import jss-4.6.2-2.module+el8.2.0+4573+c3c38c7b
This commit is contained in:
CentOS Sources
Stepan Oksanichenko
parent
b4ae5efd44
commit
7e660867f9
|
|
@ -1 +1 @@
|
|||
SOURCES/jss-4.6.0.tar.gz
|
||||
SOURCES/jss-4.6.2.tar.gz
|
||||
|
|
|
|||
|
|
@ -1 +1 @@
|
|||
3d6d2d885129e0d7d8ebac5dfe9055c693a7a9b1 SOURCES/jss-4.6.0.tar.gz
|
||||
4fea1d770e0882aa9c1c6c493bce9eb579b5c085 SOURCES/jss-4.6.2.tar.gz
|
||||
|
|
|
|||
|
|
@ -0,0 +1,53 @@
|
|||
From 91514ca0a2979ba778d27220ced0cd312e2cd2d2 Mon Sep 17 00:00:00 2001
|
||||
From: Alexander Scheel <ascheel@redhat.com>
|
||||
Date: Tue, 29 Oct 2019 10:43:56 -0400
|
||||
Subject: [PATCH] Fix NativeProxy reference tracker
|
||||
|
||||
In eb5df01003d74b57473eacb84e538d31f5bb06ca, I introduced a bug by
|
||||
setting mPointer after trying to add NativeProxy to the registry. In
|
||||
most instances this won't matter, however, if another instance exists in
|
||||
the HashSet with the same hash value, the equals comparator will be
|
||||
used, triggering a NPE.
|
||||
|
||||
Signed-off-by: Alexander Scheel <ascheel@redhat.com>
|
||||
---
|
||||
org/mozilla/jss/util/NativeProxy.java | 13 +++++--------
|
||||
1 file changed, 5 insertions(+), 8 deletions(-)
|
||||
|
||||
diff --git a/org/mozilla/jss/util/NativeProxy.java b/org/mozilla/jss/util/NativeProxy.java
|
||||
index 1c6d1aa5..a0811f76 100644
|
||||
--- a/org/mozilla/jss/util/NativeProxy.java
|
||||
+++ b/org/mozilla/jss/util/NativeProxy.java
|
||||
@@ -40,8 +40,8 @@ public abstract class NativeProxy implements AutoCloseable
|
||||
*/
|
||||
public NativeProxy(byte[] pointer) {
|
||||
assert(pointer!=null);
|
||||
- registry.add(this);
|
||||
mPointer = pointer;
|
||||
+ registry.add(this);
|
||||
|
||||
if (saveStacktraces) {
|
||||
mTrace = Arrays.toString(Thread.currentThread().getStackTrace());
|
||||
@@ -61,15 +61,12 @@ public abstract class NativeProxy implements AutoCloseable
|
||||
if( ! (obj instanceof NativeProxy) ) {
|
||||
return false;
|
||||
}
|
||||
- if( ((NativeProxy)obj).mPointer.length != mPointer.length) {
|
||||
+ if (((NativeProxy)obj).mPointer == null) {
|
||||
+ /* If mPointer is null, we have no way to compare the values
|
||||
+ * of the pointers, so assume they're unequal. */
|
||||
return false;
|
||||
}
|
||||
- for(int i=0; i < mPointer.length; i++) {
|
||||
- if(mPointer[i] != ((NativeProxy)obj).mPointer[i]) {
|
||||
- return false;
|
||||
- }
|
||||
- }
|
||||
- return true;
|
||||
+ return Arrays.equals(((NativeProxy)obj).mPointer, mPointer);
|
||||
}
|
||||
|
||||
/**
|
||||
--
|
||||
2.21.0
|
||||
|
||||
|
|
@ -1,71 +0,0 @@
|
|||
From d7d6d769b510118e40d9c0919317665c4c9feb8d Mon Sep 17 00:00:00 2001
|
||||
From: Alexander Scheel <alexander.m.scheel@gmail.com>
|
||||
Date: Wed, 12 Jun 2019 17:17:45 -0400
|
||||
Subject: [PATCH] Disable buffer-based tests
|
||||
|
||||
Signed-off-by: Alexander Scheel <alexander.m.scheel@gmail.com>
|
||||
---
|
||||
cmake/JSSTests.cmake | 33 ---------------------------------
|
||||
1 file changed, 33 deletions(-)
|
||||
|
||||
diff --git a/cmake/JSSTests.cmake b/cmake/JSSTests.cmake
|
||||
index b389be5c..473d7d4d 100644
|
||||
--- a/cmake/JSSTests.cmake
|
||||
+++ b/cmake/JSSTests.cmake
|
||||
@@ -78,24 +78,6 @@ macro(jss_tests)
|
||||
NAME "BigObjectIdentifier"
|
||||
COMMAND "org.mozilla.jss.tests.BigObjectIdentifier"
|
||||
)
|
||||
- jss_test_java(
|
||||
- NAME "JSS_Test_PR_FileDesc"
|
||||
- COMMAND "org.mozilla.jss.tests.TestPRFD"
|
||||
- )
|
||||
- jss_test_java(
|
||||
- NAME "JSS_Test_Raw_SSL"
|
||||
- COMMAND "org.mozilla.jss.tests.TestRawSSL" "${RESULTS_NSSDB_OUTPUT_DIR}"
|
||||
- DEPENDS "Setup_DBs"
|
||||
- )
|
||||
- jss_test_java(
|
||||
- NAME "JSS_Test_Buffer"
|
||||
- COMMAND "org.mozilla.jss.tests.TestBuffer"
|
||||
- )
|
||||
- jss_test_java(
|
||||
- NAME "JSS_Test_BufferPRFD"
|
||||
- COMMAND "org.mozilla.jss.tests.TestBufferPRFD" "${RESULTS_NSSDB_OUTPUT_DIR}" "${DB_PWD}"
|
||||
- DEPENDS "List_CA_certs"
|
||||
- )
|
||||
if ((${Java_VERSION_MAJOR} EQUAL 1) AND (${Java_VERSION_MINOR} LESS 9))
|
||||
jss_test_java(
|
||||
NAME "Test_PKCS11Constants.java_for_Sun_compatibility"
|
||||
@@ -126,16 +108,6 @@ macro(jss_tests)
|
||||
NAME "JUnit_UTF8StringTest"
|
||||
COMMAND "org.junit.runner.JUnitCore" "org.mozilla.jss.tests.UTF8StringTest"
|
||||
)
|
||||
- jss_test_exec(
|
||||
- NAME "buffer_size_1"
|
||||
- COMMAND "${BIN_OUTPUT_DIR}/buffer_size_1"
|
||||
- DEPENDS "generate_c_buffer_size_1"
|
||||
- )
|
||||
- jss_test_exec(
|
||||
- NAME "buffer_size_4"
|
||||
- COMMAND "${BIN_OUTPUT_DIR}/buffer_size_4"
|
||||
- DEPENDS "generate_c_buffer_size_4"
|
||||
- )
|
||||
jss_test_java(
|
||||
NAME "JUnit_ChainSortingTest"
|
||||
COMMAND "org.junit.runner.JUnitCore" "org.mozilla.jss.tests.ChainSortingTest"
|
||||
@@ -180,11 +152,6 @@ macro(jss_tests)
|
||||
COMMAND "org.mozilla.jss.tests.SSLClientAuth" "${RESULTS_NSSDB_OUTPUT_DIR}" "${PASSWORD_FILE}" "${JSS_TEST_PORT_CLIENTAUTH}" "50"
|
||||
DEPENDS "List_CA_certs"
|
||||
)
|
||||
- jss_test_exec(
|
||||
- NAME "TestBufferPRFD"
|
||||
- COMMAND "${BIN_OUTPUT_DIR}/TestBufferPRFD" "${RESULTS_NSSDB_OUTPUT_DIR}" "${DB_PWD}"
|
||||
- DEPENDS "List_CA_certs" "generate_c_TestBufferPRFD"
|
||||
- )
|
||||
jss_test_java(
|
||||
NAME "Key_Generation"
|
||||
COMMAND "org.mozilla.jss.tests.TestKeyGen" "${RESULTS_NSSDB_OUTPUT_DIR}" "${PASSWORD_FILE}"
|
||||
--
|
||||
2.21.0
|
||||
|
||||
|
|
@ -6,7 +6,7 @@ Summary: Java Security Services (JSS)
|
|||
URL: http://www.dogtagpki.org/wiki/JSS
|
||||
License: MPLv1.1 or GPLv2+ or LGPLv2+
|
||||
|
||||
Version: 4.6.0
|
||||
Version: 4.6.2
|
||||
Release: 2%{?_timestamp}%{?_commit_id}%{?dist}
|
||||
# global _phase -a1
|
||||
|
||||
|
|
@ -24,7 +24,8 @@ Source: https://github.com/dogtagpki/%{name}/archive/v%{version}%{?_phas
|
|||
# --stdout \
|
||||
# <version tag> \
|
||||
# > jss-VERSION-RELEASE.patch
|
||||
Patch: jss-disable-buffer-based-tests.patch
|
||||
# Patch: jss-VERSION-RELEASE.patch
|
||||
Patch: 0001-Fix-NativeProxy-reference-tracker.patch
|
||||
|
||||
################################################################################
|
||||
# Build Dependencies
|
||||
|
|
@ -81,7 +82,6 @@ This only works with gcj. Other JREs require that JCE providers be signed.
|
|||
################################################################################
|
||||
|
||||
Summary: Java Security Services (JSS) Javadocs
|
||||
Group: Documentation
|
||||
Requires: jss = %{version}-%{release}
|
||||
|
||||
%description javadoc
|
||||
|
|
@ -106,6 +106,9 @@ export BUILD_OPT=1
|
|||
CFLAGS="-g $RPM_OPT_FLAGS"
|
||||
export CFLAGS
|
||||
|
||||
# Check if we're in FIPS mode
|
||||
modutil -dbdir /etc/pki/nssdb -chkfips true | grep -q enabled && export FIPS_ENABLED=1
|
||||
|
||||
# The Makefile is not thread-safe
|
||||
rm -rf build && mkdir -p build && cd build
|
||||
%cmake \
|
||||
|
|
@ -157,33 +160,46 @@ cp -p *.txt $RPM_BUILD_ROOT%{_javadocdir}/%{name}-%{version}
|
|||
|
||||
################################################################################
|
||||
%changelog
|
||||
* Wed Jun 12 2019 Dogtag PKI Team <pki-devel@redhat.com> 4.6.0-2
|
||||
* Tue Oct 29 2019 Red Hat PKI Team <rhcs-maint@redhat.com> 4.6.2-2
|
||||
- Red Hat Bugzilla #1730767 - JSS: Wrap NSS CMAC + KDF implementations
|
||||
- Rebased to JSS 4.6.2
|
||||
|
||||
* Wed Sep 11 2019 Red Hat PKI Team <rhcs-maint@redhat.com> 4.6.0-5
|
||||
- Red Hat Bugzilla #1747987 - CVE 2019-14823 jss: OCSP policy "Leaf and Chain" implicitly trusts the root certificate
|
||||
|
||||
* Wed Aug 14 2019 Red Hat PKI Team <rhcs-maint@redhat.com> 4.6.0-4
|
||||
- Red Hat Bugzilla #1698059 - pki-core implements crypto
|
||||
|
||||
* Tue Jul 16 2019 Red Hat PKI Team <rhcs-maint@redhat.com> 4.6.0-3
|
||||
- Red Hat Bugzilla #1721135 - JSS - LD_FLAGS support
|
||||
|
||||
* Wed Jun 12 2019 Red Hat PKI Team <rhcs-maint@redhat.com> 4.6.0-2
|
||||
- Minor updates to release
|
||||
|
||||
* Wed Jun 12 2019 Dogtag PKI Team <pki-devel@redhat.com> 4.6.0-1
|
||||
* Wed Jun 12 2019 Red Hat PKI Team <rhcs-maint@redhat.com> 4.6.0-1
|
||||
- Rebased to JSS 4.6.0
|
||||
|
||||
* Thu Apr 25 2019 Dogtag PKI Team <pki-devel@redhat.com> 4.5.3-1
|
||||
* Thu Apr 25 2019 Red Hat PKI Team <rhcs-maint@redhat.com> 4.5.3-1
|
||||
- Rebased to JSS 4.5.3
|
||||
|
||||
* Fri Aug 10 2018 Dogtag PKI Team <pki-devel@redhat.com> 4.5.0-1
|
||||
* Fri Aug 10 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 4.5.0-1
|
||||
- Rebased to JSS 4.5.0
|
||||
|
||||
* Tue Aug 07 2018 Dogtag PKI Team <pki-devel@redhat.com> 4.5.0-0.6
|
||||
* Tue Aug 07 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 4.5.0-0.6
|
||||
- Rebased to JSS 4.5.0-b1
|
||||
|
||||
* Tue Aug 07 2018 Dogtag PKI Team <pki-devel@redhat.com> 4.5.0-0.5
|
||||
* Tue Aug 07 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 4.5.0-0.5
|
||||
- Red Hat Bugzilla #1612063 - Do not override system crypto policy (support TLS 1.3)
|
||||
|
||||
* Fri Jul 20 2018 Dogtag PKI Team <pki-devel@redhat.com> 4.5.0-0.4
|
||||
* Fri Jul 20 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 4.5.0-0.4
|
||||
- Rebased to JSS 4.5.0-a4
|
||||
- Red Hat Bugzilla #1604462 - jss: FTBFS in Fedora rawhide
|
||||
|
||||
* Thu Jul 05 2018 Dogtag PKI Team <pki-devel@redhat.com> 4.5.0-0.3
|
||||
* Thu Jul 05 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 4.5.0-0.3
|
||||
- Rebased to JSS 4.5.0-a3
|
||||
|
||||
* Fri Jun 22 2018 Dogtag PKI Team <pki-devel@redhat.com> 4.5.0-0.2
|
||||
* Fri Jun 22 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 4.5.0-0.2
|
||||
- Rebased to JSS 4.5.0-a2
|
||||
|
||||
* Fri Jun 15 2018 Dogtag PKI Team <pki-devel@redhat.com> 4.5.0-0.1
|
||||
* Fri Jun 15 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 4.5.0-0.1
|
||||
- Rebased to JSS 4.5.0-a1
|
||||
|
|
|
|||
Loading…
Reference in New Issue