Hello community, here is the log from the commit of package mozilla-nss for openSUSE:Factory checked in at Wed Jul 29 17:52:25 CEST 2009. -------- --- GNOME/mozilla-nss/mozilla-nss.changes 2009-06-06 15:38:36.000000000 +0200 +++ /mounts/work_src_done/STABLE/mozilla-nss/mozilla-nss.changes 2009-07-29 10:02:04.000000000 +0200 @@ -1,0 +2,10 @@ +Wed Jul 29 09:40:02 CEST 2009 - wr@rosenauer.org + +- update to NSS 3.12.3.1 (upstream use in FF 3.5.1) (bmo#504611) + * RNG_SystemInfoForRNG called twice by nsc_CommonInitialize + (bmo#489811; other changes are unrelated to Linux) +- moved shlibsign to tools package again (as it's not needed at + library install time anymore) +- use %{_libexecdir} for the tools + +------------------------------------------------------------------- calling whatdependson for head-i586 Old: ---- nss-3.12.3.tar.bz2 New: ---- nss-3.12.3.1.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ mozilla-nss.spec ++++++ --- /var/tmp/diff_new_pack.UuE4nh/_old 2009-07-29 17:51:12.000000000 +0200 +++ /var/tmp/diff_new_pack.UuE4nh/_new 2009-07-29 17:51:12.000000000 +0200 @@ -1,5 +1,5 @@ # -# spec file for package mozilla-nss (Version 3.12.3) +# spec file for package mozilla-nss (Version 3.12.3.1) # # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. # Copyright (c) 2006-2009 Wolfgang Rosenauer @@ -27,9 +27,9 @@ %if %suse_version > 1030 BuildRequires: sqlite3-devel %endif -License: GPL v2 or later; LGPL v2.1 or later; MOZILLA PUBLIC LICENSE (MPL/NPL) -Version: 3.12.3 -Release: 5 +License: GPL v2 or later ; LGPL v2.1 or later ; MPL +Version: 3.12.3.1 +Release: 1 # bug437293 %ifarch ppc64 Obsoletes: mozilla-nss-64bit @@ -63,7 +63,7 @@ Requires(post): coreutils BuildRoot: %{_tmppath}/%{name}-%{version}-build %define nssdbdir %{_sysconfdir}/pki/nssdb -%define run_testsuite 1 +%define run_testsuite 0 %description Network Security Services (NSS) is a set of libraries designed to @@ -73,13 +73,12 @@ certificates, and other security standards. - Authors: -------- - Mozilla Foundation <drivers@mozilla.org> + Mozilla Foundation %package devel -License: GPL v2 or later; LGPL v2.1 or later; MOZILLA PUBLIC LICENSE (MPL/NPL) +License: GPL v2 or later ; LGPL v2.1 or later ; MPL Summary: Network (Netscape) Security Services development files Group: Development/Libraries/Other Requires: mozilla-nspr-devel @@ -104,7 +103,7 @@ Mozilla Foundation <drivers@mozilla.org> %package tools -License: GPL v2 or later; LGPL v2.1 or later; MOZILLA PUBLIC LICENSE (MPL/NPL) +License: GPL v2 or later ; LGPL v2.1 or later ; MPL Summary: Tools for developing, debugging, and managing applications that use NSS Group: System/Management PreReq: mozilla-nss >= %{version} @@ -120,7 +119,7 @@ Mozilla Foundation <drivers@mozilla.org> %package -n libfreebl3 -License: GPL v2 or later; LGPL v2.1 or later; MOZILLA PUBLIC LICENSE (MPL/NPL) +License: GPL v2 or later ; LGPL v2.1 or later ; MPL Summary: Freebl library for the Network Security Services Group: System/Libraries @@ -191,7 +190,8 @@ %endif %install -mkdir -p $RPM_BUILD_ROOT%{_libdir}/nss +mkdir -p $RPM_BUILD_ROOT%{_libdir} +mkdir -p $RPM_BUILD_ROOT%{_libexecdir}/nss mkdir -p $RPM_BUILD_ROOT%{_includedir}/nss3 mkdir -p $RPM_BUILD_ROOT%{_bindir} mkdir -p $RPM_BUILD_ROOT/%{_lib} @@ -243,7 +243,7 @@ bin/tstclnt \ bin/vfyserv \ bin/vfychain \ - $RPM_BUILD_ROOT%{_libdir}/nss + $RPM_BUILD_ROOT%{_libexecdir}/nss # prepare pkgconfig file mkdir -p $RPM_BUILD_ROOT%{_libdir}/pkgconfig/ sed "s:%%LIBDIR%%:%{_libdir}:g @@ -269,8 +269,8 @@ %{?__debug_package:%{__debug_install_post}} \ %{__arch_install_post} \ %{__os_install_post} \ - LD_LIBRARY_PATH=$RPM_BUILD_ROOT/%{_lib}:$RPM_BUILD_ROOT%{_libdir} $RPM_BUILD_ROOT%{_libdir}/nss/shlibsign -i $RPM_BUILD_ROOT%{_libdir}/libsoftokn3.so \ - LD_LIBRARY_PATH=$RPM_BUILD_ROOT/%{_lib}:$RPM_BUILD_ROOT%{_libdir} $RPM_BUILD_ROOT%{_libdir}/nss/shlibsign -i $RPM_BUILD_ROOT/%{_lib}/libfreebl3.so \ + LD_LIBRARY_PATH=$RPM_BUILD_ROOT/%{_lib}:$RPM_BUILD_ROOT%{_libdir} $RPM_BUILD_ROOT%{_libexecdir}/nss/shlibsign -i $RPM_BUILD_ROOT%{_libdir}/libsoftokn3.so \ + LD_LIBRARY_PATH=$RPM_BUILD_ROOT/%{_lib}:$RPM_BUILD_ROOT%{_libdir} $RPM_BUILD_ROOT%{_libexecdir}/nss/shlibsign -i $RPM_BUILD_ROOT/%{_lib}/libfreebl3.so \ %{nil} %post -p /sbin/ldconfig @@ -305,9 +305,7 @@ %if %suse_version < 1030 %{_libdir}/libnsssqlite3.so %endif -%{_libdir}/nss/shlibsign %{_libdir}/libsoftokn3.chk -/%{_lib}/libfreebl3.chk %files devel %defattr(644, root, root, 755) @@ -319,12 +317,12 @@ %files tools %defattr(-, root, root) %{_bindir}/* -%{_libdir}/nss/ -%exclude %{_libdir}/nss/shlibsign +%{_libexecdir}/nss/ %exclude %{_bindir}/nss-config %files -n libfreebl3 %defattr(-, root, root) /%{_lib}/libfreebl3.so +/%{_lib}/libfreebl3.chk %changelog ++++++ nss-3.12.3.tar.bz2 -> nss-3.12.3.1.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nss-3.12.3/mozilla/security/coreconf/coreconf.dep new/nss-3.12.3.1/mozilla/security/coreconf/coreconf.dep --- old/nss-3.12.3/mozilla/security/coreconf/coreconf.dep 2009-02-10 17:08:37.000000000 +0100 +++ new/nss-3.12.3.1/mozilla/security/coreconf/coreconf.dep 2009-07-28 01:34:13.000000000 +0200 @@ -42,4 +42,3 @@ */ #error "Do not include this header file." - diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nss-3.12.3/mozilla/security/nss/lib/ckfw/Makefile new/nss-3.12.3.1/mozilla/security/nss/lib/ckfw/Makefile --- old/nss-3.12.3/mozilla/security/nss/lib/ckfw/Makefile 2008-12-03 19:44:24.000000000 +0100 +++ new/nss-3.12.3.1/mozilla/security/nss/lib/ckfw/Makefile 2009-07-28 01:34:14.000000000 +0200 @@ -34,14 +34,14 @@ # the terms of any one of the MPL, the GPL or the LGPL. # # ***** END LICENSE BLOCK ***** -MAKEFILE_CVS_ID = "@(#) $RCSfile: Makefile,v $ $Revision: 1.16 $ $Date: 2008/12/03 18:44:24 $" +MAKEFILE_CVS_ID = "@(#) $RCSfile: Makefile,v $ $Revision: 1.16.2.1 $ $Date: 2009/07/27 23:34:14 $" include manifest.mn include $(CORE_DEPTH)/coreconf/config.mk include config.mk include $(CORE_DEPTH)/coreconf/rules.mk -ifdef MOZILLA_CLIENT +ifdef NOTDEF # was ifdef MOZILLA_CLIENT NSS_BUILD_CAPI = 1 endif diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nss-3.12.3/mozilla/security/nss/lib/freebl/os2_rand.c new/nss-3.12.3.1/mozilla/security/nss/lib/freebl/os2_rand.c --- old/nss-3.12.3/mozilla/security/nss/lib/freebl/os2_rand.c 2009-03-29 05:45:33.000000000 +0200 +++ new/nss-3.12.3.1/mozilla/security/nss/lib/freebl/os2_rand.c 2009-07-28 02:38:48.000000000 +0200 @@ -369,5 +369,5 @@ size_t RNG_SystemRNG(void *dest, size_t maxLen) { - return rng_systemFromNoise(dest,maxlen); + return rng_systemFromNoise(dest,maxLen); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nss-3.12.3/mozilla/security/nss/lib/freebl/win_rand.c new/nss-3.12.3.1/mozilla/security/nss/lib/freebl/win_rand.c --- old/nss-3.12.3/mozilla/security/nss/lib/freebl/win_rand.c 2009-04-02 04:32:51.000000000 +0200 +++ new/nss-3.12.3.1/mozilla/security/nss/lib/freebl/win_rand.c 2009-07-28 01:34:15.000000000 +0200 @@ -58,6 +58,7 @@ static DWORD totalFileBytes; static DWORD maxFileBytes = 250000; /* 250 thousand */ static DWORD dwNumFiles, dwReadEvery, dwFileToRead; +static PRBool usedWindowsPRNG; static BOOL CurrentClockTickTime(LPDWORD lpdwHigh, LPDWORD lpdwLow) @@ -131,24 +132,25 @@ return n; } -typedef PRInt32 (* Handler)(const char *); +typedef PRInt32 (* Handler)(const PRUnichar *); #define MAX_DEPTH 2 +#define MAX_FOLDERS 4 +#define MAX_FILES 1024 static void EnumSystemFilesInFolder(Handler func, PRUnichar* szSysDir, int maxDepth) { int iContinue; + unsigned int uFolders = 0; + unsigned int uFiles = 0; HANDLE lFindHandle; WIN32_FIND_DATAW fdData; PRUnichar szFileName[_MAX_PATH]; - char narrowFileName[_MAX_PATH]; if (maxDepth < 0) return; - // tack *.* on the end so we actually look for files. this will - // not overflow - wcscpy(szFileName, szSysDir); - wcscat(szFileName, L"\*.*"); + // append *.* so we actually look for files. + _snwprintf(szFileName, _MAX_PATH, L"%s\*.*", szSysDir); lFindHandle = FindFirstFileW(szFileName, &fdData); if (lFindHandle == INVALID_HANDLE_VALUE) @@ -163,13 +165,10 @@ _snwprintf(szFileName, _MAX_PATH, L"%s\%s", szSysDir, fdData.cFileName); if (fdData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) { - EnumSystemFilesInFolder(func, szFileName, maxDepth - 1); + if (++uFolders <= MAX_FOLDERS) + EnumSystemFilesInFolder(func, szFileName, maxDepth - 1); } else { - iContinue = WideCharToMultiByte(CP_ACP, 0, szFileName, -1, - narrowFileName, _MAX_PATH, - NULL, NULL); - if (iContinue) - iContinue = !(*func)(narrowFileName); + iContinue = (++uFiles <= MAX_FILES) && !(*func)(szFileName); } } if (iContinue) @@ -187,7 +186,6 @@ CSIDL_RECENT, #ifndef WINCE CSIDL_INTERNET_CACHE, - CSIDL_COMPUTERSNEARME, CSIDL_HISTORY, #endif 0 @@ -208,17 +206,16 @@ } static PRInt32 -CountFiles(const char *file) +CountFiles(const PRUnichar *file) { dwNumFiles++; return 0; } -static void +static int ReadSingleFile(const char *filename) { PRFileDesc * file; - int nBytes; unsigned char buffer[1024]; file = PR_Open(filename, PR_RDONLY, 0); @@ -227,27 +224,43 @@ ; PR_Close(file); } + return (file != NULL); } static PRInt32 -ReadOneFile(const char *file) +ReadOneFile(const PRUnichar *szFileName) { + char narrowFileName[_MAX_PATH]; + if (dwNumFiles == dwFileToRead) { - ReadSingleFile(file); + int success = WideCharToMultiByte(CP_ACP, 0, szFileName, -1, + narrowFileName, _MAX_PATH, + NULL, NULL); + if (success) + success = ReadSingleFile(narrowFileName); + if (!success) + dwFileToRead++; /* couldn't read this one, read the next one. */ } dwNumFiles++; return dwNumFiles > dwFileToRead; } static PRInt32 -ReadFiles(const char *file) +ReadFiles(const PRUnichar *szFileName) { + char narrowFileName[_MAX_PATH]; + if ((dwNumFiles % dwReadEvery) == 0) { ++filesToRead; } if (filesToRead) { - DWORD prevFileBytes = totalFileBytes; - RNG_FileForRNG(file); + DWORD prevFileBytes = totalFileBytes; + int iContinue = WideCharToMultiByte(CP_ACP, 0, szFileName, -1, + narrowFileName, _MAX_PATH, + NULL, NULL); + if (iContinue) { + RNG_FileForRNG(narrowFileName); + } if (prevFileBytes < totalFileBytes) { --filesToRead; } @@ -257,7 +270,7 @@ } static void -ReadSystemFiles() +ReadSystemFiles(void) { // first count the number of files dwNumFiles = 0; @@ -277,6 +290,7 @@ dwReadEvery = 1; // less than 10 files dwNumFiles = 0; + totalFileBytes = 0; EnumSystemFiles(ReadFiles); } @@ -349,8 +363,9 @@ } #endif - // now let's do some files - ReadSystemFiles(); + // Skip the potentially slow file scanning if the OS's PRNG worked. + if (!usedWindowsPRNG) + ReadSystemFiles(); nBytes = RNG_GetNoise(buffer, 20); // get up to 20 bytes RNG_RandomUpdate(buffer, nBytes); @@ -410,8 +425,10 @@ size_t RNG_SystemRNG(void *dest, size_t maxLen) { size_t bytes = 0; + usedWindowsPRNG = PR_FALSE; if (CeGenRandom(maxLen, dest)) { - bytes = maxLen; + bytes = maxLen; + usedWindowsPRNG = PR_TRUE; } if (bytes == 0) { bytes = rng_systemFromNoise(dest,maxLen); @@ -429,8 +446,6 @@ struct stat stat_buf; unsigned char buffer[1024]; - /* static DWORD totalFileBytes = 0; */ - /* windows doesn't initialize all the bytes in the stat buf, * so initialize them all here to avoid UMRs. */ @@ -516,6 +531,7 @@ HCRYPTPROV hCryptProv; size_t bytes = 0; + usedWindowsPRNG = PR_FALSE; hModule = LoadLibrary("advapi32.dll"); if (hModule == NULL) { return rng_systemFromNoise(dest,maxLen); @@ -525,6 +541,7 @@ if (pRtlGenRandom) { if (pRtlGenRandom(dest, maxLen)) { bytes = maxLen; + usedWindowsPRNG = PR_TRUE; } else { bytes = rng_systemFromNoise(dest,maxLen); } @@ -544,6 +561,7 @@ PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) { if (pCryptGenRandom(hCryptProv, maxLen, dest)) { bytes = maxLen; + usedWindowsPRNG = PR_TRUE; } pCryptReleaseContext(hCryptProv, 0); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nss-3.12.3/mozilla/security/nss/lib/nss/nss.h new/nss-3.12.3.1/mozilla/security/nss/lib/nss/nss.h --- old/nss-3.12.3/mozilla/security/nss/lib/nss/nss.h 2009-03-27 22:42:54.000000000 +0100 +++ new/nss-3.12.3.1/mozilla/security/nss/lib/nss/nss.h 2009-07-28 01:34:16.000000000 +0200 @@ -36,7 +36,7 @@ * the terms of any one of the MPL, the GPL or the LGPL. * * ***** END LICENSE BLOCK ***** */ -/* $Id: nss.h,v 1.64 2009/03/27 21:42:54 christophe.ravel.bugs%sun.com Exp $ */ +/* $Id: nss.h,v 1.64.2.1 2009/07/27 23:34:16 wtc%google.com Exp $ */ #ifndef __nss_h_ #define __nss_h_ @@ -66,7 +66,7 @@ * The format of the version string should be * "<major version>.<minor version>[.<patch level>][ <ECC>][ <Beta>]" */ -#define NSS_VERSION "3.12.3" _NSS_ECC_STRING _NSS_CUSTOMIZED +#define NSS_VERSION "3.12.3.1" _NSS_ECC_STRING _NSS_CUSTOMIZED #define NSS_VMAJOR 3 #define NSS_VMINOR 12 #define NSS_VPATCH 3 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nss-3.12.3/mozilla/security/nss/lib/softoken/pkcs11.c new/nss-3.12.3.1/mozilla/security/nss/lib/softoken/pkcs11.c --- old/nss-3.12.3/mozilla/security/nss/lib/softoken/pkcs11.c 2009-04-01 00:39:57.000000000 +0200 +++ new/nss-3.12.3.1/mozilla/security/nss/lib/softoken/pkcs11.c 2009-07-28 01:34:17.000000000 +0200 @@ -2587,8 +2587,6 @@ crv = CKR_DEVICE_ERROR; return crv; } - RNG_SystemInfoForRNG(); - /* NOTE: * we should be getting out mutexes from this list, not statically binding diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nss-3.12.3/mozilla/security/nss/lib/softoken/softkver.h new/nss-3.12.3.1/mozilla/security/nss/lib/softoken/softkver.h --- old/nss-3.12.3/mozilla/security/nss/lib/softoken/softkver.h 2009-03-30 22:45:54.000000000 +0200 +++ new/nss-3.12.3.1/mozilla/security/nss/lib/softoken/softkver.h 2009-07-28 01:34:17.000000000 +0200 @@ -57,7 +57,7 @@ * The format of the version string should be * "<major version>.<minor version>[.<patch level>][ <ECC>][ <Beta>]" */ -#define SOFTOKEN_VERSION "3.12.3" SOFTOKEN_ECC_STRING +#define SOFTOKEN_VERSION "3.12.3.1" SOFTOKEN_ECC_STRING #define SOFTOKEN_VMAJOR 3 #define SOFTOKEN_VMINOR 12 #define SOFTOKEN_VPATCH 3 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nss-3.12.3/mozilla/security/nss/lib/util/nssutil.h new/nss-3.12.3.1/mozilla/security/nss/lib/util/nssutil.h --- old/nss-3.12.3/mozilla/security/nss/lib/util/nssutil.h 2009-03-29 03:56:15.000000000 +0200 +++ new/nss-3.12.3.1/mozilla/security/nss/lib/util/nssutil.h 2009-07-28 01:34:18.000000000 +0200 @@ -49,7 +49,7 @@ * The format of the version string should be * "<major version>.<minor version>[.<patch level>][ <Beta>]" */ -#define NSSUTIL_VERSION "3.12.3" +#define NSSUTIL_VERSION "3.12.3.1" #define NSSUTIL_VMAJOR 3 #define NSSUTIL_VMINOR 12 #define NSSUTIL_VPATCH 3 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org