fixup commit for tag 'NSS_3_2_REF'NSS_3_2_REF

7 files changed, 49 insertions, 27 deletions

diff --git a/security/nss/cmd/SSLsample/client.c b/security/nss/cmd/SSLsample/client.c
index a68fcb678..30b7de93b 100644
--- a/security/nss/cmd/SSLsample/client.c
+++ b/security/nss/cmd/SSLsample/client.c
@@ -64,7 +64,6 @@
 
 #define RD_BUF_SIZE (60 * 1024)
 
-extern int cipherSuites[];
 extern int ssl2CipherSuites[];
 extern int ssl3CipherSuites[];
 
diff --git a/security/nss/cmd/SSLsample/sslsample.c b/security/nss/cmd/SSLsample/sslsample.c
index 77c543e12..47b7d0d4f 100644
--- a/security/nss/cmd/SSLsample/sslsample.c
+++ b/security/nss/cmd/SSLsample/sslsample.c
@@ -36,19 +36,6 @@
 
 /* Declare SSL cipher suites. */
 
-int cipherSuites[] = {
-	SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA,
-	SSL_FORTEZZA_DMS_WITH_RC4_128_SHA,
-	SSL_RSA_WITH_RC4_128_MD5,
-	SSL_RSA_WITH_3DES_EDE_CBC_SHA,
-	SSL_RSA_WITH_DES_CBC_SHA,
-	SSL_RSA_EXPORT_WITH_RC4_40_MD5,
-	SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5,
-	SSL_FORTEZZA_DMS_WITH_NULL_SHA,
-	SSL_RSA_WITH_NULL_MD5,
-	0
-};
-
 int ssl2CipherSuites[] = {
 	SSL_EN_RC4_128_WITH_MD5,              /* A */
 	SSL_EN_RC4_128_EXPORT40_WITH_MD5,     /* B */
@@ -140,6 +127,7 @@ myAuthCertificate(void *arg, PRFileDesc *socket,
 
 	/* If this is a server, we're finished. */
 	if (isServer || secStatus != SECSuccess) {
+		CERT_DestroyCertificate(cert);
 		return secStatus;
 	}
 
@@ -162,6 +150,7 @@ myAuthCertificate(void *arg, PRFileDesc *socket,
 	if (hostName)
 		PR_Free(hostName);
 
+	CERT_DestroyCertificate(cert);
 	return secStatus;
 }
 
diff --git a/security/nss/cmd/selfserv/selfserv.c b/security/nss/cmd/selfserv/selfserv.c
index 16ce65cd3..70b952340 100644
--- a/security/nss/cmd/selfserv/selfserv.c
+++ b/security/nss/cmd/selfserv/selfserv.c
@@ -88,19 +88,6 @@ static int handle_connection( PRFileDesc *, PRFileDesc *, int );
 static const char envVarName[] = { SSL_ENV_VAR_NAME };
 static const char inheritableSockName[] = { "SELFSERV_LISTEN_SOCKET" };
 
-const int cipherSuites[] = {
-    SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA,
-    SSL_FORTEZZA_DMS_WITH_RC4_128_SHA,
-    SSL_RSA_WITH_RC4_128_MD5,
-    SSL_RSA_WITH_3DES_EDE_CBC_SHA,
-    SSL_RSA_WITH_DES_CBC_SHA,
-    SSL_RSA_EXPORT_WITH_RC4_40_MD5,
-    SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5,
-    SSL_FORTEZZA_DMS_WITH_NULL_SHA,
-    SSL_RSA_WITH_NULL_MD5,
-    0
-};
-
 const int ssl2CipherSuites[] = {
     SSL_EN_RC4_128_WITH_MD5,			/* A */
     SSL_EN_RC4_128_EXPORT40_WITH_MD5,		/* B */
@@ -276,6 +263,7 @@ mySSLAuthCertificate(void *arg, PRFileDesc *fd, PRBool checkSig,
 	FPRINTF(stderr, "selfserv: -- SSL3: Certificate Invalid, err %d.\n%s\n", 
                 err, SECU_Strerror(err));
     }
+    CERT_DestroyCertificate(peerCert);
     FLUSH;
     return rv;  
 }
diff --git a/security/nss/cmd/strsclnt/strsclnt.c b/security/nss/cmd/strsclnt/strsclnt.c
index 5a4ce56b0..3bcfb894c 100644
--- a/security/nss/cmd/strsclnt/strsclnt.c
+++ b/security/nss/cmd/strsclnt/strsclnt.c
@@ -213,6 +213,7 @@ mySSLAuthCertificate(void *arg, PRFileDesc *fd, PRBool checkSig,
     if (rv == SECSuccess) {
 	fputs("strsclnt: -- SSL: Server Certificate Validated.\n", stderr);
     } 
+    CERT_DestroyCertificate(peerCert);
     /* error, if any, will be displayed by the Bad Cert Handler. */
     return rv;  
 }
diff --git a/security/nss/macbuild/LoadableRoots.mcp b/security/nss/macbuild/LoadableRoots.mcp
index 65b39aa0b..6ff2ddf41 100644
--- a/security/nss/macbuild/LoadableRoots.mcp
+++ b/security/nss/macbuild/LoadableRoots.mcp
diff --git a/security/nss/macbuild/NSSckfw.mcp b/security/nss/macbuild/NSSckfw.mcp
index d16cdaf24..cbcaefa23 100644
--- a/security/nss/macbuild/NSSckfw.mcp
+++ b/security/nss/macbuild/NSSckfw.mcp
diff --git a/security/nss/macbuild/macstubs.c b/security/nss/macbuild/macstubs.c
new file mode 100644
index 000000000..98613cd06
--- /dev/null
+++ b/security/nss/macbuild/macstubs.c
@@ -0,0 +1,45 @@
+/* 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+ 
+ /*
+  * This file is meant only to make the Mac version of the 
+  * loadable root certs not have to build the nsprstub for NSS
+  * which causes 2 versions of the PR_* functions to be loaded.
+  * Very bad potentially.
+  */
+  
+  #include "pkcs11t.h"
+  
+  void
+  nssSetLockArgs(CK_C_INITIALIZE_ARGS_PTR pInitArgs) {}
+  
\ No newline at end of file