diff options
Diffstat (limited to 'security')
68 files changed, 1075 insertions, 2279 deletions
diff --git a/security/coreconf/Linux.mk b/security/coreconf/Linux.mk index b571be9cd..fcd4c1fc4 100644 --- a/security/coreconf/Linux.mk +++ b/security/coreconf/Linux.mk @@ -90,6 +90,10 @@ ifeq ($(OS_TEST),s390x) OS_REL_CFLAGS = -DLINUX1_2 -D_XOPEN_SOURCE CPU_ARCH = s390x else +ifeq ($(OS_TEST),mips) + OS_REL_CFLAGS = -DLINUX1_2 -D_XOPEN_SOURCE + CPU_ARCH = mips +else OS_REL_CFLAGS = -DLINUX1_2 -Di386 -D_XOPEN_SOURCE CPU_ARCH = x86 endif @@ -102,6 +106,7 @@ endif endif endif endif +endif LIBC_TAG = _glibc diff --git a/security/dbm/src/manifest.mn b/security/coreconf/Linux2.6.mk index 80f2abfd0..602b3abe1 100644 --- a/security/dbm/src/manifest.mn +++ b/security/coreconf/Linux2.6.mk @@ -1,4 +1,3 @@ -#! gmake # # The contents of this file are subject to the Mozilla Public # License Version 1.1 (the "License"); you may not use this file @@ -31,31 +30,20 @@ # may use your version of this file under either the MPL or the # GPL. # +# Config stuff for Linux 2.6 (ELF) +# -CORE_DEPTH = ../.. - -VPATH = $(CORE_DEPTH)/../dbm/src - -MODULE = dbm +include $(CORE_DEPTH)/coreconf/Linux.mk -# -# memmove.c, snprintf.c, and strerror.c are not in CSRCS because -# the Standard C Library has memmove and strerror and DBM is not -# using snprintf. -# +OS_REL_CFLAGS += -DLINUX2_1 +MKSHLIB = $(CC) -shared -Wl,-soname -Wl,$(@:$(OBJDIR)/%.so=%.so) +ifdef BUILD_OPT + OPTIMIZER = -O2 +endif -CSRCS = db.c \ - h_bigkey.c \ - h_func.c \ - h_log2.c \ - h_page.c \ - hash.c \ - hash_buf.c \ - hsearch.c \ - mktemp.c \ - ndbm.c \ - nsres.c \ - dirent.c \ - $(NULL) +ifdef MAPFILE + MKSHLIB += -Wl,--version-script,$(MAPFILE) +endif +PROCESS_MAP_FILE = grep -v ';-' $(LIBRARY_NAME).def | \ + sed -e 's,;+,,' -e 's; DATA ;;' -e 's,;;,,' -e 's,;.*,;,' > $@ -LIBRARY_NAME = dbm diff --git a/security/coreconf/OS2.mk b/security/coreconf/OS2.mk index 6420b8bac..562a81de5 100644 --- a/security/coreconf/OS2.mk +++ b/security/coreconf/OS2.mk @@ -111,7 +111,7 @@ NSPR_INCLUDE_DIR = ifdef BUILD_OPT -OPTIMIZER = -O6 +OPTIMIZER = -O2 -s DEFINES += -UDEBUG -U_DEBUG -DNDEBUG DLLFLAGS = -DLL -OUT:$@ -MAP:$(@:.dll=.map) EXEFLAGS = -PMTYPE:VIO -OUT:$@ -MAP:$(@:.exe=.map) -nologo -NOE diff --git a/security/coreconf/WIN32.mk b/security/coreconf/WIN32.mk index 6dd67d51b..9487e12f5 100644 --- a/security/coreconf/WIN32.mk +++ b/security/coreconf/WIN32.mk @@ -38,13 +38,26 @@ DEFAULT_COMPILER = cl -CC = cl -CCC = cl -LINK = link -AR = lib -AR += -NOLOGO -OUT:"$@" -RANLIB = echo -BSDECHO = echo +ifdef NS_USE_GCC + CC = gcc + CCC = g++ + LINK = ld + AR = ar + AR += cr $@ + RANLIB = ranlib + BSDECHO = echo + RC = windres.exe -O coff + LINK_DLL = $(CC) $(OS_DLLFLAGS) $(DLLFLAGS) +else + CC = cl + CCC = cl + LINK = link + AR = lib + AR += -NOLOGO -OUT:"$@" + RANLIB = echo + BSDECHO = echo + RC = rc.exe +endif ifdef BUILD_TREE NSINSTALL_DIR = $(BUILD_TREE)/nss @@ -62,13 +75,38 @@ MKDEPENDENCIES = $(OBJDIR_NAME)/depend.mk INSTALL = $(NSINSTALL) MAKE_OBJDIR = mkdir MAKE_OBJDIR += $(OBJDIR) -RC = rc.exe GARBAGE += $(OBJDIR)/vc20.pdb $(OBJDIR)/vc40.pdb XP_DEFINE += -DXP_PC +ifdef NS_USE_GCC +LIB_SUFFIX = a +else LIB_SUFFIX = lib +endif DLL_SUFFIX = dll -ifdef BUILD_OPT +ifdef NS_USE_GCC + OS_CFLAGS += -mno-cygwin -mms-bitfields + _GEN_IMPORT_LIB=-Wl,--out-implib,$(IMPORT_LIBRARY) + DLLFLAGS += -mno-cygwin -o $@ -shared -Wl,--export-all-symbols $(if $(IMPORT_LIBRARY),$(_GEN_IMPORT_LIB)) + ifdef BUILD_OPT + OPTIMIZER += -O2 + DEFINES += -UDEBUG -U_DEBUG -DNDEBUG + # + # Add symbolic information for a profiler + # + ifdef MOZ_PROFILE + OPTIMIZER += -g + endif + else + OPTIMIZER += -g + NULLSTRING := + SPACE := $(NULLSTRING) # end of the line + USERNAME := $(subst $(SPACE),_,$(USERNAME)) + USERNAME := $(subst -,_,$(USERNAME)) + DEFINES += -DDEBUG -D_DEBUG -UNDEBUG -DDEBUG_$(USERNAME) + endif +else # !NS_USE_GCC + ifdef BUILD_OPT OS_CFLAGS += -MD OPTIMIZER += -O2 DEFINES += -UDEBUG -U_DEBUG -DNDEBUG @@ -80,7 +118,7 @@ ifdef BUILD_OPT OPTIMIZER += -Z7 DLLFLAGS += -DEBUG -DEBUGTYPE:CV endif -else + else # # Define USE_DEBUG_RTL if you want to use the debug runtime library # (RTL) in the debug build @@ -99,12 +137,15 @@ else DEFINES += -DDEBUG -D_DEBUG -UNDEBUG -DDEBUG_$(USERNAME) DLLFLAGS += -DEBUG -DEBUGTYPE:CV -OUT:"$@" LDFLAGS += -DEBUG -DEBUGTYPE:CV -PDB:NONE -endif + endif +endif # NS_USE_GCC DEFINES += -DWIN32 ifdef MAPFILE +ifndef NS_USE_GCC DLLFLAGS += -DEF:$(MAPFILE) endif +endif # Change PROCESS to put the mapfile in the correct format for this platform PROCESS_MAP_FILE = cp $(LIBRARY_NAME).def $@ @@ -116,8 +157,13 @@ PROCESS_MAP_FILE = cp $(LIBRARY_NAME).def $@ DEFINES += -D_WINDOWS # override default, which is ASFLAGS = CFLAGS -AS = ml.exe -ASFLAGS = -Cp -Sn -Zi -coff $(INCLUDES) +ifdef NS_USE_GCC + AS = $(CC) + ASFLAGS = $(INCLUDES) +else + AS = ml.exe + ASFLAGS = -Cp -Sn -Zi -coff $(INCLUDES) +endif # # override the definitions of RELEASE_TREE found in tree.mk @@ -135,11 +181,24 @@ ifndef RELEASE_TREE endif # -# override the definitions of LIB_PREFIX and DLL_PREFIX in prefix.mk +# override the definitions of IMPORT_LIB_PREFIX, LIB_PREFIX, and +# DLL_PREFIX in prefix.mk # +ifndef IMPORT_LIB_PREFIX + ifdef NS_USE_GCC + IMPORT_LIB_PREFIX = lib + else + IMPORT_LIB_PREFIX = $(NULL) + endif +endif + ifndef LIB_PREFIX - LIB_PREFIX = $(NULL) + ifdef NS_USE_GCC + LIB_PREFIX = lib + else + LIB_PREFIX = $(NULL) + endif endif ifndef DLL_PREFIX @@ -154,14 +213,22 @@ endif # Object suffixes # ifndef OBJ_SUFFIX - OBJ_SUFFIX = .obj + ifdef NS_USE_GCC + OBJ_SUFFIX = .o + else + OBJ_SUFFIX = .obj + endif endif # # Assembler source suffixes # ifndef ASM_SUFFIX - ASM_SUFFIX = .asm + ifdef NS_USE_GCC + ASM_SUFFIX = .s + else + ASM_SUFFIX = .asm + endif endif # diff --git a/security/coreconf/WIN954.0.mk b/security/coreconf/WIN954.0.mk index 24a44c1ff..e710f6e2e 100644 --- a/security/coreconf/WIN954.0.mk +++ b/security/coreconf/WIN954.0.mk @@ -40,7 +40,9 @@ include $(CORE_DEPTH)/coreconf/WIN32.mk ifeq ($(CPU_ARCH), x386) +ifndef NS_USE_GCC OS_CFLAGS += -W3 -nologo +endif DEFINES += -D_X86_ else ifeq ($(CPU_ARCH), MIPS) @@ -55,5 +57,7 @@ else endif endif +ifndef NS_USE_GCC OS_DLLFLAGS += -nologo -DLL -SUBSYSTEM:WINDOWS -PDB:NONE +endif DEFINES += -DWIN95 diff --git a/security/coreconf/arch.mk b/security/coreconf/arch.mk index 277232c0c..cc44690f3 100644 --- a/security/coreconf/arch.mk +++ b/security/coreconf/arch.mk @@ -137,15 +137,19 @@ ifeq ($(OS_ARCH),SINIX-N) endif # -# Handle FreeBSD 2.2-STABLE and Linux 2.0.30-osfmach3 +# Handle FreeBSD 2.2-STABLE, Linux 2.0.30-osfmach3, and +# IRIX 6.5-ALPHA-1289139620. # -ifeq (,$(filter-out Linux FreeBSD,$(OS_ARCH))) +ifeq (,$(filter-out Linux FreeBSD IRIX,$(OS_ARCH))) OS_RELEASE := $(shell echo $(OS_RELEASE) | sed 's/-.*//') endif ifeq ($(OS_ARCH),Linux) - OS_RELEASE := $(basename $(OS_RELEASE)) + OS_RELEASE := $(subst ., ,$(OS_RELEASE)) + ifneq ($(words $(OS_RELEASE)),1) + OS_RELEASE := $(word 1,$(OS_RELEASE)).$(word 2,$(OS_RELEASE)) + endif endif # diff --git a/security/coreconf/rules.mk b/security/coreconf/rules.mk index ac55f9279..ff380d472 100644 --- a/security/coreconf/rules.mk +++ b/security/coreconf/rules.mk @@ -52,7 +52,7 @@ endif platform:: @echo $(OBJDIR_NAME) -ifeq (,$(filter-out WIN%,$(OS_TARGET))) +ifeq (,$(filter-out _WIN%,$(NS_USE_GCC)_$(OS_TARGET))) USE_NT_C_SYNTAX=1 endif @@ -285,7 +285,7 @@ endif $(PROGRAM): $(OBJS) $(EXTRA_LIBS) @$(MAKE_OBJDIR) -ifeq (,$(filter-out WIN%,$(OS_TARGET))) +ifeq (,$(filter-out _WIN%,$(NS_USE_GCC)_$(OS_TARGET))) $(MKPROG) $(subst /,\\,$(OBJS)) -Fe$@ -link $(LDFLAGS) $(subst /,\\,$(EXTRA_LIBS) $(EXTRA_SHARED_LIBS) $(OS_LIBS)) else ifdef XP_OS2_VACPP @@ -337,7 +337,11 @@ ifeq ($(OS_TARGET)$(OS_RELEASE), AIX4.1) -bM:SRE -bnoentry $(OS_LIBS) $(EXTRA_LIBS) $(EXTRA_SHARED_LIBS) else ifeq (,$(filter-out WIN%,$(OS_TARGET))) +ifdef NS_USE_GCC + $(LINK_DLL) $(OBJS) $(SUB_SHLOBJS) $(EXTRA_LIBS) $(EXTRA_SHARED_LIBS) $(OS_LIBS) $(LD_LIBS) $(RES) +else $(LINK_DLL) -MAP $(DLLBASE) $(subst /,\\,$(OBJS) $(SUB_SHLOBJS) $(EXTRA_LIBS) $(EXTRA_SHARED_LIBS) $(OS_LIBS) $(LD_LIBS) $(RES)) +endif else ifdef XP_OS2_VACPP $(MKSHLIB) $(DLLFLAGS) $(LDFLAGS) $(OBJS) $(SUB_SHLOBJS) $(LD_LIBS) $(EXTRA_LIBS) $(EXTRA_SHARED_LIBS) @@ -357,7 +361,11 @@ ifeq (,$(filter-out WIN%,$(OS_TARGET))) $(RES): $(RESNAME) @$(MAKE_OBJDIR) # The resource compiler does not understand the -U option. +ifdef NS_USE_GCC + $(RC) $(filter-out -U%,$(DEFINES)) $(INCLUDES:-I%=--include-dir %) -o $@ $< +else $(RC) $(filter-out -U%,$(DEFINES)) $(INCLUDES) -Fo$@ $< +endif @echo $(RES) finished endif @@ -368,7 +376,7 @@ $(MAPFILE): $(LIBRARY_NAME).def $(OBJDIR)/$(PROG_PREFIX)%$(PROG_SUFFIX): $(OBJDIR)/$(PROG_PREFIX)%$(OBJ_SUFFIX) @$(MAKE_OBJDIR) -ifeq (,$(filter-out WIN%,$(OS_TARGET))) +ifeq (,$(filter-out _WIN%,$(NS_USE_GCC)_$(OS_TARGET))) $(MKPROG) $(OBJDIR)/$(PROG_PREFIX)$*$(OBJ_SUFFIX) -Fe$@ -link \ $(LDFLAGS) $(EXTRA_LIBS) $(EXTRA_SHARED_LIBS) $(OS_LIBS) else @@ -380,23 +388,54 @@ WCCFLAGS1 := $(subst /,\\,$(CFLAGS)) WCCFLAGS2 := $(subst -I,-i=,$(WCCFLAGS1)) WCCFLAGS3 := $(subst -D,-d,$(WCCFLAGS2)) +# Translate source filenames to absolute paths. This is required for +# debuggers under Windows & OS/2 to find source files automatically + +ifeq (,$(filter-out OS2%,$(OS_TARGET))) +NEED_ABSOLUTE_PATH := 1 +PWD := $(shell pwd) +endif + +ifeq (,$(filter-out _WIN%,$(NS_USE_GCC)_$(OS_TARGET))) +NEED_ABSOLUTE_PATH := 1 +ifeq (,$(findstring ;,$(PATH))) +PWD := $(subst \,/,$(shell cygpath -w `pwd`)) +else +PWD := $(shell pwd) +endif +endif + +ifdef NEED_ABSOLUTE_PATH +abspath = $(if $(findstring :,$(1)),$(1),$(if $(filter /%,$(1)),$(1),$(PWD)/$(1))) +else +abspath = $(1) +endif + $(OBJDIR)/$(PROG_PREFIX)%$(OBJ_SUFFIX): %.c @$(MAKE_OBJDIR) ifdef USE_NT_C_SYNTAX - $(CC) -Fo$@ -c $(CFLAGS) $< + $(CC) -Fo$@ -c $(CFLAGS) $(call abspath,$<) +else +ifdef NEED_ABSOLUTE_PATH + $(CC) -o $@ -c $(CFLAGS) $(call abspath,$<) else $(CC) -o $@ -c $(CFLAGS) $< endif +endif $(PROG_PREFIX)%$(OBJ_SUFFIX): %.c ifdef USE_NT_C_SYNTAX - $(CC) -Fo$@ -c $(CFLAGS) $< + $(CC) -Fo$@ -c $(CFLAGS) $(call abspath,$<) +else +ifdef NEED_ABSOLUTE_PATH + $(CC) -o $@ -c $(CFLAGS) $(call abspath,$<) else $(CC) -o $@ -c $(CFLAGS) $< endif +endif ifndef XP_OS2_VACPP -ifneq (,$(filter-out WIN%,$(OS_TARGET))) +ifneq (,$(filter-out _WIN%,$(NS_USE_GCC)_$(OS_TARGET))) $(OBJDIR)/$(PROG_PREFIX)%$(OBJ_SUFFIX): %.s @$(MAKE_OBJDIR) $(AS) -o $@ $(ASFLAGS) -c $< @@ -418,10 +457,14 @@ $(OBJDIR)/$(PROG_PREFIX)%$(OBJ_SUFFIX): %.S $(OBJDIR)/$(PROG_PREFIX)%: %.cpp @$(MAKE_OBJDIR) ifdef USE_NT_C_SYNTAX - $(CCC) -Fo$@ -c $(CFLAGS) $< + $(CCC) -Fo$@ -c $(CFLAGS) $(call abspath,$<) +else +ifdef NEED_ABSOLUTE_PATH + $(CCC) -o $@ -c $(CFLAGS) $(call abspath,$<) else $(CCC) -o $@ -c $(CFLAGS) $< endif +endif # # Please keep the next two rules in sync. @@ -438,10 +481,14 @@ ifdef STRICT_CPLUSPLUS_SUFFIX rm -f $(OBJDIR)/t_$*.cc else ifdef USE_NT_C_SYNTAX - $(CCC) -Fo$@ -c $(CFLAGS) $< + $(CCC) -Fo$@ -c $(CFLAGS) $(call abspath,$<) +else +ifdef NEED_ABSOLUTE_PATH + $(CCC) -o $@ -c $(CFLAGS) $(call abspath,$<) else $(CCC) -o $@ -c $(CFLAGS) $< endif +endif endif #STRICT_CPLUSPLUS_SUFFIX %.i: %.cpp diff --git a/security/dbm/Makefile b/security/dbm/Makefile deleted file mode 100644 index 34cd6d899..000000000 --- a/security/dbm/Makefile +++ /dev/null @@ -1,80 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - - - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - -coreconf_hack: - cd ../coreconf; gmake - gmake import - -RelEng_bld: coreconf_hack - gmake diff --git a/security/dbm/config/config.mk b/security/dbm/config/config.mk deleted file mode 100644 index 753364931..000000000 --- a/security/dbm/config/config.mk +++ /dev/null @@ -1,67 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -# -# These macros are defined by mozilla's configure script. -# We define them manually here. -# - -DEFINES += -DSTDC_HEADERS -DHAVE_STRERROR - -# -# Most platforms have snprintf, so it's simpler to list the exceptions. -# -HAVE_SNPRINTF = 1 -# -# OSF1 V4.0D doesn't have snprintf but V5.0A does. -# -ifeq ($(OS_TARGET)$(OS_RELEASE),OSF1V4.0D) -HAVE_SNPRINTF = -endif -ifdef HAVE_SNPRINTF -DEFINES += -DHAVE_SNPRINTF -endif - -ifeq (,$(filter-out IRIX Linux,$(OS_TARGET))) -DEFINES += -DHAVE_SYS_CDEFS_H -endif - -ifeq (,$(filter-out DGUX NCR ReliantUNIX SCO_SV SCOOS UNIXWARE,$(OS_TARGET))) -DEFINES += -DHAVE_SYS_BYTEORDER_H -endif - -# -# None of the platforms that we are interested in need to -# define HAVE_MEMORY_H. -# diff --git a/security/dbm/include/Makefile b/security/dbm/include/Makefile deleted file mode 100644 index ba4dd8ddf..000000000 --- a/security/dbm/include/Makefile +++ /dev/null @@ -1,76 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - - - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - - - diff --git a/security/dbm/include/manifest.mn b/security/dbm/include/manifest.mn deleted file mode 100644 index 886fedd98..000000000 --- a/security/dbm/include/manifest.mn +++ /dev/null @@ -1,57 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../.. - -VPATH = $(CORE_DEPTH)/../dbm/include - -MODULE = dbm - -EXPORTS = nsres.h \ - cdefs.h \ - mcom_db.h \ - ncompat.h \ - winfile.h \ - $(NULL) - -PRIVATE_EXPORTS = hsearch.h \ - page.h \ - extern.h \ - ndbm.h \ - queue.h \ - hash.h \ - mpool.h \ - search.h \ - $(NULL) - diff --git a/security/dbm/manifest.mn b/security/dbm/manifest.mn deleted file mode 100644 index 11f4f4237..000000000 --- a/security/dbm/manifest.mn +++ /dev/null @@ -1,45 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = .. - -MODULE = dbm - -IMPORTS = nspr20/v4.1.2 - -RELEASE = dbm - -DIRS = include \ - src \ - $(NULL) diff --git a/security/dbm/src/Makefile b/security/dbm/src/Makefile deleted file mode 100644 index 8fce98394..000000000 --- a/security/dbm/src/Makefile +++ /dev/null @@ -1,76 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/dbm/config/config.mk - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include config.mk - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - - - diff --git a/security/dbm/src/config.mk b/security/dbm/src/config.mk deleted file mode 100644 index 370fd75d6..000000000 --- a/security/dbm/src/config.mk +++ /dev/null @@ -1,63 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -DEFINES += -DMEMMOVE -D__DBINTERFACE_PRIVATE $(SECURITY_FLAG) - -INCLUDES += -I$(CORE_DEPTH)/../dbm/include - -# -# Currently, override TARGETS variable so that only static libraries -# are specifed as dependencies within rules.mk. -# - -TARGETS = $(LIBRARY) -SHARED_LIBRARY = -IMPORT_LIBRARY = -PURE_LIBRARY = -PROGRAM = - -ifdef SHARED_LIBRARY - ifeq (,$(filter-out WINNT WIN95 WINCE,$(OS_TARGET))) # list omits WIN16 - DLLBASE=/BASE:0x30000000 - RES=$(OBJDIR)/dbm.res - RESNAME=../include/dbm.rc - endif - ifeq ($(DLL_SUFFIX),dll) - DEFINES += -D_DLL - endif -endif - -ifeq ($(OS_TARGET),AIX) - OS_LIBS += -lc_r -endif diff --git a/security/dbm/src/dirent.c b/security/dbm/src/dirent.c deleted file mode 100644 index 001a48c5c..000000000 --- a/security/dbm/src/dirent.c +++ /dev/null @@ -1,348 +0,0 @@ -#ifdef OS2 - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <ctype.h> - -#include <dirent.h> -#include <errno.h> - -/*#ifndef __EMX__ -#include <libx.h> -#endif */ - -#define INCL_DOSFILEMGR -#define INCL_DOSERRORS -#include <os2.h> - -#if OS2 >= 2 -# define FFBUF FILEFINDBUF3 -# define Word ULONG - /* - * LS20 recommends a request count of 100, but according to the - * APAR text it does not lead to missing files, just to funny - * numbers of returned entries. - * - * LS30 HPFS386 requires a count greater than 2, or some files - * are missing (those starting with a character less that '.'). - * - * Novell looses entries which overflow the buffer. In previous - * versions of dirent2, this could have lead to missing files - * when the average length of 100 directory entries was 40 bytes - * or more (quite unlikely for files on a Novell server). - * - * Conclusion: Make sure that the entries all fit into the buffer - * and that the buffer is large enough for more than 2 entries - * (each entry is at most 300 bytes long). And ignore the LS20 - * effect. - */ -# define Count 25 -# define BufSz (25 * (sizeof(FILEFINDBUF3)+1)) -#else -# define FFBUF FILEFINDBUF -# define Word USHORT -# define BufSz 1024 -# define Count 3 -#endif - -#if defined(__IBMC__) || defined(__IBMCPP__) - #define error(rc) _doserrno = rc, errno = EOS2ERR -#elif defined(MICROSOFT) - #define error(rc) _doserrno = rc, errno = 255 -#else - #define error(rc) errno = 255 -#endif - -struct _dirdescr { - HDIR handle; /* DosFindFirst handle */ - char fstype; /* filesystem type */ - Word count; /* valid entries in <ffbuf> */ - long number; /* absolute number of next entry */ - int index; /* relative number of next entry */ - FFBUF * next; /* pointer to next entry */ - char name[MAXPATHLEN+3]; /* directory name */ - unsigned attrmask; /* attribute mask for seekdir */ - struct dirent entry; /* buffer for directory entry */ - BYTE ffbuf[BufSz]; -}; - -/* - * Return first char of filesystem type, or 0 if unknown. - */ -static char -getFSType(const char *path) -{ - static char cache[1+26]; - char drive[3], info[512]; - Word unit, infolen; - char r; - - if (isalpha(path[0]) && path[1] == ':') { - unit = toupper(path[0]) - '@'; - path += 2; - } else { - ULONG driveMap; -#if OS2 >= 2 - if (DosQueryCurrentDisk(&unit, &driveMap)) -#else - if (DosQCurDisk(&unit, &driveMap)) -#endif - return 0; - } - - if ((path[0] == '\\' || path[0] == '/') - && (path[1] == '\\' || path[1] == '/')) - return 0; - - if (cache [unit]) - return cache [unit]; - - drive[0] = '@' + unit; - drive[1] = ':'; - drive[2] = '\0'; - infolen = sizeof info; -#if OS2 >= 2 - if (DosQueryFSAttach(drive, 0, FSAIL_QUERYNAME, (PVOID)info, &infolen)) - return 0; - if (infolen >= sizeof(FSQBUFFER2)) { - FSQBUFFER2 *p = (FSQBUFFER2 *)info; - r = p->szFSDName[p->cbName]; - } else -#else - if (DosQFSAttach((PSZ)drive, 0, FSAIL_QUERYNAME, (PVOID)info, &infolen, 0)) - return 0; - if (infolen >= 9) { - char *p = info + sizeof(USHORT); - p += sizeof(USHORT) + *(USHORT *)p + 1 + sizeof(USHORT); - r = *p; - } else -#endif - r = 0; - return cache [unit] = r; -} - -char * -abs_path(const char *name, char *buffer, int len) -{ - char buf[4]; - if (isalpha(name[0]) && name[1] == ':' && name[2] == '\0') { - buf[0] = name[0]; - buf[1] = name[1]; - buf[2] = '.'; - buf[3] = '\0'; - name = buf; - } -#if OS2 >= 2 - if (DosQueryPathInfo((PSZ)name, FIL_QUERYFULLNAME, buffer, len)) -#else - if (DosQPathInfo((PSZ)name, FIL_QUERYFULLNAME, (PBYTE)buffer, len, 0L)) -#endif - return NULL; - return buffer; -} - -DIR * -openxdir(const char *path, unsigned att_mask) -{ - DIR *dir; - char name[MAXPATHLEN+3]; - Word rc; - - dir = malloc(sizeof(DIR)); - if (dir == NULL) { - errno = ENOMEM; - return NULL; - } - - strncpy(name, path, MAXPATHLEN); - name[MAXPATHLEN] = '\0'; - switch (name[strlen(name)-1]) { - default: - strcat(name, "\\"); - case '\\': - case '/': - case ':': - ; - } - strcat(name, "."); - if (!abs_path(name, dir->name, MAXPATHLEN+1)) - strcpy(dir->name, name); - if (dir->name[strlen(dir->name)-1] == '\\') - strcat(dir->name, "*"); - else - strcat(dir->name, "\\*"); - - dir->fstype = getFSType(dir->name); - dir->attrmask = att_mask | A_DIR; - - dir->handle = HDIR_CREATE; - dir->count = 100; -#if OS2 >= 2 - rc = DosFindFirst(dir->name, &dir->handle, dir->attrmask, - dir->ffbuf, sizeof dir->ffbuf, &dir->count, FIL_STANDARD); -#else - rc = DosFindFirst((PSZ)dir->name, &dir->handle, dir->attrmask, - (PFILEFINDBUF)dir->ffbuf, sizeof dir->ffbuf, &dir->count, 0); -#endif - switch (rc) { - default: - free(dir); - error(rc); - return NULL; - case NO_ERROR: - case ERROR_NO_MORE_FILES: - ; - } - - dir->number = 0; - dir->index = 0; - dir->next = (FFBUF *)dir->ffbuf; - - return (DIR *)dir; -} - -DIR * -opendir(const char *pathname) -{ - return openxdir(pathname, 0); -} - -struct dirent * -readdir(DIR *dir) -{ - static int dummy_ino = 2; - - if (dir->index == dir->count) { - Word rc; - dir->count = 100; -#if OS2 >= 2 - rc = DosFindNext(dir->handle, dir->ffbuf, - sizeof dir->ffbuf, &dir->count); -#else - rc = DosFindNext(dir->handle, (PFILEFINDBUF)dir->ffbuf, - sizeof dir->ffbuf, &dir->count); -#endif - if (rc) { - error(rc); - return NULL; - } - - dir->index = 0; - dir->next = (FFBUF *)dir->ffbuf; - } - - if (dir->index == dir->count) - return NULL; - - memcpy(dir->entry.d_name, dir->next->achName, dir->next->cchName); - dir->entry.d_name[dir->next->cchName] = '\0'; - dir->entry.d_ino = dummy_ino++; - dir->entry.d_reclen = dir->next->cchName; - dir->entry.d_namlen = dir->next->cchName; - dir->entry.d_size = dir->next->cbFile; - dir->entry.d_attribute = dir->next->attrFile; - dir->entry.d_time = *(USHORT *)&dir->next->ftimeLastWrite; - dir->entry.d_date = *(USHORT *)&dir->next->fdateLastWrite; - - switch (dir->fstype) { - case 'F': /* FAT */ - case 'C': /* CDFS */ - if (dir->next->attrFile & FILE_DIRECTORY) - strupr(dir->entry.d_name); - else - strlwr(dir->entry.d_name); - } - -#if OS2 >= 2 - dir->next = (FFBUF *)((BYTE *)dir->next + dir->next->oNextEntryOffset); -#else - dir->next = (FFBUF *)((BYTE *)dir->next->achName + dir->next->cchName + 1); -#endif - ++dir->number; - ++dir->index; - - return &dir->entry; -} - -long -telldir(DIR *dir) -{ - return dir->number; -} - -void -seekdir(DIR *dir, long off) -{ - if (dir->number > off) { - char name[MAXPATHLEN+2]; - Word rc; - - DosFindClose(dir->handle); - - strcpy(name, dir->name); - strcat(name, "*"); - - dir->handle = HDIR_CREATE; - dir->count = 32767; -#if OS2 >= 2 - rc = DosFindFirst(name, &dir->handle, dir->attrmask, - dir->ffbuf, sizeof dir->ffbuf, &dir->count, FIL_STANDARD); -#else - rc = DosFindFirst((PSZ)name, &dir->handle, dir->attrmask, - (PFILEFINDBUF)dir->ffbuf, sizeof dir->ffbuf, &dir->count, 0); -#endif - switch (rc) { - default: - error(rc); - return; - case NO_ERROR: - case ERROR_NO_MORE_FILES: - ; - } - - dir->number = 0; - dir->index = 0; - dir->next = (FFBUF *)dir->ffbuf; - } - - while (dir->number < off && readdir(dir)) - ; -} - -void -closedir(DIR *dir) -{ - DosFindClose(dir->handle); - free(dir); -} - -/*****************************************************************************/ - -#ifdef TEST - -main(int argc, char **argv) -{ - int i; - DIR *dir; - struct dirent *ep; - - for (i = 1; i < argc; ++i) { - dir = opendir(argv[i]); - if (!dir) - continue; - while (ep = readdir(dir)) - if (strchr("\\/:", argv[i] [strlen(argv[i]) - 1])) - printf("%s%s\n", argv[i], ep->d_name); - else - printf("%s/%s\n", argv[i], ep->d_name); - closedir(dir); - } - - return 0; -} - -#endif - -#endif /* OS2 */ - diff --git a/security/dbm/src/dirent.h b/security/dbm/src/dirent.h deleted file mode 100644 index 07a6c0ac8..000000000 --- a/security/dbm/src/dirent.h +++ /dev/null @@ -1,97 +0,0 @@ -#ifndef __DIRENT_H__ -#define __DIRENT_H__ -/* - * @(#)msd_dir.h 1.4 87/11/06 Public Domain. - * - * A public domain implementation of BSD directory routines for - * MS-DOS. Written by Michael Rendell ({uunet,utai}michael@garfield), - * August 1897 - * - * Extended by Peter Lim (lim@mullian.oz) to overcome some MS DOS quirks - * and returns 2 more pieces of information - file size & attribute. - * Plus a little reshuffling of some #define's positions December 1987 - * - * Some modifications by Martin Junius 02-14-89 - * - * AK900712 - * AK910410 abs_path - make absolute path - * - */ - -#ifdef __EMX__ -#include <sys/param.h> -#else -#if defined(__IBMC__) || defined(__IBMCPP__) || defined(XP_W32_MSVC) -#include <stdio.h> -#ifdef MAXPATHLEN - #undef MAXPATHLEN -#endif -#define MAXPATHLEN (FILENAME_MAX*4) -#define MAXNAMLEN FILENAME_MAX - -#else -#include <param.h> -#endif -#endif - -#ifdef __cplusplus -extern "C" { -#endif - -/* attribute stuff */ -#ifndef A_RONLY -# define A_RONLY 0x01 -# define A_HIDDEN 0x02 -# define A_SYSTEM 0x04 -# define A_LABEL 0x08 -# define A_DIR 0x10 -# define A_ARCHIVE 0x20 -#endif - -struct dirent { -#if defined(OS2) || defined(WIN32) /* use the layout of EMX to avoid trouble */ - int d_ino; /* Dummy */ - int d_reclen; /* Dummy, same as d_namlen */ - int d_namlen; /* length of name */ - char d_name[MAXNAMLEN + 1]; - unsigned long d_size; - unsigned short d_attribute; /* attributes (see above) */ - unsigned short d_time; /* modification time */ - unsigned short d_date; /* modification date */ -#else - char d_name[MAXNAMLEN + 1]; /* garentee null termination */ - char d_attribute; /* .. extension .. */ - unsigned long d_size; /* .. extension .. */ -#endif -}; - -typedef struct _dirdescr DIR; -/* the structs do not have to be defined here */ - -extern DIR *opendir(const char *); -extern DIR *openxdir(const char *, unsigned); -extern struct dirent *readdir(DIR *); -extern void seekdir(DIR *, long); -extern long telldir(DIR *); -extern void closedir(DIR *); -#define rewinddir(dirp) seekdir(dirp, 0L) - -extern char * abs_path(const char *name, char *buffer, int len); - -#ifndef S_IFMT -#define S_IFMT ( S_IFDIR | S_IFREG ) -#endif - -#ifndef S_ISDIR -#define S_ISDIR( m ) (((m) & S_IFMT) == S_IFDIR) -#endif - -#ifndef S_ISREG -#define S_ISREG( m ) (((m) & S_IFMT) == S_IFREG) -#endif - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/security/dbm/tests/Makefile b/security/dbm/tests/Makefile deleted file mode 100644 index fe132e19c..000000000 --- a/security/dbm/tests/Makefile +++ /dev/null @@ -1,69 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -DEPTH = ../.. -CORE_DEPTH = ../.. - -VPATH = $(CORE_DEPTH)/../dbm/tests - -MODULE = dbm - -CSRCS = lots.c - -PROGRAM = lots - -include $(DEPTH)/coreconf/config.mk - -include $(DEPTH)/dbm/config/config.mk - -ifeq (,$(filter-out WIN%,$(OS_TARGET))) -LIBDBM = ../src/$(PLATFORM)/dbm$(STATIC_LIB_SUFFIX) -else -LIBDBM = ../src/$(PLATFORM)/libdbm$(STATIC_LIB_SUFFIX) -endif - -INCLUDES += -I$(CORE_DEPTH)/../dbm/include - -LDFLAGS = $(LDOPTS) $(LIBDBM) - -include $(DEPTH)/coreconf/rules.mk - -lots.pure: lots - purify $(CC) -o lots.pure $(CFLAGS) $(OBJS) $(MYLIBS) - -crash: crash.o $(MYLIBS) - $(CC) -o crash $(CFLAGS) $^ - -crash.pure: crash.o $(MYLIBS) - purify $(CC) -o crash.pure $(CFLAGS) $^ - diff --git a/security/nss/cmd/dbtest/Makefile b/security/nss/cmd/dbtest/Makefile index 0d4b54c29..0ff13ae43 100644 --- a/security/nss/cmd/dbtest/Makefile +++ b/security/nss/cmd/dbtest/Makefile @@ -60,7 +60,9 @@ endif ifeq (,$(filter-out WINNT WIN95 WIN16,$(OS_TARGET))) # omits WINCE ifndef BUILD_OPT +ifndef NS_USE_GCC LDFLAGS += /subsystem:console /profile /debug /machine:I386 /incremental:no +endif OS_CFLAGS += -D_CONSOLE endif endif diff --git a/security/nss/cmd/platlibs.mk b/security/nss/cmd/platlibs.mk index 4a9953461..a160c3176 100644 --- a/security/nss/cmd/platlibs.mk +++ b/security/nss/cmd/platlibs.mk @@ -39,7 +39,7 @@ ifeq ($(OS_ARCH), WINNT) DEFINES += -DNSS_USE_STATIC_LIBS # $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS) -CRYPTOLIB=$(DIST)/lib/freebl.lib +CRYPTOLIB=$(DIST)/lib/$(LIB_PREFIX)freebl.$(LIB_SUFFIX) ifdef MOZILLA_SECURITY_BUILD CRYPTOLIB=$(DIST)/lib/crypto.lib endif @@ -49,28 +49,28 @@ ifdef MOZILLA_BSAFE_BUILD endif EXTRA_LIBS += \ - $(DIST)/lib/smime.lib \ - $(DIST)/lib/ssl.lib \ - $(DIST)/lib/nss.lib \ - $(DIST)/lib/ssl.lib \ - $(DIST)/lib/sectool.lib \ - $(DIST)/lib/pkcs12.lib \ - $(DIST)/lib/pkcs7.lib \ - $(DIST)/lib/certhi.lib \ - $(DIST)/lib/cryptohi.lib \ - $(DIST)/lib/pk11wrap.lib \ - $(DIST)/lib/certdb.lib \ - $(DIST)/lib/softokn.lib \ + $(DIST)/lib/$(LIB_PREFIX)smime.$(LIB_SUFFIX) \ + $(DIST)/lib/$(LIB_PREFIX)ssl.$(LIB_SUFFIX) \ + $(DIST)/lib/$(LIB_PREFIX)nss.$(LIB_SUFFIX) \ + $(DIST)/lib/$(LIB_PREFIX)ssl.$(LIB_SUFFIX) \ + $(DIST)/lib/$(LIB_PREFIX)sectool.$(LIB_SUFFIX) \ + $(DIST)/lib/$(LIB_PREFIX)pkcs12.$(LIB_SUFFIX) \ + $(DIST)/lib/$(LIB_PREFIX)pkcs7.$(LIB_SUFFIX) \ + $(DIST)/lib/$(LIB_PREFIX)certhi.$(LIB_SUFFIX) \ + $(DIST)/lib/$(LIB_PREFIX)cryptohi.$(LIB_SUFFIX) \ + $(DIST)/lib/$(LIB_PREFIX)pk11wrap.$(LIB_SUFFIX) \ + $(DIST)/lib/$(LIB_PREFIX)certdb.$(LIB_SUFFIX) \ + $(DIST)/lib/$(LIB_PREFIX)softokn.$(LIB_SUFFIX) \ $(CRYPTOLIB) \ - $(DIST)/lib/swfci.lib \ - $(DIST)/lib/secutil.lib \ - $(DIST)/lib/nsspki.lib \ - $(DIST)/lib/nssdev.lib \ - $(DIST)/lib/nssb.lib \ - $(DIST)/lib/dbm.lib \ - $(DIST)/lib/$(NSPR31_LIB_PREFIX)plc4.lib \ - $(DIST)/lib/$(NSPR31_LIB_PREFIX)plds4.lib \ - $(DIST)/lib/$(NSPR31_LIB_PREFIX)nspr4.lib \ + $(DIST)/lib/$(LIB_PREFIX)swfci.$(LIB_SUFFIX) \ + $(DIST)/lib/$(LIB_PREFIX)secutil.$(LIB_SUFFIX) \ + $(DIST)/lib/$(LIB_PREFIX)nsspki.$(LIB_SUFFIX) \ + $(DIST)/lib/$(LIB_PREFIX)nssdev.$(LIB_SUFFIX) \ + $(DIST)/lib/$(LIB_PREFIX)nssb.$(LIB_SUFFIX) \ + $(DIST)/lib/$(LIB_PREFIX)dbm.$(LIB_SUFFIX) \ + $(DIST)/lib/$(NSPR31_LIB_PREFIX)plc4.$(LIB_SUFFIX) \ + $(DIST)/lib/$(NSPR31_LIB_PREFIX)plds4.$(LIB_SUFFIX) \ + $(DIST)/lib/$(NSPR31_LIB_PREFIX)nspr4.$(LIB_SUFFIX) \ $(NULL) # $(PROGRAM) has NO explicit dependencies on $(OS_LIBS) @@ -79,8 +79,8 @@ EXTRA_LIBS += \ winmm.lib \ $(NULL) -JAR_LIBS = $(DIST)/lib/jar.lib \ - $(DIST)/lib/zlib.lib \ +JAR_LIBS = $(DIST)/lib/$(LIB_PREFIX)jar.$(LIB_SUFFIX) \ + $(DIST)/lib/$(LIB_PREFIX)zlib.$(LIB_SUFFIX) \ $(NULL) else @@ -150,13 +150,13 @@ ifeq ($(OS_ARCH), WINNT) # $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS) EXTRA_LIBS += \ - $(DIST)/lib/sectool.lib \ - $(DIST)/lib/smime3.lib \ - $(DIST)/lib/ssl3.lib \ - $(DIST)/lib/nss3.lib \ - $(DIST)/lib/$(NSPR31_LIB_PREFIX)plc4.lib \ - $(DIST)/lib/$(NSPR31_LIB_PREFIX)plds4.lib \ - $(DIST)/lib/$(NSPR31_LIB_PREFIX)nspr4.lib \ + $(DIST)/lib/$(LIB_PREFIX)sectool.$(LIB_SUFFIX) \ + $(DIST)/lib/$(IMPORT_LIB_PREFIX)smime3$(IMPORT_LIB_SUFFIX) \ + $(DIST)/lib/$(IMPORT_LIB_PREFIX)ssl3$(IMPORT_LIB_SUFFIX) \ + $(DIST)/lib/$(IMPORT_LIB_PREFIX)nss3$(IMPORT_LIB_SUFFIX) \ + $(DIST)/lib/$(NSPR31_LIB_PREFIX)plc4.$(LIB_SUFFIX) \ + $(DIST)/lib/$(NSPR31_LIB_PREFIX)plds4.$(LIB_SUFFIX) \ + $(DIST)/lib/$(NSPR31_LIB_PREFIX)nspr4.$(LIB_SUFFIX) \ $(NULL) # $(PROGRAM) has NO explicit dependencies on $(OS_LIBS) @@ -165,8 +165,8 @@ EXTRA_LIBS += \ winmm.lib \ $(NULL) -JAR_LIBS = $(DIST)/lib/jar.lib \ - $(DIST)/lib/zlib.lib \ +JAR_LIBS = $(DIST)/lib/$(LIB_PREFIX)jar.$(LIB_SUFFIX) \ + $(DIST)/lib/$(LIB_PREFIX)zlib.$(LIB_SUFFIX) \ $(NULL) else @@ -179,24 +179,13 @@ ifeq ($(OS_ARCH), AIX) EXTRA_SHARED_LIBS += -brtl endif -# On Linux we must use the -rpath-link option to tell the linker -# where to find libsoftokn3.so, an implicit dependency of libnss3.so. -ifeq ($(OS_ARCH), Linux) +# If GNU ld is used, we must use the -rpath-link option to tell +# the linker where to find libsoftokn3.so, an implicit dependency +# of libnss3.so. +ifeq (,$(filter-out BSD_OS FreeBSD Linux NetBSD, $(OS_ARCH))) EXTRA_SHARED_LIBS += -Wl,-rpath-link,$(DIST)/lib endif -ifeq ($(OS_ARCH), BSD_OS) -EXTRA_SHARED_LIBS += -Wl,-rpath-link,$(DIST)/lib -endif - -ifeq ($(OS_ARCH), FreeBSD) -EXTRA_SHARED_LIBS += -Wl,-rpath-link,$(DIST)/lib -endif - -ifeq ($(OS_ARCH), Darwin) -EXTRA_SHARED_LIBS += -dylib_file @executable_path/libsoftokn3.dylib:$(DIST)/lib/libsoftokn3.dylib -endif - ifeq ($(OS_ARCH), SunOS) ifdef NS_USE_GCC ifdef GCC_USE_GNU_LD @@ -205,6 +194,10 @@ endif endif endif +ifeq ($(OS_ARCH), Darwin) +EXTRA_SHARED_LIBS += -dylib_file @executable_path/libsoftokn3.dylib:$(DIST)/lib/libsoftokn3.dylib +endif + # $(PROGRAM) has NO explicit dependencies on $(EXTRA_SHARED_LIBS) # $(EXTRA_SHARED_LIBS) come before $(OS_LIBS), except on AIX. diff --git a/security/nss/cmd/rsaperf/Makefile b/security/nss/cmd/rsaperf/Makefile index 1a555a2fe..35dc5f5da 100644 --- a/security/nss/cmd/rsaperf/Makefile +++ b/security/nss/cmd/rsaperf/Makefile @@ -55,7 +55,9 @@ include ../platlibs.mk ifeq (,$(filter-out WINNT WIN95 WIN16,$(OS_TARGET))) #omits WINCE ifndef BUILD_OPT +ifndef NS_USE_GCC LDFLAGS += /subsystem:console /profile /debug /machine:I386 /incremental:no +endif OS_CFLAGS += -D_CONSOLE endif endif diff --git a/security/nss/cmd/shlibsign/Makefile b/security/nss/cmd/shlibsign/Makefile index 9228540a1..11b458de9 100644 --- a/security/nss/cmd/shlibsign/Makefile +++ b/security/nss/cmd/shlibsign/Makefile @@ -75,7 +75,7 @@ ifdef LOADABLE_FREEBL CHECKFILES += freebl_pure32_3.chk freebl_hybrid_3.chk endif -CHECKLOC=$(addprefix $(DIST)/lib/$(LIB_PREFIX), $(CHECKFILES)) +CHECKLOC=$(addprefix $(DIST)/lib/$(DLL_PREFIX), $(CHECKFILES)) MD_LIB_RELEASE_FILES = $(CHECKLOC) ALL_TRASH += $(CHECKLOC) @@ -101,7 +101,7 @@ include ../platrules.mk %.chk: %.$(DLL_SUFFIX) ifeq ($(OS_TARGET), OS2) - -exec sign.cmd $(DIST) $(OBJDIR) $(OS_TARGET) $< + @cmd.exe /c sign.cmd $(DIST) $(OBJDIR) $(OS_TARGET) $< else @sh ./sign.sh $(DIST) $(OBJDIR) $(OS_TARGET) $< endif diff --git a/security/nss/cmd/shlibsign/sign.cmd b/security/nss/cmd/shlibsign/sign.cmd index 028334654..612609de9 100644 --- a/security/nss/cmd/shlibsign/sign.cmd +++ b/security/nss/cmd/shlibsign/sign.cmd @@ -5,6 +5,7 @@ objdir=forwardtoback(objdir); 'echo 'dist 'echo 'objdir 'set BEGINLIBPATH='dist'\lib;%BEGINLIBPATH%' +'set LIBPATHSTRICT=T' objdir'\shlibsign -v -i 'therest exit diff --git a/security/nss/cmd/tstclnt/Makefile b/security/nss/cmd/tstclnt/Makefile index 8a0332d89..b31a4fdc8 100644 --- a/security/nss/cmd/tstclnt/Makefile +++ b/security/nss/cmd/tstclnt/Makefile @@ -56,7 +56,9 @@ include ../platlibs.mk ifeq (,$(filter-out WINNT WIN95 WIN16,$(OS_TARGET))) # omits WINCE ifndef BUILD_OPT +ifndef NS_USE_GCC LDFLAGS += /subsystem:console /profile /debug /machine:I386 /incremental:no +endif OS_CFLAGS += -D_CONSOLE endif endif diff --git a/security/nss/cmd/vfyserv/Makefile b/security/nss/cmd/vfyserv/Makefile index 8a0332d89..b31a4fdc8 100644 --- a/security/nss/cmd/vfyserv/Makefile +++ b/security/nss/cmd/vfyserv/Makefile @@ -56,7 +56,9 @@ include ../platlibs.mk ifeq (,$(filter-out WINNT WIN95 WIN16,$(OS_TARGET))) # omits WINCE ifndef BUILD_OPT +ifndef NS_USE_GCC LDFLAGS += /subsystem:console /profile /debug /machine:I386 /incremental:no +endif OS_CFLAGS += -D_CONSOLE endif endif diff --git a/security/nss/lib/certdb/cert.h b/security/nss/lib/certdb/cert.h index bf1881e83..1131b1633 100644 --- a/security/nss/lib/certdb/cert.h +++ b/security/nss/lib/certdb/cert.h @@ -1481,7 +1481,7 @@ CERT_SPKDigestValueForCert(PRArenaPool *arena, CERTCertificate *cert, /* * fill in nsCertType field of the cert based on the cert extension */ -extern SECStatus CERT_GetCertType(CERTCertificate *cert); +extern SECStatus cert_GetCertType(CERTCertificate *cert); SECStatus CERT_CheckCRL(CERTCertificate* cert, CERTCertificate* issuer, diff --git a/security/nss/lib/certdb/certdb.c b/security/nss/lib/certdb/certdb.c index e6b5dc4b1..b79e5f621 100644 --- a/security/nss/lib/certdb/certdb.c +++ b/security/nss/lib/certdb/certdb.c @@ -523,7 +523,7 @@ findOIDinOIDSeqByTagNum(CERTOidSequence *seq, SECOidTag tagnum) * fill in nsCertType field of the cert based on the cert extension */ SECStatus -CERT_GetCertType(CERTCertificate *cert) +cert_GetCertType(CERTCertificate *cert) { SECStatus rv; SECItem tmpitem; @@ -531,6 +531,12 @@ CERT_GetCertType(CERTCertificate *cert) CERTOidSequence *extKeyUsage = NULL; PRBool basicConstraintPresent = PR_FALSE; CERTBasicConstraints basicConstraint; + unsigned int nsCertType = 0; + + if (cert->nsCertType) { + /* once set, no need to recalculate */ + return SECSuccess; + } tmpitem.data = NULL; CERT_FindNSCertTypeExtension(cert, &tmpitem); @@ -545,9 +551,9 @@ CERT_GetCertType(CERTCertificate *cert) } if (tmpitem.data != NULL || extKeyUsage != NULL) { if (tmpitem.data == NULL) { - cert->nsCertType = 0; + nsCertType = 0; } else { - cert->nsCertType = tmpitem.data[0]; + nsCertType = tmpitem.data[0]; } /* free tmpitem data pointer to avoid memory leak */ @@ -558,16 +564,16 @@ CERT_GetCertType(CERTCertificate *cert) * for this release, we will allow SSL certs with an email address * to be used for email */ - if ( ( cert->nsCertType & NS_CERT_TYPE_SSL_CLIENT ) && + if ( ( nsCertType & NS_CERT_TYPE_SSL_CLIENT ) && cert->emailAddr ) { - cert->nsCertType |= NS_CERT_TYPE_EMAIL; + nsCertType |= NS_CERT_TYPE_EMAIL; } /* * for this release, we will allow SSL intermediate CAs to be * email intermediate CAs too. */ - if ( cert->nsCertType & NS_CERT_TYPE_SSL_CA ) { - cert->nsCertType |= NS_CERT_TYPE_EMAIL_CA; + if ( nsCertType & NS_CERT_TYPE_SSL_CA ) { + nsCertType |= NS_CERT_TYPE_EMAIL_CA; } /* * allow a cert with the extended key usage of EMail Protect @@ -579,9 +585,9 @@ CERT_GetCertType(CERTCertificate *cert) SECSuccess) { if (basicConstraintPresent == PR_TRUE && (basicConstraint.isCA)) { - cert->nsCertType |= NS_CERT_TYPE_EMAIL_CA; + nsCertType |= NS_CERT_TYPE_EMAIL_CA; } else { - cert->nsCertType |= NS_CERT_TYPE_EMAIL; + nsCertType |= NS_CERT_TYPE_EMAIL; } } if (findOIDinOIDSeqByTagNum(extKeyUsage, @@ -589,9 +595,9 @@ CERT_GetCertType(CERTCertificate *cert) SECSuccess){ if (basicConstraintPresent == PR_TRUE && (basicConstraint.isCA)) { - cert->nsCertType |= NS_CERT_TYPE_SSL_CA; + nsCertType |= NS_CERT_TYPE_SSL_CA; } else { - cert->nsCertType |= NS_CERT_TYPE_SSL_SERVER; + nsCertType |= NS_CERT_TYPE_SSL_SERVER; } } if (findOIDinOIDSeqByTagNum(extKeyUsage, @@ -599,9 +605,9 @@ CERT_GetCertType(CERTCertificate *cert) SECSuccess){ if (basicConstraintPresent == PR_TRUE && (basicConstraint.isCA)) { - cert->nsCertType |= NS_CERT_TYPE_SSL_CA; + nsCertType |= NS_CERT_TYPE_SSL_CA; } else { - cert->nsCertType |= NS_CERT_TYPE_SSL_CLIENT; + nsCertType |= NS_CERT_TYPE_SSL_CLIENT; } } if (findOIDinOIDSeqByTagNum(extKeyUsage, @@ -609,43 +615,43 @@ CERT_GetCertType(CERTCertificate *cert) SECSuccess) { if (basicConstraintPresent == PR_TRUE && (basicConstraint.isCA)) { - cert->nsCertType |= NS_CERT_TYPE_OBJECT_SIGNING_CA; + nsCertType |= NS_CERT_TYPE_OBJECT_SIGNING_CA; } else { - cert->nsCertType |= NS_CERT_TYPE_OBJECT_SIGNING; + nsCertType |= NS_CERT_TYPE_OBJECT_SIGNING; } } if (findOIDinOIDSeqByTagNum(extKeyUsage, SEC_OID_EXT_KEY_USAGE_TIME_STAMP) == SECSuccess) { - cert->nsCertType |= EXT_KEY_USAGE_TIME_STAMP; + nsCertType |= EXT_KEY_USAGE_TIME_STAMP; } if (findOIDinOIDSeqByTagNum(extKeyUsage, SEC_OID_OCSP_RESPONDER) == SECSuccess) { - cert->nsCertType |= EXT_KEY_USAGE_STATUS_RESPONDER; + nsCertType |= EXT_KEY_USAGE_STATUS_RESPONDER; } } else { /* if no extension, then allow any ssl or email (no ca or object * signing) */ - cert->nsCertType = NS_CERT_TYPE_SSL_CLIENT | NS_CERT_TYPE_SSL_SERVER | + nsCertType = NS_CERT_TYPE_SSL_CLIENT | NS_CERT_TYPE_SSL_SERVER | NS_CERT_TYPE_EMAIL; /* if the basic constraint extension says the cert is a CA, then allow SSL CA and EMAIL CA and Status Responder */ if ((basicConstraintPresent == PR_TRUE) && (basicConstraint.isCA)) { - cert->nsCertType |= NS_CERT_TYPE_SSL_CA; - cert->nsCertType |= NS_CERT_TYPE_EMAIL_CA; - cert->nsCertType |= EXT_KEY_USAGE_STATUS_RESPONDER; + nsCertType |= NS_CERT_TYPE_SSL_CA; + nsCertType |= NS_CERT_TYPE_EMAIL_CA; + nsCertType |= EXT_KEY_USAGE_STATUS_RESPONDER; } else if (CERT_IsCACert(cert, NULL) == PR_TRUE) { - cert->nsCertType |= EXT_KEY_USAGE_STATUS_RESPONDER; + nsCertType |= EXT_KEY_USAGE_STATUS_RESPONDER; } /* if the cert is a fortezza CA cert, then allow SSL CA and EMAIL CA */ if (fortezzaIsCA(cert)) { - cert->nsCertType |= NS_CERT_TYPE_SSL_CA; - cert->nsCertType |= NS_CERT_TYPE_EMAIL_CA; + nsCertType |= NS_CERT_TYPE_SSL_CA; + nsCertType |= NS_CERT_TYPE_EMAIL_CA; } } @@ -653,6 +659,7 @@ CERT_GetCertType(CERTCertificate *cert) PORT_Free(encodedExtKeyUsage.data); CERT_DestroyOidSequence(extKeyUsage); } + PR_AtomicSet(&cert->nsCertType, nsCertType); return(SECSuccess); } @@ -877,7 +884,7 @@ CERT_DecodeDERCertificate(SECItem *derSignedCert, PRBool copyDER, } /* initialize the certType */ - rv = CERT_GetCertType(cert); + rv = cert_GetCertType(cert); if ( rv != SECSuccess ) { goto loser; } @@ -2622,9 +2629,10 @@ loser: PRBool CERT_IsUserCert(CERTCertificate* cert) { - if ( (cert->trust->sslFlags & CERTDB_USER ) || + if ( cert->trust && + ((cert->trust->sslFlags & CERTDB_USER ) || (cert->trust->emailFlags & CERTDB_USER ) || - (cert->trust->objectSigningFlags & CERTDB_USER ) ) { + (cert->trust->objectSigningFlags & CERTDB_USER )) ) { return PR_TRUE; } else { return PR_FALSE; diff --git a/security/nss/lib/certdb/crl.c b/security/nss/lib/certdb/crl.c index 72e0aa94e..bd023b806 100644 --- a/security/nss/lib/certdb/crl.c +++ b/security/nss/lib/certdb/crl.c @@ -575,10 +575,6 @@ SEC_FindCrlByKeyOnSlot(PK11SlotInfo *slot, SECItem *crlKey, int type, return SECFailure; } - if (slot) { - PK11_ReferenceSlot(slot); - } - /* XXX it would be really useful to be able to fetch the CRL directly into an arena. This would avoid a copy later on in the decode step */ PORT_SetError(0); @@ -593,6 +589,7 @@ SEC_FindCrlByKeyOnSlot(PK11SlotInfo *slot, SECItem *crlKey, int type, goto loser; } PORT_Assert(crlHandle != CK_INVALID_HANDLE); + /* PK11_FindCrlByName obtained a slot reference. */ crl = CERT_DecodeDERCrlWithFlags(NULL, derCrl, type, decodeoptions); if (crl) { @@ -610,11 +607,11 @@ SEC_FindCrlByKeyOnSlot(PK11SlotInfo *slot, SECItem *crlKey, int type, PORT_Free(url); } -loser: if (slot) { PK11_FreeSlot(slot); } +loser: if (derCrl) { /* destroy the DER, unless a decoded CRL was returned with DER allocated on the heap. This is solely for cache purposes */ diff --git a/security/nss/lib/certdb/genname.c b/security/nss/lib/certdb/genname.c index a8dcf6dff..94cde971a 100644 --- a/security/nss/lib/certdb/genname.c +++ b/security/nss/lib/certdb/genname.c @@ -433,12 +433,12 @@ cert_DecodeGeneralNames (PRArenaPool *arena, } currentName->l.next = head; currentName->l.prev = tail; - tail = &(currentName->l); - (cert_get_prev_general_name(currentName))->l.next = tail; + tail = head->prev = tail->next = &(currentName->l); encodedGenName++; } - (cert_get_next_general_name(currentName))->l.prev = tail; - return cert_get_next_general_name(currentName); + if (currentName) { + return cert_get_next_general_name(currentName); + } loser: return NULL; } @@ -605,6 +605,7 @@ cert_DecodeNameConstraintSubTree(PRArenaPool *arena, CERTNameConstraint *next = NULL; int i = 0; + PORT_Assert(arena); while (subTree[i] != NULL) { current = cert_DecodeNameConstraint(arena, subTree[i]); if (current == NULL) { @@ -621,14 +622,6 @@ cert_DecodeNameConstraintSubTree(PRArenaPool *arena, first->l.prev = &(current->l); return first; loser: - if (first) { - current = first; - do { - next = cert_get_next_name_constraint(current); - PORT_Free(current); - current = next; - }while (current != first); - } return NULL; } @@ -842,7 +835,7 @@ CERT_AddNameConstraint(CERTNameConstraint *list, SECStatus -CERT_GetNameConstriantByType (CERTNameConstraint *constraints, +CERT_GetNameConstraintByType (CERTNameConstraint *constraints, CERTGeneralNameType type, CERTNameConstraint **returnList, PRArenaPool *arena) @@ -967,41 +960,72 @@ loser: return NULL; } +/* This function does very basic regular expression matching. +** The only wildcard character is "*", which matches any substring. +** constraint is the regular expression. name is to be tested against it. +** return SECSuccess on match, SECFailure otherwise. Does not set error. +*/ static SECStatus -compareNameToConstraint(char *name, char *constraint, PRBool substring) +compareNameToConstraint(const char *name, const char *constraint, int level) { + PRBool substring = PR_FALSE; SECStatus rv; - if (*constraint == '\0' && *name == '\0') { - return SECSuccess; + while (*name == *constraint && *constraint != '\0' && *constraint != '*') { + ++name; + ++constraint; } - if (*constraint == '*') { - return compareNameToConstraint(name, constraint + 1, PR_TRUE); + if (*constraint == '\0' && *name == '\0') + return SECSuccess; + + while (*constraint == '*') { + ++constraint; + substring = PR_TRUE; } - if (substring) { - if (*constraint == '\0') { - return SECSuccess; - } - while (*name != *constraint) { - if (*name == '\0') { - return SECFailure; - } - name++; - } - rv = compareNameToConstraint(name + 1, constraint + 1, PR_FALSE); - if (rv == SECSuccess) { - return rv; - } - name++; - } else { - if (*name == *constraint) { + + if (!substring) + return SECFailure; + + if (*constraint == '\0') + return SECSuccess; + + if (++level > 20) + return SECFailure; /* prevent stack overflow */ + + do { + while (*name != *constraint && *name != '\0') name++; - constraint++; - } else { + if (*name == '\0') return SECFailure; - } - } - return compareNameToConstraint(name, constraint, substring); + + /* recurse */ + rv = compareNameToConstraint(name + 1, constraint + 1, level); + + ++name; + } while (rv != SECSuccess); + return rv; +} + +#define compareN2C(n,c) compareNameToConstraint((n),(c),0) + +/* This isn't right for items containing UCS2 or UCS4. +** Those should be converted to UTF8 rather than merely strncpy'ed. +** But it's not clear that we can tell what the encoding is here. +*/ +static char * +secItem2String(PLArenaPool *arena, SECItem *item) +{ + char * cPtr; + if (arena) + cPtr = PORT_ArenaAlloc(arena, item->len + 1); + else + cPtr = PORT_Alloc(item->len + 1); + if (cPtr) { + if (item->len) + PORT_Strncpy(cPtr, (char *)item->data, item->len); + cPtr[item->len] = '\0'; + } + return cPtr; } SECStatus @@ -1010,234 +1034,247 @@ cert_CompareNameWithConstraints(CERTGeneralName *name, PRBool excluded) { SECStatus rv = SECSuccess; - char *nameString = NULL; - char *constraintString = NULL; + char *nString = NULL; + char *cString = NULL; int start; int end; - int tag; - CERTRDN **nameRDNS, *nameRDN; - CERTRDN **constraintRDNS, *constraintRDN; - CERTAVA **nameAVAS, *nameAVA; - CERTAVA **constraintAVAS, *constraintAVA; + CERTRDN **nRDNs, *nRDN; + CERTAVA **nAVAs, *nAVA; CERTNameConstraint *current; - SECItem *avaValue; - CERTName constraintName; CERTName certName; SECComparison status = SECEqual; - PRArenaPool *certNameArena; - PRArenaPool *constraintNameArena; + PRArenaPool *nArena; + + if (!constraints) + return SECSuccess; + + nArena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); + if (!nArena) + return SECFailure; certName.arena = NULL; - certName.rdns = NULL; - constraintName.arena = NULL; - constraintName.rdns = NULL; - if (constraints != NULL) { - current = constraints; - if (name->type == certDirectoryName) { - certNameArena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - CERT_CopyName(certNameArena, &certName, &name->name.directoryName); - nameRDNS = certName.rdns; - for (;;) { - nameRDN = *nameRDNS++; - nameAVAS = nameRDN->avas; - for(;;) { - nameAVA = *nameAVAS++; - tag = CERT_GetAVATag(nameAVA); - if ( tag == SEC_OID_PKCS9_EMAIL_ADDRESS || - tag == SEC_OID_RFC1274_MAIL) { - avaValue = CERT_DecodeAVAValue(&nameAVA->value); - nameString = (char*)PORT_ZAlloc(avaValue->len + 1); - nameString = PORT_Strncpy(nameString, (char *) avaValue->data, avaValue->len); - start = 0; - while(nameString[start] != '@' && nameString[start + 1] != '\0') { - start++; - } + certName.rdns = NULL; + + /* Phase 1. If the name is a Directory Name, look through all the + ** AVAs in all the RDNs for any that are email addresses. + ** Subject all email addresses to all RFC822 email address constraints. + */ + if (name->type == certDirectoryName) { + rv = CERT_CopyName(nArena, &certName, &name->name.directoryName); + if (rv != SECSuccess) + goto loser; + nRDNs = certName.rdns; + while (nRDNs && *nRDNs) { /* loop over RDNs */ + nRDN = *nRDNs++; + nAVAs = nRDN->avas; + while (nAVAs && *nAVAs) { /* loop over AVAs */ + int tag; + nAVA = *nAVAs++; + tag = CERT_GetAVATag(nAVA); + if ( tag == SEC_OID_PKCS9_EMAIL_ADDRESS || + tag == SEC_OID_RFC1274_MAIL) { /* email AVA */ + SECItem *avaValue; + avaValue = CERT_DecodeAVAValue(&nAVA->value); + if (!avaValue) + goto loser; + nString = secItem2String(nArena, avaValue); + SECITEM_FreeItem(avaValue, PR_TRUE); + if (!nString) + goto loser; + start = 0; + while (nString[start] != '@' && nString[start] != '\0') { + start++; + } + if (nString[start]) start++; - do{ - if (current->name.type == certRFC822Name) { - constraintString = (char*)PORT_ZAlloc(current->name.name.other.len + 1); - constraintString = PORT_Strncpy(constraintString, - (char *) current->name.name.other.data, - current->name.name.other.len); - rv = compareNameToConstraint(nameString + start, constraintString, - PR_FALSE); - - if (constraintString != NULL) { - PORT_Free(constraintString); - constraintString = NULL; - } - if (nameString != NULL) { - PORT_Free(nameString); - nameString = NULL; - } - if (rv == SECSuccess && excluded == PR_TRUE) { + current = constraints; + do { /* loop over constraints */ + if (current->name.type == certRFC822Name) { + cString = + secItem2String(nArena, ¤t->name.name.other); + if (!cString) + goto loser; + rv = compareN2C(nString + start, cString); + if (rv == SECSuccess) { + if (excluded) goto found; - } - if (rv == SECSuccess && excluded == PR_FALSE) { - break; - } + break; /* out of loop over constraints. */ } - current = cert_get_next_name_constraint(current); - } while (current != constraints); - } - if (rv != SECSuccess && excluded == PR_FALSE) { - goto loser; - } - if (*nameAVAS == NULL) { - break; - } - } - if (*nameRDNS == NULL) { - break; + } /* email address constraint */ + current = cert_get_next_name_constraint(current); + } while (current != constraints); /*loop over constraints*/ + } /* handle one email AVA */ + if (rv != SECSuccess && excluded == PR_FALSE) { + goto no_match; } } - } - current = constraints; - do { - switch (name->type) { - case certDNSName: - nameString = (char*)PORT_ZAlloc(name->name.other.len + 1); - nameString = PORT_Strncpy(nameString, (char *) name->name.other.data, - name->name.other.len); - constraintString = (char*)PORT_ZAlloc(current->name.name.other.len + 1); - constraintString = PORT_Strncpy(constraintString, - (char *) current->name.name.other.data, - current->name.name.other.len); - rv = compareNameToConstraint(nameString, constraintString, PR_FALSE); - if (nameString != NULL) { - PORT_Free(nameString); - } - if (constraintString != NULL) { - PORT_Free(constraintString); - } - break; - case certRFC822Name: - nameString = (char*)PORT_ZAlloc(name->name.other.len + 1); - nameString = PORT_Strncpy(nameString, (char *) name->name.other.data, - name->name.other.len); - start = 0; - while(nameString[start] != '@' && nameString[start + 1] != '\0') { - start++; - } + } /* loop over RDNs */ + } /* name->type == certDirectoryName */ + + /* Phase 2. loop over all constratints for this name. */ + current = constraints; + do { + switch (name->type) { + + case certDNSName: + PORT_Assert(name->type == current->name.type); + nString = secItem2String(nArena, &name->name.other); + if (!nString) + goto loser; + cString = secItem2String(nArena, ¤t->name.name.other); + if (!cString) + goto loser; + rv = compareN2C(nString, cString); + break; + + case certRFC822Name: + PORT_Assert(name->type == current->name.type); + nString = secItem2String(nArena, &name->name.other); + if (!nString) + goto loser; + start = 0; + while (nString[start] != '@' && + nString[start] != '\0') { start++; - constraintString = (char*)PORT_ZAlloc(current->name.name.other.len + 1); - constraintString = PORT_Strncpy(constraintString, - (char *) current->name.name.other.data, - current->name.name.other.len); - rv = compareNameToConstraint(nameString + start, constraintString, PR_FALSE); - if (nameString != NULL) { - PORT_Free(nameString); - } - if (constraintString != NULL) { - PORT_Free(constraintString); - } - break; - case certURI: - nameString = (char*)PORT_ZAlloc(name->name.other.len + 1); - nameString = PORT_Strncpy(nameString, (char *) name->name.other.data, - name->name.other.len); - start = 0; - while(PORT_Strncmp(nameString + start, "://", 3) != 0 && - nameString[start + 3] != '\0') { - start++; - } + } + if (nString[start]) + start++; + cString = secItem2String(nArena, ¤t->name.name.other); + if (!cString) + goto loser; + rv = compareN2C(nString + start, cString); + break; + + case certURI: + PORT_Assert(name->type == current->name.type); + nString = secItem2String(nArena, &name->name.other); + if (!nString) + goto loser; + /* XXX This URI hostname parsing is wrong because it doesn't + ** handle user name and password strings that can come + ** before the host name. + */ + start = 0; + while(nString[start] != 0 && + PORT_Strncmp(nString + start, "://", 3) != 0 ) { + start++; + } + if (nString[start]) start +=3; - end = 0; - while(nameString[start + end] != '/' && - nameString[start + end] != '\0') { - end++; - } - nameString[start + end] = '\0'; - constraintString = (char*)PORT_ZAlloc(current->name.name.other.len + 1); - constraintString = PORT_Strncpy(constraintString, - (char *) current->name.name.other.data, - current->name.name.other.len); - rv = compareNameToConstraint(nameString + start, constraintString, PR_FALSE); - if (nameString != NULL) { - PORT_Free(nameString); - } - if (constraintString != NULL) { - PORT_Free(constraintString); + end = 0; + while(nString[start + end] != '/' && + nString[start + end] != ':' && + nString[start + end] != '\0') { + end++; + } + nString[start + end] = '\0'; + cString = secItem2String(nArena, ¤t->name.name.other); + if (!cString) + goto loser; + rv = compareN2C(nString + start, cString); + break; + + case certDirectoryName: + PORT_Assert(current->name.type == certDirectoryName || \ + current->name.type == certRFC822Name); + if (current->name.type == certRFC822Name) + goto next_constraint; /* already handled in phase 1. */ + if (current->name.type == certDirectoryName) { + PRArenaPool *cArena; + CERTRDN **cRDNs, *cRDN; + CERTAVA **cAVAs, *cAVA; + CERTName constraintName; + + constraintName.arena = NULL; + constraintName.rdns = NULL; + + cArena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); + if (!cArena) + goto loser; + rv = CERT_CopyName(cArena, &constraintName, + ¤t->name.name.directoryName); + if (rv != SECSuccess) { + PORT_FreeArena(cArena, PR_FALSE); + goto loser; } - break; - case certDirectoryName: - if (current->name.type == certDirectoryName) { - constraintNameArena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - CERT_CopyName(constraintNameArena, &constraintName, ¤t->name.name.directoryName); - constraintRDNS = constraintName.rdns; - for (;;) { - constraintRDN = *constraintRDNS++; - constraintAVAS = constraintRDN->avas; - for(;;) { - constraintAVA = *constraintAVAS++; - certNameArena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - CERT_CopyName(certNameArena, &certName, &name->name.directoryName); - nameRDNS = certName.rdns; - for (;;) { - nameRDN = *nameRDNS++; - nameAVAS = nameRDN->avas++; - for(;;) { - nameAVA = *nameAVAS++; - status = CERT_CompareAVA(constraintAVA, nameAVA); - if (status == SECEqual || *nameAVAS == NULL) { - break; - } - } - if (status == SECEqual || *nameRDNS == NULL) { + cRDNs = constraintName.rdns; + while (cRDNs && *cRDNs) { /* loop over constraint RDNs */ + cRDN = *cRDNs++; + cAVAs = cRDN->avas; + while (cAVAs && *cAVAs) { /* loop over constraint AVAs */ + cAVA = *cAVAs++; + + /* certName was initialized in Phase 1. */ + PORT_Assert(certName.arena != NULL); + + nRDNs = certName.rdns; + while (nRDNs && *nRDNs) { /* loop over name RDNs */ + nRDN = *nRDNs++; + nAVAs = nRDN->avas; + while (nAVAs && *nAVAs) { /* loop over name AVAs */ + nAVA = *nAVAs++; + status = CERT_CompareAVA(cAVA, nAVA); + if (status == SECEqual) break; - } - } - if (status != SECEqual || *constraintAVAS == NULL) { + } /* loop over name AVAs */ + if (status == SECEqual) break; - } - } - if (status != SECEqual || *constraintRDNS == NULL) { + } /* loop over name RDNs */ + if (status != SECEqual) break; - } - } - if (status == SECEqual) { - if (excluded == PR_FALSE) { - goto found; - } else { - goto loser; - } - } - break; - } else if (current->name.type == certRFC822Name) { - current = cert_get_next_name_constraint(current); - continue; - } - default: - /* other types are not supported */ - if (excluded) { - goto found; - } else { - goto loser; + } /* loop over AVAs in constraint */ + if (status != SECEqual) + break; + } /* loop over RDNs in constraint */ + PORT_FreeArena(cArena, PR_FALSE); + if (status == SECEqual) { + if (!excluded) + goto found; + goto no_match; } + break; } - if (rv == SECSuccess && status == SECEqual) { - goto found; - } - current = cert_get_next_name_constraint(current); - } while (current !=constraints); - } else { - goto found; - } -loser: - if (certName.arena) { - CERT_DestroyName(&certName); - } - if (constraintName.arena) { - CERT_DestroyName(&constraintName); - } + goto loser; +#ifdef NOTYET + case certOtherName: /* type 1 */ + case certX400Address: /* type 4 */ + case certEDIPartyName: /* type 6 */ + case certIPAddress: /* type 8 */ + case certRegisterID: /* type 9 */ + PORT_Assert(name->type == current->name.type); + if (name->type == current->name.type && + name->name.other.len == current->name.name.other.len && + !memcmp(name->name.other.data, current->name.name.other.data, + name->name.other.len)) + rv = SECSuccess; + else + rv = SECFailure; + break; +#endif + default: + /* non-standard types are not supported */ + goto loser; + } + if (rv == SECSuccess && status == SECEqual) { + goto found; + } +next_constraint: + current = cert_get_next_name_constraint(current); + } while (current !=constraints); + +no_match: + if (nArena) + PORT_FreeArena(nArena, PR_FALSE); return SECFailure; + +loser: + if (nArena) + PORT_FreeArena(nArena, PR_FALSE); + return excluded ? SECSuccess : SECFailure; + found: - if (certName.arena) { - CERT_DestroyName(&certName); - } - if (constraintName.arena) { - CERT_DestroyName(&constraintName); - } + if (nArena) + PORT_FreeArena(nArena, PR_FALSE); return SECSuccess; } @@ -1268,7 +1305,7 @@ CERT_CompareNameSpace(CERTCertificate *cert, } do { if (constraints->excluded != NULL) { - rv = CERT_GetNameConstriantByType(constraints->excluded, currentName->type, + rv = CERT_GetNameConstraintByType(constraints->excluded, currentName->type, &matchingConstraints, arena); if (rv != SECSuccess) { goto loser; @@ -1282,7 +1319,7 @@ CERT_CompareNameSpace(CERTCertificate *cert, } } if (constraints->permited != NULL) { - rv = CERT_GetNameConstriantByType(constraints->permited, currentName->type, + rv = CERT_GetNameConstraintByType(constraints->permited, currentName->type, &matchingConstraints, arena); if (rv != SECSuccess) { goto loser; diff --git a/security/nss/lib/certdb/secname.c b/security/nss/lib/certdb/secname.c index a508dcb44..63f279bce 100644 --- a/security/nss/lib/certdb/secname.c +++ b/security/nss/lib/certdb/secname.c @@ -67,8 +67,8 @@ CountArray(void **array) return count; } -static void -**AddToArray(PRArenaPool *arena, void **array, void *element) +static void ** +AddToArray(PRArenaPool *arena, void **array, void *element) { unsigned count; void **ap; @@ -96,35 +96,6 @@ static void return array; } -#if 0 -static void -**RemoveFromArray(void **array, void *element) -{ - unsigned count; - void **ap; - int slot; - - /* Look for element */ - ap = array; - if (ap) { - count = 1; /* count the null at the end */ - slot = -1; - for (; *ap; ap++, count++) { - if (*ap == element) { - /* Found it */ - slot = ap - array; - } - } - if (slot >= 0) { - /* Found it. Squish array down */ - PORT_Memmove((void*) (array + slot), (void*) (array + slot + 1), - (count - slot - 1) * sizeof(void*)); - /* Don't bother reallocing the memory */ - } - } - return array; -} -#endif /* 0 */ SECOidTag CERT_GetAVATag(CERTAVA *ava) @@ -217,6 +188,7 @@ SetupAVAValue(PRArenaPool *arena, int valueType, char *value, SECItem *it, case SEC_ASN1_PRINTABLE_STRING: case SEC_ASN1_IA5_STRING: case SEC_ASN1_T61_STRING: + case SEC_ASN1_UTF8_STRING: /* no conversion required */ valueLen = PORT_Strlen(value); break; case SEC_ASN1_UNIVERSAL_STRING: @@ -357,17 +329,27 @@ SECStatus CERT_CopyRDN(PRArenaPool *arena, CERTRDN *to, CERTRDN *from) { CERTAVA **avas, *fava, *tava; - SECStatus rv; + SECStatus rv = SECSuccess; /* Copy each ava from from */ avas = from->avas; - while ((fava = *avas++) != 0) { - tava = CERT_CopyAVA(arena, fava); - if (!tava) return SECFailure; - rv = CERT_AddAVA(arena, to, tava); - if (rv) return rv; + if (avas) { + if (avas[0] == NULL) { + rv = CERT_AddAVA(arena, to, NULL); + return rv; + } + while ((fava = *avas++) != 0) { + tava = CERT_CopyAVA(arena, fava); + if (!tava) { + rv = SECFailure; + break; + } + rv = CERT_AddAVA(arena, to, tava); + if (rv != SECSuccess) + break; + } } - return SECSuccess; + return rv; } /************************************************************************/ @@ -460,27 +442,38 @@ SECStatus CERT_CopyName(PRArenaPool *arena, CERTName *to, CERTName *from) { CERTRDN **rdns, *frdn, *trdn; - SECStatus rv; + SECStatus rv = SECSuccess; - if (!to || !from) + if (!to || !from) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; + } CERT_DestroyName(to); to->arena = arena; /* Copy each rdn from from */ rdns = from->rdns; - while ((frdn = *rdns++) != 0) { - trdn = CERT_CreateRDN(arena, 0); - if ( trdn == NULL ) { - return(SECFailure); + if (rdns) { + if (rdns[0] == NULL) { + rv = CERT_AddRDN(to, NULL); + return rv; + } + while ((frdn = *rdns++) != NULL) { + trdn = CERT_CreateRDN(arena, 0); + if (!trdn) { + rv = SECFailure; + break; + } + rv = CERT_CopyRDN(arena, trdn, frdn); + if (rv != SECSuccess) + break; + rv = CERT_AddRDN(to, trdn); + if (rv != SECSuccess) + break; } - rv = CERT_CopyRDN(arena, trdn, frdn); - if (rv) return rv; - rv = CERT_AddRDN(to, trdn); - if (rv) return rv; } - return SECSuccess; + return rv; } /************************************************************************/ diff --git a/security/nss/lib/certdb/xconst.c b/security/nss/lib/certdb/xconst.c index d86483098..6bd95ba22 100644 --- a/security/nss/lib/certdb/xconst.c +++ b/security/nss/lib/certdb/xconst.c @@ -176,7 +176,7 @@ CERT_DecodeAltNameExtension(PRArenaPool *arena, SECItem *EncodedAltName) if (rv == SECFailure) { goto loser; } - if (encodedContext.encodedGenName) + if (encodedContext.encodedGenName && encodedContext.encodedGenName[0]) return cert_DecodeGeneralNames(arena, encodedContext.encodedGenName); /* Extension contained an empty GeneralNames sequence */ /* Treat as extension not found */ diff --git a/security/nss/lib/certhigh/certvfy.c b/security/nss/lib/certhigh/certvfy.c index 2aaad95e8..87ef671ef 100644 --- a/security/nss/lib/certhigh/certvfy.c +++ b/security/nss/lib/certhigh/certvfy.c @@ -1265,7 +1265,7 @@ CERT_VerifyCertificate(CERTCertDBHandle *handle, CERTCertificate *cert, } /* check key usage and netscape cert type */ - CERT_GetCertType(cert); + cert_GetCertType(cert); certType = cert->nsCertType; for (i=1;i<=certificateUsageHighest && !(SECFailure == valid && !returnedUsages) ;) { @@ -1487,7 +1487,7 @@ CERT_VerifyCert(CERTCertDBHandle *handle, CERTCertificate *cert, } /* check key usage and netscape cert type */ - CERT_GetCertType(cert); + cert_GetCertType(cert); certType = cert->nsCertType; switch ( certUsage ) { case certUsageSSLClient: diff --git a/security/nss/lib/ckfw/builtins/Makefile b/security/nss/lib/ckfw/builtins/Makefile index 7c392f2c9..164e0c369 100644 --- a/security/nss/lib/ckfw/builtins/Makefile +++ b/security/nss/lib/ckfw/builtins/Makefile @@ -44,10 +44,22 @@ EXTRA_LIBS = \ # can't do this in manifest.mn because OS_TARGET isn't defined there. ifeq (,$(filter-out WIN%,$(OS_TARGET))) +# Link with the real NSPR DLLs for MinGW because the NSPR stubs in +# nsprstub.c can't resolve the references to the _imp__PR_XXX symbols. +# This is merely an expedient hack and not the right solution. +ifdef NS_USE_GCC +EXTRA_LIBS += \ + -L$(DIST)/lib \ + -lplc4 \ + -lplds4 \ + -lnspr4 \ + $(NULL) +else EXTRA_LIBS += \ $(DIST)/lib/$(NSPR31_LIB_PREFIX)plc4_s.lib \ $(DIST)/lib/$(NSPR31_LIB_PREFIX)plds4_s.lib \ $(NULL) +endif else diff --git a/security/nss/lib/ckfw/builtins/certdata.c b/security/nss/lib/ckfw/builtins/certdata.c index 90b8de68c..7e86bab81 100644 --- a/security/nss/lib/ckfw/builtins/certdata.c +++ b/security/nss/lib/ckfw/builtins/certdata.c @@ -39,15 +39,15 @@ static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$""; @(#) $R #include "builtins.h" #endif /* BUILTINS_H */ -static const CK_OBJECT_CLASS cko_netscape_trust = CKO_NETSCAPE_TRUST; +static const CK_OBJECT_CLASS cko_certificate = CKO_CERTIFICATE; +static const CK_CERTIFICATE_TYPE ckc_x_509 = CKC_X_509; +static const CK_BBOOL ck_false = CK_FALSE; static const CK_TRUST ckt_netscape_valid = CKT_NETSCAPE_VALID; -static const CK_OBJECT_CLASS cko_netscape_builtin_root_list = CKO_NETSCAPE_BUILTIN_ROOT_LIST; static const CK_TRUST ckt_netscape_trusted_delegator = CKT_NETSCAPE_TRUSTED_DELEGATOR; -static const CK_CERTIFICATE_TYPE ckc_x_509 = CKC_X_509; static const CK_OBJECT_CLASS cko_data = CKO_DATA; -static const CK_BBOOL ck_false = CK_FALSE; static const CK_BBOOL ck_true = CK_TRUE; -static const CK_OBJECT_CLASS cko_certificate = CKO_CERTIFICATE; +static const CK_OBJECT_CLASS cko_netscape_builtin_root_list = CKO_NETSCAPE_BUILTIN_ROOT_LIST; +static const CK_OBJECT_CLASS cko_netscape_trust = CKO_NETSCAPE_TRUST; #ifdef DEBUG static const CK_ATTRIBUTE_TYPE nss_builtins_types_0 [] = { CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_APPLICATION, CKA_VALUE @@ -440,24 +440,6 @@ static const CK_ATTRIBUTE_TYPE nss_builtins_types_128 [] = { static const CK_ATTRIBUTE_TYPE nss_builtins_types_129 [] = { CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING }; -static const CK_ATTRIBUTE_TYPE nss_builtins_types_130 [] = { - CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE -}; -static const CK_ATTRIBUTE_TYPE nss_builtins_types_131 [] = { - CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING -}; -static const CK_ATTRIBUTE_TYPE nss_builtins_types_132 [] = { - CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE -}; -static const CK_ATTRIBUTE_TYPE nss_builtins_types_133 [] = { - CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING -}; -static const CK_ATTRIBUTE_TYPE nss_builtins_types_134 [] = { - CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE -}; -static const CK_ATTRIBUTE_TYPE nss_builtins_types_135 [] = { - CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING -}; #ifdef DEBUG static const NSSItem nss_builtins_items_0 [] = { { (void *)&cko_data, (PRUint32)sizeof(CK_OBJECT_CLASS) }, @@ -466,7 +448,7 @@ static const NSSItem nss_builtins_items_0 [] = { { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, { (void *)"CVS ID", (PRUint32)7 }, { (void *)"NSS", (PRUint32)4 }, - { (void *)"@(#) $RCSfile$ $Revision$ $Date$ $Name$""; @(#) $RCSfile$ $Revision$ $Date$ $Name$", (PRUint32)179 } + { (void *)"@(#) $RCSfile$ $Revision$ $Date$ $Name$""; @(#) $RCSfile$ $Revision$ $Date$ $Name$", (PRUint32)184 } }; #endif /* DEBUG */ static const NSSItem nss_builtins_items_1 [] = { @@ -4244,239 +4226,6 @@ static const NSSItem nss_builtins_items_66 [] = { { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, - { (void *)"ValiCert OCSP Responder", (PRUint32)24 }, - { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) }, - { (void *)"\060\201\262\061\044\060\042\006\003\125\004\007\023\033\126\141" -"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157" -"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125" -"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156" -"\143\056\061\054\060\052\006\003\125\004\013\023\043\103\154\141" -"\163\163\040\061\040\126\141\154\151\144\141\164\151\157\156\040" -"\101\165\164\150\157\162\151\164\171\040\055\040\117\103\123\120" -"\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160\072" -"\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056\156" -"\145\164\057\061\040\060\036\006\011\052\206\110\206\367\015\001" -"\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145\162" -"\164\056\143\157\155" -, (PRUint32)181 }, - { (void *)"0", (PRUint32)2 }, - { (void *)"\060\201\262\061\044\060\042\006\003\125\004\007\023\033\126\141" -"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157" -"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125" -"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156" -"\143\056\061\054\060\052\006\003\125\004\013\023\043\103\154\141" -"\163\163\040\061\040\126\141\154\151\144\141\164\151\157\156\040" -"\101\165\164\150\157\162\151\164\171\040\055\040\117\103\123\120" -"\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160\072" -"\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056\156" -"\145\164\057\061\040\060\036\006\011\052\206\110\206\367\015\001" -"\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145\162" -"\164\056\143\157\155" -, (PRUint32)181 }, - { (void *)"\002\001\001" -, (PRUint32)3 }, - { (void *)"\060\202\003\110\060\202\002\261\240\003\002\001\002\002\001\001" -"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060" -"\201\262\061\044\060\042\006\003\125\004\007\023\033\126\141\154" -"\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157\156" -"\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125\004" -"\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156\143" -"\056\061\054\060\052\006\003\125\004\013\023\043\103\154\141\163" -"\163\040\061\040\126\141\154\151\144\141\164\151\157\156\040\101" -"\165\164\150\157\162\151\164\171\040\055\040\117\103\123\120\061" -"\041\060\037\006\003\125\004\003\023\030\150\164\164\160\072\057" -"\057\167\167\167\056\166\141\154\151\143\145\162\164\056\156\145" -"\164\057\061\040\060\036\006\011\052\206\110\206\367\015\001\011" -"\001\026\021\151\156\146\157\100\166\141\154\151\143\145\162\164" -"\056\143\157\155\060\036\027\015\060\060\060\062\061\062\061\061" -"\065\060\060\065\132\027\015\060\065\060\062\061\060\061\061\065" -"\060\060\065\132\060\201\262\061\044\060\042\006\003\125\004\007" -"\023\033\126\141\154\151\103\145\162\164\040\126\141\154\151\144" -"\141\164\151\157\156\040\116\145\164\167\157\162\153\061\027\060" -"\025\006\003\125\004\012\023\016\126\141\154\151\103\145\162\164" -"\054\040\111\156\143\056\061\054\060\052\006\003\125\004\013\023" -"\043\103\154\141\163\163\040\061\040\126\141\154\151\144\141\164" -"\151\157\156\040\101\165\164\150\157\162\151\164\171\040\055\040" -"\117\103\123\120\061\041\060\037\006\003\125\004\003\023\030\150" -"\164\164\160\072\057\057\167\167\167\056\166\141\154\151\143\145" -"\162\164\056\156\145\164\057\061\040\060\036\006\011\052\206\110" -"\206\367\015\001\011\001\026\021\151\156\146\157\100\166\141\154" -"\151\143\145\162\164\056\143\157\155\060\201\237\060\015\006\011" -"\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060" -"\201\211\002\201\201\000\307\214\057\247\303\100\207\073\075\327" -"\304\232\130\024\144\012\303\010\071\142\032\317\322\353\251\361" -"\151\164\212\312\016\132\166\314\242\122\116\320\363\304\172\265" -"\370\246\034\273\243\247\244\123\207\133\215\300\000\273\325\146" -"\044\347\164\306\026\310\257\310\003\142\325\062\207\242\122\221" -"\104\224\225\250\107\103\155\245\110\234\366\114\165\325\117\142" -"\347\311\377\173\364\044\214\247\274\050\166\265\062\240\045\163" -"\267\107\057\170\370\106\371\207\024\360\167\374\012\167\350\117" -"\375\214\037\372\142\331\002\003\001\000\001\243\154\060\152\060" -"\017\006\011\053\006\001\005\005\007\060\001\005\004\002\005\000" -"\060\023\006\003\125\035\045\004\014\060\012\006\010\053\006\001" -"\005\005\007\003\011\060\013\006\003\125\035\017\004\004\003\002" -"\001\206\060\065\006\010\053\006\001\005\005\007\001\001\004\051" -"\060\047\060\045\006\010\053\006\001\005\005\007\060\001\206\031" -"\150\164\164\160\072\057\057\157\143\163\160\062\056\166\141\154" -"\151\143\145\162\164\056\156\145\164\060\015\006\011\052\206\110" -"\206\367\015\001\001\005\005\000\003\201\201\000\025\305\340\270" -"\064\162\022\006\040\250\142\225\223\321\274\223\272\220\253\334" -"\116\215\216\215\230\114\343\062\365\053\077\263\227\373\252\242" -"\255\100\227\255\150\275\134\255\123\016\320\246\263\015\254\032" -"\231\215\252\060\036\317\016\160\377\002\260\167\145\203\315\332" -"\007\134\122\315\131\273\242\310\342\264\026\203\217\324\225\171" -"\223\055\350\277\104\223\061\222\060\323\064\064\361\020\373\041" -"\254\056\364\303\135\144\143\172\231\341\232\253\102\035\110\146" -"\246\167\067\270\125\074\255\376\145\260\142\351" -, (PRUint32)844 } -}; -static const NSSItem nss_builtins_items_67 [] = { - { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, - { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, - { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, - { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, - { (void *)"ValiCert OCSP Responder", (PRUint32)24 }, - { (void *)"\133\166\261\274\342\212\360\366\161\221\205\147\046\215\021\151" -"\017\027\077\163" -, (PRUint32)20 }, - { (void *)"\325\036\040\137\321\365\035\202\127\010\122\071\035\372\212\255" -, (PRUint32)16 }, - { (void *)"\060\201\262\061\044\060\042\006\003\125\004\007\023\033\126\141" -"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157" -"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125" -"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156" -"\143\056\061\054\060\052\006\003\125\004\013\023\043\103\154\141" -"\163\163\040\061\040\126\141\154\151\144\141\164\151\157\156\040" -"\101\165\164\150\157\162\151\164\171\040\055\040\117\103\123\120" -"\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160\072" -"\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056\156" -"\145\164\057\061\040\060\036\006\011\052\206\110\206\367\015\001" -"\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145\162" -"\164\056\143\157\155" -, (PRUint32)181 }, - { (void *)"\002\001\001" -, (PRUint32)3 }, - { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, - { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, - { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } -}; -static const NSSItem nss_builtins_items_68 [] = { - { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, - { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, - { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, - { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, - { (void *)"Baltimore CyberTrust Code Signing Root", (PRUint32)39 }, - { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) }, - { (void *)"\060\147\061\013\060\011\006\003\125\004\006\023\002\111\105\061" -"\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155" -"\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171" -"\142\145\162\124\162\165\163\164\061\057\060\055\006\003\125\004" -"\003\023\046\102\141\154\164\151\155\157\162\145\040\103\171\142" -"\145\162\124\162\165\163\164\040\103\157\144\145\040\123\151\147" -"\156\151\156\147\040\122\157\157\164" -, (PRUint32)105 }, - { (void *)"0", (PRUint32)2 }, - { (void *)"\060\147\061\013\060\011\006\003\125\004\006\023\002\111\105\061" -"\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155" -"\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171" -"\142\145\162\124\162\165\163\164\061\057\060\055\006\003\125\004" -"\003\023\046\102\141\154\164\151\155\157\162\145\040\103\171\142" -"\145\162\124\162\165\163\164\040\103\157\144\145\040\123\151\147" -"\156\151\156\147\040\122\157\157\164" -, (PRUint32)105 }, - { (void *)"\002\004\002\000\000\277" -, (PRUint32)6 }, - { (void *)"\060\202\003\246\060\202\002\216\240\003\002\001\002\002\004\002" -"\000\000\277\060\015\006\011\052\206\110\206\367\015\001\001\005" -"\005\000\060\147\061\013\060\011\006\003\125\004\006\023\002\111" -"\105\061\022\060\020\006\003\125\004\012\023\011\102\141\154\164" -"\151\155\157\162\145\061\023\060\021\006\003\125\004\013\023\012" -"\103\171\142\145\162\124\162\165\163\164\061\057\060\055\006\003" -"\125\004\003\023\046\102\141\154\164\151\155\157\162\145\040\103" -"\171\142\145\162\124\162\165\163\164\040\103\157\144\145\040\123" -"\151\147\156\151\156\147\040\122\157\157\164\060\036\027\015\060" -"\060\060\065\061\067\061\064\060\061\060\060\132\027\015\062\065" -"\060\065\061\067\062\063\065\071\060\060\132\060\147\061\013\060" -"\011\006\003\125\004\006\023\002\111\105\061\022\060\020\006\003" -"\125\004\012\023\011\102\141\154\164\151\155\157\162\145\061\023" -"\060\021\006\003\125\004\013\023\012\103\171\142\145\162\124\162" -"\165\163\164\061\057\060\055\006\003\125\004\003\023\046\102\141" -"\154\164\151\155\157\162\145\040\103\171\142\145\162\124\162\165" -"\163\164\040\103\157\144\145\040\123\151\147\156\151\156\147\040" -"\122\157\157\164\060\202\001\042\060\015\006\011\052\206\110\206" -"\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012" -"\002\202\001\001\000\310\161\232\030\022\216\172\333\371\232\374" -"\101\257\330\362\364\011\216\255\077\376\147\067\074\332\311\046" -"\120\261\261\076\313\350\116\163\000\362\262\334\363\305\106\373" -"\011\357\030\226\316\247\340\234\204\135\040\016\172\240\252\066" -"\213\372\050\266\170\056\263\354\350\107\363\004\360\220\043\264" -"\352\257\345\123\270\005\367\107\135\053\206\361\247\244\306\073" -"\065\266\322\015\122\101\327\364\222\165\341\242\012\120\126\207" -"\276\227\013\173\063\205\020\271\050\030\356\063\352\110\021\327" -"\133\221\107\166\042\324\356\317\135\347\250\116\034\235\226\221" -"\335\234\275\164\011\250\162\141\252\260\041\072\361\075\054\003" -"\126\011\322\301\334\303\265\307\124\067\253\346\046\242\262\106" -"\161\163\312\021\210\356\274\347\144\367\320\021\032\163\100\132" -"\310\111\054\017\267\357\220\177\150\200\004\070\013\033\017\073" -"\324\365\240\263\302\216\341\064\264\200\231\155\236\166\324\222" -"\051\100\261\225\322\067\244\147\022\177\340\142\273\256\065\305" -"\231\066\202\104\270\346\170\030\063\141\161\223\133\055\215\237" -"\170\225\202\353\155\002\003\001\000\001\243\132\060\130\060\023" -"\006\003\125\035\045\004\014\060\012\006\010\053\006\001\005\005" -"\007\003\003\060\035\006\003\125\035\016\004\026\004\024\310\101" -"\064\134\025\025\004\345\100\362\321\253\232\157\044\222\172\207" -"\102\132\060\022\006\003\125\035\023\001\001\377\004\010\060\006" -"\001\001\377\002\001\003\060\016\006\003\125\035\017\001\001\377" -"\004\004\003\002\001\006\060\015\006\011\052\206\110\206\367\015" -"\001\001\005\005\000\003\202\001\001\000\122\164\252\225\113\042" -"\214\307\075\226\244\376\135\372\057\265\274\353\360\013\351\126" -"\070\035\321\155\015\241\274\150\213\360\305\200\245\044\064\375" -"\362\226\030\021\206\241\066\365\067\347\124\100\325\144\037\303" -"\137\160\102\153\055\071\307\236\122\005\316\347\152\162\322\215" -"\162\077\107\120\203\253\307\215\045\311\260\343\247\123\026\225" -"\246\152\123\352\030\235\217\170\251\167\167\032\371\264\227\107" -"\131\210\047\050\265\312\341\056\327\076\016\242\015\270\042\104" -"\003\343\321\143\260\101\072\241\365\244\055\367\166\036\004\124" -"\231\170\062\100\327\053\174\115\272\246\234\260\171\156\007\276" -"\214\354\356\327\070\151\133\301\014\126\150\237\376\353\321\341" -"\310\210\371\362\315\177\276\205\264\104\147\000\120\076\364\046" -"\003\144\352\167\175\350\136\076\034\067\107\310\326\352\244\363" -"\066\074\227\302\071\162\005\224\031\045\303\327\067\101\017\301" -"\037\207\212\375\252\276\351\261\144\127\344\333\222\241\317\341" -"\111\350\073\037\221\023\132\303\217\331\045\130\111\200\107\017" -"\306\003\256\254\343\277\267\300\252\052" -, (PRUint32)938 } -}; -static const NSSItem nss_builtins_items_69 [] = { - { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, - { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, - { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, - { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, - { (void *)"Baltimore CyberTrust Code Signing Root", (PRUint32)39 }, - { (void *)"\060\106\330\310\210\377\151\060\303\112\374\315\111\047\010\174" -"\140\126\173\015" -, (PRUint32)20 }, - { (void *)"\220\365\050\111\126\321\135\054\260\123\324\113\357\157\220\042" -, (PRUint32)16 }, - { (void *)"\060\147\061\013\060\011\006\003\125\004\006\023\002\111\105\061" -"\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155" -"\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171" -"\142\145\162\124\162\165\163\164\061\057\060\055\006\003\125\004" -"\003\023\046\102\141\154\164\151\155\157\162\145\040\103\171\142" -"\145\162\124\162\165\163\164\040\103\157\144\145\040\123\151\147" -"\156\151\156\147\040\122\157\157\164" -, (PRUint32)105 }, - { (void *)"\002\004\002\000\000\277" -, (PRUint32)6 }, - { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }, - { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }, - { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } -}; -static const NSSItem nss_builtins_items_70 [] = { - { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, - { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, - { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, - { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, { (void *)"Baltimore CyberTrust Root", (PRUint32)26 }, { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) }, { (void *)"\060\132\061\013\060\011\006\003\125\004\006\023\002\111\105\061" @@ -4554,7 +4303,7 @@ static const NSSItem nss_builtins_items_70 [] = { "\347\201\035\031\303\044\102\352\143\071\251" , (PRUint32)891 } }; -static const NSSItem nss_builtins_items_71 [] = { +static const NSSItem nss_builtins_items_67 [] = { { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -4578,101 +4327,7 @@ static const NSSItem nss_builtins_items_71 [] = { { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) } }; -static const NSSItem nss_builtins_items_72 [] = { - { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, - { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, - { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, - { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, - { (void *)"Baltimore CyberTrust Mobile Commerce Root", (PRUint32)42 }, - { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) }, - { (void *)"\060\141\061\013\060\011\006\003\125\004\006\023\002\111\105\061" -"\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155" -"\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171" -"\142\145\162\124\162\165\163\164\061\051\060\047\006\003\125\004" -"\003\023\040\102\141\154\164\151\155\157\162\145\040\103\171\142" -"\145\162\124\162\165\163\164\040\115\157\142\151\154\145\040\122" -"\157\157\164" -, (PRUint32)99 }, - { (void *)"0", (PRUint32)2 }, - { (void *)"\060\141\061\013\060\011\006\003\125\004\006\023\002\111\105\061" -"\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155" -"\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171" -"\142\145\162\124\162\165\163\164\061\051\060\047\006\003\125\004" -"\003\023\040\102\141\154\164\151\155\157\162\145\040\103\171\142" -"\145\162\124\162\165\163\164\040\115\157\142\151\154\145\040\122" -"\157\157\164" -, (PRUint32)99 }, - { (void *)"\002\004\002\000\000\270" -, (PRUint32)6 }, - { (void *)"\060\202\002\175\060\202\001\346\240\003\002\001\002\002\004\002" -"\000\000\270\060\015\006\011\052\206\110\206\367\015\001\001\005" -"\005\000\060\141\061\013\060\011\006\003\125\004\006\023\002\111" -"\105\061\022\060\020\006\003\125\004\012\023\011\102\141\154\164" -"\151\155\157\162\145\061\023\060\021\006\003\125\004\013\023\012" -"\103\171\142\145\162\124\162\165\163\164\061\051\060\047\006\003" -"\125\004\003\023\040\102\141\154\164\151\155\157\162\145\040\103" -"\171\142\145\162\124\162\165\163\164\040\115\157\142\151\154\145" -"\040\122\157\157\164\060\036\027\015\060\060\060\065\061\062\061" -"\070\062\060\060\060\132\027\015\062\060\060\065\061\062\062\063" -"\065\071\060\060\132\060\141\061\013\060\011\006\003\125\004\006" -"\023\002\111\105\061\022\060\020\006\003\125\004\012\023\011\102" -"\141\154\164\151\155\157\162\145\061\023\060\021\006\003\125\004" -"\013\023\012\103\171\142\145\162\124\162\165\163\164\061\051\060" -"\047\006\003\125\004\003\023\040\102\141\154\164\151\155\157\162" -"\145\040\103\171\142\145\162\124\162\165\163\164\040\115\157\142" -"\151\154\145\040\122\157\157\164\060\201\237\060\015\006\011\052" -"\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060\201" -"\211\002\201\201\000\243\155\261\070\126\254\374\265\126\041\336" -"\300\220\135\046\107\202\306\175\217\037\240\205\217\057\273\324" -"\341\034\035\362\044\037\050\260\057\271\244\245\157\242\042\040" -"\144\376\204\107\074\176\053\154\151\152\270\324\300\226\216\214" -"\122\015\315\157\101\324\277\004\256\247\201\057\055\230\110\322" -"\301\224\243\265\031\135\135\121\144\364\216\101\260\233\300\055" -"\042\240\136\306\330\132\022\143\274\021\112\136\046\022\035\342" -"\046\005\346\017\137\042\037\172\137\166\224\256\317\132\050\016" -"\253\105\332\042\061\002\003\001\000\001\243\102\060\100\060\035" -"\006\003\125\035\016\004\026\004\024\311\342\217\300\002\046\132" -"\266\300\007\343\177\224\007\030\333\056\245\232\160\060\017\006" -"\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060\016" -"\006\003\125\035\017\001\001\377\004\004\003\002\001\206\060\015" -"\006\011\052\206\110\206\367\015\001\001\005\005\000\003\201\201" -"\000\123\010\013\046\011\170\102\163\324\354\172\167\107\015\343" -"\013\063\161\357\256\063\024\115\373\372\375\032\267\121\365\344" -"\231\034\006\161\327\051\031\327\346\025\040\121\121\106\155\117" -"\336\030\111\230\320\370\170\273\161\350\215\001\006\325\327\144" -"\217\224\337\107\376\240\205\151\066\251\057\102\172\150\112\022" -"\326\213\013\160\104\012\244\004\357\046\210\301\065\161\070\135" -"\033\133\110\102\360\347\224\034\160\225\064\250\253\365\253\342" -"\170\255\365\360\122\375\233\352\102\014\350\330\124\276\123\146" -"\365" -, (PRUint32)641 } -}; -static const NSSItem nss_builtins_items_73 [] = { - { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, - { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, - { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, - { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, - { (void *)"Baltimore CyberTrust Mobile Commerce Root", (PRUint32)42 }, - { (void *)"\264\343\013\234\301\325\356\275\240\040\030\370\271\212\321\377" -"\151\267\072\161" -, (PRUint32)20 }, - { (void *)"\353\264\040\035\017\266\161\003\367\304\367\307\244\162\206\350" -, (PRUint32)16 }, - { (void *)"\060\141\061\013\060\011\006\003\125\004\006\023\002\111\105\061" -"\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155" -"\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171" -"\142\145\162\124\162\165\163\164\061\051\060\047\006\003\125\004" -"\003\023\040\102\141\154\164\151\155\157\162\145\040\103\171\142" -"\145\162\124\162\165\163\164\040\115\157\142\151\154\145\040\122" -"\157\157\164" -, (PRUint32)99 }, - { (void *)"\002\004\002\000\000\270" -, (PRUint32)6 }, - { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, - { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, - { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) } -}; -static const NSSItem nss_builtins_items_74 [] = { +static const NSSItem nss_builtins_items_68 [] = { { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -4740,7 +4395,7 @@ static const NSSItem nss_builtins_items_74 [] = { "\126\224\251\125" , (PRUint32)660 } }; -static const NSSItem nss_builtins_items_75 [] = { +static const NSSItem nss_builtins_items_69 [] = { { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -4764,7 +4419,7 @@ static const NSSItem nss_builtins_items_75 [] = { { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } }; -static const NSSItem nss_builtins_items_76 [] = { +static const NSSItem nss_builtins_items_70 [] = { { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -4831,7 +4486,7 @@ static const NSSItem nss_builtins_items_76 [] = { "\132\052\202\262\067\171" , (PRUint32)646 } }; -static const NSSItem nss_builtins_items_77 [] = { +static const NSSItem nss_builtins_items_71 [] = { { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -4855,7 +4510,7 @@ static const NSSItem nss_builtins_items_77 [] = { { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } }; -static const NSSItem nss_builtins_items_78 [] = { +static const NSSItem nss_builtins_items_72 [] = { { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -4930,7 +4585,7 @@ static const NSSItem nss_builtins_items_78 [] = { "\221\060\352\315" , (PRUint32)804 } }; -static const NSSItem nss_builtins_items_79 [] = { +static const NSSItem nss_builtins_items_73 [] = { { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -4953,7 +4608,7 @@ static const NSSItem nss_builtins_items_79 [] = { { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } }; -static const NSSItem nss_builtins_items_80 [] = { +static const NSSItem nss_builtins_items_74 [] = { { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -5038,7 +4693,7 @@ static const NSSItem nss_builtins_items_80 [] = { "\265\314\255\006" , (PRUint32)900 } }; -static const NSSItem nss_builtins_items_81 [] = { +static const NSSItem nss_builtins_items_75 [] = { { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -5063,7 +4718,7 @@ static const NSSItem nss_builtins_items_81 [] = { { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) } }; -static const NSSItem nss_builtins_items_82 [] = { +static const NSSItem nss_builtins_items_76 [] = { { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -5172,7 +4827,7 @@ static const NSSItem nss_builtins_items_82 [] = { "\043\020\077\041\020\131\267\344\100\335\046\014\043\366\252\256" , (PRUint32)1328 } }; -static const NSSItem nss_builtins_items_83 [] = { +static const NSSItem nss_builtins_items_77 [] = { { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -5196,7 +4851,7 @@ static const NSSItem nss_builtins_items_83 [] = { { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } }; -static const NSSItem nss_builtins_items_84 [] = { +static const NSSItem nss_builtins_items_78 [] = { { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -5290,7 +4945,7 @@ static const NSSItem nss_builtins_items_84 [] = { "\065\341\035\026\034\320\274\053\216\326\161\331" , (PRUint32)1052 } }; -static const NSSItem nss_builtins_items_85 [] = { +static const NSSItem nss_builtins_items_79 [] = { { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -5315,7 +4970,7 @@ static const NSSItem nss_builtins_items_85 [] = { { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) } }; -static const NSSItem nss_builtins_items_86 [] = { +static const NSSItem nss_builtins_items_80 [] = { { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -5413,7 +5068,7 @@ static const NSSItem nss_builtins_items_86 [] = { "\027\132\173\320\274\307\217\116\206\004" , (PRUint32)1082 } }; -static const NSSItem nss_builtins_items_87 [] = { +static const NSSItem nss_builtins_items_81 [] = { { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -5439,7 +5094,7 @@ static const NSSItem nss_builtins_items_87 [] = { { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } }; -static const NSSItem nss_builtins_items_88 [] = { +static const NSSItem nss_builtins_items_82 [] = { { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -5533,7 +5188,7 @@ static const NSSItem nss_builtins_items_88 [] = { "\116\072\063\014\053\263\055\220\006" , (PRUint32)1049 } }; -static const NSSItem nss_builtins_items_89 [] = { +static const NSSItem nss_builtins_items_83 [] = { { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -5559,7 +5214,7 @@ static const NSSItem nss_builtins_items_89 [] = { { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } }; -static const NSSItem nss_builtins_items_90 [] = { +static const NSSItem nss_builtins_items_84 [] = { { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -5654,7 +5309,7 @@ static const NSSItem nss_builtins_items_90 [] = { "\306\241" , (PRUint32)1058 } }; -static const NSSItem nss_builtins_items_91 [] = { +static const NSSItem nss_builtins_items_85 [] = { { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -5679,7 +5334,7 @@ static const NSSItem nss_builtins_items_91 [] = { { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } }; -static const NSSItem nss_builtins_items_92 [] = { +static const NSSItem nss_builtins_items_86 [] = { { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -5771,7 +5426,7 @@ static const NSSItem nss_builtins_items_92 [] = { "\051\303" , (PRUint32)930 } }; -static const NSSItem nss_builtins_items_93 [] = { +static const NSSItem nss_builtins_items_87 [] = { { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -5797,7 +5452,7 @@ static const NSSItem nss_builtins_items_93 [] = { { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } }; -static const NSSItem nss_builtins_items_94 [] = { +static const NSSItem nss_builtins_items_88 [] = { { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -5889,7 +5544,7 @@ static const NSSItem nss_builtins_items_94 [] = { "\064\215" , (PRUint32)930 } }; -static const NSSItem nss_builtins_items_95 [] = { +static const NSSItem nss_builtins_items_89 [] = { { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -5915,7 +5570,7 @@ static const NSSItem nss_builtins_items_95 [] = { { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } }; -static const NSSItem nss_builtins_items_96 [] = { +static const NSSItem nss_builtins_items_90 [] = { { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -6007,7 +5662,7 @@ static const NSSItem nss_builtins_items_96 [] = { "\116\101\325\226\343\116" , (PRUint32)934 } }; -static const NSSItem nss_builtins_items_97 [] = { +static const NSSItem nss_builtins_items_91 [] = { { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -6033,7 +5688,7 @@ static const NSSItem nss_builtins_items_97 [] = { { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } }; -static const NSSItem nss_builtins_items_98 [] = { +static const NSSItem nss_builtins_items_92 [] = { { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -6125,7 +5780,7 @@ static const NSSItem nss_builtins_items_98 [] = { "\316\324\357" , (PRUint32)931 } }; -static const NSSItem nss_builtins_items_99 [] = { +static const NSSItem nss_builtins_items_93 [] = { { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -6151,7 +5806,7 @@ static const NSSItem nss_builtins_items_99 [] = { { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } }; -static const NSSItem nss_builtins_items_100 [] = { +static const NSSItem nss_builtins_items_94 [] = { { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -6252,7 +5907,7 @@ static const NSSItem nss_builtins_items_100 [] = { "\024" , (PRUint32)977 } }; -static const NSSItem nss_builtins_items_101 [] = { +static const NSSItem nss_builtins_items_95 [] = { { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -6284,7 +5939,7 @@ static const NSSItem nss_builtins_items_101 [] = { { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } }; -static const NSSItem nss_builtins_items_102 [] = { +static const NSSItem nss_builtins_items_96 [] = { { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -6359,7 +6014,7 @@ static const NSSItem nss_builtins_items_102 [] = { "\011\254\211\111\323" , (PRUint32)677 } }; -static const NSSItem nss_builtins_items_103 [] = { +static const NSSItem nss_builtins_items_97 [] = { { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -6386,7 +6041,7 @@ static const NSSItem nss_builtins_items_103 [] = { { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } }; -static const NSSItem nss_builtins_items_104 [] = { +static const NSSItem nss_builtins_items_98 [] = { { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -6498,7 +6153,7 @@ static const NSSItem nss_builtins_items_104 [] = { "\005\377\154\211\063\360\354\025\017" , (PRUint32)1177 } }; -static const NSSItem nss_builtins_items_105 [] = { +static const NSSItem nss_builtins_items_99 [] = { { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -6528,7 +6183,7 @@ static const NSSItem nss_builtins_items_105 [] = { { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } }; -static const NSSItem nss_builtins_items_106 [] = { +static const NSSItem nss_builtins_items_100 [] = { { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -6639,7 +6294,7 @@ static const NSSItem nss_builtins_items_106 [] = { "\316\145\146\227\256\046\136" , (PRUint32)1159 } }; -static const NSSItem nss_builtins_items_107 [] = { +static const NSSItem nss_builtins_items_101 [] = { { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -6669,7 +6324,7 @@ static const NSSItem nss_builtins_items_107 [] = { { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } }; -static const NSSItem nss_builtins_items_108 [] = { +static const NSSItem nss_builtins_items_102 [] = { { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -6764,7 +6419,7 @@ static const NSSItem nss_builtins_items_108 [] = { "\071\050\150\016\163\335\045\232\336\022" , (PRUint32)1002 } }; -static const NSSItem nss_builtins_items_109 [] = { +static const NSSItem nss_builtins_items_103 [] = { { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -6791,7 +6446,7 @@ static const NSSItem nss_builtins_items_109 [] = { { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } }; -static const NSSItem nss_builtins_items_110 [] = { +static const NSSItem nss_builtins_items_104 [] = { { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -6918,7 +6573,7 @@ static const NSSItem nss_builtins_items_110 [] = { "\204\327\372\334\162\133\367\301\072\150" , (PRUint32)1514 } }; -static const NSSItem nss_builtins_items_111 [] = { +static const NSSItem nss_builtins_items_105 [] = { { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -6945,7 +6600,7 @@ static const NSSItem nss_builtins_items_111 [] = { { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } }; -static const NSSItem nss_builtins_items_112 [] = { +static const NSSItem nss_builtins_items_106 [] = { { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -7060,7 +6715,7 @@ static const NSSItem nss_builtins_items_112 [] = { "\061\210\027\120\237\311\304\016\213\330\250\002\143\015" , (PRUint32)1390 } }; -static const NSSItem nss_builtins_items_113 [] = { +static const NSSItem nss_builtins_items_107 [] = { { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -7085,7 +6740,7 @@ static const NSSItem nss_builtins_items_113 [] = { { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } }; -static const NSSItem nss_builtins_items_114 [] = { +static const NSSItem nss_builtins_items_108 [] = { { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -7215,7 +6870,7 @@ static const NSSItem nss_builtins_items_114 [] = { "\254\142\127\251\367" , (PRUint32)1621 } }; -static const NSSItem nss_builtins_items_115 [] = { +static const NSSItem nss_builtins_items_109 [] = { { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -7240,7 +6895,7 @@ static const NSSItem nss_builtins_items_115 [] = { { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } }; -static const NSSItem nss_builtins_items_116 [] = { +static const NSSItem nss_builtins_items_110 [] = { { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -7356,7 +7011,7 @@ static const NSSItem nss_builtins_items_116 [] = { "\230\150\373\001\103\326\033\342\011\261\227\034" , (PRUint32)1388 } }; -static const NSSItem nss_builtins_items_117 [] = { +static const NSSItem nss_builtins_items_111 [] = { { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -7382,7 +7037,7 @@ static const NSSItem nss_builtins_items_117 [] = { { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } }; -static const NSSItem nss_builtins_items_118 [] = { +static const NSSItem nss_builtins_items_112 [] = { { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -7460,7 +7115,7 @@ static const NSSItem nss_builtins_items_118 [] = { "\354\040\005\141\336" , (PRUint32)869 } }; -static const NSSItem nss_builtins_items_119 [] = { +static const NSSItem nss_builtins_items_113 [] = { { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -7483,7 +7138,7 @@ static const NSSItem nss_builtins_items_119 [] = { { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } }; -static const NSSItem nss_builtins_items_120 [] = { +static const NSSItem nss_builtins_items_114 [] = { { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -7544,7 +7199,7 @@ static const NSSItem nss_builtins_items_120 [] = { "\215\210\043\361\025\101\015\245\106\076\221\077\213\353\367\161" , (PRUint32)608 } }; -static const NSSItem nss_builtins_items_121 [] = { +static const NSSItem nss_builtins_items_115 [] = { { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -7567,7 +7222,7 @@ static const NSSItem nss_builtins_items_121 [] = { { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } }; -static const NSSItem nss_builtins_items_122 [] = { +static const NSSItem nss_builtins_items_116 [] = { { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -7645,7 +7300,7 @@ static const NSSItem nss_builtins_items_122 [] = { "\302\005\146\200\241\313\346\063" , (PRUint32)856 } }; -static const NSSItem nss_builtins_items_123 [] = { +static const NSSItem nss_builtins_items_117 [] = { { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -7668,7 +7323,7 @@ static const NSSItem nss_builtins_items_123 [] = { { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } }; -static const NSSItem nss_builtins_items_124 [] = { +static const NSSItem nss_builtins_items_118 [] = { { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -7776,7 +7431,7 @@ static const NSSItem nss_builtins_items_124 [] = { "\152\372\246\070\254\037\304\204" , (PRUint32)1128 } }; -static const NSSItem nss_builtins_items_125 [] = { +static const NSSItem nss_builtins_items_119 [] = { { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -7806,7 +7461,7 @@ static const NSSItem nss_builtins_items_125 [] = { { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } }; -static const NSSItem nss_builtins_items_126 [] = { +static const NSSItem nss_builtins_items_120 [] = { { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -7893,7 +7548,7 @@ static const NSSItem nss_builtins_items_126 [] = { "\200\072\231\355\165\314\106\173" , (PRUint32)936 } }; -static const NSSItem nss_builtins_items_127 [] = { +static const NSSItem nss_builtins_items_121 [] = { { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -7918,7 +7573,7 @@ static const NSSItem nss_builtins_items_127 [] = { { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } }; -static const NSSItem nss_builtins_items_128 [] = { +static const NSSItem nss_builtins_items_122 [] = { { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -8037,7 +7692,7 @@ static const NSSItem nss_builtins_items_128 [] = { "\105\217\046\221\242\216\376\251" , (PRUint32)1448 } }; -static const NSSItem nss_builtins_items_129 [] = { +static const NSSItem nss_builtins_items_123 [] = { { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -8062,7 +7717,7 @@ static const NSSItem nss_builtins_items_129 [] = { { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } }; -static const NSSItem nss_builtins_items_130 [] = { +static const NSSItem nss_builtins_items_124 [] = { { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -8150,7 +7805,7 @@ static const NSSItem nss_builtins_items_130 [] = { "\222\340\134\366\007\017" , (PRUint32)934 } }; -static const NSSItem nss_builtins_items_131 [] = { +static const NSSItem nss_builtins_items_125 [] = { { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -8176,7 +7831,7 @@ static const NSSItem nss_builtins_items_131 [] = { { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } }; -static const NSSItem nss_builtins_items_132 [] = { +static const NSSItem nss_builtins_items_126 [] = { { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -8268,7 +7923,7 @@ static const NSSItem nss_builtins_items_132 [] = { "\367\115\146\177\247\360\034\001\046\170\262\146\107\160\121\144" , (PRUint32)864 } }; -static const NSSItem nss_builtins_items_133 [] = { +static const NSSItem nss_builtins_items_127 [] = { { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -8298,7 +7953,7 @@ static const NSSItem nss_builtins_items_133 [] = { { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }, { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) } }; -static const NSSItem nss_builtins_items_134 [] = { +static const NSSItem nss_builtins_items_128 [] = { { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -8390,7 +8045,7 @@ static const NSSItem nss_builtins_items_134 [] = { "\030\122\051\213\107\064\022\011\324\273\222\065\357\017\333\064" , (PRUint32)864 } }; -static const NSSItem nss_builtins_items_135 [] = { +static const NSSItem nss_builtins_items_129 [] = { { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) }, { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, @@ -8554,17 +8209,11 @@ nss_builtins_data[] = { { 11, nss_builtins_types_126, nss_builtins_items_126, {NULL} }, { 12, nss_builtins_types_127, nss_builtins_items_127, {NULL} }, { 11, nss_builtins_types_128, nss_builtins_items_128, {NULL} }, - { 12, nss_builtins_types_129, nss_builtins_items_129, {NULL} }, - { 11, nss_builtins_types_130, nss_builtins_items_130, {NULL} }, - { 12, nss_builtins_types_131, nss_builtins_items_131, {NULL} }, - { 11, nss_builtins_types_132, nss_builtins_items_132, {NULL} }, - { 12, nss_builtins_types_133, nss_builtins_items_133, {NULL} }, - { 11, nss_builtins_types_134, nss_builtins_items_134, {NULL} }, - { 12, nss_builtins_types_135, nss_builtins_items_135, {NULL} } + { 12, nss_builtins_types_129, nss_builtins_items_129, {NULL} } }; PR_IMPLEMENT_DATA(const PRUint32) #ifdef DEBUG - nss_builtins_nObjects = 135+1; + nss_builtins_nObjects = 129+1; #else - nss_builtins_nObjects = 135; + nss_builtins_nObjects = 129; #endif /* DEBUG */ diff --git a/security/nss/lib/ckfw/builtins/certdata.txt b/security/nss/lib/ckfw/builtins/certdata.txt index 3e28a3c6d..f4f9566b4 100644 --- a/security/nss/lib/ckfw/builtins/certdata.txt +++ b/security/nss/lib/ckfw/builtins/certdata.txt @@ -4181,259 +4181,6 @@ CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR # -# Certificate "ValiCert OCSP Responder" -# -CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE -CKA_TOKEN CK_BBOOL CK_TRUE -CKA_PRIVATE CK_BBOOL CK_FALSE -CKA_MODIFIABLE CK_BBOOL CK_FALSE -CKA_LABEL UTF8 "ValiCert OCSP Responder" -CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509 -CKA_SUBJECT MULTILINE_OCTAL -\060\201\262\061\044\060\042\006\003\125\004\007\023\033\126\141 -\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157 -\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125 -\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156 -\143\056\061\054\060\052\006\003\125\004\013\023\043\103\154\141 -\163\163\040\061\040\126\141\154\151\144\141\164\151\157\156\040 -\101\165\164\150\157\162\151\164\171\040\055\040\117\103\123\120 -\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160\072 -\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056\156 -\145\164\057\061\040\060\036\006\011\052\206\110\206\367\015\001 -\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145\162 -\164\056\143\157\155 -END -CKA_ID UTF8 "0" -CKA_ISSUER MULTILINE_OCTAL -\060\201\262\061\044\060\042\006\003\125\004\007\023\033\126\141 -\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157 -\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125 -\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156 -\143\056\061\054\060\052\006\003\125\004\013\023\043\103\154\141 -\163\163\040\061\040\126\141\154\151\144\141\164\151\157\156\040 -\101\165\164\150\157\162\151\164\171\040\055\040\117\103\123\120 -\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160\072 -\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056\156 -\145\164\057\061\040\060\036\006\011\052\206\110\206\367\015\001 -\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145\162 -\164\056\143\157\155 -END -CKA_SERIAL_NUMBER MULTILINE_OCTAL -\002\001\001 -END -CKA_VALUE MULTILINE_OCTAL -\060\202\003\110\060\202\002\261\240\003\002\001\002\002\001\001 -\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060 -\201\262\061\044\060\042\006\003\125\004\007\023\033\126\141\154 -\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157\156 -\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125\004 -\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156\143 -\056\061\054\060\052\006\003\125\004\013\023\043\103\154\141\163 -\163\040\061\040\126\141\154\151\144\141\164\151\157\156\040\101 -\165\164\150\157\162\151\164\171\040\055\040\117\103\123\120\061 -\041\060\037\006\003\125\004\003\023\030\150\164\164\160\072\057 -\057\167\167\167\056\166\141\154\151\143\145\162\164\056\156\145 -\164\057\061\040\060\036\006\011\052\206\110\206\367\015\001\011 -\001\026\021\151\156\146\157\100\166\141\154\151\143\145\162\164 -\056\143\157\155\060\036\027\015\060\060\060\062\061\062\061\061 -\065\060\060\065\132\027\015\060\065\060\062\061\060\061\061\065 -\060\060\065\132\060\201\262\061\044\060\042\006\003\125\004\007 -\023\033\126\141\154\151\103\145\162\164\040\126\141\154\151\144 -\141\164\151\157\156\040\116\145\164\167\157\162\153\061\027\060 -\025\006\003\125\004\012\023\016\126\141\154\151\103\145\162\164 -\054\040\111\156\143\056\061\054\060\052\006\003\125\004\013\023 -\043\103\154\141\163\163\040\061\040\126\141\154\151\144\141\164 -\151\157\156\040\101\165\164\150\157\162\151\164\171\040\055\040 -\117\103\123\120\061\041\060\037\006\003\125\004\003\023\030\150 -\164\164\160\072\057\057\167\167\167\056\166\141\154\151\143\145 -\162\164\056\156\145\164\057\061\040\060\036\006\011\052\206\110 -\206\367\015\001\011\001\026\021\151\156\146\157\100\166\141\154 -\151\143\145\162\164\056\143\157\155\060\201\237\060\015\006\011 -\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060 -\201\211\002\201\201\000\307\214\057\247\303\100\207\073\075\327 -\304\232\130\024\144\012\303\010\071\142\032\317\322\353\251\361 -\151\164\212\312\016\132\166\314\242\122\116\320\363\304\172\265 -\370\246\034\273\243\247\244\123\207\133\215\300\000\273\325\146 -\044\347\164\306\026\310\257\310\003\142\325\062\207\242\122\221 -\104\224\225\250\107\103\155\245\110\234\366\114\165\325\117\142 -\347\311\377\173\364\044\214\247\274\050\166\265\062\240\045\163 -\267\107\057\170\370\106\371\207\024\360\167\374\012\167\350\117 -\375\214\037\372\142\331\002\003\001\000\001\243\154\060\152\060 -\017\006\011\053\006\001\005\005\007\060\001\005\004\002\005\000 -\060\023\006\003\125\035\045\004\014\060\012\006\010\053\006\001 -\005\005\007\003\011\060\013\006\003\125\035\017\004\004\003\002 -\001\206\060\065\006\010\053\006\001\005\005\007\001\001\004\051 -\060\047\060\045\006\010\053\006\001\005\005\007\060\001\206\031 -\150\164\164\160\072\057\057\157\143\163\160\062\056\166\141\154 -\151\143\145\162\164\056\156\145\164\060\015\006\011\052\206\110 -\206\367\015\001\001\005\005\000\003\201\201\000\025\305\340\270 -\064\162\022\006\040\250\142\225\223\321\274\223\272\220\253\334 -\116\215\216\215\230\114\343\062\365\053\077\263\227\373\252\242 -\255\100\227\255\150\275\134\255\123\016\320\246\263\015\254\032 -\231\215\252\060\036\317\016\160\377\002\260\167\145\203\315\332 -\007\134\122\315\131\273\242\310\342\264\026\203\217\324\225\171 -\223\055\350\277\104\223\061\222\060\323\064\064\361\020\373\041 -\254\056\364\303\135\144\143\172\231\341\232\253\102\035\110\146 -\246\167\067\270\125\074\255\376\145\260\142\351 -END - -# Trust for Certificate "ValiCert OCSP Responder" -CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST -CKA_TOKEN CK_BBOOL CK_TRUE -CKA_PRIVATE CK_BBOOL CK_FALSE -CKA_MODIFIABLE CK_BBOOL CK_FALSE -CKA_LABEL UTF8 "ValiCert OCSP Responder" -CKA_CERT_SHA1_HASH MULTILINE_OCTAL -\133\166\261\274\342\212\360\366\161\221\205\147\046\215\021\151 -\017\027\077\163 -END -CKA_CERT_MD5_HASH MULTILINE_OCTAL -\325\036\040\137\321\365\035\202\127\010\122\071\035\372\212\255 -END -CKA_ISSUER MULTILINE_OCTAL -\060\201\262\061\044\060\042\006\003\125\004\007\023\033\126\141 -\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157 -\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125 -\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156 -\143\056\061\054\060\052\006\003\125\004\013\023\043\103\154\141 -\163\163\040\061\040\126\141\154\151\144\141\164\151\157\156\040 -\101\165\164\150\157\162\151\164\171\040\055\040\117\103\123\120 -\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160\072 -\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056\156 -\145\164\057\061\040\060\036\006\011\052\206\110\206\367\015\001 -\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145\162 -\164\056\143\157\155 -END -CKA_SERIAL_NUMBER MULTILINE_OCTAL -\002\001\001 -END -CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR -CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR -CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR - -# -# Certificate "Baltimore CyberTrust Code Signing Root" -# -CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE -CKA_TOKEN CK_BBOOL CK_TRUE -CKA_PRIVATE CK_BBOOL CK_FALSE -CKA_MODIFIABLE CK_BBOOL CK_FALSE -CKA_LABEL UTF8 "Baltimore CyberTrust Code Signing Root" -CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509 -CKA_SUBJECT MULTILINE_OCTAL -\060\147\061\013\060\011\006\003\125\004\006\023\002\111\105\061 -\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155 -\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171 -\142\145\162\124\162\165\163\164\061\057\060\055\006\003\125\004 -\003\023\046\102\141\154\164\151\155\157\162\145\040\103\171\142 -\145\162\124\162\165\163\164\040\103\157\144\145\040\123\151\147 -\156\151\156\147\040\122\157\157\164 -END -CKA_ID UTF8 "0" -CKA_ISSUER MULTILINE_OCTAL -\060\147\061\013\060\011\006\003\125\004\006\023\002\111\105\061 -\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155 -\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171 -\142\145\162\124\162\165\163\164\061\057\060\055\006\003\125\004 -\003\023\046\102\141\154\164\151\155\157\162\145\040\103\171\142 -\145\162\124\162\165\163\164\040\103\157\144\145\040\123\151\147 -\156\151\156\147\040\122\157\157\164 -END -CKA_SERIAL_NUMBER MULTILINE_OCTAL -\002\004\002\000\000\277 -END -CKA_VALUE MULTILINE_OCTAL -\060\202\003\246\060\202\002\216\240\003\002\001\002\002\004\002 -\000\000\277\060\015\006\011\052\206\110\206\367\015\001\001\005 -\005\000\060\147\061\013\060\011\006\003\125\004\006\023\002\111 -\105\061\022\060\020\006\003\125\004\012\023\011\102\141\154\164 -\151\155\157\162\145\061\023\060\021\006\003\125\004\013\023\012 -\103\171\142\145\162\124\162\165\163\164\061\057\060\055\006\003 -\125\004\003\023\046\102\141\154\164\151\155\157\162\145\040\103 -\171\142\145\162\124\162\165\163\164\040\103\157\144\145\040\123 -\151\147\156\151\156\147\040\122\157\157\164\060\036\027\015\060 -\060\060\065\061\067\061\064\060\061\060\060\132\027\015\062\065 -\060\065\061\067\062\063\065\071\060\060\132\060\147\061\013\060 -\011\006\003\125\004\006\023\002\111\105\061\022\060\020\006\003 -\125\004\012\023\011\102\141\154\164\151\155\157\162\145\061\023 -\060\021\006\003\125\004\013\023\012\103\171\142\145\162\124\162 -\165\163\164\061\057\060\055\006\003\125\004\003\023\046\102\141 -\154\164\151\155\157\162\145\040\103\171\142\145\162\124\162\165 -\163\164\040\103\157\144\145\040\123\151\147\156\151\156\147\040 -\122\157\157\164\060\202\001\042\060\015\006\011\052\206\110\206 -\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012 -\002\202\001\001\000\310\161\232\030\022\216\172\333\371\232\374 -\101\257\330\362\364\011\216\255\077\376\147\067\074\332\311\046 -\120\261\261\076\313\350\116\163\000\362\262\334\363\305\106\373 -\011\357\030\226\316\247\340\234\204\135\040\016\172\240\252\066 -\213\372\050\266\170\056\263\354\350\107\363\004\360\220\043\264 -\352\257\345\123\270\005\367\107\135\053\206\361\247\244\306\073 -\065\266\322\015\122\101\327\364\222\165\341\242\012\120\126\207 -\276\227\013\173\063\205\020\271\050\030\356\063\352\110\021\327 -\133\221\107\166\042\324\356\317\135\347\250\116\034\235\226\221 -\335\234\275\164\011\250\162\141\252\260\041\072\361\075\054\003 -\126\011\322\301\334\303\265\307\124\067\253\346\046\242\262\106 -\161\163\312\021\210\356\274\347\144\367\320\021\032\163\100\132 -\310\111\054\017\267\357\220\177\150\200\004\070\013\033\017\073 -\324\365\240\263\302\216\341\064\264\200\231\155\236\166\324\222 -\051\100\261\225\322\067\244\147\022\177\340\142\273\256\065\305 -\231\066\202\104\270\346\170\030\063\141\161\223\133\055\215\237 -\170\225\202\353\155\002\003\001\000\001\243\132\060\130\060\023 -\006\003\125\035\045\004\014\060\012\006\010\053\006\001\005\005 -\007\003\003\060\035\006\003\125\035\016\004\026\004\024\310\101 -\064\134\025\025\004\345\100\362\321\253\232\157\044\222\172\207 -\102\132\060\022\006\003\125\035\023\001\001\377\004\010\060\006 -\001\001\377\002\001\003\060\016\006\003\125\035\017\001\001\377 -\004\004\003\002\001\006\060\015\006\011\052\206\110\206\367\015 -\001\001\005\005\000\003\202\001\001\000\122\164\252\225\113\042 -\214\307\075\226\244\376\135\372\057\265\274\353\360\013\351\126 -\070\035\321\155\015\241\274\150\213\360\305\200\245\044\064\375 -\362\226\030\021\206\241\066\365\067\347\124\100\325\144\037\303 -\137\160\102\153\055\071\307\236\122\005\316\347\152\162\322\215 -\162\077\107\120\203\253\307\215\045\311\260\343\247\123\026\225 -\246\152\123\352\030\235\217\170\251\167\167\032\371\264\227\107 -\131\210\047\050\265\312\341\056\327\076\016\242\015\270\042\104 -\003\343\321\143\260\101\072\241\365\244\055\367\166\036\004\124 -\231\170\062\100\327\053\174\115\272\246\234\260\171\156\007\276 -\214\354\356\327\070\151\133\301\014\126\150\237\376\353\321\341 -\310\210\371\362\315\177\276\205\264\104\147\000\120\076\364\046 -\003\144\352\167\175\350\136\076\034\067\107\310\326\352\244\363 -\066\074\227\302\071\162\005\224\031\045\303\327\067\101\017\301 -\037\207\212\375\252\276\351\261\144\127\344\333\222\241\317\341 -\111\350\073\037\221\023\132\303\217\331\045\130\111\200\107\017 -\306\003\256\254\343\277\267\300\252\052 -END - -# Trust for Certificate "Baltimore CyberTrust Code Signing Root" -CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST -CKA_TOKEN CK_BBOOL CK_TRUE -CKA_PRIVATE CK_BBOOL CK_FALSE -CKA_MODIFIABLE CK_BBOOL CK_FALSE -CKA_LABEL UTF8 "Baltimore CyberTrust Code Signing Root" -CKA_CERT_SHA1_HASH MULTILINE_OCTAL -\060\106\330\310\210\377\151\060\303\112\374\315\111\047\010\174 -\140\126\173\015 -END -CKA_CERT_MD5_HASH MULTILINE_OCTAL -\220\365\050\111\126\321\135\054\260\123\324\113\357\157\220\042 -END -CKA_ISSUER MULTILINE_OCTAL -\060\147\061\013\060\011\006\003\125\004\006\023\002\111\105\061 -\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155 -\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171 -\142\145\162\124\162\165\163\164\061\057\060\055\006\003\125\004 -\003\023\046\102\141\154\164\151\155\157\162\145\040\103\171\142 -\145\162\124\162\165\163\164\040\103\157\144\145\040\123\151\147 -\156\151\156\147\040\122\157\157\164 -END -CKA_SERIAL_NUMBER MULTILINE_OCTAL -\002\004\002\000\000\277 -END -CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_VALID -CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_VALID -CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR - -# # Certificate "Baltimore CyberTrust Root" # CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE @@ -4550,110 +4297,6 @@ CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID # -# Certificate "Baltimore CyberTrust Mobile Commerce Root" -# -CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE -CKA_TOKEN CK_BBOOL CK_TRUE -CKA_PRIVATE CK_BBOOL CK_FALSE -CKA_MODIFIABLE CK_BBOOL CK_FALSE -CKA_LABEL UTF8 "Baltimore CyberTrust Mobile Commerce Root" -CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509 -CKA_SUBJECT MULTILINE_OCTAL -\060\141\061\013\060\011\006\003\125\004\006\023\002\111\105\061 -\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155 -\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171 -\142\145\162\124\162\165\163\164\061\051\060\047\006\003\125\004 -\003\023\040\102\141\154\164\151\155\157\162\145\040\103\171\142 -\145\162\124\162\165\163\164\040\115\157\142\151\154\145\040\122 -\157\157\164 -END -CKA_ID UTF8 "0" -CKA_ISSUER MULTILINE_OCTAL -\060\141\061\013\060\011\006\003\125\004\006\023\002\111\105\061 -\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155 -\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171 -\142\145\162\124\162\165\163\164\061\051\060\047\006\003\125\004 -\003\023\040\102\141\154\164\151\155\157\162\145\040\103\171\142 -\145\162\124\162\165\163\164\040\115\157\142\151\154\145\040\122 -\157\157\164 -END -CKA_SERIAL_NUMBER MULTILINE_OCTAL -\002\004\002\000\000\270 -END -CKA_VALUE MULTILINE_OCTAL -\060\202\002\175\060\202\001\346\240\003\002\001\002\002\004\002 -\000\000\270\060\015\006\011\052\206\110\206\367\015\001\001\005 -\005\000\060\141\061\013\060\011\006\003\125\004\006\023\002\111 -\105\061\022\060\020\006\003\125\004\012\023\011\102\141\154\164 -\151\155\157\162\145\061\023\060\021\006\003\125\004\013\023\012 -\103\171\142\145\162\124\162\165\163\164\061\051\060\047\006\003 -\125\004\003\023\040\102\141\154\164\151\155\157\162\145\040\103 -\171\142\145\162\124\162\165\163\164\040\115\157\142\151\154\145 -\040\122\157\157\164\060\036\027\015\060\060\060\065\061\062\061 -\070\062\060\060\060\132\027\015\062\060\060\065\061\062\062\063 -\065\071\060\060\132\060\141\061\013\060\011\006\003\125\004\006 -\023\002\111\105\061\022\060\020\006\003\125\004\012\023\011\102 -\141\154\164\151\155\157\162\145\061\023\060\021\006\003\125\004 -\013\023\012\103\171\142\145\162\124\162\165\163\164\061\051\060 -\047\006\003\125\004\003\023\040\102\141\154\164\151\155\157\162 -\145\040\103\171\142\145\162\124\162\165\163\164\040\115\157\142 -\151\154\145\040\122\157\157\164\060\201\237\060\015\006\011\052 -\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060\201 -\211\002\201\201\000\243\155\261\070\126\254\374\265\126\041\336 -\300\220\135\046\107\202\306\175\217\037\240\205\217\057\273\324 -\341\034\035\362\044\037\050\260\057\271\244\245\157\242\042\040 -\144\376\204\107\074\176\053\154\151\152\270\324\300\226\216\214 -\122\015\315\157\101\324\277\004\256\247\201\057\055\230\110\322 -\301\224\243\265\031\135\135\121\144\364\216\101\260\233\300\055 -\042\240\136\306\330\132\022\143\274\021\112\136\046\022\035\342 -\046\005\346\017\137\042\037\172\137\166\224\256\317\132\050\016 -\253\105\332\042\061\002\003\001\000\001\243\102\060\100\060\035 -\006\003\125\035\016\004\026\004\024\311\342\217\300\002\046\132 -\266\300\007\343\177\224\007\030\333\056\245\232\160\060\017\006 -\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060\016 -\006\003\125\035\017\001\001\377\004\004\003\002\001\206\060\015 -\006\011\052\206\110\206\367\015\001\001\005\005\000\003\201\201 -\000\123\010\013\046\011\170\102\163\324\354\172\167\107\015\343 -\013\063\161\357\256\063\024\115\373\372\375\032\267\121\365\344 -\231\034\006\161\327\051\031\327\346\025\040\121\121\106\155\117 -\336\030\111\230\320\370\170\273\161\350\215\001\006\325\327\144 -\217\224\337\107\376\240\205\151\066\251\057\102\172\150\112\022 -\326\213\013\160\104\012\244\004\357\046\210\301\065\161\070\135 -\033\133\110\102\360\347\224\034\160\225\064\250\253\365\253\342 -\170\255\365\360\122\375\233\352\102\014\350\330\124\276\123\146 -\365 -END - -# Trust for Certificate "Baltimore CyberTrust Mobile Commerce Root" -CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST -CKA_TOKEN CK_BBOOL CK_TRUE -CKA_PRIVATE CK_BBOOL CK_FALSE -CKA_MODIFIABLE CK_BBOOL CK_FALSE -CKA_LABEL UTF8 "Baltimore CyberTrust Mobile Commerce Root" -CKA_CERT_SHA1_HASH MULTILINE_OCTAL -\264\343\013\234\301\325\356\275\240\040\030\370\271\212\321\377 -\151\267\072\161 -END -CKA_CERT_MD5_HASH MULTILINE_OCTAL -\353\264\040\035\017\266\161\003\367\304\367\307\244\162\206\350 -END -CKA_ISSUER MULTILINE_OCTAL -\060\141\061\013\060\011\006\003\125\004\006\023\002\111\105\061 -\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155 -\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171 -\142\145\162\124\162\165\163\164\061\051\060\047\006\003\125\004 -\003\023\040\102\141\154\164\151\155\157\162\145\040\103\171\142 -\145\162\124\162\165\163\164\040\115\157\142\151\154\145\040\122 -\157\157\164 -END -CKA_SERIAL_NUMBER MULTILINE_OCTAL -\002\004\002\000\000\270 -END -CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR -CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR -CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID - -# # Certificate "Equifax Secure Global eBusiness CA" # CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE diff --git a/security/nss/lib/ckfw/builtins/config.mk b/security/nss/lib/ckfw/builtins/config.mk index f9fdb5702..f4d64b0f0 100644 --- a/security/nss/lib/ckfw/builtins/config.mk +++ b/security/nss/lib/ckfw/builtins/config.mk @@ -43,7 +43,7 @@ IMPORT_LIBRARY = PROGRAM = ifeq (,$(filter-out OS2 WIN%,$(OS_TARGET))) - SHARED_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION).dll + SHARED_LIBRARY = $(OBJDIR)/$(DLL_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION).$(DLL_SUFFIX) endif ifdef BUILD_IDG diff --git a/security/nss/lib/ckfw/builtins/manifest.mn b/security/nss/lib/ckfw/builtins/manifest.mn index 23360f081..86a794fbd 100644 --- a/security/nss/lib/ckfw/builtins/manifest.mn +++ b/security/nss/lib/ckfw/builtins/manifest.mn @@ -35,6 +35,7 @@ MANIFEST_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$" CORE_DEPTH = ../../../.. MODULE = nss +MAPFILE = $(OBJDIR)/nssckbi.def EXPORTS = \ nssckbi.h \ diff --git a/security/nss/lib/ckfw/builtins/nssckbi.def b/security/nss/lib/ckfw/builtins/nssckbi.def new file mode 100644 index 000000000..c0fd99c04 --- /dev/null +++ b/security/nss/lib/ckfw/builtins/nssckbi.def @@ -0,0 +1,53 @@ +;+# +;+# The contents of this file are subject to the Mozilla Public +;+# License Version 1.1 (the "License"); you may not use this file +;+# except in compliance with the License. You may obtain a copy of +;+# the License at http://www.mozilla.org/MPL/ +;+# +;+# Software distributed under the License is distributed on an "AS +;+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +;+# implied. See the License for the specific language governing +;+# rights and limitations under the License. +;+# +;+# The Original Code is the Netscape security libraries. +;+# +;+# The Initial Developer of the Original Code is Netscape +;+# Communications Corporation. Portions created by Netscape are +;+# Copyright (C) 2003 Netscape Communications Corporation. All +;+# Rights Reserved. +;+# +;+# Contributor(s): +;+# +;+# Alternatively, the contents of this file may be used under the +;+# terms of the GNU General Public License Version 2 or later (the +;+# "GPL"), in which case the provisions of the GPL are applicable +;+# instead of those above. If you wish to allow use of your +;+# version of this file only under the terms of the GPL and not to +;+# allow others to use your version of this file under the MPL, +;+# indicate your decision by deleting the provisions above and +;+# replace them with the notice and other provisions required by +;+# the GPL. If you do not delete the provisions above, a recipient +;+# may use your version of this file under either the MPL or the +;+# GPL. +;+# +;+# OK, this file is meant to support SUN, LINUX, AIX and WINDOWS +;+# 1. For all unix platforms, the string ";-" means "remove this line" +;+# 2. For all unix platforms, the string " DATA " will be removed from any +;+# line on which it occurs. +;+# 3. Lines containing ";+" will have ";+" removed on SUN and LINUX. +;+# On AIX, lines containing ";+" will be removed. +;+# 4. For all unix platforms, the string ";;" will thave the ";;" removed. +;+# 5. For all unix platforms, after the above processing has taken place, +;+# all characters after the first ";" on the line will be removed. +;+# And for AIX, the first ";" will also be removed. +;+# This file is passed directly to windows. Since ';' is a comment, all UNIX +;+# directives are hidden behind ";", ";+", and ";-" +;+ +;+NSS_3.1 { # NSS 3.1 release +;+ global: +LIBRARY nssckbi ;- +EXPORTS ;- +C_GetFunctionList; +;+ local: +;+*; +;+}; diff --git a/security/nss/lib/ckfw/builtins/nssckbi.h b/security/nss/lib/ckfw/builtins/nssckbi.h index 81c3f47a3..ef4f48c42 100644 --- a/security/nss/lib/ckfw/builtins/nssckbi.h +++ b/security/nss/lib/ckfw/builtins/nssckbi.h @@ -50,7 +50,7 @@ /* These are the correct verion numbers that details the changes * to the list of trusted certificates. */ #define NSS_BUILTINS_LIBRARY_VERSION_MAJOR 1 -#define NSS_BUILTINS_LIBRARY_VERSION_MINOR 20 +#define NSS_BUILTINS_LIBRARY_VERSION_MINOR 31 /* These verion numbers that details the semantic changes to the ckfw engine. */ #define NSS_BUILTINS_HARDWARE_VERSION_MAJOR 1 diff --git a/security/nss/lib/ckfw/ckapi.perl b/security/nss/lib/ckfw/ckapi.perl index 09dfc9199..da757f5a4 100644 --- a/security/nss/lib/ckfw/ckapi.perl +++ b/security/nss/lib/ckfw/ckapi.perl @@ -489,11 +489,7 @@ __ADJOIN(MODULE_NAME,C_GetFunctionList) } /* This one is always present */ -#ifdef WIN32 -CK_RV _declspec(dllexport) -#else CK_RV CK_ENTRY -#endif C_GetFunctionList ( CK_FUNCTION_LIST_PTR_PTR ppFunctionList diff --git a/security/nss/lib/ckfw/nsprstub.c b/security/nss/lib/ckfw/nsprstub.c index c9e3964d9..0801023d4 100644 --- a/security/nss/lib/ckfw/nsprstub.c +++ b/security/nss/lib/ckfw/nsprstub.c @@ -283,6 +283,12 @@ nssPointerTracker_verify(nssPointerTracker *tracker, const void *pointer) } #endif +/* + * Do not use NSPR stubs for MinGW because they can't resolve references + * to the _imp__PR_XXX symbols. This is merely an expedient hack and not + * the right solution. + */ +#if !(defined(WIN32) && defined(__GNUC__)) PR_IMPLEMENT(PRThread *) PR_GetCurrentThread(void) { @@ -337,6 +343,7 @@ PR_IMPLEMENT(PRInt32) PR_AtomicSet(PRInt32 *val) { return ++(*val); } /* now make the RNG happy */ /* This is not atomic! */ PR_IMPLEMENT(PRInt32) PR_AtomicIncrement(PRInt32 *val) { return ++(*val); } +#endif /* ! (WIN32 && GCC) */ CK_C_INITIALIZE_ARGS_PTR nssstub_initArgs = NULL; NSSArena *nssstub_arena = NULL; @@ -349,6 +356,12 @@ nssSetLockArgs(CK_C_INITIALIZE_ARGS_PTR pInitArgs) } } +/* + * Do not use NSPR stubs for MinGW because they can't resolve references + * to the _imp__PR_XXX symbols. This is merely an expedient hack and not + * the right solution. + */ +#if !(defined(WIN32) && defined(__GNUC__)) #include "prlock.h" PR_IMPLEMENT(PRLock *) PR_NewLock(void) { @@ -437,6 +450,7 @@ PRIntn PR_CeilingLog2(PRUint32 i) { PR_CEILING_LOG2(log2,i); return log2; } +#endif /* ! (WIN32 && GCC) */ /********************** end of arena functions ***********************/ diff --git a/security/nss/lib/ckfw/nssck.api b/security/nss/lib/ckfw/nssck.api index 4cbe5e8cc..2e8fbd70c 100644 --- a/security/nss/lib/ckfw/nssck.api +++ b/security/nss/lib/ckfw/nssck.api @@ -1874,11 +1874,7 @@ __ADJOIN(MODULE_NAME,C_GetFunctionList) } /* This one is always present */ -#if defined(WIN32) || defined(XP_OS2_VACPP) -CK_RV _declspec(dllexport) -#else CK_RV CK_ENTRY -#endif C_GetFunctionList ( CK_FUNCTION_LIST_PTR_PTR ppFunctionList diff --git a/security/nss/lib/dev/dev.h b/security/nss/lib/dev/dev.h index 43ad7ac98..4495be2f5 100644 --- a/security/nss/lib/dev/dev.h +++ b/security/nss/lib/dev/dev.h @@ -323,6 +323,18 @@ nssSlot_Logout nssSession *sessionOpt ); +NSS_EXTERN void +nssSlot_EnterMonitor +( + NSSSlot *slot +); + +NSS_EXTERN void +nssSlot_ExitMonitor +( + NSSSlot *slot +); + #define NSSSLOT_ASK_PASSWORD_FIRST_TIME -1 #define NSSSLOT_ASK_PASSWORD_EVERY_TIME 0 NSS_EXTERN void diff --git a/security/nss/lib/dev/devslot.c b/security/nss/lib/dev/devslot.c index 81cd512d5..ca26a74ef 100644 --- a/security/nss/lib/dev/devslot.c +++ b/security/nss/lib/dev/devslot.c @@ -76,6 +76,7 @@ struct NSSSlotStr CK_FLAGS ckFlags; /* from CK_SLOT_INFO.flags */ struct nssSlotAuthInfoStr authInfo; PRIntervalTime lastTokenPing; + PZLock *lock; #ifdef NSS_3_4_CODE PK11SlotInfo *pk11slot; #endif @@ -151,6 +152,9 @@ nssSlot_Create if (!rvSlot->base.lock) { goto loser; } + if (!nssModule_IsThreadSafe(parent)) { + rvSlot->lock = nssModule_GetLock(parent); + } rvSlot->module = parent; /* refs go from module to slots */ rvSlot->slotID = slotID; rvSlot->ckFlags = slotInfo.flags; @@ -190,6 +194,22 @@ nssSlot_Destroy return PR_SUCCESS; } +void +nssSlot_EnterMonitor(NSSSlot *slot) +{ + if (slot->lock) { + PZ_Lock(slot->lock); + } +} + +void +nssSlot_ExitMonitor(NSSSlot *slot) +{ + if (slot->lock) { + PZ_Unlock(slot->lock); + } +} + NSS_IMPLEMENT void NSSSlot_Destroy ( @@ -274,7 +294,9 @@ nssSlot_IsTokenPresent if (!epv) { return PR_FALSE; } + nssSlot_EnterMonitor(slot); ckrv = CKAPI(epv)->C_GetSlotInfo(slot->slotID, &slotInfo); + nssSlot_ExitMonitor(slot); if (ckrv != CKR_OK) { slot->token->base.name[0] = 0; /* XXX */ return PR_FALSE; @@ -772,9 +794,9 @@ nssSlot_CreateSession if (!rvSession) { return (nssSession *)NULL; } - if (!nssModule_IsThreadSafe(slot->module)) { - /* If the parent module is not threadsafe, create lock to manage - * session within threads. + if (nssModule_IsThreadSafe(slot->module)) { + /* If the parent module is threadsafe, + * create lock to protect just this session. */ rvSession->lock = PZ_NewLock(nssILockOther); if (!rvSession->lock) { @@ -785,7 +807,12 @@ nssSlot_CreateSession } return (nssSession *)NULL; } + rvSession->ownLock = PR_TRUE; + } else { + rvSession->lock = slot->lock; + rvSession->ownLock = PR_FALSE; } + rvSession->handle = handle; rvSession->slot = slot; rvSession->isRW = readWrite; @@ -802,7 +829,7 @@ nssSession_Destroy if (s) { void *epv = s->slot->epv; ckrv = CKAPI(epv)->C_CloseSession(s->handle); - if (s->lock) { + if (s->ownLock && s->lock) { PZ_DestroyLock(s->lock); } nss_ZFreeIf(s); diff --git a/security/nss/lib/dev/devt.h b/security/nss/lib/dev/devt.h index 10a7978c3..002f31144 100644 --- a/security/nss/lib/dev/devt.h +++ b/security/nss/lib/dev/devt.h @@ -124,6 +124,7 @@ struct NSSSlotStr CK_FLAGS ckFlags; /* from CK_SLOT_INFO.flags */ struct nssSlotAuthInfoStr authInfo; PRIntervalTime lastTokenPing; + PZLock *lock; #ifdef NSS_3_4_CODE void *epv; PK11SlotInfo *pk11slot; @@ -136,6 +137,7 @@ struct nssSessionStr CK_SESSION_HANDLE handle; NSSSlot *slot; PRBool isRW; + PRBool ownLock; }; typedef enum { diff --git a/security/nss/lib/fortcrypt/Makefile b/security/nss/lib/fortcrypt/Makefile index 40609cb98..b3913b3a0 100644 --- a/security/nss/lib/fortcrypt/Makefile +++ b/security/nss/lib/fortcrypt/Makefile @@ -109,11 +109,19 @@ endif ifeq (,$(filter-out WIN%,$(OS_TARGET))) $(STUBDLL): $(OBJDIR)/maci.o +ifdef NS_USE_GCC + $(LINK_DLL) -Wl,--out-implib,$(STUBLIB) $(OBJDIR)/maci.o $(OS_LIBS) +else $(LINK_DLL) -MAP $(DLLBASE) $(subst /,\\,$(OBJDIR)/maci.o $(OS_LIBS)) +endif $(OBJDIR)/maci.o: maci.c +ifdef NS_USE_GCC + $(CC) -o $@ -c $(CFLAGS) $< +else $(CC) -Fo$@ -c $(CFLAGS) $< endif +endif # # The following rules packages the shared library into a JAR, diff --git a/security/nss/lib/fortcrypt/maci.c b/security/nss/lib/fortcrypt/maci.c index a0120b771..a1b38ec87 100644 --- a/security/nss/lib/fortcrypt/maci.c +++ b/security/nss/lib/fortcrypt/maci.c @@ -33,7 +33,7 @@ #include "seccomon.h" #if defined( _WIN32 ) || defined( __WIN32__ ) -#define RETURN_TYPE extern _declspec( dllexport ) int _cdecl +#define RETURN_TYPE extern __declspec( dllexport ) int _cdecl #endif /* Windows */ #include "maci.h" diff --git a/security/nss/lib/fortcrypt/maci.h b/security/nss/lib/fortcrypt/maci.h index eb38ff81c..cab61ace8 100644 --- a/security/nss/lib/fortcrypt/maci.h +++ b/security/nss/lib/fortcrypt/maci.h @@ -78,7 +78,7 @@ extern "C" #ifndef RETURN_TYPE #if defined( _WIN32 ) || defined( __WIN32__ ) -#define RETURN_TYPE extern _declspec( dllimport ) int _cdecl +#define RETURN_TYPE extern __declspec( dllimport ) int _cdecl #elif defined( _WINDOWS ) || defined( _Windows ) #define RETURN_TYPE extern int _far _pascal #else diff --git a/security/nss/lib/fortcrypt/swfort/pkcs11/Makefile b/security/nss/lib/fortcrypt/swfort/pkcs11/Makefile index c148b325c..44e50063b 100644 --- a/security/nss/lib/fortcrypt/swfort/pkcs11/Makefile +++ b/security/nss/lib/fortcrypt/swfort/pkcs11/Makefile @@ -50,6 +50,23 @@ CRYPTO_LIB += $(DIST)/lib/bsafe$(BSAFEVER).lib CRYPTO_LIB += $(DIST)/lib/freebl.lib endif +# Link with the real NSPR DLLs for MinGW because the NSPR stubs in +# stub.c can't resolve the references to the _imp__PR_XXX symbols. +# This is merely an expedient hack and not the right solution. +ifdef NS_USE_GCC +EXTRA_LIBS = \ + $(DIST)/lib/$(LIB_PREFIX)swfci.$(LIB_SUFFIX) \ + $(DIST)/lib/$(LIB_PREFIX)softokn.$(LIB_SUFFIX) \ + $(CRYPTO_LIB) \ + $(DIST)/lib/$(LIB_PREFIX)secutil.$(LIB_SUFFIX) \ + -L$(DIST)/lib \ + -lplc4 \ + -lplds4 \ + -lnspr4 \ + -lws2_32 \ + -lwinmm \ + $(NULL) +else # ! NS_USE_GCC EXTRA_LIBS = \ $(DIST)/lib/swfci.lib \ $(DIST)/lib/softokn.lib \ @@ -60,6 +77,7 @@ EXTRA_LIBS = \ wsock32.lib \ winmm.lib \ $(NULL) +endif # NS_USE_GCC else diff --git a/security/nss/lib/fortcrypt/swfort/pkcs11/stub.c b/security/nss/lib/fortcrypt/swfort/pkcs11/stub.c index 0f673e77b..12ce3cd27 100644 --- a/security/nss/lib/fortcrypt/swfort/pkcs11/stub.c +++ b/security/nss/lib/fortcrypt/swfort/pkcs11/stub.c @@ -234,6 +234,12 @@ PORT_ArenaStrdup(PLArenaPool *arena,const char *str) { return newstr; } +/* + * Do not use NSPR stubs for MinGW because they can't resolve references + * to the _imp__PR_XXX symbols. This is merely an expedient hack and not + * the right solution. + */ +#if !(defined(WIN32) && defined(__GNUC__)) PR_IMPLEMENT(void) PR_Assert(const char *expr, const char *file, int line) { return; @@ -256,6 +262,7 @@ PR_SetError(PRErrorCode errorCode, PRInt32 oserr) { return; } PR_IMPLEMENT(void) PR_SetErrorText(PRIntn textLength, const char *text) { return; } +#endif /* ! (WIN32 && GCC) */ /* Old template; want to expunge it eventually. */ @@ -272,6 +279,12 @@ const SEC_ASN1Template SECOID_AlgorithmIDTemplate[] = { { 0, } }; +/* + * Do not use NSPR stubs for MinGW because they can't resolve references + * to the _imp__PR_XXX symbols. This is merely an expedient hack and not + * the right solution. + */ +#if !(defined(WIN32) && defined(__GNUC__)) /* now make the RNG happy */ /* This is not atomic! */ PR_IMPLEMENT(PRInt32) PR_AtomicIncrement(PRInt32 *val) { return ++(*val); } /* This is not atomic! */ @@ -358,6 +371,7 @@ PRIntn PR_CeilingLog2(PRUint32 i) { PR_CEILING_LOG2(log2,i); return log2; } +#endif /* ! (WIN32 && GCC) */ /********************** end of arena functions ***********************/ diff --git a/security/nss/lib/freebl/Makefile b/security/nss/lib/freebl/Makefile index ba73f4e8c..aa0b5c6a4 100644 --- a/security/nss/lib/freebl/Makefile +++ b/security/nss/lib/freebl/Makefile @@ -78,12 +78,25 @@ ifeq ($(OS_TARGET),OSF1) endif ifeq (,$(filter-out WINNT WIN95,$(OS_TARGET))) #omits WIN16 and WINCE +ifdef NS_USE_GCC +# Ideally, we want to use assembler +# ASFILES = mpi_x86.s +# DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE \ +# -DMP_ASSEMBLY_DIV_2DX1D +# but we haven't figured out how to make it work, so we are not +# using assembler right now. + ASFILES = + DEFINES += -DMP_NO_MP_WORD -DMP_USE_UINT_DIGIT +else ASFILES = mpi_x86.asm DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE -DMP_ASSEMBLY_DIV_2DX1D +endif ifdef BUILD_OPT +ifndef NS_USE_GCC OPTIMIZER += -Ox # maximum optimization for freebl endif endif +endif ifeq ($(OS_TARGET),WINCE) DEFINES += -DMP_ARGCHK=0 # no assert in WinCE diff --git a/security/nss/lib/freebl/shvfy.c b/security/nss/lib/freebl/shvfy.c index 084ba0161..67d87dc8a 100644 --- a/security/nss/lib/freebl/shvfy.c +++ b/security/nss/lib/freebl/shvfy.c @@ -42,6 +42,7 @@ #include "blapi.h" #include "seccomon.h" #include "stdio.h" +#include "prmem.h" /* #define DEBUG_SHVERIFY 1 */ diff --git a/security/nss/lib/nss/config.mk b/security/nss/lib/nss/config.mk index 693b6d31a..4ca5480f3 100644 --- a/security/nss/lib/nss/config.mk +++ b/security/nss/lib/nss/config.mk @@ -40,18 +40,28 @@ ifeq (,$(filter-out WIN%,$(OS_TARGET))) # don't want the 32 in the shared library name -SHARED_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION).dll -IMPORT_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION).lib +SHARED_LIBRARY = $(OBJDIR)/$(DLL_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION).$(DLL_SUFFIX) +IMPORT_LIBRARY = $(OBJDIR)/$(IMPORT_LIB_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION)$(IMPORT_LIB_SUFFIX) RES = $(OBJDIR)/$(LIBRARY_NAME).res RESNAME = $(LIBRARY_NAME).rc +ifdef NS_USE_GCC +EXTRA_SHARED_LIBS += \ + -L$(DIST)/lib \ + -lsoftokn3 \ + -lplc4 \ + -lplds4 \ + -lnspr4\ + $(NULL) +else # ! NS_USE_GCC EXTRA_SHARED_LIBS += \ $(DIST)/lib/softokn3.lib \ $(DIST)/lib/$(NSPR31_LIB_PREFIX)plc4.lib \ $(DIST)/lib/$(NSPR31_LIB_PREFIX)plds4.lib \ $(DIST)/lib/$(NSPR31_LIB_PREFIX)nspr4.lib \ $(NULL) +endif # NS_USE_GCC else @@ -99,8 +109,10 @@ MKSHLIB += -R '$$ORIGIN' endif ifeq (,$(filter-out WINNT WIN95,$(OS_TARGET))) +ifndef NS_USE_GCC # Export 'mktemp' to be backward compatible with NSS 3.2.x and 3.3.x # but do not put it in the import library. See bug 142575. DEFINES += -DWIN32_NSS3_DLL_COMPAT DLLFLAGS += -EXPORT:mktemp=nss_mktemp,PRIVATE endif +endif diff --git a/security/nss/lib/nss/nss.h b/security/nss/lib/nss/nss.h index 29b6bf4bc..e6baca71c 100644 --- a/security/nss/lib/nss/nss.h +++ b/security/nss/lib/nss/nss.h @@ -49,11 +49,11 @@ SEC_BEGIN_PROTOS * The format of the version string should be * "<major version>.<minor version>[.<patch level>] [<Beta>]" */ -#define NSS_VERSION "3.8" +#define NSS_VERSION "3.8.1 Beta" #define NSS_VMAJOR 3 #define NSS_VMINOR 8 -#define NSS_VPATCH 0 -#define NSS_BETA PR_FALSE +#define NSS_VPATCH 1 +#define NSS_BETA PR_TRUE /* diff --git a/security/nss/lib/pk11wrap/dev3hack.c b/security/nss/lib/pk11wrap/dev3hack.c index 3f704436d..2c7ee38f2 100644 --- a/security/nss/lib/pk11wrap/dev3hack.c +++ b/security/nss/lib/pk11wrap/dev3hack.c @@ -67,6 +67,7 @@ nssSession_ImportNSS3Session(NSSArena *arenaOpt, rvSession = nss_ZNEW(arenaOpt, nssSession); rvSession->handle = session; rvSession->lock = lock; + rvSession->ownLock = PR_FALSE; rvSession->isRW = rw; return rvSession; } @@ -92,6 +93,23 @@ nssSlot_CreateSession } rvSession->isRW = PR_TRUE; rvSession->slot = slot; + /* + * The session doesn't need its own lock. Here's why. + * 1. If we are reusing the default RW session of the slot, + * the slot lock is already locked to protect the session. + * 2. If the module is not thread safe, the slot (or rather + * module) lock is already locked. + * 3. If the module is thread safe and we are using a new + * session, no higher-level lock has been locked and we + * would need a lock for the new session. However, the + * NSS_3_4_CODE usage of the session is that it is always + * used and destroyed within the same function and never + * shared with another thread. + * So the session is either already protected by another + * lock or only used by one thread. + */ + rvSession->lock = NULL; + rvSession->ownLock = PR_FALSE; return rvSession; } else { return NULL; @@ -136,6 +154,7 @@ nssSlot_CreateFromPK11SlotInfo(NSSTrustDomain *td, PK11SlotInfo *nss3slot) rvSlot->slotID = nss3slot->slotID; /* Grab the slot name from the PKCS#11 fixed-length buffer */ rvSlot->base.name = nssUTF8_Duplicate(nss3slot->slot_name,td->arena); + rvSlot->lock = (nss3slot->isThreadSafe) ? NULL : nss3slot->sessionLock; return rvSlot; } diff --git a/security/nss/lib/pk11wrap/pk11cert.c b/security/nss/lib/pk11wrap/pk11cert.c index 449fe17c8..33d896ec5 100644 --- a/security/nss/lib/pk11wrap/pk11cert.c +++ b/security/nss/lib/pk11wrap/pk11cert.c @@ -3776,10 +3776,14 @@ loser: PORT_SetError(SEC_ERROR_CRL_NOT_FOUND); return NULL; } - *slot = PK11_ReferenceSlot(crl->object.instances[0]->token->pk11slot); - *crlHandle = crl->object.instances[0]->handle; if (crl->url) { *url = PORT_Strdup(crl->url); + if (!*url) { + nssCRL_Destroy(crl); + return NULL; + } + } else { + *url = NULL; } rvItem = SECITEM_AllocItem(NULL, NULL, crl->encoding.size); if (!rvItem) { @@ -3788,6 +3792,8 @@ loser: return NULL; } memcpy(rvItem->data, crl->encoding.data, crl->encoding.size); + *slot = PK11_ReferenceSlot(crl->object.instances[0]->token->pk11slot); + *crlHandle = crl->object.instances[0]->handle; nssCRL_Destroy(crl); return rvItem; #endif diff --git a/security/nss/lib/pk11wrap/pk11func.h b/security/nss/lib/pk11wrap/pk11func.h index 4747fe6ea..115a42bb3 100644 --- a/security/nss/lib/pk11wrap/pk11func.h +++ b/security/nss/lib/pk11wrap/pk11func.h @@ -83,7 +83,7 @@ CK_SESSION_HANDLE PK11_GetRWSession(PK11SlotInfo *slot); void PK11_RestoreROSession(PK11SlotInfo *slot,CK_SESSION_HANDLE rwsession); PRBool PK11_RWSessionHasLock(PK11SlotInfo *slot, CK_SESSION_HANDLE session_handle); -PK11SlotInfo *PK11_NewSlotInfo(void); +PK11SlotInfo *PK11_NewSlotInfo(SECMODModule *mod); SECStatus PK11_Logout(PK11SlotInfo *slot); void PK11_LogoutAll(void); void PK11_EnterSlotMonitor(PK11SlotInfo *); diff --git a/security/nss/lib/pk11wrap/pk11load.c b/security/nss/lib/pk11wrap/pk11load.c index f9ff7d506..4da327680 100644 --- a/security/nss/lib/pk11wrap/pk11load.c +++ b/security/nss/lib/pk11wrap/pk11load.c @@ -271,7 +271,7 @@ SECMOD_LoadPKCS11Module(SECMODModule *mod) { /* Initialize each slot */ for (i=0; i < (int)slotCount; i++) { - mod->slots[i] = PK11_NewSlotInfo(); + mod->slots[i] = PK11_NewSlotInfo(mod); PK11_InitSlot(mod,slotIDs[i],mod->slots[i]); /* look down the slot info table */ PK11_LoadSlotList(mod->slots[i],mod->slotInfo,mod->slotInfoCount); diff --git a/security/nss/lib/pk11wrap/pk11slot.c b/security/nss/lib/pk11wrap/pk11slot.c index 74816b485..055aa178e 100644 --- a/security/nss/lib/pk11wrap/pk11slot.c +++ b/security/nss/lib/pk11wrap/pk11slot.c @@ -398,7 +398,7 @@ PK11_FindSlotElement(PK11SlotList *list,PK11SlotInfo *slot) * Create a new slot structure */ PK11SlotInfo * -PK11_NewSlotInfo(void) +PK11_NewSlotInfo(SECMODModule *mod) { PK11SlotInfo *slot; @@ -411,7 +411,8 @@ PK11_NewSlotInfo(void) PORT_Free(slot); return slot; } - slot->sessionLock = PZ_NewLock(nssILockSession); + slot->sessionLock = mod->isThreadSafe ? + PZ_NewLock(nssILockSession) : (PZLock *)mod->refLock; if (slot->sessionLock == NULL) { PZ_DestroyLock(slot->refLock); PORT_Free(slot); @@ -419,7 +420,9 @@ PK11_NewSlotInfo(void) } slot->freeListLock = PZ_NewLock(nssILockFreelist); if (slot->freeListLock == NULL) { - PZ_DestroyLock(slot->sessionLock); + if (mod->isThreadSafe) { + PZ_DestroyLock(slot->sessionLock); + } PZ_DestroyLock(slot->refLock); PORT_Free(slot); return slot; @@ -498,26 +501,26 @@ PK11_DestroySlot(PK11SlotInfo *slot) if (slot->mechanismList) { PORT_Free(slot->mechanismList); } - - /* finally Tell our parent module that we've gone away so it can unload */ - if (slot->module) { - SECMOD_SlotDestroyModule(slot->module,PR_TRUE); - } #ifdef PKCS11_USE_THREADS if (slot->refLock) { PZ_DestroyLock(slot->refLock); slot->refLock = NULL; } - if (slot->sessionLock) { + if (slot->isThreadSafe && slot->sessionLock) { PZ_DestroyLock(slot->sessionLock); - slot->sessionLock = NULL; } + slot->sessionLock = NULL; if (slot->freeListLock) { PZ_DestroyLock(slot->freeListLock); slot->freeListLock = NULL; } #endif + /* finally Tell our parent module that we've gone away so it can unload */ + if (slot->module) { + SECMOD_SlotDestroyModule(slot->module,PR_TRUE); + } + /* ok, well not quit finally... now we free the memory */ PORT_Free(slot); } @@ -4756,7 +4759,7 @@ PK11_WaitForTokenEvent(PK11SlotInfo *slot, PK11TokenEvent event, if (waitForRemoval && series != PK11_GetSlotSeries(slot)) { return PK11TokenChanged; } - if (timeout != PR_INTERVAL_NO_WAIT) { + if (timeout == PR_INTERVAL_NO_WAIT) { return waitForRemoval ? PK11TokenPresent : PK11TokenRemoved; } if (timeout != PR_INTERVAL_NO_TIMEOUT ) { diff --git a/security/nss/lib/smime/cmsdecode.c b/security/nss/lib/smime/cmsdecode.c index 906fbaa25..8ba2b33dd 100644 --- a/security/nss/lib/smime/cmsdecode.c +++ b/security/nss/lib/smime/cmsdecode.c @@ -59,6 +59,13 @@ struct NSSCMSDecoderContextStr { void * cb_arg; }; +struct NSSCMSDecoderDataStr { + SECItem data; /* must be first */ + unsigned int totalBufferSize; +}; + +typedef struct NSSCMSDecoderDataStr NSSCMSDecoderData; + static void nss_cms_decoder_update_filter (void *arg, const char *data, unsigned long len, int depth, SEC_ASN1EncodingPart data_kind); static SECStatus nss_cms_before_data(NSSCMSDecoderContext *p7dcx); @@ -66,9 +73,26 @@ static SECStatus nss_cms_after_data(NSSCMSDecoderContext *p7dcx); static SECStatus nss_cms_after_end(NSSCMSDecoderContext *p7dcx); static void nss_cms_decoder_work_data(NSSCMSDecoderContext *p7dcx, const unsigned char *data, unsigned long len, PRBool final); +static NSSCMSDecoderData *nss_cms_create_decoder_data(PRArenaPool *poolp); extern const SEC_ASN1Template NSSCMSMessageTemplate[]; +static NSSCMSDecoderData * +nss_cms_create_decoder_data(PRArenaPool *poolp) +{ + NSSCMSDecoderData *decoderData = NULL; + + decoderData = (NSSCMSDecoderData *) + PORT_ArenaAlloc(poolp,sizeof(NSSCMSDecoderData)); + if (!decoderData) { + return NULL; + } + decoderData->data.data = NULL; + decoderData->data.len = 0; + decoderData->totalBufferSize = 0; + return decoderData; +} + /* * nss_cms_decoder_notify - * this is the driver of the decoding process. It gets called by the ASN.1 @@ -250,8 +274,8 @@ nss_cms_before_data(NSSCMSDecoderContext *p7dcx) childtype = NSS_CMSContentInfo_GetContentTypeTag(cinfo); if (childtype == SEC_OID_PKCS7_DATA) { - cinfo->content.data = SECITEM_AllocItem(poolp, NULL, 0); - if (cinfo->content.data == NULL) + cinfo->content.pointer = (void *) nss_cms_create_decoder_data(poolp); + if (cinfo->content.pointer == NULL) /* set memory error */ return SECFailure; @@ -414,7 +438,6 @@ nss_cms_decoder_work_data(NSSCMSDecoderContext *p7dcx, unsigned char *dest; unsigned int offset; SECStatus rv; - SECItem *storage; /* * We should really have data to process, or we should be trying @@ -510,27 +533,30 @@ nss_cms_decoder_work_data(NSSCMSDecoderContext *p7dcx, if (NSS_CMSContentInfo_GetContentTypeTag(cinfo) == SEC_OID_PKCS7_DATA) { /* store it in "inner" data item as well */ /* find the DATA item in the encapsulated cinfo and store it there */ - storage = cinfo->content.data; - - offset = storage->len; - if (storage->len == 0) { - dest = (unsigned char *)PORT_ArenaAlloc(p7dcx->cmsg->poolp, len); - } else { - dest = (unsigned char *)PORT_ArenaGrow(p7dcx->cmsg->poolp, - storage->data, - storage->len, - storage->len + len); - } - if (dest == NULL) { - p7dcx->error = SEC_ERROR_NO_MEMORY; - goto loser; - } + NSSCMSDecoderData *decoderData = + (NSSCMSDecoderData *)cinfo->content.pointer; + SECItem *dataItem = &decoderData->data; + + offset = dataItem->len; + if (dataItem->len+len > decoderData->totalBufferSize) { + int needLen = (dataItem->len+len) * 2; + dest = (unsigned char *) + PORT_ArenaAlloc(p7dcx->cmsg->poolp, needLen); + if (dest == NULL) { + p7dcx->error = SEC_ERROR_NO_MEMORY; + goto loser; + } - storage->data = dest; - storage->len += len; + if (dataItem->len) { + PORT_Memcpy(dest, dataItem->data, dataItem->len); + } + decoderData->totalBufferSize = needLen; + dataItem->data = dest; + } /* copy it in */ - PORT_Memcpy(storage->data + offset, data, len); + PORT_Memcpy(dataItem->data + offset, data, len); + dataItem->len += len; } done: diff --git a/security/nss/lib/smime/config.mk b/security/nss/lib/smime/config.mk index 95a180b71..cd5c893a5 100644 --- a/security/nss/lib/smime/config.mk +++ b/security/nss/lib/smime/config.mk @@ -36,18 +36,28 @@ RELEASE_LIBS = $(TARGETS) ifeq (,$(filter-out WIN%,$(OS_TARGET))) # don't want the 32 in the shared library name -SHARED_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION).dll -IMPORT_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION).lib +SHARED_LIBRARY = $(OBJDIR)/$(DLL_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION).$(DLL_SUFFIX) +IMPORT_LIBRARY = $(OBJDIR)/$(IMPORT_LIB_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION)$(IMPORT_LIB_SUFFIX) RES = $(OBJDIR)/smime.res RESNAME = smime.rc +ifdef NS_USE_GCC +EXTRA_SHARED_LIBS += \ + -L$(DIST)/lib \ + -lnss3 \ + -lplc4 \ + -lplds4 \ + -lnspr4 \ + $(NULL) +else # ! NS_USE_GCC EXTRA_SHARED_LIBS += \ $(DIST)/lib/nss3.lib \ $(DIST)/lib/$(NSPR31_LIB_PREFIX)plc4.lib \ $(DIST)/lib/$(NSPR31_LIB_PREFIX)plds4.lib \ $(DIST)/lib/$(NSPR31_LIB_PREFIX)nspr4.lib \ $(NULL) +endif # NS_USE_GCC else diff --git a/security/nss/lib/softoken/config.mk b/security/nss/lib/softoken/config.mk index d2e7a8231..a9f7c4b4b 100644 --- a/security/nss/lib/softoken/config.mk +++ b/security/nss/lib/softoken/config.mk @@ -49,12 +49,20 @@ EXTRA_LIBS += \ ifeq (,$(filter-out WIN%,$(OS_TARGET))) # don't want the 32 in the shared library name -SHARED_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION).dll -IMPORT_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION).lib +SHARED_LIBRARY = $(OBJDIR)/$(DLL_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION).$(DLL_SUFFIX) +IMPORT_LIBRARY = $(OBJDIR)/$(IMPORT_LIB_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION)$(IMPORT_LIB_SUFFIX) RES = $(OBJDIR)/$(LIBRARY_NAME).res RESNAME = $(LIBRARY_NAME).rc +ifdef NS_USE_GCC +EXTRA_SHARED_LIBS += \ + -L$(DIST)/lib \ + -lplc4 \ + -lplds4 \ + -lnspr4 \ + $(NULL) +else # ! NS_USE_GCC ifdef MOZILLA_BSAFE_BUILD EXTRA_LIBS+=$(DIST)/lib/bsafe$(BSAFEVER).lib endif @@ -64,6 +72,7 @@ EXTRA_SHARED_LIBS += \ $(DIST)/lib/$(NSPR31_LIB_PREFIX)plds4.lib \ $(DIST)/lib/$(NSPR31_LIB_PREFIX)nspr4.lib \ $(NULL) +endif # NS_USE_GCC else diff --git a/security/nss/lib/softoken/pkcs11p.h b/security/nss/lib/softoken/pkcs11p.h index 0a30e8ee4..1361991c5 100644 --- a/security/nss/lib/softoken/pkcs11p.h +++ b/security/nss/lib/softoken/pkcs11p.h @@ -43,7 +43,9 @@ */ #if defined(_WIN32) +#ifdef _MSC_VER #pragma warning(disable:4103) +#endif #pragma pack(push, cryptoki, 1) #endif diff --git a/security/nss/lib/softoken/pkcs11u.h b/security/nss/lib/softoken/pkcs11u.h index 0addf0f6f..777eda4d4 100644 --- a/security/nss/lib/softoken/pkcs11u.h +++ b/security/nss/lib/softoken/pkcs11u.h @@ -41,7 +41,9 @@ */ #if defined (_WIN32) +#ifdef _MSC_VER #pragma warning(disable:4103) +#endif #pragma pack(pop, cryptoki) #endif diff --git a/security/nss/lib/ssl/config.mk b/security/nss/lib/ssl/config.mk index e6f9123f6..3917eaba1 100644 --- a/security/nss/lib/ssl/config.mk +++ b/security/nss/lib/ssl/config.mk @@ -34,18 +34,29 @@ ifeq (,$(filter-out WIN%,$(OS_TARGET))) # don't want the 32 in the shared library name -SHARED_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION).dll -IMPORT_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION).lib +SHARED_LIBRARY = $(OBJDIR)/$(DLL_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION).$(DLL_SUFFIX) +IMPORT_LIBRARY = $(OBJDIR)/$(IMPORT_LIB_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION)$(IMPORT_LIB_SUFFIX) RES = $(OBJDIR)/ssl.res RESNAME = ssl.rc +ifdef NS_USE_GCC +EXTRA_SHARED_LIBS += \ + -L$(DIST)/lib \ + -lnss3 \ + -lplc4 \ + -lplds4 \ + -lnspr4 \ + $(NULL) +else # ! NS_USE_GCC EXTRA_SHARED_LIBS += \ $(DIST)/lib/nss3.lib \ $(DIST)/lib/$(NSPR31_LIB_PREFIX)plc4.lib \ $(DIST)/lib/$(NSPR31_LIB_PREFIX)plds4.lib \ $(DIST)/lib/$(NSPR31_LIB_PREFIX)nspr4.lib \ $(NULL) +endif # NS_USE_GCC + else diff --git a/security/nss/lib/ssl/ssl3con.c b/security/nss/lib/ssl/ssl3con.c index 51ddd58f3..8d3106a9c 100644 --- a/security/nss/lib/ssl/ssl3con.c +++ b/security/nss/lib/ssl/ssl3con.c @@ -5127,6 +5127,21 @@ ssl3_HandleCertificateRequest(sslSocket *ss, SSL3Opaque *b, PRUint32 length) break; /* not an error */ case SECSuccess: + /* check what the callback function returned */ + if ((!ssl3->clientCertificate) || (!ssl3->clientPrivateKey)) { + /* we are missing either the key or cert */ + if (ssl3->clientCertificate) { + /* got a cert, but no key - free it */ + CERT_DestroyCertificate(ssl3->clientCertificate); + ssl3->clientCertificate = NULL; + } + if (ssl3->clientPrivateKey) { + /* got a key, but no cert - free it */ + SECKEY_DestroyPrivateKey(ssl3->clientPrivateKey); + ssl3->clientPrivateKey = NULL; + } + goto send_no_certificate; + } /* Setting ssl3->clientCertChain non-NULL will cause * ssl3_HandleServerHelloDone to call SendCertificate. */ diff --git a/security/nss/lib/ssl/sslcon.c b/security/nss/lib/ssl/sslcon.c index cce73d225..e373fa28b 100644 --- a/security/nss/lib/ssl/sslcon.c +++ b/security/nss/lib/ssl/sslcon.c @@ -2344,6 +2344,22 @@ ssl2_HandleRequestCertificate(sslSocket *ss) goto no_cert_error; } + /* check what the callback function returned */ + if ((!cert) || (!key)) { + /* we are missing either the key or cert */ + if (cert) { + /* got a cert, but no key - free it */ + CERT_DestroyCertificate(cert); + cert = NULL; + } + if (key) { + /* got a key, but no cert - free it */ + SECKEY_DestroyPrivateKey(key); + key = NULL; + } + goto no_cert_error; + } + rv = ssl2_SignResponse(ss, key, &response); if ( rv != SECSuccess ) { ret = -1; diff --git a/security/nss/lib/util/secasn1d.c b/security/nss/lib/util/secasn1d.c index 890ddddba..a03d2f4ef 100644 --- a/security/nss/lib/util/secasn1d.c +++ b/security/nss/lib/util/secasn1d.c @@ -600,6 +600,32 @@ sec_asn1d_init_state_based_on_template (sec_asn1d_state *state) return state; } +static PRBool +sec_asn1d_parent_is_indefinite(sec_asn1d_state *state) +{ + for (state = state->parent; state; state = state->parent) { + sec_asn1d_parse_place place = state->place; + if (place != afterImplicit && + place != afterPointer && + place != afterInline && + place != afterSaveEncoding && + place != duringSaveEncoding && + place != duringChoice) { + + /* we've walked up the stack to a state that represents + ** the enclosing construct. Is it one of the types that + ** permits an unexpected EOC? + */ + int eoc_permitted = + (place == duringGroup || + place == duringConstructedString || + state->child->optional); + return (state->indefinite && eoc_permitted) ? PR_TRUE : PR_FALSE; + + } + } + return PR_FALSE; +} static unsigned long sec_asn1d_parse_identifier (sec_asn1d_state *state, @@ -628,15 +654,7 @@ sec_asn1d_parse_identifier (sec_asn1d_state *state, */ state->pending = 1; } else { - if (byte == 0 && state->parent != NULL && - (state->parent->indefinite || - ( - (state->parent->place == afterImplicit || - state->parent->place == afterPointer) - && state->parent->parent != NULL && state->parent->parent->indefinite - ) - ) - ) { + if (byte == 0 && sec_asn1d_parent_is_indefinite(state)) { /* * Our parent has indefinite-length encoding, and the * entire tag found is 0, so it seems that we have hit the @@ -916,10 +934,9 @@ sec_asn1d_prepare_for_contents (sec_asn1d_state *state) } else { /* * A group of zero; we are done. - * XXX Should we store a NULL here? Or set state to - * afterGroup and let that code do it? + * Set state to afterGroup and let that code plant the NULL. */ - state->place = afterEndOfContents; + state->place = afterGroup; } return; } @@ -1918,7 +1935,8 @@ sec_asn1d_concat_group (sec_asn1d_state *state) PORT_Assert (state->place == afterGroup); placep = (const void***)state->dest; - if (state->subitems_head != NULL) { + PORT_Assert(state->subitems_head == NULL || placep != NULL); + if (placep != NULL) { struct subitem *item; const void **group; int count; @@ -1938,7 +1956,6 @@ sec_asn1d_concat_group (sec_asn1d_state *state) return; } - PORT_Assert (placep != NULL); *placep = group; item = state->subitems_head; @@ -1954,8 +1971,6 @@ sec_asn1d_concat_group (sec_asn1d_state *state) * a memory leak (it is just temporarily left dangling). */ state->subitems_head = state->subitems_tail = NULL; - } else if (placep != NULL) { - *placep = NULL; } state->place = afterEndOfContents; @@ -2187,6 +2202,26 @@ sec_asn1d_during_choice unsigned char child_found_tag_modifiers = 0; unsigned long child_found_tag_number = 0; + state->consumed += child->consumed; + + if (child->endofcontents) { + /* This choice is probably the first item in a GROUP + ** (e.g. SET_OF) that was indefinite-length encoded. + ** We're actually at the end of that GROUP. + ** We should look up the stack to be sure that we find + ** a state with indefinite length encoding before we + ** find a state (like a SEQUENCE) that is definite. + */ + child->place = notInUse; + state->place = afterChoice; + state->endofcontents = PR_TRUE; /* propagate this up */ + if (sec_asn1d_parent_is_indefinite(state)) + return state; + PORT_SetError(SEC_ERROR_BAD_DER); + state->top->status = decodeError; + return NULL; + } + child->theTemplate++; if( 0 == child->theTemplate->kind ) { @@ -2196,8 +2231,6 @@ sec_asn1d_during_choice return (sec_asn1d_state *)NULL; } - state->consumed += child->consumed; - /* cargo'd from next_in_sequence innards */ if( state->pending ) { PORT_Assert(!state->indefinite); diff --git a/security/nss/tests/ssl/sslreq.txt b/security/nss/tests/ssl/sslreq.txt index 16a750fbf..2f7ad7736 100644 --- a/security/nss/tests/ssl/sslreq.txt +++ b/security/nss/tests/ssl/sslreq.txt @@ -1,3 +1,2 @@ -GET / HTTP/1.0 - - +GET / HTTP/1.0
+
|