rpms/nss/devel nss-create-obj.patch, NONE, 1.1 nss-enable-pem.patch, NONE, 1.1 .cvsignore, 1.10, 1.11 nss.spec, 1.26, 1.27 sources, 1.10, 1.11

Kai Engert (kengert) fedora-extras-commits at redhat.com
Wed Sep 5 20:01:16 UTC 2007 

Author: kengert

Update of /cvs/extras/rpms/nss/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv10763

Modified Files:
	.cvsignore nss.spec sources 
Added Files:
	nss-create-obj.patch nss-enable-pem.patch 
Log Message:
* Wed Sep 05 2007 Bob Relyea <rrelyea at redhat.com> - 3.11.7-7
- Add 3.12 ckfw and libnsspem


nss-create-obj.patch:

--- NEW FILE nss-create-obj.patch ---
Index: mozilla/security/nss/lib/nss/nss.def
===================================================================
RCS file: /cvsroot/mozilla/security/nss/lib/nss/nss.def,v
retrieving revision 1.158.2.7
diff -u -r1.158.2.7 nss.def
--- mozilla/security/nss/lib/nss/nss.def     25 Apr 2007 23:26:53 -0000      1.158.2.7
+++ mozilla/security/nss/lib/nss/nss.def     31 Aug 2007 18:54:54 -0000
@@ -899,3 +899,10 @@
 ;+    local:
 ;+       *;
 ;+};
+;+NSS_3.12 {
+;+    global:
+PK11_CreateGenericObject;
+PK11_WriteRawAttribute;
+;+    local:
+;+       *;
+;+};
Index: mozilla/security/nss/lib/pk11wrap/pk11obj.c
===================================================================
RCS file: /cvsroot/mozilla/security/nss/lib/pk11wrap/pk11obj.c,v
retrieving revision 1.11.2.3
diff -u -r1.11.2.3 pk11obj.c
--- mozilla/security/nss/lib/pk11wrap/pk11obj.c	5 Jan 2007 09:44:05 -0000	1.11.2.3
+++ mozilla/security/nss/lib/pk11wrap/pk11obj.c	9 May 2007 20:58:17 -0000
@@ -388,7 +388,7 @@
 
 SECStatus
 PK11_CreateNewObject(PK11SlotInfo *slot, CK_SESSION_HANDLE session,
-				CK_ATTRIBUTE *theTemplate, int count, 
+				const CK_ATTRIBUTE *theTemplate, int count, 
 				PRBool token, CK_OBJECT_HANDLE *objectID)
 {
 	CK_SESSION_HANDLE rwsession;
@@ -1306,7 +1306,7 @@
 	PK11_DestroyGenericObject(objects);
     }
     /* delete all the objects before it in the list */
-    for (objects = prevObject; objects;  objects = nextObject) {
+    for (objects = prevObject; objects;  objects = prevObject) {
 	prevObject = objects->prev;
 	PK11_DestroyGenericObject(objects);
     }
@@ -1314,6 +1314,96 @@
 }
 
 
+/*
+ * Hand Create a new object and return the Generic object for our new object.
+ */
+PK11GenericObject *
+PK11_CreateGenericObject(PK11SlotInfo *slot, const CK_ATTRIBUTE *template,
+		int count,  PRBool token)
+{
+    CK_OBJECT_HANDLE objectID;
+    PK11GenericObject *obj;
+    CK_RV crv;
+
+    PK11_EnterSlotMonitor(slot);
+    crv = PK11_CreateNewObject(slot, slot->session, template, count, 
+			       token, &objectID);
+    PK11_ExitSlotMonitor(slot);
+    if (crv != CKR_OK) {
+	PORT_SetError(PK11_MapError(crv));
+	return NULL;
+    }
+
+    obj = PORT_New(PK11GenericObject);
+    if ( !obj ) {
+	/* error set by PORT_New */
+	return NULL;
+    }
+
+    /* initialize it */	
+    obj->slot = PK11_ReferenceSlot(slot);
+    obj->objectID = objectID;
+    obj->next = NULL;
+    obj->prev = NULL;
+    return obj;
+}
+
+/*
+ * Change an attribute on a raw object
+ */
+SECStatus
+PK11_WriteRawAttribute(PK11ObjectType objType, void *objSpec, 
+				CK_ATTRIBUTE_TYPE attrType, SECItem *item)
+{
+    PK11SlotInfo *slot = NULL;
+    CK_OBJECT_HANDLE handle;
+    CK_ATTRIBUTE setTemplate;
+    CK_RV crv;
+    CK_SESSION_HANDLE rwsession;
+
+    switch (objType) {
+    case PK11_TypeGeneric:
+	slot = ((PK11GenericObject *)objSpec)->slot;
+	handle = ((PK11GenericObject *)objSpec)->objectID;
+	break;
+    case PK11_TypePrivKey:
+	slot = ((SECKEYPrivateKey *)objSpec)->pkcs11Slot;
+	handle = ((SECKEYPrivateKey *)objSpec)->pkcs11ID;
+	break;
+    case PK11_TypePubKey:
+	slot = ((SECKEYPublicKey *)objSpec)->pkcs11Slot;
+	handle = ((SECKEYPublicKey *)objSpec)->pkcs11ID;
+	break;
+    case PK11_TypeSymKey:
+	slot = ((PK11SymKey *)objSpec)->slot;
+	handle = ((PK11SymKey *)objSpec)->objectID;
+	break;
+    case PK11_TypeCert: /* don't handle cert case for now */
+    default:
+	break;
+    }
+    if (slot == NULL) {
+	PORT_SetError(SEC_ERROR_UNKNOWN_OBJECT_TYPE);
+	return SECFailure;
+    }
+
+    PK11_SETATTRS(&setTemplate, attrType, (CK_CHAR *) item->data, item->len);
+    rwsession = PK11_GetRWSession(slot);
+    if (rwsession == CK_INVALID_SESSION) {
+    	PORT_SetError(SEC_ERROR_BAD_DATA);
+    	return SECFailure;
+    }
+    crv = PK11_GETTAB(slot)->C_SetAttributeValue(rwsession, handle,
+			&setTemplate, 1);
+    PK11_RestoreROSession(slot, rwsession);
+    if (crv != CKR_OK) {
+	PORT_SetError(PK11_MapError(crv));
+	return SECFailure;
+    }
+    return SECSuccess;
+}
+
+
 SECStatus
 PK11_ReadRawAttribute(PK11ObjectType objType, void *objSpec, 
 				CK_ATTRIBUTE_TYPE attrType, SECItem *item)
Index: mozilla/security/nss/lib/pk11wrap/pk11pub.h
===================================================================
RCS file: /cvsroot/mozilla/security/nss/lib/pk11wrap/pk11pub.h,v
retrieving revision 1.14.2.1
diff -u -r1.14.2.1 pk11pub.h
--- mozilla/security/nss/lib/pk11wrap/pk11pub.h	2 Mar 2006 00:12:27 -0000	1.14.2.1
+++ mozilla/security/nss/lib/pk11wrap/pk11pub.h	9 May 2007 20:58:17 -0000
@@ -688,8 +688,13 @@
 				 PK11GenericObject *object);
 SECStatus PK11_DestroyGenericObjects(PK11GenericObject *object);
 SECStatus PK11_DestroyGenericObject(PK11GenericObject *object);
+PK11GenericObject *PK11_CreateGenericObject(PK11SlotInfo *slot, 
+				   const CK_ATTRIBUTE *template, 
+				   int count, PRBool token);
 SECStatus PK11_ReadRawAttribute(PK11ObjectType type, void *object, 
 				CK_ATTRIBUTE_TYPE attr, SECItem *item);
+SECStatus PK11_WriteRawAttribute(PK11ObjectType type, void *object, 
+				CK_ATTRIBUTE_TYPE attr, SECItem *item);
 
 
 /**********************************************************************
Index: mozilla/security/nss/lib/pk11wrap/secmodi.h
===================================================================
RCS file: /cvsroot/mozilla/security/nss/lib/pk11wrap/secmodi.h,v
retrieving revision 1.23
diff -u -r1.23 secmodi.h
--- mozilla/security/nss/lib/pk11wrap/secmodi.h	9 Sep 2005 02:03:57 -0000	1.23
+++ mozilla/security/nss/lib/pk11wrap/secmodi.h	9 May 2007 20:58:17 -0000
@@ -105,7 +105,7 @@
 #define PK11_SETATTRS(x,id,v,l) (x)->type = (id); \
 		(x)->pValue=(v); (x)->ulValueLen = (l);
 SECStatus PK11_CreateNewObject(PK11SlotInfo *slot, CK_SESSION_HANDLE session,
-                               CK_ATTRIBUTE *theTemplate, int count,
+                               const CK_ATTRIBUTE *theTemplate, int count,
                                 PRBool token, CK_OBJECT_HANDLE *objectID);
 
 SECStatus pbe_PK11AlgidToParam(SECAlgorithmID *algid,SECItem *mech);

nss-enable-pem.patch:

--- NEW FILE nss-enable-pem.patch ---
Index: mozilla/security/nss/lib/ckfw/manifest.mn
===================================================================
RCS file: /cvsroot/mozilla/security/nss/lib/ckfw/manifest.mn,v
retrieving revision 1.9
diff -u -r1.9 manifest.mn
--- mozilla/security/nss/lib/ckfw/manifest.mn   16 Dec 2005 00:48:01 -0000      1.9
+++ mozilla/security/nss/lib/ckfw/manifest.mn   31 Aug 2007 17:58:23 -0000
@@ -38,7 +38,7 @@
 
 CORE_DEPTH = ../../..
 
-DIRS = builtins 
+DIRS = builtins pem
 
 PRIVATE_EXPORTS = \
        ck.h              \


Index: .cvsignore
===================================================================
RCS file: /cvs/extras/rpms/nss/devel/.cvsignore,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- .cvsignore	19 Jun 2007 00:01:44 -0000	1.10
+++ .cvsignore	5 Sep 2007 20:00:42 -0000	1.11
@@ -1,2 +1,4 @@
 nss-3.11.5-fbst-stripped.tar.gz
 nss-3.11.7-no-fbst-with-ckbi-1.64.tar.gz
+nss-3.12-alpha-ckfw.tar.gz
+nss-3.12-alpha-pem.tar.gz


Index: nss.spec
===================================================================
RCS file: /cvs/extras/rpms/nss/devel/nss.spec,v
retrieving revision 1.26
retrieving revision 1.27
diff -u -r1.26 -r1.27
--- nss.spec	28 Aug 2007 11:04:07 -0000	1.26
+++ nss.spec	5 Sep 2007 20:00:42 -0000	1.27
@@ -1,12 +1,13 @@
 %define nspr_version 4.6.2
 %define unsupported_tools_directory %{_libdir}/nss/unsupported-tools
 %define fips_source_version 3.11.5
+%define ckfw_source_version 3.12-alpha
 %define ckbi_version 1.64
 
 Summary:          Network Security Services
 Name:             nss
 Version:          3.11.7
-Release:          6%{?dist}
+Release:          7%{?dist}
 License:          MPLv1.1 or GPLv2+ or LGPLv2+
 URL:              http://www.mozilla.org/projects/security/pki/nss/
 Group:            System Environment/Libraries
@@ -29,12 +30,16 @@
 Source5:          blank-secmod.db
 Source7:          fake-kstat.h
 Source10:         %{name}-%{fips_source_version}-fbst-stripped.tar.gz
+Source11:         %{name}-%{ckfw_source_version}-ckfw.tar.gz
+Source12:         %{name}-%{ckfw_source_version}-pem.tar.gz
 
 Patch1:           nss-no-rpath.patch
 Patch2:           nss-smartcard-auth.patch
 Patch3:           nss-use-netstat-hack.patch
 Patch4:           nss-decouple-softokn.patch
 Patch5:           nss-disable-build-freebl-softoken.patch
+Patch6:           nss-enable-pem.patch
+Patch7:           nss-create-obj.patch
 
 
 %description
@@ -86,9 +91,12 @@
 %prep
 %setup -q
 %setup -q -T -D -n %{name}-%{version} -a 10
+%setup -q -T -D -n %{name}-%{version} -a 11
+%setup -q -T -D -n %{name}-%{version} -a 12
 
 %define old_nss_lib %{name}-%{fips_source_version}/mozilla/security/nss/lib
 %define new_nss_lib mozilla/security/nss/lib
+%define new_ckfw_lib %{name}-%{ckfw_source_version}/mozilla/security/nss/lib
 
 # Ensure we will not use new freebl/softoken code
 rm -rf %{new_nss_lib}/freebl
@@ -98,6 +106,10 @@
 cp -a %{old_nss_lib}/freebl %{new_nss_lib}
 cp -a %{old_nss_lib}/softoken %{new_nss_lib}
 
+# set up ckfw
+rm -rf %{new_nss_lib}/ckfw
+cp -a %{new_ckfw_lib}/ckfw %{new_nss_lib}
+
 # Ensure the newer NSS tree will not build code, except the loader
 mv -i %{new_nss_lib}/freebl/loader.c %{new_nss_lib}/freebl/loader.c.save
 rm -rf %{new_nss_lib}/freebl/*.c %{new_nss_lib}/freebl/*.s
@@ -114,6 +126,8 @@
 %patch2 -p0 -b .smartcard-auth
 %patch4 -p0 -b .decouple-softokn
 %patch5 -p0 -b .nofbst
+%patch6 -p0 -b .libpem
+%patch7 -p0 -b .create-obj
 
 # Apply the patches to the tree where we build freebl/softoken
 cd nss-%{fips_source_version}
@@ -228,7 +242,7 @@
 done
 
 # Copy the binary libraries we want
-for file in libnss3.so libssl3.so libsmime3.so libnssckbi.so
+for file in libnss3.so libssl3.so libsmime3.so libnssckbi.so libnsspem.so
 do
   %{__install} -m 755 mozilla/dist/*.OBJ/lib/$file $RPM_BUILD_ROOT/%{_libdir}
 done
@@ -298,6 +312,7 @@
 %{_libdir}/libsmime3.so
 %{_libdir}/libsoftokn3.so
 %{_libdir}/libnssckbi.so
+%{_libdir}/libnsspem.so
 %{_libdir}/libfreebl3.so
 %{unsupported_tools_directory}/shlibsign
 %ghost %{_libdir}/libsoftokn3.chk
@@ -370,6 +385,7 @@
 %{_includedir}/nss3/nssilckt.h
 %{_includedir}/nss3/nssilock.h
 %{_includedir}/nss3/nsslocks.h
+%{_includedir}/nss3/nsspem.h
 %{_includedir}/nss3/nssrwlk.h
 %{_includedir}/nss3/nssrwlkt.h
 %{_includedir}/nss3/ocsp.h
@@ -437,6 +453,9 @@
 
 
 %changelog
+* Wed Sep 05 2007 Bob Relyea <rrelyea at redhat.com> - 3.11.7-7
+- Add 3.12 ckfw and libnsspem
+
 * Tue Aug 28 2007 Kai Engert <kengert at redhat.com> - 3.11.7-6
 - Updated license tag
 


Index: sources
===================================================================
RCS file: /cvs/extras/rpms/nss/devel/sources,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- sources	19 Jun 2007 00:01:44 -0000	1.10
+++ sources	5 Sep 2007 20:00:42 -0000	1.11
@@ -1,2 +1,4 @@
 68c5e1bd8ba091e5a50babcd9e552bc5  nss-3.11.5-fbst-stripped.tar.gz
 c1053d1e001a5b1eb4b7c296a968ca5c  nss-3.11.7-no-fbst-with-ckbi-1.64.tar.gz
+baa96599af6f0a2b656479d8e4efd58f  nss-3.12-alpha-ckfw.tar.gz
+84bad7e42304a6d4fdf2b83f5295b938  nss-3.12-alpha-pem.tar.gz

More information about the fedora-extras-commits mailing list