mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-21 14:31:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

nss: remove unused and outdated crypto library

Browse Source
This commit is contained in:
Michael Marineau 2014-06-27 14:58:12 -07:00
parent 1989aa8247
commit 6e9f993e97
60 changed files with 0 additions and 35753 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
sdk_container/src/third_party/coreos-overlay/app-crypt/nss/Manifest vendored
View File

@ -1,2 +0,0 @@
DIST nss-3.12.8.tar.gz 5951955 SHA256 9178ce29749e8d09cb93ce70c38f1c2c10630926b2bb7259c7dfff42cb090c14 SHA512 6e2181a5ddea3244b12fe83d7e3c7ff773214563fbaa086202b5384fc37bc760cdf3ac95dbb59b82ec4a8f0446f7273f46efc396e90eae08befc8e5cc23cc80a WHIRLPOOL cd0799d13817468c322d6a2ce2882e0c0daba8f83983099a7721d2c7fb2ae4de473e1a921da37976a3628dbdfaaaaaeaf20ee15f69f2270c8a21738326f65784
DIST nss-3.14.tar.gz 6068755 SHA256 b01868959d50263265aacc5a09f9a9eefbbde5f35604c2977f9714696f1d3e2b SHA512 c5aba091fddcdd57a8cda879a90cf05eeacedf5d734be8eaaec9051aaa6c468b0c8b9816db3cb864859702f90f49fd37971eca98754763b778dcd5fb3d1f7358 WHIRLPOOL b795c55c4dcb7878c4e887b6dc52213d1c31e09ea969df0d8b642b1010b5900c8734de70287141be2ca93a77631b312e68e9e781689f158bb104c501882046ae

33
sdk_container/src/third_party/coreos-overlay/app-crypt/nss/files/nss-3.12.4-solaris-gcc.patch vendored
View File

@ -1,33 +0,0 @@
--- mozilla/security/coreconf/SunOS5.mk.orig 2009-10-02 10:51:26.617090950 +0200
+++ mozilla/security/coreconf/SunOS5.mk 2009-10-02 10:53:39.756260510 +0200
@@ -37,6 +37,9 @@
include $(CORE_DEPTH)/coreconf/UNIX.mk
+NS_USE_GCC = 1
+GCC_USE_GNU_LD = 1
+
#
# Temporary define for the Client; to be removed when binary release is used
#
@@ -104,7 +107,7 @@
endif
endif
-INCLUDES += -I/usr/dt/include -I/usr/openwin/include
+#INCLUDES += -I/usr/dt/include -I/usr/openwin/include
RANLIB = echo
CPU_ARCH = sparc
@@ -114,11 +117,6 @@
NOMD_OS_CFLAGS += $(DSO_CFLAGS) $(OS_DEFINES) $(SOL_CFLAGS)
MKSHLIB = $(CC) $(DSO_LDOPTS) $(RPATH)
-ifdef NS_USE_GCC
-ifeq (GNU,$(findstring GNU,$(shell `$(CC) -print-prog-name=ld` -v 2>&1)))
- GCC_USE_GNU_LD = 1
-endif
-endif
ifdef MAPFILE
ifdef NS_USE_GCC
ifdef GCC_USE_GNU_LD

245
sdk_container/src/third_party/coreos-overlay/app-crypt/nss/files/nss-3.12.5-gentoo-fixups.diff vendored
View File

@ -1,245 +0,0 @@
diff -urN nss-3.12.5-orig/mozilla/security/nss/config/Makefile nss-3.12.5/mozilla/security/nss/config/Makefile
--- nss-3.12.5-orig/mozilla/security/nss/config/Makefile 1969-12-31 18:00:00.000000000 -0600
+++ nss-3.12.5/mozilla/security/nss/config/Makefile 2009-09-14 21:45:45.619639265 -0500
@@ -0,0 +1,40 @@
+CORE_DEPTH = ../..
+DEPTH = ../..
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+NSS_MAJOR_VERSION = `grep "NSS_VMAJOR" ../lib/nss/nss.h | awk '{print $$3}'`
+NSS_MINOR_VERSION = `grep "NSS_VMINOR" ../lib/nss/nss.h | awk '{print $$3}'`
+NSS_PATCH_VERSION = `grep "NSS_VPATCH" ../lib/nss/nss.h | awk '{print $$3}'`
+PREFIX = /usr
+
+all: export libs
+
+export:
+ # Create the nss.pc file
+ mkdir -p $(DIST)/lib/pkgconfig
+ sed -e "s,@prefix@,$(PREFIX)," \
+ -e "s,@exec_prefix@,\$${prefix}," \
+ -e "s,@libdir@,\$${prefix}/gentoo/nss," \
+ -e "s,@includedir@,\$${prefix}/include/nss," \
+ -e "s,@NSS_MAJOR_VERSION@,$(NSS_MAJOR_VERSION),g" \
+ -e "s,@NSS_MINOR_VERSION@,$(NSS_MINOR_VERSION)," \
+ -e "s,@NSS_PATCH_VERSION@,$(NSS_PATCH_VERSION)," \
+ nss.pc.in > nss.pc
+ chmod 0644 nss.pc
+ ln -sf ../../../../../security/nss/config/nss.pc $(DIST)/lib/pkgconfig
+
+ # Create the nss-config script
+ mkdir -p $(DIST)/bin
+ sed -e "s,@prefix@,$(PREFIX)," \
+ -e "s,@NSS_MAJOR_VERSION@,$(NSS_MAJOR_VERSION)," \
+ -e "s,@NSS_MINOR_VERSION@,$(NSS_MINOR_VERSION)," \
+ -e "s,@NSS_PATCH_VERSION@,$(NSS_PATCH_VERSION)," \
+ nss-config.in > nss-config
+ chmod 0755 nss-config
+ ln -sf ../../../../security/nss/config/nss-config $(DIST)/bin
+
+libs:
+
+dummy: all export libs
+
diff -urN nss-3.12.5-orig/mozilla/security/nss/config/nss-config.in nss-3.12.5/mozilla/security/nss/config/nss-config.in
--- nss-3.12.5-orig/mozilla/security/nss/config/nss-config.in 1969-12-31 18:00:00.000000000 -0600
+++ nss-3.12.5/mozilla/security/nss/config/nss-config.in 2009-09-14 21:47:45.190638078 -0500
@@ -0,0 +1,145 @@
+#!/bin/sh
+
+prefix=@prefix@
+
+major_version=@NSS_MAJOR_VERSION@
+minor_version=@NSS_MINOR_VERSION@
+patch_version=@NSS_PATCH_VERSION@
+
+usage()
+{
+ cat <<EOF
+Usage: nss-config [OPTIONS] [LIBRARIES]
+Options:
+ [--prefix[=DIR]]
+ [--exec-prefix[=DIR]]
+ [--includedir[=DIR]]
+ [--libdir[=DIR]]
+ [--version]
+ [--libs]
+ [--cflags]
+Dynamic Libraries:
+ nss
+ ssl
+ smime
+ nssutil
+EOF
+ exit $1
+}
+
+if test $# -eq 0; then
+ usage 1 1>&2
+fi
+
+lib_ssl=yes
+lib_smime=yes
+lib_nss=yes
+lib_nssutil=yes
+
+while test $# -gt 0; do
+ case "$1" in
+ -*=*) optarg=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'` ;;
+ *) optarg= ;;
+ esac
+
+ case $1 in
+ --prefix=*)
+ prefix=$optarg
+ ;;
+ --prefix)
+ echo_prefix=yes
+ ;;
+ --exec-prefix=*)
+ exec_prefix=$optarg
+ ;;
+ --exec-prefix)
+ echo_exec_prefix=yes
+ ;;
+ --includedir=*)
+ includedir=$optarg
+ ;;
+ --includedir)
+ echo_includedir=yes
+ ;;
+ --libdir=*)
+ libdir=$optarg
+ ;;
+ --libdir)
+ echo_libdir=yes
+ ;;
+ --version)
+ echo ${major_version}.${minor_version}.${patch_version}
+ ;;
+ --cflags)
+ echo_cflags=yes
+ ;;
+ --libs)
+ echo_libs=yes
+ ;;
+ ssl)
+ lib_ssl=yes
+ ;;
+ smime)
+ lib_smime=yes
+ ;;
+ nss)
+ lib_nss=yes
+ ;;
+ nssutil)
+ lib_nssutil=yes
+ ;;
+ *)
+ usage 1 1>&2
+ ;;
+ esac
+ shift
+done
+
+# Set variables that may be dependent upon other variables
+if test -z "$exec_prefix"; then
+ exec_prefix=`pkg-config --variable=exec_prefix nss`
+fi
+if test -z "$includedir"; then
+ includedir=`pkg-config --variable=includedir nss`
+fi
+if test -z "$libdir"; then
+ libdir=`pkg-config --variable=libdir nss`
+fi
+
+if test "$echo_prefix" = "yes"; then
+ echo $prefix
+fi
+
+if test "$echo_exec_prefix" = "yes"; then
+ echo $exec_prefix
+fi
+
+if test "$echo_includedir" = "yes"; then
+ echo $includedir
+fi
+
+if test "$echo_libdir" = "yes"; then
+ echo $libdir
+fi
+
+if test "$echo_cflags" = "yes"; then
+ echo -I$includedir
+fi
+
+if test "$echo_libs" = "yes"; then
+ libdirs="-Wl,-R$libdir -L$libdir"
+ if test -n "$lib_ssl"; then
+ libdirs="$libdirs -lssl${major_version}"
+ fi
+ if test -n "$lib_smime"; then
+ libdirs="$libdirs -lsmime${major_version}"
+ fi
+ if test -n "$lib_nss"; then
+ libdirs="$libdirs -lnss${major_version}"
+ fi
+ if test -n "$lib_nssutil"; then
+ libdirs="$libdirs -lnssutil${major_version}"
+ fi
+ echo $libdirs
+fi
+
diff -urN nss-3.12.5-orig/mozilla/security/nss/config/nss.pc.in nss-3.12.5/mozilla/security/nss/config/nss.pc.in
--- nss-3.12.5-orig/mozilla/security/nss/config/nss.pc.in 1969-12-31 18:00:00.000000000 -0600
+++ nss-3.12.5/mozilla/security/nss/config/nss.pc.in 2009-09-14 21:45:45.653637310 -0500
@@ -0,0 +1,12 @@
+prefix=@prefix@
+exec_prefix=@exec_prefix@
+libdir=@libdir@
+includedir=@includedir@
+
+Name: NSS
+Description: Network Security Services
+Version: @NSS_MAJOR_VERSION@.@NSS_MINOR_VERSION@.@NSS_PATCH_VERSION@
+Requires: nspr >= 4.8
+Libs: -L${libdir} -lssl3 -lsmime3 -lnssutil3 -lnss3 -Wl,-R${libdir}
+Cflags: -I${includedir}
+
diff -urN nss-3.12.5-orig/mozilla/security/nss/Makefile nss-3.12.5/mozilla/security/nss/Makefile
--- nss-3.12.5-orig/mozilla/security/nss/Makefile 2008-12-02 17:24:39.000000000 -0600
+++ nss-3.12.5/mozilla/security/nss/Makefile 2009-09-14 21:45:45.678657145 -0500
@@ -78,7 +78,7 @@
# (7) Execute "local" rules. (OPTIONAL). #
#######################################################################
-nss_build_all: build_coreconf build_nspr build_dbm all
+nss_build_all: build_coreconf build_dbm all
nss_clean_all: clobber_coreconf clobber_nspr clobber_dbm clobber
@@ -140,12 +140,6 @@
--with-dist-prefix='$(NSPR_PREFIX)' \
--with-dist-includedir='$(NSPR_PREFIX)/include'
-build_nspr: $(NSPR_CONFIG_STATUS)
- cd $(CORE_DEPTH)/../nsprpub/$(OBJDIR_NAME) ; $(MAKE)
-
-clobber_nspr: $(NSPR_CONFIG_STATUS)
- cd $(CORE_DEPTH)/../nsprpub/$(OBJDIR_NAME) ; $(MAKE) clobber
-
build_dbm:
ifndef NSS_DISABLE_DBM
cd $(CORE_DEPTH)/dbm ; $(MAKE) export libs
diff -urN nss-3.12.5-orig/mozilla/security/nss/manifest.mn nss-3.12.5/mozilla/security/nss/manifest.mn
--- nss-3.12.5-orig/mozilla/security/nss/manifest.mn 2008-04-04 15:36:59.000000000 -0500
+++ nss-3.12.5/mozilla/security/nss/manifest.mn 2009-09-14 21:45:45.703656167 -0500
@@ -42,6 +42,6 @@
RELEASE = nss
-DIRS = lib cmd
+DIRS = lib cmd config

10
sdk_container/src/third_party/coreos-overlay/app-crypt/nss/files/nss-3.12.6-gentoo-fixup-warnings.patch vendored
View File

@ -1,10 +0,0 @@
--- nss-3.12.6b/mozilla/security/coreconf/Linux.mk-old 2010-02-11 12:43:26.000000000 -0600
+++ nss-3.12.6b/mozilla/security/coreconf/Linux.mk 2010-02-14 09:13:53.962449644 -0600
@@ -120,6 +120,7 @@
ifdef MOZ_DEBUG_SYMBOLS
OPTIMIZER += -gstabs+
endif
+OPTIMIZER += -fno-strict-aliasing
endif

11
sdk_container/src/third_party/coreos-overlay/app-crypt/nss/files/nss-3.12.8-cert-initlocks.patch vendored
View File

@ -1,11 +0,0 @@
diff -rupN nss-3.12.8/mozilla/security/nss/lib/certdb/certdb.c nss-3.12.8_patched/mozilla/security/nss/lib/certdb/certdb.c
--- nss-3.12.8/mozilla/security/nss/lib/certdb/certdb.c 2010-09-02 00:52:02.000000000 +0000
+++ nss-3.12.8_patched/mozilla/security/nss/lib/certdb/certdb.c 2012-04-02 20:58:31.821621891 +0000
@@ -3030,6 +3030,7 @@ cert_InitLocks(void)
PORT_Assert(certTrustLock != NULL);
if (!certTrustLock) {
PZ_DestroyLock(certRefCountLock);
+ certRefCountLock = NULL;
return SECFailure;
}
}

15046
sdk_container/src/third_party/coreos-overlay/app-crypt/nss/files/nss-3.12.8-chromeos-root-certs.patch vendored
View File

File diff suppressed because it is too large Load Diff

23
sdk_container/src/third_party/coreos-overlay/app-crypt/nss/files/nss-3.12.8-shlibsign.patch vendored
View File

@ -1,23 +0,0 @@
--- mozilla/security/nss/cmd/shlibsign/Makefile-old 2009-10-21 01:48:57.000000000 +0000
+++ mozilla/security/nss/cmd/shlibsign/Makefile 2009-10-21 01:55:08.000000000 +0@@ -105,6 +105,7 @@
include ../platrules.mk
SRCDIR = $(call core_abspath,.)
+SHLIBSIGN =
%.chk: %.$(DLL_SUFFIX)
ifeq ($(OS_TARGET), OS2)
@@ -112,9 +113,13 @@
$(call core_abspath,$(OBJDIR)) $(OS_TARGET) \
$(call core_abspath,$(NSPR_LIB_DIR)) $(call core_abspath,$<)
else
+ifeq ($(SHLIBSIGN),)
cd $(OBJDIR) ; sh $(SRCDIR)/sign.sh $(call core_abspath,$(DIST)) \
$(call core_abspath,$(OBJDIR)) $(OS_TARGET) \
$(call core_abspath,$(NSPR_LIB_DIR)) $(call core_abspath,$<)
+else
+ cd $(OBJDIR) ; $(SHLIBSIGN) -v -i $(call core_abspath,$<)
+endif
endif
libs install :: $(CHECKLOC)

245
sdk_container/src/third_party/coreos-overlay/app-crypt/nss/files/nss-3.13-gentoo-fixup.patch vendored
View File

@ -1,245 +0,0 @@
diff -urN a/mozilla/security/nss/config/Makefile b/mozilla/security/nss/config/Makefile
--- a/mozilla/security/nss/config/Makefile 1969-12-31 18:00:00.000000000 -0600
+++ b/mozilla/security/nss/config/Makefile 2009-09-14 21:45:45.619639265 -0500
@@ -0,0 +1,40 @@
+CORE_DEPTH = ../..
+DEPTH = ../..
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+NSS_MAJOR_VERSION = `grep "NSS_VMAJOR" ../lib/nss/nss.h | awk '{print $$3}'`
+NSS_MINOR_VERSION = `grep "NSS_VMINOR" ../lib/nss/nss.h | awk '{print $$3}'`
+NSS_PATCH_VERSION = `grep "NSS_VPATCH" ../lib/nss/nss.h | awk '{print $$3}'`
+PREFIX = /usr
+
+all: export libs
+
+export:
+ # Create the nss.pc file
+ mkdir -p $(DIST)/lib/pkgconfig
+ sed -e "s,@prefix@,$(PREFIX)," \
+ -e "s,@exec_prefix@,\$${prefix}," \
+ -e "s,@libdir@,\$${prefix}/gentoo/nss," \
+ -e "s,@includedir@,\$${prefix}/include/nss," \
+ -e "s,@NSS_MAJOR_VERSION@,$(NSS_MAJOR_VERSION),g" \
+ -e "s,@NSS_MINOR_VERSION@,$(NSS_MINOR_VERSION)," \
+ -e "s,@NSS_PATCH_VERSION@,$(NSS_PATCH_VERSION)," \
+ nss.pc.in > nss.pc
+ chmod 0644 nss.pc
+ ln -sf ../../../../../security/nss/config/nss.pc $(DIST)/lib/pkgconfig
+
+ # Create the nss-config script
+ mkdir -p $(DIST)/bin
+ sed -e "s,@prefix@,$(PREFIX)," \
+ -e "s,@NSS_MAJOR_VERSION@,$(NSS_MAJOR_VERSION)," \
+ -e "s,@NSS_MINOR_VERSION@,$(NSS_MINOR_VERSION)," \
+ -e "s,@NSS_PATCH_VERSION@,$(NSS_PATCH_VERSION)," \
+ nss-config.in > nss-config
+ chmod 0755 nss-config
+ ln -sf ../../../../security/nss/config/nss-config $(DIST)/bin
+
+libs:
+
+dummy: all export libs
+
diff -urN a/mozilla/security/nss/config/nss-config.in b/mozilla/security/nss/config/nss-config.in
--- a/mozilla/security/nss/config/nss-config.in 1969-12-31 18:00:00.000000000 -0600
+++ b/mozilla/security/nss/config/nss-config.in 2009-09-14 21:47:45.190638078 -0500
@@ -0,0 +1,145 @@
+#!/bin/sh
+
+prefix=@prefix@
+
+major_version=@NSS_MAJOR_VERSION@
+minor_version=@NSS_MINOR_VERSION@
+patch_version=@NSS_PATCH_VERSION@
+
+usage()
+{
+ cat <<EOF
+Usage: nss-config [OPTIONS] [LIBRARIES]
+Options:
+ [--prefix[=DIR]]
+ [--exec-prefix[=DIR]]
+ [--includedir[=DIR]]
+ [--libdir[=DIR]]
+ [--version]
+ [--libs]
+ [--cflags]
+Dynamic Libraries:
+ nss
+ ssl
+ smime
+ nssutil
+EOF
+ exit $1
+}
+
+if test $# -eq 0; then
+ usage 1 1>&2
+fi
+
+lib_ssl=yes
+lib_smime=yes
+lib_nss=yes
+lib_nssutil=yes
+
+while test $# -gt 0; do
+ case "$1" in
+ -*=*) optarg=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'` ;;
+ *) optarg= ;;
+ esac
+
+ case $1 in
+ --prefix=*)
+ prefix=$optarg
+ ;;
+ --prefix)
+ echo_prefix=yes
+ ;;
+ --exec-prefix=*)
+ exec_prefix=$optarg
+ ;;
+ --exec-prefix)
+ echo_exec_prefix=yes
+ ;;
+ --includedir=*)
+ includedir=$optarg
+ ;;
+ --includedir)
+ echo_includedir=yes
+ ;;
+ --libdir=*)
+ libdir=$optarg
+ ;;
+ --libdir)
+ echo_libdir=yes
+ ;;
+ --version)
+ echo ${major_version}.${minor_version}.${patch_version}
+ ;;
+ --cflags)
+ echo_cflags=yes
+ ;;
+ --libs)
+ echo_libs=yes
+ ;;
+ ssl)
+ lib_ssl=yes
+ ;;
+ smime)
+ lib_smime=yes
+ ;;
+ nss)
+ lib_nss=yes
+ ;;
+ nssutil)
+ lib_nssutil=yes
+ ;;
+ *)
+ usage 1 1>&2
+ ;;
+ esac
+ shift
+done
+
+# Set variables that may be dependent upon other variables
+if test -z "$exec_prefix"; then
+ exec_prefix=`pkg-config --variable=exec_prefix nss`
+fi
+if test -z "$includedir"; then
+ includedir=`pkg-config --variable=includedir nss`
+fi
+if test -z "$libdir"; then
+ libdir=`pkg-config --variable=libdir nss`
+fi
+
+if test "$echo_prefix" = "yes"; then
+ echo $prefix
+fi
+
+if test "$echo_exec_prefix" = "yes"; then
+ echo $exec_prefix
+fi
+
+if test "$echo_includedir" = "yes"; then
+ echo $includedir
+fi
+
+if test "$echo_libdir" = "yes"; then
+ echo $libdir
+fi
+
+if test "$echo_cflags" = "yes"; then
+ echo -I$includedir
+fi
+
+if test "$echo_libs" = "yes"; then
+ libdirs="-Wl,-R$libdir -L$libdir"
+ if test -n "$lib_ssl"; then
+ libdirs="$libdirs -lssl${major_version}"
+ fi
+ if test -n "$lib_smime"; then
+ libdirs="$libdirs -lsmime${major_version}"
+ fi
+ if test -n "$lib_nss"; then
+ libdirs="$libdirs -lnss${major_version}"
+ fi
+ if test -n "$lib_nssutil"; then
+ libdirs="$libdirs -lnssutil${major_version}"
+ fi
+ echo $libdirs
+fi
+
diff -urN a/mozilla/security/nss/config/nss.pc.in b/mozilla/security/nss/config/nss.pc.in
--- a/mozilla/security/nss/config/nss.pc.in 1969-12-31 18:00:00.000000000 -0600
+++ b/mozilla/security/nss/config/nss.pc.in 2009-09-14 21:45:45.653637310 -0500
@@ -0,0 +1,12 @@
+prefix=@prefix@
+exec_prefix=@exec_prefix@
+libdir=@libdir@
+includedir=@includedir@
+
+Name: NSS
+Description: Network Security Services
+Version: @NSS_MAJOR_VERSION@.@NSS_MINOR_VERSION@.@NSS_PATCH_VERSION@
+Requires: nspr >= 4.8
+Libs: -L${libdir} -lssl3 -lsmime3 -lnssutil3 -lnss3
+Cflags: -I${includedir}
+
diff -urN a/mozilla/security/nss/Makefile b/mozilla/security/nss/Makefile
--- a/mozilla/security/nss/Makefile 2008-12-02 17:24:39.000000000 -0600
+++ b/mozilla/security/nss/Makefile 2009-09-14 21:45:45.678657145 -0500
@@ -78,7 +78,7 @@
# (7) Execute "local" rules. (OPTIONAL). #
#######################################################################
-nss_build_all: build_coreconf build_nspr build_dbm all
+nss_build_all: build_coreconf build_dbm all
nss_clean_all: clobber_coreconf clobber_nspr clobber_dbm clobber
@@ -140,12 +140,6 @@
--with-dist-prefix='$(NSPR_PREFIX)' \
--with-dist-includedir='$(NSPR_PREFIX)/include'
-build_nspr: $(NSPR_CONFIG_STATUS)
- cd $(CORE_DEPTH)/../nsprpub/$(OBJDIR_NAME) ; $(MAKE)
-
-clobber_nspr: $(NSPR_CONFIG_STATUS)
- cd $(CORE_DEPTH)/../nsprpub/$(OBJDIR_NAME) ; $(MAKE) clobber
-
build_dbm:
ifndef NSS_DISABLE_DBM
cd $(CORE_DEPTH)/dbm ; $(MAKE) export libs
diff -urN a/mozilla/security/nss/manifest.mn b/mozilla/security/nss/manifest.mn
--- a/mozilla/security/nss/manifest.mn 2008-04-04 15:36:59.000000000 -0500
+++ b/mozilla/security/nss/manifest.mn 2009-09-14 21:45:45.703656167 -0500
@@ -42,6 +42,6 @@
RELEASE = nss
-DIRS = lib cmd
+DIRS = lib cmd config

33
sdk_container/src/third_party/coreos-overlay/app-crypt/nss/files/nss-3.13.1-solaris-gcc.patch vendored
View File

@ -1,33 +0,0 @@
--- nss-3.13.1/mozilla/security/coreconf/SunOS5.mk
+++ nss-3.13.1/mozilla/security/coreconf/SunOS5.mk
@@ -37,6 +37,9 @@
include $(CORE_DEPTH)/coreconf/UNIX.mk
+NS_USE_GCC = 1
+GCC_USE_GNU_LD = 1
+
# Sun's WorkShop defines v8, v8plus and v9 architectures.
# gcc on Solaris defines v8 and v9 "cpus".
# gcc's v9 is equivalent to Workshop's v8plus.
@@ -95,7 +98,7 @@
endif
endif
-INCLUDES += -I/usr/dt/include -I/usr/openwin/include
+#INCLUDES += -I/usr/dt/include -I/usr/openwin/include
RANLIB = echo
CPU_ARCH = sparc
@@ -105,11 +108,6 @@
NOMD_OS_CFLAGS += $(DSO_CFLAGS) $(OS_DEFINES) $(SOL_CFLAGS)
MKSHLIB = $(CC) $(DSO_LDOPTS) $(RPATH)
-ifdef NS_USE_GCC
-ifeq (GNU,$(findstring GNU,$(shell `$(CC) -print-prog-name=ld` -v 2>&1)))
- GCC_USE_GNU_LD = 1
-endif
-endif
ifdef MAPFILE
ifdef NS_USE_GCC
ifdef GCC_USE_GNU_LD

68
sdk_container/src/third_party/coreos-overlay/app-crypt/nss/files/nss-3.13.5-x32.patch vendored
View File

@ -1,68 +0,0 @@
diff -8urN a/mozilla/security/coreconf/Linux.mk b/mozilla/security/coreconf/Linux.mk
--- a/mozilla/security/coreconf/Linux.mk 2012-06-22 07:55:45.228234872 -0500
+++ b/mozilla/security/coreconf/Linux.mk 2012-06-22 07:56:30.171231815 -0500
@@ -60,21 +60,28 @@
else
ifeq ($(OS_TEST),alpha)
OS_REL_CFLAGS = -D_ALPHA_
CPU_ARCH = alpha
else
ifeq ($(OS_TEST),x86_64)
ifeq ($(USE_64),1)
CPU_ARCH = x86_64
+ ARCHFLAG = -m64
+else
+ifeq ($(USE_x32),1)
+ OS_REL_CFLAGS = -Di386
+ CPU_ARCH = x86
+ ARCHFLAG = -mx32
else
OS_REL_CFLAGS = -Di386
CPU_ARCH = x86
ARCHFLAG = -m32
endif
+endif
else
ifeq ($(OS_TEST),sparc64)
CPU_ARCH = sparc
else
ifeq (,$(filter-out arm% sa110,$(OS_TEST)))
CPU_ARCH = arm
else
ifeq (,$(filter-out parisc%,$(OS_TEST)))
diff -8urN a/mozilla/security/nss/lib/freebl/Makefile b/mozilla/security/nss/lib/freebl/Makefile
--- a/mozilla/security/nss/lib/freebl/Makefile 2012-06-22 07:55:45.441234854 -0500
+++ b/mozilla/security/nss/lib/freebl/Makefile 2012-06-22 07:56:30.172231808 -0500
@@ -210,22 +210,26 @@
DEFINES += -DMP_CHAR_STORE_SLOW -DMP_IS_LITTLE_ENDIAN
# DEFINES += -DMPI_AMD64_ADD
# comment the next two lines to turn off intel HW accelleration
DEFINES += -DUSE_HW_AES
ASFILES += intel-aes.s
MPI_SRCS += mpi_amd64.c mp_comba.c
endif
ifeq ($(CPU_ARCH),x86)
- ASFILES = mpi_x86.s
- DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE
- DEFINES += -DMP_ASSEMBLY_DIV_2DX1D
- DEFINES += -DMP_CHAR_STORE_SLOW -DMP_IS_LITTLE_ENDIAN
- # The floating point ECC code doesn't work on Linux x86 (bug 311432).
- #ECL_USE_FP = 1
+ ifeq ($(USE_x32),1)
+ DEFINES += -DMP_CHAR_STORE_SLOW -DMP_IS_LITTLE_ENDIAN
+ else
+ ASFILES = mpi_x86.s
+ DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE
+ DEFINES += -DMP_ASSEMBLY_DIV_2DX1D
+ DEFINES += -DMP_CHAR_STORE_SLOW -DMP_IS_LITTLE_ENDIAN
+ # The floating point ECC code doesn't work on Linux x86 (bug 311432).
+ #ECL_USE_FP = 1
+ endif
endif
ifeq ($(CPU_ARCH),arm)
DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE
DEFINES += -DMP_USE_UINT_DIGIT
DEFINES += -DSHA_NO_LONG_LONG # avoid 64-bit arithmetic in SHA512
MPI_SRCS += mpi_arm.c
endif
endif # Linux

21
sdk_container/src/third_party/coreos-overlay/app-crypt/nss/files/nss-3.14-abort-on-failed-urandom-access.patch vendored
View File

@ -1,21 +0,0 @@
diff -aurN nss-3.14-urandom/mozilla/security/nss/lib/freebl/unix_rand.c nss-3.14/mozilla/security/nss/lib/freebl/unix_rand.c
--- nss-3.14-urandom/mozilla/security/nss/lib/freebl/unix_rand.c 2012-12-28 16:31:12.017070243 -0800
+++ nss-3.14/mozilla/security/nss/lib/freebl/unix_rand.c 2012-12-28 16:31:49.107466816 -0800
@@ -925,6 +925,17 @@
|| defined(HPUX)
if (bytes)
return;
+
+ /*
+ * Modified to abort the process on Chromium OS if it failed
+ * to read from /dev/urandom.
+ *
+ * See crosbug.com/29623 for details.
+ */
+ fprintf(stderr, "[ERROR:%s(%d)] NSS failed to read from /dev/urandom. "
+ "Abort process.\n", __FILE__, __LINE__);
+ fflush(stderr);
+ abort();
#endif
#ifdef SOLARIS

164
sdk_container/src/third_party/coreos-overlay/app-crypt/nss/files/nss-3.14-bugzilla-802429.patch vendored
View File

@ -1,164 +0,0 @@
diff -aurN nss-3.14-default-token/mozilla/security/nss/lib/pk11wrap/pk11cert.c nss-3.14/mozilla/security/nss/lib/pk11wrap/pk11cert.c
--- nss-3.14-default-token/mozilla/security/nss/lib/pk11wrap/pk11cert.c 2012-12-28 16:34:08.208954371 -0800
+++ nss-3.14/mozilla/security/nss/lib/pk11wrap/pk11cert.c 2012-12-28 16:36:17.610338570 -0800
@@ -2663,7 +2663,7 @@
nssCryptokiObject *instance = *ip;
PK11SlotInfo *slot = instance->token->pk11slot;
if (slot) {
- PK11_AddSlotToList(slotList, slot);
+ PK11_AddSlotToList(slotList, slot, PR_TRUE);
found = PR_TRUE;
}
}
diff -aurN nss-3.14-default-token/mozilla/security/nss/lib/pk11wrap/pk11priv.h nss-3.14/mozilla/security/nss/lib/pk11wrap/pk11priv.h
--- nss-3.14-default-token/mozilla/security/nss/lib/pk11wrap/pk11priv.h 2012-12-28 16:34:08.208954371 -0800
+++ nss-3.14/mozilla/security/nss/lib/pk11wrap/pk11priv.h 2012-12-28 16:36:17.610338570 -0800
@@ -28,7 +28,7 @@
PK11SlotList * PK11_NewSlotList(void);
PK11SlotList * PK11_GetPrivateKeyTokens(CK_MECHANISM_TYPE type,
PRBool needRW,void *wincx);
-SECStatus PK11_AddSlotToList(PK11SlotList *list,PK11SlotInfo *slot);
+SECStatus PK11_AddSlotToList(PK11SlotList *list,PK11SlotInfo *slot, PRBool sorted);
SECStatus PK11_DeleteSlotFromList(PK11SlotList *list,PK11SlotListElement *le);
PK11SlotListElement *PK11_FindSlotElement(PK11SlotList *list,
PK11SlotInfo *slot);
diff -aurN nss-3.14-default-token/mozilla/security/nss/lib/pk11wrap/pk11slot.c nss-3.14/mozilla/security/nss/lib/pk11wrap/pk11slot.c
--- nss-3.14-default-token/mozilla/security/nss/lib/pk11wrap/pk11slot.c 2012-12-28 16:34:08.208954371 -0800
+++ nss-3.14/mozilla/security/nss/lib/pk11wrap/pk11slot.c 2012-12-28 16:36:17.610338570 -0800
@@ -171,11 +171,16 @@
/*
* add a slot to a list
+ * "slot" is the slot to be added. Ownership is not transferred.
+ * "sorted" indicates whether or not the slot should be inserted according to
+ * cipherOrder of the associated module. PR_FALSE indicates that the slot
+ * should be inserted to the head of the list.
*/
SECStatus
-PK11_AddSlotToList(PK11SlotList *list,PK11SlotInfo *slot)
+PK11_AddSlotToList(PK11SlotList *list,PK11SlotInfo *slot, PRBool sorted)
{
PK11SlotListElement *le;
+ PK11SlotListElement *element;
le = (PK11SlotListElement *) PORT_Alloc(sizeof(PK11SlotListElement));
if (le == NULL) return SECFailure;
@@ -184,9 +189,23 @@
le->prev = NULL;
le->refCount = 1;
PZ_Lock(list->lock);
- if (list->head) list->head->prev = le; else list->tail = le;
- le->next = list->head;
- list->head = le;
+ element = list->head;
+ /* Insertion sort, with higher cipherOrders are sorted first in the list */
+ while (element && sorted && (element->slot->module->cipherOrder >
+ le->slot->module->cipherOrder)) {
+ element = element->next;
+ }
+ if (element) {
+ le->prev = element->prev;
+ element->prev = le;
+ le->next = element;
+ } else {
+ le->prev = list->tail;
+ le->next = NULL;
+ list->tail = le;
+ }
+ if (le->prev) le->prev->next = le;
+ if (list->head == element) list->head = le;
PZ_Unlock(list->lock);
return SECSuccess;
@@ -208,11 +227,12 @@
}
/*
- * Move a list to the end of the target list. NOTE: There is no locking
- * here... This assumes BOTH lists are private copy lists.
+ * Move a list to the end of the target list.
+ * NOTE: There is no locking here... This assumes BOTH lists are private copy
+ * lists. It also does not re-sort the target list.
*/
SECStatus
-PK11_MoveListToList(PK11SlotList *target,PK11SlotList *src)
+pk11_MoveListToList(PK11SlotList *target,PK11SlotList *src)
{
if (src->head == NULL) return SECSuccess;
@@ -511,7 +531,7 @@
((NULL == slotName) || (0 == *slotName)) &&
((NULL == tokenName) || (0 == *tokenName)) ) {
/* default to softoken */
- PK11_AddSlotToList(slotList, PK11_GetInternalKeySlot());
+ PK11_AddSlotToList(slotList, PK11_GetInternalKeySlot(), PR_TRUE);
return slotList;
}
@@ -539,7 +559,7 @@
( (!slotName) || (tmpSlot->slot_name &&
(0==PORT_Strcmp(tmpSlot->slot_name, slotName)))) ) {
if (tmpSlot) {
- PK11_AddSlotToList(slotList, tmpSlot);
+ PK11_AddSlotToList(slotList, tmpSlot, PR_TRUE);
slotcount++;
}
}
@@ -910,7 +930,7 @@
CK_MECHANISM_TYPE mechanism = PK11_DefaultArray[i].mechanism;
PK11SlotList *slotList = PK11_GetSlotList(mechanism);
- if (slotList) PK11_AddSlotToList(slotList,slot);
+ if (slotList) PK11_AddSlotToList(slotList,slot,PR_FALSE);
}
}
@@ -937,7 +957,7 @@
/* add this slot to the list */
if (slotList!=NULL)
- result = PK11_AddSlotToList(slotList, slot);
+ result = PK11_AddSlotToList(slotList, slot, PR_FALSE);
} else { /* trying to turn off */
@@ -1910,12 +1930,12 @@
|| PK11_DoesMechanism(slot, type)) {
if (pk11_LoginStillRequired(slot,wincx)) {
if (PK11_IsFriendly(slot)) {
- PK11_AddSlotToList(friendlyList, slot);
+ PK11_AddSlotToList(friendlyList, slot, PR_TRUE);
} else {
- PK11_AddSlotToList(loginList, slot);
+ PK11_AddSlotToList(loginList, slot, PR_TRUE);
}
} else {
- PK11_AddSlotToList(list, slot);
+ PK11_AddSlotToList(list, slot, PR_TRUE);
}
}
}
@@ -1923,9 +1943,9 @@
}
SECMOD_ReleaseReadLock(moduleLock);
- PK11_MoveListToList(list,friendlyList);
+ pk11_MoveListToList(list,friendlyList);
PK11_FreeSlotList(friendlyList);
- PK11_MoveListToList(list,loginList);
+ pk11_MoveListToList(list,loginList);
PK11_FreeSlotList(loginList);
return list;
diff -aurN nss-3.14-default-token/mozilla/security/nss/lib/util/utilpars.c nss-3.14/mozilla/security/nss/lib/util/utilpars.c
--- nss-3.14-default-token/mozilla/security/nss/lib/util/utilpars.c 2012-12-28 16:34:08.218954478 -0800
+++ nss-3.14/mozilla/security/nss/lib/util/utilpars.c 2012-12-28 16:36:08.190237792 -0800
@@ -543,6 +543,8 @@
NSSUTIL_ARG_ENTRY(FORTEZZA,SECMOD_FORTEZZA_FLAG),
NSSUTIL_ARG_ENTRY(RC5,SECMOD_RC5_FLAG),
NSSUTIL_ARG_ENTRY(SHA1,SECMOD_SHA1_FLAG),
+ NSSUTIL_ARG_ENTRY(SHA256,SECMOD_SHA256_FLAG),
+ NSSUTIL_ARG_ENTRY(SHA512,SECMOD_SHA512_FLAG),
NSSUTIL_ARG_ENTRY(MD5,SECMOD_MD5_FLAG),
NSSUTIL_ARG_ENTRY(MD2,SECMOD_MD2_FLAG),
NSSUTIL_ARG_ENTRY(SSL,SECMOD_SSL_FLAG),

95
sdk_container/src/third_party/coreos-overlay/app-crypt/nss/files/nss-3.14-chromeos-cert-nicknames.patch vendored
View File

@ -1,95 +0,0 @@
diff -aurN nss-3.14-prepared/mozilla/security/nss/lib/nss/nss.def nss-3.14/mozilla/security/nss/lib/nss/nss.def
--- nss-3.14-prepared/mozilla/security/nss/lib/nss/nss.def 2012-12-28 16:27:38.374784755 -0800
+++ nss-3.14/mozilla/security/nss/lib/nss/nss.def 2012-12-28 16:28:42.605473048 -0800
@@ -613,6 +613,7 @@
PK11_GetPQGParamsFromPrivateKey;
PK11_GetPrivateKeyNickname;
PK11_GetPublicKeyNickname;
+PK11_GetCertificateNickname;
PK11_GetSymKeyNickname;
PK11_ImportDERPrivateKeyInfoAndReturnKey;
PK11_ImportPrivateKeyInfoAndReturnKey;
@@ -624,6 +625,7 @@
PK11_ProtectedAuthenticationPath;
PK11_SetPrivateKeyNickname;
PK11_SetPublicKeyNickname;
+PK11_SetCertificateNickname;
PK11_SetSymKeyNickname;
SECKEY_DecodeDERSubjectPublicKeyInfo;
SECKEY_DestroyPublicKeyList;
diff -aurN nss-3.14-prepared/mozilla/security/nss/lib/pk11wrap/pk11akey.c nss-3.14/mozilla/security/nss/lib/pk11wrap/pk11akey.c
--- nss-3.14-prepared/mozilla/security/nss/lib/pk11wrap/pk11akey.c 2012-12-28 16:27:38.354784541 -0800
+++ nss-3.14/mozilla/security/nss/lib/pk11wrap/pk11akey.c 2012-12-28 16:28:42.605473048 -0800
@@ -1909,6 +1909,13 @@
return PK11_GetObjectNickname(pubKey->pkcs11Slot,pubKey->pkcs11ID);
}
+char *
+PK11_GetCertificateNickname(CERTCertificate *certificate)
+{
+ return PK11_GetObjectNickname(certificate->slot,
+ certificate->pkcs11ID);
+}
+
SECStatus
PK11_SetPrivateKeyNickname(SECKEYPrivateKey *privKey, const char *nickname)
{
@@ -1923,6 +1930,13 @@
pubKey->pkcs11ID,nickname);
}
+SECStatus
+PK11_SetCertificateNickname(CERTCertificate *certificate, const char *nickname)
+{
+ return PK11_SetObjectNickname(certificate->slot,
+ certificate->pkcs11ID,nickname);
+}
+
SECKEYPQGParams *
PK11_GetPQGParamsFromPrivateKey(SECKEYPrivateKey *privKey)
{
diff -aurN nss-3.14-prepared/mozilla/security/nss/lib/pk11wrap/pk11obj.c nss-3.14/mozilla/security/nss/lib/pk11wrap/pk11obj.c
--- nss-3.14-prepared/mozilla/security/nss/lib/pk11wrap/pk11obj.c 2012-12-28 16:27:38.354784541 -0800
+++ nss-3.14/mozilla/security/nss/lib/pk11wrap/pk11obj.c 2012-12-28 16:28:42.605473048 -0800
@@ -1410,7 +1410,10 @@
slot = ((PK11SymKey *)objSpec)->slot;
handle = ((PK11SymKey *)objSpec)->objectID;
break;
- case PK11_TypeCert: /* don't handle cert case for now */
+ case PK11_TypeCert:
+ slot = ((CERTCertificate *)objSpec)->slot;
+ handle = ((CERTCertificate *)objSpec)->pkcs11ID;
+ break;
default:
break;
}
@@ -1460,7 +1463,10 @@
slot = ((PK11SymKey *)objSpec)->slot;
handle = ((PK11SymKey *)objSpec)->objectID;
break;
- case PK11_TypeCert: /* don't handle cert case for now */
+ case PK11_TypeCert:
+ slot = ((CERTCertificate *)objSpec)->slot;
+ handle = ((CERTCertificate *)objSpec)->pkcs11ID;
+ break;
default:
break;
}
diff -aurN nss-3.14-prepared/mozilla/security/nss/lib/pk11wrap/pk11pub.h nss-3.14/mozilla/security/nss/lib/pk11wrap/pk11pub.h
--- nss-3.14-prepared/mozilla/security/nss/lib/pk11wrap/pk11pub.h 2012-12-28 16:27:38.354784541 -0800
+++ nss-3.14/mozilla/security/nss/lib/pk11wrap/pk11pub.h 2012-12-28 16:28:42.605473048 -0800
@@ -453,11 +453,14 @@
char * PK11_GetSymKeyNickname(PK11SymKey *symKey);
char * PK11_GetPrivateKeyNickname(SECKEYPrivateKey *privKey);
char * PK11_GetPublicKeyNickname(SECKEYPublicKey *pubKey);
+char * PK11_GetCertificateNickname(CERTCertificate *certificate);
SECStatus PK11_SetSymKeyNickname(PK11SymKey *symKey, const char *nickname);
SECStatus PK11_SetPrivateKeyNickname(SECKEYPrivateKey *privKey,
const char *nickname);
SECStatus PK11_SetPublicKeyNickname(SECKEYPublicKey *pubKey,
const char *nickname);
+SECStatus PK11_SetCertificateNickname(CERTCertificate *certificate,
+ const char *nickname);
/* size to hold key in bytes */
unsigned int PK11_GetKeyLength(PK11SymKey *key);

1
sdk_container/src/third_party/coreos-overlay/app-crypt/nss/nss-3.12.8-r4.ebuild vendored
View File

@ -1 +0,0 @@
nss-3.12.8.ebuild

116
sdk_container/src/third_party/coreos-overlay/app-crypt/nss/nss-3.12.8.ebuild vendored
View File

@ -1,116 +0,0 @@
# Copyright 1999-2010 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/dev-libs/nss/nss-3.12.8.ebuild,v 1.1 2010/09/30 11:58:39 anarchy Exp $
EAPI=3
inherit eutils flag-o-matic multilib toolchain-funcs
NSPR_VER="4.8.6"
RTM_NAME="NSS_${PV//./_}_RTM"
DESCRIPTION="Mozilla's Network Security Services library that implements PKI support"
HOMEPAGE="http://www.mozilla.org/projects/security/pki/nss/"
SRC_URI="ftp://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/${RTM_NAME}/src/${P}.tar.gz"
LICENSE="|| ( MPL-1.1 GPL-2 LGPL-2.1 )"
SLOT="0"
KEYWORDS="~alpha amd64 arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc x86 ~x86-fbsd ~amd64-linux ~x86-linux ~x86-macos ~sparc-solaris ~x64-solaris ~x86-solaris"
DEPEND="dev-util/pkgconfig"
RDEPEND=">=dev-libs/nspr-${NSPR_VER}
>=dev-libs/nss-${PV}
>=dev-db/sqlite-3.5
sys-libs/zlib"
src_prepare() {
# Custom changes for gentoo
epatch "${FILESDIR}/${PN}-3.12.5-gentoo-fixups.diff"
epatch "${FILESDIR}/${PN}-3.12.6-gentoo-fixup-warnings.patch"
epatch "${FILESDIR}"/${P}-shlibsign.patch
epatch "${FILESDIR}"/${P}-chromeos-root-certs.patch
# See https://bugzilla.mozilla.org/show_bug.cgi?id=741481 for details.
epatch "${FILESDIR}"/${P}-cert-initlocks.patch
cd "${S}"/mozilla/security/coreconf
# Explain that linux 3.0+ is just the same as 2.6.
ln -sf Linux2.6.mk Linux$(uname -r | cut -b1-3).mk
# hack nspr paths
echo 'INCLUDES += -I'"${EPREFIX}"'/usr/include/nspr -I$(DIST)/include/dbm' \
>> headers.mk || die "failed to append include"
# modify install path
sed -e 's:SOURCE_PREFIX = $(CORE_DEPTH)/\.\./dist:SOURCE_PREFIX = $(CORE_DEPTH)/dist:' \
-i source.mk
# Respect LDFLAGS
sed -i -e 's/\$(MKSHLIB) -o/\$(MKSHLIB) \$(LDFLAGS) -o/g' rules.mk
# Ensure we stay multilib aware
sed -i -e "s:gentoo\/nss:$(get_libdir):" "${S}"/mozilla/security/nss/config/Makefile || die "Failed to fix for multilib"
# Fix pkgconfig file for Prefix
sed -i -e "/^PREFIX =/s:= /usr:= ${EPREFIX}/usr:" \
"${S}"/mozilla/security/nss/config/Makefile
epatch "${FILESDIR}"/${PN}-3.12.4-solaris-gcc.patch # breaks non-gnu tools
# dirty hack
cd "${S}"/mozilla/security/nss
sed -i -e "/CRYPTOLIB/s:\$(SOFTOKEN_LIB_DIR):../freebl/\$(OBJDIR):" \
lib/ssl/config.mk || die
sed -i -e "/CRYPTOLIB/s:\$(SOFTOKEN_LIB_DIR):../../lib/freebl/\$(OBJDIR):" \
cmd/platlibs.mk || die
}
src_compile() {
strip-flags
echo > "${T}"/test.c
$(tc-getCC) ${CFLAGS} -c "${T}"/test.c -o "${T}"/test.o
case $(file "${T}"/test.o) in
*64-bit*|*ppc64*|*x86_64*) export USE_64=1;;
*32-bit*|*ppc*|*i386*) ;;
*) die "Failed to detect whether your arch is 64bits or 32bits, disable distcc if you're using it, please";;
esac
export NSPR_INCLUDE_DIR="${ROOT}"/usr/include/nspr
export NSPR_LIB_DIR="${ROOT}"/usr/lib
export BUILD_OPT=1
export NSS_USE_SYSTEM_SQLITE=1
export NSDISTMODE=copy
export NSS_ENABLE_ECC=1
export XCFLAGS="${CFLAGS}"
export FREEBL_NO_DEPEND=1
# Cross-compile Love
( filter-flags -m* ;
cd "${S}"/mozilla/security/coreconf &&
emake -j1 BUILD_OPT=1 XCFLAGS="${CFLAGS}" LDFLAGS= CC="$(tc-getBUILD_CC)" || die "coreconf make failed" )
cd "${S}"/mozilla/security/dbm
NSINSTALL=$(readlink -f $(find "${S}"/mozilla/security/coreconf -type f -name nsinstall))
emake -j1 BUILD_OPT=1 XCFLAGS="${CFLAGS}" CC="$(tc-getCC)" NSINSTALL="${NSINSTALL}" OS_TEST=${ARCH} || die "dbm make failed"
cd "${S}"/mozilla/security/nss
if tc-is-cross-compiler; then
SHLIBSIGN_ARG="SHLIBSIGN=/usr/bin/nssshlibsign"
fi
emake -j1 BUILD_OPT=1 XCFLAGS="${CFLAGS}" CC="$(tc-getCC)" NSINSTALL="${NSINSTALL}" OS_TEST=${ARCH} ${SHLIBSIGN_ARG} || die "nss make failed"
}
src_install () {
local nssutils
# The tests we do not need to install.
#nssutils_test="bltest crmftest dbtest dertimetest
#fipstest remtest sdrtest"
nssutils="addbuiltin atob baddbdir btoa certcgi certutil checkcert
cmsutil conflict crlutil derdump digest makepqg mangle modutil multinit
nonspr10 ocspclnt oidcalc p7content p7env p7sign p7verify pk11mode
pk12util pp rsaperf selfserv shlibsign signtool signver ssltap strsclnt
symkeyutil tstclnt vfychain vfyserv"
cd "${S}"/mozilla/security/dist/*/bin/
for f in $nssutils; do
# TODO(cmasone): switch to normal nss tool names
newbin ${f} nss${f}
done
}

133
sdk_container/src/third_party/coreos-overlay/app-crypt/nss/nss-3.14.ebuild vendored
View File

@ -1,133 +0,0 @@
# Copyright 1999-2012 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/dev-libs/nss/nss-3.14.ebuild,v 1.8 2012/11/29 23:41:51 blueness Exp $
EAPI=3
inherit eutils flag-o-matic multilib toolchain-funcs
NSPR_VER="4.9.2"
RTM_NAME="NSS_${PV//./_}_RTM"
DESCRIPTION="Mozilla's Network Security Services library that implements PKI support"
HOMEPAGE="http://www.mozilla.org/projects/security/pki/nss/"
SRC_URI="ftp://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/${RTM_NAME}/src/${P}.tar.gz"
LICENSE="|| ( MPL-1.1 GPL-2 LGPL-2.1 )"
SLOT="0"
KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 ~sparc x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~x86-macos ~sparc-solaris ~x64-solaris ~x86-solaris"
DEPEND="virtual/pkgconfig
>=dev-libs/nspr-${NSPR_VER}"
RDEPEND=">=dev-libs/nspr-${NSPR_VER}
>=dev-libs/nss-${PV}
>=dev-db/sqlite-3.5
sys-libs/zlib"
src_setup() {
export LC_ALL="C"
}
src_prepare() {
# Custom changes for gentoo
epatch "${FILESDIR}/${PN}-3.13-gentoo-fixup.patch"
epatch "${FILESDIR}/${PN}-3.12.6-gentoo-fixup-warnings.patch"
epatch "${FILESDIR}/${PN}-3.13.5-x32.patch"
# Fix cross-compiling of NSS. This is an alternative to upstream's
# patch at https://bugs.gentoo.org/show_bug.cgi?id=436216
epatch "${FILESDIR}/${PN}-3.12.8-shlibsign.patch"
# Add a public API to set the certificate nickname (PKCS#11 CKA_LABEL
# attribute). See http://crosbug.com/19403 for details.
epatch "${FILESDIR}"/${PN}-3.14-chromeos-cert-nicknames.patch
# Abort the process if /dev/urandom cannot be opened (eg: when sandboxed)
# See http://crosbug.com/29623 for details.
epatch "${FILESDIR}"/${PN}-3.14-abort-on-failed-urandom-access.patch
# Don't default to the TPM for SHA-256. Fixed in NSS 3.14.1
# See https://bugzilla.mozilla.org/show_bug.cgi?id=802429 for details
epatch "${FILESDIR}"/${PN}-3.14-bugzilla-802429.patch
cd "${S}"/mozilla/security/coreconf || die
# hack nspr paths
echo 'INCLUDES += -I'"${EPREFIX}"'/usr/include/nspr -I$(DIST)/include/dbm' \
>> headers.mk || die "failed to append include"
# modify install path
sed -e 's:SOURCE_PREFIX = $(CORE_DEPTH)/\.\./dist:SOURCE_PREFIX = $(CORE_DEPTH)/dist:' \
-i source.mk || die
# Respect LDFLAGS
sed -i -e 's/\$(MKSHLIB) -o/\$(MKSHLIB) \$(LDFLAGS) -o/g' rules.mk || die
# Ensure we stay multilib aware
sed -i -e "s:gentoo\/nss:$(get_libdir):" "${S}"/mozilla/security/nss/config/Makefile || die "Failed to fix for multilib"
# Fix pkgconfig file for Prefix
sed -i -e "/^PREFIX =/s:= /usr:= ${EPREFIX}/usr:" \
"${S}"/mozilla/security/nss/config/Makefile || die
epatch "${FILESDIR}/nss-3.13.1-solaris-gcc.patch"
# dirty hack
cd "${S}"/mozilla/security/nss || die
sed -i -e "/CRYPTOLIB/s:\$(SOFTOKEN_LIB_DIR):../freebl/\$(OBJDIR):" \
lib/ssl/config.mk || die
sed -i -e "/CRYPTOLIB/s:\$(SOFTOKEN_LIB_DIR):../../lib/freebl/\$(OBJDIR):" \
cmd/platlibs.mk || die
}
src_compile() {
strip-flags
echo > "${T}"/test.c || die
$(tc-getCC) ${CFLAGS} -c "${T}"/test.c -o "${T}"/test.o || die
case $(file "${T}"/test.o) in
*32-bit*x86-64*) export USE_x32=1;;
*64-bit*|*ppc64*|*x86_64*) export USE_64=1;;
*32-bit*|*ppc*|*i386*) ;;
*) die "Failed to detect whether your arch is 64bits or 32bits, disable distcc if you're using it, please";;
esac
export NSPR_INCLUDE_DIR="${ROOT}"/usr/include/nspr
export NSPR_LIB_DIR="${ROOT}"/usr/lib
export BUILD_OPT=1
export NSS_USE_SYSTEM_SQLITE=1
export NSDISTMODE=copy
export NSS_ENABLE_ECC=1
export XCFLAGS="${CFLAGS}"
export FREEBL_NO_DEPEND=1
export ASFLAGS=""
# Cross-compile Love
( filter-flags -m* ;
cd "${S}"/mozilla/security/coreconf &&
emake -j1 BUILD_OPT=1 XCFLAGS="${CFLAGS}" LDFLAGS= CC="$(tc-getBUILD_CC)" || die "coreconf make failed" )
cd "${S}"/mozilla/security/dbm
NSINSTALL=$(readlink -f $(find "${S}"/mozilla/security/coreconf -type f -name nsinstall))
emake -j1 BUILD_OPT=1 XCFLAGS="${CFLAGS}" CC="$(tc-getCC)" NSINSTALL="${NSINSTALL}" OS_TEST=${ARCH} || die "dbm make failed"
cd "${S}"/mozilla/security/nss
if tc-is-cross-compiler; then
SHLIBSIGN_ARG="SHLIBSIGN=/usr/bin/nssshlibsign"
fi
emake -j1 BUILD_OPT=1 XCFLAGS="${CFLAGS}" CC="$(tc-getCC)" NSINSTALL="${NSINSTALL}" OS_TEST=${ARCH} ${SHLIBSIGN_ARG} || die "nss make failed"
}
src_install () {
local nssutils
# The tests we do not need to install.
#nssutils_test="bltest crmftest dbtest dertimetest
#fipstest remtest sdrtest"
nssutils="addbuiltin atob baddbdir btoa certcgi certutil checkcert
cmsutil conflict crlutil derdump digest makepqg mangle modutil multinit
nonspr10 ocspclnt oidcalc p7content p7env p7sign p7verify pk11mode
pk12util pp rsaperf selfserv signtool signver ssltap strsclnt
symkeyutil tstclnt vfychain vfyserv"
cd "${S}"/mozilla/security/dist/*/bin/ || die
for f in $nssutils; do
# TODO(cmasone): switch to normal nss tool names
newbin ${f} nss${f} || die
done
}

2
sdk_container/src/third_party/coreos-overlay/dev-libs/nspr/Manifest vendored
View File

@ -1,2 +0,0 @@
DIST nspr-4.8.6.tar.gz 1202257 SHA256 d9040bb01536fa63881c423c4fa831ea459696b32d2097f614842f824e1a9f6d
DIST nspr-4.9.2.tar.gz 1172193 SHA256 570206f125fc31b8589b31d3837c190ee2a75d4f3b8faec2cbedbeacc016e82c SHA512 1f1f35fc2b9ead7e3b4ef93a02f13c0bcccc314bf9cfad67e6ddb755aaf6ab411499b0b57b94b032e2c7ee21fc7c114ca447e24825b79611f720f88eb37bd348 WHIRLPOOL b50c87f8ba77601ea79282659b4781fe674925bc87bc130dd5acc056021b135769a0d5ed1b76e759c1dfbb0c7df9d6fb0d97d292f42c5d7c5db43233c2498f07

11
sdk_container/src/third_party/coreos-overlay/dev-libs/nspr/files/nspr-4.6.1-config-1.patch vendored
View File

@ -1,11 +0,0 @@
--- mozilla/nsprpub/configure.orig 2006-01-14 22:41:37.000000000 +0000
+++ mozilla/nsprpub/configure 2006-01-14 22:49:14.000000000 +0000
@@ -3893,7 +3893,7 @@
PR_MD_CSRCS=linux.c
MKSHLIB='$(CC) $(DSO_LDOPTS) -o $@'
DSO_CFLAGS=-fPIC
- DSO_LDOPTS='-shared -Wl,-soname -Wl,$(notdir $@)'
+ DSO_LDOPTS='-shared -Wl,-soname -Wl,$(notdir $@).$(MOD_MINOR_VERSION)'
_OPTIMIZE_FLAGS=-O2
_DEBUG_FLAGS="-g -fno-inline" # most people on linux use gcc/gdb, and that
# combo is not yet good at debugging inlined

89
sdk_container/src/third_party/coreos-overlay/dev-libs/nspr/files/nspr-4.6.1-config.patch vendored
View File

@ -1,89 +0,0 @@
--- mozilla/nsprpub/lib/libc/src/Makefile.in.orig 2005-06-01 14:28:26.000000000 +0000
+++ mozilla/nsprpub/lib/libc/src/Makefile.in 2006-01-15 02:50:39.000000000 +0000
@@ -112,6 +112,10 @@
MKSHLIB += -R '$$ORIGIN'
endif
+ifeq ($(OS_ARCH), Linux)
+DSO_LDOPTS +=-Wl,-R,'$$ORIGIN'
+endif
+
ifeq ($(OS_ARCH),OS2)
MAPFILE = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION).def
GARBAGE += $(MAPFILE)
--- mozilla/nsprpub/lib/ds/Makefile.in.orig 2005-06-01 14:28:25.000000000 +0000
+++ mozilla/nsprpub/lib/ds/Makefile.in 2006-01-15 02:52:30.000000000 +0000
@@ -102,6 +102,10 @@
MKSHLIB += -R '$$ORIGIN'
endif
+ifeq ($(OS_ARCH), Linux)
+DSO_LDOPTS += -Wl,-R,'$$ORIGIN'
+endif
+
ifeq ($(OS_ARCH),OS2)
MAPFILE = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION).def
GARBAGE += $(MAPFILE)
--- mozilla/nsprpub/pr/src/Makefile.in.orig 2005-06-01 14:28:27.000000000 +0000
+++ mozilla/nsprpub/pr/src/Makefile.in 2006-01-15 03:29:36.000000000 +0000
@@ -168,6 +168,7 @@
else
OS_LIBS = -ldl
endif
+DSO_LDOPTS +=-Wl,-R,'$$ORIGIN'
endif
ifeq ($(OS_ARCH),HP-UX)
--- mozilla/nsprpub/config/Makefile.in.orig 2005-06-01 14:28:23.000000000 +0000
+++ mozilla/nsprpub/config/Makefile.in 2006-01-15 04:13:42.000000000 +0000
@@ -54,7 +54,7 @@
# because it is included by every makefile.
DIST_GARBAGE = nsprincl.mk nsprincl.sh nspr-config
-RELEASE_BINS = nspr-config
+RELEASE_BINS = nspr-config nspr.pc
include $(topsrcdir)/config/config.mk
@@ -139,6 +139,7 @@
export:: $(TARGETS)
rm -f $(dist_bindir)/nspr-config
+ rm -f $(dist_bindir)/nspr.pc
ifdef WRAP_SYSTEM_INCLUDES
export::
--- mozilla/nsprpub/config/nspr.pc.in.orig 1970-01-01 00:00:00.000000000 +0000
+++ mozilla/nsprpub/config/nspr.pc.in 2006-01-15 04:12:23.000000000 +0000
@@ -0,0 +1,10 @@
+prefix=@prefix@
+exec_prefix=@exec_prefix@
+libdir=@libdir@
+includedir=@includedir@
+
+Name: NSPR
+Description: The Netscape Portable Runtime
+Version: @MOD_MAJOR_VERSION@.@MOD_MINOR_VERSION@.@MOD_PATCH_VERSION@
+Libs: -L${libdir} -lplds4 -lplc4 -lnspr4 @OS_LIBS@ -Wl,-R${libdir}
+Cflags: -I${includedir}
--- mozilla/nsprpub/configure.orig 2006-01-15 04:17:59.000000000 +0000
+++ mozilla/nsprpub/configure 2006-01-15 04:21:35.000000000 +0000
@@ -5899,6 +5899,7 @@
config/nsprincl.mk
config/nsprincl.sh
config/nspr-config
+config/nspr.pc
lib/Makefile
lib/ds/Makefile
lib/libc/Makefile
--- mozilla/nsprpub/config/nspr-config.in.orig 2005-05-11 00:53:41.000000000 +0000
+++ mozilla/nsprpub/config/nspr-config.in 2006-01-15 06:37:58.000000000 +0000
@@ -122,7 +122,7 @@
fi
if test "$echo_libs" = "yes"; then
- libdirs=-L$libdir
+ libdirs="-Wl,-R$libdir -L$libdir"
if test -n "$lib_plds"; then
libdirs="$libdirs -lplds${major_version}"
fi

41
sdk_container/src/third_party/coreos-overlay/dev-libs/nspr/files/nspr-4.6.1-lang.patch vendored
View File

@ -1,41 +0,0 @@
The LANG vars aren't reset early enough so when sed tries to use [a-zA-Z] in
option parsing, it may break.
http://bugs.gentoo.org/103483
--- mozilla/nsprpub/configure
+++ mozilla/nsprpub/configure
@@ -54,6 +54,16 @@
infodir='${prefix}/info'
mandir='${prefix}/man'
+# NLS nuisances.
+# Only set these to C if already set. These must not be set unconditionally
+# because not all systems understand e.g. LANG=C (notably SCO).
+# Fixing LC_MESSAGES prevents Solaris sh from translating var values in `set'!
+# Non-C LC_CTYPE values break the ctype check.
+if test "${LANG+set}" = set; then LANG=C; export LANG; fi
+if test "${LC_ALL+set}" = set; then LC_ALL=C; export LC_ALL; fi
+if test "${LC_MESSAGES+set}" = set; then LC_MESSAGES=C; export LC_MESSAGES; fi
+if test "${LC_CTYPE+set}" = set; then LC_CTYPE=C; export LC_CTYPE; fi
+
# Initialize some other variables.
subdirs=
MFLAGS= MAKEFLAGS=
@@ -452,16 +463,6 @@
esac
done
-# NLS nuisances.
-# Only set these to C if already set. These must not be set unconditionally
-# because not all systems understand e.g. LANG=C (notably SCO).
-# Fixing LC_MESSAGES prevents Solaris sh from translating var values in `set'!
-# Non-C LC_CTYPE values break the ctype check.
-if test "${LANG+set}" = set; then LANG=C; export LANG; fi
-if test "${LC_ALL+set}" = set; then LC_ALL=C; export LC_ALL; fi
-if test "${LC_MESSAGES+set}" = set; then LC_MESSAGES=C; export LC_MESSAGES; fi
-if test "${LC_CTYPE+set}" = set; then LC_CTYPE=C; export LC_CTYPE; fi
-
# confdefs.h avoids OS command line length limits that DEFS can exceed.
rm -rf conftest* confdefs.h
# AIX cpp loses on an empty file, so make sure it contains at least a newline.

26
sdk_container/src/third_party/coreos-overlay/dev-libs/nspr/files/nspr-4.7.0-prtime.patch vendored
View File

@ -1,26 +0,0 @@
--- mozilla/nsprpub/pr/src/misc/prtime.c.orig 2007-09-14 19:41:08.000000000 +0200
+++ mozilla/nsprpub/pr/src/misc/prtime.c 2007-09-14 19:42:17.000000000 +0200
@@ -1536,7 +1536,7 @@
case TT_EET: zone_offset = 2 * 60; break;
case TT_JST: zone_offset = 9 * 60; break;
default:
- PR_ASSERT (0);
+ return PR_FAILURE;
break;
}
}
@@ -1578,11 +1578,12 @@
struct tm localTime;
time_t secs;
- PR_ASSERT(result->tm_month > -1 &&
+ if (!(result->tm_month > -1 &&
result->tm_mday > 0 &&
result->tm_hour > -1 &&
result->tm_min > -1 &&
- result->tm_sec > -1);
+ result->tm_sec > -1))
+ return PR_FAILURE;
/*
* To obtain time_t from a tm structure representing the local

14
sdk_container/src/third_party/coreos-overlay/dev-libs/nspr/files/nspr-4.7.1-solaris.patch vendored
View File

@ -1,14 +0,0 @@
Same magic as haubi did for glib compilation, which works again here
resolving a linker problem on Solaris with GNU ld. Bug #222625
--- mozilla/nsprpub/pr/src/Makefile.in.orig 2008-06-22 22:24:56.671065000 +0200
+++ mozilla/nsprpub/pr/src/Makefile.in 2008-06-23 14:38:52.320417000 +0200
@@ -95,7 +95,7 @@
endif
ifdef USE_PTHREADS
-OS_LIBS = -lpthread ${LIBRT} -lsocket -lnsl -ldl -lc
+OS_LIBS = -pthread ${LIBRT} -lsocket -lnsl -ldl -lc
else
ifdef LOCAL_THREADS_ONLY
OS_LIBS = -lsocket -lnsl -ldl -lc

62
sdk_container/src/third_party/coreos-overlay/dev-libs/nspr/files/nspr-4.7.4-solaris.patch vendored
View File

@ -1,62 +0,0 @@
* drop Solaris linker stuff
--- nspr-4.7.4/mozilla/nsprpub/configure.in
+++ nspr-4.7.4/mozilla/nsprpub/configure.in
@@ -1988,26 +1988,14 @@
CPU_ARCH=`uname -p`
MDCPUCFG_H=_solaris.cfg
PR_MD_CSRCS=solaris.c
- LD=/usr/ccs/bin/ld
MKSHLIB='$(CC) $(DSO_LDOPTS) -o $@'
RESOLVE_LINK_SYMBOLS=1
- case "${OS_RELEASE}" in
- 5.8|5.9)
- ;;
- *)
- # It is safe to use the -Bdirect linker flag on Solaris 10 or later.
- USE_B_DIRECT=1
- ;;
- esac
if test -n "$GNU_CC"; then
DSO_CFLAGS=-fPIC
if `$CC -print-prog-name=ld` -v 2>&1 | grep -c GNU >/dev/null; then
GCC_USE_GNU_LD=1
fi
- DSO_LDOPTS='-shared -Wl,-h,$(notdir $@),-z,combreloc,-z,defs,-z,ignore'
- if test -n "$USE_B_DIRECT"; then
- DSO_LDOPTS="$DSO_LDOPTS,-Bdirect"
- fi
+ DSO_LDOPTS='-shared -Wl,-soname -Wl,$(notdir $@)'
else
DSO_CFLAGS=-KPIC
DSO_LDOPTS='-G -h $(notdir $@) -z combreloc -z defs -z ignore'
--- nspr-4.7.4/mozilla/nsprpub/configure
+++ nspr-4.7.4/mozilla/nsprpub/configure
@@ -4765,26 +4765,14 @@
CPU_ARCH=`uname -p`
MDCPUCFG_H=_solaris.cfg
PR_MD_CSRCS=solaris.c
- LD=/usr/ccs/bin/ld
MKSHLIB='$(CC) $(DSO_LDOPTS) -o $@'
RESOLVE_LINK_SYMBOLS=1
- case "${OS_RELEASE}" in
- 5.8|5.9)
- ;;
- *)
- # It is safe to use the -Bdirect linker flag on Solaris 10 or later.
- USE_B_DIRECT=1
- ;;
- esac
if test -n "$GNU_CC"; then
DSO_CFLAGS=-fPIC
if `$CC -print-prog-name=ld` -v 2>&1 | grep -c GNU >/dev/null; then
GCC_USE_GNU_LD=1
fi
- DSO_LDOPTS='-shared -Wl,-h,$(notdir $@),-z,combreloc,-z,defs,-z,ignore'
- if test -n "$USE_B_DIRECT"; then
- DSO_LDOPTS="$DSO_LDOPTS,-Bdirect"
- fi
+ DSO_LDOPTS='-shared -Wl,-soname -Wl,$(notdir $@)'
else
DSO_CFLAGS=-KPIC
DSO_LDOPTS='-G -h $(notdir $@) -z combreloc -z defs -z ignore'

47
sdk_container/src/third_party/coreos-overlay/dev-libs/nspr/files/nspr-4.8-config.patch vendored
View File

@ -1,47 +0,0 @@
--- mozilla/nsprpub/lib/libc/src/Makefile.in.orig 2005-06-01 14:28:26.000000000 +0000
+++ mozilla/nsprpub/lib/libc/src/Makefile.in 2006-01-15 02:50:39.000000000 +0000
@@ -112,6 +112,10 @@
MKSHLIB += -R '$$ORIGIN'
endif
+ifeq ($(OS_ARCH), Linux)
+DSO_LDOPTS +=-Wl,-R,'$$ORIGIN'
+endif
+
ifeq ($(OS_ARCH),OS2)
MAPFILE = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION).def
GARBAGE += $(MAPFILE)
--- mozilla/nsprpub/lib/ds/Makefile.in.orig 2005-06-01 14:28:25.000000000 +0000
+++ mozilla/nsprpub/lib/ds/Makefile.in 2006-01-15 02:52:30.000000000 +0000
@@ -102,6 +102,10 @@
MKSHLIB += -R '$$ORIGIN'
endif
+ifeq ($(OS_ARCH), Linux)
+DSO_LDOPTS += -Wl,-R,'$$ORIGIN'
+endif
+
ifeq ($(OS_ARCH),OS2)
MAPFILE = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION).def
GARBAGE += $(MAPFILE)
--- mozilla/nsprpub/pr/src/Makefile.in.orig 2005-06-01 14:28:27.000000000 +0000
+++ mozilla/nsprpub/pr/src/Makefile.in 2006-01-15 03:29:36.000000000 +0000
@@ -168,6 +168,7 @@
else
OS_LIBS = -ldl
endif
+DSO_LDOPTS +=-Wl,-R,'$$ORIGIN'
endif
ifeq ($(OS_ARCH),HP-UX)
--- mozilla/nsprpub/config/nspr-config.in.orig 2005-05-11 00:53:41.000000000 +0000
+++ mozilla/nsprpub/config/nspr-config.in 2006-01-15 06:37:58.000000000 +0000
@@ -122,7 +122,7 @@
fi
if test "$echo_libs" = "yes"; then
- libdirs=-L$libdir
+ libdirs="-Wl,-R$libdir -L$libdir"
if test -n "$lib_plds"; then
libdirs="$libdirs -lplds${major_version}"
fi

46
sdk_container/src/third_party/coreos-overlay/dev-libs/nspr/files/nspr-4.8-parallel-fixup.patch vendored
View File

@ -1,46 +0,0 @@
--- a/mozilla/nsprpub/Makefile.in
+++ b/mozilla/nsprpub/Makefile.in
@@ -40,18 +40,16 @@
MOD_DEPTH = .
topsrcdir = @top_srcdir@
srcdir = @srcdir@
VPATH = @srcdir@
include $(MOD_DEPTH)/config/autoconf.mk
-MAKE := $(patsubst -j%,,$(MAKE)) -j1
-
DIRS = config pr lib
ifdef MOZILLA_CLIENT
# Make nsinstall use absolute symlinks by default for Mozilla OSX builds
# http://bugzilla.mozilla.org/show_bug.cgi?id=193164
ifeq ($(OS_ARCH),Darwin)
ifndef NSDISTMODE
NSDISTMODE=absolute_symlink
--- a/mozilla/nsprpub/pr/src/Makefile.in
+++ b/mozilla/nsprpub/pr/src/Makefile.in
@@ -384,17 +384,20 @@ endif
#
#
# The Client build wants the shared libraries in $(dist_bindir)
# so we also install them there.
#
-export:: $(TARGETS)
+export::
+ $(MAKE) -C . build
+
+build:: $(TARGETS)
$(INSTALL) -m 444 $(TARGETS) $(dist_libdir)
ifdef SHARED_LIBRARY
ifeq ($(OS_ARCH),HP-UX)
$(INSTALL) -m 755 $(SHARED_LIBRARY) $(dist_libdir)
$(INSTALL) -m 755 $(SHARED_LIBRARY) $(dist_bindir)
else
$(INSTALL) -m 444 $(SHARED_LIBRARY) $(dist_bindir)
endif

126
sdk_container/src/third_party/coreos-overlay/dev-libs/nspr/files/nspr-4.8-pkgconfig-gentoo-2.patch vendored
View File

@ -1,126 +0,0 @@
diff -urN nspr-4.8-orig/mozilla/nsprpub/config/config.mk nspr-4.8/mozilla/nsprpub/config/config.mk
--- nspr-4.8-orig/mozilla/nsprpub/config/config.mk 2009-09-12 00:43:47.678357452 -0500
+++ nspr-4.8/mozilla/nsprpub/config/config.mk 2009-09-12 00:44:19.383381757 -0500
@@ -162,3 +162,4 @@
RELEASE_INCLUDE_DIR = $(RELEASE_DIR)/$(BUILD_NUMBER)/$(OBJDIR_NAME)/include
RELEASE_BIN_DIR = $(RELEASE_DIR)/$(BUILD_NUMBER)/$(OBJDIR_NAME)/bin
RELEASE_LIB_DIR = $(RELEASE_DIR)/$(BUILD_NUMBER)/$(OBJDIR_NAME)/lib
+RELEASE_PC_DIR = $(RELEASE_LIB_DIR)/pkgconfig
diff -urN nspr-4.8-orig/mozilla/nsprpub/config/Makefile.in nspr-4.8/mozilla/nsprpub/config/Makefile.in
--- nspr-4.8-orig/mozilla/nsprpub/config/Makefile.in 2009-09-12 00:43:47.678357452 -0500
+++ nspr-4.8/mozilla/nsprpub/config/Makefile.in 2009-09-12 00:44:19.384379661 -0500
@@ -52,9 +52,10 @@
# autoconf.mk must be deleted last (from the top-level directory)
# because it is included by every makefile.
-DIST_GARBAGE = nsprincl.mk nsprincl.sh nspr-config
+DIST_GARBAGE = nsprincl.mk nsprincl.sh nspr-config nspr.pc
RELEASE_BINS = nspr-config
+RELEASE_PC = nspr.pc
include $(topsrcdir)/config/config.mk
diff -urN nspr-4.8-orig/mozilla/nsprpub/config/nspr-config.in nspr-4.8/mozilla/nsprpub/config/nspr-config.in
--- nspr-4.8-orig/mozilla/nsprpub/config/nspr-config.in 2009-09-12 00:43:47.677356194 -0500
+++ nspr-4.8/mozilla/nsprpub/config/nspr-config.in 2009-09-12 00:45:53.723359547 -0500
@@ -92,13 +92,13 @@
# Set variables that may be dependent upon other variables
if test -z "$exec_prefix"; then
- exec_prefix=@exec_prefix@
+ exec_prefix=`pkg-config --variable=exec_prefix nspr`
fi
if test -z "$includedir"; then
- includedir=@includedir@
+ includedir=`pkg-config --variable=includedir nspr`
fi
if test -z "$libdir"; then
- libdir=@libdir@
+ libdir=`pkg-config --variable=libdir nspr`
fi
if test "$echo_prefix" = "yes"; then
diff -urN nspr-4.8-orig/mozilla/nsprpub/config/nspr.pc.in nspr-4.8/mozilla/nsprpub/config/nspr.pc.in
--- nspr-4.8-orig/mozilla/nsprpub/config/nspr.pc.in 1969-12-31 18:00:00.000000000 -0600
+++ nspr-4.8/mozilla/nsprpub/config/nspr.pc.in 2009-09-12 00:44:19.410432811 -0500
@@ -0,0 +1,11 @@
+prefix=@prefix@
+exec_prefix=@exec_prefix@
+libdir=@libdir@
+includedir=@includedir@
+
+Name: NSPR
+Description: The Netscape Portable Runtime
+Version: @MOD_MAJOR_VERSION@.@MOD_MINOR_VERSION@.@MOD_PATCH_VERSION@
+Libs: -L${libdir} -lplds@MOD_MAJOR_VERSION@ -lplc@MOD_MAJOR_VERSION@ -lnspr@MOD_MAJOR_VERSION@ -lpthread
+Cflags: -I${includedir}
+
diff -urN nspr-4.8-orig/mozilla/nsprpub/config/rules.mk nspr-4.8/mozilla/nsprpub/config/rules.mk
--- nspr-4.8-orig/mozilla/nsprpub/config/rules.mk 2009-09-12 00:43:47.677356194 -0500
+++ nspr-4.8/mozilla/nsprpub/config/rules.mk 2009-09-12 00:44:19.435517111 -0500
@@ -211,7 +211,7 @@
rm -rf $(wildcard *.OBJ *.OBJD) dist $(ALL_TRASH) $(DIST_GARBAGE)
+$(LOOP_OVER_DIRS)
-install:: $(RELEASE_BINS) $(RELEASE_HEADERS) $(RELEASE_LIBS)
+install:: $(RELEASE_BINS) $(RELEASE_HEADERS) $(RELEASE_LIBS) $(RELEASE_PC)
ifdef RELEASE_BINS
$(NSINSTALL) -t -m 0755 $(RELEASE_BINS) $(DESTDIR)$(bindir)
endif
@@ -221,6 +221,9 @@
ifdef RELEASE_LIBS
$(NSINSTALL) -t -m 0755 $(RELEASE_LIBS) $(DESTDIR)$(libdir)/$(lib_subdir)
endif
+ifdef RELEASE_PC
+ $(NSINSTALL) -t -m 0644 $(RELEASE_PC) $(DESTDIR)$(libdir)/pkgconfig/
+endif
+$(LOOP_OVER_DIRS)
release:: export
@@ -272,6 +275,23 @@
fi
cp $(RELEASE_HEADERS) $(RELEASE_HEADERS_DEST)
endif
+ifdef RELEASE_PC
+ @echo "Copying pkg-config files to release directory"
+ @if test -z "$(BUILD_NUMBER)"; then \
+ echo "BUILD_NUMBER must be defined"; \
+ false; \
+ else \
+ true; \
+ fi
+ @if test ! -d $(RELEASE_PC_DEST); then \
+ rm -rf $(RELEASE_PC_DEST); \
+ $(NSINSTALL) -D $(RELEASE_PC_DEST);\
+ else \
+ true; \
+ fi
+ cp $(RELEASE_PC) $(RELEASE_PC_DEST)
+endif
+
+$(LOOP_OVER_DIRS)
alltags:
diff -urN nspr-4.8-orig/mozilla/nsprpub/configure nspr-4.8/mozilla/nsprpub/configure
--- nspr-4.8-orig/mozilla/nsprpub/configure 2009-09-12 00:43:47.600359058 -0500
+++ nspr-4.8/mozilla/nsprpub/configure 2009-09-12 00:44:19.444380569 -0500
@@ -6037,6 +6037,7 @@
config/nsprincl.mk
config/nsprincl.sh
config/nspr-config
+config/nspr.pc
lib/Makefile
lib/ds/Makefile
lib/libc/Makefile
diff -urN nspr-4.8-orig/mozilla/nsprpub/configure.in nspr-4.8/mozilla/nsprpub/configure.in
--- nspr-4.8-orig/mozilla/nsprpub/configure.in 2009-09-12 00:43:47.678357452 -0500
+++ nspr-4.8/mozilla/nsprpub/configure.in 2009-09-12 00:44:19.451396074 -0500
@@ -2871,6 +2871,7 @@
config/nsprincl.mk
config/nsprincl.sh
config/nspr-config
+config/nspr.pc
lib/Makefile
lib/ds/Makefile
lib/libc/Makefile

126
sdk_container/src/third_party/coreos-overlay/dev-libs/nspr/files/nspr-4.8-pkgconfig-gentoo-3.patch vendored
View File

@ -1,126 +0,0 @@
diff -urN nspr-4.8-orig/mozilla/nsprpub/config/config.mk nspr-4.8/mozilla/nsprpub/config/config.mk
--- nspr-4.8-orig/mozilla/nsprpub/config/config.mk 2009-09-12 00:43:47.678357452 -0500
+++ nspr-4.8/mozilla/nsprpub/config/config.mk 2009-09-12 00:44:19.383381757 -0500
@@ -162,3 +162,4 @@
RELEASE_INCLUDE_DIR = $(RELEASE_DIR)/$(BUILD_NUMBER)/$(OBJDIR_NAME)/include
RELEASE_BIN_DIR = $(RELEASE_DIR)/$(BUILD_NUMBER)/$(OBJDIR_NAME)/bin
RELEASE_LIB_DIR = $(RELEASE_DIR)/$(BUILD_NUMBER)/$(OBJDIR_NAME)/lib
+RELEASE_PC_DIR = $(RELEASE_LIB_DIR)/pkgconfig
diff -urN nspr-4.8-orig/mozilla/nsprpub/config/Makefile.in nspr-4.8/mozilla/nsprpub/config/Makefile.in
--- nspr-4.8-orig/mozilla/nsprpub/config/Makefile.in 2009-09-12 00:43:47.678357452 -0500
+++ nspr-4.8/mozilla/nsprpub/config/Makefile.in 2009-09-12 00:44:19.384379661 -0500
@@ -52,9 +52,10 @@
# autoconf.mk must be deleted last (from the top-level directory)
# because it is included by every makefile.
-DIST_GARBAGE = nsprincl.mk nsprincl.sh nspr-config
+DIST_GARBAGE = nsprincl.mk nsprincl.sh nspr-config nspr.pc
RELEASE_BINS = nspr-config
+RELEASE_PC = nspr.pc
include $(topsrcdir)/config/config.mk
diff -urN nspr-4.8-orig/mozilla/nsprpub/config/nspr-config.in nspr-4.8/mozilla/nsprpub/config/nspr-config.in
--- nspr-4.8-orig/mozilla/nsprpub/config/nspr-config.in 2009-09-12 00:43:47.677356194 -0500
+++ nspr-4.8/mozilla/nsprpub/config/nspr-config.in 2009-09-12 00:45:53.723359547 -0500
@@ -92,13 +92,13 @@
# Set variables that may be dependent upon other variables
if test -z "$exec_prefix"; then
- exec_prefix=@exec_prefix@
+ exec_prefix=`pkg-config --variable=exec_prefix nspr`
fi
if test -z "$includedir"; then
- includedir=@includedir@
+ includedir=`pkg-config --variable=includedir nspr`
fi
if test -z "$libdir"; then
- libdir=@libdir@
+ libdir=`pkg-config --variable=libdir nspr`
fi
if test "$echo_prefix" = "yes"; then
diff -urN nspr-4.8-orig/mozilla/nsprpub/config/nspr.pc.in nspr-4.8/mozilla/nsprpub/config/nspr.pc.in
--- nspr-4.8-orig/mozilla/nsprpub/config/nspr.pc.in 1969-12-31 18:00:00.000000000 -0600
+++ nspr-4.8/mozilla/nsprpub/config/nspr.pc.in 2009-09-12 00:44:19.410432811 -0500
@@ -0,0 +1,11 @@
+prefix=@prefix@
+exec_prefix=@exec_prefix@
+libdir=@libdir@
+includedir=@includedir@
+
+Name: NSPR
+Description: The Netscape Portable Runtime
+Version: @MOD_MAJOR_VERSION@.@MOD_MINOR_VERSION@.@MOD_PATCH_VERSION@
+Libs: -L${libdir} -lplds@MOD_MAJOR_VERSION@ -lplc@MOD_MAJOR_VERSION@ -lnspr@MOD_MAJOR_VERSION@ -lpthread
+Cflags: -I${includedir}
+
diff -urN nspr-4.8-orig/mozilla/nsprpub/config/rules.mk nspr-4.8/mozilla/nsprpub/config/rules.mk
--- nspr-4.8-orig/mozilla/nsprpub/config/rules.mk 2009-09-12 00:43:47.677356194 -0500
+++ nspr-4.8/mozilla/nsprpub/config/rules.mk 2009-09-12 00:44:19.435517111 -0500
@@ -211,7 +211,7 @@
rm -rf $(wildcard *.OBJ *.OBJD) dist $(ALL_TRASH) $(DIST_GARBAGE)
+$(LOOP_OVER_DIRS)
-install:: $(RELEASE_BINS) $(RELEASE_HEADERS) $(RELEASE_LIBS)
+install:: $(RELEASE_BINS) $(RELEASE_HEADERS) $(RELEASE_LIBS) $(RELEASE_PC)
ifdef RELEASE_BINS
$(NSINSTALL) -t -m 0755 $(RELEASE_BINS) $(DESTDIR)$(bindir)
endif
@@ -221,6 +221,9 @@
ifdef RELEASE_LIBS
$(NSINSTALL) -t -m 0755 $(RELEASE_LIBS) $(DESTDIR)$(libdir)/$(lib_subdir)
endif
+ifdef RELEASE_PC
+ $(NSINSTALL) -t -m 0644 $(RELEASE_PC) $(DESTDIR)$(libdir)/pkgconfig/
+endif
+$(LOOP_OVER_DIRS)
release:: export
@@ -272,6 +275,23 @@
fi
cp $(RELEASE_HEADERS) $(RELEASE_HEADERS_DEST)
endif
+ifdef RELEASE_PC
+ @echo "Copying pkg-config files to release directory"
+ @if test -z "$(BUILD_NUMBER)"; then \
+ echo "BUILD_NUMBER must be defined"; \
+ false; \
+ else \
+ true; \
+ fi
+ @if test ! -d $(RELEASE_PC_DEST); then \
+ rm -rf $(RELEASE_PC_DEST); \
+ $(NSINSTALL) -D $(RELEASE_PC_DEST);\
+ else \
+ true; \
+ fi
+ cp $(RELEASE_PC) $(RELEASE_PC_DEST)
+endif
+
+$(LOOP_OVER_DIRS)
alltags:
diff -urN nspr-4.8-orig/mozilla/nsprpub/configure nspr-4.8/mozilla/nsprpub/configure
--- nspr-4.8-orig/mozilla/nsprpub/configure 2009-09-12 00:43:47.600359058 -0500
+++ nspr-4.8/mozilla/nsprpub/configure 2009-09-12 00:44:19.444380569 -0500
@@ -6037,6 +6037,7 @@
config/nsprincl.mk
config/nsprincl.sh
config/nspr-config
+config/nspr.pc
lib/Makefile
lib/ds/Makefile
lib/libc/Makefile
diff -urN nspr-4.8-orig/mozilla/nsprpub/configure.in nspr-4.8/mozilla/nsprpub/configure.in
--- nspr-4.8-orig/mozilla/nsprpub/configure.in 2009-09-12 00:43:47.678357452 -0500
+++ nspr-4.8/mozilla/nsprpub/configure.in 2009-09-12 00:44:19.451396074 -0500
@@ -2871,6 +2871,7 @@
config/nsprincl.mk
config/nsprincl.sh
config/nspr-config
+config/nspr.pc
lib/Makefile
lib/ds/Makefile
lib/libc/Makefile

43
sdk_container/src/third_party/coreos-overlay/dev-libs/nspr/files/nspr-4.8.0-cross.patch vendored
View File

@ -1,43 +0,0 @@
--- mozilla/nsprpub/configure.orig 2009-09-29 03:06:05.000000000 +0000
+++ mozilla/nsprpub/configure 2009-09-29 03:07:19.000000000 +0000
@@ -1129,16 +1129,16 @@
fi
if test -z "$SKIP_COMPILER_CHECKS"; then
-if test "$target" != "$host"; then
- echo "cross compiling from $host to $target"
+if test "$target" != "$build"; then
+ echo "cross compiling from $build to $target"
cross_compiling=yes
_SAVE_CC="$CC"
_SAVE_CFLAGS="$CFLAGS"
_SAVE_LDFLAGS="$LDFLAGS"
- echo $ac_n "checking for $host compiler""... $ac_c" 1>&6
-echo "configure:1142: checking for $host compiler" >&5
+ echo $ac_n "checking for $build compiler""... $ac_c" 1>&6
+echo "configure:1142: checking for $build compiler" >&5
for ac_prog in $HOST_CC gcc cc /usr/ucb/cc
do
# Extract the first word of "$ac_prog", so it can be a program name with args.
@@ -1189,8 +1189,8 @@
CFLAGS="$HOST_CFLAGS"
LDFLAGS="$HOST_LDFLAGS"
- echo $ac_n "checking whether the $host compiler ($HOST_CC $HOST_CFLAGS $HOST_LDFLAGS) works""... $ac_c" 1>&6
-echo "configure:1194: checking whether the $host compiler ($HOST_CC $HOST_CFLAGS $HOST_LDFLAGS) works" >&5
+ echo $ac_n "checking whether the $build compiler ($HOST_CC $HOST_CFLAGS $HOST_LDFLAGS) works""... $ac_c" 1>&6
+echo "configure:1194: checking whether the $build compiler ($HOST_CC $HOST_CFLAGS $HOST_LDFLAGS) works" >&5
cat > conftest.$ac_ext <<EOF
#line 1196 "configure"
#include "confdefs.h"
@@ -1206,7 +1206,7 @@
echo "configure: failed program was:" >&5
cat conftest.$ac_ext >&5
rm -rf conftest*
- { echo "configure: error: installation or configuration problem: $host compiler $HOST_CC cannot create executables." 1>&2; exit 1; }
+ { echo "configure: error: installation or configuration problem: $build compiler $HOST_CC cannot create executables." 1>&2; exit 1; }
fi
rm -f conftest*

145
sdk_container/src/third_party/coreos-overlay/dev-libs/nspr/files/nspr-4.8.3-aix-gcc.patch vendored
View File

@ -1,145 +0,0 @@
NSPR does not know that gcc does work on AIX:
https://bugzilla.mozilla.org/show_bug.cgi?id=547991
--- ./mozilla/nsprpub/configure.in.orig 2010-02-23 14:36:55 +0100
+++ ./mozilla/nsprpub/configure.in 2010-02-23 14:37:08 +0100
@@ -871,8 +871,13 @@
AC_DEFINE(HAVE_FCNTL_FILE_LOCKING)
USE_IPV6=1
AIX_LINK_OPTS='-brtl -bnso -berok'
+ if test -n "$GNU_CC"; then
+ LD='$(CC)'
+ DSO_LDOPTS='-shared -Wl,-G,-bernotok,-bexpall,-blibpath:/usr/lib:/lib'
+ fi
;;
esac
+ test -z "$GNU_CC" &&
CFLAGS="$CFLAGS -qro -qroconst"
AIX_WRAP='$(DIST)/lib/aixwrap.o'
AIX_TMP='./_aix_tmp.o'
--- ./mozilla/nsprpub/configure.orig 2010-02-23 14:36:58 +0100
+++ ./mozilla/nsprpub/configure 2010-02-23 14:37:08 +0100
@@ -3099,8 +3099,13 @@
USE_IPV6=1
AIX_LINK_OPTS='-brtl -bnso -berok'
+ if test -n "$GNU_CC"; then
+ LD='$(CC)'
+ DSO_LDOPTS='-shared -Wl,-G,-bernotok,-bexpall,-blibpath:/usr/lib:/lib'
+ fi
;;
esac
+ test -z "$GNU_CC" &&
CFLAGS="$CFLAGS -qro -qroconst"
AIX_WRAP='$(DIST)/lib/aixwrap.o'
AIX_TMP='./_aix_tmp.o'
--- ./mozilla/nsprpub/lib/ds/Makefile.in.orig 2010-02-23 14:40:10 +0100
+++ ./mozilla/nsprpub/lib/ds/Makefile.in 2010-02-23 14:40:58 +0100
@@ -68,11 +68,19 @@
endif # WINNT
ifeq ($(OS_ARCH), AIX)
+ifndef NS_USE_GCC
ifeq ($(CLASSIC_NSPR),1)
OS_LIBS = -lc
else
OS_LIBS = -lc_r
endif
+else
+ifeq ($(CLASSIC_NSPR),1)
+OS_LIBS =
+else
+OS_LIBS = -pthread
+endif
+endif
endif
ifeq ($(OS_ARCH),IRIX)
--- ./mozilla/nsprpub/lib/libc/src/Makefile.in.orig 2010-02-23 14:45:41 +0100
+++ ./mozilla/nsprpub/lib/libc/src/Makefile.in 2010-02-23 14:47:58 +0100
@@ -77,11 +77,19 @@
endif # WINNT
ifeq ($(OS_ARCH), AIX)
+ifndef NS_USE_GCC
ifeq ($(CLASSIC_NSPR),1)
OS_LIBS = -lc
else
OS_LIBS = -lc_r
endif
+else
+ifeq ($(CLASSIC_NSPR),1)
+OS_LIBS =
+else
+OS_LIBS = -pthread
+endif
+endif
endif
ifeq ($(OS_ARCH),IRIX)
--- ./mozilla/nsprpub/pr/src/Makefile.in.orig 2010-02-23 14:37:04 +0100
+++ ./mozilla/nsprpub/pr/src/Makefile.in 2010-02-23 14:52:16 +0100
@@ -110,19 +110,29 @@
endif
ifeq ($(OS_ARCH),AIX)
+ifndef NS_USE_GCC
DSO_LDOPTS += -binitfini::_PR_Fini
+endif
OS_LIBS = -lodm -lcfg
ifeq ($(CLASSIC_NSPR),1)
ifeq ($(OS_RELEASE),4.1)
OS_LIBS += -lsvld -lc
else
+ifndef NS_USE_GCC
OS_LIBS += -ldl -lc
+else
+OS_LIBS += -ldl
+endif
endif
else
ifeq ($(OS_RELEASE),4.1)
OS_LIBS += -lpthreads -lsvld -lC_r -lC -lc_r -lm /usr/lib/libc.a
else
+ifndef NS_USE_GCC
OS_LIBS += -lpthreads -ldl -lC_r -lC -lc_r -lm /usr/lib/libc.a
+else
+OS_LIBS += -pthread -ldl -lm
+endif
endif
endif
endif
--- mozilla/nsprpub/pr/tests/Makefile.in.orig 2010-02-23 15:14:03 +0100
+++ mozilla/nsprpub/pr/tests/Makefile.in 2010-02-23 15:17:58 +0100
@@ -341,9 +341,17 @@
# AIX
ifeq ($(OS_ARCH),AIX)
+ ifndef NS_USE_GCC
LDOPTS += -blibpath:$(ABSOLUTE_LIB_DIR):/usr/lib:/lib
+ else
+ LDOPTS += -Wl,-blibpath:$(ABSOLUTE_LIB_DIR):/usr/lib:/lib
+ endif
ifneq ($(OS_ARCH)$(OS_RELEASE),AIX4.1)
+ ifndef NS_USE_GCC
LDOPTS += -brtl
+ else
+ LDOPTS += -Wl,-brtl
+ endif
EXTRA_LIBS = -ldl
endif
endif
--- mozilla/nsprpub/lib/tests/Makefile.in.orig 2010-02-23 15:35:37 +0100
+++ mozilla/nsprpub/lib/tests/Makefile.in 2010-02-23 15:35:37 +0100
@@ -127,7 +127,11 @@
# AIX
ifeq ($(OS_ARCH),AIX)
+ifndef NS_USE_GCC
LDOPTS += -blibpath:$(PWD)/$(dist_libdir):/usr/lib:/lib
+else
+LDOPTS += -Wl,-blibpath:$(PWD)/$(dist_libdir):/usr/lib:/lib
+endif
LIBPR = -lnspr$(MOD_MAJOR_VERSION)_shr
LIBPLC = -lplc$(MOD_MAJOR_VERSION)_shr
endif

43
sdk_container/src/third_party/coreos-overlay/dev-libs/nspr/files/nspr-4.8.3-aix-soname.patch vendored
View File

@ -1,43 +0,0 @@
NSPR does not set the soname on any platform yet:
https://bugzilla.mozilla.org/show_bug.cgi?id=452873
Supporting something like "soname" on AIX is tricky:
http://bugs.gentoo.org/show_bug.cgi?id=213277
--- mozilla/nsprpub/config/rules.mk.orig 2010-02-23 15:55:00 +0100
+++ mozilla/nsprpub/config/rules.mk 2010-02-23 16:04:31 +0100
@@ -132,14 +132,17 @@
else
ifdef MKSHLIB
SHARED_LIBRARY = $(OBJDIR)/lib$(LIBRARY_NAME)$(LIBRARY_VERSION).$(DLL_SUFFIX)
+ifeq ($(OS_ARCH), AIX)
+IMPORT_LIBRARY = $(OBJDIR)/lib$(LIBRARY_NAME).$(DLL_SUFFIX)
+endif
endif
endif
endif
endif
ifndef TARGETS
-ifeq (,$(filter-out WINNT WINCE OS2,$(OS_ARCH)))
+ifeq (,$(filter-out WINNT WINCE OS2 AIX,$(OS_ARCH)))
TARGETS = $(LIBRARY) $(SHARED_LIBRARY) $(IMPORT_LIBRARY)
ifndef BUILD_OPT
ifdef MSC_VER
@@ -327,6 +330,15 @@
else
ifeq (,$(filter-out WIN95 WINCE,$(OS_TARGET)))
$(IMPORT_LIBRARY): $(SHARED_LIBRARY)
+else
+ifdef IMPORT_LIBRARY
+$(IMPORT_LIBRARY): $(SHARED_LIBRARY)
+ ( echo '#! $(notdir $(SHARED_LIBRARY))' \
+ ; dump -Tv $(SHARED_LIBRARY) \
+ | awk '{ if ($$4 == "EXP" && $$6 != "SECdef") { print $$8 } }' \
+ | sort -u \
+ ) > $@
+endif
endif
endif

25
sdk_container/src/third_party/coreos-overlay/dev-libs/nspr/files/nspr-4.8.4-darwin-install_name.patch vendored
View File

@ -1,25 +0,0 @@
Don't use @executable_path, it messed up linking against nspr from e.g.
nss.
--- mozilla/nsprpub/configure.in
+++ mozilla/nsprpub/configure.in
@@ -1007,7 +1007,7 @@
;;
esac
DSO_CFLAGS=-fPIC
- DSO_LDOPTS='-dynamiclib -compatibility_version 1 -current_version 1 -all_load -install_name @executable_path/$@ -headerpad_max_install_names'
+ DSO_LDOPTS='-dynamiclib -compatibility_version 1 -current_version 1 -all_load -install_name $(libdir)/$@ -headerpad_max_install_names'
_OPTIMIZE_FLAGS=-O2
MKSHLIB='$(CC) $(DSO_LDOPTS) -o $@'
STRIP="$STRIP -x -S"
--- mozilla/nsprpub/configure
+++ mozilla/nsprpub/configure
@@ -1007,7 +1007,7 @@
;;
esac
DSO_CFLAGS=-fPIC
- DSO_LDOPTS='-dynamiclib -compatibility_version 1 -current_version 1 -all_load -install_name @executable_path/$@ -headerpad_max_install_names'
+ DSO_LDOPTS='-dynamiclib -compatibility_version 1 -current_version 1 -all_load -install_name $(libdir)/$@ -headerpad_max_install_names'
_OPTIMIZE_FLAGS=-O2
MKSHLIB='$(CC) $(DSO_LDOPTS) -o $@'
STRIP="$STRIP -x -S"

54
sdk_container/src/third_party/coreos-overlay/dev-libs/nspr/files/nspr-4.8.6-r1-cross.patch vendored
View File

@ -1,54 +0,0 @@
diff -Naur nspr-4.8.6_orig/mozilla/nsprpub/configure nspr-4.8.6/mozilla/nsprpub/configure
--- nspr-4.8.6_orig/mozilla/nsprpub/configure 2011-07-06 16:06:57.000000000 -0700
+++ nspr-4.8.6/mozilla/nsprpub/configure 2011-07-06 16:15:57.000000000 -0700
@@ -1241,16 +1241,16 @@
fi
if test -z "$SKIP_COMPILER_CHECKS"; then
-if test "$target" != "$host"; then
- echo "cross compiling from $host to $target"
+if test "$target" != "$build"; then
+ echo "cross compiling from $build to $target"
cross_compiling=yes
_SAVE_CC="$CC"
_SAVE_CFLAGS="$CFLAGS"
_SAVE_LDFLAGS="$LDFLAGS"
- echo $ac_n "checking for $host compiler""... $ac_c" 1>&6
-echo "configure:1254: checking for $host compiler" >&5
+ echo $ac_n "checking for $build compiler""... $ac_c" 1>&6
+echo "configure:1254: checking for $build compiler" >&5
for ac_prog in $HOST_CC gcc cc /usr/ucb/cc
do
# Extract the first word of "$ac_prog", so it can be a program name with args.
@@ -1301,8 +1301,8 @@
CFLAGS="$HOST_CFLAGS"
LDFLAGS="$HOST_LDFLAGS"
- echo $ac_n "checking whether the $host compiler ($HOST_CC $HOST_CFLAGS $HOST_LDFLAGS) works""... $ac_c" 1>&6
-echo "configure:1306: checking whether the $host compiler ($HOST_CC $HOST_CFLAGS $HOST_LDFLAGS) works" >&5
+ echo $ac_n "checking whether the $build compiler ($HOST_CC $HOST_CFLAGS $HOST_LDFLAGS) works""... $ac_c" 1>&6
+echo "configure:1306: checking whether the $build compiler ($HOST_CC $HOST_CFLAGS $HOST_LDFLAGS) works" >&5
cat > conftest.$ac_ext <<EOF
#line 1308 "configure"
#include "confdefs.h"
@@ -1318,7 +1318,7 @@
echo "configure: failed program was:" >&5
cat conftest.$ac_ext >&5
rm -rf conftest*
- { echo "configure: error: installation or configuration problem: $host compiler $HOST_CC cannot create executables." 1>&2; exit 1; }
+ { echo "configure: error: installation or configuration problem: $build compiler $HOST_CC cannot create executables." 1>&2; exit 1; }
fi
rm -f conftest*
@@ -2703,6 +2703,9 @@
i?86-apple-darwin*:powerpc-apple-darwin*)
cross_compiling=yes
;;
+ x86_64-*:i686-*)
+ cross_compiling=yes
+ ;;
esac
if test "$cross_compiling" = "yes"; then

28
sdk_container/src/third_party/coreos-overlay/dev-libs/nspr/files/nspr-4.8.9-link-flags.patch vendored
View File

@ -1,28 +0,0 @@
Use CFLAGS when linking. Some flags can add functionality to generated
code that requires extra libs to be linked in (eg. libgomp when using
autoparallelization). Other flags are required when building and linking
(eg. -flto).
https://bugs.gentoo.org/365975
--- a/mozilla/nsprpub/config/autoconf.mk.in
+++ b/mozilla/nsprpub/config/autoconf.mk.in
@@ -81,6 +81,7 @@ OS_DLLFLAGS = @OS_DLLFLAGS@
DLLFLAGS = @DLLFLAGS@
EXEFLAGS = @EXEFLAGS@
OPTIMIZER = @OPTIMIZER@
+LD_CFLAGS = @CFLAGS@
PROFILE_GEN_CFLAGS = @PROFILE_GEN_CFLAGS@
PROFILE_GEN_LDFLAGS = @PROFILE_GEN_LDFLAGS@
--- a/mozilla/nsprpub/config/config.mk
+++ b/mozilla/nsprpub/config/config.mk
@@ -72,7 +72,7 @@ NOMD_CFLAGS = $(CC_ONLY_FLAGS) $(OPTIMIZER) $(NOMD_OS_CFLAGS)\
NOMD_CCFLAGS = $(CCC_ONLY_FLAGS) $(OPTIMIZER) $(NOMD_OS_CFLAGS)\
$(XP_DEFINE) $(DEFINES) $(INCLUDES) $(XCFLAGS)
-LDFLAGS = $(OS_LDFLAGS)
+LDFLAGS = $(LD_CFLAGS) $(OS_LDFLAGS)
# Enable profile-guided optimization
ifdef MOZ_PROFILE_GENERATE

91
sdk_container/src/third_party/coreos-overlay/dev-libs/nspr/files/nspr-4.9.1-x32_v0.2.patch vendored
View File

@ -1,91 +0,0 @@
# HG changeset patch
# Parent 6b1ef31834235cde5153f91a7443b29398b541d9
# User Jory A. Pratt <anarchy@gentoo.org>
Add initial support for x32 abi
diff --git a/mozilla/nsprpub/pr/include/md/_linux.cfg b/mozilla/nsprpub/pr/include/md/_linux.cfg
--- a/mozilla/nsprpub/pr/include/md/_linux.cfg
+++ b/mozilla/nsprpub/pr/include/md/_linux.cfg
@@ -207,16 +207,63 @@
#define PR_ALIGN_OF_POINTER 8
#define PR_ALIGN_OF_WORD 8
#define PR_BYTES_PER_WORD_LOG2 3
#define PR_BYTES_PER_DWORD_LOG2 3
#elif defined(__x86_64__)
+#ifdef __ILP32__
+
+#define IS_LITTLE_ENDIAN 1
+#undef IS_BIG_ENDIAN
+
+#define PR_BYTES_PER_BYTE 1
+#define PR_BYTES_PER_SHORT 2
+#define PR_BYTES_PER_INT 4
+#define PR_BYTES_PER_INT64 8
+#define PR_BYTES_PER_LONG 4
+#define PR_BYTES_PER_FLOAT 4
+#define PR_BYTES_PER_DOUBLE 8
+#define PR_BYTES_PER_WORD 4
+#define PR_BYTES_PER_DWORD 8
+
+#define PR_BITS_PER_BYTE 8
+#define PR_BITS_PER_SHORT 16
+#define PR_BITS_PER_INT 32
+#define PR_BITS_PER_INT64 64
+#define PR_BITS_PER_LONG 32
+#define PR_BITS_PER_FLOAT 32
+#define PR_BITS_PER_DOUBLE 64
+#define PR_BITS_PER_WORD 32
+
+#define PR_BITS_PER_BYTE_LOG2 3
+#define PR_BITS_PER_SHORT_LOG2 4
+#define PR_BITS_PER_INT_LOG2 5
+#define PR_BITS_PER_INT64_LOG2 6
+#define PR_BITS_PER_LONG_LOG2 5
+#define PR_BITS_PER_FLOAT_LOG2 5
+#define PR_BITS_PER_DOUBLE_LOG2 6
+#define PR_BITS_PER_WORD_LOG2 5
+
+#define PR_ALIGN_OF_SHORT 2
+#define PR_ALIGN_OF_INT 4
+#define PR_ALIGN_OF_LONG 4
+#define PR_ALIGN_OF_INT64 4
+#define PR_ALIGN_OF_FLOAT 4
+#define PR_ALIGN_OF_DOUBLE 4
+#define PR_ALIGN_OF_POINTER 4
+#define PR_ALIGN_OF_WORD 4
+
+#define PR_BYTES_PER_WORD_LOG2 2
+#define PR_BYTES_PER_DWORD_LOG2 3
+
+#else
+
#define IS_LITTLE_ENDIAN 1
#undef IS_BIG_ENDIAN
#define IS_64
#define PR_BYTES_PER_BYTE 1
#define PR_BYTES_PER_SHORT 2
#define PR_BYTES_PER_INT 4
#define PR_BYTES_PER_INT64 8
@@ -251,16 +298,18 @@
#define PR_ALIGN_OF_FLOAT 4
#define PR_ALIGN_OF_DOUBLE 8
#define PR_ALIGN_OF_POINTER 8
#define PR_ALIGN_OF_WORD 8
#define PR_BYTES_PER_WORD_LOG2 3
#define PR_BYTES_PER_DWORD_LOG2 3
+#endif
+
#elif defined(__mc68000__)
#undef IS_LITTLE_ENDIAN
#define IS_BIG_ENDIAN 1
#define PR_BYTES_PER_BYTE 1
#define PR_BYTES_PER_SHORT 2
#define PR_BYTES_PER_INT 4

99
sdk_container/src/third_party/coreos-overlay/dev-libs/nspr/files/nspr-4.9.2-r1-cross.patch vendored
View File

@ -1,99 +0,0 @@
diff -aurN nspr-4.9.2-unpatched/mozilla/nsprpub/configure nspr-4.9.2/mozilla/nsprpub/configure
--- nspr-4.9.2-unpatched/mozilla/nsprpub/configure 2012-12-27 23:18:54.513295786 -0800
+++ nspr-4.9.2/mozilla/nsprpub/configure 2012-12-27 23:23:18.856135136 -0800
@@ -1367,16 +1367,16 @@
if test -z "$SKIP_COMPILER_CHECKS"; then
-if test "$target" != "$host" -o -n "$CROSS_COMPILE"; then
- echo "cross compiling from $host to $target"
+if test "$target" != "$build" -o -n "$CROSS_COMPILE"; then
+ echo "cross compiling from $build to $target"
cross_compiling=yes
_SAVE_CC="$CC"
_SAVE_CFLAGS="$CFLAGS"
_SAVE_LDFLAGS="$LDFLAGS"
- echo $ac_n "checking for $host compiler""... $ac_c" 1>&6
-echo "configure:1380: checking for $host compiler" >&5
+ echo $ac_n "checking for $build compiler""... $ac_c" 1>&6
+echo "configure:1380: checking for $build compiler" >&5
for ac_prog in $HOST_CC gcc cc /usr/ucb/cc
do
# Extract the first word of "$ac_prog", so it can be a program name with args.
@@ -1427,8 +1427,8 @@
CFLAGS="$HOST_CFLAGS"
LDFLAGS="$HOST_LDFLAGS"
- echo $ac_n "checking whether the $host compiler ($HOST_CC $HOST_CFLAGS $HOST_LDFLAGS) works""... $ac_c" 1>&6
-echo "configure:1432: checking whether the $host compiler ($HOST_CC $HOST_CFLAGS $HOST_LDFLAGS) works" >&5
+ echo $ac_n "checking whether the $build compiler ($HOST_CC $HOST_CFLAGS $HOST_LDFLAGS) works""... $ac_c" 1>&6
+echo "configure:1432: checking whether the $build compiler ($HOST_CC $HOST_CFLAGS $HOST_LDFLAGS) works" >&5
cat > conftest.$ac_ext <<EOF
#line 1434 "configure"
#include "confdefs.h"
@@ -1444,7 +1444,7 @@
echo "configure: failed program was:" >&5
cat conftest.$ac_ext >&5
rm -rf conftest*
- { echo "configure: error: installation or configuration problem: $host compiler $HOST_CC cannot create executables." 1>&2; exit 1; }
+ { echo "configure: error: installation or configuration problem: $build compiler $HOST_CC cannot create executables." 1>&2; exit 1; }
fi
rm -f conftest*
@@ -2835,6 +2835,9 @@
i?86-apple-darwin*:powerpc-apple-darwin*)
cross_compiling=yes
;;
+ x86_64-*:i686-*)
+ cross_compiling=yes
+ ;;
esac
if test "$cross_compiling" = "yes"; then
diff -aurN nspr-4.9.2-unpatched/mozilla/nsprpub/configure.in nspr-4.9.2/mozilla/nsprpub/configure.in
--- nspr-4.9.2-unpatched/mozilla/nsprpub/configure.in 2012-12-27 23:18:54.513295786 -0800
+++ nspr-4.9.2/mozilla/nsprpub/configure.in 2012-12-27 23:26:15.548033406 -0800
@@ -547,15 +547,15 @@
dnl Explicitly honor $CROSS_COMPILE to allow cross-compiling
dnl between toolkits on the same architecture, as when
dnl targeting the iOS Simulator from OS X.
-if test "$target" != "$host" -o -n "$CROSS_COMPILE"; then
- echo "cross compiling from $host to $target"
+if test "$target" != "$build" -o -n "$CROSS_COMPILE"; then
+ echo "cross compiling from $build to $target"
cross_compiling=yes
_SAVE_CC="$CC"
_SAVE_CFLAGS="$CFLAGS"
_SAVE_LDFLAGS="$LDFLAGS"
- AC_MSG_CHECKING([for $host compiler])
+ AC_MSG_CHECKING([for $build compiler])
AC_CHECK_PROGS(HOST_CC, $HOST_CC gcc cc /usr/ucb/cc, "")
if test -z "$HOST_CC"; then
AC_MSG_ERROR([no acceptable cc found in \$PATH])
@@ -572,10 +572,10 @@
CFLAGS="$HOST_CFLAGS"
LDFLAGS="$HOST_LDFLAGS"
- AC_MSG_CHECKING([whether the $host compiler ($HOST_CC $HOST_CFLAGS $HOST_LDFLAGS) works])
+ AC_MSG_CHECKING([whether the $build compiler ($HOST_CC $HOST_CFLAGS $HOST_LDFLAGS) works])
AC_TRY_COMPILE([], [return(0);],
[ac_cv_prog_host_cc_works=1 AC_MSG_RESULT([yes])],
- AC_MSG_ERROR([installation or configuration problem: $host compiler $HOST_CC cannot create executables.]) )
+ AC_MSG_ERROR([installation or configuration problem: $build compiler $HOST_CC cannot create executables.]) )
CC=$_SAVE_CC
CFLAGS=$_SAVE_CFLAGS
@@ -672,6 +672,9 @@
dnl translated environment, making a cross compiler appear native.
cross_compiling=yes
;;
+ x86_64-*:i686-*)
+ cross_compiling=yes
+ ;;
esac
if test "$cross_compiling" = "yes"; then

123
sdk_container/src/third_party/coreos-overlay/dev-libs/nspr/nspr-4.8.6-r1.ebuild vendored
View File

@ -1,123 +0,0 @@
# Copyright 1999-2010 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/dev-libs/nspr/nspr-4.8.6-r1.ebuild,v 1.1 2010/10/11 15:18:26 anarchy Exp $
EAPI=3
inherit eutils multilib toolchain-funcs versionator
MIN_PV="$(get_version_component_range 2)"
DESCRIPTION="Netscape Portable Runtime"
HOMEPAGE="http://www.mozilla.org/projects/nspr/"
SRC_URI="ftp://ftp.mozilla.org/pub/mozilla.org/nspr/releases/v${PV}/src/${P}.tar.gz"
LICENSE="|| ( MPL-1.1 GPL-2 LGPL-2.1 )"
SLOT="0"
KEYWORDS="~alpha amd64 arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc x86 ~ppc-aix ~x86-fbsd ~amd64-linux ~x86-linux ~x64-macos ~x86-macos ~sparc-solaris ~x64-solaris ~x86-solaris"
IUSE="debug"
src_prepare() {
mkdir build inst
epatch "${FILESDIR}"/${PN}-4.8-config.patch
epatch "${FILESDIR}"/${PN}-4.6.1-config-1.patch
epatch "${FILESDIR}"/${PN}-4.6.1-lang.patch
epatch "${FILESDIR}"/${PN}-4.7.0-prtime.patch
epatch "${FILESDIR}"/${PN}-4.8.6-r1-cross.patch
epatch "${FILESDIR}"/${PN}-4.8-pkgconfig-gentoo-3.patch
epatch "${FILESDIR}"/${PN}-4.7.1-solaris.patch
epatch "${FILESDIR}"/${PN}-4.7.4-solaris.patch
epatch "${FILESDIR}"/${PN}-4.8.3-aix-gcc.patch
epatch "${FILESDIR}"/${PN}-4.8.3-aix-soname.patch
epatch "${FILESDIR}"/${PN}-4.8.4-darwin-install_name.patch
epatch "${FILESDIR}"/${PN}-4.8-parallel-fixup.patch
# make sure it won't find Perl out of Prefix
sed -i -e "s/perl5//g" mozilla/nsprpub/configure || die
# Respect LDFLAGS
sed -i -e 's/\$(MKSHLIB) \$(OBJS)/\$(MKSHLIB) \$(LDFLAGS) \$(OBJS)/g' \
mozilla/nsprpub/config/rules.mk
# Disable useless rpath flags http://crosbug.com/38334
find -name Makefile.in -exec \
sed -i -e "/^DSO_LDOPTS.*-Wl,-R,'\$\$ORIGIN'/d" {} +
}
src_configure() {
cd "${S}"/build
echo > "${T}"/test.c
$(tc-getCC) -c "${T}"/test.c -o "${T}"/test.o
case $(file "${T}"/test.o) in
*64-bit*|*ppc64*|*x86_64*) myconf="${myconf} --enable-64bit";;
*32-bit*|*ppc*|*i386*|*"RISC System/6000"*) ;;
*) die "Failed to detect whether your arch is 64bits or 32bits, disable distcc if you're using it, please";;
esac
if tc-is-cross-compiler; then
myconf="${myconf} --with-arch=${ARCH}"
fi
myconf="${myconf} --libdir=${EPREFIX}/usr/$(get_libdir)"
export HOST_CC="${HOSTCC}"
export HOST_CFLAGS="-g"
export HOST_LDFLAGS="-g"
HOST_CC="$HOST_CC" HOST_CFLAGS="$HOST_CFLAGS" \
HOST_LDFLAGS="$HOST_LDFLAGS" ECONF_SOURCE="../mozilla/nsprpub" \
econf \
$(use_enable debug) \
$(use_enable !debug optimize) \
${myconf} || die "econf failed"
}
src_compile() {
cd "${S}"/build
# Removed some cmdline args that forced CC and CXX, as our config
# changes above make them get set correctly, and forcing them here
# means that we compile a host tool (nsinstall) with the target
# compiler.
emake || die "failed to build"
}
src_install () {
# Their build system is royally confusing, as usual
MINOR_VERSION=${MIN_PV} # Used for .so version
cd "${S}"/build
emake DESTDIR="${D}" install || die "emake install failed"
cd "${ED}"/usr/$(get_libdir)
for file in *.a; do
einfo "removing static libraries as upstream has requested!"
rm -f ${file} || die "failed to remove static libraries."
done
local n=
# aix-soname.patch does this already
[[ ${CHOST} == *-aix* ]] ||
for file in *$(get_libname); do
n=${file%$(get_libname)}$(get_libname ${MINOR_VERSION})
mv ${file} ${n} || die "failed to mv files around"
ln -s ${n} ${file} || die "failed to symlink files."
if [[ ${CHOST} == *-darwin* ]]; then
install_name_tool -id "${EPREFIX}/usr/$(get_libdir)/${n}" ${n} || die
fi
done
# install nspr-config
dobin "${S}"/build/config/nspr-config || die "failed to install nspr-config"
# create pkg-config file
insinto /usr/$(get_libdir)/pkgconfig/
doins "${S}"/build/config/nspr.pc || die "failed to insall nspr pkg-config file"
# Remove stupid files in /usr/bin
rm -f "${ED}"/usr/bin/prerr.properties || die "failed to cleanup unneeded files"
}
pkg_postinst() {
ewarn
ewarn "Please make sure you run revdep-rebuild after upgrade."
ewarn "This is *extremely* important to ensure your system nspr works properly."
ewarn
}

1
sdk_container/src/third_party/coreos-overlay/dev-libs/nspr/nspr-4.8.6-r5.ebuild vendored
View File

@ -1 +0,0 @@
nspr-4.8.6-r1.ebuild

118
sdk_container/src/third_party/coreos-overlay/dev-libs/nspr/nspr-4.9.2.ebuild vendored
View File

@ -1,118 +0,0 @@
# Copyright 1999-2012 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/dev-libs/nspr/nspr-4.9.2.ebuild,v 1.8 2012/11/29 23:40:13 blueness Exp $
EAPI=3
inherit eutils multilib toolchain-funcs versionator
MIN_PV="$(get_version_component_range 2)"
DESCRIPTION="Netscape Portable Runtime"
HOMEPAGE="http://www.mozilla.org/projects/nspr/"
SRC_URI="ftp://ftp.mozilla.org/pub/mozilla.org/nspr/releases/v${PV}/src/${P}.tar.gz"
LICENSE="|| ( MPL-1.1 GPL-2 LGPL-2.1 )"
SLOT="0"
KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 sparc x86 ~ppc-aix ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~x64-macos ~x86-macos ~sparc-solaris ~x64-solaris ~x86-solaris"
IUSE="debug"
src_prepare() {
mkdir build inst
epatch "${FILESDIR}"/${PN}-4.8-config.patch
epatch "${FILESDIR}"/${PN}-4.6.1-config-1.patch
epatch "${FILESDIR}"/${PN}-4.6.1-lang.patch
epatch "${FILESDIR}"/${PN}-4.7.0-prtime.patch
epatch "${FILESDIR}"/${PN}-4.7.1-solaris.patch
epatch "${FILESDIR}"/${PN}-4.7.4-solaris.patch
epatch "${FILESDIR}"/${PN}-4.8.3-aix-gcc.patch
# Patch needs updating
#epatch "${FILESDIR}"/${PN}-4.8.3-aix-soname.patch
epatch "${FILESDIR}"/${PN}-4.8.4-darwin-install_name.patch
epatch "${FILESDIR}"/${PN}-4.8.9-link-flags.patch
epatch "${FILESDIR}"/${PN}-4.9.1-x32_v0.2.patch
# ChromeOS: Fix x64 -> x86 cross-compilation
epatch "${FILESDIR}"/${PN}-4.9.2-r1-cross.patch
# make sure it won't find Perl out of Prefix
sed -i -e "s/perl5//g" "${S}"/mozilla/nsprpub/configure || die
# Respect LDFLAGS
sed -i -e 's/\$(MKSHLIB) \$(OBJS)/\$(MKSHLIB) \$(LDFLAGS) \$(OBJS)/g' \
"${S}"/mozilla/nsprpub/config/rules.mk || die
}
src_configure() {
cd "${S}"/build
echo > "${T}"/test.c
$(tc-getCC) -c "${T}"/test.c -o "${T}"/test.o
case $(file "${T}"/test.o) in
*32-bit*x86-64*|*64-bit*|*ppc64*|*x86_64*) myconf="${myconf} --enable-64bit";;
*32-bit*|*ppc*|*i386*) ;;
*) die "Failed to detect whether your arch is 64bits or 32bits, disable distcc if you're using it, please";;
esac
myconf="${myconf} --libdir=${EPREFIX}/usr/$(get_libdir)"
export HOST_CC="${HOSTCC}"
export HOST_CFLAGS="-g"
export HOST_LDFLAGS="-g"
LC_ALL="C" HOST_CC="$HOST_CC" HOST_CFLAGS="$HOST_CFLAGS" \
HOST_LDFLAGS="$HOST_LDFLAGS" ECONF_SOURCE="../mozilla/nsprpub" \
econf \
$(use_enable debug) \
$(use_enable !debug optimize) \
${myconf} || die "econf failed"
}
src_compile() {
cd "${S}"/build
if tc-is-cross-compiler; then
emake CC="$(tc-getBUILD_CC)" CXX="$(tc-getBUILD_CXX)" \
-C config nsinstall || die "failed to build"
mv config/{,native-}nsinstall
sed -s 's#/nsinstall$#/native-nsinstall#' -i config/autoconf.mk
rm config/nsinstall.o
fi
emake CC="$(tc-getCC)" CXX="$(tc-getCXX)" || die "failed to build"
}
src_install () {
# Their build system is royally confusing, as usual
MINOR_VERSION=${MIN_PV} # Used for .so version
cd "${S}"/build
emake DESTDIR="${D}" install || die "emake install failed"
cd "${ED}"/usr/$(get_libdir)
for file in *.a; do
einfo "removing static libraries as upstream has requested!"
rm -f ${file} || die "failed to remove static libraries."
done
local n=
# aix-soname.patch does this already
[[ ${CHOST} == *-aix* ]] ||
for file in *$(get_libname); do
n=${file%$(get_libname)}$(get_libname ${MINOR_VERSION})
mv ${file} ${n} || die "failed to mv files around"
ln -s ${n} ${file} || die "failed to symlink files."
if [[ ${CHOST} == *-darwin* ]]; then
install_name_tool -id "${EPREFIX}/usr/$(get_libdir)/${n}" ${n} || die
fi
done
# install nspr-config
dobin "${S}"/build/config/nspr-config || die "failed to install nspr-config"
# Remove stupid files in /usr/bin
rm -f "${ED}"/usr/bin/prerr.properties || die "failed to cleanup unneeded files"
}
pkg_postinst() {
ewarn
ewarn "Please make sure you run revdep-rebuild after upgrade."
ewarn "This is *extremely* important to ensure your system nspr works properly."
ewarn
}

2
sdk_container/src/third_party/coreos-overlay/dev-libs/nss/Manifest vendored
View File

@ -1,2 +0,0 @@
DIST nss-3.12.8.tar.gz 5951955 SHA256 9178ce29749e8d09cb93ce70c38f1c2c10630926b2bb7259c7dfff42cb090c14 SHA512 6e2181a5ddea3244b12fe83d7e3c7ff773214563fbaa086202b5384fc37bc760cdf3ac95dbb59b82ec4a8f0446f7273f46efc396e90eae08befc8e5cc23cc80a WHIRLPOOL cd0799d13817468c322d6a2ce2882e0c0daba8f83983099a7721d2c7fb2ae4de473e1a921da37976a3628dbdfaaaaaeaf20ee15f69f2270c8a21738326f65784
DIST nss-3.14.tar.gz 6068755 SHA256 b01868959d50263265aacc5a09f9a9eefbbde5f35604c2977f9714696f1d3e2b SHA512 c5aba091fddcdd57a8cda879a90cf05eeacedf5d734be8eaaec9051aaa6c468b0c8b9816db3cb864859702f90f49fd37971eca98754763b778dcd5fb3d1f7358 WHIRLPOOL b795c55c4dcb7878c4e887b6dc52213d1c31e09ea969df0d8b642b1010b5900c8734de70287141be2ca93a77631b312e68e9e781689f158bb104c501882046ae

33
sdk_container/src/third_party/coreos-overlay/dev-libs/nss/files/nss-3.12.4-solaris-gcc.patch vendored
View File

@ -1,33 +0,0 @@
--- mozilla/security/coreconf/SunOS5.mk.orig 2009-10-02 10:51:26.617090950 +0200
+++ mozilla/security/coreconf/SunOS5.mk 2009-10-02 10:53:39.756260510 +0200
@@ -37,6 +37,9 @@
include $(CORE_DEPTH)/coreconf/UNIX.mk
+NS_USE_GCC = 1
+GCC_USE_GNU_LD = 1
+
#
# Temporary define for the Client; to be removed when binary release is used
#
@@ -104,7 +107,7 @@
endif
endif
-INCLUDES += -I/usr/dt/include -I/usr/openwin/include
+#INCLUDES += -I/usr/dt/include -I/usr/openwin/include
RANLIB = echo
CPU_ARCH = sparc
@@ -114,11 +117,6 @@
NOMD_OS_CFLAGS += $(DSO_CFLAGS) $(OS_DEFINES) $(SOL_CFLAGS)
MKSHLIB = $(CC) $(DSO_LDOPTS) $(RPATH)
-ifdef NS_USE_GCC
-ifeq (GNU,$(findstring GNU,$(shell `$(CC) -print-prog-name=ld` -v 2>&1)))
- GCC_USE_GNU_LD = 1
-endif
-endif
ifdef MAPFILE
ifdef NS_USE_GCC
ifdef GCC_USE_GNU_LD

245
sdk_container/src/third_party/coreos-overlay/dev-libs/nss/files/nss-3.12.5-gentoo-fixups.diff vendored
View File

@ -1,245 +0,0 @@
diff -urN nss-3.12.5-orig/mozilla/security/nss/config/Makefile nss-3.12.5/mozilla/security/nss/config/Makefile
--- nss-3.12.5-orig/mozilla/security/nss/config/Makefile 1969-12-31 18:00:00.000000000 -0600
+++ nss-3.12.5/mozilla/security/nss/config/Makefile 2009-09-14 21:45:45.619639265 -0500
@@ -0,0 +1,40 @@
+CORE_DEPTH = ../..
+DEPTH = ../..
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+NSS_MAJOR_VERSION = `grep "NSS_VMAJOR" ../lib/nss/nss.h | awk '{print $$3}'`
+NSS_MINOR_VERSION = `grep "NSS_VMINOR" ../lib/nss/nss.h | awk '{print $$3}'`
+NSS_PATCH_VERSION = `grep "NSS_VPATCH" ../lib/nss/nss.h | awk '{print $$3}'`
+PREFIX = /usr
+
+all: export libs
+
+export:
+ # Create the nss.pc file
+ mkdir -p $(DIST)/lib/pkgconfig
+ sed -e "s,@prefix@,$(PREFIX)," \
+ -e "s,@exec_prefix@,\$${prefix}," \
+ -e "s,@libdir@,\$${prefix}/gentoo/nss," \
+ -e "s,@includedir@,\$${prefix}/include/nss," \
+ -e "s,@NSS_MAJOR_VERSION@,$(NSS_MAJOR_VERSION),g" \
+ -e "s,@NSS_MINOR_VERSION@,$(NSS_MINOR_VERSION)," \
+ -e "s,@NSS_PATCH_VERSION@,$(NSS_PATCH_VERSION)," \
+ nss.pc.in > nss.pc
+ chmod 0644 nss.pc
+ ln -sf ../../../../../security/nss/config/nss.pc $(DIST)/lib/pkgconfig
+
+ # Create the nss-config script
+ mkdir -p $(DIST)/bin
+ sed -e "s,@prefix@,$(PREFIX)," \
+ -e "s,@NSS_MAJOR_VERSION@,$(NSS_MAJOR_VERSION)," \
+ -e "s,@NSS_MINOR_VERSION@,$(NSS_MINOR_VERSION)," \
+ -e "s,@NSS_PATCH_VERSION@,$(NSS_PATCH_VERSION)," \
+ nss-config.in > nss-config
+ chmod 0755 nss-config
+ ln -sf ../../../../security/nss/config/nss-config $(DIST)/bin
+
+libs:
+
+dummy: all export libs
+
diff -urN nss-3.12.5-orig/mozilla/security/nss/config/nss-config.in nss-3.12.5/mozilla/security/nss/config/nss-config.in
--- nss-3.12.5-orig/mozilla/security/nss/config/nss-config.in 1969-12-31 18:00:00.000000000 -0600
+++ nss-3.12.5/mozilla/security/nss/config/nss-config.in 2009-09-14 21:47:45.190638078 -0500
@@ -0,0 +1,145 @@
+#!/bin/sh
+
+prefix=@prefix@
+
+major_version=@NSS_MAJOR_VERSION@
+minor_version=@NSS_MINOR_VERSION@
+patch_version=@NSS_PATCH_VERSION@
+
+usage()
+{
+ cat <<EOF
+Usage: nss-config [OPTIONS] [LIBRARIES]
+Options:
+ [--prefix[=DIR]]
+ [--exec-prefix[=DIR]]
+ [--includedir[=DIR]]
+ [--libdir[=DIR]]
+ [--version]
+ [--libs]
+ [--cflags]
+Dynamic Libraries:
+ nss
+ ssl
+ smime
+ nssutil
+EOF
+ exit $1
+}
+
+if test $# -eq 0; then
+ usage 1 1>&2
+fi
+
+lib_ssl=yes
+lib_smime=yes
+lib_nss=yes
+lib_nssutil=yes
+
+while test $# -gt 0; do
+ case "$1" in
+ -*=*) optarg=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'` ;;
+ *) optarg= ;;
+ esac
+
+ case $1 in
+ --prefix=*)
+ prefix=$optarg
+ ;;
+ --prefix)
+ echo_prefix=yes
+ ;;
+ --exec-prefix=*)
+ exec_prefix=$optarg
+ ;;
+ --exec-prefix)
+ echo_exec_prefix=yes
+ ;;
+ --includedir=*)
+ includedir=$optarg
+ ;;
+ --includedir)
+ echo_includedir=yes
+ ;;
+ --libdir=*)
+ libdir=$optarg
+ ;;
+ --libdir)
+ echo_libdir=yes
+ ;;
+ --version)
+ echo ${major_version}.${minor_version}.${patch_version}
+ ;;
+ --cflags)
+ echo_cflags=yes
+ ;;
+ --libs)
+ echo_libs=yes
+ ;;
+ ssl)
+ lib_ssl=yes
+ ;;
+ smime)
+ lib_smime=yes
+ ;;
+ nss)
+ lib_nss=yes
+ ;;
+ nssutil)
+ lib_nssutil=yes
+ ;;
+ *)
+ usage 1 1>&2
+ ;;
+ esac
+ shift
+done
+
+# Set variables that may be dependent upon other variables
+if test -z "$exec_prefix"; then
+ exec_prefix=`pkg-config --variable=exec_prefix nss`
+fi
+if test -z "$includedir"; then
+ includedir=`pkg-config --variable=includedir nss`
+fi
+if test -z "$libdir"; then
+ libdir=`pkg-config --variable=libdir nss`
+fi
+
+if test "$echo_prefix" = "yes"; then
+ echo $prefix
+fi
+
+if test "$echo_exec_prefix" = "yes"; then
+ echo $exec_prefix
+fi
+
+if test "$echo_includedir" = "yes"; then
+ echo $includedir
+fi
+
+if test "$echo_libdir" = "yes"; then
+ echo $libdir
+fi
+
+if test "$echo_cflags" = "yes"; then
+ echo -I$includedir
+fi
+
+if test "$echo_libs" = "yes"; then
+ libdirs="-Wl,-R$libdir -L$libdir"
+ if test -n "$lib_ssl"; then
+ libdirs="$libdirs -lssl${major_version}"
+ fi
+ if test -n "$lib_smime"; then
+ libdirs="$libdirs -lsmime${major_version}"
+ fi
+ if test -n "$lib_nss"; then
+ libdirs="$libdirs -lnss${major_version}"
+ fi
+ if test -n "$lib_nssutil"; then
+ libdirs="$libdirs -lnssutil${major_version}"
+ fi
+ echo $libdirs
+fi
+
diff -urN nss-3.12.5-orig/mozilla/security/nss/config/nss.pc.in nss-3.12.5/mozilla/security/nss/config/nss.pc.in
--- nss-3.12.5-orig/mozilla/security/nss/config/nss.pc.in 1969-12-31 18:00:00.000000000 -0600
+++ nss-3.12.5/mozilla/security/nss/config/nss.pc.in 2009-09-14 21:45:45.653637310 -0500
@@ -0,0 +1,12 @@
+prefix=@prefix@
+exec_prefix=@exec_prefix@
+libdir=@libdir@
+includedir=@includedir@
+
+Name: NSS
+Description: Network Security Services
+Version: @NSS_MAJOR_VERSION@.@NSS_MINOR_VERSION@.@NSS_PATCH_VERSION@
+Requires: nspr >= 4.8
+Libs: -L${libdir} -lssl3 -lsmime3 -lnssutil3 -lnss3
+Cflags: -I${includedir}
+
diff -urN nss-3.12.5-orig/mozilla/security/nss/Makefile nss-3.12.5/mozilla/security/nss/Makefile
--- nss-3.12.5-orig/mozilla/security/nss/Makefile 2008-12-02 17:24:39.000000000 -0600
+++ nss-3.12.5/mozilla/security/nss/Makefile 2009-09-14 21:45:45.678657145 -0500
@@ -78,7 +78,7 @@
# (7) Execute "local" rules. (OPTIONAL). #
#######################################################################
-nss_build_all: build_coreconf build_nspr build_dbm all
+nss_build_all: build_coreconf build_dbm all
nss_clean_all: clobber_coreconf clobber_nspr clobber_dbm clobber
@@ -140,12 +140,6 @@
--with-dist-prefix='$(NSPR_PREFIX)' \
--with-dist-includedir='$(NSPR_PREFIX)/include'
-build_nspr: $(NSPR_CONFIG_STATUS)
- cd $(CORE_DEPTH)/../nsprpub/$(OBJDIR_NAME) ; $(MAKE)
-
-clobber_nspr: $(NSPR_CONFIG_STATUS)
- cd $(CORE_DEPTH)/../nsprpub/$(OBJDIR_NAME) ; $(MAKE) clobber
-
build_dbm:
ifndef NSS_DISABLE_DBM
cd $(CORE_DEPTH)/dbm ; $(MAKE) export libs
diff -urN nss-3.12.5-orig/mozilla/security/nss/manifest.mn nss-3.12.5/mozilla/security/nss/manifest.mn
--- nss-3.12.5-orig/mozilla/security/nss/manifest.mn 2008-04-04 15:36:59.000000000 -0500
+++ nss-3.12.5/mozilla/security/nss/manifest.mn 2009-09-14 21:45:45.703656167 -0500
@@ -42,6 +42,6 @@
RELEASE = nss
-DIRS = lib cmd
+DIRS = lib cmd config

10
sdk_container/src/third_party/coreos-overlay/dev-libs/nss/files/nss-3.12.6-gentoo-fixup-warnings.patch vendored
View File

@ -1,10 +0,0 @@
--- nss-3.12.6b/mozilla/security/coreconf/Linux.mk-old 2010-02-11 12:43:26.000000000 -0600
+++ nss-3.12.6b/mozilla/security/coreconf/Linux.mk 2010-02-14 09:13:53.962449644 -0600
@@ -120,6 +120,7 @@
ifdef MOZ_DEBUG_SYMBOLS
OPTIMIZER += -gstabs+
endif
+OPTIMIZER += -fno-strict-aliasing
endif

21
sdk_container/src/third_party/coreos-overlay/dev-libs/nss/files/nss-3.12.8-abort-on-failed-urandom-access.patch vendored
View File

@ -1,21 +0,0 @@
diff -rupN nss-3.12.8/mozilla/security/nss/lib/freebl/unix_rand.c nss-3.12.8_patched/mozilla/security/nss/lib/freebl/unix_rand.c
--- nss-3.12.8/mozilla/security/nss/lib/freebl/unix_rand.c 2010-04-29 17:20:02.000000000 -0700
+++ nss-3.12.8_patched/mozilla/security/nss/lib/freebl/unix_rand.c 2012-04-18 10:38:53.013840985 -0700
@@ -949,6 +949,17 @@ void RNG_SystemInfoForRNG(void)
|| defined(HPUX)
if (bytes)
return;
+
+ /*
+ * Modified to abort the process on Chromium OS if it failed
+ * to read from /dev/urandom.
+ *
+ * See crosbug.com/29623 for details.
+ */
+ fprintf(stderr, "[ERROR:%s(%d)] NSS failed to read from /dev/urandom. "
+ "Abort process.\n", __FILE__, __LINE__);
+ fflush(stderr);
+ abort();
#endif
#ifdef SOLARIS

166
sdk_container/src/third_party/coreos-overlay/dev-libs/nss/files/nss-3.12.8-bugzilla-802429.patch vendored
View File

@ -1,166 +0,0 @@
--- a/mozilla/security/nss/lib/softoken/pk11pars.h 2012-10-19 17:49:36.824033689 -0700
+++ a/mozilla/security/nss/lib/softoken/pk11pars.h 2012-10-19 17:50:01.484588609 -0700
@@ -80,6 +80,8 @@
SECMOD_ARG_ENTRY(FORTEZZA,SECMOD_FORTEZZA_FLAG),
SECMOD_ARG_ENTRY(RC5,SECMOD_RC5_FLAG),
SECMOD_ARG_ENTRY(SHA1,SECMOD_SHA1_FLAG),
+ SECMOD_ARG_ENTRY(SHA256,SECMOD_SHA256_FLAG),
+ SECMOD_ARG_ENTRY(SHA512,SECMOD_SHA512_FLAG),
SECMOD_ARG_ENTRY(MD5,SECMOD_MD5_FLAG),
SECMOD_ARG_ENTRY(MD2,SECMOD_MD2_FLAG),
SECMOD_ARG_ENTRY(SSL,SECMOD_SSL_FLAG),
diff --git a/mozilla/security/nss/lib/pk11wrap/pk11cert.c b/mozilla/security/nss/lib/pk11wrap/pk11cert.c
index 329a2e7..b2c91b2 100644
--- a/mozilla/security/nss/lib/pk11wrap/pk11cert.c
+++ b/mozilla/security/nss/lib/pk11wrap/pk11cert.c
@@ -2663,7 +2663,7 @@ PK11_GetAllSlotsForCert(CERTCertificate *cert, void *arg)
nssCryptokiObject *instance = *ip;
PK11SlotInfo *slot = instance->token->pk11slot;
if (slot) {
- PK11_AddSlotToList(slotList, slot);
+ PK11_AddSlotToList(slotList, slot, PR_TRUE);
found = PR_TRUE;
}
}
diff --git a/mozilla/security/nss/lib/pk11wrap/pk11priv.h b/mozilla/security/nss/lib/pk11wrap/pk11priv.h
index 2c70cb0..c5b7a27 100644
--- a/mozilla/security/nss/lib/pk11wrap/pk11priv.h
+++ b/mozilla/security/nss/lib/pk11wrap/pk11priv.h
@@ -28,7 +28,7 @@ SEC_BEGIN_PROTOS
PK11SlotList * PK11_NewSlotList(void);
PK11SlotList * PK11_GetPrivateKeyTokens(CK_MECHANISM_TYPE type,
PRBool needRW,void *wincx);
-SECStatus PK11_AddSlotToList(PK11SlotList *list,PK11SlotInfo *slot);
+SECStatus PK11_AddSlotToList(PK11SlotList *list,PK11SlotInfo *slot, PRBool sorted);
SECStatus PK11_DeleteSlotFromList(PK11SlotList *list,PK11SlotListElement *le);
PK11SlotListElement *PK11_FindSlotElement(PK11SlotList *list,
PK11SlotInfo *slot);
diff --git a/mozilla/security/nss/lib/pk11wrap/pk11slot.c b/mozilla/security/nss/lib/pk11wrap/pk11slot.c
index 4d8d0ec..6d6aeb0 100644
--- a/mozilla/security/nss/lib/pk11wrap/pk11slot.c
+++ b/mozilla/security/nss/lib/pk11wrap/pk11slot.c
@@ -171,11 +171,16 @@ PK11_FreeSlotList(PK11SlotList *list)
/*
* add a slot to a list
+ * "slot" is the slot to be added. Ownership is not transferred.
+ * "sorted" indicates whether or not the slot should be inserted according to
+ * cipherOrder of the associated module. PR_FALSE indicates that the slot
+ * should be inserted to the head of the list.
*/
SECStatus
-PK11_AddSlotToList(PK11SlotList *list,PK11SlotInfo *slot)
+PK11_AddSlotToList(PK11SlotList *list,PK11SlotInfo *slot, PRBool sorted)
{
PK11SlotListElement *le;
+ PK11SlotListElement *element;
le = (PK11SlotListElement *) PORT_Alloc(sizeof(PK11SlotListElement));
if (le == NULL) return SECFailure;
@@ -184,9 +189,23 @@ PK11_AddSlotToList(PK11SlotList *list,PK11SlotInfo *slot)
le->prev = NULL;
le->refCount = 1;
PZ_Lock(list->lock);
- if (list->head) list->head->prev = le; else list->tail = le;
- le->next = list->head;
- list->head = le;
+ element = list->head;
+ /* Insertion sort, with higher cipherOrders are sorted first in the list */
+ while (element && sorted && (element->slot->module->cipherOrder >
+ le->slot->module->cipherOrder)) {
+ element = element->next;
+ }
+ if (element) {
+ le->prev = element->prev;
+ element->prev = le;
+ le->next = element;
+ } else {
+ le->prev = list->tail;
+ le->next = NULL;
+ list->tail = le;
+ }
+ if (le->prev) le->prev->next = le;
+ if (list->head == element) list->head = le;
PZ_Unlock(list->lock);
return SECSuccess;
@@ -208,11 +227,12 @@ PK11_DeleteSlotFromList(PK11SlotList *list,PK11SlotListElement *le)
}
/*
- * Move a list to the end of the target list. NOTE: There is no locking
- * here... This assumes BOTH lists are private copy lists.
+ * Move a list to the end of the target list.
+ * NOTE: There is no locking here... This assumes BOTH lists are private copy
+ * lists. It also does not re-sort the target list.
*/
SECStatus
-PK11_MoveListToList(PK11SlotList *target,PK11SlotList *src)
+pk11_MoveListToList(PK11SlotList *target,PK11SlotList *src)
{
if (src->head == NULL) return SECSuccess;
@@ -511,7 +531,7 @@ PK11_FindSlotsByNames(const char *dllName, const char* slotName,
((NULL == slotName) || (0 == *slotName)) &&
((NULL == tokenName) || (0 == *tokenName)) ) {
/* default to softoken */
- PK11_AddSlotToList(slotList, PK11_GetInternalKeySlot());
+ PK11_AddSlotToList(slotList, PK11_GetInternalKeySlot(), PR_TRUE);
return slotList;
}
@@ -539,7 +559,7 @@ PK11_FindSlotsByNames(const char *dllName, const char* slotName,
( (!slotName) || (tmpSlot->slot_name &&
(0==PORT_Strcmp(tmpSlot->slot_name, slotName)))) ) {
if (tmpSlot) {
- PK11_AddSlotToList(slotList, tmpSlot);
+ PK11_AddSlotToList(slotList, tmpSlot, PR_TRUE);
slotcount++;
}
}
@@ -910,7 +930,7 @@ PK11_LoadSlotList(PK11SlotInfo *slot, PK11PreSlotInfo *psi, int count)
CK_MECHANISM_TYPE mechanism = PK11_DefaultArray[i].mechanism;
PK11SlotList *slotList = PK11_GetSlotList(mechanism);
- if (slotList) PK11_AddSlotToList(slotList,slot);
+ if (slotList) PK11_AddSlotToList(slotList,slot,PR_FALSE);
}
}
@@ -937,7 +957,7 @@ PK11_UpdateSlotAttribute(PK11SlotInfo *slot, PK11DefaultArrayEntry *entry,
/* add this slot to the list */
if (slotList!=NULL)
- result = PK11_AddSlotToList(slotList, slot);
+ result = PK11_AddSlotToList(slotList, slot, PR_FALSE);
} else { /* trying to turn off */
@@ -1910,12 +1930,12 @@ PK11_GetAllTokens(CK_MECHANISM_TYPE type, PRBool needRW, PRBool loadCerts,
|| PK11_DoesMechanism(slot, type)) {
if (pk11_LoginStillRequired(slot,wincx)) {
if (PK11_IsFriendly(slot)) {
- PK11_AddSlotToList(friendlyList, slot);
+ PK11_AddSlotToList(friendlyList, slot, PR_TRUE);
} else {
- PK11_AddSlotToList(loginList, slot);
+ PK11_AddSlotToList(loginList, slot, PR_TRUE);
}
} else {
- PK11_AddSlotToList(list, slot);
+ PK11_AddSlotToList(list, slot, PR_TRUE);
}
}
}
@@ -1923,9 +1943,9 @@ PK11_GetAllTokens(CK_MECHANISM_TYPE type, PRBool needRW, PRBool loadCerts,
}
SECMOD_ReleaseReadLock(moduleLock);
- PK11_MoveListToList(list,friendlyList);
+ pk11_MoveListToList(list,friendlyList);
PK11_FreeSlotList(friendlyList);
- PK11_MoveListToList(list,loginList);
+ pk11_MoveListToList(list,loginList);
PK11_FreeSlotList(loginList);
return list;

11
sdk_container/src/third_party/coreos-overlay/dev-libs/nss/files/nss-3.12.8-cert-initlocks.patch vendored
View File

@ -1,11 +0,0 @@
diff -rupN nss-3.12.8/mozilla/security/nss/lib/certdb/certdb.c nss-3.12.8_patched/mozilla/security/nss/lib/certdb/certdb.c
--- nss-3.12.8/mozilla/security/nss/lib/certdb/certdb.c 2010-09-02 00:52:02.000000000 +0000
+++ nss-3.12.8_patched/mozilla/security/nss/lib/certdb/certdb.c 2012-04-02 20:58:31.821621891 +0000
@@ -3030,6 +3030,7 @@ cert_InitLocks(void)
PORT_Assert(certTrustLock != NULL);
if (!certTrustLock) {
PZ_DestroyLock(certRefCountLock);
+ certRefCountLock = NULL;
return SECFailure;
}
}

121
sdk_container/src/third_party/coreos-overlay/dev-libs/nss/files/nss-3.12.8-chromeos-cert-nicknames.patch vendored
View File

@ -1,121 +0,0 @@
diff -c -r mozilla/security/nss/lib.orig/nss/nss.def mozilla/security/nss/lib/nss/nss.def
*** mozilla/security/nss/lib.orig/nss/nss.def 2010-04-30 00:47:47.000000000 -0700
--- mozilla/security/nss/lib/nss/nss.def 2011-11-29 16:33:32.828968066 -0800
***************
*** 647,652 ****
--- 647,653 ----
PK11_GetPQGParamsFromPrivateKey;
PK11_GetPrivateKeyNickname;
PK11_GetPublicKeyNickname;
+ PK11_GetCertificateNickname;
PK11_GetSymKeyNickname;
PK11_ImportDERPrivateKeyInfoAndReturnKey;
PK11_ImportPrivateKeyInfoAndReturnKey;
***************
*** 658,663 ****
--- 659,665 ----
PK11_ProtectedAuthenticationPath;
PK11_SetPrivateKeyNickname;
PK11_SetPublicKeyNickname;
+ PK11_SetCertificateNickname;
PK11_SetSymKeyNickname;
SECKEY_DecodeDERSubjectPublicKeyInfo;
SECKEY_DestroyPublicKeyList;
diff -r -c mozilla/security/nss/lib.orig/pk11wrap/pk11akey.c mozilla/security/nss/lib/pk11wrap/pk11akey.c
*** mozilla/security/nss/lib.orig/pk11wrap/pk11akey.c 2011-11-29 12:16:56.000000000 -0800
--- mozilla/security/nss/lib/pk11wrap/pk11akey.c 2011-11-29 13:16:22.672540042 -0800
***************
*** 1907,1912 ****
--- 1907,1919 ----
return PK11_GetObjectNickname(pubKey->pkcs11Slot,pubKey->pkcs11ID);
}
+ char *
+ PK11_GetCertificateNickname(CERTCertificate *certificate)
+ {
+ return PK11_GetObjectNickname(certificate->slot,
+ certificate->pkcs11ID);
+ }
+
SECStatus
PK11_SetPrivateKeyNickname(SECKEYPrivateKey *privKey, const char *nickname)
{
***************
*** 1921,1926 ****
--- 1928,1940 ----
pubKey->pkcs11ID,nickname);
}
+ SECStatus
+ PK11_SetCertificateNickname(CERTCertificate *certificate, const char *nickname)
+ {
+ return PK11_SetObjectNickname(certificate->slot,
+ certificate->pkcs11ID,nickname);
+ }
+
SECKEYPQGParams *
PK11_GetPQGParamsFromPrivateKey(SECKEYPrivateKey *privKey)
{
diff -r -c mozilla/security/nss/lib.orig/pk11wrap/pk11obj.c mozilla/security/nss/lib/pk11wrap/pk11obj.c
*** mozilla/security/nss/lib.orig/pk11wrap/pk11obj.c 2009-02-15 19:47:21.000000000 -0800
--- mozilla/security/nss/lib/pk11wrap/pk11obj.c 2011-11-29 11:54:01.946485857 -0800
***************
*** 1396,1402 ****
slot = ((PK11SymKey *)objSpec)->slot;
handle = ((PK11SymKey *)objSpec)->objectID;
break;
! case PK11_TypeCert: /* don't handle cert case for now */
default:
break;
}
--- 1396,1405 ----
slot = ((PK11SymKey *)objSpec)->slot;
handle = ((PK11SymKey *)objSpec)->objectID;
break;
! case PK11_TypeCert:
! slot = ((CERTCertificate *)objSpec)->slot;
! handle = ((CERTCertificate *)objSpec)->pkcs11ID;
! break;
default:
break;
}
***************
*** 1446,1452 ****
slot = ((PK11SymKey *)objSpec)->slot;
handle = ((PK11SymKey *)objSpec)->objectID;
break;
! case PK11_TypeCert: /* don't handle cert case for now */
default:
break;
}
--- 1449,1458 ----
slot = ((PK11SymKey *)objSpec)->slot;
handle = ((PK11SymKey *)objSpec)->objectID;
break;
! case PK11_TypeCert:
! slot = ((CERTCertificate *)objSpec)->slot;
! handle = ((CERTCertificate *)objSpec)->pkcs11ID;
! break;
default:
break;
}
diff -r -c mozilla/security/nss/lib.orig/pk11wrap/pk11pub.h mozilla/security/nss/lib/pk11wrap/pk11pub.h
*** mozilla/security/nss/lib.orig/pk11wrap/pk11pub.h 2010-04-25 16:37:39.000000000 -0700
--- mozilla/security/nss/lib/pk11wrap/pk11pub.h 2011-11-29 11:53:04.605709449 -0800
***************
*** 462,472 ****
--- 462,475 ----
char * PK11_GetSymKeyNickname(PK11SymKey *symKey);
char * PK11_GetPrivateKeyNickname(SECKEYPrivateKey *privKey);
char * PK11_GetPublicKeyNickname(SECKEYPublicKey *pubKey);
+ char * PK11_GetCertificateNickname(CERTCertificate *certificate);
SECStatus PK11_SetSymKeyNickname(PK11SymKey *symKey, const char *nickname);
SECStatus PK11_SetPrivateKeyNickname(SECKEYPrivateKey *privKey,
const char *nickname);
SECStatus PK11_SetPublicKeyNickname(SECKEYPublicKey *pubKey,
const char *nickname);
+ SECStatus PK11_SetCertificateNickname(CERTCertificate *certificate,
+ const char *nickname);
/* size to hold key in bytes */
unsigned int PK11_GetKeyLength(PK11SymKey *key);

32
sdk_container/src/third_party/coreos-overlay/dev-libs/nss/files/nss-3.12.8-chromeos-mitm-root.patch vendored
View File

@ -1,32 +0,0 @@
*** mozilla/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_pk11certstore.c 2012-08-23 14:37:23.300678262 -0700
--- mozilla/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_pk11certstore.c.new 2012-08-23 17:52:26.209075001 -0700
***************
*** 275,292 ****
!(CERT_LIST_END(node, pk11CertList));
node = CERT_LIST_NEXT(node)) {
! PKIX_PL_NSSCALLRV
! (CERTSTORE,
! nssCert,
! CERT_NewTempCertificate,
! (dbHandle,
! &(node->cert->derCert),
! NULL, /* nickname */
! PR_FALSE,
! PR_TRUE)); /* copyDER */
!
if (!nssCert) {
! continue; /* just skip bad certs */
}
PKIX_CHECK_ONLY_FATAL(pkix_pl_Cert_CreateWithNSSCert
--- 275,283 ----
!(CERT_LIST_END(node, pk11CertList));
node = CERT_LIST_NEXT(node)) {
! nssCert = CERT_DupCertificate(node->cert);
if (!nssCert) {
! continue;
}
PKIX_CHECK_ONLY_FATAL(pkix_pl_Cert_CreateWithNSSCert

15046
sdk_container/src/third_party/coreos-overlay/dev-libs/nss/files/nss-3.12.8-chromeos-root-certs.patch vendored
View File

File diff suppressed because it is too large Load Diff

831
sdk_container/src/third_party/coreos-overlay/dev-libs/nss/files/nss-3.12.8-remove-fortezza.patch vendored
View File

@ -1,831 +0,0 @@
Index: mozilla/security/nss/lib/certhigh/certvfy.c
===================================================================
RCS file: /cvsroot/mozilla/security/nss/lib/certhigh/certvfy.c,v
retrieving revision 1.71
diff -p -u -r1.71 certvfy.c
--- mozilla/security/nss/lib/certhigh/certvfy.c 30 Apr 2010 07:47:48 -0000 1.71
+++ mozilla/security/nss/lib/certhigh/certvfy.c 22 Jul 2011 20:57:00 -0000
@@ -150,79 +150,6 @@ CERT_VerifySignedData(CERTSignedData *sd
}
-/* Software FORTEZZA installation hack. The software fortezza installer does
- * not have access to the krl and cert.db file. Accept FORTEZZA Certs without
- * KRL's in this case.
- */
-static int dont_use_krl = 0;
-/* not a public exposed function... */
-void sec_SetCheckKRLState(int value) { dont_use_krl = value; }
-
-SECStatus
-SEC_CheckKRL(CERTCertDBHandle *handle,SECKEYPublicKey *key,
- CERTCertificate *rootCert, int64 t, void * wincx)
-{
- CERTSignedCrl *crl = NULL;
- SECStatus rv = SECFailure;
- SECStatus rv2;
- CERTCrlEntry **crlEntry;
- SECCertTimeValidity validity;
- CERTCertificate *issuerCert = NULL;
-
- if (dont_use_krl) return SECSuccess;
-
- /* first look up the KRL */
- crl = SEC_FindCrlByName(handle,&rootCert->derSubject, SEC_KRL_TYPE);
- if (crl == NULL) {
- PORT_SetError(SEC_ERROR_NO_KRL);
- goto done;
- }
-
- /* get the issuing certificate */
- issuerCert = CERT_FindCertByName(handle, &crl->crl.derName);
- if (issuerCert == NULL) {
- PORT_SetError(SEC_ERROR_KRL_BAD_SIGNATURE);
- goto done;
- }
-
-
- /* now verify the KRL signature */
- rv2 = CERT_VerifySignedData(&crl->signatureWrap, issuerCert, t, wincx);
- if (rv2 != SECSuccess) {
- PORT_SetError(SEC_ERROR_KRL_BAD_SIGNATURE);
- goto done;
- }
-
- /* Verify the date validity of the KRL */
- validity = SEC_CheckCrlTimes(&crl->crl, t);
- if (validity == secCertTimeExpired) {
- PORT_SetError(SEC_ERROR_KRL_EXPIRED);
- goto done;
- }
-
- /* now make sure the key in this cert is still valid */
- if (key->keyType != fortezzaKey) {
- PORT_SetError(SSL_ERROR_BAD_CERT_DOMAIN);
- goto done; /* This should be an assert? */
- }
-
- /* now make sure the key is not on the revocation list */
- for (crlEntry = crl->crl.entries; crlEntry && *crlEntry; crlEntry++) {
- if (PORT_Memcmp((*crlEntry)->serialNumber.data,
- key->u.fortezza.KMID,
- (*crlEntry)->serialNumber.len) == 0) {
- PORT_SetError(SEC_ERROR_REVOKED_KEY);
- goto done;
- }
- }
- rv = SECSuccess;
-
-done:
- if (issuerCert) CERT_DestroyCertificate(issuerCert);
- if (crl) SEC_DestroyCrl(crl);
- return rv;
-}
-
SECStatus
SEC_CheckCRL(CERTCertDBHandle *handle,CERTCertificate *cert,
CERTCertificate *caCert, int64 t, void * wincx)
@@ -405,85 +332,6 @@ cert_AddToVerifyLog(CERTVerifyLog *log,
cert_AddToVerifyLog(log, cert, PORT_GetError(), depth, (void *)arg); \
}
-
-typedef enum { cbd_None, cbd_User, cbd_CA } cbd_FortezzaType;
-
-static SECStatus
-cert_VerifyFortezzaV1Cert(CERTCertDBHandle *handle, CERTCertificate *cert,
- cbd_FortezzaType *next_type, cbd_FortezzaType last_type,
- int64 t, void *wincx)
-{
- unsigned char priv = 0;
- SECKEYPublicKey *key;
- SECStatus rv;
-
- *next_type = cbd_CA;
-
- /* read the key */
- key = CERT_ExtractPublicKey(cert);
-
- /* Cant' get Key? fail. */
- if (key == NULL) {
- PORT_SetError(SEC_ERROR_BAD_KEY);
- return SECFailure;
- }
-
-
- /* if the issuer is not an old fortezza cert, we bail */
- if (key->keyType != fortezzaKey) {
- SECKEY_DestroyPublicKey(key);
- /* CA Cert not fortezza */
- PORT_SetError(SEC_ERROR_NOT_FORTEZZA_ISSUER);
- return SECFailure;
- }
-
- /* get the privilege mask */
- if (key->u.fortezza.DSSprivilege.len > 0) {
- priv = key->u.fortezza.DSSprivilege.data[0];
- }
-
- /*
- * make sure the CA's keys are OK
- */
-
- rv = SEC_CheckKRL(handle, key, NULL, t, wincx);
- SECKEY_DestroyPublicKey(key);
- if (rv != SECSuccess) {
- return rv;
- }
-
- switch (last_type) {
- case cbd_User:
- /* first check for subordination */
- /*rv = FortezzaSubordinateCheck(cert,issuerCert);*/
- rv = SECSuccess;
-
- /* now check for issuer privilege */
- if ((rv != SECSuccess) || ((priv & 0x10) == 0)) {
- /* bail */
- PORT_SetError (SEC_ERROR_CA_CERT_INVALID);
- return SECFailure;
- }
- break;
- case cbd_CA:
- if ((priv & 0x20) == 0) {
- /* bail */
- PORT_SetError (SEC_ERROR_CA_CERT_INVALID);
- return SECFailure;
- }
- break;
- case cbd_None:
- *next_type = (priv & 0x30) ? cbd_CA : cbd_User;
- break;
- default:
- /* bail */ /* shouldn't ever happen */
- PORT_SetError(SEC_ERROR_UNKNOWN_ISSUER);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-
static SECStatus
cert_VerifyCertChainOld(CERTCertDBHandle *handle, CERTCertificate *cert,
PRBool checkSig, PRBool* sigerror,
@@ -496,7 +344,6 @@ cert_VerifyCertChainOld(CERTCertDBHandle
CERTCertificate *subjectCert = NULL;
CERTCertificate *badCert = NULL;
PRBool isca;
- PRBool isFortezzaV1 = PR_FALSE;
SECStatus rv;
SECStatus rvFinal = SECSuccess;
int count;
@@ -512,8 +359,6 @@ cert_VerifyCertChainOld(CERTCertDBHandle
int namesCount = 0;
PRBool subjectCertIsSelfIssued;
- cbd_FortezzaType last_type = cbd_None;
-
if (revoked) {
*revoked = PR_FALSE;
}
@@ -562,21 +407,6 @@ cert_VerifyCertChainOld(CERTCertDBHandle
goto loser;
}
- /* determine if the cert is fortezza.
- */
- isFortezzaV1 = (PRBool)
- (CERT_GetCertKeyType(&subjectCert->subjectPublicKeyInfo)
- == fortezzaKey);
-
- if (isFortezzaV1) {
- rv = cert_VerifyFortezzaV1Cert(handle, subjectCert, &last_type,
- cbd_None, t, wincx);
- if (rv == SECFailure) {
- /**** PORT_SetError is already set by cert_VerifyFortezzaV1Cert **/
- LOG_ERROR_OR_EXIT(log,subjectCert,0,0);
- }
- }
-
arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
if (arena == NULL) {
goto loser;
@@ -663,19 +493,6 @@ cert_VerifyCertChainOld(CERTCertDBHandle
}
}
- /*
- * XXX - fortezza may need error logging stuff added
- */
- if (isFortezzaV1) {
- rv = cert_VerifyFortezzaV1Cert(handle, issuerCert, &last_type,
- last_type, t, wincx);
- if (rv == SECFailure) {
- /**** PORT_SetError is already set by *
- * cert_VerifyFortezzaV1Cert **/
- LOG_ERROR_OR_EXIT(log,subjectCert,0,0);
- }
- }
-
/* If the basicConstraint extension is included in an immediate CA
* certificate, make sure that the isCA flag is on. If the
* pathLenConstraint component exists, it must be greater than the
@@ -683,12 +500,6 @@ cert_VerifyCertChainOld(CERTCertDBHandle
* is omitted, we will assume that this is a CA certificate with
* an unlimited pathLenConstraint (since it already passes the
* netscape-cert-type extension checking).
- *
- * In the fortezza (V1) case, we've already checked the CA bits
- * in the key, so we're presumed to be a CA; however we really don't
- * want to bypass Basic constraint or netscape extension parsing.
- *
- * In Fortezza V2, basicConstraint will be set for every CA,PCA,PAA
*/
rv = CERT_FindBasicConstraintExten(issuerCert, &basicConstraint);
@@ -697,10 +508,8 @@ cert_VerifyCertChainOld(CERTCertDBHandle
LOG_ERROR_OR_EXIT(log,issuerCert,count+1,0);
}
pathLengthLimit = CERT_UNLIMITED_PATH_CONSTRAINT;
- /* no basic constraints found, if we're fortezza, CA bit is already
- * verified (isca = PR_TRUE). otherwise, we aren't (yet) a ca
- * isca = PR_FALSE */
- isca = isFortezzaV1;
+ /* no basic constraints found, we aren't (yet) a CA. */
+ isca = PR_FALSE;
} else {
if ( basicConstraint.isCA == PR_FALSE ) {
PORT_SetError (SEC_ERROR_CA_CERT_INVALID);
@@ -960,12 +769,6 @@ CERT_VerifyCACertForUsage(CERTCertDBHand
* is omitted, we will assume that this is a CA certificate with
* an unlimited pathLenConstraint (since it already passes the
* netscape-cert-type extension checking).
- *
- * In the fortezza (V1) case, we've already checked the CA bits
- * in the key, so we're presumed to be a CA; however we really don't
- * want to bypass Basic constraint or netscape extension parsing.
- *
- * In Fortezza V2, basicConstraint will be set for every CA,PCA,PAA
*/
rv = CERT_FindBasicConstraintExten(cert, &basicConstraint);
@@ -973,9 +776,7 @@ CERT_VerifyCACertForUsage(CERTCertDBHand
if (PORT_GetError() != SEC_ERROR_EXTENSION_NOT_FOUND) {
LOG_ERROR_OR_EXIT(log,cert,0,0);
}
- /* no basic constraints found, if we're fortezza, CA bit is already
- * verified (isca = PR_TRUE). otherwise, we aren't (yet) a ca
- * isca = PR_FALSE */
+ /* no basic constraints found, we aren't (yet) a CA. */
isca = PR_FALSE;
} else {
if ( basicConstraint.isCA == PR_FALSE ) {
Index: mozilla/security/nss/lib/cryptohi/seckey.c
===================================================================
RCS file: /cvsroot/mozilla/security/nss/lib/cryptohi/seckey.c,v
retrieving revision 1.54
diff -p -u -r1.54 seckey.c
--- mozilla/security/nss/lib/cryptohi/seckey.c 23 Jun 2010 02:13:56 -0000 1.54
+++ mozilla/security/nss/lib/cryptohi/seckey.c 22 Jul 2011 20:57:00 -0000
@@ -105,47 +105,6 @@ const SEC_ASN1Template SECKEY_DHParamKey
{ 0, }
};
-const SEC_ASN1Template SECKEY_FortezzaParameterTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYPQGParams) },
- { SEC_ASN1_OCTET_STRING, offsetof(SECKEYPQGParams,prime), },
- { SEC_ASN1_OCTET_STRING, offsetof(SECKEYPQGParams,subPrime), },
- { SEC_ASN1_OCTET_STRING, offsetof(SECKEYPQGParams,base), },
- { 0 },
-};
-
-const SEC_ASN1Template SECKEY_FortezzaDiffParameterTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYDiffPQGParams) },
- { SEC_ASN1_INLINE, offsetof(SECKEYDiffPQGParams,DiffKEAParams),
- SECKEY_FortezzaParameterTemplate},
- { SEC_ASN1_INLINE, offsetof(SECKEYDiffPQGParams,DiffDSAParams),
- SECKEY_FortezzaParameterTemplate},
- { 0 },
-};
-
-const SEC_ASN1Template SECKEY_FortezzaPreParamTemplate[] = {
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_CONTEXT_SPECIFIC | 1, offsetof(SECKEYPQGDualParams,CommParams),
- SECKEY_FortezzaParameterTemplate},
- { 0, }
-};
-
-const SEC_ASN1Template SECKEY_FortezzaAltPreParamTemplate[] = {
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_CONTEXT_SPECIFIC | 0, offsetof(SECKEYPQGDualParams,DiffParams),
- SECKEY_FortezzaDiffParameterTemplate},
- { 0, }
-};
-
-const SEC_ASN1Template SECKEY_KEAPublicKeyTemplate[] = {
- { SEC_ASN1_INTEGER, offsetof(SECKEYPublicKey,u.kea.publicValue), },
- { 0, }
-};
-
-const SEC_ASN1Template SECKEY_KEAParamsTemplate[] = {
- { SEC_ASN1_OCTET_STRING, offsetof(SECKEYPublicKey,u.kea.params.hash), },
- { 0, }
-};
-
SEC_ASN1_CHOOSER_IMPLEMENT(SECKEY_DSAPublicKeyTemplate)
SEC_ASN1_CHOOSER_IMPLEMENT(SECKEY_RSAPublicKeyTemplate)
SEC_ASN1_CHOOSER_IMPLEMENT(CERT_SubjectPublicKeyInfoTemplate)
@@ -187,12 +146,6 @@ prepare_dh_pub_key_for_asn1(SECKEYPublic
pubk->u.dh.publicValue.type = siUnsignedInteger;
}
-static void
-prepare_kea_pub_key_for_asn1(SECKEYPublicKey *pubk)
-{
- pubk->u.kea.publicValue.type = siUnsignedInteger;
-}
-
/* Create an RSA key pair is any slot able to do so.
** The created keys are "session" (temporary), not "token" (permanent),
** and they are "sensitive", which makes them costly to move to another token.
@@ -603,149 +556,6 @@ SECKEY_UpdateCertPQG(CERTCertificate * s
}
-/* Decode the PQG parameters. The params could be stored in two
- * possible formats, the old fortezza-only wrapped format or
- * the standard DER encoded format. Store the decoded parameters in an
- * old fortezza cert data structure */
-
-SECStatus
-SECKEY_FortezzaDecodePQGtoOld(PRArenaPool *arena, SECKEYPublicKey *pubk,
- SECItem *params) {
- SECStatus rv;
- SECKEYPQGDualParams dual_params;
- SECItem newparams;
-
- PORT_Assert(arena);
-
- if (params == NULL) return SECFailure;
-
- if (params->data == NULL) return SECFailure;
-
- /* make a copy of the data into the arena so QuickDER output is valid */
- rv = SECITEM_CopyItem(arena, &newparams, params);
-
- /* Check if params use the standard format.
- * The value 0xa1 will appear in the first byte of the parameter data
- * if the PQG parameters are not using the standard format. This
- * code should be changed to use a better method to detect non-standard
- * parameters. */
-
- if ((newparams.data[0] != 0xa1) &&
- (newparams.data[0] != 0xa0)) {
-
- if (SECSuccess == rv) {
- /* PQG params are in the standard format */
-
- /* Store DSA PQG parameters */
- prepare_pqg_params_for_asn1(&pubk->u.fortezza.params);
- rv = SEC_QuickDERDecodeItem(arena, &pubk->u.fortezza.params,
- SECKEY_PQGParamsTemplate,
- &newparams);
- }
-
- if (SECSuccess == rv) {
-
- /* Copy the DSA PQG parameters to the KEA PQG parameters. */
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.prime,
- &pubk->u.fortezza.params.prime);
- }
- if (SECSuccess == rv) {
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.subPrime,
- &pubk->u.fortezza.params.subPrime);
- }
- if (SECSuccess == rv) {
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.base,
- &pubk->u.fortezza.params.base);
- }
- } else {
-
- dual_params.CommParams.prime.len = 0;
- dual_params.CommParams.subPrime.len = 0;
- dual_params.CommParams.base.len = 0;
- dual_params.DiffParams.DiffDSAParams.prime.len = 0;
- dual_params.DiffParams.DiffDSAParams.subPrime.len = 0;
- dual_params.DiffParams.DiffDSAParams.base.len = 0;
-
- /* else the old fortezza-only wrapped format is used. */
-
- if (SECSuccess == rv) {
- if (newparams.data[0] == 0xa1) {
- rv = SEC_QuickDERDecodeItem(arena, &dual_params,
- SECKEY_FortezzaPreParamTemplate, &newparams);
- } else {
- rv = SEC_QuickDERDecodeItem(arena, &dual_params,
- SECKEY_FortezzaAltPreParamTemplate, &newparams);
- }
- }
-
- if ( (dual_params.CommParams.prime.len > 0) &&
- (dual_params.CommParams.subPrime.len > 0) &&
- (dual_params.CommParams.base.len > 0) ) {
- /* copy in common params */
- if (SECSuccess == rv) {
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.prime,
- &dual_params.CommParams.prime);
- }
- if (SECSuccess == rv) {
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.subPrime,
- &dual_params.CommParams.subPrime);
- }
- if (SECSuccess == rv) {
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.base,
- &dual_params.CommParams.base);
- }
-
- /* Copy the DSA PQG parameters to the KEA PQG parameters. */
- if (SECSuccess == rv) {
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.prime,
- &pubk->u.fortezza.params.prime);
- }
- if (SECSuccess == rv) {
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.subPrime,
- &pubk->u.fortezza.params.subPrime);
- }
- if (SECSuccess == rv) {
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.base,
- &pubk->u.fortezza.params.base);
- }
- } else {
-
- /* else copy in different params */
-
- /* copy DSA PQG parameters */
- if (SECSuccess == rv) {
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.prime,
- &dual_params.DiffParams.DiffDSAParams.prime);
- }
- if (SECSuccess == rv) {
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.subPrime,
- &dual_params.DiffParams.DiffDSAParams.subPrime);
- }
- if (SECSuccess == rv) {
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.base,
- &dual_params.DiffParams.DiffDSAParams.base);
- }
-
- /* copy KEA PQG parameters */
-
- if (SECSuccess == rv) {
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.prime,
- &dual_params.DiffParams.DiffKEAParams.prime);
- }
- if (SECSuccess == rv) {
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.subPrime,
- &dual_params.DiffParams.DiffKEAParams.subPrime);
- }
- if (SECSuccess == rv) {
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.base,
- &dual_params.DiffParams.DiffKEAParams.base);
- }
- }
- }
- return rv;
-}
-
-
/* Decode the DSA PQG parameters. The params could be stored in two
* possible formats, the old fortezza-only wrapped format or
* the normal standard format. Store the decoded parameters in
@@ -754,7 +564,6 @@ SECKEY_FortezzaDecodePQGtoOld(PRArenaPoo
SECStatus
SECKEY_DSADecodePQG(PRArenaPool *arena, SECKEYPublicKey *pubk, SECItem *params) {
SECStatus rv;
- SECKEYPQGDualParams dual_params;
SECItem newparams;
if (params == NULL) return SECFailure;
@@ -784,187 +593,16 @@ SECKEY_DSADecodePQG(PRArenaPool *arena,
}
} else {
- dual_params.CommParams.prime.len = 0;
- dual_params.CommParams.subPrime.len = 0;
- dual_params.CommParams.base.len = 0;
- dual_params.DiffParams.DiffDSAParams.prime.len = 0;
- dual_params.DiffParams.DiffDSAParams.subPrime.len = 0;
- dual_params.DiffParams.DiffDSAParams.base.len = 0;
-
if (SECSuccess == rv) {
/* else the old fortezza-only wrapped format is used. */
- if (newparams.data[0] == 0xa1) {
- rv = SEC_QuickDERDecodeItem(arena, &dual_params,
- SECKEY_FortezzaPreParamTemplate, &newparams);
- } else {
- rv = SEC_QuickDERDecodeItem(arena, &dual_params,
- SECKEY_FortezzaAltPreParamTemplate, &newparams);
- }
- }
-
- if ( (dual_params.CommParams.prime.len > 0) &&
- (dual_params.CommParams.subPrime.len > 0) &&
- (dual_params.CommParams.base.len > 0) ) {
- /* copy in common params */
-
- if (SECSuccess == rv) {
- rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.prime,
- &dual_params.CommParams.prime);
- }
- if (SECSuccess == rv) {
- rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.subPrime,
- &dual_params.CommParams.subPrime);
- }
- if (SECSuccess == rv) {
- rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.base,
- &dual_params.CommParams.base);
- }
- } else {
-
- /* else copy in different params */
-
- /* copy DSA PQG parameters */
- if (SECSuccess == rv) {
- rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.prime,
- &dual_params.DiffParams.DiffDSAParams.prime);
- }
- if (SECSuccess == rv) {
- rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.subPrime,
- &dual_params.DiffParams.DiffDSAParams.subPrime);
- }
- if (SECSuccess == rv) {
- rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.base,
- &dual_params.DiffParams.DiffDSAParams.base);
- }
+ PORT_SetError(SEC_ERROR_BAD_DER);
+ rv = SECFailure;
}
}
return rv;
}
-/* Decodes the DER encoded fortezza public key and stores the results in a
- * structure of type SECKEYPublicKey. */
-
-SECStatus
-SECKEY_FortezzaDecodeCertKey(PRArenaPool *arena, SECKEYPublicKey *pubk,
- SECItem *rawkey, SECItem *params) {
-
- unsigned char *rawptr = rawkey->data;
- unsigned char *end = rawkey->data + rawkey->len;
- unsigned char *clearptr;
-
- /* first march down and decode the raw key data */
-
- /* version */
- pubk->u.fortezza.KEAversion = *rawptr++;
- if (*rawptr++ != 0x01) {
- return SECFailure;
- }
-
- /* KMID */
- PORT_Memcpy(pubk->u.fortezza.KMID,rawptr,
- sizeof(pubk->u.fortezza.KMID));
- rawptr += sizeof(pubk->u.fortezza.KMID);
-
- /* clearance (the string up to the first byte with the hi-bit on */
- clearptr = rawptr;
- while ((rawptr < end) && (*rawptr++ & 0x80));
-
- if (rawptr >= end) { return SECFailure; }
- pubk->u.fortezza.clearance.len = rawptr - clearptr;
- pubk->u.fortezza.clearance.data =
- (unsigned char*)PORT_ArenaZAlloc(arena,pubk->u.fortezza.clearance.len);
- if (pubk->u.fortezza.clearance.data == NULL) {
- return SECFailure;
- }
- PORT_Memcpy(pubk->u.fortezza.clearance.data,clearptr,
- pubk->u.fortezza.clearance.len);
-
- /* KEAPrivilege (the string up to the first byte with the hi-bit on */
- clearptr = rawptr;
- while ((rawptr < end) && (*rawptr++ & 0x80));
- if (rawptr >= end) { return SECFailure; }
- pubk->u.fortezza.KEAprivilege.len = rawptr - clearptr;
- pubk->u.fortezza.KEAprivilege.data =
- (unsigned char*)PORT_ArenaZAlloc(arena,pubk->u.fortezza.KEAprivilege.len);
- if (pubk->u.fortezza.KEAprivilege.data == NULL) {
- return SECFailure;
- }
- PORT_Memcpy(pubk->u.fortezza.KEAprivilege.data,clearptr,
- pubk->u.fortezza.KEAprivilege.len);
-
-
- /* now copy the key. The next to bytes are the key length, and the
- * key follows */
- pubk->u.fortezza.KEAKey.len = (*rawptr << 8) | rawptr[1];
-
- rawptr += 2;
- if (rawptr+pubk->u.fortezza.KEAKey.len > end) { return SECFailure; }
- pubk->u.fortezza.KEAKey.data =
- (unsigned char*)PORT_ArenaZAlloc(arena,pubk->u.fortezza.KEAKey.len);
- if (pubk->u.fortezza.KEAKey.data == NULL) {
- return SECFailure;
- }
- PORT_Memcpy(pubk->u.fortezza.KEAKey.data,rawptr,
- pubk->u.fortezza.KEAKey.len);
- rawptr += pubk->u.fortezza.KEAKey.len;
-
- /* shared key */
- if (rawptr >= end) {
- pubk->u.fortezza.DSSKey.len = pubk->u.fortezza.KEAKey.len;
- /* this depends on the fact that we are going to get freed with an
- * ArenaFree call. We cannot free DSSKey and KEAKey separately */
- pubk->u.fortezza.DSSKey.data=
- pubk->u.fortezza.KEAKey.data;
- pubk->u.fortezza.DSSprivilege.len =
- pubk->u.fortezza.KEAprivilege.len;
- pubk->u.fortezza.DSSprivilege.data =
- pubk->u.fortezza.DSSprivilege.data;
- goto done;
- }
-
-
- /* DSS Version is next */
- pubk->u.fortezza.DSSversion = *rawptr++;
-
- if (*rawptr++ != 2) {
- return SECFailure;
- }
-
- /* DSSPrivilege (the string up to the first byte with the hi-bit on */
- clearptr = rawptr;
- while ((rawptr < end) && (*rawptr++ & 0x80));
- if (rawptr >= end) { return SECFailure; }
- pubk->u.fortezza.DSSprivilege.len = rawptr - clearptr;
- pubk->u.fortezza.DSSprivilege.data =
- (unsigned char*)PORT_ArenaZAlloc(arena,pubk->u.fortezza.DSSprivilege.len);
- if (pubk->u.fortezza.DSSprivilege.data == NULL) {
- return SECFailure;
- }
- PORT_Memcpy(pubk->u.fortezza.DSSprivilege.data,clearptr,
- pubk->u.fortezza.DSSprivilege.len);
-
- /* finally copy the DSS key. The next to bytes are the key length,
- * and the key follows */
- pubk->u.fortezza.DSSKey.len = (*rawptr << 8) | rawptr[1];
-
- rawptr += 2;
- if (rawptr+pubk->u.fortezza.DSSKey.len > end){ return SECFailure; }
- pubk->u.fortezza.DSSKey.data =
- (unsigned char*)PORT_ArenaZAlloc(arena,pubk->u.fortezza.DSSKey.len);
- if (pubk->u.fortezza.DSSKey.data == NULL) {
- return SECFailure;
- }
- PORT_Memcpy(pubk->u.fortezza.DSSKey.data,rawptr,
- pubk->u.fortezza.DSSKey.len);
-
- /* ok, now we decode the parameters */
-done:
-
- return SECKEY_FortezzaDecodePQGtoOld(arena, pubk, params);
-}
-
-
/* Function used to make an oid tag to a key type */
KeyType
seckey_GetKeyType (SECOidTag tag) {
@@ -1085,59 +723,6 @@ seckey_ExtractPublicKey(CERTSubjectPubli
if (rv == SECSuccess) return pubk;
break;
- case SEC_OID_MISSI_KEA_DSS_OLD:
- case SEC_OID_MISSI_KEA_DSS:
- case SEC_OID_MISSI_DSS_OLD:
- case SEC_OID_MISSI_DSS:
- pubk->keyType = fortezzaKey;
- rv = SECKEY_FortezzaDecodeCertKey(arena, pubk, &newOs,
- &spki->algorithm.parameters);
- if (rv == SECSuccess)
- return pubk;
- break;
-
- case SEC_OID_MISSI_KEA:
- pubk->keyType = keaKey;
-
- prepare_kea_pub_key_for_asn1(pubk);
- rv = SEC_QuickDERDecodeItem(arena, pubk,
- SECKEY_KEAPublicKeyTemplate, &newOs);
- if (rv != SECSuccess) break;
-
- /* copy the DER into the arena, since Quick DER returns data that points
- into the DER input, which may get freed by the caller */
- rv = SECITEM_CopyItem(arena, &newParms, &spki->algorithm.parameters);
- if ( rv != SECSuccess )
- break;
-
- rv = SEC_QuickDERDecodeItem(arena, pubk, SECKEY_KEAParamsTemplate,
- &newParms);
-
- if (rv == SECSuccess)
- return pubk;
-
- break;
-
- case SEC_OID_MISSI_ALT_KEA:
- pubk->keyType = keaKey;
-
- rv = SECITEM_CopyItem(arena,&pubk->u.kea.publicValue,&newOs);
- if (rv != SECSuccess) break;
-
- /* copy the DER into the arena, since Quick DER returns data that points
- into the DER input, which may get freed by the caller */
- rv = SECITEM_CopyItem(arena, &newParms, &spki->algorithm.parameters);
- if ( rv != SECSuccess )
- break;
-
- rv = SEC_QuickDERDecodeItem(arena, pubk, SECKEY_KEAParamsTemplate,
- &newParms);
-
- if (rv == SECSuccess)
- return pubk;
-
- break;
-
case SEC_OID_ANSIX962_EC_PUBLIC_KEY:
pubk->keyType = ecKey;
pubk->u.ec.size = 0;
@@ -1154,6 +739,7 @@ seckey_ExtractPublicKey(CERTSubjectPubli
break;
default:
+ PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
rv = SECFailure;
break;
}
Index: mozilla/security/nss/lib/pk11wrap/pk11akey.c
===================================================================
RCS file: /cvsroot/mozilla/security/nss/lib/pk11wrap/pk11akey.c,v
retrieving revision 1.30
diff -p -u -r1.30 pk11akey.c
--- mozilla/security/nss/lib/pk11wrap/pk11akey.c 17 Jun 2010 20:36:37 -0000 1.30
+++ mozilla/security/nss/lib/pk11wrap/pk11akey.c 22 Jul 2011 20:57:00 -0000
@@ -171,20 +171,6 @@ PK11_ImportPublicKey(PK11SlotInfo *slot,
PK11_SETATTRS(attrs, CKA_VALUE, pubKey->u.dsa.publicValue.data,
pubKey->u.dsa.publicValue.len); attrs++;
break;
- case fortezzaKey:
- keyType = CKK_DSA;
- PK11_SETATTRS(attrs, CKA_VERIFY, &cktrue, sizeof(CK_BBOOL));attrs++;
- signedattr = attrs;
- PK11_SETATTRS(attrs, CKA_PRIME,pubKey->u.fortezza.params.prime.data,
- pubKey->u.fortezza.params.prime.len); attrs++;
- PK11_SETATTRS(attrs,CKA_SUBPRIME,
- pubKey->u.fortezza.params.subPrime.data,
- pubKey->u.fortezza.params.subPrime.len);attrs++;
- PK11_SETATTRS(attrs, CKA_BASE, pubKey->u.fortezza.params.base.data,
- pubKey->u.fortezza.params.base.len); attrs++;
- PK11_SETATTRS(attrs, CKA_VALUE, pubKey->u.fortezza.DSSKey.data,
- pubKey->u.fortezza.DSSKey.len); attrs++;
- break;
case dhKey:
keyType = CKK_DH;
PK11_SETATTRS(attrs, CKA_DERIVE, &cktrue, sizeof(CK_BBOOL));attrs++;
@@ -223,6 +209,9 @@ PK11_ImportPublicKey(PK11SlotInfo *slot,
}
break;
default:
+ if (ckaId) {
+ SECITEM_FreeItem(ckaId,PR_TRUE);
+ }
PORT_SetError( SEC_ERROR_BAD_KEY );
return CK_INVALID_HANDLE;
}
@@ -242,6 +231,10 @@ PK11_ImportPublicKey(PK11SlotInfo *slot,
SECITEM_FreeItem(pubValue,PR_TRUE);
}
if ( rv != SECSuccess) {
+ /* CKR_ATTRIBUTE_VALUE_INVALID is mapped to SEC_ERROR_BAD_DATA */
+ if (PORT_GetError() == SEC_ERROR_BAD_DATA) {
+ PORT_SetError( SEC_ERROR_BAD_KEY );
+ }
return CK_INVALID_HANDLE;
}
}
Index: mozilla/security/nss/lib/util/quickder.c
===================================================================
RCS file: /cvsroot/mozilla/security/nss/lib/util/quickder.c,v
retrieving revision 1.23
diff -p -u -r1.23 quickder.c
--- mozilla/security/nss/lib/util/quickder.c 31 Oct 2005 18:34:42 -0000 1.23
+++ mozilla/security/nss/lib/util/quickder.c 22 Jul 2011 20:57:00 -0000
@@ -102,7 +102,7 @@ static unsigned char* definite_length_de
static SECStatus GetItem(SECItem* src, SECItem* dest, PRBool includeTag)
{
- if ( (!src) || (!dest) || (!src->data) )
+ if ( (!src) || (!dest) || (!src->data && src->len) )
{
PORT_SetError(SEC_ERROR_INVALID_ARGS);
return SECFailure;

23
sdk_container/src/third_party/coreos-overlay/dev-libs/nss/files/nss-3.12.8-shlibsign.patch vendored
View File

@ -1,23 +0,0 @@
--- mozilla/security/nss/cmd/shlibsign/Makefile-old 2009-10-21 01:48:57.000000000 +0000
+++ mozilla/security/nss/cmd/shlibsign/Makefile 2009-10-21 01:55:08.000000000 +0@@ -105,6 +105,7 @@
include ../platrules.mk
SRCDIR = $(call core_abspath,.)
+SHLIBSIGN =
%.chk: %.$(DLL_SUFFIX)
ifeq ($(OS_TARGET), OS2)
@@ -112,9 +113,13 @@
$(call core_abspath,$(OBJDIR)) $(OS_TARGET) \
$(call core_abspath,$(NSPR_LIB_DIR)) $(call core_abspath,$<)
else
+ifeq ($(SHLIBSIGN),)
cd $(OBJDIR) ; sh $(SRCDIR)/sign.sh $(call core_abspath,$(DIST)) \
$(call core_abspath,$(OBJDIR)) $(OS_TARGET) \
$(call core_abspath,$(NSPR_LIB_DIR)) $(call core_abspath,$<)
+else
+ cd $(OBJDIR) ; $(SHLIBSIGN) -v -i $(call core_abspath,$<)
+endif
endif
libs install :: $(CHECKLOC)

245
sdk_container/src/third_party/coreos-overlay/dev-libs/nss/files/nss-3.13-gentoo-fixup.patch vendored
View File

@ -1,245 +0,0 @@
diff -urN a/mozilla/security/nss/config/Makefile b/mozilla/security/nss/config/Makefile
--- a/mozilla/security/nss/config/Makefile 1969-12-31 18:00:00.000000000 -0600
+++ b/mozilla/security/nss/config/Makefile 2009-09-14 21:45:45.619639265 -0500
@@ -0,0 +1,40 @@
+CORE_DEPTH = ../..
+DEPTH = ../..
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+NSS_MAJOR_VERSION = `grep "NSS_VMAJOR" ../lib/nss/nss.h | awk '{print $$3}'`
+NSS_MINOR_VERSION = `grep "NSS_VMINOR" ../lib/nss/nss.h | awk '{print $$3}'`
+NSS_PATCH_VERSION = `grep "NSS_VPATCH" ../lib/nss/nss.h | awk '{print $$3}'`
+PREFIX = /usr
+
+all: export libs
+
+export:
+ # Create the nss.pc file
+ mkdir -p $(DIST)/lib/pkgconfig
+ sed -e "s,@prefix@,$(PREFIX)," \
+ -e "s,@exec_prefix@,\$${prefix}," \
+ -e "s,@libdir@,\$${prefix}/gentoo/nss," \
+ -e "s,@includedir@,\$${prefix}/include/nss," \
+ -e "s,@NSS_MAJOR_VERSION@,$(NSS_MAJOR_VERSION),g" \
+ -e "s,@NSS_MINOR_VERSION@,$(NSS_MINOR_VERSION)," \
+ -e "s,@NSS_PATCH_VERSION@,$(NSS_PATCH_VERSION)," \
+ nss.pc.in > nss.pc
+ chmod 0644 nss.pc
+ ln -sf ../../../../../security/nss/config/nss.pc $(DIST)/lib/pkgconfig
+
+ # Create the nss-config script
+ mkdir -p $(DIST)/bin
+ sed -e "s,@prefix@,$(PREFIX)," \
+ -e "s,@NSS_MAJOR_VERSION@,$(NSS_MAJOR_VERSION)," \
+ -e "s,@NSS_MINOR_VERSION@,$(NSS_MINOR_VERSION)," \
+ -e "s,@NSS_PATCH_VERSION@,$(NSS_PATCH_VERSION)," \
+ nss-config.in > nss-config
+ chmod 0755 nss-config
+ ln -sf ../../../../security/nss/config/nss-config $(DIST)/bin
+
+libs:
+
+dummy: all export libs
+
diff -urN a/mozilla/security/nss/config/nss-config.in b/mozilla/security/nss/config/nss-config.in
--- a/mozilla/security/nss/config/nss-config.in 1969-12-31 18:00:00.000000000 -0600
+++ b/mozilla/security/nss/config/nss-config.in 2009-09-14 21:47:45.190638078 -0500
@@ -0,0 +1,145 @@
+#!/bin/sh
+
+prefix=@prefix@
+
+major_version=@NSS_MAJOR_VERSION@
+minor_version=@NSS_MINOR_VERSION@
+patch_version=@NSS_PATCH_VERSION@
+
+usage()
+{
+ cat <<EOF
+Usage: nss-config [OPTIONS] [LIBRARIES]
+Options:
+ [--prefix[=DIR]]
+ [--exec-prefix[=DIR]]
+ [--includedir[=DIR]]
+ [--libdir[=DIR]]
+ [--version]
+ [--libs]
+ [--cflags]
+Dynamic Libraries:
+ nss
+ ssl
+ smime
+ nssutil
+EOF
+ exit $1
+}
+
+if test $# -eq 0; then
+ usage 1 1>&2
+fi
+
+lib_ssl=yes
+lib_smime=yes
+lib_nss=yes
+lib_nssutil=yes
+
+while test $# -gt 0; do
+ case "$1" in
+ -*=*) optarg=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'` ;;
+ *) optarg= ;;
+ esac
+
+ case $1 in
+ --prefix=*)
+ prefix=$optarg
+ ;;
+ --prefix)
+ echo_prefix=yes
+ ;;
+ --exec-prefix=*)
+ exec_prefix=$optarg
+ ;;
+ --exec-prefix)
+ echo_exec_prefix=yes
+ ;;
+ --includedir=*)
+ includedir=$optarg
+ ;;
+ --includedir)
+ echo_includedir=yes
+ ;;
+ --libdir=*)
+ libdir=$optarg
+ ;;
+ --libdir)
+ echo_libdir=yes
+ ;;
+ --version)
+ echo ${major_version}.${minor_version}.${patch_version}
+ ;;
+ --cflags)
+ echo_cflags=yes
+ ;;
+ --libs)
+ echo_libs=yes
+ ;;
+ ssl)
+ lib_ssl=yes
+ ;;
+ smime)
+ lib_smime=yes
+ ;;
+ nss)
+ lib_nss=yes
+ ;;
+ nssutil)
+ lib_nssutil=yes
+ ;;
+ *)
+ usage 1 1>&2
+ ;;
+ esac
+ shift
+done
+
+# Set variables that may be dependent upon other variables
+if test -z "$exec_prefix"; then
+ exec_prefix=`pkg-config --variable=exec_prefix nss`
+fi
+if test -z "$includedir"; then
+ includedir=`pkg-config --variable=includedir nss`
+fi
+if test -z "$libdir"; then
+ libdir=`pkg-config --variable=libdir nss`
+fi
+
+if test "$echo_prefix" = "yes"; then
+ echo $prefix
+fi
+
+if test "$echo_exec_prefix" = "yes"; then
+ echo $exec_prefix
+fi
+
+if test "$echo_includedir" = "yes"; then
+ echo $includedir
+fi
+
+if test "$echo_libdir" = "yes"; then
+ echo $libdir
+fi
+
+if test "$echo_cflags" = "yes"; then
+ echo -I$includedir
+fi
+
+if test "$echo_libs" = "yes"; then
+ libdirs="-Wl,-R$libdir -L$libdir"
+ if test -n "$lib_ssl"; then
+ libdirs="$libdirs -lssl${major_version}"
+ fi
+ if test -n "$lib_smime"; then
+ libdirs="$libdirs -lsmime${major_version}"
+ fi
+ if test -n "$lib_nss"; then
+ libdirs="$libdirs -lnss${major_version}"
+ fi
+ if test -n "$lib_nssutil"; then
+ libdirs="$libdirs -lnssutil${major_version}"
+ fi
+ echo $libdirs
+fi
+
diff -urN a/mozilla/security/nss/config/nss.pc.in b/mozilla/security/nss/config/nss.pc.in
--- a/mozilla/security/nss/config/nss.pc.in 1969-12-31 18:00:00.000000000 -0600
+++ b/mozilla/security/nss/config/nss.pc.in 2009-09-14 21:45:45.653637310 -0500
@@ -0,0 +1,12 @@
+prefix=@prefix@
+exec_prefix=@exec_prefix@
+libdir=@libdir@
+includedir=@includedir@
+
+Name: NSS
+Description: Network Security Services
+Version: @NSS_MAJOR_VERSION@.@NSS_MINOR_VERSION@.@NSS_PATCH_VERSION@
+Requires: nspr >= 4.8
+Libs: -L${libdir} -lssl3 -lsmime3 -lnssutil3 -lnss3
+Cflags: -I${includedir}
+
diff -urN a/mozilla/security/nss/Makefile b/mozilla/security/nss/Makefile
--- a/mozilla/security/nss/Makefile 2008-12-02 17:24:39.000000000 -0600
+++ b/mozilla/security/nss/Makefile 2009-09-14 21:45:45.678657145 -0500
@@ -78,7 +78,7 @@
# (7) Execute "local" rules. (OPTIONAL). #
#######################################################################
-nss_build_all: build_coreconf build_nspr build_dbm all
+nss_build_all: build_coreconf build_dbm all
nss_clean_all: clobber_coreconf clobber_nspr clobber_dbm clobber
@@ -140,12 +140,6 @@
--with-dist-prefix='$(NSPR_PREFIX)' \
--with-dist-includedir='$(NSPR_PREFIX)/include'
-build_nspr: $(NSPR_CONFIG_STATUS)
- cd $(CORE_DEPTH)/../nsprpub/$(OBJDIR_NAME) ; $(MAKE)
-
-clobber_nspr: $(NSPR_CONFIG_STATUS)
- cd $(CORE_DEPTH)/../nsprpub/$(OBJDIR_NAME) ; $(MAKE) clobber
-
build_dbm:
ifndef NSS_DISABLE_DBM
cd $(CORE_DEPTH)/dbm ; $(MAKE) export libs
diff -urN a/mozilla/security/nss/manifest.mn b/mozilla/security/nss/manifest.mn
--- a/mozilla/security/nss/manifest.mn 2008-04-04 15:36:59.000000000 -0500
+++ b/mozilla/security/nss/manifest.mn 2009-09-14 21:45:45.703656167 -0500
@@ -42,6 +42,6 @@
RELEASE = nss
-DIRS = lib cmd
+DIRS = lib cmd config

33
sdk_container/src/third_party/coreos-overlay/dev-libs/nss/files/nss-3.13.1-solaris-gcc.patch vendored
View File

@ -1,33 +0,0 @@
--- nss-3.13.1/mozilla/security/coreconf/SunOS5.mk
+++ nss-3.13.1/mozilla/security/coreconf/SunOS5.mk
@@ -37,6 +37,9 @@
include $(CORE_DEPTH)/coreconf/UNIX.mk
+NS_USE_GCC = 1
+GCC_USE_GNU_LD = 1
+
# Sun's WorkShop defines v8, v8plus and v9 architectures.
# gcc on Solaris defines v8 and v9 "cpus".
# gcc's v9 is equivalent to Workshop's v8plus.
@@ -95,7 +98,7 @@
endif
endif
-INCLUDES += -I/usr/dt/include -I/usr/openwin/include
+#INCLUDES += -I/usr/dt/include -I/usr/openwin/include
RANLIB = echo
CPU_ARCH = sparc
@@ -105,11 +108,6 @@
NOMD_OS_CFLAGS += $(DSO_CFLAGS) $(OS_DEFINES) $(SOL_CFLAGS)
MKSHLIB = $(CC) $(DSO_LDOPTS) $(RPATH)
-ifdef NS_USE_GCC
-ifeq (GNU,$(findstring GNU,$(shell `$(CC) -print-prog-name=ld` -v 2>&1)))
- GCC_USE_GNU_LD = 1
-endif
-endif
ifdef MAPFILE
ifdef NS_USE_GCC
ifdef GCC_USE_GNU_LD

68
sdk_container/src/third_party/coreos-overlay/dev-libs/nss/files/nss-3.13.5-x32.patch vendored
View File

@ -1,68 +0,0 @@
diff -8urN a/mozilla/security/coreconf/Linux.mk b/mozilla/security/coreconf/Linux.mk
--- a/mozilla/security/coreconf/Linux.mk 2012-06-22 07:55:45.228234872 -0500
+++ b/mozilla/security/coreconf/Linux.mk 2012-06-22 07:56:30.171231815 -0500
@@ -60,21 +60,28 @@
else
ifeq ($(OS_TEST),alpha)
OS_REL_CFLAGS = -D_ALPHA_
CPU_ARCH = alpha
else
ifeq ($(OS_TEST),x86_64)
ifeq ($(USE_64),1)
CPU_ARCH = x86_64
+ ARCHFLAG = -m64
+else
+ifeq ($(USE_x32),1)
+ OS_REL_CFLAGS = -Di386
+ CPU_ARCH = x86
+ ARCHFLAG = -mx32
else
OS_REL_CFLAGS = -Di386
CPU_ARCH = x86
ARCHFLAG = -m32
endif
+endif
else
ifeq ($(OS_TEST),sparc64)
CPU_ARCH = sparc
else
ifeq (,$(filter-out arm% sa110,$(OS_TEST)))
CPU_ARCH = arm
else
ifeq (,$(filter-out parisc%,$(OS_TEST)))
diff -8urN a/mozilla/security/nss/lib/freebl/Makefile b/mozilla/security/nss/lib/freebl/Makefile
--- a/mozilla/security/nss/lib/freebl/Makefile 2012-06-22 07:55:45.441234854 -0500
+++ b/mozilla/security/nss/lib/freebl/Makefile 2012-06-22 07:56:30.172231808 -0500
@@ -210,22 +210,26 @@
DEFINES += -DMP_CHAR_STORE_SLOW -DMP_IS_LITTLE_ENDIAN
# DEFINES += -DMPI_AMD64_ADD
# comment the next two lines to turn off intel HW accelleration
DEFINES += -DUSE_HW_AES
ASFILES += intel-aes.s
MPI_SRCS += mpi_amd64.c mp_comba.c
endif
ifeq ($(CPU_ARCH),x86)
- ASFILES = mpi_x86.s
- DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE
- DEFINES += -DMP_ASSEMBLY_DIV_2DX1D
- DEFINES += -DMP_CHAR_STORE_SLOW -DMP_IS_LITTLE_ENDIAN
- # The floating point ECC code doesn't work on Linux x86 (bug 311432).
- #ECL_USE_FP = 1
+ ifeq ($(USE_x32),1)
+ DEFINES += -DMP_CHAR_STORE_SLOW -DMP_IS_LITTLE_ENDIAN
+ else
+ ASFILES = mpi_x86.s
+ DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE
+ DEFINES += -DMP_ASSEMBLY_DIV_2DX1D
+ DEFINES += -DMP_CHAR_STORE_SLOW -DMP_IS_LITTLE_ENDIAN
+ # The floating point ECC code doesn't work on Linux x86 (bug 311432).
+ #ECL_USE_FP = 1
+ endif
endif
ifeq ($(CPU_ARCH),arm)
DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE
DEFINES += -DMP_USE_UINT_DIGIT
DEFINES += -DSHA_NO_LONG_LONG # avoid 64-bit arithmetic in SHA512
MPI_SRCS += mpi_arm.c
endif
endif # Linux

21
sdk_container/src/third_party/coreos-overlay/dev-libs/nss/files/nss-3.14-abort-on-failed-urandom-access.patch vendored
View File

@ -1,21 +0,0 @@
diff -aurN nss-3.14-urandom/mozilla/security/nss/lib/freebl/unix_rand.c nss-3.14/mozilla/security/nss/lib/freebl/unix_rand.c
--- nss-3.14-urandom/mozilla/security/nss/lib/freebl/unix_rand.c 2012-12-28 16:31:12.017070243 -0800
+++ nss-3.14/mozilla/security/nss/lib/freebl/unix_rand.c 2012-12-28 16:31:49.107466816 -0800
@@ -925,6 +925,17 @@
|| defined(HPUX)
if (bytes)
return;
+
+ /*
+ * Modified to abort the process on Chromium OS if it failed
+ * to read from /dev/urandom.
+ *
+ * See crosbug.com/29623 for details.
+ */
+ fprintf(stderr, "[ERROR:%s(%d)] NSS failed to read from /dev/urandom. "
+ "Abort process.\n", __FILE__, __LINE__);
+ fflush(stderr);
+ abort();
#endif
#ifdef SOLARIS

164
sdk_container/src/third_party/coreos-overlay/dev-libs/nss/files/nss-3.14-bugzilla-802429.patch vendored
View File

@ -1,164 +0,0 @@
diff -aurN nss-3.14-default-token/mozilla/security/nss/lib/pk11wrap/pk11cert.c nss-3.14/mozilla/security/nss/lib/pk11wrap/pk11cert.c
--- nss-3.14-default-token/mozilla/security/nss/lib/pk11wrap/pk11cert.c 2012-12-28 16:34:08.208954371 -0800
+++ nss-3.14/mozilla/security/nss/lib/pk11wrap/pk11cert.c 2012-12-28 16:36:17.610338570 -0800
@@ -2663,7 +2663,7 @@
nssCryptokiObject *instance = *ip;
PK11SlotInfo *slot = instance->token->pk11slot;
if (slot) {
- PK11_AddSlotToList(slotList, slot);
+ PK11_AddSlotToList(slotList, slot, PR_TRUE);
found = PR_TRUE;
}
}
diff -aurN nss-3.14-default-token/mozilla/security/nss/lib/pk11wrap/pk11priv.h nss-3.14/mozilla/security/nss/lib/pk11wrap/pk11priv.h
--- nss-3.14-default-token/mozilla/security/nss/lib/pk11wrap/pk11priv.h 2012-12-28 16:34:08.208954371 -0800
+++ nss-3.14/mozilla/security/nss/lib/pk11wrap/pk11priv.h 2012-12-28 16:36:17.610338570 -0800
@@ -28,7 +28,7 @@
PK11SlotList * PK11_NewSlotList(void);
PK11SlotList * PK11_GetPrivateKeyTokens(CK_MECHANISM_TYPE type,
PRBool needRW,void *wincx);
-SECStatus PK11_AddSlotToList(PK11SlotList *list,PK11SlotInfo *slot);
+SECStatus PK11_AddSlotToList(PK11SlotList *list,PK11SlotInfo *slot, PRBool sorted);
SECStatus PK11_DeleteSlotFromList(PK11SlotList *list,PK11SlotListElement *le);
PK11SlotListElement *PK11_FindSlotElement(PK11SlotList *list,
PK11SlotInfo *slot);
diff -aurN nss-3.14-default-token/mozilla/security/nss/lib/pk11wrap/pk11slot.c nss-3.14/mozilla/security/nss/lib/pk11wrap/pk11slot.c
--- nss-3.14-default-token/mozilla/security/nss/lib/pk11wrap/pk11slot.c 2012-12-28 16:34:08.208954371 -0800
+++ nss-3.14/mozilla/security/nss/lib/pk11wrap/pk11slot.c 2012-12-28 16:36:17.610338570 -0800
@@ -171,11 +171,16 @@
/*
* add a slot to a list
+ * "slot" is the slot to be added. Ownership is not transferred.
+ * "sorted" indicates whether or not the slot should be inserted according to
+ * cipherOrder of the associated module. PR_FALSE indicates that the slot
+ * should be inserted to the head of the list.
*/
SECStatus
-PK11_AddSlotToList(PK11SlotList *list,PK11SlotInfo *slot)
+PK11_AddSlotToList(PK11SlotList *list,PK11SlotInfo *slot, PRBool sorted)
{
PK11SlotListElement *le;
+ PK11SlotListElement *element;
le = (PK11SlotListElement *) PORT_Alloc(sizeof(PK11SlotListElement));
if (le == NULL) return SECFailure;
@@ -184,9 +189,23 @@
le->prev = NULL;
le->refCount = 1;
PZ_Lock(list->lock);
- if (list->head) list->head->prev = le; else list->tail = le;
- le->next = list->head;
- list->head = le;
+ element = list->head;
+ /* Insertion sort, with higher cipherOrders are sorted first in the list */
+ while (element && sorted && (element->slot->module->cipherOrder >
+ le->slot->module->cipherOrder)) {
+ element = element->next;
+ }
+ if (element) {
+ le->prev = element->prev;
+ element->prev = le;
+ le->next = element;
+ } else {
+ le->prev = list->tail;
+ le->next = NULL;
+ list->tail = le;
+ }
+ if (le->prev) le->prev->next = le;
+ if (list->head == element) list->head = le;
PZ_Unlock(list->lock);
return SECSuccess;
@@ -208,11 +227,12 @@
}
/*
- * Move a list to the end of the target list. NOTE: There is no locking
- * here... This assumes BOTH lists are private copy lists.
+ * Move a list to the end of the target list.
+ * NOTE: There is no locking here... This assumes BOTH lists are private copy
+ * lists. It also does not re-sort the target list.
*/
SECStatus
-PK11_MoveListToList(PK11SlotList *target,PK11SlotList *src)
+pk11_MoveListToList(PK11SlotList *target,PK11SlotList *src)
{
if (src->head == NULL) return SECSuccess;
@@ -511,7 +531,7 @@
((NULL == slotName) || (0 == *slotName)) &&
((NULL == tokenName) || (0 == *tokenName)) ) {
/* default to softoken */
- PK11_AddSlotToList(slotList, PK11_GetInternalKeySlot());
+ PK11_AddSlotToList(slotList, PK11_GetInternalKeySlot(), PR_TRUE);
return slotList;
}
@@ -539,7 +559,7 @@
( (!slotName) || (tmpSlot->slot_name &&
(0==PORT_Strcmp(tmpSlot->slot_name, slotName)))) ) {
if (tmpSlot) {
- PK11_AddSlotToList(slotList, tmpSlot);
+ PK11_AddSlotToList(slotList, tmpSlot, PR_TRUE);
slotcount++;
}
}
@@ -910,7 +930,7 @@
CK_MECHANISM_TYPE mechanism = PK11_DefaultArray[i].mechanism;
PK11SlotList *slotList = PK11_GetSlotList(mechanism);
- if (slotList) PK11_AddSlotToList(slotList,slot);
+ if (slotList) PK11_AddSlotToList(slotList,slot,PR_FALSE);
}
}
@@ -937,7 +957,7 @@
/* add this slot to the list */
if (slotList!=NULL)
- result = PK11_AddSlotToList(slotList, slot);
+ result = PK11_AddSlotToList(slotList, slot, PR_FALSE);
} else { /* trying to turn off */
@@ -1910,12 +1930,12 @@
|| PK11_DoesMechanism(slot, type)) {
if (pk11_LoginStillRequired(slot,wincx)) {
if (PK11_IsFriendly(slot)) {
- PK11_AddSlotToList(friendlyList, slot);
+ PK11_AddSlotToList(friendlyList, slot, PR_TRUE);
} else {
- PK11_AddSlotToList(loginList, slot);
+ PK11_AddSlotToList(loginList, slot, PR_TRUE);
}
} else {
- PK11_AddSlotToList(list, slot);
+ PK11_AddSlotToList(list, slot, PR_TRUE);
}
}
}
@@ -1923,9 +1943,9 @@
}
SECMOD_ReleaseReadLock(moduleLock);
- PK11_MoveListToList(list,friendlyList);
+ pk11_MoveListToList(list,friendlyList);
PK11_FreeSlotList(friendlyList);
- PK11_MoveListToList(list,loginList);
+ pk11_MoveListToList(list,loginList);
PK11_FreeSlotList(loginList);
return list;
diff -aurN nss-3.14-default-token/mozilla/security/nss/lib/util/utilpars.c nss-3.14/mozilla/security/nss/lib/util/utilpars.c
--- nss-3.14-default-token/mozilla/security/nss/lib/util/utilpars.c 2012-12-28 16:34:08.218954478 -0800
+++ nss-3.14/mozilla/security/nss/lib/util/utilpars.c 2012-12-28 16:36:08.190237792 -0800
@@ -543,6 +543,8 @@
NSSUTIL_ARG_ENTRY(FORTEZZA,SECMOD_FORTEZZA_FLAG),
NSSUTIL_ARG_ENTRY(RC5,SECMOD_RC5_FLAG),
NSSUTIL_ARG_ENTRY(SHA1,SECMOD_SHA1_FLAG),
+ NSSUTIL_ARG_ENTRY(SHA256,SECMOD_SHA256_FLAG),
+ NSSUTIL_ARG_ENTRY(SHA512,SECMOD_SHA512_FLAG),
NSSUTIL_ARG_ENTRY(MD5,SECMOD_MD5_FLAG),
NSSUTIL_ARG_ENTRY(MD2,SECMOD_MD2_FLAG),
NSSUTIL_ARG_ENTRY(SSL,SECMOD_SSL_FLAG),

95
sdk_container/src/third_party/coreos-overlay/dev-libs/nss/files/nss-3.14-chromeos-cert-nicknames.patch vendored
View File

@ -1,95 +0,0 @@
diff -aurN nss-3.14-prepared/mozilla/security/nss/lib/nss/nss.def nss-3.14/mozilla/security/nss/lib/nss/nss.def
--- nss-3.14-prepared/mozilla/security/nss/lib/nss/nss.def 2012-12-28 16:27:38.374784755 -0800
+++ nss-3.14/mozilla/security/nss/lib/nss/nss.def 2012-12-28 16:28:42.605473048 -0800
@@ -613,6 +613,7 @@
PK11_GetPQGParamsFromPrivateKey;
PK11_GetPrivateKeyNickname;
PK11_GetPublicKeyNickname;
+PK11_GetCertificateNickname;
PK11_GetSymKeyNickname;
PK11_ImportDERPrivateKeyInfoAndReturnKey;
PK11_ImportPrivateKeyInfoAndReturnKey;
@@ -624,6 +625,7 @@
PK11_ProtectedAuthenticationPath;
PK11_SetPrivateKeyNickname;
PK11_SetPublicKeyNickname;
+PK11_SetCertificateNickname;
PK11_SetSymKeyNickname;
SECKEY_DecodeDERSubjectPublicKeyInfo;
SECKEY_DestroyPublicKeyList;
diff -aurN nss-3.14-prepared/mozilla/security/nss/lib/pk11wrap/pk11akey.c nss-3.14/mozilla/security/nss/lib/pk11wrap/pk11akey.c
--- nss-3.14-prepared/mozilla/security/nss/lib/pk11wrap/pk11akey.c 2012-12-28 16:27:38.354784541 -0800
+++ nss-3.14/mozilla/security/nss/lib/pk11wrap/pk11akey.c 2012-12-28 16:28:42.605473048 -0800
@@ -1909,6 +1909,13 @@
return PK11_GetObjectNickname(pubKey->pkcs11Slot,pubKey->pkcs11ID);
}
+char *
+PK11_GetCertificateNickname(CERTCertificate *certificate)
+{
+ return PK11_GetObjectNickname(certificate->slot,
+ certificate->pkcs11ID);
+}
+
SECStatus
PK11_SetPrivateKeyNickname(SECKEYPrivateKey *privKey, const char *nickname)
{
@@ -1923,6 +1930,13 @@
pubKey->pkcs11ID,nickname);
}
+SECStatus
+PK11_SetCertificateNickname(CERTCertificate *certificate, const char *nickname)
+{
+ return PK11_SetObjectNickname(certificate->slot,
+ certificate->pkcs11ID,nickname);
+}
+
SECKEYPQGParams *
PK11_GetPQGParamsFromPrivateKey(SECKEYPrivateKey *privKey)
{
diff -aurN nss-3.14-prepared/mozilla/security/nss/lib/pk11wrap/pk11obj.c nss-3.14/mozilla/security/nss/lib/pk11wrap/pk11obj.c
--- nss-3.14-prepared/mozilla/security/nss/lib/pk11wrap/pk11obj.c 2012-12-28 16:27:38.354784541 -0800
+++ nss-3.14/mozilla/security/nss/lib/pk11wrap/pk11obj.c 2012-12-28 16:28:42.605473048 -0800
@@ -1410,7 +1410,10 @@
slot = ((PK11SymKey *)objSpec)->slot;
handle = ((PK11SymKey *)objSpec)->objectID;
break;
- case PK11_TypeCert: /* don't handle cert case for now */
+ case PK11_TypeCert:
+ slot = ((CERTCertificate *)objSpec)->slot;
+ handle = ((CERTCertificate *)objSpec)->pkcs11ID;
+ break;
default:
break;
}
@@ -1460,7 +1463,10 @@
slot = ((PK11SymKey *)objSpec)->slot;
handle = ((PK11SymKey *)objSpec)->objectID;
break;
- case PK11_TypeCert: /* don't handle cert case for now */
+ case PK11_TypeCert:
+ slot = ((CERTCertificate *)objSpec)->slot;
+ handle = ((CERTCertificate *)objSpec)->pkcs11ID;
+ break;
default:
break;
}
diff -aurN nss-3.14-prepared/mozilla/security/nss/lib/pk11wrap/pk11pub.h nss-3.14/mozilla/security/nss/lib/pk11wrap/pk11pub.h
--- nss-3.14-prepared/mozilla/security/nss/lib/pk11wrap/pk11pub.h 2012-12-28 16:27:38.354784541 -0800
+++ nss-3.14/mozilla/security/nss/lib/pk11wrap/pk11pub.h 2012-12-28 16:28:42.605473048 -0800
@@ -453,11 +453,14 @@
char * PK11_GetSymKeyNickname(PK11SymKey *symKey);
char * PK11_GetPrivateKeyNickname(SECKEYPrivateKey *privKey);
char * PK11_GetPublicKeyNickname(SECKEYPublicKey *pubKey);
+char * PK11_GetCertificateNickname(CERTCertificate *certificate);
SECStatus PK11_SetSymKeyNickname(PK11SymKey *symKey, const char *nickname);
SECStatus PK11_SetPrivateKeyNickname(SECKEYPrivateKey *privKey,
const char *nickname);
SECStatus PK11_SetPublicKeyNickname(SECKEYPublicKey *pubKey,
const char *nickname);
+SECStatus PK11_SetCertificateNickname(CERTCertificate *certificate,
+ const char *nickname);
/* size to hold key in bytes */
unsigned int PK11_GetKeyLength(PK11SymKey *key);

522
sdk_container/src/third_party/coreos-overlay/dev-libs/nss/files/nss-3.14-remove-turktrust-roots.patch vendored
View File

@ -1,522 +0,0 @@
diff -aur nss-3.14-orig/mozilla/security/nss/lib/ckfw/builtins/certdata.c nss-3.14/mozilla/security/nss/lib/ckfw/builtins/certdata.c
--- nss-3.14-orig/mozilla/security/nss/lib/ckfw/builtins/certdata.c 2013-01-25 15:59:27.409528628 -0800
+++ nss-3.14/mozilla/security/nss/lib/ckfw/builtins/certdata.c 2013-01-25 16:12:48.977974945 -0800
@@ -3,7 +3,7 @@
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile: certdata.c,v $ $Revision: 1.90 $ $Date: 2012/10/18 16:26:52 $""; @(#) $RCSfile: certdata.c,v $ $Revision: 1.90 $ $Date: 2012/10/18 16:26:52 $";
+static const char CVS_ID[] = "@(#) $RCSfile: certdata.txt,v $ $Revision: 1.86 $ $Date: 2012/10/18 16:26:52 $""; @(#) $RCSfile: certdata.perl,v $ $Revision: 1.15 $ $Date: 2012/07/04 15:21:49 $";
#endif /* DEBUG */
#ifndef BUILTINS_H
@@ -1097,10 +1097,10 @@
CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING, CKA_TRUST_STEP_UP_APPROVED
};
static const CK_ATTRIBUTE_TYPE nss_builtins_types_358 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
+ CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING, CKA_TRUST_STEP_UP_APPROVED
};
static const CK_ATTRIBUTE_TYPE nss_builtins_types_359 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING, CKA_TRUST_STEP_UP_APPROVED
+ CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING, CKA_TRUST_STEP_UP_APPROVED
};
#ifdef DEBUG
static const NSSItem nss_builtins_items_0 [] = {
@@ -1110,7 +1110,7 @@
{ (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
{ (void *)"CVS ID", (PRUint32)7 },
{ (void *)"NSS", (PRUint32)4 },
- { (void *)"@(#) $RCSfile: certdata.c,v $ $Revision: 1.90 $ $Date: 2012/10/18 16:26:52 $""; @(#) $RCSfile: certdata.c,v $ $Revision: 1.90 $ $Date: 2012/10/18 16:26:52 $", (PRUint32)160 }
+ { (void *)"@(#) $RCSfile: certdata.txt,v $ $Revision: 1.86 $ $Date: 2012/10/18 16:26:52 $""; @(#) $RCSfile: certdata.perl,v $ $Revision: 1.15 $ $Date: 2012/07/04 15:21:49 $", (PRUint32)160 }
};
#endif /* DEBUG */
static const NSSItem nss_builtins_items_1 [] = {
@@ -23630,147 +23630,6 @@
{ (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
{ (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
{ (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı", (PRUint32)55 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\277\061\077\060\075\006\003\125\004\003\014\066\124\303"
-"\234\122\113\124\122\125\123\124\040\105\154\145\153\164\162\157"
-"\156\151\153\040\123\145\162\164\151\146\151\153\141\040\110\151"
-"\172\155\145\164\040\123\141\304\237\154\141\171\304\261\143\304"
-"\261\163\304\261\061\013\060\011\006\003\125\004\006\023\002\124"
-"\122\061\017\060\015\006\003\125\004\007\014\006\101\156\153\141"
-"\162\141\061\136\060\134\006\003\125\004\012\014\125\124\303\234"
-"\122\113\124\122\125\123\124\040\102\151\154\147\151\040\304\260"
-"\154\145\164\151\305\237\151\155\040\166\145\040\102\151\154\151"
-"\305\237\151\155\040\107\303\274\166\145\156\154\151\304\237\151"
-"\040\110\151\172\155\145\164\154\145\162\151\040\101\056\305\236"
-"\056\040\050\143\051\040\101\162\141\154\304\261\153\040\062\060"
-"\060\067"
-, (PRUint32)194 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\277\061\077\060\075\006\003\125\004\003\014\066\124\303"
-"\234\122\113\124\122\125\123\124\040\105\154\145\153\164\162\157"
-"\156\151\153\040\123\145\162\164\151\146\151\153\141\040\110\151"
-"\172\155\145\164\040\123\141\304\237\154\141\171\304\261\143\304"
-"\261\163\304\261\061\013\060\011\006\003\125\004\006\023\002\124"
-"\122\061\017\060\015\006\003\125\004\007\014\006\101\156\153\141"
-"\162\141\061\136\060\134\006\003\125\004\012\014\125\124\303\234"
-"\122\113\124\122\125\123\124\040\102\151\154\147\151\040\304\260"
-"\154\145\164\151\305\237\151\155\040\166\145\040\102\151\154\151"
-"\305\237\151\155\040\107\303\274\166\145\156\154\151\304\237\151"
-"\040\110\151\172\155\145\164\154\145\162\151\040\101\056\305\236"
-"\056\040\050\143\051\040\101\162\141\154\304\261\153\040\062\060"
-"\060\067"
-, (PRUint32)194 },
- { (void *)"\002\001\001"
-, (PRUint32)3 },
- { (void *)"\060\202\004\075\060\202\003\045\240\003\002\001\002\002\001\001"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060"
-"\201\277\061\077\060\075\006\003\125\004\003\014\066\124\303\234"
-"\122\113\124\122\125\123\124\040\105\154\145\153\164\162\157\156"
-"\151\153\040\123\145\162\164\151\146\151\153\141\040\110\151\172"
-"\155\145\164\040\123\141\304\237\154\141\171\304\261\143\304\261"
-"\163\304\261\061\013\060\011\006\003\125\004\006\023\002\124\122"
-"\061\017\060\015\006\003\125\004\007\014\006\101\156\153\141\162"
-"\141\061\136\060\134\006\003\125\004\012\014\125\124\303\234\122"
-"\113\124\122\125\123\124\040\102\151\154\147\151\040\304\260\154"
-"\145\164\151\305\237\151\155\040\166\145\040\102\151\154\151\305"
-"\237\151\155\040\107\303\274\166\145\156\154\151\304\237\151\040"
-"\110\151\172\155\145\164\154\145\162\151\040\101\056\305\236\056"
-"\040\050\143\051\040\101\162\141\154\304\261\153\040\062\060\060"
-"\067\060\036\027\015\060\067\061\062\062\065\061\070\063\067\061"
-"\071\132\027\015\061\067\061\062\062\062\061\070\063\067\061\071"
-"\132\060\201\277\061\077\060\075\006\003\125\004\003\014\066\124"
-"\303\234\122\113\124\122\125\123\124\040\105\154\145\153\164\162"
-"\157\156\151\153\040\123\145\162\164\151\146\151\153\141\040\110"
-"\151\172\155\145\164\040\123\141\304\237\154\141\171\304\261\143"
-"\304\261\163\304\261\061\013\060\011\006\003\125\004\006\023\002"
-"\124\122\061\017\060\015\006\003\125\004\007\014\006\101\156\153"
-"\141\162\141\061\136\060\134\006\003\125\004\012\014\125\124\303"
-"\234\122\113\124\122\125\123\124\040\102\151\154\147\151\040\304"
-"\260\154\145\164\151\305\237\151\155\040\166\145\040\102\151\154"
-"\151\305\237\151\155\040\107\303\274\166\145\156\154\151\304\237"
-"\151\040\110\151\172\155\145\164\154\145\162\151\040\101\056\305"
-"\236\056\040\050\143\051\040\101\162\141\154\304\261\153\040\062"
-"\060\060\067\060\202\001\042\060\015\006\011\052\206\110\206\367"
-"\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002"
-"\202\001\001\000\253\267\076\012\214\310\245\130\025\346\212\357"
-"\047\075\112\264\350\045\323\315\063\302\040\334\031\356\210\077"
-"\115\142\360\335\023\167\217\141\251\052\265\324\362\271\061\130"
-"\051\073\057\077\152\234\157\163\166\045\356\064\040\200\356\352"
-"\267\360\304\012\315\053\206\224\311\343\140\261\104\122\262\132"
-"\051\264\221\227\203\330\267\246\024\057\051\111\242\363\005\006"
-"\373\264\117\332\241\154\232\146\237\360\103\011\312\352\162\217"
-"\353\000\327\065\071\327\126\027\107\027\060\364\276\277\077\302"
-"\150\257\066\100\301\251\364\251\247\350\020\153\010\212\367\206"
-"\036\334\232\052\025\006\366\243\360\364\340\307\024\324\121\177"
-"\317\264\333\155\257\107\226\027\233\167\161\330\247\161\235\044"
-"\014\366\224\077\205\061\022\117\272\356\116\202\270\271\076\217"
-"\043\067\136\314\242\252\165\367\030\157\011\323\256\247\124\050"
-"\064\373\341\340\073\140\175\240\276\171\211\206\310\237\055\371"
-"\012\113\304\120\242\347\375\171\026\307\172\013\030\317\316\114"
-"\357\175\326\007\157\230\361\257\261\301\172\327\201\065\270\252"
-"\027\264\340\313\002\003\001\000\001\243\102\060\100\060\035\006"
-"\003\125\035\016\004\026\004\024\051\305\220\253\045\257\021\344"
-"\141\277\243\377\210\141\221\346\016\376\234\201\060\016\006\003"
-"\125\035\017\001\001\377\004\004\003\002\001\006\060\017\006\003"
-"\125\035\023\001\001\377\004\005\060\003\001\001\377\060\015\006"
-"\011\052\206\110\206\367\015\001\001\005\005\000\003\202\001\001"
-"\000\020\015\332\370\072\354\050\321\024\225\202\261\022\054\121"
-"\172\101\045\066\114\237\354\077\037\204\235\145\124\134\250\026"
-"\002\100\372\156\032\067\204\357\162\235\206\012\125\235\126\050"
-"\254\146\054\320\072\126\223\064\007\045\255\010\260\217\310\017"
-"\011\131\312\235\230\034\345\124\370\271\105\177\152\227\157\210"
-"\150\115\112\006\046\067\210\002\016\266\306\326\162\231\316\153"
-"\167\332\142\061\244\126\037\256\137\215\167\332\135\366\210\374"
-"\032\331\236\265\201\360\062\270\343\210\320\234\363\152\240\271"
-"\233\024\131\065\066\117\317\363\216\136\135\027\255\025\225\330"
-"\335\262\325\025\156\000\116\263\113\317\146\224\344\340\315\265"
-"\005\332\143\127\213\345\263\252\333\300\056\034\220\104\333\032"
-"\135\030\244\356\276\004\133\231\325\161\137\125\145\144\142\325"
-"\242\233\004\131\206\310\142\167\347\174\202\105\152\075\027\277"
-"\354\235\165\014\256\243\157\132\323\057\230\066\364\360\365\031"
-"\253\021\135\310\246\343\052\130\152\102\011\303\275\222\046\146"
-"\062\015\135\010\125\164\377\214\230\320\012\246\204\152\321\071"
-"\175"
-, (PRUint32)1089 }
-};
-static const NSSItem nss_builtins_items_355 [] = {
- { (void *)&cko_nss_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı", (PRUint32)55 },
- { (void *)"\361\177\157\266\061\334\231\343\243\310\177\376\034\361\201\020"
-"\210\331\140\063"
-, (PRUint32)20 },
- { (void *)"\053\160\040\126\206\202\240\030\310\007\123\022\050\160\041\162"
-, (PRUint32)16 },
- { (void *)"\060\201\277\061\077\060\075\006\003\125\004\003\014\066\124\303"
-"\234\122\113\124\122\125\123\124\040\105\154\145\153\164\162\157"
-"\156\151\153\040\123\145\162\164\151\146\151\153\141\040\110\151"
-"\172\155\145\164\040\123\141\304\237\154\141\171\304\261\143\304"
-"\261\163\304\261\061\013\060\011\006\003\125\004\006\023\002\124"
-"\122\061\017\060\015\006\003\125\004\007\014\006\101\156\153\141"
-"\162\141\061\136\060\134\006\003\125\004\012\014\125\124\303\234"
-"\122\113\124\122\125\123\124\040\102\151\154\147\151\040\304\260"
-"\154\145\164\151\305\237\151\155\040\166\145\040\102\151\154\151"
-"\305\237\151\155\040\107\303\274\166\145\156\154\151\304\237\151"
-"\040\110\151\172\155\145\164\154\145\162\151\040\101\056\305\236"
-"\056\040\050\143\051\040\101\162\141\154\304\261\153\040\062\060"
-"\060\067"
-, (PRUint32)194 },
- { (void *)"\002\001\001"
-, (PRUint32)3 },
- { (void *)&ckt_nss_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_nss_must_verify_trust, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_nss_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
-};
-static const NSSItem nss_builtins_items_356 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
{ (void *)"T-TeleSec GlobalRoot Class 3", (PRUint32)29 },
{ (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
{ (void *)"\060\201\202\061\013\060\011\006\003\125\004\006\023\002\104\105"
@@ -23859,7 +23718,7 @@
"\116\223\303\244\124\024\133"
, (PRUint32)967 }
};
-static const NSSItem nss_builtins_items_357 [] = {
+static const NSSItem nss_builtins_items_355 [] = {
{ (void *)&cko_nss_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
{ (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
{ (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
@@ -23887,7 +23746,7 @@
{ (void *)&ckt_nss_must_verify_trust, (PRUint32)sizeof(CK_TRUST) },
{ (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
};
-static const NSSItem nss_builtins_items_358 [] = {
+static const NSSItem nss_builtins_items_356 [] = {
{ (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
{ (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
{ (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
@@ -23983,7 +23842,7 @@
"\307\314\165\301\226\305\235"
, (PRUint32)1031 }
};
-static const NSSItem nss_builtins_items_359 [] = {
+static const NSSItem nss_builtins_items_357 [] = {
{ (void *)&cko_nss_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
{ (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
{ (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
@@ -24011,6 +23870,56 @@
{ (void *)&ckt_nss_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
{ (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
};
+static const NSSItem nss_builtins_items_358 [] = {
+ { (void *)&cko_nss_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
+ { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
+ { (void *)"TURKTRUST Mis-issued Intermediate CA 1", (PRUint32)39 },
+ { (void *)"\060\201\254\061\075\060\073\006\003\125\004\003\014\064\124\303"
+"\234\122\113\124\122\125\123\124\040\105\154\145\153\164\162\157"
+"\156\151\153\040\123\165\156\165\143\165\040\123\145\162\164\151"
+"\146\151\153\141\163\304\261\040\110\151\172\155\145\164\154\145"
+"\162\151\061\013\060\011\006\003\125\004\006\023\002\124\122\061"
+"\136\060\134\006\003\125\004\012\014\125\124\303\234\122\113\124"
+"\122\125\123\124\040\102\151\154\147\151\040\304\260\154\145\164"
+"\151\305\237\151\155\040\166\145\040\102\151\154\151\305\237\151"
+"\155\040\107\303\274\166\145\156\154\151\304\237\151\040\110\151"
+"\172\155\145\164\154\145\162\151\040\101\056\305\236\056\040\050"
+"\143\051\040\113\141\163\304\261\155\040\040\062\060\060\065"
+, (PRUint32)175 },
+ { (void *)"\002\002\010\047"
+, (PRUint32)4 },
+ { (void *)&ckt_nss_not_trusted, (PRUint32)sizeof(CK_TRUST) },
+ { (void *)&ckt_nss_not_trusted, (PRUint32)sizeof(CK_TRUST) },
+ { (void *)&ckt_nss_not_trusted, (PRUint32)sizeof(CK_TRUST) },
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
+};
+static const NSSItem nss_builtins_items_359 [] = {
+ { (void *)&cko_nss_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
+ { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
+ { (void *)"TURKTRUST Mis-issued Intermediate CA 2", (PRUint32)39 },
+ { (void *)"\060\201\254\061\075\060\073\006\003\125\004\003\014\064\124\303"
+"\234\122\113\124\122\125\123\124\040\105\154\145\153\164\162\157"
+"\156\151\153\040\123\165\156\165\143\165\040\123\145\162\164\151"
+"\146\151\153\141\163\304\261\040\110\151\172\155\145\164\154\145"
+"\162\151\061\013\060\011\006\003\125\004\006\023\002\124\122\061"
+"\136\060\134\006\003\125\004\012\014\125\124\303\234\122\113\124"
+"\122\125\123\124\040\102\151\154\147\151\040\304\260\154\145\164"
+"\151\305\237\151\155\040\166\145\040\102\151\154\151\305\237\151"
+"\155\040\107\303\274\166\145\156\154\151\304\237\151\040\110\151"
+"\172\155\145\164\154\145\162\151\040\101\056\305\236\056\040\050"
+"\143\051\040\113\141\163\304\261\155\040\040\062\060\060\065"
+, (PRUint32)175 },
+ { (void *)"\002\002\010\144"
+, (PRUint32)4 },
+ { (void *)&ckt_nss_not_trusted, (PRUint32)sizeof(CK_TRUST) },
+ { (void *)&ckt_nss_not_trusted, (PRUint32)sizeof(CK_TRUST) },
+ { (void *)&ckt_nss_not_trusted, (PRUint32)sizeof(CK_TRUST) },
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
+};
builtinsInternalObject
nss_builtins_data[] = {
@@ -24375,7 +24284,7 @@
{ 11, nss_builtins_types_356, nss_builtins_items_356, {NULL} },
{ 13, nss_builtins_types_357, nss_builtins_items_357, {NULL} },
{ 11, nss_builtins_types_358, nss_builtins_items_358, {NULL} },
- { 13, nss_builtins_types_359, nss_builtins_items_359, {NULL} }
+ { 11, nss_builtins_types_359, nss_builtins_items_359, {NULL} }
};
const PRUint32
#ifdef DEBUG
diff -aur nss-3.14-orig/mozilla/security/nss/lib/ckfw/builtins/certdata.txt nss-3.14/mozilla/security/nss/lib/ckfw/builtins/certdata.txt
--- nss-3.14-orig/mozilla/security/nss/lib/ckfw/builtins/certdata.txt 2013-01-25 15:59:27.429528838 -0800
+++ nss-3.14/mozilla/security/nss/lib/ckfw/builtins/certdata.txt 2013-01-25 16:12:47.637960812 -0800
@@ -24424,171 +24424,6 @@
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
#
-# Certificate "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı"
-#
-# Issuer: O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A...,L=Ankara,C=TR,CN=T..RKTRUST Elektronik Sertifika Hizmet Sa..lay..c..s..
-# Serial Number: 1 (0x1)
-# Subject: O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A...,L=Ankara,C=TR,CN=T..RKTRUST Elektronik Sertifika Hizmet Sa..lay..c..s..
-# Not Valid Before: Tue Dec 25 18:37:19 2007
-# Not Valid After : Fri Dec 22 18:37:19 2017
-# Fingerprint (MD5): 2B:70:20:56:86:82:A0:18:C8:07:53:12:28:70:21:72
-# Fingerprint (SHA1): F1:7F:6F:B6:31:DC:99:E3:A3:C8:7F:FE:1C:F1:81:10:88:D9:60:33
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\277\061\077\060\075\006\003\125\004\003\014\066\124\303
-\234\122\113\124\122\125\123\124\040\105\154\145\153\164\162\157
-\156\151\153\040\123\145\162\164\151\146\151\153\141\040\110\151
-\172\155\145\164\040\123\141\304\237\154\141\171\304\261\143\304
-\261\163\304\261\061\013\060\011\006\003\125\004\006\023\002\124
-\122\061\017\060\015\006\003\125\004\007\014\006\101\156\153\141
-\162\141\061\136\060\134\006\003\125\004\012\014\125\124\303\234
-\122\113\124\122\125\123\124\040\102\151\154\147\151\040\304\260
-\154\145\164\151\305\237\151\155\040\166\145\040\102\151\154\151
-\305\237\151\155\040\107\303\274\166\145\156\154\151\304\237\151
-\040\110\151\172\155\145\164\154\145\162\151\040\101\056\305\236
-\056\040\050\143\051\040\101\162\141\154\304\261\153\040\062\060
-\060\067
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\277\061\077\060\075\006\003\125\004\003\014\066\124\303
-\234\122\113\124\122\125\123\124\040\105\154\145\153\164\162\157
-\156\151\153\040\123\145\162\164\151\146\151\153\141\040\110\151
-\172\155\145\164\040\123\141\304\237\154\141\171\304\261\143\304
-\261\163\304\261\061\013\060\011\006\003\125\004\006\023\002\124
-\122\061\017\060\015\006\003\125\004\007\014\006\101\156\153\141
-\162\141\061\136\060\134\006\003\125\004\012\014\125\124\303\234
-\122\113\124\122\125\123\124\040\102\151\154\147\151\040\304\260
-\154\145\164\151\305\237\151\155\040\166\145\040\102\151\154\151
-\305\237\151\155\040\107\303\274\166\145\156\154\151\304\237\151
-\040\110\151\172\155\145\164\154\145\162\151\040\101\056\305\236
-\056\040\050\143\051\040\101\162\141\154\304\261\153\040\062\060
-\060\067
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\075\060\202\003\045\240\003\002\001\002\002\001\001
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
-\201\277\061\077\060\075\006\003\125\004\003\014\066\124\303\234
-\122\113\124\122\125\123\124\040\105\154\145\153\164\162\157\156
-\151\153\040\123\145\162\164\151\146\151\153\141\040\110\151\172
-\155\145\164\040\123\141\304\237\154\141\171\304\261\143\304\261
-\163\304\261\061\013\060\011\006\003\125\004\006\023\002\124\122
-\061\017\060\015\006\003\125\004\007\014\006\101\156\153\141\162
-\141\061\136\060\134\006\003\125\004\012\014\125\124\303\234\122
-\113\124\122\125\123\124\040\102\151\154\147\151\040\304\260\154
-\145\164\151\305\237\151\155\040\166\145\040\102\151\154\151\305
-\237\151\155\040\107\303\274\166\145\156\154\151\304\237\151\040
-\110\151\172\155\145\164\154\145\162\151\040\101\056\305\236\056
-\040\050\143\051\040\101\162\141\154\304\261\153\040\062\060\060
-\067\060\036\027\015\060\067\061\062\062\065\061\070\063\067\061
-\071\132\027\015\061\067\061\062\062\062\061\070\063\067\061\071
-\132\060\201\277\061\077\060\075\006\003\125\004\003\014\066\124
-\303\234\122\113\124\122\125\123\124\040\105\154\145\153\164\162
-\157\156\151\153\040\123\145\162\164\151\146\151\153\141\040\110
-\151\172\155\145\164\040\123\141\304\237\154\141\171\304\261\143
-\304\261\163\304\261\061\013\060\011\006\003\125\004\006\023\002
-\124\122\061\017\060\015\006\003\125\004\007\014\006\101\156\153
-\141\162\141\061\136\060\134\006\003\125\004\012\014\125\124\303
-\234\122\113\124\122\125\123\124\040\102\151\154\147\151\040\304
-\260\154\145\164\151\305\237\151\155\040\166\145\040\102\151\154
-\151\305\237\151\155\040\107\303\274\166\145\156\154\151\304\237
-\151\040\110\151\172\155\145\164\154\145\162\151\040\101\056\305
-\236\056\040\050\143\051\040\101\162\141\154\304\261\153\040\062
-\060\060\067\060\202\001\042\060\015\006\011\052\206\110\206\367
-\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002
-\202\001\001\000\253\267\076\012\214\310\245\130\025\346\212\357
-\047\075\112\264\350\045\323\315\063\302\040\334\031\356\210\077
-\115\142\360\335\023\167\217\141\251\052\265\324\362\271\061\130
-\051\073\057\077\152\234\157\163\166\045\356\064\040\200\356\352
-\267\360\304\012\315\053\206\224\311\343\140\261\104\122\262\132
-\051\264\221\227\203\330\267\246\024\057\051\111\242\363\005\006
-\373\264\117\332\241\154\232\146\237\360\103\011\312\352\162\217
-\353\000\327\065\071\327\126\027\107\027\060\364\276\277\077\302
-\150\257\066\100\301\251\364\251\247\350\020\153\010\212\367\206
-\036\334\232\052\025\006\366\243\360\364\340\307\024\324\121\177
-\317\264\333\155\257\107\226\027\233\167\161\330\247\161\235\044
-\014\366\224\077\205\061\022\117\272\356\116\202\270\271\076\217
-\043\067\136\314\242\252\165\367\030\157\011\323\256\247\124\050
-\064\373\341\340\073\140\175\240\276\171\211\206\310\237\055\371
-\012\113\304\120\242\347\375\171\026\307\172\013\030\317\316\114
-\357\175\326\007\157\230\361\257\261\301\172\327\201\065\270\252
-\027\264\340\313\002\003\001\000\001\243\102\060\100\060\035\006
-\003\125\035\016\004\026\004\024\051\305\220\253\045\257\021\344
-\141\277\243\377\210\141\221\346\016\376\234\201\060\016\006\003
-\125\035\017\001\001\377\004\004\003\002\001\006\060\017\006\003
-\125\035\023\001\001\377\004\005\060\003\001\001\377\060\015\006
-\011\052\206\110\206\367\015\001\001\005\005\000\003\202\001\001
-\000\020\015\332\370\072\354\050\321\024\225\202\261\022\054\121
-\172\101\045\066\114\237\354\077\037\204\235\145\124\134\250\026
-\002\100\372\156\032\067\204\357\162\235\206\012\125\235\126\050
-\254\146\054\320\072\126\223\064\007\045\255\010\260\217\310\017
-\011\131\312\235\230\034\345\124\370\271\105\177\152\227\157\210
-\150\115\112\006\046\067\210\002\016\266\306\326\162\231\316\153
-\167\332\142\061\244\126\037\256\137\215\167\332\135\366\210\374
-\032\331\236\265\201\360\062\270\343\210\320\234\363\152\240\271
-\233\024\131\065\066\117\317\363\216\136\135\027\255\025\225\330
-\335\262\325\025\156\000\116\263\113\317\146\224\344\340\315\265
-\005\332\143\127\213\345\263\252\333\300\056\034\220\104\333\032
-\135\030\244\356\276\004\133\231\325\161\137\125\145\144\142\325
-\242\233\004\131\206\310\142\167\347\174\202\105\152\075\027\277
-\354\235\165\014\256\243\157\132\323\057\230\066\364\360\365\031
-\253\021\135\310\246\343\052\130\152\102\011\303\275\222\046\146
-\062\015\135\010\125\164\377\214\230\320\012\246\204\152\321\071
-\175
-END
-
-# Trust for "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı"
-# Issuer: O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A...,L=Ankara,C=TR,CN=T..RKTRUST Elektronik Sertifika Hizmet Sa..lay..c..s..
-# Serial Number: 1 (0x1)
-# Subject: O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A...,L=Ankara,C=TR,CN=T..RKTRUST Elektronik Sertifika Hizmet Sa..lay..c..s..
-# Not Valid Before: Tue Dec 25 18:37:19 2007
-# Not Valid After : Fri Dec 22 18:37:19 2017
-# Fingerprint (MD5): 2B:70:20:56:86:82:A0:18:C8:07:53:12:28:70:21:72
-# Fingerprint (SHA1): F1:7F:6F:B6:31:DC:99:E3:A3:C8:7F:FE:1C:F1:81:10:88:D9:60:33
-CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\361\177\157\266\061\334\231\343\243\310\177\376\034\361\201\020
-\210\331\140\063
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\053\160\040\126\206\202\240\030\310\007\123\022\050\160\041\162
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\277\061\077\060\075\006\003\125\004\003\014\066\124\303
-\234\122\113\124\122\125\123\124\040\105\154\145\153\164\162\157
-\156\151\153\040\123\145\162\164\151\146\151\153\141\040\110\151
-\172\155\145\164\040\123\141\304\237\154\141\171\304\261\143\304
-\261\163\304\261\061\013\060\011\006\003\125\004\006\023\002\124
-\122\061\017\060\015\006\003\125\004\007\014\006\101\156\153\141
-\162\141\061\136\060\134\006\003\125\004\012\014\125\124\303\234
-\122\113\124\122\125\123\124\040\102\151\154\147\151\040\304\260
-\154\145\164\151\305\237\151\155\040\166\145\040\102\151\154\151
-\305\237\151\155\040\107\303\274\166\145\156\154\151\304\237\151
-\040\110\151\172\155\145\164\154\145\162\151\040\101\056\305\236
-\056\040\050\143\051\040\101\162\141\154\304\261\153\040\062\060
-\060\067
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
-CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
-
-#
# Certificate "T-TeleSec GlobalRoot Class 3"
#
# Issuer: CN=T-TeleSec GlobalRoot Class 3,OU=T-Systems Trust Center,O=T-Systems Enterprise Services GmbH,C=DE
@@ -24880,3 +24715,71 @@
CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+# Explicitly Distrust "TURKTRUST Mis-issued Intermediate CA 1", Bug 825022
+# Issuer: O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A...,C=TR,CN=T..RKTRUST Elektronik Sunucu Sertifikas.. Hizmetleri
+# Serial Number: 2087 (0x827)
+# Subject: CN=*.EGO.GOV.TR,OU=EGO BILGI ISLEM,O=EGO,L=ANKARA,ST=ANKARA,C=TR
+# Not Valid Before: Mon Aug 08 07:07:51 2011
+# Not Valid After : Tue Jul 06 07:07:51 2021
+# Fingerprint (MD5): F8:F5:25:FF:0C:31:CF:85:E1:0C:86:17:C1:CE:1F:8E
+# Fingerprint (SHA1): C6:9F:28:C8:25:13:9E:65:A6:46:C4:34:AC:A5:A1:D2:00:29:5D:B1
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "TURKTRUST Mis-issued Intermediate CA 1"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\254\061\075\060\073\006\003\125\004\003\014\064\124\303
+\234\122\113\124\122\125\123\124\040\105\154\145\153\164\162\157
+\156\151\153\040\123\165\156\165\143\165\040\123\145\162\164\151
+\146\151\153\141\163\304\261\040\110\151\172\155\145\164\154\145
+\162\151\061\013\060\011\006\003\125\004\006\023\002\124\122\061
+\136\060\134\006\003\125\004\012\014\125\124\303\234\122\113\124
+\122\125\123\124\040\102\151\154\147\151\040\304\260\154\145\164
+\151\305\237\151\155\040\166\145\040\102\151\154\151\305\237\151
+\155\040\107\303\274\166\145\156\154\151\304\237\151\040\110\151
+\172\155\145\164\154\145\162\151\040\101\056\305\236\056\040\050
+\143\051\040\113\141\163\304\261\155\040\040\062\060\060\065
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\002\010\047
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+# Explicitly Distrust "TURKTRUST Mis-issued Intermediate CA 2", Bug 825022
+# Issuer: O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A...,C=TR,CN=T..RKTRUST Elektronik Sunucu Sertifikas.. Hizmetleri
+# Serial Number: 2148 (0x864)
+# Subject: E=ileti@kktcmerkezbankasi.org,CN=e-islem.kktcmerkezbankasi.org,O=KKTC Merkez Bankasi,L=Lefkosa,ST=Lefkosa,C=TR
+# Not Valid Before: Mon Aug 08 07:07:51 2011
+# Not Valid After : Thu Aug 05 07:07:51 2021
+# Fingerprint (MD5): BF:C3:EC:AD:0F:42:4F:B4:B5:38:DB:35:BF:AD:84:A2
+# Fingerprint (SHA1): F9:2B:E5:26:6C:C0:5D:B2:DC:0D:C3:F2:DC:74:E0:2D:EF:D9:49:CB
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "TURKTRUST Mis-issued Intermediate CA 2"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\254\061\075\060\073\006\003\125\004\003\014\064\124\303
+\234\122\113\124\122\125\123\124\040\105\154\145\153\164\162\157
+\156\151\153\040\123\165\156\165\143\165\040\123\145\162\164\151
+\146\151\153\141\163\304\261\040\110\151\172\155\145\164\154\145
+\162\151\061\013\060\011\006\003\125\004\006\023\002\124\122\061
+\136\060\134\006\003\125\004\012\014\125\124\303\234\122\113\124
+\122\125\123\124\040\102\151\154\147\151\040\304\260\154\145\164
+\151\305\237\151\155\040\166\145\040\102\151\154\151\305\237\151
+\155\040\107\303\274\166\145\156\154\151\304\237\151\040\110\151
+\172\155\145\164\154\145\162\151\040\101\056\305\236\056\040\050
+\143\051\040\113\141\163\304\261\155\040\040\062\060\060\065
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\002\010\144
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE

1
sdk_container/src/third_party/coreos-overlay/dev-libs/nss/nss-3.12.8-r9.ebuild vendored
View File

@ -1 +0,0 @@
nss-3.12.8.ebuild

223
sdk_container/src/third_party/coreos-overlay/dev-libs/nss/nss-3.12.8.ebuild vendored
View File

@ -1,223 +0,0 @@
# Copyright 1999-2010 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/dev-libs/nss/nss-3.12.8.ebuild,v 1.1 2010/09/30 11:58:39 anarchy Exp $
EAPI=3
inherit eutils flag-o-matic multilib toolchain-funcs
NSPR_VER="4.8.6"
RTM_NAME="NSS_${PV//./_}_RTM"
DESCRIPTION="Mozilla's Network Security Services library that implements PKI support"
HOMEPAGE="http://www.mozilla.org/projects/security/pki/nss/"
SRC_URI="ftp://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/${RTM_NAME}/src/${P}.tar.gz"
LICENSE="|| ( MPL-1.1 GPL-2 LGPL-2.1 )"
SLOT="0"
KEYWORDS="~alpha amd64 arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc x86 ~x86-fbsd ~amd64-linux ~x86-linux ~x86-macos ~sparc-solaris ~x64-solaris ~x86-solaris"
DEPEND="dev-util/pkgconfig"
RDEPEND=">=dev-libs/nspr-${NSPR_VER}
>=dev-db/sqlite-3.5
sys-libs/zlib"
src_prepare() {
# Custom changes for gentoo
epatch "${FILESDIR}/${PN}-3.12.5-gentoo-fixups.diff"
epatch "${FILESDIR}/${PN}-3.12.6-gentoo-fixup-warnings.patch"
epatch "${FILESDIR}"/${P}-shlibsign.patch
epatch "${FILESDIR}"/${P}-chromeos-root-certs.patch
epatch "${FILESDIR}"/${P}-remove-fortezza.patch
epatch "${FILESDIR}"/${P}-chromeos-cert-nicknames.patch
epatch "${FILESDIR}"/${P}-chromeos-mitm-root.patch
# See https://bugzilla.mozilla.org/show_bug.cgi?id=741481 for details.
epatch "${FILESDIR}"/${P}-cert-initlocks.patch
# See http://crosbug.com/29623 for details.
epatch "${FILESDIR}"/${P}-abort-on-failed-urandom-access.patch
# See https://bugzilla.mozilla.org/show_bug.cgi?id=802429 for details
epatch "${FILESDIR}"/${P}-bugzilla-802429.patch
cd "${S}"/mozilla/security/coreconf
# Explain that linux 3.0+ is just the same as 2.6.
ln -sf Linux2.6.mk Linux$(uname -r | cut -b1-3).mk
# hack nspr paths
echo 'INCLUDES += -I'"${EPREFIX}"'/usr/include/nspr -I$(DIST)/include/dbm' \
>> headers.mk || die "failed to append include"
# modify install path
sed -e 's:SOURCE_PREFIX = $(CORE_DEPTH)/\.\./dist:SOURCE_PREFIX = $(CORE_DEPTH)/dist:' \
-i source.mk
# Respect LDFLAGS
sed -i -e 's/\$(MKSHLIB) -o/\$(MKSHLIB) \$(LDFLAGS) -o/g' rules.mk
# Ensure we stay multilib aware
sed -i -e "s:gentoo\/nss:$(get_libdir):" "${S}"/mozilla/security/nss/config/Makefile || die "Failed to fix for multilib"
# Fix pkgconfig file for Prefix
sed -i -e "/^PREFIX =/s:= /usr:= ${EPREFIX}/usr:" \
"${S}"/mozilla/security/nss/config/Makefile
epatch "${FILESDIR}"/${PN}-3.12.4-solaris-gcc.patch # breaks non-gnu tools
# dirty hack
cd "${S}"/mozilla/security/nss
sed -i -e "/CRYPTOLIB/s:\$(SOFTOKEN_LIB_DIR):../freebl/\$(OBJDIR):" \
lib/ssl/config.mk || die
sed -i -e "/CRYPTOLIB/s:\$(SOFTOKEN_LIB_DIR):../../lib/freebl/\$(OBJDIR):" \
cmd/platlibs.mk || die
}
src_compile() {
strip-flags
echo > "${T}"/test.c
$(tc-getCC) ${CFLAGS} -c "${T}"/test.c -o "${T}"/test.o
case $(file "${T}"/test.o) in
*64-bit*|*ppc64*|*x86_64*) export USE_64=1;;
*32-bit*|*ppc*|*i386*) ;;
*) die "Failed to detect whether your arch is 64bits or 32bits, disable distcc if you're using it, please";;
esac
export NSPR_INCLUDE_DIR="${ROOT}"/usr/include/nspr
export NSPR_LIB_DIR="${ROOT}"/usr/lib
export BUILD_OPT=1
export NSS_USE_SYSTEM_SQLITE=1
export NSDISTMODE=copy
export NSS_ENABLE_ECC=1
export XCFLAGS="${CFLAGS}"
export FREEBL_NO_DEPEND=1
# Cross-compile Love
( filter-flags -m* ;
cd "${S}"/mozilla/security/coreconf &&
emake -j1 BUILD_OPT=1 XCFLAGS="${CFLAGS}" LDFLAGS= CC="$(tc-getBUILD_CC)" || die "coreconf make failed" )
cd "${S}"/mozilla/security/dbm
NSINSTALL=$(readlink -f $(find "${S}"/mozilla/security/coreconf -type f -name nsinstall))
emake -j1 BUILD_OPT=1 XCFLAGS="${CFLAGS}" CC="$(tc-getCC)" NSINSTALL="${NSINSTALL}" OS_TEST=${ARCH} || die "dbm make failed"
cd "${S}"/mozilla/security/nss
if tc-is-cross-compiler; then
SHLIBSIGN_ARG="SHLIBSIGN=/usr/bin/nssshlibsign"
fi
emake -j1 BUILD_OPT=1 XCFLAGS="${CFLAGS}" CC="$(tc-getCC)" NSINSTALL="${NSINSTALL}" OS_TEST=${ARCH} ${SHLIBSIGN_ARG} || die "nss make failed"
}
# Altering these 3 libraries breaks the CHK verification.
# All of the following cause it to break:
# - stripping
# - prelink
# - ELF signing
# http://www.mozilla.org/projects/security/pki/nss/tech-notes/tn6.html
# Either we have to NOT strip them, or we have to forcibly resign after
# stripping.
#local_libdir="$(get_libdir)"
#export STRIP_MASK="
# */${local_libdir}/libfreebl3.so*
# */${local_libdir}/libnssdbm3.so*
# */${local_libdir}/libsoftokn3.so*"
export NSS_CHK_SIGN_LIBS="freebl3 nssdbm3 softokn3"
generate_chk() {
local shlibsign="$1"
local libdir="$2"
einfo "Resigning core NSS libraries for FIPS validation"
shift 2
for i in ${NSS_CHK_SIGN_LIBS} ; do
local libname=lib${i}.so
local chkname=lib${i}.chk
"${shlibsign}" \
-i "${libdir}"/${libname} \
-o "${libdir}"/${chkname}.tmp \
&& mv -f \
"${libdir}"/${chkname}.tmp \
"${libdir}"/${chkname} \
|| die "Failed to sign ${libname}"
done
}
cleanup_chk() {
local libdir="$1"
shift 1
for i in ${NSS_CHK_SIGN_LIBS} ; do
local libfname="${libdir}/lib${i}.so"
# If the major version has changed, then we have old chk files.
[ ! -f "${libfname}" -a -f "${libfname}.chk" ] \
&& rm -f "${libfname}.chk"
done
}
src_install () {
MINOR_VERSION=12
cd "${S}"/mozilla/security/dist
dodir /usr/$(get_libdir)
cp -L */lib/*$(get_libname) "${ED}"/usr/$(get_libdir) || die "copying shared libs failed"
# We generate these after stripping the libraries, else they don't match.
#cp -L */lib/*.chk "${ED}"/usr/$(get_libdir) || die "copying chk files failed"
cp -L */lib/libcrmf.a "${ED}"/usr/$(get_libdir) || die "copying libs failed"
# Install nss-config and pkgconfig file
dodir /usr/bin
cp -L */bin/nss-config "${ED}"/usr/bin
dodir /usr/$(get_libdir)/pkgconfig
cp -L */lib/pkgconfig/nss.pc "${ED}"/usr/$(get_libdir)/pkgconfig
# all the include files
insinto /usr/include/nss
doins public/nss/*.h
cd "${ED}"/usr/$(get_libdir)
local n=
for file in *$(get_libname); do
n=${file%$(get_libname)}$(get_libname ${MINOR_VERSION})
mv ${file} ${n}
ln -s ${n} ${file}
if [[ ${CHOST} == *-darwin* ]]; then
install_name_tool -id "${EPREFIX}/usr/$(get_libdir)/${n}" ${n} || die
fi
done
local nssutils
if [ ! tc-is-cross-compiler ]; then
# Unless cross-compiling, enabled because we need it for chk generation.
nssutils="shlibsign"
fi
cd "${S}"/mozilla/security/dist/*/bin/
for f in $nssutils; do
# TODO(cmasone): switch to normal nss tool names
newbin ${f} nss${f}
done
# Prelink breaks the CHK files. We don't have any reliable way to run
# shlibsign after prelink.
declare -a libs
for l in ${NSS_CHK_SIGN_LIBS} ; do
libs+=("${EPREFIX}/usr/$(get_libdir)/lib${l}.so")
done
OLD_IFS="${IFS}" IFS=":" ; liblist="${libs[*]}" ; IFS="${OLD_IFS}"
echo -e "PRELINK_PATH_MASK=${liblist}" >"${T}/90nss"
unset libs liblist
doenvd "${T}/90nss"
}
pkg_postinst() {
elog "We have reverted back to using upstreams soname."
elog "Please run revdep-rebuild --library libnss3.so.12 , this"
elog "will correct most issues. If you find a binary that does"
elog "not run please re-emerge package to ensure it properly"
elog " links after upgrade."
elog
local tool_root
# We must re-sign the libraries AFTER they are stripped.
if [ ! tc-is-cross-compiler ]; then
tool_root = "${EROOT}"
fi
generate_chk "${tool_root}"/usr/bin/nssshlibsign "${EROOT}"/usr/$(get_libdir)
}
pkg_postrm() {
cleanup_chk "${EROOT}"/usr/$(get_libdir)
}

234
sdk_container/src/third_party/coreos-overlay/dev-libs/nss/nss-3.14.ebuild vendored
View File

@ -1,234 +0,0 @@
# Copyright 1999-2012 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/dev-libs/nss/nss-3.14.ebuild,v 1.8 2012/11/29 23:41:51 blueness Exp $
EAPI=3
inherit eutils flag-o-matic multilib toolchain-funcs
NSPR_VER="4.9.2"
RTM_NAME="NSS_${PV//./_}_RTM"
DESCRIPTION="Mozilla's Network Security Services library that implements PKI support"
HOMEPAGE="http://www.mozilla.org/projects/security/pki/nss/"
SRC_URI="ftp://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/${RTM_NAME}/src/${P}.tar.gz"
LICENSE="|| ( MPL-1.1 GPL-2 LGPL-2.1 )"
SLOT="0"
KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 ~sparc x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~x86-macos ~sparc-solaris ~x64-solaris ~x86-solaris"
DEPEND="virtual/pkgconfig
>=dev-libs/nspr-${NSPR_VER}"
RDEPEND=">=dev-libs/nspr-${NSPR_VER}
>=dev-db/sqlite-3.5
sys-libs/zlib
!<app-crypt/nss-${PV}"
src_setup() {
export LC_ALL="C"
}
src_prepare() {
# Custom changes for gentoo
epatch "${FILESDIR}/${PN}-3.13-gentoo-fixup.patch"
epatch "${FILESDIR}/${PN}-3.12.6-gentoo-fixup-warnings.patch"
epatch "${FILESDIR}/${PN}-3.13.5-x32.patch"
# Fix cross-compiling of NSS. This is an alternative to upstream's
# patch at https://bugs.gentoo.org/show_bug.cgi?id=436216
epatch "${FILESDIR}/${PN}-3.12.8-shlibsign.patch"
# Add a public API to set the certificate nickname (PKCS#11 CKA_LABEL
# attribute). See http://crosbug.com/19403 for details.
epatch "${FILESDIR}"/${PN}-3.14-chromeos-cert-nicknames.patch
# Abort the process if /dev/urandom cannot be opened (eg: when sandboxed)
# See http://crosbug.com/29623 for details.
epatch "${FILESDIR}"/${PN}-3.14-abort-on-failed-urandom-access.patch
# Don't default to the TPM for SHA-256. Fixed in NSS 3.14.1
# See https://bugzilla.mozilla.org/show_bug.cgi?id=802429 for details
epatch "${FILESDIR}"/${PN}-3.14-bugzilla-802429.patch
# Remove roots that were added between 3.14.1 and 3.14.2 due to misissuance
epatch "${FILESDIR}"/${PN}-3.14-remove-turktrust-roots.patch
cd "${S}"/mozilla/security/coreconf || die
# hack nspr paths
echo 'INCLUDES += -I'"${EPREFIX}"'/usr/include/nspr -I$(DIST)/include/dbm' \
>> headers.mk || die "failed to append include"
# modify install path
sed -e 's:SOURCE_PREFIX = $(CORE_DEPTH)/\.\./dist:SOURCE_PREFIX = $(CORE_DEPTH)/dist:' \
-i source.mk || die
# Respect LDFLAGS
sed -i -e 's/\$(MKSHLIB) -o/\$(MKSHLIB) \$(LDFLAGS) -o/g' rules.mk || die
# Ensure we stay multilib aware
sed -i -e "s:gentoo\/nss:$(get_libdir):" "${S}"/mozilla/security/nss/config/Makefile || die "Failed to fix for multilib"
# Fix pkgconfig file for Prefix
sed -i -e "/^PREFIX =/s:= /usr:= ${EPREFIX}/usr:" \
"${S}"/mozilla/security/nss/config/Makefile || die
epatch "${FILESDIR}/nss-3.13.1-solaris-gcc.patch"
# dirty hack
cd "${S}"/mozilla/security/nss || die
sed -i -e "/CRYPTOLIB/s:\$(SOFTOKEN_LIB_DIR):../freebl/\$(OBJDIR):" \
lib/ssl/config.mk || die
sed -i -e "/CRYPTOLIB/s:\$(SOFTOKEN_LIB_DIR):../../lib/freebl/\$(OBJDIR):" \
cmd/platlibs.mk || die
}
src_compile() {
strip-flags
echo > "${T}"/test.c || die
$(tc-getCC) ${CFLAGS} -c "${T}"/test.c -o "${T}"/test.o || die
case $(file "${T}"/test.o) in
*32-bit*x86-64*) export USE_x32=1;;
*64-bit*|*ppc64*|*x86_64*) export USE_64=1;;
*32-bit*|*ppc*|*i386*) ;;
*) die "Failed to detect whether your arch is 64bits or 32bits, disable distcc if you're using it, please";;
esac
export NSPR_INCLUDE_DIR="${ROOT}"/usr/include/nspr
export NSPR_LIB_DIR="${ROOT}"/usr/lib
export BUILD_OPT=1
export NSS_USE_SYSTEM_SQLITE=1
export NSDISTMODE=copy
export NSS_ENABLE_ECC=1
export XCFLAGS="${CFLAGS}"
export FREEBL_NO_DEPEND=1
export ASFLAGS=""
# Cross-compile Love
( filter-flags -m* ;
cd "${S}"/mozilla/security/coreconf &&
emake -j1 BUILD_OPT=1 XCFLAGS="${CFLAGS}" LDFLAGS= CC="$(tc-getBUILD_CC)" || die "coreconf make failed" )
cd "${S}"/mozilla/security/dbm
NSINSTALL=$(readlink -f $(find "${S}"/mozilla/security/coreconf -type f -name nsinstall))
emake -j1 BUILD_OPT=1 XCFLAGS="${CFLAGS}" CC="$(tc-getCC)" NSINSTALL="${NSINSTALL}" OS_TEST=${ARCH} || die "dbm make failed"
cd "${S}"/mozilla/security/nss
if tc-is-cross-compiler; then
SHLIBSIGN_ARG="SHLIBSIGN=/usr/bin/nssshlibsign"
fi
emake -j1 BUILD_OPT=1 XCFLAGS="${CFLAGS}" CC="$(tc-getCC)" NSINSTALL="${NSINSTALL}" OS_TEST=${ARCH} ${SHLIBSIGN_ARG} || die "nss make failed"
}
# Altering these 3 libraries breaks the CHK verification.
# All of the following cause it to break:
# - stripping
# - prelink
# - ELF signing
# http://www.mozilla.org/projects/security/pki/nss/tech-notes/tn6.html
# Either we have to NOT strip them, or we have to forcibly resign after
# stripping.
#local_libdir="$(get_libdir)"
#export STRIP_MASK="
# */${local_libdir}/libfreebl3.so*
# */${local_libdir}/libnssdbm3.so*
# */${local_libdir}/libsoftokn3.so*"
export NSS_CHK_SIGN_LIBS="freebl3 nssdbm3 softokn3"
generate_chk() {
local shlibsign="$1"
local libdir="$2"
einfo "Resigning core NSS libraries for FIPS validation"
shift 2
for i in ${NSS_CHK_SIGN_LIBS} ; do
local libname=lib${i}.so
local chkname=lib${i}.chk
"${shlibsign}" \
-i "${libdir}"/${libname} \
-o "${libdir}"/${chkname}.tmp \
&& mv -f \
"${libdir}"/${chkname}.tmp \
"${libdir}"/${chkname} \
|| die "Failed to sign ${libname}"
done
}
cleanup_chk() {
local libdir="$1"
shift 1
for i in ${NSS_CHK_SIGN_LIBS} ; do
local libfname="${libdir}/lib${i}.so"
# If the major version has changed, then we have old chk files.
[ ! -f "${libfname}" -a -f "${libfname}.chk" ] \
&& rm -f "${libfname}.chk"
done
}
src_install () {
MINOR_VERSION=12
cd "${S}"/mozilla/security/dist || die
dodir /usr/$(get_libdir) || die
cp -L */lib/*$(get_libname) "${ED}"/usr/$(get_libdir) || die "copying shared libs failed"
# We generate these after stripping the libraries, else they don't match.
#cp -L */lib/*.chk "${ED}"/usr/$(get_libdir) || die "copying chk files failed"
cp -L */lib/libcrmf.a "${ED}"/usr/$(get_libdir) || die "copying libs failed"
# Install nss-config and pkgconfig file
dodir /usr/bin || die
cp -L */bin/nss-config "${ED}"/usr/bin || die
dodir /usr/$(get_libdir)/pkgconfig || die
cp -L */lib/pkgconfig/nss.pc "${ED}"/usr/$(get_libdir)/pkgconfig || die
# all the include files
insinto /usr/include/nss
doins public/nss/*.h || die
cd "${ED}"/usr/$(get_libdir) || die
local n=
for file in *$(get_libname); do
n=${file%$(get_libname)}$(get_libname ${MINOR_VERSION})
mv ${file} ${n} || die
ln -s ${n} ${file} || die
if [[ ${CHOST} == *-darwin* ]]; then
install_name_tool -id "${EPREFIX}/usr/$(get_libdir)/${n}" ${n} || die
fi
done
local nssutils
# Always enabled because we need it for chk generation.
nssutils="shlibsign"
cd "${S}"/mozilla/security/dist/*/bin/ || die
for f in $nssutils; do
# TODO(cmasone): switch to normal nss tool names
newbin ${f} nss${f} || die
done
# Prelink breaks the CHK files. We don't have any reliable way to run
# shlibsign after prelink.
declare -a libs
for l in ${NSS_CHK_SIGN_LIBS} ; do
libs+=("${EPREFIX}/usr/$(get_libdir)/lib${l}.so")
done
OLD_IFS="${IFS}" IFS=":" ; liblist="${libs[*]}" ; IFS="${OLD_IFS}"
echo -e "PRELINK_PATH_MASK=${liblist}" >"${T}/90nss" || die
unset libs liblist
doenvd "${T}/90nss" || die
}
pkg_postinst() {
elog "We have reverted back to using upstreams soname."
elog "Please run revdep-rebuild --library libnss3.so.12 , this"
elog "will correct most issues. If you find a binary that does"
elog "not run please re-emerge package to ensure it properly"
elog " links after upgrade."
elog
local tool_root
# We must re-sign the libraries AFTER they are stripped.
if ! tc-is-cross-compiler; then
tool_root = "${EROOT}"
fi
generate_chk "${tool_root}"/usr/bin/nssshlibsign "${EROOT}"/usr/$(get_libdir)
}
pkg_postrm() {
cleanup_chk "${EROOT}"/usr/$(get_libdir)
}