diff options
author | wtc%google.com <devnull@localhost> | 2009-07-27 23:34:18 +0000 |
---|---|---|
committer | wtc%google.com <devnull@localhost> | 2009-07-27 23:34:18 +0000 |
commit | a3d0f3c24b847ec4418c8064e13314eb393b5250 (patch) | |
tree | 3fb94f8b0a37af33d1ae8ec2341ed01b2c436edc | |
parent | f14133c6f6672e17d50bb289476ca223e4d112f1 (diff) | |
download | nss-hg-a3d0f3c24b847ec4418c8064e13314eb393b5250.tar.gz |
Bug 504611: Apply the following changes to NSS_3_12_3_WITH_CKBI_1_75_RTM
for the NSS 3.12.3.1 release:
1. Fixes for bug 494302, bug 501605, and bug 489811.
2. Change the version strings to 3.12.3.1.
r=nelson
Modified Files:
Tag: NSS_3_12_3_MINIBRANCH
coreconf/coreconf.dep nss/lib/ckfw/Makefile
nss/lib/freebl/win_rand.c nss/lib/nss/nss.h
nss/lib/softoken/pkcs11.c nss/lib/softoken/softkver.h
nss/lib/util/nssutil.h
-rw-r--r-- | security/coreconf/coreconf.dep | 1 | ||||
-rw-r--r-- | security/nss/lib/ckfw/Makefile | 2 | ||||
-rw-r--r-- | security/nss/lib/freebl/win_rand.c | 72 | ||||
-rw-r--r-- | security/nss/lib/nss/nss.h | 2 | ||||
-rw-r--r-- | security/nss/lib/softoken/pkcs11.c | 2 | ||||
-rw-r--r-- | security/nss/lib/softoken/softkver.h | 2 | ||||
-rw-r--r-- | security/nss/lib/util/nssutil.h | 2 |
7 files changed, 49 insertions, 34 deletions
diff --git a/security/coreconf/coreconf.dep b/security/coreconf/coreconf.dep index b536cfc01..b75161110 100644 --- a/security/coreconf/coreconf.dep +++ b/security/coreconf/coreconf.dep @@ -42,4 +42,3 @@ */ #error "Do not include this header file." - diff --git a/security/nss/lib/ckfw/Makefile b/security/nss/lib/ckfw/Makefile index c0b2c5815..186498435 100644 --- a/security/nss/lib/ckfw/Makefile +++ b/security/nss/lib/ckfw/Makefile @@ -41,7 +41,7 @@ include $(CORE_DEPTH)/coreconf/config.mk include config.mk include $(CORE_DEPTH)/coreconf/rules.mk -ifdef MOZILLA_CLIENT +ifdef NOTDEF # was ifdef MOZILLA_CLIENT NSS_BUILD_CAPI = 1 endif diff --git a/security/nss/lib/freebl/win_rand.c b/security/nss/lib/freebl/win_rand.c index 37eb11737..184798817 100644 --- a/security/nss/lib/freebl/win_rand.c +++ b/security/nss/lib/freebl/win_rand.c @@ -58,6 +58,7 @@ static PRInt32 filesToRead; static DWORD totalFileBytes; static DWORD maxFileBytes = 250000; /* 250 thousand */ static DWORD dwNumFiles, dwReadEvery, dwFileToRead; +static PRBool usedWindowsPRNG; static BOOL CurrentClockTickTime(LPDWORD lpdwHigh, LPDWORD lpdwLow) @@ -131,24 +132,25 @@ size_t RNG_GetNoise(void *buf, size_t maxbuf) return n; } -typedef PRInt32 (* Handler)(const char *); +typedef PRInt32 (* Handler)(const PRUnichar *); #define MAX_DEPTH 2 +#define MAX_FOLDERS 4 +#define MAX_FILES 1024 static void EnumSystemFilesInFolder(Handler func, PRUnichar* szSysDir, int maxDepth) { int iContinue; + unsigned int uFolders = 0; + unsigned int uFiles = 0; HANDLE lFindHandle; WIN32_FIND_DATAW fdData; PRUnichar szFileName[_MAX_PATH]; - char narrowFileName[_MAX_PATH]; if (maxDepth < 0) return; - // tack *.* on the end so we actually look for files. this will - // not overflow - wcscpy(szFileName, szSysDir); - wcscat(szFileName, L"\\*.*"); + // append *.* so we actually look for files. + _snwprintf(szFileName, _MAX_PATH, L"%s\\*.*", szSysDir); lFindHandle = FindFirstFileW(szFileName, &fdData); if (lFindHandle == INVALID_HANDLE_VALUE) @@ -163,13 +165,10 @@ EnumSystemFilesInFolder(Handler func, PRUnichar* szSysDir, int maxDepth) _snwprintf(szFileName, _MAX_PATH, L"%s\\%s", szSysDir, fdData.cFileName); if (fdData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) { - EnumSystemFilesInFolder(func, szFileName, maxDepth - 1); + if (++uFolders <= MAX_FOLDERS) + EnumSystemFilesInFolder(func, szFileName, maxDepth - 1); } else { - iContinue = WideCharToMultiByte(CP_ACP, 0, szFileName, -1, - narrowFileName, _MAX_PATH, - NULL, NULL); - if (iContinue) - iContinue = !(*func)(narrowFileName); + iContinue = (++uFiles <= MAX_FILES) && !(*func)(szFileName); } } if (iContinue) @@ -187,7 +186,6 @@ EnumSystemFiles(Handler func) CSIDL_RECENT, #ifndef WINCE CSIDL_INTERNET_CACHE, - CSIDL_COMPUTERSNEARME, CSIDL_HISTORY, #endif 0 @@ -208,17 +206,16 @@ EnumSystemFiles(Handler func) } static PRInt32 -CountFiles(const char *file) +CountFiles(const PRUnichar *file) { dwNumFiles++; return 0; } -static void +static int ReadSingleFile(const char *filename) { PRFileDesc * file; - int nBytes; unsigned char buffer[1024]; file = PR_Open(filename, PR_RDONLY, 0); @@ -227,27 +224,43 @@ ReadSingleFile(const char *filename) ; PR_Close(file); } + return (file != NULL); } static PRInt32 -ReadOneFile(const char *file) +ReadOneFile(const PRUnichar *szFileName) { + char narrowFileName[_MAX_PATH]; + if (dwNumFiles == dwFileToRead) { - ReadSingleFile(file); + int success = WideCharToMultiByte(CP_ACP, 0, szFileName, -1, + narrowFileName, _MAX_PATH, + NULL, NULL); + if (success) + success = ReadSingleFile(narrowFileName); + if (!success) + dwFileToRead++; /* couldn't read this one, read the next one. */ } dwNumFiles++; return dwNumFiles > dwFileToRead; } static PRInt32 -ReadFiles(const char *file) +ReadFiles(const PRUnichar *szFileName) { + char narrowFileName[_MAX_PATH]; + if ((dwNumFiles % dwReadEvery) == 0) { ++filesToRead; } if (filesToRead) { - DWORD prevFileBytes = totalFileBytes; - RNG_FileForRNG(file); + DWORD prevFileBytes = totalFileBytes; + int iContinue = WideCharToMultiByte(CP_ACP, 0, szFileName, -1, + narrowFileName, _MAX_PATH, + NULL, NULL); + if (iContinue) { + RNG_FileForRNG(narrowFileName); + } if (prevFileBytes < totalFileBytes) { --filesToRead; } @@ -257,7 +270,7 @@ ReadFiles(const char *file) } static void -ReadSystemFiles() +ReadSystemFiles(void) { // first count the number of files dwNumFiles = 0; @@ -277,6 +290,7 @@ ReadSystemFiles() dwReadEvery = 1; // less than 10 files dwNumFiles = 0; + totalFileBytes = 0; EnumSystemFiles(ReadFiles); } @@ -349,8 +363,9 @@ void RNG_SystemInfoForRNG(void) } #endif - // now let's do some files - ReadSystemFiles(); + // Skip the potentially slow file scanning if the OS's PRNG worked. + if (!usedWindowsPRNG) + ReadSystemFiles(); nBytes = RNG_GetNoise(buffer, 20); // get up to 20 bytes RNG_RandomUpdate(buffer, nBytes); @@ -410,8 +425,10 @@ void RNG_FileForRNG(const char *filename) size_t RNG_SystemRNG(void *dest, size_t maxLen) { size_t bytes = 0; + usedWindowsPRNG = PR_FALSE; if (CeGenRandom(maxLen, dest)) { - bytes = maxLen; + bytes = maxLen; + usedWindowsPRNG = PR_TRUE; } if (bytes == 0) { bytes = rng_systemFromNoise(dest,maxLen); @@ -429,8 +446,6 @@ void RNG_FileForRNG(const char *filename) struct stat stat_buf; unsigned char buffer[1024]; - /* static DWORD totalFileBytes = 0; */ - /* windows doesn't initialize all the bytes in the stat buf, * so initialize them all here to avoid UMRs. */ @@ -516,6 +531,7 @@ size_t RNG_SystemRNG(void *dest, size_t maxLen) HCRYPTPROV hCryptProv; size_t bytes = 0; + usedWindowsPRNG = PR_FALSE; hModule = LoadLibrary("advapi32.dll"); if (hModule == NULL) { return rng_systemFromNoise(dest,maxLen); @@ -525,6 +541,7 @@ size_t RNG_SystemRNG(void *dest, size_t maxLen) if (pRtlGenRandom) { if (pRtlGenRandom(dest, maxLen)) { bytes = maxLen; + usedWindowsPRNG = PR_TRUE; } else { bytes = rng_systemFromNoise(dest,maxLen); } @@ -544,6 +561,7 @@ size_t RNG_SystemRNG(void *dest, size_t maxLen) PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) { if (pCryptGenRandom(hCryptProv, maxLen, dest)) { bytes = maxLen; + usedWindowsPRNG = PR_TRUE; } pCryptReleaseContext(hCryptProv, 0); } diff --git a/security/nss/lib/nss/nss.h b/security/nss/lib/nss/nss.h index bac7c7524..b0a08b0aa 100644 --- a/security/nss/lib/nss/nss.h +++ b/security/nss/lib/nss/nss.h @@ -66,7 +66,7 @@ * The format of the version string should be * "<major version>.<minor version>[.<patch level>][ <ECC>][ <Beta>]" */ -#define NSS_VERSION "3.12.3" _NSS_ECC_STRING _NSS_CUSTOMIZED +#define NSS_VERSION "3.12.3.1" _NSS_ECC_STRING _NSS_CUSTOMIZED #define NSS_VMAJOR 3 #define NSS_VMINOR 12 #define NSS_VPATCH 3 diff --git a/security/nss/lib/softoken/pkcs11.c b/security/nss/lib/softoken/pkcs11.c index c5c2a8e2b..885121991 100644 --- a/security/nss/lib/softoken/pkcs11.c +++ b/security/nss/lib/softoken/pkcs11.c @@ -2587,8 +2587,6 @@ CK_RV nsc_CommonInitialize(CK_VOID_PTR pReserved, PRBool isFIPS) crv = CKR_DEVICE_ERROR; return crv; } - RNG_SystemInfoForRNG(); - /* NOTE: * we should be getting out mutexes from this list, not statically binding diff --git a/security/nss/lib/softoken/softkver.h b/security/nss/lib/softoken/softkver.h index 41222fc66..39a9007bb 100644 --- a/security/nss/lib/softoken/softkver.h +++ b/security/nss/lib/softoken/softkver.h @@ -57,7 +57,7 @@ * The format of the version string should be * "<major version>.<minor version>[.<patch level>][ <ECC>][ <Beta>]" */ -#define SOFTOKEN_VERSION "3.12.3" SOFTOKEN_ECC_STRING +#define SOFTOKEN_VERSION "3.12.3.1" SOFTOKEN_ECC_STRING #define SOFTOKEN_VMAJOR 3 #define SOFTOKEN_VMINOR 12 #define SOFTOKEN_VPATCH 3 diff --git a/security/nss/lib/util/nssutil.h b/security/nss/lib/util/nssutil.h index 9928f2a7b..4da6ee88c 100644 --- a/security/nss/lib/util/nssutil.h +++ b/security/nss/lib/util/nssutil.h @@ -49,7 +49,7 @@ * The format of the version string should be * "<major version>.<minor version>[.<patch level>][ <Beta>]" */ -#define NSSUTIL_VERSION "3.12.3" +#define NSSUTIL_VERSION "3.12.3.1" #define NSSUTIL_VMAJOR 3 #define NSSUTIL_VMINOR 12 #define NSSUTIL_VPATCH 3 |