Merge branch 'master' into f16

Keeping softokn at 3.12.10 as we are bootstrapping the system
This commit is contained in:
Elio Maldonado 2011-11-07 08:36:10 -08:00
commit 0598777c8d
10 changed files with 854 additions and 72 deletions

2
.gitignore vendored
View File

@ -1,4 +1,4 @@
nss-3.12.10-stripped.tar.bz2 nss-3.13.1-stripped.tar.bz2
nss-pem-20101125.tar.bz2 nss-pem-20101125.tar.bz2
blank-cert8.db blank-cert8.db
blank-key3.db blank-key3.db

View File

@ -0,0 +1,21 @@
diff -up ./mozilla/security/nss/lib/ckfw/pem/pobject.c.734760 ./mozilla/security/nss/lib/ckfw/pem/pobject.c
--- ./mozilla/security/nss/lib/ckfw/pem/pobject.c.734760 2011-09-10 10:21:38.819248564 -0700
+++ ./mozilla/security/nss/lib/ckfw/pem/pobject.c 2011-09-10 10:28:47.970083785 -0700
@@ -1117,7 +1117,7 @@ pem_CreateObject
nobjs = ReadDERFromFile(&derlist, filename, PR_TRUE, &cipher, &ivstring, PR_TRUE /* certs only */);
if (nobjs < 1)
- return (NSSCKMDObject *) NULL;
+ goto loser;
objid = -1;
/* Brute force: find the id of the key, if any, in this slot */
@@ -1176,7 +1176,7 @@ pem_CreateObject
nobjs = ReadDERFromFile(&derlist, filename, PR_TRUE, &cipher, &ivstring, PR_FALSE /* keys only */);
if (nobjs < 1)
- return (NSSCKMDObject *) NULL;
+ goto loser;
certDER.len = 0; /* in case there is no equivalent cert */
certDER.data = NULL;

View File

@ -1,9 +1,11 @@
diff -up ./mozilla/security/nss/cmd/selfserv/selfserv.c.539183 ./mozilla/security/nss/cmd/selfserv/selfserv.c diff -up ./mozilla/security/nss/cmd/selfserv/selfserv.c.539183 ./mozilla/security/nss/cmd/selfserv/selfserv.c
--- ./mozilla/security/nss/cmd/selfserv/selfserv.c.539183 2011-04-27 15:24:07.922128850 -0700 --- ./mozilla/security/nss/cmd/selfserv/selfserv.c.539183 2011-10-06 10:42:06.913919000 -0700
+++ ./mozilla/security/nss/cmd/selfserv/selfserv.c 2011-04-27 15:27:11.053271675 -0700 +++ ./mozilla/security/nss/cmd/selfserv/selfserv.c 2011-10-06 10:43:14.858987000 -0700
@@ -1493,14 +1493,14 @@ getBoundListenSocket(unsigned short port @@ -1491,14 +1491,18 @@ getBoundListenSocket(unsigned short port
PRStatus prStatus;
PRNetAddr addr;
PRSocketOptionData opt; PRSocketOptionData opt;
PRUint16 socketDomain = PR_AF_INET; + PRUint16 socketDomain = PR_AF_INET;
- addr.inet.family = PR_AF_INET; - addr.inet.family = PR_AF_INET;
- addr.inet.ip = PR_INADDR_ANY; - addr.inet.ip = PR_INADDR_ANY;
@ -12,11 +14,14 @@ diff -up ./mozilla/security/nss/cmd/selfserv/selfserv.c.539183 ./mozilla/securit
+ errExit("PR_SetNetAddr"); + errExit("PR_SetNetAddr");
+ } + }
if (PR_GetEnv("NSS_USE_SDP")) { - listen_sock = PR_NewTCPSocket();
socketDomain = PR_AF_INET_SDP; + if (PR_GetEnv("NSS_USE_SDP")) {
} + socketDomain = PR_AF_INET_SDP;
- listen_sock = PR_OpenTCPSocket(socketDomain); + }
+ listen_sock = PR_OpenTCPSocket(PR_AF_INET6); + listen_sock = PR_OpenTCPSocket(PR_AF_INET6);
if (listen_sock == NULL) { if (listen_sock == NULL) {
errExit("PR_OpenTCPSocket error"); - errExit("PR_NewTCPSocket");
+ errExit("PR_OpenTCPSocket error");
} }
opt.option = PR_SockOpt_Nonblocking;

View File

@ -1,47 +0,0 @@
Index: mozilla/security/nss/lib/crmf/crmfi.h
===================================================================
RCS file: /cvsroot/mozilla/security/nss/lib/crmf/crmfi.h,v
retrieving revision 1.4
diff -u -u -r1.4 crmfi.h
--- mozilla/security/nss/lib/crmf/crmfi.h 15 Jan 2011 19:47:11 -0000 1.4
+++ mozilla/security/nss/lib/crmf/crmfi.h 11 May 2011 20:06:26 -0000
@@ -46,10 +46,38 @@
#include "secasn1.h"
#include "crmfit.h"
#include "secerr.h"
+#include "blapit.h"
#define CRMF_DEFAULT_ARENA_SIZE 1024
-#define MAX_WRAPPED_KEY_LEN 2048
+/*
+ * Explanation for the definition of MAX_WRAPPED_KEY_LEN:
+ *
+ * It's used for internal buffers to transport a wrapped private key.
+ * The value is in BYTES.
+ * We want to define a reasonable upper bound for this value.
+ * Ideally this could be calculated, but in order to simplify the code
+ * we want to estimate the maximum requires size.
+ * See also mozilla bug 655850 for the full explanation.
+ *
+ * We know the largest wrapped keys are RSA keys.
+ * We'll estimate the maximum size needed for wrapped RSA keys,
+ * and assume it's sufficient for wrapped keys of any type we support.
+ *
+ * The maximum size of RSA keys in bits is defined elsewhere as
+ * RSA_MAX_MODULUS_BITS
+ *
+ * The idea is to define MAX_WRAPPED_KEY_LEN based on the above.
+ *
+ * A wrapped RSA key requires about
+ * ( ( RSA_MAX_MODULUS_BITS / 8 ) * 5.5) + 65
+ * bytes.
+ *
+ * Therefore, a safe upper bound is:
+ * ( ( RSA_MAX_MODULUS_BITS / 8 ) *8 ) = RSA_MAX_MODULUS_BITS
+ *
+ */
+#define MAX_WRAPPED_KEY_LEN RSA_MAX_MODULUS_BITS
#define CRMF_BITS_TO_BYTES(bits) (((bits)+7)/8)
#define CRMF_BYTES_TO_BITS(bytes) ((bytes)*8)

637
nss-ckbi-1.88.rtm.patch Normal file
View File

@ -0,0 +1,637 @@
diff -up ./mozilla/security/nss/lib/ckfw/builtins/certdata.c.ckbi188 ./mozilla/security/nss/lib/ckfw/builtins/certdata.c
--- ./mozilla/security/nss/lib/ckfw/builtins/certdata.c.ckbi188 2011-11-03 16:29:17.081000000 -0700
+++ ./mozilla/security/nss/lib/ckfw/builtins/certdata.c 2011-11-03 08:11:57.000000000 -0700
@@ -35,7 +35,7 @@
*
* ***** END LICENSE BLOCK ***** */
#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile: certdata.c,v $ $Revision: 1.82 $ $Date: 2011/09/02 19:40:56 $""; @(#) $RCSfile: certdata.c,v $ $Revision: 1.82 $ $Date: 2011/09/02 19:40:56 $";
+static const char CVS_ID[] = "@(#) $RCSfile: certdata.c,v $ $Revision: 1.83 $ $Date: 2011/11/03 15:11:57 $""; @(#) $RCSfile: certdata.c,v $ $Revision: 1.83 $ $Date: 2011/11/03 15:11:57 $";
#endif /* DEBUG */
#ifndef BUILTINS_H
@@ -1075,6 +1075,18 @@ static const CK_ATTRIBUTE_TYPE nss_built
static const CK_ATTRIBUTE_TYPE nss_builtins_types_339 [] = {
CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING, CKA_TRUST_STEP_UP_APPROVED
};
+static const CK_ATTRIBUTE_TYPE nss_builtins_types_340 [] = {
+ CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
+};
+static const CK_ATTRIBUTE_TYPE nss_builtins_types_341 [] = {
+ CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING, CKA_TRUST_STEP_UP_APPROVED
+};
+static const CK_ATTRIBUTE_TYPE nss_builtins_types_342 [] = {
+ CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
+};
+static const CK_ATTRIBUTE_TYPE nss_builtins_types_343 [] = {
+ CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING, CKA_TRUST_STEP_UP_APPROVED
+};
#ifdef DEBUG
static const NSSItem nss_builtins_items_0 [] = {
{ (void *)&cko_data, (PRUint32)sizeof(CK_OBJECT_CLASS) },
@@ -1083,7 +1095,7 @@ static const NSSItem nss_builtins_items_
{ (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
{ (void *)"CVS ID", (PRUint32)7 },
{ (void *)"NSS", (PRUint32)4 },
- { (void *)"@(#) $RCSfile: certdata.c,v $ $Revision: 1.82 $ $Date: 2011/09/02 19:40:56 $""; @(#) $RCSfile: certdata.c,v $ $Revision: 1.82 $ $Date: 2011/09/02 19:40:56 $", (PRUint32)160 }
+ { (void *)"@(#) $RCSfile: certdata.c,v $ $Revision: 1.83 $ $Date: 2011/11/03 15:11:57 $""; @(#) $RCSfile: certdata.c,v $ $Revision: 1.83 $ $Date: 2011/11/03 15:11:57 $", (PRUint32)160 }
};
#endif /* DEBUG */
static const NSSItem nss_builtins_items_1 [] = {
@@ -22600,6 +22612,266 @@ static const NSSItem nss_builtins_items_
{ (void *)&ckt_nss_not_trusted, (PRUint32)sizeof(CK_TRUST) },
{ (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
};
+static const NSSItem nss_builtins_items_340 [] = {
+ { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
+ { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
+ { (void *)"Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (cyb)", (PRUint32)57 },
+ { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
+ { (void *)"\060\143\061\013\060\011\006\003\125\004\006\023\002\115\131\061"
+"\033\060\031\006\003\125\004\012\023\022\104\151\147\151\143\145"
+"\162\164\040\123\144\156\056\040\102\150\144\056\061\021\060\017"
+"\006\003\125\004\013\023\010\064\065\067\066\060\070\055\113\061"
+"\044\060\042\006\003\125\004\003\023\033\104\151\147\151\163\151"
+"\147\156\040\123\145\162\166\145\162\040\111\104\040\050\105\156"
+"\162\151\143\150\051"
+, (PRUint32)101 },
+ { (void *)"0", (PRUint32)2 },
+ { (void *)"\060\165\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
+"\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157"
+"\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125"
+"\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165"
+"\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156"
+"\143\056\061\043\060\041\006\003\125\004\003\023\032\107\124\105"
+"\040\103\171\142\145\162\124\162\165\163\164\040\107\154\157\142"
+"\141\154\040\122\157\157\164"
+, (PRUint32)119 },
+ { (void *)"\002\006\007\377\377\377\377\377"
+, (PRUint32)8 },
+ { (void *)"\060\202\003\315\060\202\003\066\240\003\002\001\002\002\006\007"
+"\377\377\377\377\377\060\015\006\011\052\206\110\206\367\015\001"
+"\001\005\005\000\060\165\061\013\060\011\006\003\125\004\006\023"
+"\002\125\123\061\030\060\026\006\003\125\004\012\023\017\107\124"
+"\105\040\103\157\162\160\157\162\141\164\151\157\156\061\047\060"
+"\045\006\003\125\004\013\023\036\107\124\105\040\103\171\142\145"
+"\162\124\162\165\163\164\040\123\157\154\165\164\151\157\156\163"
+"\054\040\111\156\143\056\061\043\060\041\006\003\125\004\003\023"
+"\032\107\124\105\040\103\171\142\145\162\124\162\165\163\164\040"
+"\107\154\157\142\141\154\040\122\157\157\164\060\036\027\015\060"
+"\067\060\067\061\067\061\065\061\067\064\071\132\027\015\061\062"
+"\060\067\061\067\061\065\061\066\065\065\132\060\143\061\013\060"
+"\011\006\003\125\004\006\023\002\115\131\061\033\060\031\006\003"
+"\125\004\012\023\022\104\151\147\151\143\145\162\164\040\123\144"
+"\156\056\040\102\150\144\056\061\021\060\017\006\003\125\004\013"
+"\023\010\064\065\067\066\060\070\055\113\061\044\060\042\006\003"
+"\125\004\003\023\033\104\151\147\151\163\151\147\156\040\123\145"
+"\162\166\145\162\040\111\104\040\050\105\156\162\151\143\150\051"
+"\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001\001"
+"\005\000\003\201\215\000\060\201\211\002\201\201\000\255\250\144"
+"\113\115\207\307\204\131\271\373\220\106\240\246\211\300\361\376"
+"\325\332\124\202\067\015\231\053\105\046\012\350\126\260\177\312"
+"\250\364\216\107\204\001\202\051\343\263\152\265\221\363\373\225"
+"\205\274\162\250\144\350\012\100\234\305\364\161\256\173\173\152"
+"\007\352\220\024\117\215\211\257\224\253\262\006\324\002\152\173"
+"\230\037\131\271\072\315\124\372\040\337\262\052\012\351\270\335"
+"\151\220\300\051\323\116\320\227\355\146\314\305\031\111\006\177"
+"\372\136\054\174\173\205\033\062\102\337\173\225\045\002\003\001"
+"\000\001\243\202\001\170\060\202\001\164\060\022\006\003\125\035"
+"\023\001\001\377\004\010\060\006\001\001\377\002\001\000\060\134"
+"\006\003\125\035\040\004\125\060\123\060\110\006\011\053\006\001"
+"\004\001\261\076\001\000\060\073\060\071\006\010\053\006\001\005"
+"\005\007\002\001\026\055\150\164\164\160\072\057\057\143\171\142"
+"\145\162\164\162\165\163\164\056\157\155\156\151\162\157\157\164"
+"\056\143\157\155\057\162\145\160\157\163\151\164\157\162\171\056"
+"\143\146\155\060\007\006\005\140\203\112\001\001\060\016\006\003"
+"\125\035\017\001\001\377\004\004\003\002\001\346\060\201\211\006"
+"\003\125\035\043\004\201\201\060\177\241\171\244\167\060\165\061"
+"\013\060\011\006\003\125\004\006\023\002\125\123\061\030\060\026"
+"\006\003\125\004\012\023\017\107\124\105\040\103\157\162\160\157"
+"\162\141\164\151\157\156\061\047\060\045\006\003\125\004\013\023"
+"\036\107\124\105\040\103\171\142\145\162\124\162\165\163\164\040"
+"\123\157\154\165\164\151\157\156\163\054\040\111\156\143\056\061"
+"\043\060\041\006\003\125\004\003\023\032\107\124\105\040\103\171"
+"\142\145\162\124\162\165\163\164\040\107\154\157\142\141\154\040"
+"\122\157\157\164\202\002\001\245\060\105\006\003\125\035\037\004"
+"\076\060\074\060\072\240\070\240\066\206\064\150\164\164\160\072"
+"\057\057\167\167\167\056\160\165\142\154\151\143\055\164\162\165"
+"\163\164\056\143\157\155\057\143\147\151\055\142\151\156\057\103"
+"\122\114\057\062\060\061\070\057\143\144\160\056\143\162\154\060"
+"\035\006\003\125\035\016\004\026\004\024\306\026\223\116\026\027"
+"\354\026\256\214\224\166\363\206\155\305\164\156\204\167\060\015"
+"\006\011\052\206\110\206\367\015\001\001\005\005\000\003\201\201"
+"\000\166\000\173\246\170\053\146\035\216\136\066\306\244\216\005"
+"\362\043\222\174\223\147\323\364\300\012\175\213\055\331\352\325"
+"\157\032\363\341\112\051\132\042\204\115\120\057\113\014\362\377"
+"\205\302\173\125\324\104\202\276\155\254\147\216\274\264\037\222"
+"\234\121\200\032\024\366\156\253\141\210\013\255\034\177\367\113"
+"\120\121\326\145\033\246\107\161\025\136\260\161\363\065\024\362"
+"\067\275\143\310\325\360\223\132\064\137\330\075\350\135\367\305"
+"\036\300\345\317\037\206\044\251\074\007\146\315\301\322\066\143"
+"\131"
+, (PRUint32)977 }
+};
+static const NSSItem nss_builtins_items_341 [] = {
+ { (void *)&cko_nss_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
+ { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
+ { (void *)"Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (cyb)", (PRUint32)57 },
+ { (void *)"\125\120\257\354\277\350\303\255\304\013\343\255\014\247\344\025"
+"\214\071\131\117"
+, (PRUint32)20 },
+ { (void *)"\322\336\256\120\244\230\055\157\067\267\206\122\310\055\113\152"
+, (PRUint32)16 },
+ { (void *)"\060\165\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
+"\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157"
+"\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125"
+"\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165"
+"\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156"
+"\143\056\061\043\060\041\006\003\125\004\003\023\032\107\124\105"
+"\040\103\171\142\145\162\124\162\165\163\164\040\107\154\157\142"
+"\141\154\040\122\157\157\164"
+, (PRUint32)119 },
+ { (void *)"\002\006\007\377\377\377\377\377"
+, (PRUint32)8 },
+ { (void *)&ckt_nss_not_trusted, (PRUint32)sizeof(CK_TRUST) },
+ { (void *)&ckt_nss_not_trusted, (PRUint32)sizeof(CK_TRUST) },
+ { (void *)&ckt_nss_not_trusted, (PRUint32)sizeof(CK_TRUST) },
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
+};
+static const NSSItem nss_builtins_items_342 [] = {
+ { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
+ { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
+ { (void *)"Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (en)", (PRUint32)56 },
+ { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
+ { (void *)"\060\145\061\013\060\011\006\003\125\004\006\023\002\115\131\061"
+"\033\060\031\006\003\125\004\012\023\022\104\151\147\151\143\145"
+"\162\164\040\123\144\156\056\040\102\150\144\056\061\021\060\017"
+"\006\003\125\004\013\023\010\064\065\067\066\060\070\055\113\061"
+"\046\060\044\006\003\125\004\003\023\035\104\151\147\151\163\151"
+"\147\156\040\123\145\162\166\145\162\040\111\104\040\055\040\050"
+"\105\156\162\151\143\150\051"
+, (PRUint32)103 },
+ { (void *)"0", (PRUint32)2 },
+ { (void *)"\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156"
+"\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125"
+"\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056"
+"\156\145\164\057\103\120\123\137\062\060\064\070\040\151\156\143"
+"\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151"
+"\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006"
+"\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105"
+"\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164"
+"\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164"
+"\162\165\163\164\056\156\145\164\040\103\145\162\164\151\146\151"
+"\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171"
+"\040\050\062\060\064\070\051"
+, (PRUint32)183 },
+ { (void *)"\002\006\007\377\377\377\377\377"
+, (PRUint32)8 },
+ { (void *)"\060\202\004\320\060\202\003\270\240\003\002\001\002\002\006\007"
+"\377\377\377\377\377\060\015\006\011\052\206\110\206\367\015\001"
+"\001\005\005\000\060\201\264\061\024\060\022\006\003\125\004\012"
+"\023\013\105\156\164\162\165\163\164\056\156\145\164\061\100\060"
+"\076\006\003\125\004\013\024\067\167\167\167\056\145\156\164\162"
+"\165\163\164\056\156\145\164\057\103\120\123\137\062\060\064\070"
+"\040\151\156\143\157\162\160\056\040\142\171\040\162\145\146\056"
+"\040\050\154\151\155\151\164\163\040\154\151\141\142\056\051\061"
+"\045\060\043\006\003\125\004\013\023\034\050\143\051\040\061\071"
+"\071\071\040\105\156\164\162\165\163\164\056\156\145\164\040\114"
+"\151\155\151\164\145\144\061\063\060\061\006\003\125\004\003\023"
+"\052\105\156\164\162\165\163\164\056\156\145\164\040\103\145\162"
+"\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157"
+"\162\151\164\171\040\050\062\060\064\070\051\060\036\027\015\061"
+"\060\060\067\061\066\061\067\062\063\063\070\132\027\015\061\065"
+"\060\067\061\066\061\067\065\063\063\070\132\060\145\061\013\060"
+"\011\006\003\125\004\006\023\002\115\131\061\033\060\031\006\003"
+"\125\004\012\023\022\104\151\147\151\143\145\162\164\040\123\144"
+"\156\056\040\102\150\144\056\061\021\060\017\006\003\125\004\013"
+"\023\010\064\065\067\066\060\070\055\113\061\046\060\044\006\003"
+"\125\004\003\023\035\104\151\147\151\163\151\147\156\040\123\145"
+"\162\166\145\162\040\111\104\040\055\040\050\105\156\162\151\143"
+"\150\051\060\202\001\042\060\015\006\011\052\206\110\206\367\015"
+"\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202"
+"\001\001\000\305\211\344\364\015\006\100\222\131\307\032\263\065"
+"\321\016\114\052\063\371\370\257\312\236\177\356\271\247\155\140"
+"\364\124\350\157\325\233\363\033\143\061\004\150\162\321\064\026"
+"\214\264\027\054\227\336\163\305\330\220\025\240\032\053\365\313"
+"\263\110\206\104\360\035\210\114\316\101\102\032\357\365\014\336"
+"\376\100\332\071\040\367\006\125\072\152\235\106\301\322\157\245"
+"\262\310\127\076\051\243\234\340\351\205\167\146\350\230\247\044"
+"\176\276\300\131\040\345\104\157\266\127\330\276\316\302\145\167"
+"\130\306\141\101\321\164\004\310\177\111\102\305\162\251\162\026"
+"\356\214\335\022\135\264\112\324\321\257\120\267\330\252\165\166"
+"\150\255\076\135\252\060\155\141\250\253\020\133\076\023\277\063"
+"\340\257\104\235\070\042\133\357\114\057\246\161\046\025\046\312"
+"\050\214\331\372\216\216\251\242\024\065\342\233\044\210\264\364"
+"\177\205\235\203\117\007\241\266\024\220\066\304\064\034\215\046"
+"\141\155\023\157\170\276\350\217\047\307\113\204\226\243\206\150"
+"\014\043\276\013\354\214\224\000\251\004\212\023\220\367\337\205"
+"\154\014\261\002\003\001\000\001\243\202\001\064\060\202\001\060"
+"\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001\006"
+"\060\022\006\003\125\035\023\001\001\377\004\010\060\006\001\001"
+"\377\002\001\000\060\047\006\003\125\035\045\004\040\060\036\006"
+"\010\053\006\001\005\005\007\003\001\006\010\053\006\001\005\005"
+"\007\003\002\006\010\053\006\001\005\005\007\003\004\060\063\006"
+"\010\053\006\001\005\005\007\001\001\004\047\060\045\060\043\006"
+"\010\053\006\001\005\005\007\060\001\206\027\150\164\164\160\072"
+"\057\057\157\143\163\160\056\145\156\164\162\165\163\164\056\156"
+"\145\164\060\104\006\003\125\035\040\004\075\060\073\060\071\006"
+"\005\140\203\112\001\001\060\060\060\056\006\010\053\006\001\005"
+"\005\007\002\001\026\042\150\164\164\160\072\057\057\167\167\167"
+"\056\144\151\147\151\143\145\162\164\056\143\157\155\056\155\171"
+"\057\143\160\163\056\150\164\155\060\062\006\003\125\035\037\004"
+"\053\060\051\060\047\240\045\240\043\206\041\150\164\164\160\072"
+"\057\057\143\162\154\056\145\156\164\162\165\163\164\056\156\145"
+"\164\057\062\060\064\070\143\141\056\143\162\154\060\021\006\003"
+"\125\035\016\004\012\004\010\114\116\314\045\050\003\051\201\060"
+"\037\006\003\125\035\043\004\030\060\026\200\024\125\344\201\321"
+"\021\200\276\330\211\271\010\243\061\371\241\044\011\026\271\160"
+"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003"
+"\202\001\001\000\227\114\357\112\072\111\254\162\374\060\040\153"
+"\264\051\133\247\305\225\004\220\371\062\325\302\205\152\336\003"
+"\241\067\371\211\000\260\132\254\125\176\333\103\065\377\311\001"
+"\370\121\276\314\046\312\310\152\244\304\124\076\046\036\347\014"
+"\243\315\227\147\224\335\246\102\353\134\315\217\071\171\153\063"
+"\171\041\006\171\372\202\104\025\231\314\301\267\071\323\106\142"
+"\174\262\160\353\157\316\040\252\076\031\267\351\164\202\234\264"
+"\245\113\115\141\000\067\344\207\322\362\024\072\144\174\270\251"
+"\173\141\340\223\042\347\325\237\076\107\346\066\166\240\123\330"
+"\000\003\072\017\265\063\376\226\312\323\322\202\072\056\335\327"
+"\110\341\344\247\151\314\034\351\231\112\347\312\160\105\327\013"
+"\007\016\232\165\033\320\057\222\157\366\244\007\303\275\034\113"
+"\246\204\266\175\250\232\251\322\247\051\361\013\127\151\036\227"
+"\127\046\354\053\103\254\324\105\203\005\000\351\343\360\106\100"
+"\007\372\352\261\121\163\223\034\245\335\123\021\067\310\052\247"
+"\025\047\035\264\252\314\177\252\061\060\374\270\105\237\110\011"
+"\355\020\342\305"
+, (PRUint32)1236 }
+};
+static const NSSItem nss_builtins_items_343 [] = {
+ { (void *)&cko_nss_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
+ { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
+ { (void *)"Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (en)", (PRUint32)56 },
+ { (void *)"\153\074\073\200\255\312\246\272\212\237\124\246\172\355\022\151"
+"\005\155\061\046"
+, (PRUint32)20 },
+ { (void *)"\327\151\141\177\065\017\234\106\243\252\353\370\125\374\204\362"
+, (PRUint32)16 },
+ { (void *)"\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156"
+"\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125"
+"\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056"
+"\156\145\164\057\103\120\123\137\062\060\064\070\040\151\156\143"
+"\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151"
+"\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006"
+"\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105"
+"\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164"
+"\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164"
+"\162\165\163\164\056\156\145\164\040\103\145\162\164\151\146\151"
+"\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171"
+"\040\050\062\060\064\070\051"
+, (PRUint32)183 },
+ { (void *)"\002\006\007\377\377\377\377\377"
+, (PRUint32)8 },
+ { (void *)&ckt_nss_not_trusted, (PRUint32)sizeof(CK_TRUST) },
+ { (void *)&ckt_nss_not_trusted, (PRUint32)sizeof(CK_TRUST) },
+ { (void *)&ckt_nss_not_trusted, (PRUint32)sizeof(CK_TRUST) },
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
+};
builtinsInternalObject
nss_builtins_data[] = {
@@ -22944,11 +23216,15 @@ nss_builtins_data[] = {
{ 11, nss_builtins_types_336, nss_builtins_items_336, {NULL} },
{ 13, nss_builtins_types_337, nss_builtins_items_337, {NULL} },
{ 11, nss_builtins_types_338, nss_builtins_items_338, {NULL} },
- { 13, nss_builtins_types_339, nss_builtins_items_339, {NULL} }
+ { 13, nss_builtins_types_339, nss_builtins_items_339, {NULL} },
+ { 11, nss_builtins_types_340, nss_builtins_items_340, {NULL} },
+ { 13, nss_builtins_types_341, nss_builtins_items_341, {NULL} },
+ { 11, nss_builtins_types_342, nss_builtins_items_342, {NULL} },
+ { 13, nss_builtins_types_343, nss_builtins_items_343, {NULL} }
};
const PRUint32
#ifdef DEBUG
- nss_builtins_nObjects = 339+1;
+ nss_builtins_nObjects = 343+1;
#else
- nss_builtins_nObjects = 339;
+ nss_builtins_nObjects = 343;
#endif /* DEBUG */
diff -up ./mozilla/security/nss/lib/ckfw/builtins/certdata.txt.ckbi188 ./mozilla/security/nss/lib/ckfw/builtins/certdata.txt
--- ./mozilla/security/nss/lib/ckfw/builtins/certdata.txt.ckbi188 2011-11-03 16:29:42.293000000 -0700
+++ ./mozilla/security/nss/lib/ckfw/builtins/certdata.txt 2011-11-03 08:11:58.000000000 -0700
@@ -34,7 +34,7 @@
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
-CVS_ID "@(#) $RCSfile: certdata.txt,v $ $Revision: 1.79 $ $Date: 2011/09/02 19:40:56 $"
+CVS_ID "@(#) $RCSfile: certdata.txt,v $ $Revision: 1.80 $ $Date: 2011/11/03 15:11:58 $"
#
# certdata.txt
@@ -23299,3 +23299,284 @@ CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_N
CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (cyb)"
+#
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (cyb)"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\143\061\013\060\011\006\003\125\004\006\023\002\115\131\061
+\033\060\031\006\003\125\004\012\023\022\104\151\147\151\143\145
+\162\164\040\123\144\156\056\040\102\150\144\056\061\021\060\017
+\006\003\125\004\013\023\010\064\065\067\066\060\070\055\113\061
+\044\060\042\006\003\125\004\003\023\033\104\151\147\151\163\151
+\147\156\040\123\145\162\166\145\162\040\111\104\040\050\105\156
+\162\151\143\150\051
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\165\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157
+\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125
+\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165
+\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156
+\143\056\061\043\060\041\006\003\125\004\003\023\032\107\124\105
+\040\103\171\142\145\162\124\162\165\163\164\040\107\154\157\142
+\141\154\040\122\157\157\164
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\006\007\377\377\377\377\377
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\003\315\060\202\003\066\240\003\002\001\002\002\006\007
+\377\377\377\377\377\060\015\006\011\052\206\110\206\367\015\001
+\001\005\005\000\060\165\061\013\060\011\006\003\125\004\006\023
+\002\125\123\061\030\060\026\006\003\125\004\012\023\017\107\124
+\105\040\103\157\162\160\157\162\141\164\151\157\156\061\047\060
+\045\006\003\125\004\013\023\036\107\124\105\040\103\171\142\145
+\162\124\162\165\163\164\040\123\157\154\165\164\151\157\156\163
+\054\040\111\156\143\056\061\043\060\041\006\003\125\004\003\023
+\032\107\124\105\040\103\171\142\145\162\124\162\165\163\164\040
+\107\154\157\142\141\154\040\122\157\157\164\060\036\027\015\060
+\067\060\067\061\067\061\065\061\067\064\071\132\027\015\061\062
+\060\067\061\067\061\065\061\066\065\065\132\060\143\061\013\060
+\011\006\003\125\004\006\023\002\115\131\061\033\060\031\006\003
+\125\004\012\023\022\104\151\147\151\143\145\162\164\040\123\144
+\156\056\040\102\150\144\056\061\021\060\017\006\003\125\004\013
+\023\010\064\065\067\066\060\070\055\113\061\044\060\042\006\003
+\125\004\003\023\033\104\151\147\151\163\151\147\156\040\123\145
+\162\166\145\162\040\111\104\040\050\105\156\162\151\143\150\051
+\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001\001
+\005\000\003\201\215\000\060\201\211\002\201\201\000\255\250\144
+\113\115\207\307\204\131\271\373\220\106\240\246\211\300\361\376
+\325\332\124\202\067\015\231\053\105\046\012\350\126\260\177\312
+\250\364\216\107\204\001\202\051\343\263\152\265\221\363\373\225
+\205\274\162\250\144\350\012\100\234\305\364\161\256\173\173\152
+\007\352\220\024\117\215\211\257\224\253\262\006\324\002\152\173
+\230\037\131\271\072\315\124\372\040\337\262\052\012\351\270\335
+\151\220\300\051\323\116\320\227\355\146\314\305\031\111\006\177
+\372\136\054\174\173\205\033\062\102\337\173\225\045\002\003\001
+\000\001\243\202\001\170\060\202\001\164\060\022\006\003\125\035
+\023\001\001\377\004\010\060\006\001\001\377\002\001\000\060\134
+\006\003\125\035\040\004\125\060\123\060\110\006\011\053\006\001
+\004\001\261\076\001\000\060\073\060\071\006\010\053\006\001\005
+\005\007\002\001\026\055\150\164\164\160\072\057\057\143\171\142
+\145\162\164\162\165\163\164\056\157\155\156\151\162\157\157\164
+\056\143\157\155\057\162\145\160\157\163\151\164\157\162\171\056
+\143\146\155\060\007\006\005\140\203\112\001\001\060\016\006\003
+\125\035\017\001\001\377\004\004\003\002\001\346\060\201\211\006
+\003\125\035\043\004\201\201\060\177\241\171\244\167\060\165\061
+\013\060\011\006\003\125\004\006\023\002\125\123\061\030\060\026
+\006\003\125\004\012\023\017\107\124\105\040\103\157\162\160\157
+\162\141\164\151\157\156\061\047\060\045\006\003\125\004\013\023
+\036\107\124\105\040\103\171\142\145\162\124\162\165\163\164\040
+\123\157\154\165\164\151\157\156\163\054\040\111\156\143\056\061
+\043\060\041\006\003\125\004\003\023\032\107\124\105\040\103\171
+\142\145\162\124\162\165\163\164\040\107\154\157\142\141\154\040
+\122\157\157\164\202\002\001\245\060\105\006\003\125\035\037\004
+\076\060\074\060\072\240\070\240\066\206\064\150\164\164\160\072
+\057\057\167\167\167\056\160\165\142\154\151\143\055\164\162\165
+\163\164\056\143\157\155\057\143\147\151\055\142\151\156\057\103
+\122\114\057\062\060\061\070\057\143\144\160\056\143\162\154\060
+\035\006\003\125\035\016\004\026\004\024\306\026\223\116\026\027
+\354\026\256\214\224\166\363\206\155\305\164\156\204\167\060\015
+\006\011\052\206\110\206\367\015\001\001\005\005\000\003\201\201
+\000\166\000\173\246\170\053\146\035\216\136\066\306\244\216\005
+\362\043\222\174\223\147\323\364\300\012\175\213\055\331\352\325
+\157\032\363\341\112\051\132\042\204\115\120\057\113\014\362\377
+\205\302\173\125\324\104\202\276\155\254\147\216\274\264\037\222
+\234\121\200\032\024\366\156\253\141\210\013\255\034\177\367\113
+\120\121\326\145\033\246\107\161\025\136\260\161\363\065\024\362
+\067\275\143\310\325\360\223\132\064\137\330\075\350\135\367\305
+\036\300\345\317\037\206\044\251\074\007\146\315\301\322\066\143
+\131
+END
+
+# Trust for Certificate "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (cyb)"
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (cyb)"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\125\120\257\354\277\350\303\255\304\013\343\255\014\247\344\025
+\214\071\131\117
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\322\336\256\120\244\230\055\157\067\267\206\122\310\055\113\152
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\165\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157
+\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125
+\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165
+\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156
+\143\056\061\043\060\041\006\003\125\004\003\023\032\107\124\105
+\040\103\171\142\145\162\124\162\165\163\164\040\107\154\157\142
+\141\154\040\122\157\157\164
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\006\007\377\377\377\377\377
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (en)"
+#
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (en)"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\145\061\013\060\011\006\003\125\004\006\023\002\115\131\061
+\033\060\031\006\003\125\004\012\023\022\104\151\147\151\143\145
+\162\164\040\123\144\156\056\040\102\150\144\056\061\021\060\017
+\006\003\125\004\013\023\010\064\065\067\066\060\070\055\113\061
+\046\060\044\006\003\125\004\003\023\035\104\151\147\151\163\151
+\147\156\040\123\145\162\166\145\162\040\111\104\040\055\040\050
+\105\156\162\151\143\150\051
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156
+\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125
+\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056
+\156\145\164\057\103\120\123\137\062\060\064\070\040\151\156\143
+\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151
+\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006
+\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105
+\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164
+\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164
+\162\165\163\164\056\156\145\164\040\103\145\162\164\151\146\151
+\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
+\040\050\062\060\064\070\051
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\006\007\377\377\377\377\377
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\004\320\060\202\003\270\240\003\002\001\002\002\006\007
+\377\377\377\377\377\060\015\006\011\052\206\110\206\367\015\001
+\001\005\005\000\060\201\264\061\024\060\022\006\003\125\004\012
+\023\013\105\156\164\162\165\163\164\056\156\145\164\061\100\060
+\076\006\003\125\004\013\024\067\167\167\167\056\145\156\164\162
+\165\163\164\056\156\145\164\057\103\120\123\137\062\060\064\070
+\040\151\156\143\157\162\160\056\040\142\171\040\162\145\146\056
+\040\050\154\151\155\151\164\163\040\154\151\141\142\056\051\061
+\045\060\043\006\003\125\004\013\023\034\050\143\051\040\061\071
+\071\071\040\105\156\164\162\165\163\164\056\156\145\164\040\114
+\151\155\151\164\145\144\061\063\060\061\006\003\125\004\003\023
+\052\105\156\164\162\165\163\164\056\156\145\164\040\103\145\162
+\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157
+\162\151\164\171\040\050\062\060\064\070\051\060\036\027\015\061
+\060\060\067\061\066\061\067\062\063\063\070\132\027\015\061\065
+\060\067\061\066\061\067\065\063\063\070\132\060\145\061\013\060
+\011\006\003\125\004\006\023\002\115\131\061\033\060\031\006\003
+\125\004\012\023\022\104\151\147\151\143\145\162\164\040\123\144
+\156\056\040\102\150\144\056\061\021\060\017\006\003\125\004\013
+\023\010\064\065\067\066\060\070\055\113\061\046\060\044\006\003
+\125\004\003\023\035\104\151\147\151\163\151\147\156\040\123\145
+\162\166\145\162\040\111\104\040\055\040\050\105\156\162\151\143
+\150\051\060\202\001\042\060\015\006\011\052\206\110\206\367\015
+\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202
+\001\001\000\305\211\344\364\015\006\100\222\131\307\032\263\065
+\321\016\114\052\063\371\370\257\312\236\177\356\271\247\155\140
+\364\124\350\157\325\233\363\033\143\061\004\150\162\321\064\026
+\214\264\027\054\227\336\163\305\330\220\025\240\032\053\365\313
+\263\110\206\104\360\035\210\114\316\101\102\032\357\365\014\336
+\376\100\332\071\040\367\006\125\072\152\235\106\301\322\157\245
+\262\310\127\076\051\243\234\340\351\205\167\146\350\230\247\044
+\176\276\300\131\040\345\104\157\266\127\330\276\316\302\145\167
+\130\306\141\101\321\164\004\310\177\111\102\305\162\251\162\026
+\356\214\335\022\135\264\112\324\321\257\120\267\330\252\165\166
+\150\255\076\135\252\060\155\141\250\253\020\133\076\023\277\063
+\340\257\104\235\070\042\133\357\114\057\246\161\046\025\046\312
+\050\214\331\372\216\216\251\242\024\065\342\233\044\210\264\364
+\177\205\235\203\117\007\241\266\024\220\066\304\064\034\215\046
+\141\155\023\157\170\276\350\217\047\307\113\204\226\243\206\150
+\014\043\276\013\354\214\224\000\251\004\212\023\220\367\337\205
+\154\014\261\002\003\001\000\001\243\202\001\064\060\202\001\060
+\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001\006
+\060\022\006\003\125\035\023\001\001\377\004\010\060\006\001\001
+\377\002\001\000\060\047\006\003\125\035\045\004\040\060\036\006
+\010\053\006\001\005\005\007\003\001\006\010\053\006\001\005\005
+\007\003\002\006\010\053\006\001\005\005\007\003\004\060\063\006
+\010\053\006\001\005\005\007\001\001\004\047\060\045\060\043\006
+\010\053\006\001\005\005\007\060\001\206\027\150\164\164\160\072
+\057\057\157\143\163\160\056\145\156\164\162\165\163\164\056\156
+\145\164\060\104\006\003\125\035\040\004\075\060\073\060\071\006
+\005\140\203\112\001\001\060\060\060\056\006\010\053\006\001\005
+\005\007\002\001\026\042\150\164\164\160\072\057\057\167\167\167
+\056\144\151\147\151\143\145\162\164\056\143\157\155\056\155\171
+\057\143\160\163\056\150\164\155\060\062\006\003\125\035\037\004
+\053\060\051\060\047\240\045\240\043\206\041\150\164\164\160\072
+\057\057\143\162\154\056\145\156\164\162\165\163\164\056\156\145
+\164\057\062\060\064\070\143\141\056\143\162\154\060\021\006\003
+\125\035\016\004\012\004\010\114\116\314\045\050\003\051\201\060
+\037\006\003\125\035\043\004\030\060\026\200\024\125\344\201\321
+\021\200\276\330\211\271\010\243\061\371\241\044\011\026\271\160
+\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003
+\202\001\001\000\227\114\357\112\072\111\254\162\374\060\040\153
+\264\051\133\247\305\225\004\220\371\062\325\302\205\152\336\003
+\241\067\371\211\000\260\132\254\125\176\333\103\065\377\311\001
+\370\121\276\314\046\312\310\152\244\304\124\076\046\036\347\014
+\243\315\227\147\224\335\246\102\353\134\315\217\071\171\153\063
+\171\041\006\171\372\202\104\025\231\314\301\267\071\323\106\142
+\174\262\160\353\157\316\040\252\076\031\267\351\164\202\234\264
+\245\113\115\141\000\067\344\207\322\362\024\072\144\174\270\251
+\173\141\340\223\042\347\325\237\076\107\346\066\166\240\123\330
+\000\003\072\017\265\063\376\226\312\323\322\202\072\056\335\327
+\110\341\344\247\151\314\034\351\231\112\347\312\160\105\327\013
+\007\016\232\165\033\320\057\222\157\366\244\007\303\275\034\113
+\246\204\266\175\250\232\251\322\247\051\361\013\127\151\036\227
+\127\046\354\053\103\254\324\105\203\005\000\351\343\360\106\100
+\007\372\352\261\121\163\223\034\245\335\123\021\067\310\052\247
+\025\047\035\264\252\314\177\252\061\060\374\270\105\237\110\011
+\355\020\342\305
+END
+
+# Trust for Certificate "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (en)"
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Explicitly Distrusted Malaysian Digicert Sdn. Bhd. (en)"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\153\074\073\200\255\312\246\272\212\237\124\246\172\355\022\151
+\005\155\061\046
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\327\151\141\177\065\017\234\106\243\252\353\370\125\374\204\362
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156
+\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125
+\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056
+\156\145\164\057\103\120\123\137\062\060\064\070\040\151\156\143
+\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151
+\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006
+\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105
+\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164
+\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164
+\162\165\163\164\056\156\145\164\040\103\145\162\164\151\146\151
+\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
+\040\050\062\060\064\070\051
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\006\007\377\377\377\377\377
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
diff -up ./mozilla/security/nss/lib/ckfw/builtins/nssckbi.h.ckbi188 ./mozilla/security/nss/lib/ckfw/builtins/nssckbi.h
--- ./mozilla/security/nss/lib/ckfw/builtins/nssckbi.h.ckbi188 2011-11-03 16:30:05.063000000 -0700
+++ ./mozilla/security/nss/lib/ckfw/builtins/nssckbi.h 2011-11-03 08:11:58.000000000 -0700
@@ -77,8 +77,8 @@
* of the comment in the CK_VERSION type definition.
*/
#define NSS_BUILTINS_LIBRARY_VERSION_MAJOR 1
-#define NSS_BUILTINS_LIBRARY_VERSION_MINOR 87
-#define NSS_BUILTINS_LIBRARY_VERSION "1.87"
+#define NSS_BUILTINS_LIBRARY_VERSION_MINOR 88
+#define NSS_BUILTINS_LIBRARY_VERSION "1.88"
/* These version numbers detail the semantic changes to the ckfw engine. */
#define NSS_BUILTINS_HARDWARE_VERSION_MAJOR 1

View File

@ -1,12 +1,12 @@
%global nspr_version 4.8.8 %global nspr_version 4.8.9
%global nss_util_version 3.12.10 %global nss_util_version 3.13.1
%global nss_softokn_version 3.12.10 %global nss_softokn_version 3.12.10
%global unsupported_tools_directory %{_libdir}/nss/unsupported-tools %global unsupported_tools_directory %{_libdir}/nss/unsupported-tools
Summary: Network Security Services Summary: Network Security Services
Name: nss Name: nss
Version: 3.12.10 Version: 3.13.1
Release: 7%{?dist} Release: 2%{?dist}
License: MPLv1.1 or GPLv2+ or LGPLv2+ License: MPLv1.1 or GPLv2+ or LGPLv2+
URL: http://www.mozilla.org/projects/security/pki/nss/ URL: http://www.mozilla.org/projects/security/pki/nss/
Group: System Environment/Libraries Group: System Environment/Libraries
@ -55,9 +55,12 @@ Patch6: nss-enable-pem.patch
Patch7: nsspem-642433.patch Patch7: nsspem-642433.patch
Patch8: 0001-Bug-695011-PEM-logging.patch Patch8: 0001-Bug-695011-PEM-logging.patch
Patch16: nss-539183.patch Patch16: nss-539183.patch
Patch17: nss-703658.patch
Patch18: nss-646045.patch Patch18: nss-646045.patch
Patch19: builtins-nssckbi_1_87_rtm.patch Patch20: nsspem-createobject-initialize-pointer.patch
Patch21: 0001-libnsspem-rhbz-734760.patch
Patch22: nsspem-init-inform-not-thread-safe.patch
Patch23: nss-ckbi-1.88.rtm.patch
%description %description
Network Security Services (NSS) is a set of libraries designed to Network Security Services (NSS) is a set of libraries designed to
@ -133,9 +136,11 @@ low level services.
%patch7 -p0 -b .642433 %patch7 -p0 -b .642433
%patch8 -p1 -b .695011 %patch8 -p1 -b .695011
%patch16 -p0 -b .539183 %patch16 -p0 -b .539183
%patch17 -p0 -b .703658
%patch18 -p0 -b .646045 %patch18 -p0 -b .646045
%patch19 -p0 -b .ckbi187 %patch20 -p1 -b .717338
%patch21 -p1 -b .734760
%patch22 -p0 -b .736410
%patch23 -p0 -b .ckbi188
%build %build
@ -546,9 +551,30 @@ rm -rf $RPM_BUILD_ROOT/%{_includedir}/nss3/nsslowhash.h
%changelog %changelog
* Tue Sep 06 2011 Kai Engert <kaie@redhat.com> - 3.12.10-7 * Fri Nov 04 2011 Elio Maldonado <emaldona@redhat.com> - 3.13.1-2
- Fix broken dependencies by updating the nss-util and nss-softokn versions
* Thu Nov 03 2011 Elio Maldonado <emaldona@redhat.com> - 3.13.1-1
- Update to NSS_3_13_1_RTM
- Update builtin certs to those from NSSCKBI_1_88_RTM
* Sat Oct 15 2011 Elio Maldonado <emaldona@redhat.com> - 3.13-1
- Update to NSS_3_13_RTM
* Sat Oct 08 2011 Elio Maldonado <emaldona@redhat.com> - 3.13-0.1.rc0.1
- Update to NSS_3_13_RC0
* Wed Sep 14 2011 Elio Maldonado <emaldona@redhat.com> - 3.12.11-3
- Fix attempt to free initilized pointer (#717338)
- Fix leak on pem_CreateObject when given non-existing file name (#734760)
- Fix pem_Initialize to return CKR_CANT_LOCK on multi-treaded calls (#736410)
* Tue Sep 06 2011 Kai Engert <kaie@redhat.com> - 3.12.11-2
- Update builtins certs to those from NSSCKBI_1_87_RTM - Update builtins certs to those from NSSCKBI_1_87_RTM
* Tue Aug 09 2011 Elio Maldonado <emaldona@redhat.com> - 3.12.11-1
- Update to NSS_3_12_11_RTM
* Sat Jul 23 2011 Elio Maldonado <emaldona@redhat.com> - 3.12.10-6 * Sat Jul 23 2011 Elio Maldonado <emaldona@redhat.com> - 3.12.10-6
- Indicate the provenance of stripped source tarball (#688015) - Indicate the provenance of stripped source tarball (#688015)

View File

@ -0,0 +1,11 @@
diff -up ./mozilla/security/nss/lib/ckfw/pem/pobject.c.717338 ./mozilla/security/nss/lib/ckfw/pem/pobject.c
--- ./mozilla/security/nss/lib/ckfw/pem/pobject.c.717338 2010-11-25 10:49:27.000000000 -0800
+++ ./mozilla/security/nss/lib/ckfw/pem/pobject.c 2011-09-10 10:16:58.752726964 -0700
@@ -1179,6 +1179,7 @@ pem_CreateObject
return (NSSCKMDObject *) NULL;
certDER.len = 0; /* in case there is no equivalent cert */
+ certDER.data = NULL;
objid = -1;
for (i = 0; i < pem_nobjs; i++) {

View File

@ -0,0 +1,129 @@
--- mozilla/security/nss/lib/ckfw/pem/pinst.c.736410 2010-11-25 11:51:52.000000000 -0800
+++ mozilla/security/nss/lib/ckfw/pem/pinst.c 2011-09-13 16:59:49.325215540 -0700
@@ -364,39 +364,37 @@ AddObjectIfNeeded(CK_OBJECT_CLASS objCla
size += PEM_ITEM_CHUNK;
}
gobj[count] = io;
count++;
pem_nobjs++;
io->refCount ++;
return io;
}
CK_RV
AddCertificate(char *certfile, char *keyfile, PRBool cacert,
CK_SLOT_ID slotID)
{
pemInternalObject *o;
- SECItem certDER;
CK_RV error = 0;
int objid, i;
int nobjs = 0;
SECItem **objs = NULL;
char *ivstring = NULL;
int cipher;
- certDER.data = NULL;
nobjs = ReadDERFromFile(&objs, certfile, PR_TRUE, &cipher, &ivstring, PR_TRUE /* certs only */);
if (nobjs <= 0) {
nss_ZFreeIf(objs);
return CKR_GENERAL_ERROR;
}
/* For now load as many certs as are in the file for CAs only */
if (cacert) {
for (i = 0; i < nobjs; i++) {
char nickname[1024];
objid = pem_nobjs + 1;
snprintf(nickname, 1024, "%s - %d", certfile, i);
o = AddObjectIfNeeded(CKO_CERTIFICATE, pemCert, objs[i], NULL,
@@ -456,72 +454,76 @@ AddCertificate(char *certfile, char *key
loser:
nss_ZFreeIf(objs);
nss_ZFreeIf(o);
return error;
}
CK_RV
pem_Initialize
(
NSSCKMDInstance * mdInstance,
NSSCKFWInstance * fwInstance,
NSSUTF8 * configurationData
)
{
CK_RV rv;
- /* parse the initialization string and initialize CRLInstances */
+ /* parse the initialization string */
char **certstrings = NULL;
+ char *modparms = NULL;
PRInt32 numcerts = 0;
PRBool status, error = PR_FALSE;
int i;
+ CK_C_INITIALIZE_ARGS_PTR modArgs = NULL;
+
+ if (!fwInstance) return CKR_ARGUMENTS_BAD;
+
+ modArgs = NSSCKFWInstance_GetInitArgs(fwInstance);
+ if (modArgs &&
+ ((modArgs->flags & CKF_OS_LOCKING_OK) || (modArgs->CreateMutex != 0))) {
+ return CKR_CANT_LOCK;
+ }
if (pemInitialized) {
return CKR_OK;
}
+
RNG_RNGInit();
open_log();
plog("pem_Initialize\n");
- unsigned char *modparms = NULL;
- if (!fwInstance) {
- return CKR_ARGUMENTS_BAD;
- }
-
- CK_C_INITIALIZE_ARGS_PTR modArgs =
- NSSCKFWInstance_GetInitArgs(fwInstance);
if (!modArgs || !modArgs->LibraryParameters) {
goto done;
}
- modparms = (unsigned char *) modArgs->LibraryParameters;
+ modparms = (char *) modArgs->LibraryParameters;
plog("Initialized with %s\n", modparms);
/*
* The initialization string format is a space-delimited file of
* pairs of paths which are delimited by a semi-colon. The first
* entry of the pair is the path to the certificate file. The
* second is the path to the key file.
*
* CA certificates do not need the semi-colon.
*
* Example:
* /etc/certs/server.pem;/etc/certs/server.key /etc/certs/ca.pem
*
*/
status =
- pem_ParseString((const char *) modparms, ' ', &numcerts,
+ pem_ParseString(modparms, ' ', &numcerts,
&certstrings);
if (status == PR_FALSE) {
return CKR_ARGUMENTS_BAD;
}
for (i = 0; i < numcerts && error != PR_TRUE; i++) {
char *cert = certstrings[i];
PRInt32 attrcount = 0;
char **certattrs = NULL;
status = pem_ParseString(cert, ';', &attrcount, &certattrs);
if (status == PR_FALSE) {
error = PR_TRUE;
break;
}

View File

@ -1,7 +1,7 @@
diff -up ./mozilla/security/nss/lib/ssl/sslsock.c.transitional ./mozilla/security/nss/lib/ssl/sslsock.c diff -up mozilla/security/nss/lib/ssl/sslsock.c.transitional mozilla/security/nss/lib/ssl/sslsock.c
--- ./mozilla/security/nss/lib/ssl/sslsock.c.transitional 2010-09-04 09:46:50.331327676 -0700 --- mozilla/security/nss/lib/ssl/sslsock.c.transitional 2011-10-06 10:37:47.156659000 -0700
+++ ./mozilla/security/nss/lib/ssl/sslsock.c 2010-09-04 09:50:02.814325605 -0700 +++ mozilla/security/nss/lib/ssl/sslsock.c 2011-10-06 10:38:32.276704000 -0700
@@ -181,7 +181,7 @@ static sslOptions ssl_defaults = { @@ -182,7 +182,7 @@ static sslOptions ssl_defaults = {
PR_FALSE, /* noLocks */ PR_FALSE, /* noLocks */
PR_FALSE, /* enableSessionTickets */ PR_FALSE, /* enableSessionTickets */
PR_FALSE, /* enableDeflate */ PR_FALSE, /* enableDeflate */
@ -9,4 +9,4 @@ diff -up ./mozilla/security/nss/lib/ssl/sslsock.c.transitional ./mozilla/securit
+ 3, /* enableRenegotiation (default: transitional) */ + 3, /* enableRenegotiation (default: transitional) */
PR_FALSE, /* requireSafeNegotiation */ PR_FALSE, /* requireSafeNegotiation */
PR_FALSE, /* enableFalseStart */ PR_FALSE, /* enableFalseStart */
}; PR_TRUE /* cbcRandomIV */

View File

@ -1,4 +1,4 @@
05ccaacf0146ef7b74f100e9d2141633 nss-3.12.10-stripped.tar.bz2 5e92ca8e516fd7f6a566e1690f313106 nss-3.13.1-stripped.tar.bz2
e63cddf74c07f0d818d1052ecc6fbb1f nss-pem-20101125.tar.bz2 e63cddf74c07f0d818d1052ecc6fbb1f nss-pem-20101125.tar.bz2
a5ae49867124ac75f029a9a33af31bad blank-cert8.db a5ae49867124ac75f029a9a33af31bad blank-cert8.db
9315689bbd9f28ceebd47894f99fccbd blank-key3.db 9315689bbd9f28ceebd47894f99fccbd blank-key3.db