- Initialize NSS as early as possible (#382091)
This commit is contained in:
parent
266b7c7b0b
commit
271f69d889
86
rpm-4.4.2.2-cryptoinit.patch
Normal file
86
rpm-4.4.2.2-cryptoinit.patch
Normal file
@ -0,0 +1,86 @@
|
||||
diff -up rpm-4.4.2.2/rpmio/digest.c.nss-init rpm-4.4.2.2/rpmio/digest.c
|
||||
--- rpm-4.4.2.2/rpmio/digest.c.nss-init 2007-11-15 10:57:04.000000000 +0200
|
||||
+++ rpm-4.4.2.2/rpmio/digest.c 2007-11-15 10:57:04.000000000 +0200
|
||||
@@ -78,9 +78,6 @@ rpmDigestInit(pgpHashAlgo hashalgo, rpmD
|
||||
HASH_HashType type;
|
||||
DIGEST_CTX ctx = xcalloc(1, sizeof(*ctx));
|
||||
|
||||
- if (NSS_NoDB_Init(NULL) != SECSuccess)
|
||||
- return NULL;
|
||||
-
|
||||
ctx->flags = flags;
|
||||
|
||||
type = getHashType(hashalgo);
|
||||
diff -up rpm-4.4.2.2/rpmio/rpmpgp.h.nss-init rpm-4.4.2.2/rpmio/rpmpgp.h
|
||||
--- rpm-4.4.2.2/rpmio/rpmpgp.h.nss-init 2007-11-15 10:57:04.000000000 +0200
|
||||
+++ rpm-4.4.2.2/rpmio/rpmpgp.h 2007-11-15 10:57:04.000000000 +0200
|
||||
@@ -1380,6 +1380,15 @@ unsigned int pgpCRC(const byte *octets,
|
||||
}
|
||||
|
||||
/** \ingroup rpmio
|
||||
+ * Perform cryptography initialization.
|
||||
+ * It must be called before any cryptography can be used within rpm.
|
||||
+ * It's not normally necessary to call it directly as it's called in
|
||||
+ * general rpm initialization routines.
|
||||
+ * @return 0 on success, -1 on failure
|
||||
+ */
|
||||
+int rpmInitCrypto(void);
|
||||
+
|
||||
+/** \ingroup rpmio
|
||||
* Duplicate a digest context.
|
||||
* @param octx existing digest context
|
||||
* @return duplicated digest context
|
||||
diff -up rpm-4.4.2.2/rpmio/rpmpgp.c.nss-init rpm-4.4.2.2/rpmio/rpmpgp.c
|
||||
--- rpm-4.4.2.2/rpmio/rpmpgp.c.nss-init 2007-11-15 10:57:04.000000000 +0200
|
||||
+++ rpm-4.4.2.2/rpmio/rpmpgp.c 2007-11-15 10:58:07.000000000 +0200
|
||||
@@ -17,6 +17,8 @@ static int _debug = 0;
|
||||
/*@unchecked@*/
|
||||
static int _print = 0;
|
||||
|
||||
+static int _crypto_initialized = 0;
|
||||
+
|
||||
/*@unchecked@*/ /*@null@*/
|
||||
static pgpDig _dig = NULL;
|
||||
|
||||
@@ -1094,7 +1096,6 @@ int pgpPrtPkt(const byte *pkt, unsigned
|
||||
pgpDig pgpNewDig(void)
|
||||
{
|
||||
pgpDig dig = xcalloc(1, sizeof(*dig));
|
||||
- NSS_NoDB_Init(NULL);
|
||||
|
||||
return dig;
|
||||
}
|
||||
@@ -1404,5 +1405,18 @@ char * pgpArmorWrap(int atype, const uns
|
||||
|
||||
return val;
|
||||
}
|
||||
-
|
||||
/*@=boundsread@*/
|
||||
+
|
||||
+int rpmInitCrypto(void) {
|
||||
+ int rc = 0;
|
||||
+
|
||||
+ if (!_crypto_initialized && NSS_NoDB_Init(NULL) != SECSuccess) {
|
||||
+ rc = -1;
|
||||
+ } else {
|
||||
+ _crypto_initialized = 1;
|
||||
+ }
|
||||
+
|
||||
+ return rc;
|
||||
+}
|
||||
+
|
||||
+
|
||||
diff -up rpm-4.4.2.2/lib/rpmrc.c.nss-init rpm-4.4.2.2/lib/rpmrc.c
|
||||
--- rpm-4.4.2.2/lib/rpmrc.c.nss-init 2007-09-11 09:28:15.000000000 +0300
|
||||
+++ rpm-4.4.2.2/lib/rpmrc.c 2007-11-15 10:57:04.000000000 +0200
|
||||
@@ -1850,6 +1850,10 @@ static int rpmReadRC(/*@null@*/ const ch
|
||||
|
||||
int rpmReadConfigFiles(const char * file, const char * target)
|
||||
{
|
||||
+ /* Initialize crypto engine as early as possible */
|
||||
+ if (rpmInitCrypto() < 0) {
|
||||
+ return -1;
|
||||
+ }
|
||||
|
||||
/* Preset target macros */
|
||||
/*@-nullstate@*/ /* FIX: target can be NULL */
|
7
rpm.spec
7
rpm.spec
@ -6,7 +6,7 @@
|
||||
Summary: The RPM package management system
|
||||
Name: rpm
|
||||
Version: 4.4.2.2
|
||||
Release: 9%{?dist}
|
||||
Release: 10%{?dist}
|
||||
Group: System Environment/Base
|
||||
Url: http://www.rpm.org/
|
||||
Source: http://rpm.org/releases/rpm-4.4.x/%{name}-%{version}.tar.gz
|
||||
@ -24,6 +24,7 @@ Patch11: rpm-4.4.2.2-pyproblem.patch
|
||||
Patch12: rpm-4.4.2.2-problem-nevra.patch
|
||||
Patch13: rpm-4.4.2.2-nss.patch
|
||||
Patch14: rpm-4.4.2.2-base64-unsigned-char.patch
|
||||
Patch15: rpm-4.4.2.2-cryptoinit.patch
|
||||
|
||||
# XXX Beware, this is one murky license, partially GPL/LGPL dual-licensed
|
||||
# and several different components with their own licenses included...
|
||||
@ -153,6 +154,7 @@ that will manipulate RPM packages and databases.
|
||||
%patch12 -p1 -b .problem-nevra
|
||||
%patch13 -p1 -b .nss
|
||||
%patch14 -p1 -b .base64
|
||||
%patch15 -p1 -b .nss-init
|
||||
|
||||
# force external popt
|
||||
rm -rf popt/
|
||||
@ -415,6 +417,9 @@ exit 0
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Thu Nov 15 2007 Panu Matilainen <pmatilai@redhat.com> 4.4.2.2-10
|
||||
- Initialize NSS as early as possible (#382091)
|
||||
|
||||
* Wed Nov 14 2007 Paul Nasrat <pauln@truemesh.com> 4.4.2.2-9
|
||||
- Fix base64 assumption of signed char, from Tomas Mraz (#380911)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user