diff options
author | marcus <marcus@FreeBSD.org> | 2005-07-31 08:06:49 +0800 |
---|---|---|
committer | marcus <marcus@FreeBSD.org> | 2005-07-31 08:06:49 +0800 |
commit | d13697c0d3934d42e3078160b65bb64b3a098721 (patch) | |
tree | d2382dff3a44812f93127aaecc98eadb00cfe675 /security/nss | |
parent | 33e8a33c7a25cb01b27be733cdbd1014649d7a2d (diff) | |
download | freebsd-ports-gnome-d13697c0d3934d42e3078160b65bb64b3a098721.tar.gz freebsd-ports-gnome-d13697c0d3934d42e3078160b65bb64b3a098721.tar.zst freebsd-ports-gnome-d13697c0d3934d42e3078160b65bb64b3a098721.zip |
* Update to 3.10 [1]
* Add a target for regression testing, and run that target automatically
when building on the package build cluster [1]
* Cleanup some portlint nits
Submitted by: mi [1]
Diffstat (limited to 'security/nss')
-rw-r--r-- | security/nss/Makefile | 42 | ||||
-rw-r--r-- | security/nss/distinfo | 4 | ||||
-rw-r--r-- | security/nss/files/patch-certutil.c | 72 | ||||
-rw-r--r-- | security/nss/files/patch-cmd::platlibs.mk | 56 | ||||
-rw-r--r-- | security/nss/files/patch-const | 46 | ||||
-rw-r--r-- | security/nss/files/patch-crlgen.c | 129 | ||||
-rw-r--r-- | security/nss/files/patch-sysdb | 222 | ||||
-rw-r--r-- | security/nss/files/patch-tests | 10 | ||||
-rw-r--r-- | security/nss/files/patch-warnings | 352 | ||||
-rw-r--r-- | security/nss/pkg-plist | 13 |
10 files changed, 916 insertions, 30 deletions
diff --git a/security/nss/Makefile b/security/nss/Makefile index 390bc9ad726b..453de81237e4 100644 --- a/security/nss/Makefile +++ b/security/nss/Makefile @@ -6,7 +6,7 @@ # PORTNAME= nss -PORTVERSION= 3.9.2 +PORTVERSION= 3.10 CATEGORIES= security MASTER_SITES= ${MASTER_SITE_MOZILLA} MASTER_SITE_SUBDIR= security/nss/releases/NSS_${PORTVERSION:S/./_/g}_RTM/src @@ -28,21 +28,45 @@ MAKE_ENV= BSD_LDOPTS="${PTHREAD_LIBS} -L${LOCALBASE}/lib" \ ALL_TARGET= nss_build_all CFLAGS+= -I${LOCALBASE}/include/nspr -DIST= ${WRKSRC}/../../dist - -CONFLICTS= btoa-5.* digest-* emboss-2.* oases-2.* p5-PAR-0.* \ - qmail-ldap2-* +DIST= ${WRKSRC:H:H}/dist +CONFLICTS= btoa-5.* digest-[0-9]* emboss-2.* oases-2.* p5-PAR-0.* \ + qmail-ldap2-[0-9]* .include <bsd.port.pre.mk> -.if ${ARCH} == "alpha" && ${OSVERSION} < 500035 -IGNORE= "core dumps on alpha during build" -.endif +EXTERNALS= CVS dbm security/nss/cmd/zlib +EXTRACT_AFTER_ARGS=| ${TAR} -xf - \ + ${EXTERNALS:C,^,--exclude ${DISTNAME}/mozilla/,} post-patch: @${REINPLACE_CMD} -e "s|-pthread|${PTHREAD_LIBS}|g" \ - ${WRKSRC}/../../security/coreconf/FreeBSD.mk + ${WRKSRC:H:H}/security/coreconf/FreeBSD.mk + +BINS=${DIST}/${OPSYS}${OSREL}_OPT.OBJ + +test: + cd ${WRKSRC}/tests; \ + ${SETENV} PATH="${BINS}/bin:${PATH}" \ + LD_LIBRARY_PATH="${BINS}/lib" \ + ./all.sh + @if ${GREP} -F '>Failed<' \ + ${WRKSRC:H:H}/tests_results/security/*/results.html; then \ + echo "Some tests have failed. Let ${MAINTAINER} know."; \ + exit 1; \ + else \ + echo "All tests succeeded. Good news."; \ + fi + +.if defined(PARALLEL_PACKAGE_BUILD) +post-build: test +.else +post-build: + # + # Please, consider running ``make test'' now and fixing any problems + # and/or reporting them to ${MAINTAINER} . Thanks! + # +.endif do-install: ${MKDIR} ${PREFIX}/include/nss diff --git a/security/nss/distinfo b/security/nss/distinfo index 4ffd79a7f95d..42311b0ed2e0 100644 --- a/security/nss/distinfo +++ b/security/nss/distinfo @@ -1,2 +1,2 @@ -MD5 (nss-3.9.2.tar.gz) = c10b5100510dab1e3c94b76a4d7b1f23 -SIZE (nss-3.9.2.tar.gz) = 4734817 +MD5 (nss-3.10.tar.gz) = bd58f762f1b352910901f11823e67b97 +SIZE (nss-3.10.tar.gz) = 3622612 diff --git a/security/nss/files/patch-certutil.c b/security/nss/files/patch-certutil.c new file mode 100644 index 000000000000..357ddaf78e79 --- /dev/null +++ b/security/nss/files/patch-certutil.c @@ -0,0 +1,72 @@ +--- cmd/certutil/certutil.c Fri Apr 22 22:12:00 2005 ++++ cmd/certutil/certutil.c Fri Jul 22 02:02:20 2005 +@@ -131,3 +131,3 @@ + fflush (stdout); +- if (gets (buffer) == NULL) { ++ if (fgets(buffer, sizeof buffer, stdin) == NULL) { + PORT_SetError(SEC_ERROR_INPUT_LEN); +@@ -206,3 +206,3 @@ + puts (prompt); +- gets (buffer); ++ fgets(buffer, sizeof buffer, stdin); + if (strlen (buffer) > 0) { +@@ -1424,3 +1424,3 @@ + fprintf(stdout, "%-25s Other to finish\n", ""); +- if (gets (buffer)) { ++ if (fgets(buffer, sizeof buffer, stdin)) { + value = atoi (buffer); +@@ -1439,3 +1439,3 @@ + puts ("Is this a critical extension [y/n]? "); +- gets (buffer); ++ fgets(buffer, sizeof buffer, stdin); + +@@ -1580,3 +1580,3 @@ + +- if (gets(buffer) == NULL) { ++ if (fgets(buffer, sizeof buffer, stdin) == NULL) { + PORT_SetError(SEC_ERROR_INPUT_LEN); +@@ -1621,3 +1621,3 @@ + puts ("Is this a critical extension [y/n]? "); +- gets (buffer); ++ fgets(buffer, sizeof buffer, stdin); + +@@ -1650,3 +1650,3 @@ + fprintf(stdout, "%-25s Other to finish\n", ""); +- if (gets (buffer) == NULL) { ++ if (fgets(buffer, sizeof buffer, stdin) == NULL) { + PORT_SetError(SEC_ERROR_INPUT_LEN); +@@ -1664,3 +1664,3 @@ + puts ("Is this a critical extension [y/n]? "); +- gets (buffer); ++ fgets(buffer, sizeof buffer, stdin); + +@@ -1769,3 +1769,3 @@ + puts ("Is this a CA certificate [y/n]?"); +- gets (buffer); ++ fgets(buffer, sizeof buffer, stdin); + basicConstraint.isCA = (buffer[0] == 'Y' || buffer[0] == 'y') ? +@@ -1774,3 +1774,3 @@ + puts ("Enter the path length constraint, enter to skip [<0 for unlimited path]:"); +- gets (buffer); ++ fgets(buffer, sizeof buffer, stdin); + if (PORT_Strlen (buffer) > 0) +@@ -1784,3 +1784,3 @@ + puts ("Is this a critical extension [y/n]? "); +- gets (buffer); ++ fgets(buffer, sizeof buffer, stdin); + rv = CERT_AddExtension +@@ -1908,3 +1908,3 @@ + puts ("Is this a critical extension [y/n]? "); +- gets (buffer); ++ fgets(buffer, sizeof buffer, stdin); + +@@ -1963,3 +1963,3 @@ + fflush (stdout); +- gets (buffer); ++ fgets(buffer, sizeof buffer, stdin); + /* For simplicity, use CERT_AsciiToName to converse from a string +@@ -2031,3 +2031,3 @@ + puts ("Is this a critical extension [y/n]? "); +- gets (buffer); ++ fgets(buffer, sizeof buffer, stdin); + diff --git a/security/nss/files/patch-cmd::platlibs.mk b/security/nss/files/patch-cmd::platlibs.mk index a448196741ae..73d609023faa 100644 --- a/security/nss/files/patch-cmd::platlibs.mk +++ b/security/nss/files/patch-cmd::platlibs.mk @@ -1,13 +1,51 @@ $FreeBSD$ ---- cmd/platlibs.mk 2002/08/08 18:13:37 1.1 -+++ cmd/platlibs.mk 2002/08/08 18:14:06 -@@ -186,6 +186,7 @@ - -L$(DIST)/lib/ \ - -lssl3 \ - -lsmime3 \ -+ -lsoftokn3 \ - -lnss3 \ - -lplc4 \ +--- cmd/platlibs.mk Wed Apr 6 17:35:41 2005 ++++ cmd/platlibs.mk Wed Jul 27 22:22:59 2005 +@@ -72,5 +72,4 @@ + $(DIST)/lib/$(LIB_PREFIX)nssdev.$(LIB_SUFFIX) \ + $(DIST)/lib/$(LIB_PREFIX)nssb.$(LIB_SUFFIX) \ +- $(DIST)/lib/$(LIB_PREFIX)dbm.$(LIB_SUFFIX) \ + $(DIST)/lib/$(NSPR31_LIB_PREFIX)plc4.$(LIB_SUFFIX) \ + $(DIST)/lib/$(NSPR31_LIB_PREFIX)plds4.$(LIB_SUFFIX) \ +@@ -85,5 +84,4 @@ + + JAR_LIBS = $(DIST)/lib/$(LIB_PREFIX)jar.$(LIB_SUFFIX) \ +- $(DIST)/lib/$(LIB_PREFIX)zlib.$(LIB_SUFFIX) \ + $(NULL) + else +@@ -120,5 +118,4 @@ + $(CRYPTOLIB) \ + $(DIST)/lib/$(LIB_PREFIX)secutil.$(LIB_SUFFIX) \ +- $(DIST)/lib/$(LIB_PREFIX)dbm.$(LIB_SUFFIX) \ + $(NULL) + +@@ -141,4 +138,5 @@ -lplds4 \ + -lnspr4 \ ++ -lz \ + $(NULL) + endif +@@ -146,5 +144,4 @@ + + JAR_LIBS = $(DIST)/lib/$(LIB_PREFIX)jar.$(LIB_SUFFIX) \ +- $(DIST)/lib/$(LIB_PREFIX)zlib.$(LIB_SUFFIX) \ + $(NULL) + +@@ -171,5 +168,4 @@ + + JAR_LIBS = $(DIST)/lib/$(LIB_PREFIX)jar.$(LIB_SUFFIX) \ +- $(DIST)/lib/$(LIB_PREFIX)zlib.$(LIB_SUFFIX) \ + $(NULL) + else +@@ -226,8 +222,8 @@ + -lplds4 \ + -lnspr4 \ ++ -lz \ + $(NULL) + + JAR_LIBS = $(DIST)/lib/$(LIB_PREFIX)jar.$(LIB_SUFFIX) \ +- $(DIST)/lib/$(LIB_PREFIX)zlib.$(LIB_SUFFIX) \ + $(NULL) + endif diff --git a/security/nss/files/patch-const b/security/nss/files/patch-const new file mode 100644 index 000000000000..de5fae9f6601 --- /dev/null +++ b/security/nss/files/patch-const @@ -0,0 +1,46 @@ +--- cmd/modutil/modutil.h Sun Apr 25 11:02:47 2004 ++++ cmd/modutil/modutil.h Fri Jul 22 17:35:20 2005 +@@ -53,6 +53,6 @@ + #include "error.h" + +-Error FipsMode(char *arg); +-Error ChkFipsMode(char *arg); ++Error FipsMode(const char *arg); ++Error ChkFipsMode(const char *arg); + Error AddModule(char *moduleName, char *libFile, char *ciphers, + char *mechanisms, char* modparms); +--- cmd/modutil/pk11.c Sun Apr 25 11:02:47 2004 ++++ cmd/modutil/pk11.c Fri Jul 22 17:36:48 2005 +@@ -53,5 +53,5 @@ + */ + Error +-FipsMode(char *arg) ++FipsMode(const char *arg) + { + char *internal_name; +@@ -62,14 +62,16 @@ + SECMOD_GetInternalModule()->commonName); + if(SECMOD_DeleteInternalModule(internal_name) != SECSuccess) { +- PR_fprintf(PR_STDERR, "%s\n", SECU_Strerror(PORT_GetError())); ++ PR_fprintf(PR_STDERR, "FipsMode(true): %s (%s)\n", SECU_Strerror(PORT_GetError()), internal_name); + PR_smprintf_free(internal_name); + PR_fprintf(PR_STDERR, errStrings[FIPS_SWITCH_FAILED_ERR]); + return FIPS_SWITCH_FAILED_ERR; + } +- PR_smprintf_free(internal_name); + if (!PK11_IsFIPS()) { ++ PR_fprintf(PR_STDERR, "FipsMode(true): in module %s", internal_name); ++ PR_smprintf_free(internal_name); + PR_fprintf(PR_STDERR, errStrings[FIPS_SWITCH_FAILED_ERR]); + return FIPS_SWITCH_FAILED_ERR; + } ++ PR_smprintf_free(internal_name); + PR_fprintf(PR_STDOUT, msgStrings[FIPS_ENABLED_MSG]); + } else { +@@ -112,5 +114,5 @@ + */ + Error +-ChkFipsMode(char *arg) ++ChkFipsMode(const char *arg) + { + if(!PORT_Strcasecmp(arg, "true")) { diff --git a/security/nss/files/patch-crlgen.c b/security/nss/files/patch-crlgen.c new file mode 100644 index 000000000000..119ea98e8465 --- /dev/null +++ b/security/nss/files/patch-crlgen.c @@ -0,0 +1,129 @@ +--- cmd/crlutil/crlgen.c Mon Apr 11 22:24:14 2005 ++++ cmd/crlutil/crlgen.c Fri Jul 29 01:50:48 2005 +@@ -53,46 +53,4 @@ + #include "crlgen.h" + +- +-/* these reroutines were taken from secitem.c, which is supposed to +- * replace this file some day */ +-/* +- * This is the hash function. We simply XOR the encoded form with +- * itself in sizeof(PLHashNumber)-byte chunks. Improving this +- * routine is left as an excercise for the more mathematically +- * inclined student. +- */ +-PLHashNumber PR_CALLBACK +-SECITEM_Hash ( const void *key) +-{ +- const SECItem *item = (const SECItem *)key; +- PLHashNumber rv = 0; +- +- PRUint8 *data = (PRUint8 *)item->data; +- PRUint32 i; +- PRUint8 *rvc = (PRUint8 *)&rv; +- +- for( i = 0; i < item->len; i++ ) { +- rvc[ i % sizeof(rv) ] ^= *data; +- data++; +- } +- +- return rv; +-} +- +-/* +- * This is the key-compare function. It simply does a lexical +- * comparison on the item data. This does not result in +- * quite the same ordering as the "sequence of numbers" order, +- * but heck it's only used internally by the hash table anyway. +- */ +-PRIntn PR_CALLBACK +-SECITEM_HashCompare ( const void *k1, const void *k2) +-{ +- const SECItem *i1 = (const SECItem *)k1; +- const SECItem *i2 = (const SECItem *)k2; +- +- return SECITEM_ItemsAreEqual(i1,i2); +-} +- + /* Destroys extHandle and data. data was create on heap. + * extHandle creaded by CERT_StartCRLEntryExtensions. entry +@@ -513,5 +471,5 @@ + PORT_SetError(SEC_ERROR_INVALID_ARGS); + crlgen_PrintError(crlGenData->parsedLineNum, +- "insufficient number of arguments.\n"); ++ "AddIssuerAltNames: insufficient number of arguments.\n"); + return SECFailure; + } +@@ -575,5 +533,5 @@ + PORT_SetError(SEC_ERROR_INVALID_ARGS); + crlgen_PrintError(crlGenData->parsedLineNum, +- "insufficient number of arguments.\n"); ++ "AddCrlNumber: insufficient number of arguments.\n"); + goto loser; + } +@@ -725,5 +683,5 @@ + PORT_SetError(SEC_ERROR_INVALID_ARGS); + crlgen_PrintError(crlGenData->parsedLineNum, +- "insufficient number of arguments.\n"); ++ "%s: insufficient number of arguments.\n", extName); + } + +@@ -923,5 +881,5 @@ + PORT_SetError(SEC_ERROR_INVALID_ARGS); + crlgen_PrintError(crlGenData->parsedLineNum, +- "insufficient number of arguments.\n"); ++ "SetNewRangeField: insufficient number of arguments.\n"); + return SECFailure; + } +@@ -988,5 +946,5 @@ + PORT_SetError(SEC_ERROR_INVALID_ARGS); + crlgen_PrintError(crlGenData->parsedLineNum, +- "insufficient number of arguments.\n"); ++ "SetTimeField: insufficient number of arguments.\n"); + return SECFailure; + } +@@ -1024,5 +982,5 @@ + PORT_SetError(SEC_ERROR_INVALID_ARGS); + crlgen_PrintError(crlGenData->parsedLineNum, +- "insufficient number of arguments.\n"); ++ "AddExtension: insufficient number of arguments.\n"); + return SECFailure; + } +@@ -1042,5 +1000,5 @@ + PORT_SetError(SEC_ERROR_INVALID_ARGS); + crlgen_PrintError(crlGenData->parsedLineNum, +- "insufficient number of arguments.\n"); ++ "AddExtension(%s) insufficient number of arguments.\n", *extData); + return SECFailure; + } +@@ -1078,5 +1036,5 @@ + PORT_SetError(SEC_ERROR_INVALID_ARGS); + crlgen_PrintError(crlGenData->parsedLineNum, +- "insufficient number of arguments.\n"); ++ "AddCert(%s, %s) insufficient number of arguments.\n", certId, revocationDate); + return SECFailure; + } +@@ -1362,12 +1362,12 @@ + } + + if (extStr->extData == NULL) { +- extStr->extData = PORT_ZAlloc(MAX_EXT_DATA_LENGTH); ++ extStr->extData = PORT_ZNewArray(char *, MAX_EXT_DATA_LENGTH); + if (!extStr->extData) { + return SECFailure; + } + } +- if (extStr->nextUpdatedData > MAX_EXT_DATA_LENGTH) { ++ if (extStr->nextUpdatedData >= MAX_EXT_DATA_LENGTH) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + crlgen_PrintError(crlGenData->parsedLineNum, + "number of fields in extension " +@@ -1415,7 +1415,7 @@ + PORT_Free(crlGenData->certEntry); + break; + case CRLGEN_ADD_EXTENSION_CONTEXT: +- if (crlGenData->extensionEntry->nextUpdatedData) { ++ if (crlGenData->extensionEntry->extData) { + int i = 0; + for (;i < crlGenData->extensionEntry->nextUpdatedData;i++) + PORT_Free(*(crlGenData->extensionEntry->extData + i)); diff --git a/security/nss/files/patch-sysdb b/security/nss/files/patch-sysdb new file mode 100644 index 000000000000..ec8d9acc7d7a --- /dev/null +++ b/security/nss/files/patch-sysdb @@ -0,0 +1,222 @@ +This patches NSS' code to use the Operating System's standard <db.h> header +and the db-implementation from -lc. Seems to work on FreeBSD. + + -mi + +--- lib/softoken/cdbhdl.h Sun Apr 25 11:03:16 2004 ++++ lib/softoken/cdbhdl.h Fri Jul 22 00:25:16 2005 +@@ -43,6 +43,6 @@ + #define _CDBHDL_H_ + +-#include "nspr.h" +-#include "mcom_db.h" ++#include <nspr.h> ++#include <db.h> + #include "pcertt.h" + +--- lib/softoken/dbinit.c Tue Mar 29 13:21:18 2005 ++++ lib/softoken/dbinit.c Fri Jul 22 00:33:35 2005 +@@ -40,4 +40,5 @@ + + #include <ctype.h> ++#include <fcntl.h> + #include "seccomon.h" + #include "prinit.h" +--- lib/softoken/dbmshim.c Tue Mar 29 13:21:18 2005 ++++ lib/softoken/dbmshim.c Fri Jul 22 00:35:33 2005 +@@ -40,5 +40,6 @@ + * $Id: dbmshim.c,v 1.11 2005/03/29 18:21:18 nelsonb%netscape.com Exp $ + */ +-#include "mcom_db.h" ++#include <db.h> ++#include <fcntl.h> + #include "secitem.h" + #include "secder.h" +--- lib/softoken/keydb.c Fri Jun 4 20:50:32 2004 ++++ lib/softoken/keydb.c Fri Jul 22 00:37:01 2005 +@@ -46,5 +46,6 @@ + #include "secitem.h" + #include "pcert.h" +-#include "mcom_db.h" ++#include <db.h> ++#include <fcntl.h> + #include "lowpbe.h" + #include "secerr.h" +--- lib/softoken/pcertdb.c Tue Mar 29 13:21:18 2005 ++++ lib/softoken/pcertdb.c Fri Jul 22 00:40:00 2005 +@@ -44,5 +44,6 @@ + #include "lowkeyti.h" + #include "pcert.h" +-#include "mcom_db.h" ++#include <db.h> ++#include <fcntl.h> + #include "pcert.h" + #include "secitem.h" +--- lib/softoken/pk11db.c Fri Apr 1 19:46:13 2005 ++++ lib/softoken/pk11db.c Fri Jul 22 00:42:01 2005 +@@ -42,5 +42,6 @@ + #include "pk11pars.h" + #include "pkcs11i.h" +-#include "mcom_db.h" ++#include <db.h> ++#include <fcntl.h> + #include "cdbhdl.h" + #include "secerr.h" +--- lib/softoken/keydbi.h Tue Apr 27 19:04:38 2004 ++++ lib/softoken/keydbi.h Fri Jul 22 00:43:24 2005 +@@ -42,7 +42,7 @@ + #define _KEYDBI_H_ + +-#include "nspr.h" ++#include <nspr.h> + #include "seccomon.h" +-#include "mcom_db.h" ++#include <db.h> + + /* +--- lib/softoken/config.mk Mon May 24 20:13:11 2004 ++++ lib/softoken/config.mk Fri Jul 22 00:55:20 2005 +@@ -47,5 +47,4 @@ + $(CRYPTOLIB) \ + $(DIST)/lib/$(LIB_PREFIX)secutil.$(LIB_SUFFIX) \ +- $(DIST)/lib/$(LIB_PREFIX)dbm.$(LIB_SUFFIX) \ + $(NULL) + +--- lib/certdb/certdb.c Sat Mar 5 03:03:03 2005 ++++ lib/certdb/certdb.c Fri Jul 22 01:02:11 2005 +@@ -53,5 +53,4 @@ + #include "keyhi.h" + #include "secitem.h" +-#include "mcom_db.h" + #include "certdb.h" + #include "prprf.h" +--- lib/certdb/genname.c Sun Apr 25 11:03:03 2004 ++++ lib/certdb/genname.c Fri Jul 22 01:02:59 2005 +@@ -39,5 +39,4 @@ + #include "secitem.h" + #include "secoidt.h" +-#include "mcom_db.h" + #include "secasn1.h" + #include "secder.h" +--- lib/certdb/stanpcertdb.c Thu Dec 2 16:34:15 2004 ++++ lib/certdb/stanpcertdb.c Fri Jul 22 01:03:19 2005 +@@ -38,5 +38,4 @@ + + #include "cert.h" +-#include "mcom_db.h" + #include "certdb.h" + #include "secitem.h" +--- lib/certdb/xauthkid.c Sun Apr 25 11:03:03 2004 ++++ lib/certdb/xauthkid.c Fri Jul 22 01:03:54 2005 +@@ -40,6 +40,5 @@ + */ + +-#include "prtypes.h" +-#include "mcom_db.h" ++#include <prtypes.h> + #include "seccomon.h" + #include "secdert.h" +--- lib/certdb/xbsconst.c Sun Apr 25 11:03:03 2004 ++++ lib/certdb/xbsconst.c Fri Jul 22 01:05:41 2005 +@@ -39,6 +39,6 @@ + */ + +-#include "prtypes.h" +-#include "mcom_db.h" ++#include <limits.h> /* LONG_MAX */ ++#include <prtypes.h> + #include "seccomon.h" + #include "secdert.h" +@@ -48,5 +48,5 @@ + #include "certt.h" + #include "secder.h" +-#include "prprf.h" ++#include <prprf.h> + #include "secerr.h" + +--- lib/certdb/xconst.c Tue Nov 9 01:13:32 2004 ++++ lib/certdb/xconst.c Fri Jul 22 01:06:20 2005 +@@ -39,6 +39,5 @@ + */ + +-#include "prtypes.h" +-#include "mcom_db.h" ++#include <prtypes.h> + #include "seccomon.h" + #include "secdert.h" +@@ -48,5 +47,5 @@ + #include "cert.h" + #include "secder.h" +-#include "prprf.h" ++#include <prprf.h> + #include "xconst.h" + #include "genname.h" +--- lib/ckfw/dbm/ckdbm.h Wed Jan 19 21:25:47 2005 ++++ lib/ckfw/dbm/ckdbm.h Fri Jul 22 01:06:58 2005 +@@ -57,5 +57,5 @@ + #endif /* CKT_H */ + +-#include "mcom_db.h" ++#include <db.h> + + NSS_EXTERN_DATA NSSCKMDInstance nss_dbm_mdInstance; +--- lib/fortcrypt/swfort/swfortti.h Sun Apr 25 11:03:07 2004 ++++ lib/fortcrypt/swfort/swfortti.h Fri Jul 22 01:07:34 2005 +@@ -45,5 +45,5 @@ + #include "maci.h" + #include "seccomon.h" +-#include "mcom_db.h" /* really should be included by certt.h */ ++#include <db.h> /* really should be included by certt.h */ + #include "certt.h" + /*#include "keyt.h"*/ +--- lib/freebl/mac_rand.c Sun Apr 25 11:03:08 2004 ++++ lib/freebl/mac_rand.c Fri Jul 22 01:08:19 2005 +@@ -40,5 +40,4 @@ + #endif + #include "secrng.h" +-#include "mcom_db.h" + #ifdef XP_MAC + #include <Events.h> +--- lib/pk11wrap/secmodi.h Mon Mar 28 15:45:37 2005 ++++ lib/pk11wrap/secmodi.h Fri Jul 22 01:08:47 2005 +@@ -42,5 +42,5 @@ + #include "pkcs11.h" + #include "nssilock.h" +-#include "mcom_db.h" ++#include <db.h> + #include "secoidt.h" + #include "secdert.h" +--- lib/fortcrypt/swfort/swflib.c Sun Apr 25 11:03:07 2004 ++++ lib/fortcrypt/swfort/swflib.c Fri Jul 22 01:11:20 2005 +@@ -43,6 +43,7 @@ + */ + +-#include "prtypes.h" +-#include "prio.h" ++#include <fcntl.h> ++#include <prtypes.h> ++#include <prio.h> + + #include "swforti.h" +--- lib/fortcrypt/swfort/swfutl.c Sun Apr 25 11:03:07 2004 ++++ lib/fortcrypt/swfort/swfutl.c Fri Jul 22 01:14:05 2005 +@@ -38,7 +38,7 @@ + */ + +-#include "prtypes.h" +-#include "prsystem.h" +-#include "prio.h" ++#include <prtypes.h> ++#include <prsystem.h> ++#include <prio.h> + + #include "swforti.h" +@@ -48,7 +48,6 @@ + #include "secport.h" + #include "secrng.h" +-#ifdef XP_OS2 ++#include <sys/types.h> + #include <sys/stat.h> +-#endif + + #ifdef XP_WIN diff --git a/security/nss/files/patch-tests b/security/nss/files/patch-tests new file mode 100644 index 000000000000..2ff07f35a788 --- /dev/null +++ b/security/nss/files/patch-tests @@ -0,0 +1,10 @@ +--- tests/common/init.sh Mon Apr 11 22:24:17 2005 ++++ tests/common/init.sh Fri Jul 22 16:55:36 2005 +@@ -197,5 +197,6 @@ + case $HOST in + *\.*) +- HOST=`echo $HOST | sed -e "s/\..*//"` ++ DOMSUF=${HOST#*.} # remove Smallest Prefix matching ``*.'' ++ HOST=${HOST%%.*} # remove Largest Suffix ``.*''. See sh(1) + ;; + ?*) diff --git a/security/nss/files/patch-warnings b/security/nss/files/patch-warnings new file mode 100644 index 000000000000..269fecdfb230 --- /dev/null +++ b/security/nss/files/patch-warnings @@ -0,0 +1,352 @@ +--- lib/freebl/unix_rand.c Wed Dec 8 18:00:19 2004 ++++ lib/freebl/unix_rand.c Mon Jul 25 00:26:00 2005 +@@ -783,7 +783,7 @@ + char *randfile; + #ifdef DARWIN +- char **environ = *_NSGetEnviron(); ++ const char * const *environ = *_NSGetEnviron(); + #else +- extern char **environ; ++ extern const char * const *environ; + #endif + #ifdef BEOS +--- lib/pk11wrap/pk11obj.c Sun Feb 27 10:25:46 2005 ++++ lib/pk11wrap/pk11obj.c Wed Jul 27 22:03:16 2005 +@@ -1075,6 +1075,6 @@ + * for (thisObj=firstObj; thisObj; + * thisObj=PK11_GetNextGenericObject(thisObj)) { +- * /* operate on thisObj */ +-/* } ++ * operate on thisObj ++ * } + * + * If you want a particular object from the list... +@@ -1084,6 +1084,6 @@ + * if (isMyObj(thisObj)) { + * if ( thisObj == firstObj) { +- * /* NOTE: firstObj could be NULL at this point */ +-/* firstObj = PK11_GetNextGenericObject(thsObj); ++ * // NOTE: firstObj could be NULL at this point ++ * firstObj = PK11_GetNextGenericObject(thsObj); + * } + * PK11_UnlinkGenericObject(thisObj); +@@ -1094,6 +1094,6 @@ + * PK11_DestroyGenericObjects(firstObj); + * +- * /* use myObj */ +-/* PK11_DestroyGenericObject(myObj); ++ * use myObj ++ * PK11_DestroyGenericObject(myObj); + */ + PK11GenericObject * +@@ -1130,5 +1130,5 @@ + + /* link it in */ +- if (firstObj == NULL) { ++ if (i == 0) { + firstObj = obj; + } else { +@@ -1248,5 +1248,5 @@ + CK_ATTRIBUTE_TYPE attrType, SECItem *item) + { +- PK11SlotInfo *slot = NULL; ++ PK11SlotInfo *slot; + CK_OBJECT_HANDLE handle; + +@@ -1270,7 +1270,4 @@ + case PK11_TypeCert: /* don't handle cert case for now */ + default: +- break; +- } +- if (slot == NULL) { + PORT_SetError(SEC_ERROR_UNKNOWN_OBJECT_TYPE); + return SECFailure; +--- lib/pk11wrap/pk11util.c Sat Apr 2 01:02:53 2005 ++++ lib/pk11wrap/pk11util.c Wed Jul 27 22:07:54 2005 +@@ -862,5 +862,5 @@ + int i, oldCount; + PRBool freeRef = PR_FALSE; +- void *mark; ++ void *mark = NULL; + CK_ULONG *slotIDs = NULL; + PK11SlotInfo **newSlots = NULL; +--- cmd/certcgi/certcgi.c Sat Apr 2 00:24:07 2005 ++++ cmd/certcgi/certcgi.c Wed Jul 27 22:01:50 2005 +@@ -112,5 +112,5 @@ + + static char * +-make_copy_string(char *read_pos, ++make_copy_string(const char *read_pos, + int length, + char sentinal_value) +@@ -122,5 +122,5 @@ + char *new; + +- new = write_pos = (char *) PORT_Alloc (length); ++ new = write_pos = PORT_Alloc (length); + if (new == NULL) { + error_allocate(); +@@ -145,5 +145,4 @@ + } + +- + static SECStatus + clean_input(Pair *data) +@@ -217,5 +216,5 @@ + + static char * +-make_name(char *new_data) ++make_name(const char *new_data) + /* gets the next field name in the input string and returns + a pointer to a string containing a copy of it */ +@@ -229,11 +228,10 @@ + + static char * +-make_data(char *new_data) ++make_data(const char *new_data) + /* gets the data for the next field in the input string + and returns a pointer to a string containing it */ + { + int length = 100; +- char *data; +- char *read_pos; ++ const char *read_pos; + + read_pos = new_data; +@@ -241,11 +239,10 @@ + ++read_pos; + } +- data = make_copy_string(read_pos, length, '&'); +- return data; ++ return make_copy_string(read_pos, length, '&'); + } + + + static Pair +-make_pair(char *new_data) ++make_pair(const char *new_data) + /* makes a pair name/data pair from the input string */ + { +@@ -298,77 +295,46 @@ + } + +-static char * +-return_name(Pair *data_struct, ++#ifdef FILEOUT /* The two functions below are only used for FILEOUT */ ++static const char * ++return_name(const Pair *data_struct, + int n) + /* returns a pointer to the name of the nth + (starting from 0) item in the data structure */ + { +- char *name; + +- if ((data_struct + n)->name != NULL) { +- name = (data_struct + n)->name; +- return name; +- } else { +- return NULL; +- } ++ return data_struct[n].name; + } + +-static char * +-return_data(Pair *data_struct,int n) ++static const char * ++return_data(const Pair *data_struct, int n) + /* returns a pointer to the data of the nth (starting from 0) + itme in the data structure */ + { +- char *data; + +- data = (data_struct + n)->data; +- return data; ++ return data_struct[n].data; + } +- +- +-static char * +-add_prefix(char *field_name) +-{ +- extern char prefix[PREFIX_LEN]; +- int i = 0; +- char *rv; +- char *write; +- +- rv = write = PORT_Alloc(PORT_Strlen(prefix) + PORT_Strlen(field_name) + 1); +- for(i = 0; i < PORT_Strlen(prefix); i++) { +- *write = prefix[i]; +- write++; +- } +- *write = '\0'; +- rv = PORT_Strcat(rv,field_name); +- return rv; +-} +- ++#endif + + static char * + find_field(Pair *data, +- char *field_name, ++ const char *field_name, + PRBool add_pre) + /* returns a pointer to the data of the first pair + thats name matches the string it is passed */ + { +- int i = 0; +- char *retrieved; +- int found = 0; +- +- if (add_pre) { +- field_name = add_prefix(field_name); +- } +- while(return_name(data, i) != NULL) { +- if (PORT_Strcmp(return_name(data, i), field_name) == 0) { +- retrieved = return_data(data, i); +- found = 1; +- break; +- } +- i++; +- } +- if (!found) { +- retrieved = NULL; ++ extern char prefix[PREFIX_LEN]; ++ size_t plen; ++ ++ plen = add_pre ? PORT_Strlen(prefix) : 0; ++ ++ for (; data->name != NULL; data++) { ++ /* See if the name begins with the prefix, if any */ ++ if (plen > 0 && PORT_Memcmp(data->name, prefix, plen) != 0) ++ continue; ++ if (PORT_Strcmp(data->name + plen, field_name) == 0) ++ return data->data; + } +- return retrieved; ++ ++ return NULL; + } + +@@ -389,79 +355,4 @@ + } + +-static char * +-update_data_by_name(Pair *data, +- char *field_name, +- char *new_data) +- /* replaces the data in the data structure associated with +- a name with new data, returns null if not found */ +-{ +- int i = 0; +- int found = 0; +- int length = 100; +- char *new; +- +- while (return_name(data, i) != NULL) { +- if (PORT_Strcmp(return_name(data, i), field_name) == 0) { +- new = make_copy_string( new_data, length, '\0'); +- PORT_Free(return_data(data, i)); +- found = 1; +- (*(data + i)).data = new; +- break; +- } +- i++; +- } +- if (!found) { +- new = NULL; +- } +- return new; +-} +- +-static char * +-update_data_by_index(Pair *data, +- int n, +- char *new_data) +- /* replaces the data of a particular index in the data structure */ +-{ +- int length = 100; +- char *new; +- +- new = make_copy_string(new_data, length, '\0'); +- PORT_Free(return_data(data, n)); +- (*(data + n)).data = new; +- return new; +-} +- +- +-static Pair * +-add_field(Pair *data, +- char* field_name, +- char* field_data) +- /* adds a new name/data pair to the data structure */ +-{ +- int i = 0; +- int j; +- int name_length = 100; +- int data_length = 100; +- +- while(return_name(data, i) != NULL) { +- i++; +- } +- j = START_FIELDS; +- while ( j < (i + 1) ) { +- j = j * 2; +- } +- if (j == (i + 1)) { +- data = (Pair *) PORT_Realloc(data, (j * 2) * sizeof(Pair)); +- if (data == NULL) { +- error_allocate(); +- } +- } +- (*(data + i)).name = make_copy_string(field_name, name_length, '\0'); +- (*(data + i)).data = make_copy_string(field_data, data_length, '\0'); +- (data + i + 1)->name = NULL; +- return data; +-} +- +- + static CERTCertificateRequest * + makeCertReq(Pair *form_data, +@@ -620,10 +511,10 @@ + serialFile = fopen(filename, "r"); + if (serialFile != NULL) { +- fread(&serial, sizeof(int), 1, serialFile); ++ fread(&serial, sizeof(serial), 1, serialFile); + if (ferror(serialFile) != 0) { + error_out("Error: Unable to read serial number file"); + } +- if (serial == 4294967295) { +- serial = 21; ++ if (serial == 4294967295U) { ++ serial = 21U; + } + fclose(serialFile); +@@ -633,5 +524,5 @@ + error_out("ERROR: Unable to open serial number file for writing"); + } +- fwrite(&serial, sizeof(int), 1, serialFile); ++ fwrite(&serial, sizeof(serial), 1, serialFile); + if (ferror(serialFile) != 0) { + error_out("Error: Unable to write to serial number file"); +@@ -643,6 +534,6 @@ + error_out("ERROR: Unable to open serial number file"); + } +- serial = 21; +- fwrite(&serial, sizeof(int), 1, serialFile); ++ serial = 21U; ++ fwrite(&serial, sizeof(serial), 1, serialFile); + if (ferror(serialFile) != 0) { + error_out("Error: Unable to write to serial number file"); +@@ -672,6 +563,4 @@ + return serial; + } +- +- + + typedef SECStatus (* EXTEN_VALUE_ENCODER) +@@ -1396,5 +1285,4 @@ + int j = 0; + SECItem *ipaddress; +- + + while (*string == ' ') { diff --git a/security/nss/pkg-plist b/security/nss/pkg-plist index ba559250fabe..82d820690ed9 100644 --- a/security/nss/pkg-plist +++ b/security/nss/pkg-plist @@ -1,4 +1,5 @@ bin/atob +bin/addbuiltin bin/bltest bin/btoa bin/certcgi @@ -36,11 +37,6 @@ bin/symkeyutil bin/tstclnt bin/vfychain bin/vfyserv -include/nss/dbm/cdefs.h -include/nss/dbm/mcom_db.h -include/nss/dbm/ncompat.h -include/nss/dbm/nsres.h -include/nss/dbm/winfile.h include/nss/nss/base64.h include/nss/nss/blapit.h include/nss/nss/cert.h @@ -92,6 +88,8 @@ include/nss/nss/p12plcy.h include/nss/nss/p12t.h include/nss/nss/pk11func.h include/nss/nss/pk11pqg.h +include/nss/nss/pk11priv.h +include/nss/nss/pk11pub.h include/nss/nss/pk11sdr.h include/nss/nss/pkcs11.h include/nss/nss/pkcs11f.h @@ -131,9 +129,6 @@ include/nss/nss/sslt.h include/nss/nss/swfort.h include/nss/nss/swfortt.h include/nss/nss/watcomfx.h -include/nss/seccmd/secutil.h -include/nss/seccmd/zconf.h -include/nss/seccmd/zlib.h lib/libfort.so lib/libfort.so.1 lib/libnss3.so @@ -148,7 +143,5 @@ lib/libssl3.so lib/libssl3.so.1 lib/libswft.so lib/libswft.so.1 -@dirrm include/nss/seccmd @dirrm include/nss/nss -@dirrm include/nss/dbm @dirrm include/nss |