rpms/nss/devel nsssysinit.patch,NONE,1.1 nss.spec,1.128,1.129
Elio Maldonado
emaldonado at fedoraproject.org
Sat Dec 12 06:48:43 UTC 2009
Author: emaldonado
Update of /cvs/extras/rpms/nss/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv720
Modified Files:
nss.spec
Added Files:
nsssysinit.patch
Log Message:
Patch nsssysinit to set the default flags on the crypto module - #545779
nsssysinit.patch:
nsssysinit.c | 16 +++++++++++++---
1 file changed, 13 insertions(+), 3 deletions(-)
--- NEW FILE nsssysinit.patch ---
Index: mozilla/security/nss/lib/sysinit/nsssysinit.c
===================================================================
RCS file: /cvsroot/mozilla/security/nss/lib/sysinit/nsssysinit.c,v
retrieving revision 1.1
diff -u -p -r1.1 nsssysinit.c
--- mozilla/security/nss/lib/sysinit/nsssysinit.c 8 Oct 2009 17:08:36 -0000 1.1
+++ mozilla/security/nss/lib/sysinit/nsssysinit.c 12 Dec 2009 03:34:17 -0000
@@ -198,11 +198,20 @@ getFIPSMode(void)
* the decision making process.
*
*/
+static const char *nssDefaultFlags = "trustOrder=75 cipherOrder=100 \
+slotParams={0x00000001=[slotFlags=RSA,RC4,RC2,DES,DH,SHA1,MD5,MD2,SSL,TLS,AES,RANDOM \
+askpw=any timeout=30 ] } ";
+static const char *nssDefaultFIPSFlags = "trustOrder=75 cipherOrder=100 \
+slotParams={0x00000003=[slotFlags=RSA,RC4,RC2,DES,DH,SHA1,MD5,MD2,SSL,TLS,AES,RANDOM \
+askpw=any timeout=30 ] } ";
+
static char **
get_list(char *filename, char *stripped_parameters)
{
char **module_list = PORT_ZNewArray(char *, 4);
char *userdb;
+ int isFIPS = getFIPSMode();
+ const char *nssflags = isFIPS ? nssDefaultFIPSFlags : nssDefaultFlags;
int next = 0;
/* can't get any space */
@@ -217,8 +226,9 @@ get_list(char *filename, char *stripped_
"library= "
"module=\"NSS User database\" "
"parameters=\"configdir='sql:%s' %s\" "
- "NSS=\"flags=internal%s\"",
- userdb, stripped_parameters, getFIPSMode() ? ",FIPS" : "");
+ "NSS=\"%sflags=internal%s\"",
+ userdb, stripped_parameters, nssflags,
+ isFIPS ? ",FIPS" : "");
/* now open the user's defined PKCS #11 modules */
/* skip the local user DB entry */
@@ -235,7 +245,7 @@ get_list(char *filename, char *stripped_
"library= "
"module=\"NSS system database\" "
"parameters=\"configdir='sql:%s' tokenDescription='NSS system database' flags=readonly\" "
- "NSS=\"flags=internal,critical\"",filename);
+ "NSS=\"%sflags=internal,critical\"",filename, nssDefaultFlags);
/* that was the last module */
module_list[next] = 0;
Index: nss.spec
===================================================================
RCS file: /cvs/extras/rpms/nss/devel/nss.spec,v
retrieving revision 1.128
retrieving revision 1.129
diff -u -p -r1.128 -r1.129
--- nss.spec 9 Dec 2009 17:04:26 -0000 1.128
+++ nss.spec 12 Dec 2009 06:48:43 -0000 1.129
@@ -7,7 +7,7 @@
Summary: Network Security Services
Name: nss
Version: 3.12.5
-Release: 1%{?dist}.4
+Release: 1%{?dist}.5
License: MPLv1.1 or GPLv2+ or LGPLv2+
URL: http://www.mozilla.org/projects/security/pki/nss/
Group: System Environment/Libraries
@@ -43,6 +43,7 @@ Patch2: nss-nolocalsql.patch
Patch6: nss-enable-pem.patch
Patch7: 533125-ammend.patch
Patch8: nss-sysinit.patch
+Patch9: nsssysinit.patch
%description
Network Security Services (NSS) is a set of libraries designed to
@@ -110,6 +111,7 @@ low level services.
%patch6 -p0 -b .libpem
%patch7 -p0 -b .533125-ammend
%patch8 -p0 -b .sysinit
+%patch9 -p0 -b .nsssysinit
%build
@@ -471,7 +473,11 @@ rm -rf $RPM_BUILD_ROOT/%{_includedir}/ns
%changelog
-* Wed Dec 09 2009 Elio Maldonado<emaldona at redhat.com> - 3.12.5-2.1
+* Thu Dec 10 2009 Elio Maldonado<emaldona at redhat.com> - 3.12.5-1.5
+- Fix nsssysinit to set the default flags on the crypto module (#545779)
+- Remove redundant header from the pem module
+
+* Wed Dec 09 2009 Elio Maldonado<emaldona at redhat.com> - 3.12.5-1.1
- Remove unneeded patch
* Thu Dec 03 2009 Elio Maldonado<emaldona at redhat.com> - 3.12.5-1.1
More information about the fedora-extras-commits
mailing list