rpms/nss
7
0
Fork 0
Code Issues Pull Requests Releases Activity

- Add 3.12 ckfw and libnsspem

Browse Source
This commit is contained in:
Kai Engert 2007-09-05 20:00:42 +00:00
parent 9c5168ea31
commit 3b9b992cb2
5 changed files with 218 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.cvsignore
View File

@ -1,2 +1,4 @@
nss-3.11.5-fbst-stripped.tar.gz nss-3.11.5-fbst-stripped.tar.gz
nss-3.11.7-no-fbst-with-ckbi-1.64.tar.gz nss-3.11.7-no-fbst-with-ckbi-1.64.tar.gz
nss-3.12-alpha-ckfw.tar.gz
nss-3.12-alpha-pem.tar.gz

177
nss-create-obj.patch Normal file
View File

@ -0,0 +1,177 @@
Index: mozilla/security/nss/lib/nss/nss.def
===================================================================
RCS file: /cvsroot/mozilla/security/nss/lib/nss/nss.def,v
retrieving revision 1.158.2.7
diff -u -r1.158.2.7 nss.def
--- mozilla/security/nss/lib/nss/nss.def 25 Apr 2007 23:26:53 -0000 1.158.2.7
+++ mozilla/security/nss/lib/nss/nss.def 31 Aug 2007 18:54:54 -0000
@@ -899,3 +899,10 @@
;+ local:
;+ *;
;+};
+;+NSS_3.12 {
+;+ global:
+PK11_CreateGenericObject;
+PK11_WriteRawAttribute;
+;+ local:
+;+ *;
+;+};
Index: mozilla/security/nss/lib/pk11wrap/pk11obj.c
===================================================================
RCS file: /cvsroot/mozilla/security/nss/lib/pk11wrap/pk11obj.c,v
retrieving revision 1.11.2.3
diff -u -r1.11.2.3 pk11obj.c
--- mozilla/security/nss/lib/pk11wrap/pk11obj.c 5 Jan 2007 09:44:05 -0000 1.11.2.3
+++ mozilla/security/nss/lib/pk11wrap/pk11obj.c 9 May 2007 20:58:17 -0000
@@ -388,7 +388,7 @@
SECStatus
PK11_CreateNewObject(PK11SlotInfo *slot, CK_SESSION_HANDLE session,
- CK_ATTRIBUTE *theTemplate, int count,
+ const CK_ATTRIBUTE *theTemplate, int count,
PRBool token, CK_OBJECT_HANDLE *objectID)
{
CK_SESSION_HANDLE rwsession;
@@ -1306,7 +1306,7 @@
PK11_DestroyGenericObject(objects);
}
/* delete all the objects before it in the list */
- for (objects = prevObject; objects; objects = nextObject) {
+ for (objects = prevObject; objects; objects = prevObject) {
prevObject = objects->prev;
PK11_DestroyGenericObject(objects);
}
@@ -1314,6 +1314,96 @@
}
+/*
+ * Hand Create a new object and return the Generic object for our new object.
+ */
+PK11GenericObject *
+PK11_CreateGenericObject(PK11SlotInfo *slot, const CK_ATTRIBUTE *template,
+ int count, PRBool token)
+{
+ CK_OBJECT_HANDLE objectID;
+ PK11GenericObject *obj;
+ CK_RV crv;
+
+ PK11_EnterSlotMonitor(slot);
+ crv = PK11_CreateNewObject(slot, slot->session, template, count,
+ token, &objectID);
+ PK11_ExitSlotMonitor(slot);
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return NULL;
+ }
+
+ obj = PORT_New(PK11GenericObject);
+ if ( !obj ) {
+ /* error set by PORT_New */
+ return NULL;
+ }
+
+ /* initialize it */
+ obj->slot = PK11_ReferenceSlot(slot);
+ obj->objectID = objectID;
+ obj->next = NULL;
+ obj->prev = NULL;
+ return obj;
+}
+
+/*
+ * Change an attribute on a raw object
+ */
+SECStatus
+PK11_WriteRawAttribute(PK11ObjectType objType, void *objSpec,
+ CK_ATTRIBUTE_TYPE attrType, SECItem *item)
+{
+ PK11SlotInfo *slot = NULL;
+ CK_OBJECT_HANDLE handle;
+ CK_ATTRIBUTE setTemplate;
+ CK_RV crv;
+ CK_SESSION_HANDLE rwsession;
+
+ switch (objType) {
+ case PK11_TypeGeneric:
+ slot = ((PK11GenericObject *)objSpec)->slot;
+ handle = ((PK11GenericObject *)objSpec)->objectID;
+ break;
+ case PK11_TypePrivKey:
+ slot = ((SECKEYPrivateKey *)objSpec)->pkcs11Slot;
+ handle = ((SECKEYPrivateKey *)objSpec)->pkcs11ID;
+ break;
+ case PK11_TypePubKey:
+ slot = ((SECKEYPublicKey *)objSpec)->pkcs11Slot;
+ handle = ((SECKEYPublicKey *)objSpec)->pkcs11ID;
+ break;
+ case PK11_TypeSymKey:
+ slot = ((PK11SymKey *)objSpec)->slot;
+ handle = ((PK11SymKey *)objSpec)->objectID;
+ break;
+ case PK11_TypeCert: /* don't handle cert case for now */
+ default:
+ break;
+ }
+ if (slot == NULL) {
+ PORT_SetError(SEC_ERROR_UNKNOWN_OBJECT_TYPE);
+ return SECFailure;
+ }
+
+ PK11_SETATTRS(&setTemplate, attrType, (CK_CHAR *) item->data, item->len);
+ rwsession = PK11_GetRWSession(slot);
+ if (rwsession == CK_INVALID_SESSION) {
+ PORT_SetError(SEC_ERROR_BAD_DATA);
+ return SECFailure;
+ }
+ crv = PK11_GETTAB(slot)->C_SetAttributeValue(rwsession, handle,
+ &setTemplate, 1);
+ PK11_RestoreROSession(slot, rwsession);
+ if (crv != CKR_OK) {
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+
SECStatus
PK11_ReadRawAttribute(PK11ObjectType objType, void *objSpec,
CK_ATTRIBUTE_TYPE attrType, SECItem *item)
Index: mozilla/security/nss/lib/pk11wrap/pk11pub.h
===================================================================
RCS file: /cvsroot/mozilla/security/nss/lib/pk11wrap/pk11pub.h,v
retrieving revision 1.14.2.1
diff -u -r1.14.2.1 pk11pub.h
--- mozilla/security/nss/lib/pk11wrap/pk11pub.h 2 Mar 2006 00:12:27 -0000 1.14.2.1
+++ mozilla/security/nss/lib/pk11wrap/pk11pub.h 9 May 2007 20:58:17 -0000
@@ -688,8 +688,13 @@
PK11GenericObject *object);
SECStatus PK11_DestroyGenericObjects(PK11GenericObject *object);
SECStatus PK11_DestroyGenericObject(PK11GenericObject *object);
+PK11GenericObject *PK11_CreateGenericObject(PK11SlotInfo *slot,
+ const CK_ATTRIBUTE *template,
+ int count, PRBool token);
SECStatus PK11_ReadRawAttribute(PK11ObjectType type, void *object,
CK_ATTRIBUTE_TYPE attr, SECItem *item);
+SECStatus PK11_WriteRawAttribute(PK11ObjectType type, void *object,
+ CK_ATTRIBUTE_TYPE attr, SECItem *item);
/**********************************************************************
Index: mozilla/security/nss/lib/pk11wrap/secmodi.h
===================================================================
RCS file: /cvsroot/mozilla/security/nss/lib/pk11wrap/secmodi.h,v
retrieving revision 1.23
diff -u -r1.23 secmodi.h
--- mozilla/security/nss/lib/pk11wrap/secmodi.h 9 Sep 2005 02:03:57 -0000 1.23
+++ mozilla/security/nss/lib/pk11wrap/secmodi.h 9 May 2007 20:58:17 -0000
@@ -105,7 +105,7 @@
#define PK11_SETATTRS(x,id,v,l) (x)->type = (id); \
(x)->pValue=(v); (x)->ulValueLen = (l);
SECStatus PK11_CreateNewObject(PK11SlotInfo *slot, CK_SESSION_HANDLE session,
- CK_ATTRIBUTE *theTemplate, int count,
+ const CK_ATTRIBUTE *theTemplate, int count,
PRBool token, CK_OBJECT_HANDLE *objectID);
SECStatus pbe_PK11AlgidToParam(SECAlgorithmID *algid,SECItem *mech);

16
nss-enable-pem.patch Normal file
View File

@ -0,0 +1,16 @@
Index: mozilla/security/nss/lib/ckfw/manifest.mn
===================================================================
RCS file: /cvsroot/mozilla/security/nss/lib/ckfw/manifest.mn,v
retrieving revision 1.9
diff -u -r1.9 manifest.mn
--- mozilla/security/nss/lib/ckfw/manifest.mn 16 Dec 2005 00:48:01 -0000 1.9
+++ mozilla/security/nss/lib/ckfw/manifest.mn 31 Aug 2007 17:58:23 -0000
@@ -38,7 +38,7 @@
CORE_DEPTH = ../../..
-DIRS = builtins
+DIRS = builtins pem
PRIVATE_EXPORTS = \
ck.h \

23
nss.spec
View File

@ -1,12 +1,13 @@
%define nspr_version 4.6.2 %define nspr_version 4.6.2
%define unsupported_tools_directory %{_libdir}/nss/unsupported-tools %define unsupported_tools_directory %{_libdir}/nss/unsupported-tools
%define fips_source_version 3.11.5 %define fips_source_version 3.11.5
%define ckfw_source_version 3.12-alpha
%define ckbi_version 1.64 %define ckbi_version 1.64
Summary: Network Security Services Summary: Network Security Services
Name: nss Name: nss
Version: 3.11.7 Version: 3.11.7
Release: 6%{?dist} Release: 7%{?dist}
License: MPLv1.1 or GPLv2+ or LGPLv2+ License: MPLv1.1 or GPLv2+ or LGPLv2+
URL: http://www.mozilla.org/projects/security/pki/nss/ URL: http://www.mozilla.org/projects/security/pki/nss/
Group: System Environment/Libraries Group: System Environment/Libraries
@ -29,12 +30,16 @@ Source4: blank-key3.db
Source5: blank-secmod.db Source5: blank-secmod.db
Source7: fake-kstat.h Source7: fake-kstat.h
Source10: %{name}-%{fips_source_version}-fbst-stripped.tar.gz Source10: %{name}-%{fips_source_version}-fbst-stripped.tar.gz
Source11: %{name}-%{ckfw_source_version}-ckfw.tar.gz
Source12: %{name}-%{ckfw_source_version}-pem.tar.gz
Patch1: nss-no-rpath.patch Patch1: nss-no-rpath.patch
Patch2: nss-smartcard-auth.patch Patch2: nss-smartcard-auth.patch
Patch3: nss-use-netstat-hack.patch Patch3: nss-use-netstat-hack.patch
Patch4: nss-decouple-softokn.patch Patch4: nss-decouple-softokn.patch
Patch5: nss-disable-build-freebl-softoken.patch Patch5: nss-disable-build-freebl-softoken.patch
Patch6: nss-enable-pem.patch
Patch7: nss-create-obj.patch
%description %description
@ -86,9 +91,12 @@ low level services.
%prep %prep
%setup -q %setup -q
%setup -q -T -D -n %{name}-%{version} -a 10 %setup -q -T -D -n %{name}-%{version} -a 10
%setup -q -T -D -n %{name}-%{version} -a 11
%setup -q -T -D -n %{name}-%{version} -a 12
%define old_nss_lib %{name}-%{fips_source_version}/mozilla/security/nss/lib %define old_nss_lib %{name}-%{fips_source_version}/mozilla/security/nss/lib
%define new_nss_lib mozilla/security/nss/lib %define new_nss_lib mozilla/security/nss/lib
%define new_ckfw_lib %{name}-%{ckfw_source_version}/mozilla/security/nss/lib
# Ensure we will not use new freebl/softoken code # Ensure we will not use new freebl/softoken code
rm -rf %{new_nss_lib}/freebl rm -rf %{new_nss_lib}/freebl
@ -98,6 +106,10 @@ rm -rf %{new_nss_lib}/softoken
cp -a %{old_nss_lib}/freebl %{new_nss_lib} cp -a %{old_nss_lib}/freebl %{new_nss_lib}
cp -a %{old_nss_lib}/softoken %{new_nss_lib} cp -a %{old_nss_lib}/softoken %{new_nss_lib}
# set up ckfw
rm -rf %{new_nss_lib}/ckfw
cp -a %{new_ckfw_lib}/ckfw %{new_nss_lib}
# Ensure the newer NSS tree will not build code, except the loader # Ensure the newer NSS tree will not build code, except the loader
mv -i %{new_nss_lib}/freebl/loader.c %{new_nss_lib}/freebl/loader.c.save mv -i %{new_nss_lib}/freebl/loader.c %{new_nss_lib}/freebl/loader.c.save
rm -rf %{new_nss_lib}/freebl/*.c %{new_nss_lib}/freebl/*.s rm -rf %{new_nss_lib}/freebl/*.c %{new_nss_lib}/freebl/*.s
@ -114,6 +126,8 @@ rm -rf mozilla/security/nss/cmd/certcgi
%patch2 -p0 -b .smartcard-auth %patch2 -p0 -b .smartcard-auth
%patch4 -p0 -b .decouple-softokn %patch4 -p0 -b .decouple-softokn
%patch5 -p0 -b .nofbst %patch5 -p0 -b .nofbst
%patch6 -p0 -b .libpem
%patch7 -p0 -b .create-obj
# Apply the patches to the tree where we build freebl/softoken # Apply the patches to the tree where we build freebl/softoken
cd nss-%{fips_source_version} cd nss-%{fips_source_version}
@ -228,7 +242,7 @@ do
done done
# Copy the binary libraries we want # Copy the binary libraries we want
for file in libnss3.so libssl3.so libsmime3.so libnssckbi.so for file in libnss3.so libssl3.so libsmime3.so libnssckbi.so libnsspem.so
do do
%{__install} -m 755 mozilla/dist/*.OBJ/lib/$file $RPM_BUILD_ROOT/%{_libdir} %{__install} -m 755 mozilla/dist/*.OBJ/lib/$file $RPM_BUILD_ROOT/%{_libdir}
done done
@ -298,6 +312,7 @@ done
%{_libdir}/libsmime3.so %{_libdir}/libsmime3.so
%{_libdir}/libsoftokn3.so %{_libdir}/libsoftokn3.so
%{_libdir}/libnssckbi.so %{_libdir}/libnssckbi.so
%{_libdir}/libnsspem.so
%{_libdir}/libfreebl3.so %{_libdir}/libfreebl3.so
%{unsupported_tools_directory}/shlibsign %{unsupported_tools_directory}/shlibsign
%ghost %{_libdir}/libsoftokn3.chk %ghost %{_libdir}/libsoftokn3.chk
@ -370,6 +385,7 @@ done
%{_includedir}/nss3/nssilckt.h %{_includedir}/nss3/nssilckt.h
%{_includedir}/nss3/nssilock.h %{_includedir}/nss3/nssilock.h
%{_includedir}/nss3/nsslocks.h %{_includedir}/nss3/nsslocks.h
%{_includedir}/nss3/nsspem.h
%{_includedir}/nss3/nssrwlk.h %{_includedir}/nss3/nssrwlk.h
%{_includedir}/nss3/nssrwlkt.h %{_includedir}/nss3/nssrwlkt.h
%{_includedir}/nss3/ocsp.h %{_includedir}/nss3/ocsp.h
@ -437,6 +453,9 @@ done
%changelog %changelog
* Wed Sep 05 2007 Bob Relyea <rrelyea@redhat.com> - 3.11.7-7
- Add 3.12 ckfw and libnsspem
* Tue Aug 28 2007 Kai Engert <kengert@redhat.com> - 3.11.7-6 * Tue Aug 28 2007 Kai Engert <kengert@redhat.com> - 3.11.7-6
- Updated license tag - Updated license tag

2
sources
View File

@ -1,2 +1,4 @@
68c5e1bd8ba091e5a50babcd9e552bc5 nss-3.11.5-fbst-stripped.tar.gz 68c5e1bd8ba091e5a50babcd9e552bc5 nss-3.11.5-fbst-stripped.tar.gz
c1053d1e001a5b1eb4b7c296a968ca5c nss-3.11.7-no-fbst-with-ckbi-1.64.tar.gz c1053d1e001a5b1eb4b7c296a968ca5c nss-3.11.7-no-fbst-with-ckbi-1.64.tar.gz
baa96599af6f0a2b656479d8e4efd58f nss-3.12-alpha-ckfw.tar.gz
84bad7e42304a6d4fdf2b83f5295b938 nss-3.12-alpha-pem.tar.gz