diff options
| author | Elio Maldonado <emaldona@redhat.com> | 2013-04-10 12:22:57 -0700 |
|---|---|---|
| committer | Elio Maldonado <emaldona@redhat.com> | 2013-04-10 12:22:57 -0700 |
| commit | d5f324eef1699ab5177df1f848f49f1355a2d073 (patch) | |
| tree | 31c2fa8e192bac87602fb5a4b572152b1e231061 | |
| parent | f5751eef41594717893f21834cb1ba1c225886f5 (diff) | |
| download | nss-hg-d5f324eef1699ab5177df1f848f49f1355a2d073.tar.gz | |
backout bug 835919, backout bug 850905
| -rw-r--r-- | cmd/Makefile | 8 | ||||
| -rw-r--r-- | cmd/manifest.mn | 4 | ||||
| -rw-r--r-- | cmd/platlibs.mk | 31 | ||||
| -rw-r--r-- | cmd/shlibsign/shlibsign.c | 45 | ||||
| -rw-r--r-- | lib/Makefile | 11 | ||||
| -rw-r--r-- | lib/manifest.mn | 2 | ||||
| -rwxr-xr-x | tests/cipher/cipher.sh | 13 | ||||
| -rw-r--r-- | tests/common/init.sh | 8 | ||||
| -rwxr-xr-x | tests/fips/fips.sh | 17 |
9 files changed, 21 insertions, 118 deletions
diff --git a/cmd/Makefile b/cmd/Makefile index 0ae45649c..b98205926 100644 --- a/cmd/Makefile +++ b/cmd/Makefile @@ -14,14 +14,6 @@ ifdef BUILD_LIBPKIX_TESTS DIRS += libpkix endif -ifeq ($(NSS_BUILD_WITHOUT_SOFTOKEN),1) -BLTEST_SRCDIR= -FIPSTEST_SRCDIR= -else -BLTEST_SRCDIR = bltest -FIPSTEST_SRCDIR = fipstest -endif - LOWHASHTEST_SRCDIR= ifeq ($(FREEBL_LOWHASH),1) LOWHASHTEST_SRCDIR = lowhashtest # Add the lowhashtest directory to DIRS. diff --git a/cmd/manifest.mn b/cmd/manifest.mn index 4ebe00478..f66abc306 100644 --- a/cmd/manifest.mn +++ b/cmd/manifest.mn @@ -11,7 +11,7 @@ REQUIRES = nss nspr libdbm DIRS = lib \ addbuiltin \ atob \ - $(BLTEST_SRCDIR) \ + bltest \ btoa \ certcgi \ certutil \ @@ -23,7 +23,7 @@ DIRS = lib \ derdump \ digest \ httpserv \ - $(FIPSTEST_SRCDIR) \ + fipstest \ $(LOWHASHTEST_SRCDIR) \ listsuites \ makepqg \ diff --git a/cmd/platlibs.mk b/cmd/platlibs.mk index 200faf701..332681dd4 100644 --- a/cmd/platlibs.mk +++ b/cmd/platlibs.mk @@ -36,18 +36,7 @@ ifdef USE_STATIC_LIBS DEFINES += -DNSS_USE_STATIC_LIBS # $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS) -ifndef USE_SYSTEM_FREEBL -CRYPTOLIB=$(DIST)/lib/$(LIB_PREFIX)freebl.$(LIB_SUFFIX) -SOFTOKENLIB=$(DIST)/lib/$(LIB_PREFIX)softokn.$(LIB_SUFFIX) -else -# Use the system freebl and softoken libraries -CRYPTOLIB=$(FREEBL_LIB_DIR)/$(LIB_PREFIX)freebl.$(LIB_SUFFIX) -SOFTOKENLIB= -EXTRA_SHARED_LIBS += \ - -L$(SOFTOKEN_LIB_DIR) \ - -lsoftokn3 \ - $(NULL) -endif +CRYPTOLIB=$(SOFTOKEN_LIB_DIR)/$(LIB_PREFIX)freebl.$(LIB_SUFFIX) PKIXLIB = \ $(DIST)/lib/$(LIB_PREFIX)pkixtop.$(LIB_SUFFIX) \ @@ -78,7 +67,7 @@ EXTRA_LIBS += \ $(DIST)/lib/$(LIB_PREFIX)cryptohi.$(LIB_SUFFIX) \ $(DIST)/lib/$(LIB_PREFIX)pk11wrap.$(LIB_SUFFIX) \ $(DIST)/lib/$(LIB_PREFIX)certdb.$(LIB_SUFFIX) \ - $(SOFTOKENLIB) \ + $(DIST)/lib/$(LIB_PREFIX)softokn.$(LIB_SUFFIX) \ $(CRYPTOLIB) \ $(DIST)/lib/$(LIB_PREFIX)nsspki.$(LIB_SUFFIX) \ $(DIST)/lib/$(LIB_PREFIX)nssdev.$(LIB_SUFFIX) \ @@ -113,7 +102,7 @@ EXTRA_LIBS += \ $(DIST)/lib/$(LIB_PREFIX)certhi.$(LIB_SUFFIX) \ $(DIST)/lib/$(LIB_PREFIX)nsspki.$(LIB_SUFFIX) \ $(DIST)/lib/$(LIB_PREFIX)pk11wrap.$(LIB_SUFFIX) \ - $(SOFTOKENLIB) \ + $(DIST)/lib/$(LIB_PREFIX)softokn.$(LIB_SUFFIX) \ $(DIST)/lib/$(LIB_PREFIX)certdb.$(LIB_SUFFIX) \ $(DIST)/lib/$(LIB_PREFIX)nsspki.$(LIB_SUFFIX) \ $(DIST)/lib/$(LIB_PREFIX)nssdev.$(LIB_SUFFIX) \ @@ -196,22 +185,8 @@ EXTRA_SHARED_LIBS += \ $(NULL) endif -ifdef SOFTOKEN_LIB_DIR -ifdef NSS_USE_SYSTEM_FREEBL -EXTRA_SHARED_LIBS += -L$(SOFTOKEN_LIB_DIR) -lsoftokn3 -endif -endif - endif # USE_STATIC_LIBS -# If a platform has a system freebl, set USE_SYSTEM_FREEBL to 1 and -# FREEBL_LIBS to the linker command-line arguments for the system nss-util -# (for example, -lfreebl3 on fedora) in the platform's config file in coreconf. -ifdef NSS_USE_SYSTEM_FREEBL -FREEBL_LIBS = $(FREEBL_LIB_DIR)/$(LIB_PREFIX)freebl.$(LIB_SUFFIX) -EXTRA_LIBS += $(FREEBL_LIBS) -endif - # If a platform has a system zlib, set USE_SYSTEM_ZLIB to 1 and # ZLIB_LIBS to the linker command-line arguments for the system zlib # (for example, -lz) in the platform's config file in coreconf. diff --git a/cmd/shlibsign/shlibsign.c b/cmd/shlibsign/shlibsign.c index cd25838bb..e283cccd9 100644 --- a/cmd/shlibsign/shlibsign.c +++ b/cmd/shlibsign/shlibsign.c @@ -49,7 +49,6 @@ #include "pkcs11t.h" /* freebl headers */ -#include "blapit.h" #include "shsign.h" #define NUM_ELEM(array) (sizeof(array)/sizeof(array[0])) @@ -64,7 +63,7 @@ usage (const char *program_name) PR_fprintf (debug_out, "type %s -H for more detail information.\n", program_name); PR_fprintf (debug_out, - "Usage: %s [-v] [-V] [-k keysize] [-o outfile] [-d dbdir] [-f pwfile]\n" + "Usage: %s [-v] [-V] [-o outfile] [-d dbdir] [-f pwfile]\n" " [-F] [-p pwd] -[P dbprefix ] " "-i shared_library_name\n", program_name); @@ -85,7 +84,6 @@ long_usage(const char *program_name) PR_fprintf(debug_out, "\t-p <pwd> password\n"); PR_fprintf(debug_out, "\t-v verbose output\n"); PR_fprintf(debug_out, "\t-V perform Verify operations\n"); - PR_fprintf(debug_out, "\t-k <key_size> key size in bits, default 2048\n"); PR_fprintf(debug_out, "\t-? short help message\n"); PR_fprintf(debug_out, "\t-h short help message\n"); PR_fprintf(debug_out, "\t-H this help message\n"); @@ -727,16 +725,13 @@ int main(int argc, char **argv) CK_ULONG slotIndex = 0; CK_MECHANISM digestmech; CK_ULONG digestLen = 0; - CK_BYTE digest[HASH_LENGTH_MAX]; - CK_BYTE sign[DSA_MAX_SIGNATURE_LEN]; + CK_BYTE digest[32]; /* SHA256_LENGTH */ + CK_BYTE sign[64]; /* DSA SIGNATURE LENGTH */ CK_ULONG signLen = 0 ; CK_MECHANISM signMech = { CKM_DSA, NULL, 0 }; - int expectedDigestLen; - int expectedSignatureLen; - /*** DSA Key ***/ CK_MECHANISM dsaKeyPairGenMech; @@ -918,18 +913,10 @@ int main(int argc, char **argv) goto cleanup; } - if (keySize == 0) { - if (mechInfo.ulMaxKeySize >=2048) { - keySize = 2048; - } else { - keySize = 1024; - } - } - if (keySize > mechInfo.ulMaxKeySize) { - PR_fprintf(PR_STDERR, - "Requested key size of %d bits exceeds the mechanism's maximum key size of %d bits\n", - keySize, mechInfo.ulMaxKeySize); - goto cleanup; + if ((keySize == 0) && mechInfo.ulMaxKeySize >=2048 ) { + keySize = 2048; + } else { + keySize = 1024; } } @@ -947,10 +934,6 @@ int main(int argc, char **argv) digestmech.mechanism = CKM_SHA_1; digestmech.pParameter = NULL; digestmech.ulParameterLen = 0; - - expectedDigestLen = SHA1_LENGTH; - expectedSignatureLen = sizeof(subprime)*2; /* length of q*2 */; - } else if (keySize == 2048) { dsaPubKeyTemplate[0].type = CKA_PRIME; dsaPubKeyTemplate[0].pValue = (CK_VOID_PTR) &prime2; @@ -964,13 +947,9 @@ int main(int argc, char **argv) digestmech.mechanism = CKM_SHA256; digestmech.pParameter = NULL; digestmech.ulParameterLen = 0; - - expectedDigestLen = SHA256_LENGTH; - expectedSignatureLen = sizeof(subprime2)*2; /* length of q*2 */ - } else { /* future - generate pqg */ - PR_fprintf(PR_STDERR, "Only keysizes 1024 and 2048 are supported\n"); + PR_fprintf(PR_STDERR, "Only keysizes 1024 and 2048 are supported"); goto cleanup; } dsaPubKeyTemplate[3].type = CKA_TOKEN; @@ -1125,9 +1104,9 @@ int main(int argc, char **argv) goto cleanup; } - if (digestLen != expectedDigestLen) { + if (digestLen != sizeof(digest)) { PR_fprintf(PR_STDERR, "digestLen has incorrect length %lu " - "it should be %lu \n",digestLen, expectedDigestLen); + "it should be %lu \n",digestLen, sizeof(digest)); goto cleanup; } @@ -1148,9 +1127,9 @@ int main(int argc, char **argv) goto cleanup; } - if (signLen != expectedSignatureLen) { + if (signLen != sizeof(sign)) { PR_fprintf(PR_STDERR, "signLen has incorrect length %lu " - "it should be %lu \n", signLen, expectedSignatureLen); + "it should be %lu \n", signLen, sizeof(sign)); goto cleanup; } diff --git a/lib/Makefile b/lib/Makefile index 620fc5c5b..669b41bb0 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -62,14 +62,3 @@ include $(CORE_DEPTH)/coreconf/rules.mk # (7) Execute "local" rules. (OPTIONAL). # ####################################################################### -ifeq ($(NSS_BUILD_WITHOUT_SOFTOKEN),1) -# Not included when building nss without softoken -UTIL_SRCDIR= -FREEBL_SRCDIR= -SOFTOKEN_SRCDIR= -else -# default is to include all -UTIL_SRCDIR = util -FREEBL_SRCDIR = freebl -SOFTOKEN_SRCDIR = softoken -endif diff --git a/lib/manifest.mn b/lib/manifest.mn index ac009d3d2..4c27f931a 100644 --- a/lib/manifest.mn +++ b/lib/manifest.mn @@ -16,7 +16,7 @@ DEPTH = .. # smime # ckfw (builtins module) # crmf jar (not dll's) -DIRS = $(UTIL_SRCDIR) $(FREEBL_SRCDIR) $(SQLITE_SRCDIR) $(SOFTOKEN_SRCDIR) \ +DIRS = util freebl $(SQLITE_SRCDIR) $(DBM_SRCDIR) softoken \ base dev pki \ libpkix \ certdb certhigh pk11wrap cryptohi nss \ diff --git a/tests/cipher/cipher.sh b/tests/cipher/cipher.sh index 6703ad9fd..1eb4a3f0a 100755 --- a/tests/cipher/cipher.sh +++ b/tests/cipher/cipher.sh @@ -66,16 +66,13 @@ cipher_main() failedStr="" inOff=0 res=0 - # If built nss without softoken use the system installed bltest tool. - # The FREEBL_BINDIR location is plaform dependent. See the comments - # regarding this location in nss/tests/common/init.sh. while [ $inOff -lt 8 ] do outOff=0 while [ $outOff -lt 8 ] do echo "bltest -T -m $PARAM -d $CIPHERTESTDIR -1 $inOff -2 $outOff" - ${PROFTOOL} ${FREBL_BINDIR}/bltest -T -m $PARAM -d $CIPHERTESTDIR -1 $inOff -2 $outOff + ${PROFTOOL} ${BINDIR}/bltest -T -m $PARAM -d $CIPHERTESTDIR -1 $inOff -2 $outOff if [ $? -ne 0 ]; then failedStr="$failedStr[$inOff:$outOff]" fi @@ -123,14 +120,6 @@ cipher_cleanup() ################## main ################################################# -# When building without softoken, bltest isn't built. It was already -# built and the cipher suite run as part of an nss-softoken build. -if [ ! -x ${DIST}/${OBJDIR}/bin/bltest${PROG_SUFFIX} ]; then - echo "bltest not built, skipping this test." >> ${LOGFILE} - res = 0 - html_msg $res $EXP_RET "$TESTNAME" - return 0 -fi cipher_init cipher_main cipher_gcm diff --git a/tests/common/init.sh b/tests/common/init.sh index d625b7701..b3d44b034 100644 --- a/tests/common/init.sh +++ b/tests/common/init.sh @@ -647,14 +647,6 @@ if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then ulimit -c unlimited fi - ################################################################# - # If we built nss without softoken use the system installed tool. - # Fedora, for example, uses /usr/lib${ARCH}/unsupported-tools but - # other platform may place the system installed tests somewhere else. - # The FREEBL_BINDIR environment variable will have been set by the - # package maintainer. - # - FREEBL_BINDIR = [ ${NSS_BUILD_WITHOUT_SOFTOKEN} = "1" ] && ${FREEBL_BINDIR} || ${BINDIR} SCRIPTNAME=$0 INIT_SOURCED=TRUE #whatever one does - NEVER export this one please fi diff --git a/tests/fips/fips.sh b/tests/fips/fips.sh index 39b49bb75..183d01516 100755 --- a/tests/fips/fips.sh +++ b/tests/fips/fips.sh @@ -223,22 +223,9 @@ fips_140() # is needed to copy files one by one. echo "mkdir ${MANGLEDIR}" mkdir ${MANGLEDIR} - # When building nss without softoken use the system installed softoken library located - # in SOFTOKEN_LIB_DIR. This variable will have been set by the nss package mainainer. - # Fedora, for example, installs it in /usr/lib${ARCH} but other platforms may place - # the libraries in a different location. for lib in `ls ${LIBDIR}`; do - # Only softoken is used in the mangling test - if [ ${lib} = ${DLL_PREFIX}softokn3.so ]; then - if [ ${NSS_BUILD_WITHOUT_SOFTOKEN} = "1" ]; then - # use the system installed softoken library - echo "cp ${SOFTOKEN_LIB_DIR}/${lib} ${MANGLEDIR}" - cp ${SOFTOKEN_LIB_DIR}/${lib} ${MANGLEDIR} - else - echo "cp ${LIBDIR}/${lib} ${MANGLEDIR}" - cp ${LIBDIR}/${lib} ${MANGLEDIR} - fi - fi + echo "cp ${LIBDIR}/${lib} ${MANGLEDIR}" + cp ${LIBDIR}/${lib} ${MANGLEDIR} done echo "$SCRIPTNAME: Detect mangled softoken--------------------------" |