Bug 539183 - Short-term fix for ssl test suites hangs on ipv6 type connections

Change selfserv to use a dual-stack IPv6 listening socket, which can accept
connections from both IPv4 and IPv6 clients.  NSPR's IPv6 sockets have the
IPV6_V6ONLY socket option default to false.
This commit is contained in:
Elio Maldonado 2011-02-24 15:05:17 -08:00
parent ab4de6fd80
commit c40f16fc52
2 changed files with 43 additions and 4 deletions

33
nss-539183.patch Normal file
View File

@ -0,0 +1,33 @@
Index: mozilla/security/nss/cmd/selfserv/selfserv.c
===================================================================
RCS file: /cvsroot/mozilla/security/nss/cmd/selfserv/selfserv.c,v
retrieving revision 1.94
diff -p -u -8 -r1.94 selfserv.c
--- mozilla/security/nss/cmd/selfserv/selfserv.c 3 Apr 2010 18:27:27 -0000 1.94
+++ mozilla/security/nss/cmd/selfserv/selfserv.c 24 Feb 2011 02:28:02 -0000
@@ -1487,21 +1487,21 @@ PRFileDesc *
getBoundListenSocket(unsigned short port)
{
PRFileDesc * listen_sock;
int listenQueueDepth = 5 + (2 * maxThreads);
PRStatus prStatus;
PRNetAddr addr;
PRSocketOptionData opt;
- addr.inet.family = PR_AF_INET;
- addr.inet.ip = PR_INADDR_ANY;
- addr.inet.port = PR_htons(port);
+ if (PR_SetNetAddr(PR_IpAddrAny, PR_AF_INET6, port, &addr) != PR_SUCCESS) {
+ errExit("PR_SetNetAddr");
+ }
- listen_sock = PR_NewTCPSocket();
+ listen_sock = PR_OpenTCPSocket(PR_AF_INET6);
if (listen_sock == NULL) {
errExit("PR_NewTCPSocket");
}
opt.option = PR_SockOpt_Nonblocking;
opt.value.non_blocking = PR_FALSE;
prStatus = PR_SetSocketOption(listen_sock, &opt);
if (prStatus < 0) {

View File

@ -6,7 +6,7 @@
Summary: Network Security Services Summary: Network Security Services
Name: nss Name: nss
Version: 3.12.9 Version: 3.12.9
Release: 12%{?dist} Release: 13%{?dist}
License: MPLv1.1 or GPLv2+ or LGPLv2+ License: MPLv1.1 or GPLv2+ or LGPLv2+
URL: http://www.mozilla.org/projects/security/pki/nss/ URL: http://www.mozilla.org/projects/security/pki/nss/
Group: System Environment/Libraries Group: System Environment/Libraries
@ -47,6 +47,7 @@ Patch12: allow-content-types-beyond-smime.patch
Patch13: nss-recurse.patch Patch13: nss-recurse.patch
Patch14: dont-use-cpp-reserved-words.patch Patch14: dont-use-cpp-reserved-words.patch
Patch15: swap-internal-key-slot.patch Patch15: swap-internal-key-slot.patch
Patch16: nss-539183.patch
%description %description
Network Security Services (NSS) is a set of libraries designed to Network Security Services (NSS) is a set of libraries designed to
@ -124,6 +125,7 @@ low level services.
%patch13 -p1 -b .recurse %patch13 -p1 -b .recurse
%patch14 -p1 -b .676036 %patch14 -p1 -b .676036
%patch15 -p1 -b .jss %patch15 -p1 -b .jss
%patch16 -p0 -b .539183
%build %build
@ -271,9 +273,10 @@ cd ./mozilla/security/nss/tests/
# nss_ssl_tests: crl bypass_normal normal_bypass normal_fips fips_normal iopr # nss_ssl_tests: crl bypass_normal normal_bypass normal_fips fips_normal iopr
# nss_ssl_run: cov auth stress # nss_ssl_run: cov auth stress
# #
# Disable the ssl test suites until Bug 539183 is resolved # Uncomment these lines if you need to temporarily
%global nss_ssl_tests " " # disable some test suites for faster test builds
%global nss_ssl_run " " # global nss_ssl_tests "normal_fips"
# global nss_ssl_run "cov auth"
HOST=localhost DOMSUF=localdomain PORT=$MYRAND NSS_CYCLES=%{?nss_cycles} NSS_TESTS=%{?nss_tests} NSS_SSL_TESTS=%{?nss_ssl_tests} NSS_SSL_RUN=%{?nss_ssl_run} ./all.sh HOST=localhost DOMSUF=localdomain PORT=$MYRAND NSS_CYCLES=%{?nss_cycles} NSS_TESTS=%{?nss_tests} NSS_SSL_TESTS=%{?nss_ssl_tests} NSS_SSL_RUN=%{?nss_ssl_run} ./all.sh
@ -516,6 +519,9 @@ rm -rf $RPM_BUILD_ROOT/%{_includedir}/nss3/nsslowhash.h
%changelog %changelog
* Wed Feb 24 2011 Elio Maldonado <emaldona@redhat.com> - 3.12.9-13
- Short-term fix for ssl test suites hangs on ipv6 type connections (#539183)
* Fri Feb 18 2011 Elio Maldonado <emaldona@redhat.com> - 3.12.9-12 * Fri Feb 18 2011 Elio Maldonado <emaldona@redhat.com> - 3.12.9-12
- Add a missing requires for pkcs11-devel (#675196) - Add a missing requires for pkcs11-devel (#675196)