Add patch for Gnome bug #626066 (login to NSS on demand)
This commit is contained in:
parent
2003ff12b1
commit
f570c5f10c
137
evolution-2.31.92-gn626066.patch
Normal file
137
evolution-2.31.92-gn626066.patch
Normal file
@ -0,0 +1,137 @@
|
|||||||
|
From c33a84d443f6a340fc247531b6bc8c9997b52aba Mon Sep 17 00:00:00 2001
|
||||||
|
From: David Woodhouse <David.Woodhouse@intel.com>
|
||||||
|
Date: Mon, 13 Sep 2010 20:00:25 +0000
|
||||||
|
Subject: Bug 626066 - log in to NSS database on demand for changing trust
|
||||||
|
|
||||||
|
---
|
||||||
|
diff --git a/smime/gui/cert-trust-dialog.c b/smime/gui/cert-trust-dialog.c
|
||||||
|
index 9c87c66..66ce69b 100644
|
||||||
|
--- a/smime/gui/cert-trust-dialog.c
|
||||||
|
+++ b/smime/gui/cert-trust-dialog.c
|
||||||
|
@@ -73,7 +73,7 @@ ctd_response(GtkWidget *w, guint id, CertTrustDialogData *data)
|
||||||
|
e_cert_trust_add_peer_trust (&trust, FALSE,
|
||||||
|
gtk_toggle_button_get_active(GTK_TOGGLE_BUTTON (data->trust_button)),
|
||||||
|
FALSE);
|
||||||
|
- CERT_ChangeCertTrust (CERT_GetDefaultCertDB(), icert, &trust);
|
||||||
|
+ e_cert_db_change_cert_trust (icert, &trust);
|
||||||
|
break;
|
||||||
|
case GTK_RESPONSE_ACCEPT: {
|
||||||
|
/* just *what on earth* was chris thinking here!?!?! copied from certificate-manager.c */
|
||||||
|
@@ -101,7 +101,7 @@ ctd_response(GtkWidget *w, guint id, CertTrustDialogData *data)
|
||||||
|
trust_email,
|
||||||
|
trust_objsign);
|
||||||
|
|
||||||
|
- CERT_ChangeCertTrust(CERT_GetDefaultCertDB(), icert, &trust);
|
||||||
|
+ e_cert_db_change_cert_trust (icert, &trust);
|
||||||
|
}
|
||||||
|
|
||||||
|
gtk_widget_destroy (dialog);
|
||||||
|
diff --git a/smime/gui/certificate-manager.c b/smime/gui/certificate-manager.c
|
||||||
|
index d0823b8..5a5b204 100644
|
||||||
|
--- a/smime/gui/certificate-manager.c
|
||||||
|
+++ b/smime/gui/certificate-manager.c
|
||||||
|
@@ -679,7 +679,7 @@ edit_ca (GtkWidget *widget, CertificateManagerData *cfm)
|
||||||
|
trust_email,
|
||||||
|
trust_objsign);
|
||||||
|
|
||||||
|
- CERT_ChangeCertTrust (CERT_GetDefaultCertDB(), icert, &trust);
|
||||||
|
+ e_cert_db_change_cert_trust (icert, &trust);
|
||||||
|
}
|
||||||
|
|
||||||
|
gtk_widget_destroy (dialog);
|
||||||
|
@@ -1097,18 +1097,13 @@ certificate_manager_config_new (EPreferencesWindow *window)
|
||||||
|
GtkWidget *parent;
|
||||||
|
GtkWidget *widget;
|
||||||
|
CertificateManagerData *cfm_data;
|
||||||
|
- PK11SlotInfo* slot;
|
||||||
|
- ECertDB *cert_db;
|
||||||
|
|
||||||
|
shell = e_preferences_window_get_shell (window);
|
||||||
|
|
||||||
|
g_return_val_if_fail (E_IS_SHELL (shell), NULL);
|
||||||
|
|
||||||
|
/* We need to peek the db here to make sure it (and NSS) are fully initialized. */
|
||||||
|
-
|
||||||
|
- cert_db = e_cert_db_peek();
|
||||||
|
- slot = PK11_GetInternalKeySlot();
|
||||||
|
- e_cert_db_login_to_slot(cert_db, slot);
|
||||||
|
+ e_cert_db_peek ();
|
||||||
|
|
||||||
|
cfm_data = g_new0 (CertificateManagerData, 1);
|
||||||
|
|
||||||
|
diff --git a/smime/lib/e-cert-db.c b/smime/lib/e-cert-db.c
|
||||||
|
index 2e23df2..48458fa 100644
|
||||||
|
--- a/smime/lib/e-cert-db.c
|
||||||
|
+++ b/smime/lib/e-cert-db.c
|
||||||
|
@@ -936,7 +936,18 @@ handle_ca_cert_download(ECertDB *cert_db, GList *certs, GError **error)
|
||||||
|
nickname,
|
||||||
|
&trust);
|
||||||
|
|
||||||
|
- if (srv != SECSuccess && PORT_GetError() != SEC_ERROR_TOKEN_NOT_LOGGED_IN) {
|
||||||
|
+ /*
|
||||||
|
+ If this fails with SEC_ERROR_TOKEN_NOT_LOGGED_IN, it seems
|
||||||
|
+ that the import *has* worked, but the setting of trust bits
|
||||||
|
+ failed -- so only set the trust. This *has* to be an NSS bug?
|
||||||
|
+ */
|
||||||
|
+ if (srv != SECSuccess &&
|
||||||
|
+ PORT_GetError () == SEC_ERROR_TOKEN_NOT_LOGGED_IN &&
|
||||||
|
+ e_cert_db_login_to_slot (NULL, PK11_GetInternalKeySlot()))
|
||||||
|
+ srv = CERT_ChangeCertTrust (CERT_GetDefaultCertDB (),
|
||||||
|
+ tmpCert, &trust);
|
||||||
|
+
|
||||||
|
+ if (srv != SECSuccess) {
|
||||||
|
set_nss_error (error);
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
@@ -971,6 +982,27 @@ handle_ca_cert_download(ECertDB *cert_db, GList *certs, GError **error)
|
||||||
|
return TRUE;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
+gboolean e_cert_db_change_cert_trust(CERTCertificate *cert, CERTCertTrust *trust)
|
||||||
|
+{
|
||||||
|
+ SECStatus srv;
|
||||||
|
+
|
||||||
|
+ srv = CERT_ChangeCertTrust (CERT_GetDefaultCertDB (),
|
||||||
|
+ cert, trust);
|
||||||
|
+ if (srv != SECSuccess &&
|
||||||
|
+ PORT_GetError () == SEC_ERROR_TOKEN_NOT_LOGGED_IN &&
|
||||||
|
+ e_cert_db_login_to_slot (NULL, PK11_GetInternalKeySlot()))
|
||||||
|
+ srv = CERT_ChangeCertTrust (CERT_GetDefaultCertDB (),
|
||||||
|
+ cert, trust);
|
||||||
|
+
|
||||||
|
+ if (srv != SECSuccess) {
|
||||||
|
+ glong err = PORT_GetError ();
|
||||||
|
+ g_warning ("CERT_ChangeCertTrust() failed: %s\n",
|
||||||
|
+ nss_error_to_string(err));
|
||||||
|
+ return FALSE;
|
||||||
|
+ }
|
||||||
|
+ return TRUE;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
|
||||||
|
/* deleting certificates */
|
||||||
|
gboolean
|
||||||
|
@@ -998,8 +1030,7 @@ e_cert_db_delete_cert (ECertDB *certdb,
|
||||||
|
CERTCertTrust trust;
|
||||||
|
|
||||||
|
e_cert_trust_init_with_values (&trust, 0, 0, 0);
|
||||||
|
- CERT_ChangeCertTrust(CERT_GetDefaultCertDB(),
|
||||||
|
- cert, &trust);
|
||||||
|
+ e_cert_db_change_cert_trust (cert, &trust);
|
||||||
|
}
|
||||||
|
|
||||||
|
return TRUE;
|
||||||
|
diff --git a/smime/lib/e-cert-db.h b/smime/lib/e-cert-db.h
|
||||||
|
index 7d5f185..6e1bc5a 100644
|
||||||
|
--- a/smime/lib/e-cert-db.h
|
||||||
|
+++ b/smime/lib/e-cert-db.h
|
||||||
|
@@ -142,4 +142,7 @@ gboolean e_cert_db_export_pkcs12_file (ECertDB *cert_db,
|
||||||
|
gboolean e_cert_db_login_to_slot (ECertDB *cert_db,
|
||||||
|
PK11SlotInfo *slot);
|
||||||
|
|
||||||
|
+gboolean e_cert_db_change_cert_trust (CERTCertificate *cert,
|
||||||
|
+ CERTCertTrust *trust);
|
||||||
|
+
|
||||||
|
#endif /* _E_CERT_DB_H_ */
|
||||||
|
--
|
||||||
|
cgit v0.8.3.1
|
@ -33,7 +33,7 @@
|
|||||||
|
|
||||||
Name: evolution
|
Name: evolution
|
||||||
Version: 2.31.92
|
Version: 2.31.92
|
||||||
Release: 1%{?dist}
|
Release: 2%{?dist}
|
||||||
Group: Applications/Productivity
|
Group: Applications/Productivity
|
||||||
Summary: Mail and calendar client for GNOME
|
Summary: Mail and calendar client for GNOME
|
||||||
License: GPLv2+ and GFDL
|
License: GPLv2+ and GFDL
|
||||||
@ -55,6 +55,9 @@ Patch12: evolution-2.9.1-im-context-reset.patch
|
|||||||
# RH bug #589555
|
# RH bug #589555
|
||||||
Patch13: evolution-2.30.1-help-contents.patch
|
Patch13: evolution-2.30.1-help-contents.patch
|
||||||
|
|
||||||
|
# Gnome bug #626066
|
||||||
|
Patch14: evolution-2.31.92-gn626066.patch
|
||||||
|
|
||||||
## Dependencies ###
|
## Dependencies ###
|
||||||
|
|
||||||
Requires(pre): GConf2
|
Requires(pre): GConf2
|
||||||
@ -207,6 +210,7 @@ This package contains the plugin to import Microsoft Personal Storage Table
|
|||||||
%patch10 -p1 -b .ldaphack
|
%patch10 -p1 -b .ldaphack
|
||||||
%patch12 -p1 -b .im-context-reset
|
%patch12 -p1 -b .im-context-reset
|
||||||
%patch13 -p1 -b .help-contents
|
%patch13 -p1 -b .help-contents
|
||||||
|
%patch14 -p1 -b .gn626066
|
||||||
|
|
||||||
mkdir -p krb5-fakeprefix/include
|
mkdir -p krb5-fakeprefix/include
|
||||||
mkdir -p krb5-fakeprefix/lib
|
mkdir -p krb5-fakeprefix/lib
|
||||||
@ -615,7 +619,10 @@ rm -rf $RPM_BUILD_ROOT
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
* Mon Sep 13 2010 Milan Crha <mcrha@redhat.com> - 2.31.92.fc15
|
* Tue Sep 14 2010 Milan Crha <mcrha@redhat.com> - 2.31.92-2.fc15
|
||||||
|
- Add patch for Gnome bug #626066 (login to NSS on demand)
|
||||||
|
|
||||||
|
* Mon Sep 13 2010 Milan Crha <mcrha@redhat.com> - 2.31.92-1.fc15
|
||||||
- Update to 2.31.92
|
- Update to 2.31.92
|
||||||
|
|
||||||
* Mon Aug 30 2010 Milan Crha <mcrha@redhat.com> - 2.31.91-1.fc14
|
* Mon Aug 30 2010 Milan Crha <mcrha@redhat.com> - 2.31.91-1.fc14
|
||||||
|
Loading…
Reference in New Issue
Block a user