Pick up fixes from RHEL
- Resolves: rhbz#800674 - Unable to contact LDAP Server during winsync - Resolves: rhbz#800682 - Qpid AMQP daemon fails to load after nss update - Resolves: rhbz#800676 - NSS workaround for freebl bug that causes openswan to drop connections
This commit is contained in:
parent
85a1075a8d
commit
3ccc11c806
@ -0,0 +1,27 @@
|
|||||||
|
diff -up ./mozilla/security/nss/lib/nss/nssinit.c.747387part1 ./mozilla/security/nss/lib/nss/nssinit.c
|
||||||
|
--- ./mozilla/security/nss/lib/nss/nssinit.c.747387part1 2011-10-19 17:41:09.148204402 -0700
|
||||||
|
+++ ./mozilla/security/nss/lib/nss/nssinit.c 2011-10-19 17:42:32.354416861 -0700
|
||||||
|
@@ -616,15 +616,19 @@ nss_Init(const char *configdir, const ch
|
||||||
|
passwordRequired = pk11_password_required;
|
||||||
|
}
|
||||||
|
|
||||||
|
- /* we always try to initialize the modules */
|
||||||
|
- rv = nss_InitModules(configdir, certPrefix, keyPrefix, secmodName,
|
||||||
|
+ /* Skip the module init if we are already initted and we are trying
|
||||||
|
+ * to init with not noCertDB and noModDB */
|
||||||
|
+ if (!(isReallyInitted && noCertDB && noModDB)) {
|
||||||
|
+ /* we always try to initialize the modules */
|
||||||
|
+ rv = nss_InitModules(configdir, certPrefix, keyPrefix, secmodName,
|
||||||
|
updateDir, updCertPrefix, updKeyPrefix, updateID,
|
||||||
|
updateName, configName, configStrings, passwordRequired,
|
||||||
|
readOnly, noCertDB, noModDB, forceOpen, optimizeSpace,
|
||||||
|
(initContextPtr != NULL));
|
||||||
|
|
||||||
|
- if (rv != SECSuccess) {
|
||||||
|
- goto loser;
|
||||||
|
+ if (rv != SECSuccess) {
|
||||||
|
+ goto loser;
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
|
||||||
|
|
@ -0,0 +1,15 @@
|
|||||||
|
diff -up ./mozilla/security/nss/lib/pk11wrap/pk11skey.c.800676 ./mozilla/security/nss/lib/pk11wrap/pk11skey.c
|
||||||
|
--- ./mozilla/security/nss/lib/pk11wrap/pk11skey.c.800676 2012-03-07 18:29:16.679551532 -0800
|
||||||
|
+++ ./mozilla/security/nss/lib/pk11wrap/pk11skey.c 2012-03-07 18:29:42.338733488 -0800
|
||||||
|
@@ -1664,7 +1664,10 @@ PK11_PubDerive(SECKEYPrivateKey *privKey
|
||||||
|
|
||||||
|
keyType = PK11_GetKeyType(target,keySize);
|
||||||
|
key_size = keySize;
|
||||||
|
- symKey->size = keySize;
|
||||||
|
+ /* There's a bug in FreeBL where this size is treated as a max.
|
||||||
|
+ * if we are using softoken, Don't set that size value here, but
|
||||||
|
+ * set it to zero we we will query softoken for the size */
|
||||||
|
+ symKey->size = slot->isInternal ? 0 : keySize;
|
||||||
|
if (key_size == 0) templateCount--;
|
||||||
|
|
||||||
|
mechanism.mechanism = derive;
|
@ -0,0 +1,15 @@
|
|||||||
|
diff -up ./mozilla/security/nss/lib/nss/nssinit.c.800682 ./mozilla/security/nss/lib/nss/nssinit.c
|
||||||
|
--- ./mozilla/security/nss/lib/nss/nssinit.c.800682 2012-03-07 17:34:50.846174813 -0800
|
||||||
|
+++ ./mozilla/security/nss/lib/nss/nssinit.c 2012-03-07 17:36:12.545753433 -0800
|
||||||
|
@@ -1151,6 +1151,11 @@ SECStatus
|
||||||
|
NSS_Shutdown(void)
|
||||||
|
{
|
||||||
|
SECStatus rv;
|
||||||
|
+ /* make sure our lock and condition variable are initialized one and only
|
||||||
|
+ * one time */
|
||||||
|
+ if (PR_CallOnce(&nssInitOnce, nss_doLockInit) != PR_SUCCESS) {
|
||||||
|
+ return SECFailure;
|
||||||
|
+ }
|
||||||
|
PZ_Lock(nssInitLock);
|
||||||
|
|
||||||
|
if (!nssIsInitted) {
|
14
nss.spec
14
nss.spec
@ -7,7 +7,7 @@
|
|||||||
Summary: Network Security Services
|
Summary: Network Security Services
|
||||||
Name: nss
|
Name: nss
|
||||||
Version: 3.13.3
|
Version: 3.13.3
|
||||||
Release: 1%{?dist}
|
Release: 2%{?dist}
|
||||||
License: MPLv1.1 or GPLv2+ or LGPLv2+
|
License: MPLv1.1 or GPLv2+ or LGPLv2+
|
||||||
URL: http://www.mozilla.org/projects/security/pki/nss/
|
URL: http://www.mozilla.org/projects/security/pki/nss/
|
||||||
Group: System Environment/Libraries
|
Group: System Environment/Libraries
|
||||||
@ -75,6 +75,9 @@ Patch30: bz784672-protect-against-calls-before-nss_init.patch
|
|||||||
# Fix gcc 4.7 c++ issue in secmodt.h
|
# Fix gcc 4.7 c++ issue in secmodt.h
|
||||||
# http://gcc.gnu.org/bugzilla/show_bug.cgi?id=50917
|
# http://gcc.gnu.org/bugzilla/show_bug.cgi?id=50917
|
||||||
Patch31: nss-fix-gcc47-secmodt.patch
|
Patch31: nss-fix-gcc47-secmodt.patch
|
||||||
|
Patch32: Bug-800674-Unable-to-contact-LDAP-Server-during-winsync.patch
|
||||||
|
Patch33: Bug-800682-Qpid-AMQP-daemon-fails-to-load-after-nss-update.patch
|
||||||
|
Patch34: Bug-800676-nss-workaround-for-freebl-bug-that-causes-openswan-to-drop-connections.patch
|
||||||
|
|
||||||
|
|
||||||
%description
|
%description
|
||||||
@ -166,6 +169,9 @@ low level services.
|
|||||||
#%patch29 -p0 -b .770682
|
#%patch29 -p0 -b .770682
|
||||||
%patch30 -p0 -b .784672
|
%patch30 -p0 -b .784672
|
||||||
%patch31 -p0 -b .gcc47
|
%patch31 -p0 -b .gcc47
|
||||||
|
%patch32 -p0 -b .800674
|
||||||
|
%patch33 -p0 -b .800682
|
||||||
|
%patch34 -p0 -b .800676
|
||||||
|
|
||||||
|
|
||||||
%build
|
%build
|
||||||
@ -580,6 +586,12 @@ rm -rf $RPM_BUILD_ROOT/%{_includedir}/nss3/nsslowhash.h
|
|||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu Mar 08 2012 Elio Maldonado <emaldona@redhat.com> - 3.13.3-2
|
||||||
|
- Pick up fixes from RHEL
|
||||||
|
- Resolves: rhbz#800674 - Unable to contact LDAP Server during winsync
|
||||||
|
- Resolves: rhbz#800682 - Qpid AMQP daemon fails to load after nss update
|
||||||
|
- Resolves: rhbz#800676 - NSS workaround for freebl bug that causes openswan to drop connections
|
||||||
|
|
||||||
* Thu Mar 01 2012 Elio Maldonado <emaldona@redhat.com> - 3.13.3-1
|
* Thu Mar 01 2012 Elio Maldonado <emaldona@redhat.com> - 3.13.3-1
|
||||||
- Update to NSS_3_13_3_RTM
|
- Update to NSS_3_13_3_RTM
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user