can't connect to Card!\n",GetTStamp(tBuff,56)));
+ CoolKeyLogMsg( PR_LOG_ERROR, "%s Attempting to get key issuer info. Can't connect to Card!\n",GetTStamp(tBuff,56));
result = E_FAIL;
goto done;
@@ -938,7 +1097,7 @@
apduRC = 0;
status = CKYApplet_SelectCoolKeyManager(conn, &apduRC);
if (status != CKYSUCCESS) {
- PR_LOG( coolKeyLog, PR_LOG_ERROR, ("%s Attempting to get key issuer info. Can't select CoolKey manager!\n",GetTStamp(tBuff,56)));
+ CoolKeyLogMsg( PR_LOG_ERROR, "%s Attempting to get key issuer info. Can't select CoolKey manager!\n",GetTStamp(tBuff,56));
goto done;
}
@@ -946,7 +1105,7 @@
&apduRC);
if(status != CKYSUCCESS)
{
- PR_LOG( coolKeyLog, PR_LOG_ERROR, ("%s Attempting to get key issuer info. Error actually getting IssuerInfo!\n",GetTStamp(tBuff,56)));
+ CoolKeyLogMsg( PR_LOG_ERROR, "%s Attempting to get key issuer info. Error actually getting IssuerInfo!\n",GetTStamp(tBuff,56));
result = E_FAIL;
goto done;
}
@@ -1153,6 +1312,42 @@
return res;
}
+HRESULT CoolKeyInitializeLog(char *logFileName, int maxNumLines)
+{
+ if(g_Log)
+ return S_OK;
+
+ g_Log = new CoolKeyLogger(logFileName,maxNumLines);
+
+ if(g_Log)
+ g_Log->init();
+ else
+ return E_FAIL;
+
+ if(g_Log->IsInitialized())
+ return S_OK;
+ else
+ return E_FAIL;
+}
+
+HRESULT CoolKeyLogMsg(int logLevel, const char *fmt, ...)
+{
+
+ if(!g_Log)
+ return S_OK;
+
+ va_list ap;
+
+
+ va_start(ap, fmt);
+
+ g_Log->LogMsg(logLevel,fmt,ap);
+
+ va_end(ap);
+
+ return S_OK;
+}
+
//Utility function to get Time Stamp
char *GetTStamp(char *aTime,int aSize)
{
--- ./esc/src/lib/coolkey/CoolKey.h.fix5 2007-06-20 11:42:04.000000000 -0700
+++ ./esc/src/lib/coolkey/CoolKey.h 2007-06-20 11:46:37.000000000 -0700
@@ -176,6 +176,11 @@
COOLKEY_API int CoolKeyGetAppletVer(const CoolKey *aKey, const bool isMajor);
+COOLKEY_API HRESULT CoolKeyInitializeLog(char *logFileName, int maxNumLines);
+
+COOLKEY_API HRESULT CoolKeyLogMsg(int logLevel, const char *fmt, ...);
+
+
//Utility time function
char *GetTStamp(char *aTime,int aSize);
}
--- ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix5 2007-06-20 11:42:18.000000000 -0700
+++ ./esc/src/lib/coolkey/CoolKeyHandler.cpp 2007-06-20 11:46:26.000000000 -0700
@@ -453,7 +453,7 @@
const char *readerName = NULL;
if (!aKey || aKey->mKeyType != eCKType_CoolKey || !aKey->mKeyID) {
- PR_LOG( coolKeyLogHN, PR_LOG_ERROR, ("%s Cannot begin CoolKey operation. Insuficient input parameters. \n",GetTStamp(tBuff,56)));
+ CoolKeyLogMsg( PR_LOG_ERROR, "%s Cannot begin CoolKey operation. Insuficient input parameters. \n",GetTStamp(tBuff,56));
goto done;
}
@@ -466,14 +466,14 @@
if (!readerName) {
- PR_LOG( coolKeyLogHN, PR_LOG_ERROR, ("%s Cannot begin CoolKey operation. Cannot locate card reader name! \n",GetTStamp(tBuff,56)));
+ CoolKeyLogMsg( PR_LOG_ERROR, "%s Cannot begin CoolKey operation. Cannot locate card reader name! \n",GetTStamp(tBuff,56));
goto done;
}
mDataLock = PR_NewLock();
if (!mDataLock)
{
- PR_LOG( coolKeyLogHN, PR_LOG_ERROR, ("%s Cannot begin CoolKey operation. Cannnot initialize internal locking mechanism.\n",GetTStamp(tBuff,56)));
+ CoolKeyLogMsg( PR_LOG_ERROR, "%s Cannot begin CoolKey operation. Cannnot initialize internal locking mechanism.\n",GetTStamp(tBuff,56));
return E_FAIL;
}
@@ -481,7 +481,7 @@
mDataCondVar = PR_NewCondVar(mDataLock);
if (!mDataCondVar)
{
- PR_LOG( coolKeyLogHN, PR_LOG_ERROR, ("%s Cannot begin CoolKey operation. Cannot initialize internal syncronization mechanism.\n",GetTStamp(tBuff,56)));
+ CoolKeyLogMsg( PR_LOG_ERROR, "%s Cannot begin CoolKey operation. Cannot initialize internal syncronization mechanism.\n",GetTStamp(tBuff,56));
return E_FAIL;
}
@@ -493,7 +493,7 @@
if(!mCharHostName || !mRAUrl)
{
- PR_LOG( coolKeyLogHN, PR_LOG_ERROR, ("%s Cannot begin CoolKey operation. Didn't collect proper config information.\n",GetTStamp(tBuff,56)));
+ CoolKeyLogMsg( PR_LOG_ERROR, "%s Cannot begin CoolKey operation. Didn't collect proper config information.\n",GetTStamp(tBuff,56));
error_no = config_error_no;
goto done;
}
@@ -502,7 +502,7 @@
mCardContext = CKYCardContext_Create(SCARD_SCOPE_USER);
if (!mCardContext) {
- PR_LOG( coolKeyLogHN, PR_LOG_ERROR, ("%s Cannot begin CoolKey operation. Cannot create card context! \n",GetTStamp(tBuff,56)));
+ CoolKeyLogMsg( PR_LOG_ERROR, "%s Cannot begin CoolKey operation. Cannot create card context! \n",GetTStamp(tBuff,56));
error_no = CARD_CONTEXT_ERROR;
goto done;
}
@@ -510,7 +510,7 @@
mPDUWriter = new PDUWriterThread(this);
if (!mPDUWriter) {
error_no = PDU_WRITER_ERROR;
- PR_LOG( coolKeyLogHN, PR_LOG_ERROR, ("%s Cannot begin CoolKey operation. Cannot create internal PDU writer thread!\n",GetTStamp(tBuff,56)));
+ CoolKeyLogMsg( PR_LOG_ERROR, "%s Cannot begin CoolKey operation. Cannot create internal PDU writer thread!\n",GetTStamp(tBuff,56));
goto done;
}
@@ -581,7 +581,7 @@
if(!keyID)
{
- PR_LOG( coolKeyLogHN, PR_LOG_ERROR,("%s Collecting CoolKey preferences. Cannot get keyID , cannot proceed. \n",GetTStamp(tBuff,56)));
+ CoolKeyLogMsg( PR_LOG_ERROR,"%s Collecting CoolKey preferences. Cannot get keyID , cannot proceed. \n",GetTStamp(tBuff,56));
return;
}
@@ -621,7 +621,7 @@
if(!tps_url)
{
- PR_LOG( coolKeyLogHN, PR_LOG_ERROR, ("%s Collecting CoolKey preferences. Cannot find value for the TPS URL. \n",GetTStamp(tBuff,56)));
+ CoolKeyLogMsg( PR_LOG_ERROR, "%s Collecting CoolKey preferences. Cannot find value for the TPS URL. \n",GetTStamp(tBuff,56));
return;
}
@@ -651,7 +651,7 @@
pos = tps_url_str.find(non_ssl_str,0);
if(pos == string::npos)
{
- PR_LOG( coolKeyLogHN, PR_LOG_ERROR, ("%s Collecting CoolKey preferences. TPS URL has specified an illegal protocol! \n",GetTStamp(tBuff,56)));
+ CoolKeyLogMsg( PR_LOG_ERROR, "%s Collecting CoolKey preferences. TPS URL has specified an illegal protocol! \n",GetTStamp(tBuff,56));
return;
}
@@ -692,7 +692,7 @@
if(!host_name_port_str.length())
{
- PR_LOG( coolKeyLogHN, PR_LOG_ERROR, ("%s Collecting CoolKey preferences. Bad hostname and port value!.\n",GetTStamp(tBuff,56)));
+ CoolKeyLogMsg(PR_LOG_ERROR, "%s Collecting CoolKey preferences. Bad hostname and port value!.\n",GetTStamp(tBuff,56));
return;
}
@@ -1198,7 +1198,7 @@
PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("%s CoolKeyHandler::ProcessTokenPDU:\n",GetTStamp(tBuff,56)));
if(!req || !context)
{
- PR_LOG( coolKeyLogHN, PR_LOG_ERROR, ("%s Processing HTTP message. Bad input data. \n",GetTStamp(tBuff,56)));
+ CoolKeyLogMsg( PR_LOG_ERROR, "%s Processing HTTP message. Bad input data. \n",GetTStamp(tBuff,56));
return;
}
@@ -1210,7 +1210,7 @@
if(size == 0)
{
- PR_LOG( coolKeyLogHN, PR_LOG_ERROR, ("%s Processing HTTP message. Can't extract PDU data from message! \n",GetTStamp(tBuff,56)));
+ CoolKeyLogMsg(PR_LOG_ERROR, "%s Processing HTTP message. Can't extract PDU data from message! \n",GetTStamp(tBuff,56));
context->HttpDisconnect();
return;
}
@@ -1231,10 +1231,10 @@
CKYStatus status = CKYCardConnection_ExchangeAPDU(context->GetCardConnection(),
requestAPDU, &response);
if (status != CKYSUCCESS) {
- PR_LOG( coolKeyLogHN, PR_LOG_ERROR,
- ("%s Processing HTTP message. Can't write apdu to card! status %d response[0] %x response[1] %x error %d \n"
+ CoolKeyLogMsg( PR_LOG_ERROR,
+ "%s Processing HTTP message. Can't write apdu to card! status %d response[0] %x response[1] %x error %d \n"
,GetTStamp(tBuff,56) ,status,CKYBuffer_GetChar(&response,0),CKYBuffer_GetChar(&response,1),
- CKYCardConnection_GetLastError(context->GetCardConnection())));
+ CKYCardConnection_GetLastError(context->GetCardConnection()));
context->HttpDisconnect(ERR_CONN_TOKEN);
@@ -1248,7 +1248,7 @@
if(pduSizeRet == 0 || !pduDataRet )
{
- PR_LOG( coolKeyLogHN, PR_LOG_ERROR, ("%s Processing HTTP message. No PDU response from card! \n",GetTStamp(tBuff,56)));
+ CoolKeyLogMsg( PR_LOG_ERROR, "%s Processing HTTP message. No PDU response from card! \n",GetTStamp(tBuff,56));
context->HttpDisconnect(ERR_CONN_TOKEN);
return;
}
@@ -1267,7 +1267,7 @@
if(res == 0)
{
- PR_LOG( coolKeyLogHN, PR_LOG_ERROR, ("%s Processing HTTP message. Write back to TPS failed , disconnecting. \n",GetTStamp(tBuff,56)));
+ CoolKeyLogMsg( PR_LOG_ERROR, "%s Processing HTTP message. Write back to TPS failed , disconnecting. \n",GetTStamp(tBuff,56));
context->HttpDisconnect();
}
else
@@ -1619,32 +1619,33 @@
case ENROLL:
if (result == 0) {
- PR_LOG( coolKeyLogHN, PR_LOG_ALWAYS, ("%s Key Enrollment success.\n",GetTStamp(tBuff,56)));
+ CoolKeyLogMsg(PR_LOG_ALWAYS,"%s Key Enrollment success.\n",GetTStamp(tBuff,56));
CoolKeyAuthenticate(context->GetAutoCoolKey(), context->GetPIN());
CoolKeyNotify(context->GetAutoCoolKey(), eCKState_EnrollmentComplete,
context->GetScreenName() == NULL ? 1 : 0);
} else {
- PR_LOG( coolKeyLogHN, PR_LOG_ALWAYS, ("%s Key Enrollment failure. Error: %d.\n",GetTStamp(tBuff,56),description));
+ CoolKeyLogMsg( PR_LOG_ALWAYS, "%s Key Enrollment failure. Error: %d.\n",GetTStamp(tBuff,56),description);
CoolKeyNotify(context->GetAutoCoolKey(), eCKState_EnrollmentError, description); // XXX: Need INIT_FAILED error code!
}
break;
case RESET_PIN:
if (result == 0) {
- PR_LOG( coolKeyLogHN, PR_LOG_ALWAYS, ("%s Key Reset Password success.\n",GetTStamp(tBuff,56)));
+ CoolKeyLogMsg(PR_LOG_ALWAYS,"%s Key Reset Password success.\n",GetTStamp(tBuff,56));
+
CoolKeyAuthenticate(context->GetAutoCoolKey(), context->GetPIN());
CoolKeyNotify(context->GetAutoCoolKey(), eCKState_PINResetComplete, 0);
} else {
- PR_LOG( coolKeyLogHN, PR_LOG_ALWAYS, ("%s Key Reset Password failure. Error: %d.\n",GetTStamp(tBuff,56),description));
+ CoolKeyLogMsg(PR_LOG_ALWAYS, "%s Key Reset Password failure. Error: %d.\n",GetTStamp(tBuff,56),description);
CoolKeyNotify(context->GetAutoCoolKey(), eCKState_PINResetError, description); // XXX: Need PIN_RESET_FAILED error code!
}
break;
case FORMAT:
if (result == 0) {
- PR_LOG( coolKeyLogHN, PR_LOG_ALWAYS, ("%s Key Format success.\n",GetTStamp(tBuff,56)));
+ CoolKeyLogMsg( PR_LOG_ALWAYS, "%s Key Format success.\n",GetTStamp(tBuff,56));
CoolKeyNotify(context->GetAutoCoolKey(), eCKState_FormatComplete, 0);
} else {
- PR_LOG( coolKeyLogHN, PR_LOG_ALWAYS, ("%s Key Format failure. Error: %d.\n",GetTStamp(tBuff,56),description));
+ CoolKeyLogMsg( PR_LOG_ALWAYS, "%s Key Format failure. Error: %d.\n",GetTStamp(tBuff,56),description);
CoolKeyNotify(context->GetAutoCoolKey(), eCKState_FormatError, description); // XXX: Need FORMAT_FAILED error code!
}
break;
--- ./esc/src/app/xpcom/rhCoolKey.cpp.fix5 2007-06-20 11:39:16.000000000 -0700
+++ ./esc/src/app/xpcom/rhCoolKey.cpp 2007-06-20 11:43:35.000000000 -0700
@@ -726,6 +726,14 @@
}
+/* void CoolKeyInitializeLog (in string aPathName, in unsigned long aMaxLines); */
+NS_IMETHODIMP rhCoolKey::CoolKeyInitializeLog(const char *aPathName, PRUint32 aMaxLines)
+{
+ ::CoolKeyInitializeLog((char *)aPathName, aMaxLines);
+
+ return NS_OK;
+}
+
/* void CoolKeyLogMsg (in unsigned long aLogLevel, in string aMessage); */
NS_IMETHODIMP rhCoolKey::CoolKeyLogMsg(PRUint32 aLogLevel, const char *aMessage)
{
@@ -733,7 +741,8 @@
if(aMessage && ((PRLogModuleLevel) aLogLevel >= PR_LOG_NONE && aLogLevel <= PR_LOG_MAX))
{
- PR_LOG( coolKeyLog, (PRLogModuleLevel) aLogLevel, ("%s %s",GetTStamp(tBuff,56),aMessage));
+ ::CoolKeyLogMsg((PRLogModuleLevel) aLogLevel, "%s %s \n",GetTStamp(tBuff,56),aMessage);
+ PR_LOG( coolKeyLog, (PRLogModuleLevel) aLogLevel, ("%s %s",GetTStamp(tBuff,56),aMessage));
}
return NS_OK;
@@ -776,7 +785,7 @@
{
char tBuff[56];
- PR_LOG( coolKeyLog, PR_LOG_ALWAYS, ("%s Attempting to Enroll Key ,ID: %s \n",GetTStamp(tBuff,56),aKeyID));
+ ::CoolKeyLogMsg( PR_LOG_ALWAYS, "%s Attempting to Enroll Key ,ID: %s \n",GetTStamp(tBuff,56),aKeyID);
CoolKeyNode *node = GetCoolKeyInfo(aKeyType, aKeyID);
@@ -808,7 +817,7 @@
NS_IMETHODIMP rhCoolKey::ResetCoolKeyPIN(PRUint32 aKeyType, const char *aKeyID, const char *aScreenName, const char *aPIN, const char *aScreenNamePwd)
{
char tBuff[56];
- PR_LOG( coolKeyLog, PR_LOG_ALWAYS, ("%s Attempting to Reset Key PIN, ID: %s \n",GetTStamp(tBuff,56),aKeyID));
+ ::CoolKeyLogMsg( PR_LOG_ALWAYS, "%s Attempting to Reset Key PIN, ID: %s \n",GetTStamp(tBuff,56),aKeyID);
CoolKeyNode *node = GetCoolKeyInfo(aKeyType, aKeyID);
if (!node)
@@ -859,7 +868,7 @@
NS_IMETHODIMP rhCoolKey::FormatCoolKey(PRUint32 aKeyType, const char *aKeyID, const char *aEnrollmentType, const char *aScreenName, const char *aPIN, const char *aScreenNamePWord, const char *aTokenCode)
{
char tBuff[56];
- PR_LOG( coolKeyLog, PR_LOG_ALWAYS, ("%s Attempting to Format Key, ID: %s. ",GetTStamp(tBuff,56),aKeyID));
+ ::CoolKeyLogMsg( PR_LOG_ALWAYS, "%s Attempting to Format Key, ID: %s. ",GetTStamp(tBuff,56),aKeyID);
CoolKeyNode *node = GetCoolKeyInfo(aKeyType, aKeyID);
if (!node)
@@ -1203,7 +1212,7 @@
HRESULT res = CoolKeyGetIssuerInfo(&key, (char *)&issuerInfo,256);
- PR_LOG( coolKeyLog, PR_LOG_ALWAYS, ("%s Attempting to get the key's Issuer: Key: %s, Issuer %s. \n",GetTStamp(tBuff,56),aKeyID, (char *) issuerInfo));
+ ::CoolKeyLogMsg( PR_LOG_ALWAYS, "%s Attempting to get the key's Issuer: Key: %s, Issuer %s. \n",GetTStamp(tBuff,56),aKeyID, (char *) issuerInfo);
if(res == S_OK)
{
--- ./esc/src/app/xpcom/rhICoolKey.idl.fix5 2007-06-20 11:39:32.000000000 -0700
+++ ./esc/src/app/xpcom/rhICoolKey.idl 2007-06-20 11:43:51.000000000 -0700
@@ -32,6 +32,7 @@
void rhCoolKeyUnSetNotifyCallback(in rhIKeyNotify jsNotify);
+ void CoolKeyInitializeLog(in string aPathName, in unsigned long aMaxLines);
void CoolKeyLogMsg(in unsigned long aLogLevel, in string aMessage);
void BlinkCoolKey(in unsigned long aKeyType, in string aKeyID,in unsigned long aRate,in unsigned long aDuration);
--- ./esc/src/app/xul/esc/application.ini.fix5 2007-06-20 11:39:57.000000000 -0700
+++ ./esc/src/app/xul/esc/application.ini 2007-06-20 13:12:31.000000000 -0700
@@ -25,7 +25,7 @@
Name=ESC
;
; This field specifies your application's version. This field is optional.
-Version=1.0.1-3
+Version=1.0.1-4
;
; This field specifies your application's build ID (timestamp). This field is
; required.
--- ./esc/src/app/xul/esc/chrome/content/esc/settings.xul.fix5 2007-06-20 11:40:31.000000000 -0700
+++ ./esc/src/app/xul/esc/chrome/content/esc/settings.xul 2007-06-20 11:45:03.000000000 -0700
@@ -25,8 +25,8 @@
title="&escTitle;"
onload="InitializeAdminBindingList()"
onunload="cleanup()"
- width ="730"
- height= "460"
+ width ="720"
+ height= "415"
name="admin"
xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
--- ./esc/src/app/xul/esc/chrome/content/esc/ESC.js.fix5 2007-06-20 11:40:21.000000000 -0700
+++ ./esc/src/app/xul/esc/chrome/content/esc/ESC.js 2007-06-20 11:44:52.000000000 -0700
@@ -131,6 +131,9 @@
netkey = netkey.QueryInterface(Components.interfaces.rhICoolKey);
gNotify = new jsNotify;
netkey.rhCoolKeySetNotifyCallback(gNotify);
+
+ var logFileName = GetESCLogPathName("esc.log");
+ netkey.CoolKeyInitializeLog(logFileName, 1000);
} catch(e) {
MyAlert(getBundleString("errorUniversalXPConnect") + e);
}
@@ -167,33 +170,33 @@
var Status_Messages = new Array(
getBundleString("errorNone"),
- getBundleString("serverError"),
- getBundleString("errorProblemCommToken"),
+ getBundleString("errorInternalServer"),
+ getBundleString("errorInternalServer"),
getBundleString("errorProblemCommToken"),
getBundleString("errorProblemResetTokenPin"),
getBundleString("errorInternalServer"),
- getBundleString("errorInternalServer"),
+ getBundleString("errorLifeCyclePDU"),
getBundleString("errorTokenEnrollment"),
getBundleString("errorProblemCommToken"),
getBundleString("errorInternalServer"),
- getBundleString("errorCommCA"),
getBundleString("errorInternalServer"),
- getBundleString("errorResetPin"),
getBundleString("errorInternalServer"),
+ getBundleString("errorInternalServer"),
+ getBundleString("errorTermSecureConn"),
getBundleString("errorAuthFailure"),
getBundleString("errorInternalServer"),
getBundleString("errorTokenDisabled"),
- getBundleString("errorProblemCommToken"),
- getBundleString("errorInternalServer"),
+ getBundleString("errorSecureChannel"),
+ getBundleString("errorServerMisconfig"),
getBundleString("errorTokenUpgrade"),
getBundleString("errorInternalServer"),
- getBundleString("errorProblemCommToken"),
- getBundleString("errorInvalidTokenType"),
+ getBundleString("errorExternalAuth"),
getBundleString("errorInvalidTokenType"),
+ getBundleString("errorInvalidTokenTypeParams"),
getBundleString("errorCannotPublish"),
getBundleString("errorCommTokenDB"),
- getBundleString("errorTokenDisabled"),
- getBundleString("errorPinReset"),
+ getBundleString("errorTokenSuspended"),
+ getBundleString("errorPinResetable"),
getBundleString("errorConnLost"),
getBundleString("errorEntryTokenDB"),
getBundleString("errorNoTokenState"),
@@ -201,10 +204,10 @@
getBundleString("errorTokenUnusable"),
getBundleString("errorNoInactiveToken"),
getBundleString("errorProcessMultiTokens"),
+ getBundleString("errorTokenTerminated"),
getBundleString("errorInternalServer"),
- getBundleString("errorKeyRecoveryProcessed"),
getBundleString("errorKeyRecoveryFailed"),
- getBundleString("errorNoOperateLostToken"),
+ getBundleString("errorInternalServer"),
getBundleString("errorKeyArchival"),
getBundleString("errorConnTKS"),
getBundleString("errorFailUpdateTokenDB"),
@@ -559,9 +562,9 @@
function TestStatusMessages()
{
- for(i = 0 ; i < 48; i++)
+ for(i = 0 ; i < 49; i++)
{
- MyAlert(Status_Messages[i]);
+ MyAlert( i + " " + Status_Messages[i]);
}
}
@@ -4263,9 +4266,9 @@
var value = line.value;
- var colonIndex = value.indexOf(":");
+ //var colonIndex = value.indexOf(":");
- value = value.substring(colonIndex + 1);
+ //value = value.substring(colonIndex + 1);
lines.push(value);
} while(hasmore);
@@ -4484,3 +4487,29 @@
adminList.focus();
}
}
+
+function GetESCLogPathName(aName)
+{
+
+ if(!aName)
+ return null;
+
+ const logFileName = aName;
+
+ // Get executable directory
+
+ var file = Components.classes["@mozilla.org/file/directory_service;1"]
+ .getService(Components.interfaces.nsIProperties)
+ .get("ProfD", Components.interfaces.nsIFile);
+
+ file = file.parent;
+ file.append(logFileName);
+
+
+ //alert("LogPathName " + file.path);
+
+
+ return file.path;
+
+
+}
--- ./esc/src/app/xul/esc/chrome/locale/en-US/esc.properties.fix5 2007-06-20 11:40:51.000000000 -0700
+++ ./esc/src/app/xul/esc/chrome/locale/en-US/esc.properties 2007-06-20 11:45:50.000000000 -0700
@@ -85,40 +85,48 @@
#ESC Error Messages from TPS
errorNone=Operation Completed Successfully.
serverError=Smart Card Server error.
-errorProblemResetTokenPin=Internal Smart Card Server error.
-errorTokenEnrollment=Smart card enrollment error.
+errorProblemResetTokenPin=The Smart Card Server cannot reset your smart card's password.
+errorTokenEnrollment=The Smart Card Server cannot import the required certificates into your smart card.
+errorLifeCyclePDU=The Smart Card Server cannot finalize the enrollment of your smart card.
errorCommCA=Error communicating with the Certification Authority.
errorInternalServer=Internal Smart Card Server error.
errorResetPin=Error resetting the smart card's password.
errorInternalServer=Internal Smart Card Server error.
-errorAuthFailure=Smart Card Server authentication failure.
-errorTokenDisabled=Your smart card is listed as disabled.
-errorProblemCommToken=Problem communicating with the smart card.
-errorTokenUpgrade=Cannot upgrade smart card software.
-errorInvalidTokenType=Invalid smart card type.
-errorCannotPublish=Cannot publish smart card information.
-errorCommTokenDB=Cannot communicate with smart card database.
-errorPinReset=Cannot reset the password value for the smart card.
-errorConnLost=Connection to Smart Card Server.
-errorEntryTokenDB=Can not create entry for the smart card in the smart card database.
-errorNoTokenState=Smart card found to be in an inconsistent state.
-errorInvalidLostTokenReason=Invalid reason for lost smart card submitted.
-errorTokenUnusable=Smart card found to be unusable due to compromise.
-errorNoInactiveToken=No such inactive smart card found.
-errorProcessMultiTokens=Can not process more than one active smart card.
+errorAuthFailure=The Smart Card Server cannot validate your credentials. Please try again with the correct credentials.
+errorTokenDisabled=The Smart Card Server does not know about your smart card.
+errorSecureChannel=The Smart Card Server cannot establish a secure channel with the smart card.
+errorServerMisconfig=The Smart Card Server has not been configured correctly.
+errorProblemCommToken=Your smart card can not perform the operation requested by the Smart Card Server.
+errorExternalAuth=Your smart card cannot correctly identify the Smart Card Server.
+errorTokenUpgrade=The Smart Card Server cannot upgrade the software on your smart card.
+errorTermSecureConn=The Smart Card Server can not terminate the secure cummunications channel with the smart card.
+errorInvalidTokenType=The Smart Card Server does not recognize the requested type of card enrollment.
+errorInvalidTokenTypeParams=The Smart Card Server cannot process the requested type of enrollment due to a misconfiguration.
+errorCannotPublish=The Smart Card Server cannot publish your card's certificates to the certificate directory.
+errorCommTokenDB=The Smart Card Server cannot connect to its internal database.
+errorTokenSuspended=Your smart card has been suspended.
+errorPinResetable=You are not allowed to reset the password of this smart card.
+errorConnLost=The Smart Card Manager has lost the connection to the Smart Card Server.
+errorEntryTokenDB=The Smart Card Server cannot add your smart card to its internal database.
+errorNoTokenState=The Smart Card server does not recognize your smart card's current status.
+errorInvalidLostTokenReason=The Smart Card server cannot process your smart card which has been reported lost.
+errorTokenUnusable=The Smart Card Server cannot process your smart card which has been reported stolen.
+errorNoInactiveToken=The Smart Card Server cannot restore your smart card's security keys.
+errorProcessMultiTokens=The Smart Card Server has detected that you already have one enrolled smart card. The server only allows one enrolled card per user.
+errorTokenTerminated=The Smart Card Server can not process your smart card which is marked as terminated.
errorKeyRecoveryProcessed=Smart card key recovery has been processed.
-errorKeyRecoveryFailed=Smart card key recovery failed.
+errorKeyRecoveryFailed=The Smart Card Server can not restore the security keys onto your smart card.
errorNoOperateLostToken=Cannot process this smart card, which has been reported lost.
-errorKeyArchival=Smart card key archival error.
-errorConnTKS=Problem connecting to the Smart Card TKS Server.
-errorFailUpdateTokenDB=Failed to update smart card database.
-errorCertRevocation=Internal certificate revocation error discovered.
-errorNotOwnToken=User does not own this smart card.
-errorESCMisconfigured=Smart Card Manager has been misconfigured.
-errorESCNoCommCardReader=Smart Card Manager can't communicate with card reader.
-errorESCNoTokenSession=Smart Card Manager can't initiate session with smart card.
-errorESCNoTalkTPS=Smart Card Manager can't talk to Smart Card Server.
-errorESCNoTalkTokenReader=Smart Card Manager can't talk to smart card reader.
+errorKeyArchival=The Smart Card Server can not restore the security keys onto your smart card due to a server misconfiguration.
+errorConnTKS=The Smart Card server cannot contact its security key server,which is required for processing.
+errorFailUpdateTokenDB=The Smart Card Server cannot reset the status of your smart card.
+errorCertRevocation=The Smart Card Server cannot mark the security keys on your smart card as revoked.
+errorNotOwnToken=The Smart Card Server cannot process a smart card which you do not own.
+errorESCMisconfigured=The Smart Card Manager has been misconfigured.
+errorESCNoCommCardReader=The Smart Card Manager cannot initiate communications with the smart card.
+errorESCNoTokenSession=The Smart Card Manager cannot establish a communications session with the smart card.
+errorESCNoTalkTPS=The Smart Card Manager cannot initiate communications with the Smart Card Server.
+errorESCNoTalkTokenReader=The Smart Card Manager cannot finalize communications with the smart card.
#ESC text in general Alert messages
errorCoolKeyIsAuth=coolkey.GetCoolKeyIsAuthenticated() failed!
errorAuthCoolKey=coolkey.AuthenticateCoolKey failed!

14
esc-1.0.1-nss-devel-fix.patch
View File

@ -1,14 +0,0 @@
--- ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix9 2008-01-18 11:56:55.000000000 -0800
+++ ./esc/src/lib/coolkey/CoolKeyHandler.cpp 2008-01-18 11:59:12.000000000 -0800
@@ -49,6 +49,11 @@
#include <string>
+#ifndef CKO_NETSCAPE
+#define CKO_NETSCAPE CKO_NSS
+#endif
+
+
#ifndef CKO_MOZILLA_READER
#define CKO_MOZILLA_READER (CKO_NETSCAPE+5)
#define CKA_MOZILLA_IS_COOL_KEY (CKO_NETSCAPE+24)

1906
esc-1.0.1-ui-fixes-1.patch
View File

File diff suppressed because it is too large Load Diff

69
esc-1.0.1-xulrunner-sparc-fixes.patch
View File

@ -1,69 +0,0 @@
--- ./configure.in.sparc 2008-09-30 13:15:07.000000000 -0400
+++ ./configure.in 2008-09-30 13:17:36.000000000 -0400
@@ -1079,7 +1079,11 @@ Alpha | alpha | ALPHA)
CPU_ARCH=Alpha
;;
-x86_64 | sparc | ppc | ia64)
+sun4u | sparc*)
+ CPU_ARCH=sparc
+ ;;
+
+x86_64 | ia64)
CPU_ARCH="$CPU_ARCH_TEST"
;;
esac
@@ -1117,7 +1121,11 @@ if test "$GNU_CC"; then
# -Wbad-function-cast - warns when casting a function to a new return type
# -Wconversion - complained when char's or short's were used a function args
# -Wshadow - removed because it generates more noise than help --pete
- _WARNINGS_CFLAGS="${_WARNINGS_CFLAGS} -Wall -W -Wno-unused -Wpointer-arith -Wcast-align"
+ _WARNINGS_CFLAGS="${_WARNINGS_CFLAGS} -Wall -W -Wno-unused -Wpointer-arith"
+ if test "$CPU_ARCH" != "ia64" && test "$CPU_ARCH" != "sparc"; then
+ # don't use -Wcast-align on ia64 or sparc, it's noisy on those platforms
+ _WARNINGS_CFLAGS="${_WARNINGS_CFLAGS} -Wcast-align"
+ fi
dnl Turn pedantic on but disable the warnings for long long
_PEDANTIC=1
@@ -1136,7 +1144,11 @@ fi
if test "$GNU_CXX"; then
# Turn on GNU specific features
- _WARNINGS_CXXFLAGS="${_WARNINGS_CXXFLAGS} -Wall -Wconversion -Wpointer-arith -Wcast-align -Woverloaded-virtual -Wsynth -Wno-ctor-dtor-privacy -Wno-non-virtual-dtor"
+ _WARNINGS_CXXFLAGS="${_WARNINGS_CXXFLAGS} -Wall -Wconversion -Wpointer-arith -Woverloaded-virtual -Wsynth -Wno-ctor-dtor-privacy -Wno-non-virtual-dtor"
+ if test "$CPU_ARCH" != "ia64" && test "$CPU_ARCH" != "sparc"; then
+ # don't use -Wcast-align on ia64 or sparc, it's noisy on those platforms
+ _WARNINGS_CXXFLAGS="${_WARNINGS_CXXFLAGS} -Wcast-align"
+ fi
_DEFINES_CXXFLAGS='-DMOZILLA_CLIENT -include $(DEPTH)/mozilla-config.h'
_USE_CPP_INCLUDE_FLAG=1
--- ./modules/oji/public/nsIJVMPlugin.h.sparc 2008-09-30 13:13:01.000000000 -0400
+++ ./modules/oji/public/nsIJVMPlugin.h 2008-09-30 13:13:57.000000000 -0400
@@ -51,6 +51,7 @@
#include "nsISupports.h"
#include "nsIPrincipal.h"
#include "jni.h"
+#include "jstypes.h"
class nsISecureEnv;
@@ -90,7 +91,7 @@ public:
GetClassPath(const char* *result) = 0;
NS_IMETHOD
-#if PR_BYTES_PER_LONG == 8
+#if JS_BYTES_PER_LONG == 8 || JS_BYTES_PER_WORD == 8
GetJavaWrapper(JNIEnv* jenv, jlong obj, jobject *jobj) = 0;
#else
GetJavaWrapper(JNIEnv* jenv, jint obj, jobject *jobj) = 0;
@@ -114,7 +115,7 @@ public:
SpendTime(PRUint32 timeMillis) = 0;
NS_IMETHOD
-#if PR_BYTES_PER_LONG == 8
+#if JS_BYTES_PER_LONG == 8 || JS_BYTES_PER_WORD == 8
UnwrapJavaWrapper(JNIEnv* jenv, jobject jobj, jlong* obj) = 0;
#else
UnwrapJavaWrapper(JNIEnv* jenv, jobject jobj, jint* obj) = 0;

38
esc-1.1.0-fix1.patch Normal file
View File

@ -0,0 +1,38 @@
--- ./esc/src/app/xpcom/tray/Makefile.sdk.fix1 2009-04-17 13:39:58.000000000 -0700
+++ ./esc/src/app/xpcom/tray/Makefile.sdk 2009-04-17 14:18:17.000000000 -0700
@@ -23,20 +23,20 @@
include $(CORE_DEPTH)/coreconf/rules.mk
ifeq ($(OS_ARCH),Linux)
-CXXFLAGS += $(MOZ_GTK_CFLAGS) $(MOZ_GTK2_CFLAGS) $(NOTIFY_CXX_FLAGS)
+CXXFLAGS += $(MOZ_GTK_CFLAGS) $(MOZ_GTK2_CFLAGS) $(NOTIFY_CXX_FLAGS) -fPIC
endif
# Change this to point at your Gecko SDK directory.
ifndef GECKO_SDK_PATH
-GECKO_SDK_PATH =/usr/lib/xulrunner-sdk-1.9pre/sdk
+GECKO_SDK_PATH =/usr/lib/xulrunner-sdk-1.9/sdk
endif
GECKO_SDK_INCLUDE_PATH=$(GECKO_SDK_PATH)/include
ifndef GECKO_INCLUDE_PATH
-GECKO_INCLUDE_PATH=/usr/include/xulrunner-sdk-1.9pre
+GECKO_INCLUDE_PATH=/usr/include/xulrunner-sdk-1.9
endif
ifndef GECKO_BIN_PATH
-GECKO_BIN_PATH=/usr/lib/xulrunner-1.9pre
+GECKO_BIN_PATH=/usr/lib/xulrunner-1.9
endif
ifeq ($(OS_ARCH),Darwin)
@@ -148,6 +148,10 @@
endif
+ifeq ($(OS_ARCH),Linux)
+GECKO_LD_LIBS= -L$(GECKO_SDK_PATH)/lib $(GECKO_SDK_PATH)/lib/libxpcomglue_s.a
+endif
+
# GCC only define which allows us to not have to #include mozilla-config
# in every .cpp file. If your not using GCC remove this line and add

51
esc-1.1.0-fix2.patch Normal file
View File

@ -0,0 +1,51 @@
--- ./esc/src/lib/coolkey/SmartCardMonitoringThread.cpp.fix2 2009-04-18 13:19:20.000000000 -0700
+++ ./esc/src/lib/coolkey/SmartCardMonitoringThread.cpp 2009-04-18 13:20:23.000000000 -0700
@@ -104,12 +104,16 @@
char tBuff[56];
PK11SlotInfo *slot;
+ #ifdef LINUX
+ sleep(3);
+ #endif
+
PR_LOG( coolKeyLogSC, PR_LOG_DEBUG,
("%s SmartCardMonitoringThread::Execute.\n",GetTStamp(tBuff,56)));
//
// populate token names for already inserted tokens.
//
- PK11SlotList *sl =
+ /* PK11SlotList *sl =
PK11_FindSlotsByNames(mModule->dllName, NULL, NULL, PR_TRUE);
PK11SlotListElement *sle;
@@ -123,6 +127,8 @@
PK11_FreeSlotList(sl);
}
+ */
+
// loop starts..
do {
--- ./esc/src/app/xul/esc/chrome/content/esc/GenericAuth.xul.fix2 2009-04-18 13:21:34.000000000 -0700
+++ ./esc/src/app/xul/esc/chrome/content/esc/GenericAuth.xul 2009-04-18 13:21:47.000000000 -0700
@@ -24,7 +24,7 @@
id="esc-window"
title="&genericAuthTitle;"
width="400"
- height="225"
+ height="240"
onload="UiLoad();"
onunload="UiUnload();"
xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
--- ./esc/src/app/xul/esc/application.ini.fix2 2009-04-18 13:20:51.000000000 -0700
+++ ./esc/src/app/xul/esc/application.ini 2009-04-18 13:21:02.000000000 -0700
@@ -25,7 +25,7 @@
Name=ESC
;
; This field specifies your application's version. This field is optional.
-Version=1.1.0-1
+Version=1.1.0-3
;
; This field specifies your application's build ID (timestamp). This field is
; required.

22
esc-1.1.0-fix3.patch Normal file
View File

@ -0,0 +1,22 @@
--- ./esc/src/app/xul/esc/chrome/locale/en-US/esc.properties.fix3 2009-04-22 17:44:14.000000000 -0700
+++ ./esc/src/app/xul/esc/chrome/locale/en-US/esc.properties 2009-04-22 17:46:41.000000000 -0700
@@ -104,7 +104,7 @@
errorInvalidTokenTypeParams=The Smart Card Server cannot process the requested type of enrollment due to a misconfiguration.
errorCannotPublish=The Smart Card Server cannot publish your card's certificates to the certificate directory.
errorCommTokenDB=The Smart Card Server cannot connect to its internal database.
-errorTokenSuspended=Your smart card has been suspended.
+errorTokenSuspended=You are not allowed to perform this operation with this smart card.
errorPinResetable=You are not allowed to reset the password of this smart card.
errorConnLost=The Smart Card Manager has lost the connection to the Smart Card Server.
errorEntryTokenDB=The Smart Card Server cannot add your smart card to its internal database.
--- ./esc/src/app/xul/esc/application.ini.fix3 2009-04-22 17:38:49.000000000 -0700
+++ ./esc/src/app/xul/esc/application.ini 2009-04-22 17:39:14.000000000 -0700
@@ -25,7 +25,7 @@
Name=ESC
;
; This field specifies your application's version. This field is optional.
-Version=1.1.0-3
+Version=1.1.0-5
;
; This field specifies your application's build ID (timestamp). This field is
; required.

22
esc-1.1.0-fix4.patch Normal file
View File

@ -0,0 +1,22 @@
--- ./esc/src/lib/coolkey/manifest.mn.fix4 2009-04-23 14:13:21.000000000 -0700
+++ ./esc/src/lib/coolkey/manifest.mn 2009-04-23 14:15:00.000000000 -0700
@@ -27,7 +27,7 @@
ifndef MOZ_OFFSET
MOZ_OFFSET = mozilla-1.7.13
endif
-DEFINES += -I$(CORE_DEPTH)/esc/app/xpcom -I$(SYS_INC)/nspr4 -I$(SYS_INC)/nss3 -I$(SYS_INC)/PCSC -I$(SYS_INC)/$(MOZ_OFFSET)/nspr -I$(SYS_INC)/$(MOZ_OFFSET)/nss -I$(XULRUNNER_BASE)/dist/public/nss -I$(XULRUNNER_BASE)/dist/include/nspr -I$(GECKO_SDK_PATH)/include/nspr -I$(GECKO_SDK_PATH)/include/nss
+DEFINES += -I$(CORE_DEPTH)/esc/app/xpcom -I$(SYS_INC)/nspr4 -I$(SYS_INC)/nss3 -I$(SYS_INC)/PCSC -I$(SYS_INC)/$(MOZ_OFFSET)/nspr -I$(SYS_INC)/$(MOZ_OFFSET)/nss -I$(XULRUNNER_BASE)/dist/public/nss -I$(XULRUNNER_BASE)/dist/include/nspr -I$(GECKO_SDK_PATH)/include/nspr -I$(GECKO_SDK_PATH)/include/nss -fno-strict-aliasing
MAPFILE = $(OBJDIR)/ckymanager.def
#EXTRA_LIBS += -L$(DIST)/lib -lckyapplet
--- ./esc/src/app/xul/esc/application.ini.fix4 2009-04-23 14:12:52.000000000 -0700
+++ ./esc/src/app/xul/esc/application.ini 2009-04-23 14:13:01.000000000 -0700
@@ -25,7 +25,7 @@
Name=ESC
;
; This field specifies your application's version. This field is optional.
-Version=1.1.0-5
+Version=1.1.0-6
;
; This field specifies your application's build ID (timestamp). This field is
; required.

218
esc-1.1.0-fix5.patch Normal file
View File

@ -0,0 +1,218 @@
--- ./esc/src/lib/coolkey/SmartCardMonitoringThread.cpp.fix5 2009-06-08 14:14:44.000000000 -0700
+++ ./esc/src/lib/coolkey/SmartCardMonitoringThread.cpp 2009-06-08 14:15:03.000000000 -0700
@@ -159,7 +159,7 @@
/* if we think we have a token, but it's not the right one, or it's
* not there, then send a removal event */
- if (info && (!isPresent || (info->mSeries != PK11_GetSlotSeries(slot))) ) {
+ if (info && !isPresent) {
PR_LOG( coolKeyLogSC, PR_LOG_DEBUG,
("%s SmartCardMonitoringThread::Execute Token Removed : \n",GetTStamp(tBuff,56)));
--- ./esc/src/app/xul/esc/chrome/content/esc/certManager.xul.fix5 2009-06-08 13:46:19.000000000 -0700
+++ ./esc/src/app/xul/esc/chrome/content/esc/certManager.xul 2009-06-08 13:46:33.000000000 -0700
@@ -59,7 +59,6 @@
<script type="application/x-javascript" src="chrome://global/content/strres.js"/>
<script type="application/x-javascript" src="chrome://pippki/content/pippki.js"/>
<script type="application/x-javascript" src="chrome://pippki/content/certManager.js"/>
- <script type="application/x-javascript" src="escCertManager.js"/>
<vbox flex="1">
<tabbox id="certmanagertabs" flex="1" style="margin:5px">
--- ./esc/src/app/xul/esc/chrome/content/esc/password.xul.fix5 2009-06-08 14:04:16.000000000 -0700
+++ ./esc/src/app/xul/esc/chrome/content/esc/password.xul 2009-06-08 14:04:29.000000000 -0700
@@ -23,7 +23,6 @@
id="esc-window"
title="&getESCPassword;"
onload="PasswordLoad();"
- onunload="cleanup();"
xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
<stringbundle id="esc_strings" src="chrome://esc/locale/esc.properties"/>
--- ./esc/src/app/xul/esc/chrome/content/esc/ESC.js.fix5 2009-06-08 14:02:26.000000000 -0700
+++ ./esc/src/app/xul/esc/chrome/content/esc/ESC.js 2009-06-08 14:03:46.000000000 -0700
@@ -522,7 +522,10 @@
if(!string_id || !gStringBundle)
return null;
- str = gStringBundle.getString(string_id);
+ try {
+ str = gStringBundle.getString(string_id);
+ } catch(e) {
+ }
return str;
}
--- ./esc/src/app/xul/esc/application.ini.fix5 2009-06-08 13:44:59.000000000 -0700
+++ ./esc/src/app/xul/esc/application.ini 2009-06-08 13:45:15.000000000 -0700
@@ -25,7 +25,7 @@
Name=ESC
;
; This field specifies your application's version. This field is optional.
-Version=1.1.0-6
+Version=1.1.0-7
;
; This field specifies your application's build ID (timestamp). This field is
; required.
--- ./esc/win32/setup.iss.fix5 2009-06-08 14:16:04.000000000 -0700
+++ ./esc/win32/setup.iss 2009-06-08 14:16:26.000000000 -0700
@@ -4,43 +4,31 @@
[Setup]
AppName=Smart Card Manager
AppMutex=ESCMutex
-AppVerName=Smart Card Manager 1.1.0-3
-AppPublisher=Red Hat, Inc.
+AppVerName=Smart Card Manager 1.1.0-6
+AppPublisher=Fedora
CreateAppDir=true
Compression=lzma
SolidCompression=true
MinVersion=0,5.0.2195
ShowLanguageDialog=yes
-OutputBaseFilename=SmartCardManagerSetup-1.1.0-3.win32.i386
-DefaultDirName={pf}\Red Hat\ESC
+OutputBaseFilename=SmartCardManagerSetup-1.1.0-6.win32.i386
+DefaultDirName={pf}\Fedora\ESC
DisableProgramGroupPage=false
-DefaultGroupName=Red Hat
+DefaultGroupName=Fedora
SetupIconFile=BUILD\ESC\components\esc.ico
UninstallDisplayIcon={app}\components\esc.ico
-WizardImageFile=BUILD\ESC\chrome\content\esc\esc-image-large.bmp
+;WizardImageFile=BUILD\ESC\chrome\content\esc\esc-image-large.bmp
+WizardImageFile=esc-image-large.bmp
WizardSmallImageFile=BUILD\ESC\components\esc.bmp
AllowNoIcons=yes
LicenseFile=esc-license.txt
InfoBeforeFile=info-before.txt
InfoAfterFile=info-after.txt
PrivilegesRequired=admin
-VersionInfoVersion=1.1.0.3
+VersionInfoVersion=1.1.0.6
[Files]
-Source: BUILD\egate\slbmgpg.dll; DestDir: {win}\egate2.4; Flags: uninsneveruninstall
-Source: BUILD\egate\egate.cat; DestDir: {win}\egate2.4; Flags: uninsneveruninstall
-Source: BUILD\egate\egate.inf; DestDir: {win}\egate2.4; Flags: uninsneveruninstall
-Source: BUILD\egate\egate.sys; DestDir: {win}\egate2.4; Flags: uninsneveruninstall
-Source: BUILD\egate\egate_License.txt; DestDir: {win}\egate2.4; Flags: uninsneveruninstall
-Source: BUILD\egate\egatebus.cat; DestDir: {win}\egate2.4; Flags: uninsneveruninstall
-Source: BUILD\egate\egatebus.inf; DestDir: {win}\egate2.4; Flags: uninsneveruninstall
-Source: BUILD\egate\egatebus.sys; DestDir: {win}\egate2.4; Flags: uninsneveruninstall
-Source: BUILD\egate\egaterdr.cat; DestDir: {win}\egate2.4; Flags: uninsneveruninstall
-Source: BUILD\egate\egaterdr.inf; DestDir: {win}\egate2.4; Flags: uninsneveruninstall
-Source: BUILD\egate\egaterdr.sys; DestDir: {win}\egate2.4; Flags: uninsneveruninstall
-Source: BUILD\egate\egdrvins1.dll; DestDir: {win}\egate2.4; Flags: uninsneveruninstall
-Source: BUILD\egate\eginstall.exe; DestDir: {win}\egate2.4; Flags: ignoreversion
Source: BUILD\clkcsp.dll; DestDir: {sys}; Flags: regserver restartreplace
Source: BUILD\cspres.dll; DestDir: {sys}; Flags: restartreplace
Source: BUILD\pk11install.exe; DestDir: {app}\PKCS11
@@ -73,7 +61,6 @@
Source: BUILD\ESC\application.ini; DestDir: {app}
Source: BUILD\ESC\chrome\chrome.manifest; DestDir: {app}\chrome
Source: BUILD\ESC\chrome\content\esc\TRAY.js; DestDir: {app}\chrome\content\esc
-Source: BUILD\ESC\chrome\content\esc\CertInfo.js; DestDir: {app}\chrome\content\esc
;Source: BUILD\ESC\chrome\content\esc\certinfo.xul; DestDir: {app}\chrome\content\esc
Source: BUILD\ESC\chrome\content\esc\config.xul; DestDir: {app}\chrome\content\esc
Source: BUILD\ESC\chrome\content\esc\contents.rdf; DestDir: {app}\chrome\content\esc
@@ -110,19 +97,18 @@
Source: BUILD\ESC\xulrunner\mozctl.dll; DestDir: {app}\xulrunner
Source: BUILD\ESC\xulrunner\mozctlx.dll; DestDir: {app}\xulrunner
Source: BUILD\ESC\xulrunner\nspr4.dll; DestDir: {app}\xulrunner
-Source: BUILD\ESC\xulrunner\nspr4.dll; DestDir: {app}\PKCS11
+Source: BUILD\libnspr4.dll; DestDir: {app}\PKCS11
Source: BUILD\ESC\xulrunner\nss3.dll; DestDir: {app}\xulrunner
-Source: BUILD\ESC\xulrunner\nss3.dll; DestDir: {app}\PKCS11
Source: BUILD\ESC\xulrunner\nssckbi.dll; DestDir: {app}\xulrunner
Source: BUILD\ESC\xulrunner\plc4.dll; DestDir: {app}\xulrunner
-Source: BUILD\ESC\xulrunner\plc4.dll; DestDir: {app}\PKCS11
+Source: BUILD\libplc4.dll; DestDir: {app}\PKCS11
Source: BUILD\ESC\xulrunner\plds4.dll; DestDir: {app}\xulrunner
-Source: BUILD\ESC\xulrunner\plds4.dll; DestDir: {app}\PKCS11
+Source: BUILD\libplds4.dll; DestDir: {app}\PKCS11
Source: BUILD\ESC\xulrunner\README.txt; DestDir: {app}\xulrunner
Source: BUILD\ESC\xulrunner\smime3.dll; DestDir: {app}\xulrunner
Source: BUILD\ESC\xulrunner\softokn3.chk; DestDir: {app}\xulrunner
Source: BUILD\ESC\xulrunner\softokn3.dll; DestDir: {app}\xulrunner
-Source: BUILD\ESC\xulrunner\softokn3.dll; DestDir: {app}\PKCS11
+Source: BUILD\softokn3.dll; DestDir: {app}\PKCS11
Source: BUILD\ESC\xulrunner\ssl3.dll; DestDir: {app}\xulrunner
Source: BUILD\ESC\xulrunner\updater.exe; DestDir: {app}\xulrunner
Source: BUILD\ESC\xulrunner\xpcom.dll; DestDir: {app}\xulrunner
@@ -413,9 +399,6 @@
Source: BUILD\ESC\xulrunner\res\fonts\mathfontSTIXSize1.properties; DestDir: {app}\xulrunner\res\fonts
Source: BUILD\ESC\xulrunner\res\html\folder.png; DestDir: {app}\xulrunner\res\html
Source: BUILD\ESC\xulrunner\defaults\profile\localstore.rdf; DestDir: {app}\xulrunner\defaults\profile
-Source: BUILD\ESC\xulrunner\sqlite3.dll; DestDir: {app}\PKCS11
-Source: BUILD\ESC\xulrunner\mozcrt19.dll; DestDir: {app}\PKCS11
-Source: BUILD\ESC\xulrunner\nssutil3.dll; DestDir: {app}\PKCS11
Source: BUILD\ESC\xulrunner\dictionaries\en-US.aff; DestDir: {app}\dictionaries
Source: BUILD\ESC\xulrunner\dictionaries\en-US.dic; DestDir: {app}\dictionaries
Source: BUILD\ESC\xulrunner\modules\XPCOMUtils.jsm; DestDir: {app}\modules
@@ -429,7 +412,6 @@
[Run]
-Filename: {win}\egate2.4\eginstall.exe; Parameters: -f -l eginstall.txt; WorkingDir: {win}\egate2.4; Flags: waituntilterminated; StatusMsg: Installing smart card drivers....
Filename: {app}\PKCS11\pk11install.exe; Parameters: "-v ""name='CoolKey Module' library=coolkeypk11.dll NSS=""slotParams={{0x1=[slotFlags=PublicCerts]}"""""; WorkingDir: {sys}; StatusMsg: Configuring System for smart cards...
Filename: {app}\xulrunner\xulrunner.exe; Parameters: """--register-global"""
Filename: {app}\esc.exe; WorkingDir: {app}; StatusMsg: {code:GetEscStatusMsg}; Flags: nowait
@@ -450,12 +432,18 @@
Root: HKLM; Subkey: Software\Microsoft\Cryptography\Calais\SmartCards\Axalto Developer; ValueType: binary; ValueName: ATR; ValueData: 3b 75 94 00 00 62 02 02 00 00
; Now register the Gemalto 64K V2
-Root: HKLM; Subkey: Software\Microsoft\Cryptography\Calais\SmartCards\Gemalto 64K V2; ValueType: binary; ValueName: ATRMask: ValueData: ff ff ff ff ff ff ff ff ff ff; Flags: uninsdeletekey
+Root: HKLM; Subkey: Software\Microsoft\Cryptography\Calais\SmartCards\Gemalto 64K V2; ValueType: binary; ValueName: ATRMask; ValueData: ff ff 00 ff 00 ff ff ff 00 00; Flags: uninsdeletekey
-Root: HKLM; Subkey: Software\Microsoft\Cryptography\Calais\SmartCards\Gemalto 64 V2: ValueType: string; ValueName: Crypto Provider; ValueData: CoolKey PKCS #11 CSP
+Root: HKLM; Subkey: Software\Microsoft\Cryptography\Calais\SmartCards\Gemalto 64K V2; ValueType: string; ValueName: Crypto Provider; ValueData: CoolKey PKCS #11 CSP
-Root: HKLM; Subkey: Software\Microsoft\Cryptography\Calais\SmartCards\Gemalto 64 V2: ValueType: binary; ValueName: ATR; ValueData: 3b 95 95 40 ff ae 01 03 00 00
+Root: HKLM; Subkey: Software\Microsoft\Cryptography\Calais\SmartCards\Gemalto 64K V2; ValueType: binary; ValueName: ATR; ValueData: 3b 95 00 40 00 ae 01 03 00 00
+; Now register the Safenet 330J
+Root: HKLM; Subkey: Software\Microsoft\Cryptography\Calais\SmartCards\Safenet 330J; ValueType: binary; ValueName: ATRMask; ValueData: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00 00; Flags: uninsdeletekey
+
+Root: HKLM; Subkey: Software\Microsoft\Cryptography\Calais\SmartCards\Safenet 330J; ValueType: string; ValueName: Crypto Provider; ValueData: CoolKey PKCS #11 CSP
+
+Root: HKLM; Subkey: Software\Microsoft\Cryptography\Calais\SmartCards\Safenet 330J; ValueType: binary; ValueName: ATR; ValueData: 3b ec 00 ff 81 31 fe 45 a0 00 00 00 56 33 33 30 4a 33 06 00 00
Root: HKLM; Subkey: Software\
; Turn off the "pick a cert" dialog box
--- ./esc/win32/build.sh.fix5 2009-06-08 14:15:58.000000000 -0700
+++ ./esc/win32/build.sh 2009-06-08 14:16:33.000000000 -0700
@@ -37,6 +37,8 @@
NSS_ARCHIVE=$NSS_NAME-with-nspr-4.6.4
NSS_SOURCE_URL=https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_11_4_RTM/src/$NSS_ARCHIVE.tar.gz
+NSS_LIB_PATH=$NSS_NAME/mozilla/dist/WIN*/lib
+
#Inno installer values
#INNO_PATH="C:/Program Files/Inno Setup 5/ISCC.exe"
@@ -76,7 +78,7 @@
#ESC values
ESC_NAME=esc
-ESC_VERSION_NO=1.1.0-3
+ESC_VERSION_NO=1.1.0-6
#Cygwin values
@@ -462,6 +464,15 @@
cp esc-image-large.bmp BUILD/ESC/chrome/content/esc
+
+ #Transport the nss files needed for pk11install.exe
+
+ cp $NSS_LIB_PATH/softokn3.dll BUILD
+ cp $NSS_LIB_PATH/libplc4.dll BUILD
+ cp $NSS_LIB_PATH/libnspr4.dll BUILD
+ cp $NSS_LIB_PATH/libplds4.dll BUILD
+
+
# Build the INNO executable installer
"$INNO_PATH" setup.iss

884
esc-1.1.0-fix6.patch Normal file
View File

@ -0,0 +1,884 @@
--- ./esc/src/lib/NssHttpClient/engine.h.fix6 2009-06-19 16:07:39.000000000 -0700
+++ ./esc/src/lib/NssHttpClient/engine.h 2009-06-19 16:07:44.000000000 -0700
@@ -22,9 +22,17 @@
#include "response.h"
#include "request.h"
+struct BadCertData {
+ PRErrorCode error;
+ PRInt32 port;
+};
+
+typedef struct BadCertData BadCertData;
+
+
class __EXPORT Engine {
public:
- Engine() {};
+ Engine() { _certData = NULL; _sock=NULL;};
~Engine() {};
PRFileDesc *_doConnect(PRNetAddr *addr, PRBool SSLOn = PR_FALSE,
@@ -37,7 +45,8 @@
static PRIntervalTime globaltimeout;
PRFileDesc *_sock;
-
+ BadCertData *_certData;
+ BadCertData *getBadCertData() { return _certData;}
PRFileDesc *getSocket() { return _sock;}
bool connectionClosed ;
--- ./esc/src/lib/NssHttpClient/engine.cpp.fix6 2009-06-19 16:07:12.000000000 -0700
+++ ./esc/src/lib/NssHttpClient/engine.cpp 2009-06-19 16:07:29.000000000 -0700
@@ -16,6 +16,8 @@
* All rights reserved.
* END COPYRIGHT BLOCK **/
+#define FORCE_PR_LOG 1
+
#include <nspr.h>
#include "sslproto.h"
#include <prerror.h>
@@ -27,7 +29,7 @@
#include "certt.h"
#include "sslerr.h"
#include "secerr.h"
-
+#include "CoolKey.h"
#include "engine.h"
#include "http.h"
@@ -39,6 +41,9 @@
int cipherCount = 0;
int _doVerifyServerCert = 1;
+PRLogModuleInfo *httpEngineLog = PR_NewLogModule("coolKeyHttpEngine");
+
+
PRIntervalTime Engine::globaltimeout = PR_TicksPerSecond()*30;
/**
@@ -56,13 +61,26 @@
SECStatus secStatus = SECFailure;
PRErrorCode err;
+ char tBuff[56];
+
+ PR_LOG(httpEngineLog, PR_LOG_DEBUG,
+ ("%s myBadCertHandler enter. \n",GetTStamp(tBuff,56)));
+
/* log invalid cert here */
if ( !arg ) {
return secStatus;
}
- *(PRErrorCode *)arg = err = PORT_GetError();
+ err = PORT_GetError();
+
+ BadCertData *data = (BadCertData *) arg;
+ if(data) {
+ data->error = err;
+ }
+
+ PR_LOG(httpEngineLog, PR_LOG_DEBUG,
+ ("%s myBadCertHandler err: %d . \n",GetTStamp(tBuff,56),err));
/* If any of the cases in the switch are met, then we will proceed */
/* with the processing of the request anyway. Otherwise, the default */
@@ -91,6 +109,10 @@
break;
}
+ PR_LOG(httpEngineLog, PR_LOG_DEBUG,
+ ("%s myBadCertHandler status: %d . \n",GetTStamp(tBuff,56),secStatus));
+
+
return secStatus;
}
@@ -416,7 +438,6 @@
return;
}
-
void Engine::CloseConnection()
{
connectionClosed = true;
@@ -426,7 +447,14 @@
PR_Close(_sock);
_sock = NULL;
}
+
+ if(_certData)
+ {
+ delete _certData;
+ _certData = NULL;
+ }
}
+
/**
* Returns a file descriptor for I/O if the HTTP connection is successful
* @param addr PRnetAddr structure which points to the server to connect to
@@ -442,21 +470,19 @@
PRFileDesc *tcpsock = NULL;
PRFileDesc *sock = NULL;
connectionClosed = false;
+ _certData = new BadCertData();
tcpsock = PR_OpenTCPSocket(addr->raw.family);
-
if (!tcpsock) {
-
return NULL;
}
nodelay(tcpsock);
if (PR_TRUE == SSLOn) {
- sock=SSL_ImportFD(NULL, tcpsock);
-
+ sock=SSL_ImportFD(NULL, tcpsock);
if (!sock) {
//xxx log
if( tcpsock != NULL ) {
@@ -516,9 +542,23 @@
PRErrorCode errCode = 0;
- rv = SSL_BadCertHook( sock,
+ if(_certData) {
+ _certData->error = errCode;
+ _certData->port = PR_ntohs(PR_NetAddrInetPort(addr));
+ }
+
+ CoolKeyBadCertHandler overriddenHandler = CoolKeyGetBadCertHandler();
+
+ if(overriddenHandler) {
+ rv = SSL_BadCertHook( sock,
+ (SSLBadCertHandler)overriddenHandler,
+ (void *)_certData);
+ } else {
+ rv = SSL_BadCertHook( sock,
(SSLBadCertHandler)myBadCertHandler,
- &errCode );
+ (void *)_certData);
+ }
+
rv = SSL_SetURL( sock, serverName );
if (rv != SECSuccess ) {
@@ -536,8 +576,6 @@
sock = tcpsock;
}
-
-
if ( PR_Connect(sock, addr, timeout) == PR_FAILURE ) {
if( sock != NULL ) {
@@ -563,11 +601,17 @@
const PSHttpServer& server,
int timeout, PRBool expectChunked ,PRBool processStreamed) {
PRNetAddr addr;
- PRFileDesc *sock = NULL;
PSHttpResponse *resp = NULL;
PRBool response_code = 0;
+ char tBuff[56];
+
+ PR_LOG(httpEngineLog, PR_LOG_DEBUG,
+ ("%s HttpEngine::makeRequest enter. \n",GetTStamp(tBuff,56)));
+
+
+
server.getAddr(&addr);
char *nickName = request.getCertNickName();
@@ -575,8 +619,17 @@
char *serverName = (char *)server.getAddr();
_sock = _doConnect( &addr, request.isSSL(), 0, 0,nickName, 0, serverName );
+ PR_LOG(httpEngineLog, PR_LOG_DEBUG,
+ ("%s HttpEngine::makeRequest past doConnect sock: %p. \n",
+ GetTStamp(tBuff,56),_sock));
+
if ( _sock != NULL) {
PRBool status = request.send( _sock );
+
+ PR_LOG(httpEngineLog, PR_LOG_DEBUG,
+ ("%s HttpEngine::makeRequest past request.send status: %d. \n",
+ GetTStamp(tBuff,56),status));
+
if ( status ) {
resp = new PSHttpResponse( _sock, &request, timeout, expectChunked ,this);
response_code = resp->processResponse(processStreamed);
--- ./esc/src/lib/NssHttpClient/manifest.mn.fix6 2009-06-19 16:08:05.000000000 -0700
+++ ./esc/src/lib/NssHttpClient/manifest.mn 2009-06-19 16:08:13.000000000 -0700
@@ -24,7 +24,7 @@
MODULE = httpchunked
LIBRARY_NAME = $(MODULE)
SHARED_NAME = $(MODULE)
-REQUIRES = nss nspr
+REQUIRES = nss nspr ckymanager
ifndef MOZ_OFFSET
MOZ_OFFSET = mozilla-1.7.13
endif
--- ./esc/src/lib/coolkey/NSSManager.h.fix6 2009-06-19 16:06:41.000000000 -0700
+++ ./esc/src/lib/coolkey/NSSManager.h 2009-06-19 16:06:47.000000000 -0700
@@ -70,6 +70,8 @@
static HRESULT GetKeyCertNicknames( const CoolKey *aKey, vector<string> & aStrings );
+ static HRESULT GetKeyUID(const CoolKey *aKey, char *aBuf, int aBufLength);
+
static HRESULT GetKeyIssuedTo(const CoolKey *aKey, char *aBuf, int aBufLength);
static HRESULT GetKeyIssuer(const CoolKey *aKey, char *aBuf, int aBufLength);
--- ./esc/src/lib/coolkey/CoolKey.cpp.fix6 2009-06-19 16:02:43.000000000 -0700
+++ ./esc/src/lib/coolkey/CoolKey.cpp 2009-06-19 16:03:03.000000000 -0700
@@ -259,12 +259,14 @@
static CoolKeyRelease g_Release = NULL;
static CoolKeyGetConfigValue g_GetConfigValue = NULL;
static CoolKeySetConfigValue g_SetConfigValue = NULL;
+static CoolKeyBadCertHandler g_BadCertHandler = NULL;
char* CoolKeyVerifyPassword(PK11SlotInfo *,PRBool,void *);
COOLKEY_API HRESULT CoolKeySetCallbacks(CoolKeyDispatch dispatch,
CoolKeyReference reference, CoolKeyRelease release,
- CoolKeyGetConfigValue getconfigvalue,CoolKeySetConfigValue setconfigvalue)
+ CoolKeyGetConfigValue getconfigvalue,CoolKeySetConfigValue setconfigvalue,
+ CoolKeyBadCertHandler badcerthandler)
{
char tBuff[56];
g_Dispatch = dispatch;
@@ -272,6 +274,7 @@
g_Release = release;
g_GetConfigValue = getconfigvalue;
g_SetConfigValue = setconfigvalue;
+ g_BadCertHandler = badcerthandler;
char * suppressPINPrompt =(char*) CoolKeyGetConfig("esc.security.url");
@@ -997,6 +1000,16 @@
return NSSManager::GetKeyPolicy(aKey, aBuf, aBufLen);
}
+
+HRESULT
+CoolKeyGetUID(const CoolKey *aKey, char *aBuf, int aBufLength)
+{
+ if (!aKey || !aKey->mKeyID || !aBuf || aBufLength < 1)
+ return E_FAIL;
+
+ return NSSManager::GetKeyUID(aKey,aBuf,aBufLength);
+}
+
HRESULT
CoolKeyGetIssuedTo(const CoolKey *aKey, char *aBuf, int aBufLength)
{
@@ -1290,6 +1303,13 @@
return aCUID;
}
+CoolKeyBadCertHandler CoolKeyGetBadCertHandler()
+{
+ if(g_BadCertHandler)
+ return g_BadCertHandler;
+ return NULL;
+}
+
const char *CoolKeyGetConfig(const char *aValue)
{
if(!g_GetConfigValue || ! aValue)
--- ./esc/src/lib/coolkey/manifest.mn.fix6 2009-06-19 16:05:45.000000000 -0700
+++ ./esc/src/lib/coolkey/manifest.mn 2009-06-19 16:05:54.000000000 -0700
@@ -19,7 +19,6 @@
XULRUNNER_BASE=$(CORE_DEPTH)/dist/$(OBJDIR)//xulrunner_build
-
SYS_INC = /usr/include
MODULE = ckymanager
LIBRARY_NAME = $(MODULE)
@@ -41,7 +40,7 @@
SmartCardMonitoringThread.cpp \
$(NULL)
-EXPORTS = \
+EXPORTS = \
CoolKey.h \
$(NULL)
--- ./esc/src/lib/coolkey/NSSManager.cpp.fix6 2009-06-19 16:06:19.000000000 -0700
+++ ./esc/src/lib/coolkey/NSSManager.cpp 2009-06-19 16:06:28.000000000 -0700
@@ -369,7 +369,7 @@
aBuf[0]=0;
- PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("%s NSSManager::GetKeyIssuedTo \n",GetTStamp(tBuff,56)));
+ PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("%s NSSManager::GetKeyIssuer \n",GetTStamp(tBuff,56)));
if(!aKey )
return E_FAIL;
@@ -409,7 +409,7 @@
continue;
}
orgID = CERT_GetOrgName(&cert->subject);
- PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("%s NSSManager::GetKeyIssuedTo ourSlot %p curSlot %p org %s \n",GetTStamp(tBuff,56),slot,cert->slot,orgID));
+ PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("%s NSSManager::GetKeyIssuer ourSlot %p curSlot %p org %s \n",GetTStamp(tBuff,56),slot,cert->slot,orgID));
}
@@ -437,6 +437,85 @@
return S_OK;
}
+HRESULT NSSManager::GetKeyUID(const CoolKey *aKey, char *aBuf, int aBufLength)
+{
+ char tBuff[56];
+ if(!aBuf)
+ return E_FAIL;
+
+ aBuf[0]=0;
+
+ PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("%s NSSManager::GetKeyUID \n",GetTStamp(tBuff,56)));
+
+ if(!aKey )
+ return E_FAIL;
+
+ PK11SlotInfo *slot = GetSlotForKeyID(aKey);
+
+ if (!slot)
+ return E_FAIL;
+
+ CERTCertList *certs = PK11_ListCerts(PK11CertListAll,NULL);
+
+ if (!certs)
+ {
+ PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("%sNSSManager::GetKeyUID no certs found! \n",GetTStamp(tBuff,56)));
+ PK11_FreeSlot(slot);
+ return E_FAIL;
+ }
+
+ CERTCertListNode *node= NULL;
+
+ char *certID = NULL;
+
+ for( node = CERT_LIST_HEAD(certs);
+ ! CERT_LIST_END(node, certs);
+ node = CERT_LIST_NEXT(node))
+ {
+ if(node->cert)
+ {
+ CERTCertificate *cert = node->cert;
+
+ if(cert)
+ {
+ if(cert->slot == slot)
+ {
+ if(IsCACert(cert))
+ {
+ continue;
+ }
+
+ certID = CERT_GetCertUid(&cert->subject);
+
+ PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("%s NSSManager::GetKeyUID ourSlot %p curSlot %p certID %s \n",GetTStamp(tBuff,56),slot,cert->slot,certID));
+
+ }
+
+ if(certID)
+ break;
+ }
+ }
+
+ }
+
+ if(certID && ((int)strlen(certID) < aBufLength))
+ {
+ strcpy(aBuf,certID);
+ }
+
+ if(certs)
+ CERT_DestroyCertList(certs);
+
+ if(slot)
+ PK11_FreeSlot(slot);
+
+ if(certID)
+ PORT_Free(certID);
+
+ return S_OK;
+}
+
+
HRESULT NSSManager::GetKeyIssuedTo(const CoolKey *aKey, char *aBuf, int aBufLength)
{
char tBuff[56];
@@ -487,6 +566,10 @@
certID = CERT_GetCommonName(&cert->subject);
+ if(!certID) {
+ certID = CERT_GetCertUid(&cert->subject);
+ }
+
PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("%s NSSManager::GetKeyIssuedTo ourSlot %p curSlot %p certID %s \n",GetTStamp(tBuff,56),slot,cert->slot,certID));
}
--- ./esc/src/lib/coolkey/CoolKey.h.fix6 2009-06-19 16:04:59.000000000 -0700
+++ ./esc/src/lib/coolkey/CoolKey.h 2009-06-19 16:05:05.000000000 -0700
@@ -26,6 +26,7 @@
// platforms (coreconf will do the appropriate processing.
#define COOLKEY_API
+#include "ssl.h"
#include <string.h>
#include <stdlib.h>
#include <vector>
@@ -100,7 +101,7 @@
typedef HRESULT (*CoolKeySetConfigValue)(const char *name,const char *value);
typedef const char * (*CoolKeyGetConfigValue)(const char *name);
-
+typedef SECStatus (*CoolKeyBadCertHandler)(void *arg, PRFileDesc *fd);
extern "C" {
@@ -112,7 +113,8 @@
COOLKEY_API HRESULT CoolKeyUnregisterListener(CoolKeyListener* aListener);
COOLKEY_API HRESULT CoolKeySetCallbacks(CoolKeyDispatch dispatch,
CoolKeyReference reference, CoolKeyRelease release,
- CoolKeyGetConfigValue getconfigvalue,CoolKeySetConfigValue setconfigvalue);
+ CoolKeyGetConfigValue getconfigvalue,CoolKeySetConfigValue setconfigvalue,
+ CoolKeyBadCertHandler badcerthandler=NULL);
COOLKEY_API bool CoolKeyRequiresAuthentication(const CoolKey *aKey);
COOLKEY_API bool CoolKeyHasApplet(const CoolKey *aKey);
@@ -133,6 +135,8 @@
COOLKEY_API HRESULT CoolKeyGetCertInfo(const CoolKey *aKey, char *aCertNickname, std::string & aCertInfo);
+COOLKEY_API HRESULT CoolKeyGetUID(const CoolKey *aKey, char *aBuf, int aBufLength);
+
COOLKEY_API HRESULT CoolKeyGetIssuedTo(const CoolKey *aKey, char *aBuf, int aBufLength);
COOLKEY_API HRESULT CoolKeyGetIssuer(const CoolKey *aKey, char *aBuf, int aBufLength);
@@ -257,6 +261,9 @@
const char *CoolKeyGetConfig(const char *aName);
HRESULT CoolKeySetConfig(const char *aName,const char *aValue);
+CoolKeyBadCertHandler CoolKeyGetBadCertHandler();
+
+
}
--- ./esc/src/lib/coolkey/Makefile.fix6 2009-06-19 16:05:24.000000000 -0700
+++ ./esc/src/lib/coolkey/Makefile 2009-06-19 16:05:32.000000000 -0700
@@ -35,6 +35,9 @@
echo "Build Linux or Windows."
make -f common.mk
+export::
+ make -f common.mk export
+
endif
ifeq ($(OS_ARCH),Darwin)
--- ./esc/src/app/xul/esc/chrome/content/esc/certManager.xul.fix6 2009-06-19 16:01:21.000000000 -0700
+++ ./esc/src/app/xul/esc/chrome/content/esc/certManager.xul 2009-06-19 16:01:43.000000000 -0700
@@ -65,7 +65,7 @@
<tabs id="certMgrTabbox" onselect="CertsTabsSelected();">
<tab id="mine_tab" label="&certmgr.tab.mine;" selected="true"/>
<tab id="others_tab" hidden="true" label="&certmgr.tab.others2;"/>
- <tab id="websites_tab" hidden="true" label="&certmgr.tab.websites3;"/>
+ <tab id="websites_tab" hidden="false" label="&certmgr.tab.websites3;"/>
<tab id="ca_tab" hidden="false" label="&certmgr.tab.ca;"/>
<tab id="orphan_tab" hidden="true" label="&certmgr.tab.orphan2;"/>
--- ./esc/src/app/xpcom/rhCoolKey.cpp.fix6 2009-06-19 15:56:20.000000000 -0700
+++ ./esc/src/app/xpcom/rhCoolKey.cpp 2009-06-19 15:57:48.000000000 -0700
@@ -30,7 +30,7 @@
#else
#include "nsServiceManagerUtils.h"
#endif
-
+#include "pipnss/nsICertOverrideService.h"
#include "nsIPrefBranch.h"
#include "nsIPrefService.h"
#include "nsCOMPtr.h"
@@ -69,6 +69,7 @@
#endif
#define PSM_COMPONENT_CONTRACTID "@mozilla.org/psm;1"
+#define NS_CERTOVERRIDE_CONTRACTID "@mozilla.org/security/certoverride;1"
static const nsIID kIModuleIID = NS_IMODULE_IID;
static const nsIID kIFactoryIID = NS_IFACTORY_IID;
@@ -89,6 +90,7 @@
std::list< nsCOMPtr <rhIKeyNotify> > rhCoolKey::gNotifyListeners;
+PRLock* rhCoolKey::certCBLock=NULL;
PRBool rhCoolKey::gAutoEnrollBlankTokens = PR_FALSE;
@@ -190,6 +192,13 @@
mCSPListener = nsnull;
#endif
+ certCBLock = PR_NewLock();
+
+ if(!certCBLock) {
+ PR_LOG( coolKeyLog, PR_LOG_ERROR, ("%s Failed to create lock exiting! \n",GetTStamp(tBuff,56)));
+ exit(1);
+ }
+
PRBool res = InitInstance();
if(res == PR_FALSE)
@@ -207,6 +216,10 @@
char tBuff[56];
PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("%s rhCoolKey::~rhCoolKey: %p \n",GetTStamp(tBuff,56),this));
+
+ if(certCBLock) {
+ PR_DestroyLock(certCBLock);
+ }
}
void rhCoolKey::ShutDownInstance()
@@ -255,6 +268,212 @@
return S_OK;
}
+struct BadCertData {
+ PRErrorCode error;
+ PRInt32 port;
+};
+
+typedef struct BadCertData BadCertData;
+
+SECStatus rhCoolKey::badCertHandler(void *arg, PRFileDesc *fd)
+{
+ SECStatus secStatus = SECFailure;
+ PRErrorCode err;
+ char *host = NULL;
+ PRInt32 port = 0;
+ CERTCertificate *serverCert = NULL;
+ PRUint32 errorBits = 0;
+ char tBuff[56];
+
+ PR_Lock(certCBLock);
+
+ if (!arg || !fd) {
+ PR_Unlock(certCBLock);
+ return secStatus;
+ }
+
+ // Retrieve callback data from NssHttpClient
+ // Caller cleans up this data
+ BadCertData *data = (BadCertData *) arg;
+ data->error = err = PORT_GetError();
+
+
+ /* If any of the cases in the switch are met, then we will proceed */
+
+ switch (err) {
+ case SEC_ERROR_INVALID_AVA:
+ case SEC_ERROR_INVALID_TIME:
+ case SEC_ERROR_BAD_SIGNATURE:
+ case SEC_ERROR_EXPIRED_CERTIFICATE:
+ case SEC_ERROR_UNKNOWN_ISSUER:
+ case SEC_ERROR_UNTRUSTED_CERT:
+ case SEC_ERROR_CERT_VALID:
+ case SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE:
+ case SEC_ERROR_CRL_EXPIRED:
+ case SEC_ERROR_CRL_BAD_SIGNATURE:
+ case SEC_ERROR_EXTENSION_VALUE_INVALID:
+ case SEC_ERROR_CA_CERT_INVALID:
+ case SEC_ERROR_CERT_USAGES_INVALID:
+ case SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION:
+ case SEC_ERROR_EXTENSION_NOT_FOUND: // Added by Rob 5/21/2002
+ secStatus = SECSuccess;
+ break;
+ default:
+ secStatus = SECFailure;
+ break;
+ }
+
+ if(secStatus == SECSuccess) {
+ PR_Unlock(certCBLock);
+ return secStatus;
+ }
+
+ // Collect errors to compare with override service output
+ switch(err) {
+ case SEC_ERROR_UNTRUSTED_ISSUER:
+ errorBits |= nsICertOverrideService::ERROR_UNTRUSTED;
+ break;
+ case SSL_ERROR_BAD_CERT_DOMAIN:
+ errorBits |= nsICertOverrideService::ERROR_MISMATCH;
+ break;
+ case SEC_ERROR_EXPIRED_CERTIFICATE:
+ errorBits |= nsICertOverrideService::ERROR_TIME;
+ default:
+ break;
+ };
+
+ // Now proceed to see if we have an exception.
+ // Get the server certificate that was rejected.
+ serverCert = SSL_PeerCertificate(fd);
+
+ if(!serverCert) {
+ PR_Unlock(certCBLock);
+ return secStatus;
+ }
+
+ port = data->port;
+ host = SSL_RevealURL(fd);
+
+ if(!host || port <= 0) {
+ PR_Unlock(certCBLock);
+ return secStatus;
+ }
+
+ PR_LOG(coolKeyLog, PR_LOG_DEBUG,
+ ("%s rhCoolKey::badCertHandler enter: error: %d url: %s port: %d \n",
+ GetTStamp(tBuff,56),err,host,port)
+ );
+
+ PRBool isTemporaryOverride = PR_FALSE;
+ PRUint32 overrideBits = 0;
+ PRBool overrideResult = PR_FALSE;
+
+ // Use the nsICertOverrideService to see if we have
+ // previously trusted this certificate.
+ nsCOMPtr<nsICertOverrideService> overrideService =
+ do_GetService(NS_CERTOVERRIDE_CONTRACTID);
+
+ const nsEmbedCString nsHost(host);
+ nsEmbedCString hashAlg,fingerPrint;
+
+ nsresult nsrv;
+ unsigned char* fingerprint=NULL;
+ if(overrideService) {
+ nsrv = overrideService->GetValidityOverride((const nsACString &)nsHost,
+ port,(nsACString &)hashAlg,
+ (nsACString&)fingerPrint,&overrideBits,
+ &isTemporaryOverride,&overrideResult
+ );
+ if(nsrv == NS_OK) {
+ PR_LOG(coolKeyLog, PR_LOG_DEBUG,
+ ("%s rhCoolKey::badCertHandler res %d print %s len %d bits %u temp %d alg: %s \n",
+ GetTStamp(tBuff,56),overrideResult,fingerPrint.get(),
+ fingerPrint.Length(),overrideBits, isTemporaryOverride,hashAlg.get())
+ );
+ }
+
+ PRBool certMatches = PR_FALSE;
+
+ if( (nsrv == NS_OK) && overrideResult) {
+ SECItem oid;
+ oid.data = nsnull;
+ oid.len = 0;
+ SECStatus srv = SEC_StringToOID(nsnull, &oid,
+ hashAlg.get(), hashAlg.Length());
+
+ if (srv != SECSuccess) {
+ PR_Free(host);
+ host=NULL;
+ CERT_DestroyCertificate(serverCert);
+ serverCert=NULL;
+ PR_Unlock(certCBLock);
+ return secStatus;
+ }
+
+ SECOidTag oid_tag = SECOID_FindOIDTag(&oid);
+
+ unsigned int hash_len = HASH_ResultLenByOidTag(oid_tag);
+ fingerprint = new unsigned char[hash_len];
+
+ if(!fingerprint) {
+ CERT_DestroyCertificate(serverCert);
+ serverCert=NULL;
+ PR_Unlock(certCBLock);
+ return secStatus;
+ }
+
+ SECItem computedPrint;
+ memset(fingerprint, 0, sizeof fingerprint);
+ PK11_HashBuf(oid_tag, fingerprint,
+ serverCert->derCert.data, serverCert->derCert.len);
+ CERT_DestroyCertificate(serverCert);
+ serverCert=NULL;
+
+ computedPrint.data=fingerprint;
+ computedPrint.len=hash_len;
+
+ char *formattedPrint = CERT_Hexify(&computedPrint,1);
+ char *inputPrint = (char *)fingerPrint.get();
+
+ //Compare fingerprints.
+
+ if(formattedPrint && inputPrint) {
+ if(!PL_strcmp(formattedPrint, inputPrint))
+ certMatches = PR_TRUE;
+ }
+ PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("%s certMatches: %d \n",
+ GetTStamp(tBuff,56),certMatches)
+ );
+
+ if(formattedPrint) {
+ PORT_Free(formattedPrint);
+ formattedPrint = NULL;
+ }
+ } else {
+ PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("%s override test failed. \n",
+ GetTStamp(tBuff,56))
+ );
+ }
+
+ if( certMatches ) {
+ if(overrideBits | errorBits)
+ secStatus = SECSuccess;
+ }
+ }
+
+ PR_Free(host);
+ host = NULL;
+ if(fingerprint) {
+ delete [] fingerprint;
+ fingerprint = NULL;
+ }
+
+ PR_Unlock(certCBLock);
+
+ return secStatus;
+}
+
+
HRESULT rhCoolKey::doSetCoolKeyConfigValue(const char *aName, const char *aValue)
{
@@ -340,7 +559,7 @@
nssComponent
= do_GetService(PSM_COMPONENT_CONTRACTID);
- CoolKeySetCallbacks(Dispatch,Reference, Release,doGetCoolKeyConfigValue ,doSetCoolKeyConfigValue);
+ CoolKeySetCallbacks(Dispatch,Reference, Release,doGetCoolKeyConfigValue ,doSetCoolKeyConfigValue,badCertHandler);
mProxy = CreateProxyObject();
@@ -1262,6 +1481,38 @@
}
/* string GetCoolKeyIssuedTo (in unsigned long aKeyType, in string aKeyID); */
+NS_IMETHODIMP rhCoolKey::GetCoolKeyUID(PRUint32 aKeyType, const char *aKeyID, char **uid)
+{
+ char tBuff[56];
+ if (!aKeyID) {
+ return NS_ERROR_FAILURE;
+ }
+
+ AutoCoolKey key(aKeyType, ( char *)aKeyID);
+
+ char buff[512];
+ int bufLength = 512;
+ buff[0] = 0;
+
+ CoolKeyGetUID(&key, (char *) buff, bufLength);
+
+ if(!buff[0])
+ {
+ return NS_OK;
+ }
+
+ PR_LOG(coolKeyLog,PR_LOG_DEBUG,("%s rhCoolKey::RhGetCoolKeyGetUID %s \n",GetTStamp(tBuff,56),(char *) buff));
+
+ char *temp = (char *) nsMemory::Clone(buff,sizeof(char) * strlen(buff) + 1);
+
+ *uid = temp;
+
+ return NS_OK;
+
+}
+
+
+/* string GetCoolKeyIssuedTo (in unsigned long aKeyType, in string aKeyID); */
NS_IMETHODIMP rhCoolKey::GetCoolKeyIssuedTo(PRUint32 aKeyType, const char *aKeyID, char **issuedTo)
{
char tBuff[56];
--- ./esc/src/app/xpcom/rhICoolKey.idl.fix6 2009-06-19 16:00:20.000000000 -0700
+++ ./esc/src/app/xpcom/rhICoolKey.idl 2009-06-19 16:00:32.000000000 -0700
@@ -66,6 +66,8 @@
string GetCoolKeyCertInfo(in unsigned long aKeyType, in string aKeyID, in string aCertNickname);
+ string GetCoolKeyUID(in unsigned long aKeyType, in string aKeyID);
+
string GetCoolKeyIssuedTo(in unsigned long aKeyType, in string aKeyID);
string GetCoolKeyIssuer(in unsigned long aKeyType, in string aKeyID);
--- ./esc/src/app/xpcom/Makefile.sdk.fix6 2009-06-19 15:54:52.000000000 -0700
+++ ./esc/src/app/xpcom/Makefile.sdk 2009-06-19 15:55:43.000000000 -0700
@@ -109,7 +109,7 @@
CPPFLAGS += -fno-rtti \
-fno-exceptions \
-fshort-wchar -fPIC
-GECKO_LD_LIBS=-L$(GECKO_SDK_PATH)/lib $(GECKO_SDK_PATH)/lib/libxpcomglue.a -lnss3 -lcrmf -lssl3 -lsmime3 -lplds4 -lplc4 -lnspr4 -lpthread -ldl
+GECKO_LD_LIBS=-L$(GECKO_SDK_PATH)/lib $(GECKO_SDK_PATH)/lib/libxpcomglue.a -lnssutil3 -lnss3 -lcrmf -lssl3 -lsmime3 -lplds4 -lplc4 -lnspr4 -lpthread -ldl
endif
ifeq ($(OS_ARCH),WINNT)
@@ -145,7 +145,7 @@
GECKO_INCLUDES += -I $(GECKO_SDK_PATH)/sdk/include
OBJECT = rhCoolKey.obj
OBJECTCSP = CoolKeyCSP.obj
-COOL_LDFLAGS = -IMPLIB:fake-import /LIBPATH:$(CORE_DIST)/lib ckymanager.lib httpchunked.lib $(GECKO_LD_LIBS) nss3.lib ssl3.lib smime3.lib softokn3.lib /LIBPATH:$(CKY_LIB_LDD) libckyapplet.lib crypt32.lib kernel32.lib user32.lib gdi32.lib winmm.lib wsock32.lib advapi32.lib /NODEFAULTLIB:libc.lib
+COOL_LDFLAGS = -IMPLIB:fake-import /LIBPATH:$(CORE_DIST)/lib ckymanager.lib httpchunked.lib $(GECKO_LD_LIBS) nssutil3.lib nss3.lib ssl3.lib smime3.lib softokn3.lib /LIBPATH:$(CKY_LIB_LDD) libckyapplet.lib crypt32.lib kernel32.lib user32.lib gdi32.lib winmm.lib wsock32.lib advapi32.lib /NODEFAULTLIB:libc.lib
endif
ifeq ($(OS_ARCH),Darwin)
--- ./esc/src/app/xpcom/rhCoolKey.h.fix6 2009-06-19 15:58:21.000000000 -0700
+++ ./esc/src/app/xpcom/rhCoolKey.h 2009-06-19 15:58:28.000000000 -0700
@@ -22,6 +22,15 @@
#include "nsIGenericFactory.h"
#include "nsEmbedString.h"
#include <list>
+#include "nspr.h"
+#include "prio.h"
+#include "ssl.h"
+#include "pk11func.h"
+#include "cert.h"
+#include "sslerr.h"
+#include "secerr.h"
+#include "sechash.h"
+
#include "CoolKey.h"
#include "nsCOMPtr.h"
#include "nsIObserver.h"
@@ -92,6 +101,7 @@
static HRESULT doSetCoolKeyConfigValue(const char *aName, const char *aValue);
static const char *doGetCoolKeyConfigValue(const char *aName );
+ static SECStatus badCertHandler(void *arg, PRFileDesc *fd);
protected:
/* additional members */
@@ -107,6 +117,8 @@
static std::list< nsCOMPtr <rhIKeyNotify> > gNotifyListeners;
+ static PRLock* certCBLock;
+
rhICoolKey* mProxy;
static PRBool gAutoEnrollBlankTokens;

69
esc-1.1.0-fix7.patch Normal file
View File

@ -0,0 +1,69 @@
--- ./esc/src/lib/NssHttpClient/httpClientNss.cpp.fix7 2009-06-22 13:00:20.000000000 -0700
+++ ./esc/src/lib/NssHttpClient/httpClientNss.cpp 2009-06-22 13:05:07.000000000 -0700
@@ -64,8 +64,53 @@
PSHttpResponse *HttpClientNss::httpSendChunked(char *host_port, char *uri, char *method, char *body,PSChunkedResponseCallback cb,void *uw,PRBool doSSL,int messageTimeout )
{
-
- PSHttpServer server(host_port, PR_AF_INET);
+ char *pPort = NULL;
+ char *pPortActual = NULL;
+
+ char hostName[512];
+
+ /*
+ * Isolate the host name, account for IPV6 numeric addresses.
+ *
+ */
+
+ if(host_port)
+ strncpy(hostName,host_port,512);
+
+ pPort = hostName;
+ while(1) {
+ pPort = strchr(pPort, ':');
+ if (pPort) {
+ pPortActual = pPort;
+ pPort++;
+ } else
+ break;
+ }
+
+ if(pPortActual)
+ *pPortActual = '\0';
+
+ /*
+ * Rifle through the values for the host
+ */
+
+ PRAddrInfo *ai;
+ void *iter;
+ PRNetAddr addr;
+ int family = PR_AF_INET;
+
+ ai = PR_GetAddrInfoByName(hostName, PR_AF_UNSPEC, PR_AI_ADDRCONFIG);
+ if (ai) {
+ printf("%s\n", PR_GetCanonNameFromAddrInfo(ai));
+ iter = NULL;
+ while ((iter = PR_EnumerateAddrInfo(iter, ai, 0, &addr)) != NULL) {
+ family = PR_NetAddrFamily(&addr);
+ break;
+ }
+ PR_FreeAddrInfo(ai);
+ }
+
+ PSHttpServer server(host_port, family);
PSHttpRequest request( &server, uri, HTTP11, 0 );
_request = &request;
--- ./esc/src/app/xul/esc/application.ini.fix7 2009-06-22 15:34:32.000000000 -0700
+++ ./esc/src/app/xul/esc/application.ini 2009-06-22 15:35:11.000000000 -0700
@@ -25,7 +25,7 @@
Name=ESC
;
; This field specifies your application's version. This field is optional.
-Version=1.1.0-7
+Version=1.1.0-9
;
; This field specifies your application's build ID (timestamp). This field is
; required.

215
esc.spec
View File

@ -1,41 +1,37 @@
Name: esc
Version: 1.0.1
Release: 15%{?dist}
Version: 1.1.0
Release: 10%{?dist}
Summary: Enterprise Security Client Smart Card Client
License: GPL+
License: GPL
URL: http://directory.fedora.redhat.com/wiki/CoolKey
Group: Applications/Internet
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Patch1: firefox-1.5-with-system-nss.patch
Patch2: firefox-1.1-nss-system-nspr.patch
Patch3: esc-1.0.1-admin-row-update.patch
Patch4: esc-1.0.1-ui-fixes-1.patch
Patch5: esc-1.0.1-log-fixes.patch
Patch6: esc-1.0.1-log-fixes-1.patch
Patch7: esc-1.0.1-lic-fix.patch
Patch8: esc-1.0.1-misc.patch
Patch9: esc-1.0.1-nss-devel-fix.patch
Patch10: firefox.secalg.patch
Patch11: esc-1.0.1-xulrunner-sparc-fixes.patch
Patch12: esc-1.0.1-elif.patch
Patch1: esc-1.1.0-fix1.patch
Patch2: esc-1.1.0-fix2.patch
Patch3: esc-1.1.0-fix3.patch
Patch4: esc-1.1.0-fix4.patch
Patch5: esc-1.1.0-fix5.patch
Patch6: esc-1.1.0-fix6.patch
Patch7: esc-1.1.0-fix7.patch
BuildRequires: doxygen fontconfig-devel freetype-devel >= 2.1
BuildRequires: glib2-devel libIDL-devel atk-devel gtk2-devel libjpeg-devel
BuildRequires: pango-devel libpng-devel pkgconfig zlib-devel
BuildRequires: nspr-devel nss-devel
BuildRequires: autoconf213 libX11-devel libXt-devel
BuildRequires: xulrunner xulrunner-devel
BuildRequires: pcsc-lite-devel coolkey-devel
BuildRequires: desktop-file-utils zip binutils libnotify-devel
BuildRequires: dbus-devel
Requires: pcsc-lite ifd-egate coolkey nss nspr
Requires: zip dbus >= 0.90 libnotify >= 0.4.2
Requires: xulrunner
# 390 does not have coolkey or smartCards
# Xulrunner won't compile on ppc64 or sparc64 right now.
ExcludeArch: s390 s390x ppc64 sparc64
ExcludeArch: s390 s390x
# We can't allow the internal xulrunner to leak out
AutoReqProv: 0
@ -53,13 +49,14 @@ AutoReqProv: 0
%define docdir %{_defaultdocdir}/%{escname}
%define escappdir src/app/xpcom
%define escxuldir src/app/xul/esc
%define escxulchromeicons %{escxuldir}/chrome/icons/default
%define escdaemon escd
Source0: %{escname}.tar.bz2
Source1: esc
Source2: esc.desktop
Source3: xulrunner-1.8.0.4-source.tar.bz2
Source4: esc.png
Source3: esc.png
%description
@ -70,49 +67,44 @@ cryptographic smartcards.
%setup -q -c -n %{escname}
#Perform esc patching
#patch esc
%patch1 -p1 -b .fix1
%patch2 -p1 -b .fix2
%patch3 -p1 -b .fix3
%patch4 -p1 -b .fix4
%patch5 -p1 -b .fix5
%patch6 -p1 -b .fix6
%patch7 -p1 -b .fix7
%patch8 -p1 -b .fix8
%patch9 -p1 -b .fix9
#Unpack xulrunner where esc expects it to be.
%setup -T -D -a 3 -n %{escname}/esc/dist/src
#Perform the patching of xulrunner
cd mozilla
%patch1 -p1 -b .fix1
%patch2 -p1 -b .fix2
%patch10 -p1 -b .secalg
%patch11 -p1 -b .sparc
%patch12 -p1 -b .elif
%build
%ifarch x86_64 ppc64 ia64 sparc64
GECKO_SDK_PATH=%{_libdir}/xulrunner-sdk-1.9.1/sdk
GECKO_BIN_PATH=%{_libdir}/xulrunner-1.9.1
GECKO_INCLUDE_PATH=%{_includedir}/xulrunner-sdk-1.9.1
%ifarch x86_64 ppc64 ia64
USE_64=1
export USE_64
%endif
export GECKO_SDK_PATH
export GECKO_BIN_PATH
export GECKO_INCLUDE_PATH
# last setup call moved the current directory
cd ../..
cd esc
#cd ../..
cp %{SOURCE4} %{escxuldir}/%{esc_chromepath}
cp %{SOURCE3} %{escxuldir}/%{esc_chromepath}
rm -f %{escxulchromeicons}/*.ico
cp %{escxulchromeicons}/esc-window.xpm %{escxulchromeicons}/default.xpm
make BUILD_OPT=1 HAVE_LIB_NOTIFY=1 ESC_VERSION=%{version}-%{release}
make BUILD_OPT=1 HAVE_LIB_NOTIFY=1 ESC_VERSION=%{version}-%{release} USE_XUL_SDK=1
%install
cd ../../src/app/xpcom
cd esc/src/app/xpcom
mkdir -p $RPM_BUILD_ROOT/%{escbindir}
mkdir -p $RPM_BUILD_ROOT/%{icondir}
@ -125,18 +117,17 @@ mkdir -p $RPM_BUILD_ROOT/%{docdir}
sed -e 's;\$LIBDIR;'%{_libdir}';g' %{SOURCE1} > $RPM_BUILD_ROOT/%{escbindir}/%{name}
chmod 755 $RPM_BUILD_ROOT/%{escbindir}/esc
mkdir -p $RPM_BUILD_ROOT/%{escdir}
%ifarch x86_64 ppc64 ia64 sparc64
%ifarch x86_64 ppc64 ia64
USE_64=1
export USE_64
%endif
make BUILD_OPT=1 install DESTDIR=$RPM_BUILD_ROOT/%{escdir}
make BUILD_OPT=1 USE_XUL_SDK=1 install DESTDIR=$RPM_BUILD_ROOT/%{escdir}
rm -rf $RPM_BUILD_ROOT/%{escdir}/usr
@ -151,6 +142,11 @@ cp %{SOURCE2} $RPM_BUILD_ROOT/%{autostartdir}
cd %{_builddir}
cp %{escname}/esc/LICENSE $RPM_BUILD_ROOT/%{docdir}
chmod 755 -R $RPM_BUILD_ROOT/%{escdir}/chrome
chmod 755 -R $RPM_BUILD_ROOT/%{escdir}/defaults
chmod 755 $RPM_BUILD_ROOT/%{escdir}/application.ini
%clean
rm -rf $RPM_BUILD_ROOT
@ -158,44 +154,38 @@ rm -rf $RPM_BUILD_ROOT
%files
%defattr(-,root,root,-)
%dir %{escdir}
%{escdir}/esc
%{escdir}/escd
%{escbindir}/esc
%{escdir}/application.ini
%dir %{escdir}/chrome
%{escdir}/chrome/chrome.manifest
%{escdir}/chrome/content/
%{escdir}/chrome/locale/
%dir %{escdir}/chrome/icons
%{escdir}/chrome/icons/default/
%{escdir}/components/
%{escdir}/chrome/content
%{escdir}/chrome/locale
%{escdir}/chrome/icons/default
%{escdir}/components
%dir %{escdir}/defaults
%dir %{escdir}/defaults/preferences
%{escdir}/defaults/preferences/esc-prefs.js
%{escdir}/xulrunner/
#%{escdir}/xulrunner
%{icondir}/esc.png
%{pixmapdir}/esc.png
%{autostartdir}/esc.desktop
%{_datadir}/%{appdir}/esc.desktop
%dir %{docdir}
%doc %{docdir}/LICENSE
%preun
killall --exact -q escd
exit 0
%post
touch --no-create %{_datadir}/icons/hicolor || :
if [ -x %{_bindir}/gtk-update-icon-cache ]; then
%{_bindir}/gtk-update-icon-cache --quiet %{_datadir}/icons/hicolor || :
fi
%preun
killall --exact -q escd
exit 0
%postun
touch --no-create %{_datadir}/icons/hicolor || :
if [ -x %{_bindir}/gtk-update-icon-cache ]; then
@ -203,45 +193,70 @@ if [ -x %{_bindir}/gtk-update-icon-cache ]; then
fi
%changelog
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.1-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Tue Apr 14 2009 Robert Scheck <robert@fedoraproject.org> - 1.0.1-14
- Added a patch to correct the wrong elif preprocessor statement
* Tue Feb 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.1-13
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
* Sat Nov 8 2008 Michael Schwendt <mschwendt@fedoraproject.org> - 1.0.1-12
- Include lots of missing directories (#233833) and mark
recursively included directories in files list with a trailing slash.
* Tue Sep 30 2008 Tom "spot" Callaway <tcallawa@redhat.com> - 1.0.1-11
- xulrunner still broken for sparc64
* Tue Sep 30 2008 Tom "spot" Callaway <tcallawa@redhat.com> - 1.0.1-10
- fix esc for sparc/sparc64
* Wed Feb 13 2008 Jack Magne <jmagne@redhat.com>
- Fix xulrunner build problem.
* Fri Jan 18 2008 Jack Magne <jmagne@redhat.com>
- Fix tray icon menu issue #253248.
* Thu Aug 30 2007 Jack Magne <jmagne@redhat.com>
- License field change- 1.0.1-7
* Wed Aug 29 2007 Fedora Release Engineering <rel-eng at fedoraproject dot org> - 1.0.1-6
- Rebuild for selinux ppc32 issue.
* Tue Jul 17 2007 Jack Magne <jmagne@redhat.com>- 1.0.1-5
- Further fixes to the diagnostics logging.
* Wed Jun 20 2007 Jack Magne <jmagne@redhat.com>- 1.0.1-4
- Fixes to the diagnostics log files and esc error messages.
* Thu Apr 26 2007 Jack Magne <jmagne@redhat.com>- 1.0.1-3
- Many UI usability fixes.
* Tue Apr 03 2007 Jack Magne <jmagne@redhat.com>- 1.0.1-2
* Mon Mar 05 2007 Jack Magne <jmagne@redhat.com>- 1.0.1-1
- Stability fixes
* Fri Oct 27 2006 Jack Magne <jmagne@redhat.com>- 1.0.0-19
- More mac and win fixes.
* Tue Sep 15 2009 Jack Magne <jmagne@redhat.com>= 1.1.0-10
- Pick up latest improvements.
* Mon Jun 22 2009 Jack Magne <jmagne@redhat.com>= 1.1.0-9
- Related: #496410, also IPV6 support.
* Fri Jun 19 2009 Jack Magne <jmagne@redhat.com>= 1.1.0-8
- Related: #496410, SSL Conn fix.
* Mon Jun 8 2009 Jack Magne <jmagne@redhat.com>- 1.1.0-7
- Releated: #496410.
* Thu Apr 23 2009 Jack Magne <jmagne@redhat.com>- 1.1.0-6
- Related: #496410. Appease rpmdiff.
* Wed Apr 22 2009 Jack Magne <jmagne@redhat.com>- 1.1.0-5
- Related: #496410, addresses 494981, better error message.
* Wed Apr 22 2009 Jack Magne <jmagne@redhat.com>- 1.1.0-4
- Move to latest rebased code. Related #496410.
* Thu Dec 04 2008 Jack Magne <jmagne@redhat.com>- 1.0.0-39
- Resolves #469202 - Cert Viewer issue
* Tue Nov 11 2008 Jack Magne <jmagne@redhat.com>- 1.0.0-38
- Resolves #471923 - ESC Connection issue.
* Thu Oct 16 2008 Jack Magne <jmagne@redhat.com>- 1.0.0-37
- Resolves #467126 - Blank authentication dialog problem.
* Fri Sep 26 2008 Jack Magne <jmagne@redhat.com>- 1.0.0-36
- Related #200475 - Require the xulrunner package, Resolves #248493
* Thu Sep 18 2008 Jack Magne <jmagne@redhat.com>- 1.0.0-35
- Related 200475, make rpmdiff tests happy.
* Tue Sep 16 2008 Jack Magne <jmagne@redhat.com>- 1.0.0-34
- Resolves #200475 #253081 #437238
* Thu Jan 10 2008 Jack Magne <jmagne@redhat.com>- 1.0.0-33
- Resolves #25324a8 #253268
* Thu Jul 12 2007 Jack Magne <jmagne@redhat.com>- 1.0.0-32
- Resolves #248071 - ESC RPM unistall failure if daemon not running.
* Fri Jun 22 2007 Jack Magne <jmagne@redhat.com>- 1.0.0-31
- Related #208038 - Top things to put in diagnostics log
* Wed Jun 20 2007 Jack Magne <jmagne@redhat.com>- 1.0.0-30
- Related #204021
* Fri Jun 8 2007 Jack Magne <jmagne@redhat.com>- 1.0-0-29
- Related #212010
* Fri Jun 8 2007 Jack Magne <jmagne@redhat.com>- 1.0.0-28
- Resolves #212010
* Tue Jun 5 2007 Jack Magne <jmagne@redhat.com>- 1.0.0-27
- Resolves #203466 Better error message strings.
* Mon May 21 2007 Jack Magne <jmagne@redhat.com>- 1.0.0-26
- Related: #206783 Fix the launcher script to work with new logging.
* Fri May 11 2007 Jack Magne <jmagne@redhat.com>- 1.0.0-25
- Resolves: #206783.
* Mon Apr 23 2007 Jack Magne <jmagne@redhat.com>- 1.0.0-24
- More Desktop appearance fixes.
- Related: #208749
* Mon Apr 23 2007 Jack Magne <jmagne@redhat.com>- 1.0.0-23
- Desktop appearance fixes.
- Related: #208749
* Thu Apr 19 2007 Jack Magne <jmagne@redhat.com>- 1.0.0-22
- Second drop of 5.1 fixes.
- Resolves: #203934, #203935, #204959, #206780, #206792, #207721
- Resolves: #207816, #206791
- Related: #208749
* Wed Apr 18 2007 Jack Magne <jmagne@redhat.com>- 1.0.0-21
- First 5.1 fixes.
- Resolves: #203757, #203806, #204661, #205856, #206788, #206791
- Resolves: #208037, #208333, #210589, #210590, #213912, #226913
- Resolves: #204021, #205498, #224436
* Tue Nov 28 2006 Jack Magne <jmagne@redhat.com>- 1.0.0-20
- fix for bug to commit config changes immediately. Bug #210988
* Wed Nov 15 2006 Jack Magne <jmagne@redhat.com>- 1.0.0-19
-fix for escd double free problem. Bug #209882
* Tue Oct 24 2006 Jack Magne <jmagne@redhat.com>- 1.0.0-18
-rebuilt on RHEL-5 branch
* Sun Oct 4 2006 Jack Magne <jmagne@redhat.com>- 1.0.0-17

627
firefox-1.5-with-system-nss.patch
View File

@ -1,627 +0,0 @@
Index: mozilla/configure.in
===================================================================
RCS file: /cvsroot/mozilla/configure.in,v
retrieving revision 1.1503.2.15
diff -u -r1.1503.2.15 configure.in
--- mozilla/configure.in 4 Oct 2005 05:53:49 -0000 1.1503.2.15
+++ mozilla/configure.in 15 Dec 2005 05:40:40 -0000
@@ -86,6 +86,7 @@
MOZPNG=10207
MOZZLIB=1.2.3
NSPR_VERSION=4
+NSS_VERSION=3
dnl Set the minimum version of toolkit libs used by mozilla
dnl ========================================================
@@ -3472,6 +3473,19 @@
fi
fi
+dnl ========================================================
+dnl = If NSS was not detected in the system,
+dnl = use the one in the source tree (mozilla/security/nss)
+dnl ========================================================
+
+MOZ_ARG_WITH_BOOL(system-nss,
+[ --with-system-nss Use system installed NSS],
+ _USE_SYSTEM_NSS=1 )
+
+if test -n "$_USE_SYSTEM_NSS"; then
+ AM_PATH_NSS(3.0.0, [MOZ_NATIVE_NSS=1], [MOZ_NATIVE_NSS=])
+fi
+
if test -z "$SKIP_LIBRARY_CHECKS"; then
dnl system JPEG support
dnl ========================================================
@@ -6698,6 +6712,10 @@
AC_SUBST(NSPR_LIBS)
AC_SUBST(MOZ_NATIVE_NSPR)
+AC_SUBST(NSS_CFLAGS)
+AC_SUBST(NSS_LIBS)
+AC_SUBST(MOZ_NATIVE_NSS)
+
AC_SUBST(CFLAGS)
AC_SUBST(CXXFLAGS)
AC_SUBST(CPPFLAGS)
Index: mozilla/configure
===================================================================
RCS file: /cvsroot/mozilla/configure,v
retrieving revision 1.1492.2.17
diff -u -r1.1492.2.17 configure
--- mozilla/configure 4 Oct 2005 06:01:48 -0000 1.1492.2.17
+++ mozilla/configure 15 Dec 2005 05:40:53 -0000
@@ -44,6 +44,13 @@
--with-nspr-exec-prefix=PFX
Exec prefix where NSPR is installed"
ac_help="$ac_help
+ --with-system-nss Use system installed NSS"
+ac_help="$ac_help
+ --with-nss-prefix=PFX Prefix where NSS is installed"
+ac_help="$ac_help
+ --with-nss-exec-prefix=PFX
+ Exec prefix where NSS is installed"
+ac_help="$ac_help
--with-system-jpeg[=PFX]
Use system libjpeg [installed at prefix PFX]"
ac_help="$ac_help
@@ -1020,6 +1027,7 @@
MOZPNG=10207
MOZZLIB=1.2.3
NSPR_VERSION=4
+NSS_VERSION=3
GLIB_VERSION=1.2.0
GTK_VERSION=1.2.0
@@ -11300,6 +11308,123 @@
fi
fi
+
+# Check whether --with-system-nss or --without-system-nss was given.
+if test "${with_system_nss+set}" = set; then
+ withval="$with_system_nss"
+ if test "$withval" = "yes"; then
+ _USE_SYSTEM_NSS=1
+ elif test "$withval" = "no"; then
+ :
+ else
+ { echo "configure: error: Option, system-nss, does not take an argument ($withval)." 1>&2; exit 1; }
+ fi
+fi
+
+
+if test -n "$_USE_SYSTEM_NSS"; then
+
+# Check whether --with-nss-prefix or --without-nss-prefix was given.
+if test "${with_nss_prefix+set}" = set; then
+ withval="$with_nss_prefix"
+ nss_config_prefix="$withval"
+else
+ nss_config_prefix=""
+fi
+
+
+# Check whether --with-nss-exec-prefix or --without-nss-exec-prefix was given.
+if test "${with_nss_exec_prefix+set}" = set; then
+ withval="$with_nss_exec_prefix"
+ nss_config_exec_prefix="$withval"
+else
+ nss_config_exec_prefix=""
+fi
+
+
+ if test -n "$nss_config_exec_prefix"; then
+ nss_config_args="$nss_config_args --exec-prefix=$nss_config_exec_prefix"
+ if test -z "$NSS_CONFIG"; then
+ NSS_CONFIG=$nss_config_exec_prefix/bin/nss-config
+ fi
+ fi
+ if test -n "$nss_config_prefix"; then
+ nss_config_args="$nss_config_args --prefix=$nss_config_prefix"
+ if test -z "$NSS_CONFIG"; then
+ NSS_CONFIG=$nss_config_prefix/bin/nss-config
+ fi
+ fi
+
+ unset ac_cv_path_NSS_CONFIG
+ # Extract the first word of "nss-config", so it can be a program name with args.
+set dummy nss-config; ac_word=$2
+echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
+echo "configure:11363: checking for $ac_word" >&5
+if eval "test \"`echo '$''{'ac_cv_path_NSS_CONFIG'+set}'`\" = set"; then
+ echo $ac_n "(cached) $ac_c" 1>&6
+else
+ case "$NSS_CONFIG" in
+ /*)
+ ac_cv_path_NSS_CONFIG="$NSS_CONFIG" # Let the user override the test with a path.
+ ;;
+ ?:/*)
+ ac_cv_path_NSS_CONFIG="$NSS_CONFIG" # Let the user override the test with a dos path.
+ ;;
+ *)
+ IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":"
+ ac_dummy="$PATH"
+ for ac_dir in $ac_dummy; do
+ test -z "$ac_dir" && ac_dir=.
+ if test -f $ac_dir/$ac_word; then
+ ac_cv_path_NSS_CONFIG="$ac_dir/$ac_word"
+ break
+ fi
+ done
+ IFS="$ac_save_ifs"
+ test -z "$ac_cv_path_NSS_CONFIG" && ac_cv_path_NSS_CONFIG="no"
+ ;;
+esac
+fi
+NSS_CONFIG="$ac_cv_path_NSS_CONFIG"
+if test -n "$NSS_CONFIG"; then
+ echo "$ac_t""$NSS_CONFIG" 1>&6
+else
+ echo "$ac_t""no" 1>&6
+fi
+
+ min_nss_version=3.0.0
+ echo $ac_n "checking for NSS - version >= $min_nss_version (skipping)""... $ac_c" 1>&6
+echo "configure:11398: checking for NSS - version >= $min_nss_version (skipping)" >&5
+
+ no_nss=""
+ if test "$NSS_CONFIG" = "no"; then
+ no_nss="yes"
+ else
+ NSS_CFLAGS=`$NSS_CONFIG $nss_config_args --cflags`
+ NSS_LIBS=`$NSS_CONFIG $nss_config_args --libs`
+
+ nss_config_major_version=`$NSS_CONFIG $nss_config_args --version | \
+ sed 's/\([0-9]*\).\([0-9]*\).\([0-9]*\)/\1/'`
+ nss_config_minor_version=`$NSS_CONFIG $nss_config_args --version | \
+ sed 's/\([0-9]*\).\([0-9]*\).\([0-9]*\)/\2/'`
+ nss_config_micro_version=`$NSS_CONFIG $nss_config_args --version | \
+ sed 's/\([0-9]*\).\([0-9]*\).\([0-9]*\)/\3/'`
+ fi
+
+ if test -z "$no_nss"; then
+ echo "$ac_t""yes" 1>&6
+ MOZ_NATIVE_NSS=1
+ else
+ echo "$ac_t""no" 1>&6
+ fi
+
+
+
+
+
+
+fi
+
if test -z "$SKIP_LIBRARY_CHECKS"; then
# Check whether --with-system-jpeg or --without-system-jpeg was given.
if test "${with_system_jpeg+set}" = set; then
@@ -19473,6 +19602,9 @@
s%@NSPR_CONFIG@%$NSPR_CONFIG%g
s%@NSPR_CFLAGS@%$NSPR_CFLAGS%g
s%@NSPR_LIBS@%$NSPR_LIBS%g
+s%@NSS_CONFIG@%$NSS_CONFIG%g
+s%@NSS_CFLAGS@%$NSS_CFLAGS%g
+s%@NSS_LIBS@%$NSS_LIBS%g
s%@GTK_CONFIG@%$GTK_CONFIG%g
s%@GTK_CFLAGS@%$GTK_CFLAGS%g
s%@GTK_LIBS@%$GTK_LIBS%g
@@ -19753,6 +19885,7 @@
s%@MOZ_PNG_CFLAGS@%$MOZ_PNG_CFLAGS%g
s%@MOZ_PNG_LIBS@%$MOZ_PNG_LIBS%g
s%@MOZ_NATIVE_NSPR@%$MOZ_NATIVE_NSPR%g
+s%@MOZ_NATIVE_NSS@%$MOZ_NATIVE_NSS%g
s%@COMPILE_CFLAGS@%$COMPILE_CFLAGS%g
s%@COMPILE_CXXFLAGS@%$COMPILE_CXXFLAGS%g
s%@CROSS_COMPILE@%$CROSS_COMPILE%g
Index: mozilla/aclocal.m4
===================================================================
RCS file: /cvsroot/mozilla/aclocal.m4,v
retrieving revision 1.14
diff -u -r1.14 aclocal.m4
--- mozilla/aclocal.m4 13 May 2004 03:12:47 -0000 1.14
+++ mozilla/aclocal.m4 15 Dec 2005 05:40:53 -0000
@@ -8,6 +8,7 @@
builtin(include, build/autoconf/libIDL.m4)dnl
builtin(include, build/autoconf/libIDL-2.m4)dnl
builtin(include, build/autoconf/nspr.m4)dnl
+builtin(include, build/autoconf/nss.m4)dnl
builtin(include, build/autoconf/libart.m4)dnl
builtin(include, build/autoconf/pkg.m4)dnl
builtin(include, build/autoconf/freetype2.m4)dnl
Index: mozilla/config/autoconf.mk.in
===================================================================
RCS file: /cvsroot/mozilla/config/autoconf.mk.in,v
retrieving revision 3.363.2.1
diff -u -r3.363.2.1 autoconf.mk.in
--- mozilla/config/autoconf.mk.in 17 Aug 2005 17:17:17 -0000 3.363.2.1
+++ mozilla/config/autoconf.mk.in 15 Dec 2005 05:40:53 -0000
@@ -229,6 +229,7 @@
MOZ_INSURE_EXCLUDE_DIRS = @MOZ_INSURE_EXCLUDE_DIRS@
MOZ_NATIVE_NSPR = @MOZ_NATIVE_NSPR@
+MOZ_NATIVE_NSS = @MOZ_NATIVE_NSS@
CROSS_COMPILE = @CROSS_COMPILE@
@@ -384,6 +385,48 @@
NSPR_CFLAGS = @NSPR_CFLAGS@
NSPR_LIBS = @NSPR_LIBS@
+NSS_CONFIG = @NSS_CONFIG@
+NSS_CFLAGS = @NSS_CFLAGS@
+NSS_LIBS = @NSS_LIBS@
+
+ifdef MOZ_NATIVE_NSS
+NSS_DEP_LIBS = \
+ $(NULL)
+NSS_LIBS += \
+ -lcrmf \
+ $(NULL)
+else
+NSS_DEP_LIBS = \
+ $(DIST)/lib/$(LIB_PREFIX)crmf.$(LIB_SUFFIX) \
+ $(DIST)/lib/$(DLL_PREFIX)smime3$(DLL_SUFFIX) \
+ $(DIST)/lib/$(DLL_PREFIX)ssl3$(DLL_SUFFIX) \
+ $(DIST)/lib/$(DLL_PREFIX)nss3$(DLL_SUFFIX) \
+ $(DIST)/lib/$(DLL_PREFIX)softokn3$(DLL_SUFFIX) \
+ $(NULL)
+NSS_LIBS = \
+ $(LIBS_DIR) \
+ $(DIST)/lib/$(LIB_PREFIX)crmf.$(LIB_SUFFIX) \
+ -lsmime3 \
+ -lssl3 \
+ -lnss3 \
+ -lsoftokn3 \
+ $(NULL)
+endif
+
+ifneq (,$(filter OS2 WINNT WINCE, $(OS_ARCH)))
+ifndef GNU_CC
+ifndef MOZ_NATIVE_NSS
+NSS_LIBS = \
+ $(DIST)/lib/$(LIB_PREFIX)crmf.$(LIB_SUFFIX) \
+ $(DIST)/lib/$(LIB_PREFIX)smime3.$(IMPORT_LIB_SUFFIX) \
+ $(DIST)/lib/$(LIB_PREFIX)ssl3.$(IMPORT_LIB_SUFFIX) \
+ $(DIST)/lib/$(LIB_PREFIX)nss3.$(IMPORT_LIB_SUFFIX) \
+ $(DIST)/lib/$(LIB_PREFIX)softokn3.$(IMPORT_LIB_SUFFIX) \
+ $(NULL)
+endif
+endif
+endif
+
LDAP_CFLAGS = @LDAP_CFLAGS@
LDAP_LIBS = @LDAP_LIBS@
XPCOM_GLUE_LDOPTS = @XPCOM_GLUE_LDOPTS@
Index: mozilla/config/config.mk
===================================================================
RCS file: /cvsroot/mozilla/config/config.mk,v
retrieving revision 3.337
diff -u -r3.337 config.mk
--- mozilla/config/config.mk 28 Jul 2005 19:48:11 -0000 3.337
+++ mozilla/config/config.mk 15 Dec 2005 05:40:54 -0000
@@ -138,39 +138,6 @@
FINAL_LINK_COMPS = $(DEPTH)/config/final-link-comps
FINAL_LINK_COMP_NAMES = $(DEPTH)/config/final-link-comp-names
-#
-# NSS libs needed for final link in static build
-#
-
-NSS_LIBS = \
- $(LIBS_DIR) \
- $(DIST)/lib/$(LIB_PREFIX)crmf.$(LIB_SUFFIX) \
- -lsmime3 \
- -lssl3 \
- -lnss3 \
- -lsoftokn3 \
- $(NULL)
-
-ifneq (,$(filter OS2 WINNT WINCE, $(OS_ARCH)))
-ifndef GNU_CC
-NSS_LIBS = \
- $(DIST)/lib/$(LIB_PREFIX)crmf.$(LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)smime3.$(IMPORT_LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)ssl3.$(IMPORT_LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)nss3.$(IMPORT_LIB_SUFFIX) \
- $(DIST)/lib/$(LIB_PREFIX)softokn3.$(IMPORT_LIB_SUFFIX) \
- $(NULL)
-endif
-endif
-
-NSS_DEP_LIBS = \
- $(DIST)/lib/$(LIB_PREFIX)crmf.$(LIB_SUFFIX) \
- $(DIST)/lib/$(DLL_PREFIX)smime3$(DLL_SUFFIX) \
- $(DIST)/lib/$(DLL_PREFIX)ssl3$(DLL_SUFFIX) \
- $(DIST)/lib/$(DLL_PREFIX)nss3$(DLL_SUFFIX) \
- $(DIST)/lib/$(DLL_PREFIX)softokn3$(DLL_SUFFIX) \
- $(NULL)
-
MOZ_UNICHARUTIL_LIBS = $(DIST)/lib/$(LIB_PREFIX)unicharutil_s.$(LIB_SUFFIX)
MOZ_REGISTRY_LIBS = $(DIST)/lib/$(LIB_PREFIX)mozreg_s.$(LIB_SUFFIX)
MOZ_WIDGET_SUPPORT_LIBS = $(DIST)/lib/$(LIB_PREFIX)widgetsupport_s.$(LIB_SUFFIX)
Index: mozilla/build/autoconf/nss.m4
===================================================================
RCS file: mozilla/build/autoconf/nss.m4
diff -N mozilla/build/autoconf/nss.m4
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ mozilla/build/autoconf/nss.m4 15 Dec 2005 05:40:54 -0000
@@ -0,0 +1,67 @@
+# -*- tab-width: 4; -*-
+# Configure paths for NSS
+# Public domain - Chris Seawood <cls@seawood.org> 2001-04-05
+# Based upon gtk.m4 (also PD) by Owen Taylor
+
+dnl AM_PATH_NSS([MINIMUM-VERSION, [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND]]])
+dnl Test for NSS, and define NSS_CFLAGS and NSS_LIBS
+AC_DEFUN(AM_PATH_NSS,
+[dnl
+
+AC_ARG_WITH(nss-prefix,
+ [ --with-nss-prefix=PFX Prefix where NSS is installed],
+ nss_config_prefix="$withval",
+ nss_config_prefix="")
+
+AC_ARG_WITH(nss-exec-prefix,
+ [ --with-nss-exec-prefix=PFX
+ Exec prefix where NSS is installed],
+ nss_config_exec_prefix="$withval",
+ nss_config_exec_prefix="")
+
+ if test -n "$nss_config_exec_prefix"; then
+ nss_config_args="$nss_config_args --exec-prefix=$nss_config_exec_prefix"
+ if test -z "$NSS_CONFIG"; then
+ NSS_CONFIG=$nss_config_exec_prefix/bin/nss-config
+ fi
+ fi
+ if test -n "$nss_config_prefix"; then
+ nss_config_args="$nss_config_args --prefix=$nss_config_prefix"
+ if test -z "$NSS_CONFIG"; then
+ NSS_CONFIG=$nss_config_prefix/bin/nss-config
+ fi
+ fi
+
+ unset ac_cv_path_NSS_CONFIG
+ AC_PATH_PROG(NSS_CONFIG, nss-config, no)
+ min_nss_version=ifelse([$1], ,3.0.0,$1)
+ AC_MSG_CHECKING(for NSS - version >= $min_nss_version (skipping))
+
+ no_nss=""
+ if test "$NSS_CONFIG" = "no"; then
+ no_nss="yes"
+ else
+ NSS_CFLAGS=`$NSS_CONFIG $nss_config_args --cflags`
+ NSS_LIBS=`$NSS_CONFIG $nss_config_args --libs`
+
+ dnl Skip version check for now
+ nss_config_major_version=`$NSS_CONFIG $nss_config_args --version | \
+ sed 's/\([[0-9]]*\).\([[0-9]]*\).\([[0-9]]*\)/\1/'`
+ nss_config_minor_version=`$NSS_CONFIG $nss_config_args --version | \
+ sed 's/\([[0-9]]*\).\([[0-9]]*\).\([[0-9]]*\)/\2/'`
+ nss_config_micro_version=`$NSS_CONFIG $nss_config_args --version | \
+ sed 's/\([[0-9]]*\).\([[0-9]]*\).\([[0-9]]*\)/\3/'`
+ fi
+
+ if test -z "$no_nss"; then
+ AC_MSG_RESULT(yes)
+ ifelse([$2], , :, [$2])
+ else
+ AC_MSG_RESULT(no)
+ fi
+
+
+ AC_SUBST(NSS_CFLAGS)
+ AC_SUBST(NSS_LIBS)
+
+])
Index: mozilla/security/manager/Makefile.in
===================================================================
RCS file: /cvsroot/mozilla/security/manager/Makefile.in,v
retrieving revision 1.57
diff -u -r1.57 Makefile.in
--- mozilla/security/manager/Makefile.in 2 Jun 2005 02:03:05 -0000 1.57
+++ mozilla/security/manager/Makefile.in 15 Dec 2005 05:40:54 -0000
@@ -46,6 +46,8 @@
MODULE = psm
PACKAGE_FILE = psm.pkg
+
+ifndef MOZ_NATIVE_NSS
PACKAGE_VARS += \
NSS3_LIB \
SMIME3_LIB \
@@ -57,6 +59,7 @@
$(NULL)
LOADABLE_ROOT_MODULE = $(DLL_PREFIX)nssckbi$(DLL_SUFFIX)
+endif
NSS3_LIB = $(DLL_PREFIX)nss3$(DLL_SUFFIX)
SMIME3_LIB = $(DLL_PREFIX)smime3$(DLL_SUFFIX)
@@ -147,6 +150,7 @@
export:: .nss.cleaned
.nss.cleaned: .nss.checkout
+ifndef MOZ_NATIVE_NSS
$(MAKE) -C $(topsrcdir)/security/coreconf $(DEFAULT_GMAKE_FLAGS) clean
$(MAKE) -C $(topsrcdir)/security/nss/lib $(DEFAULT_GMAKE_FLAGS) clean
ifndef SKIP_CHK
@@ -154,9 +158,12 @@
$(MAKE) -C $(topsrcdir)/security/nss/cmd/shlibsign $(DEFAULT_GMAKE_FLAGS) clean
endif
touch $@
+endif
.nss.checkout:
+ifndef MOZ_NATIVE_NSS
touch $(srcdir)/$@
+endif
dependclean export packages chrome::
$(MAKE) -C boot $@
@@ -167,12 +174,15 @@
endif
libs::
+ifndef MOZ_NATIVE_NSS
$(MAKE) -C $(topsrcdir)/security/coreconf $(DEFAULT_GMAKE_FLAGS)
+endif
ifeq ($(OS_ARCH),WINNT)
cd $(DIST)/lib; cp -f $(LIB_PREFIX)dbm$(MOZ_BITS).$(LIB_SUFFIX) $(LIB_PREFIX)dbm.$(LIB_SUFFIX)
else
cd $(DIST)/lib; cp -f $(LIB_PREFIX)mozdbm_s.$(LIB_SUFFIX) $(LIB_PREFIX)dbm.$(LIB_SUFFIX); $(RANLIB) $(LIB_PREFIX)dbm.$(LIB_SUFFIX)
endif
+ifndef MOZ_NATIVE_NSS
$(MAKE) -C $(topsrcdir)/security/nss/lib $(DEFAULT_GMAKE_FLAGS)
ifndef SKIP_CHK
$(MAKE) -C $(topsrcdir)/security/nss/cmd/lib $(DEFAULT_GMAKE_FLAGS)
@@ -210,6 +220,7 @@
$(INSTALL) -m 755 $(DIST)/lib/$(FREEBL_HYBRID_MODULE) $(DIST)/bin
endif
endif
+endif
$(MAKE) -C boot $@
$(MAKE) -C ssl $@
$(MAKE) -C locales $@
@@ -218,6 +229,7 @@
endif
install::
+ifndef MOZ_NATIVE_NSS
$(SYSINSTALL) -m 755 $(DIST)/lib/$(LOADABLE_ROOT_MODULE) $(DESTDIR)$(mozappdir)
ifndef SKIP_CHK
$(SYSINSTALL) -m 644 $(DIST)/lib/$(SOFTOKEN3_CHK) $(DESTDIR)$(mozappdir)
@@ -232,6 +244,7 @@
$(SYSINSTALL) -m 644 $(DIST)/lib/$(FREEBL_HYBRID_CHK) $(DESTDIR)$(mozappdir)
$(SYSINSTALL) -m 755 $(DIST)/lib/$(FREEBL_HYBRID_MODULE) $(DESTDIR)$(mozappdir)
endif
+endif
$(MAKE) -C boot $@
$(MAKE) -C ssl $@
$(MAKE) -C locales $@
@@ -246,15 +259,18 @@
ifdef MOZ_XUL
$(MAKE) -C pki $@
endif
+ifndef MOZ_NATIVE_NSS
$(MAKE) -C $(topsrcdir)/security/coreconf $(DEFAULT_GMAKE_FLAGS) clean
$(MAKE) -C $(topsrcdir)/security/nss/lib $(DEFAULT_GMAKE_FLAGS) clean
ifndef SKIP_CHK
$(MAKE) -C $(topsrcdir)/security/nss/cmd/lib $(DEFAULT_GMAKE_FLAGS) clean
$(MAKE) -C $(topsrcdir)/security/nss/cmd/shlibsign $(DEFAULT_GMAKE_FLAGS) clean
endif
+endif
echo-requires-recursive::
$(MAKE) -C boot $@
$(MAKE) -C ssl $@
$(MAKE) -C pki $@
$(MAKE) -C locales $@
+
Index: mozilla/security/manager/ssl/src/Makefile.in
===================================================================
RCS file: /cvsroot/mozilla/security/manager/ssl/src/Makefile.in,v
retrieving revision 1.67
diff -u -r1.67 Makefile.in
--- mozilla/security/manager/ssl/src/Makefile.in 3 Aug 2005 05:24:18 -0000 1.67
+++ mozilla/security/manager/ssl/src/Makefile.in 15 Dec 2005 05:40:56 -0000
@@ -123,8 +123,13 @@
# Use local includes because they are inserted before INCLUDES
# so that Mozilla's nss.h is used, not glibc's
+ifdef MOZ_NATIVE_NSS
+LOCAL_INCLUDES += $(NSS_CFLAGS) \
+ $(NULL)
+else
LOCAL_INCLUDES += -I$(DIST)/public/nss \
$(NULL)
+endif
EXTRA_DSO_LDOPTS += \
$(MOZ_UNICHARUTIL_LIBS) \
Index: mozilla/security/manager/ssl/src/nsNSSComponent.cpp
===================================================================
RCS file: /cvsroot/mozilla/security/manager/ssl/src/nsNSSComponent.cpp,v
retrieving revision 1.126.2.1
diff -u -r1.126.2.1 nsNSSComponent.cpp
--- mozilla/security/manager/ssl/src/nsNSSComponent.cpp 26 Aug 2005 06:41:50 -0000 1.126.2.1
+++ mozilla/security/manager/ssl/src/nsNSSComponent.cpp 15 Dec 2005 05:41:00 -0000
@@ -488,14 +488,6 @@
}
-#ifdef XP_MAC
-#ifdef DEBUG
-#define LOADABLE_CERTS_MODULE NS_LITERAL_CSTRING("NSSckbiDebug.shlb")
-#else
-#define LOADABLE_CERTS_MODULE NS_LITERAL_CSTRING("NSSckbi.shlb")
-#endif /*DEBUG*/
-#endif /*XP_MAC*/
-
static void setOCSPOptions(nsIPrefBranch * pref);
NS_IMETHODIMP
@@ -689,40 +681,40 @@
const char *possible_ckbi_locations[] = {
NS_GRE_DIR,
- NS_XPCOM_CURRENT_PROCESS_DIR
+ NS_XPCOM_CURRENT_PROCESS_DIR,
+ 0
};
-
+
for (size_t il = 0; il < sizeof(possible_ckbi_locations)/sizeof(const char*); ++il) {
nsCOMPtr<nsILocalFile> mozFile;
- directoryService->Get( possible_ckbi_locations[il],
- NS_GET_IID(nsILocalFile),
- getter_AddRefs(mozFile));
+ char *fullModuleName = nsnull;
+
+ if (!possible_ckbi_locations[il])
+ {
+ fullModuleName = PR_GetLibraryName(nsnull, "nssckbi");
+ }
+ else
+ {
+ directoryService->Get( possible_ckbi_locations[il],
+ NS_GET_IID(nsILocalFile),
+ getter_AddRefs(mozFile));
- if (!mozFile) {
- continue;
+ if (!mozFile) {
+ continue;
+ }
+
+ nsCAutoString processDir;
+ mozFile->GetNativePath(processDir);
+ fullModuleName = PR_GetLibraryName(processDir.get(), "nssckbi");
}
- char *fullModuleName = nsnull;
-#ifdef XP_MAC
- nsCAutoString nativePath;
- mozFile->AppendNative(NS_LITERAL_CSTRING("Essential Files"));
- mozFile->AppendNative(LOADABLE_CERTS_MODULE);
- mozFile->GetNativePath(nativePath);
- fullModuleName = (char *) nativePath.get();
-#else
- nsCAutoString processDir;
- mozFile->GetNativePath(processDir);
- fullModuleName = PR_GetLibraryName(processDir.get(), "nssckbi");
-#endif
/* If a module exists with the same name, delete it. */
NS_ConvertUCS2toUTF8 modNameUTF8(modName);
int modType;
SECMOD_DeleteModule(NS_CONST_CAST(char*, modNameUTF8.get()), &modType);
SECStatus rv_add =
SECMOD_AddNewModule(NS_CONST_CAST(char*, modNameUTF8.get()), fullModuleName, 0, 0);
-#ifndef XP_MAC
- PR_Free(fullModuleName); // allocated by NSPR
-#endif
+ PR_FreeLibraryName(fullModuleName); // allocated by NSPR
if (SECSuccess == rv_add) {
// found a module, no need to try other directories
break;

12
firefox.secalg.patch
View File

@ -1,12 +0,0 @@
diff -up ./security/manager/ssl/src/nsKeygenHandler.cpp.secalg ./security/manager/ssl/src/nsKeygenHandler.cpp
--- ./security/manager/ssl/src/nsKeygenHandler.cpp.secalg 2008-02-13 17:25:11.000000000 -0800
+++ ./security/manager/ssl/src/nsKeygenHandler.cpp 2008-02-13 17:26:42.000000000 -0800
@@ -63,6 +63,8 @@ extern "C" {
#include "nsIGenKeypairInfoDlg.h"
#include "nsNSSShutDown.h"
+extern DERTemplate SECAlgorithmIDTemplate[];
+
//These defines are taken from the PKCS#11 spec
#define CKM_RSA_PKCS_KEY_PAIR_GEN 0x00000000
#define CKM_DH_PKCS_KEY_PAIR_GEN 0x00000020

1
import.log Normal file
View File

@ -0,0 +1 @@
esc-1_1_0-10_fc12:HEAD:esc-1.1.0-10.fc12.src.rpm:1253050190

3
sources
View File

@ -1,2 +1 @@
3d3def2acd3c8d04dff47af5312a707c esc-1.0.1.tar.bz2
4dc09831aa4e94fda5182a4897ed08e9 xulrunner-1.8.0.4-source.tar.bz2
76dc573edfd410f3fdd08ad0010b9205 esc-1.1.0.tar.bz2