From 0378ad6f26d3a4863151c4b08154bab7142a0af9 Mon Sep 17 00:00:00 2001
From: Joe Marcus Clarke <marcus@FreeBSD.org>
Date: Sun, 25 Feb 2007 00:13:05 +0000
Subject: Update to 1.5.0.10 to fix some security vulnerabilities.  See
 http://vuxml.FreeBSD.org/12bd6ecf-c430-11db-95c5-000c6ec775d9.html for more
 details.

---
 www/firefox15/files/patch-sysnss | 263 +++++++++++++++++++++++++--------------
 1 file changed, 171 insertions(+), 92 deletions(-)

(limited to 'www/firefox15/files/patch-sysnss')

diff --git a/www/firefox15/files/patch-sysnss b/www/firefox15/files/patch-sysnss
index d854cabc053a..9ee4195809d9 100644
--- a/www/firefox15/files/patch-sysnss
+++ b/www/firefox15/files/patch-sysnss
@@ -7,13 +7,84 @@
 -
  ifndef MOZ_NATIVE_JPEG
  tier_1_dirs	+= jpeg
---- security/manager/Makefile.in	Mon Mar 28 19:56:36 2005
-+++ security/manager/Makefile.in	Tue Aug  2 09:02:50 2005
-@@ -37,16 +37,7 @@
+--- security/manager/ssl/src/Makefile.in	Wed Jan  7 08:36:51 2004
++++ security/manager/ssl/src/Makefile.in	Tue Aug  2 09:13:07 2005
+@@ -117,5 +117,5 @@
+ # Use local includes because they are inserted before INCLUDES
+ # so that Mozilla's nss.h is used, not glibc's
+-LOCAL_INCLUDES += -I$(DIST)/public/nss \
++LOCAL_INCLUDES += -I$(LOCALBASE)/include/nss/nss \
+                   $(NULL)
+ 
+--- config/config.mk	Tue Oct 12 00:11:11 2004
++++ config/config.mk	Tue Aug  2 09:19:18 2005
+@@ -170,5 +170,4 @@
+ NSS_LIBS	= \
+ 	$(LIBS_DIR) \
+-	$(DIST)/lib/$(LIB_PREFIX)crmf.$(LIB_SUFFIX) \
+ 	-lsmime3 \
+ 	-lssl3 \
+@@ -189,11 +188,5 @@
+ endif
+ 
+-NSS_DEP_LIBS	= \
+-	$(DIST)/lib/$(LIB_PREFIX)crmf.$(LIB_SUFFIX) \
+-	$(DIST)/lib/$(DLL_PREFIX)smime3$(DLL_SUFFIX) \
+-	$(DIST)/lib/$(DLL_PREFIX)ssl3$(DLL_SUFFIX) \
+-	$(DIST)/lib/$(DLL_PREFIX)nss3$(DLL_SUFFIX) \
+-	$(DIST)/lib/$(DLL_PREFIX)softokn3$(DLL_SUFFIX) \
+-	$(NULL)
++NSS_DEP_LIBS	=
+ 
+ MOZ_UNICHARUTIL_LIBS = $(DIST)/lib/$(LIB_PREFIX)unicharutil_s.$(LIB_SUFFIX)
+--- security/manager/ssl/src/nsNSSComponent.cpp	Thu Apr 22 15:48:30 2004
++++ security/manager/ssl/src/nsNSSComponent.cpp	Thu Aug  4 16:44:27 2005
+@@ -88,4 +88,8 @@
+ }
+ 
++#include <sys/types.h>
++#include <sys/stat.h>
++#include <errno.h>
++
+ #ifdef PR_LOGGING
+ PRLogModuleInfo* gPIPNSSLog = nsnull;
+@@ -406,4 +410,5 @@
+     const char *possible_ckbi_locations[] = {
+       NS_GRE_DIR,
++      NS_UNIX_LIB_DIR,
+       NS_XPCOM_CURRENT_PROCESS_DIR
+     };
+@@ -419,5 +424,5 @@
+       }
+ 
+-      char *fullModuleName = nsnull;
++      char *fullModuleName;
+ #ifdef XP_MAC
+       nsCAutoString nativePath;
+@@ -431,4 +436,12 @@
+       fullModuleName = PR_GetLibraryName(processDir.get(), "nssckbi");
+ #endif
++      if (fullModuleName == nsnull)
++        continue;
++      struct stat sb;
++      if (stat(fullModuleName, &sb)) {
++        if (errno != ENOENT)
++          perror(fullModuleName);
++        continue;
++      }
+       /* If a module exists with the same name, delete it. */
+       NS_ConvertUCS2toUTF8 modNameUTF8(modName);
+--- security/manager/Makefile.in.orig	Tue Dec 19 17:07:37 2006
++++ security/manager/Makefile.in	Sat Feb 24 17:28:01 2007
+@@ -52,21 +52,12 @@ PACKAGE_VARS += \
+ 	SSL3_LIB \
  	SOFTOKEN3_LIB \
  	SOFTOKEN3_CHK \
 -	LOADABLE_ROOT_MODULE \
- 	HAVE_FREEBL_MODULES \
+ 	HAVE_FREEBL_LIBS \
+ 	HAVE_FREEBL_LIBS_32 \
+ 	HAVE_FREEBL_LIBS_32INT64 \
+ 	HAVE_FREEBL_LIBS_64 \
  	$(NULL)
  
 -LOADABLE_ROOT_MODULE = $(DLL_PREFIX)nssckbi$(DLL_SUFFIX)
@@ -24,9 +95,11 @@
 -SOFTOKEN3_LIB = $(DLL_PREFIX)softokn3$(DLL_SUFFIX)
 -SOFTOKEN3_CHK = $(DLL_PREFIX)softokn3.chk
 -
- ifneq (,$(filter SunOS HP-UX,$(OS_ARCH)))
- ifeq (,$(filter i86pc ia64,$(OS_TEST)))
-@@ -132,9 +123,4 @@
+ # Default
+ HAVE_FREEBL_LIBS = 1
+ 
+@@ -190,11 +181,6 @@ export:: .nss.cleaned
+ 
  .nss.cleaned: .nss.checkout
  	$(MAKE) -C $(topsrcdir)/security/coreconf $(DEFAULT_GMAKE_FLAGS) clean
 -	$(MAKE) -C $(topsrcdir)/security/nss/lib $(DEFAULT_GMAKE_FLAGS) clean
@@ -36,7 +109,9 @@
 -endif
  	touch $@
  
-@@ -153,43 +139,4 @@
+ .nss.checkout:
+@@ -212,89 +198,6 @@ libs::
+ 	$(MAKE) -C $(topsrcdir)/security/coreconf $(DEFAULT_GMAKE_FLAGS)
  ifeq ($(OS_ARCH),WINNT)
  	cd $(DIST)/lib; cp -f $(LIB_PREFIX)dbm$(MOZ_BITS).$(LIB_SUFFIX) $(LIB_PREFIX)dbm.$(LIB_SUFFIX)
 -else
@@ -56,11 +131,33 @@
 -	$(INSTALL) -m 755 $(DIST)/lib/$(NSS3_LIB) $(GRE_DIST)
 -	$(INSTALL) -m 755 $(DIST)/lib/$(SSL3_LIB) $(GRE_DIST)
 -	$(INSTALL) -m 755 $(DIST)/lib/$(SMIME3_LIB) $(GRE_DIST)
--ifdef HAVE_FREEBL_MODULES
--	$(INSTALL) -m 644 $(DIST)/lib/$(FREEBL_PURE32_CHK) $(GRE_DIST)
--	$(INSTALL) -m 755 $(DIST)/lib/$(FREEBL_PURE32_MODULE) $(GRE_DIST)
--	$(INSTALL) -m 644 $(DIST)/lib/$(FREEBL_HYBRID_CHK) $(GRE_DIST)
--	$(INSTALL) -m 755 $(DIST)/lib/$(FREEBL_HYBRID_MODULE) $(GRE_DIST)
+-ifdef HAVE_FREEBL_LIBS
+-ifndef SKIP_CHK
+-	$(INSTALL) -m 644 $(DIST)/lib/$(FREEBL_CHK) $(GRE_DIST)
+-endif
+-	$(INSTALL) -m 755 $(DIST)/lib/$(FREEBL_LIB) $(GRE_DIST)
+-endif
+-ifdef HAVE_FREEBL_LIBS_32
+-ifndef SKIP_CHK
+-	$(INSTALL) -m 644 $(DIST)/lib/$(FREEBL_32INT_CHK) $(GRE_DIST)
+-	$(INSTALL) -m 644 $(DIST)/lib/$(FREEBL_32FPU_CHK) $(GRE_DIST)
+-endif
+-	$(INSTALL) -m 755 $(DIST)/lib/$(FREEBL_32INT_LIB) $(GRE_DIST)
+-	$(INSTALL) -m 755 $(DIST)/lib/$(FREEBL_32FPU_LIB) $(GRE_DIST)
+-endif
+-ifdef HAVE_FREEBL_LIBS_32INT64
+-ifndef SKIP_CHK
+-	$(INSTALL) -m 644 $(DIST)/lib/$(FREEBL_32INT64_CHK) $(GRE_DIST)
+-endif
+-	$(INSTALL) -m 755 $(DIST)/lib/$(FREEBL_32INT64_LIB) $(GRE_DIST)
+-endif
+-ifdef HAVE_FREEBL_LIBS_64
+-ifndef SKIP_CHK
+-	$(INSTALL) -m 644 $(DIST)/lib/$(FREEBL_64INT_CHK) $(GRE_DIST)
+-	$(INSTALL) -m 644 $(DIST)/lib/$(FREEBL_64FPU_CHK) $(GRE_DIST)
+-endif
+-	$(INSTALL) -m 755 $(DIST)/lib/$(FREEBL_64INT_LIB) $(GRE_DIST)
+-	$(INSTALL) -m 755 $(DIST)/lib/$(FREEBL_64FPU_LIB) $(GRE_DIST)
 -endif
 -endif
 -ifndef _SKIP_OLD_GRE_INSTALL
@@ -72,15 +169,39 @@
 -	$(INSTALL) -m 755 $(DIST)/lib/$(NSS3_LIB) $(DIST)/bin
 -	$(INSTALL) -m 755 $(DIST)/lib/$(SSL3_LIB) $(DIST)/bin
 -	$(INSTALL) -m 755 $(DIST)/lib/$(SMIME3_LIB) $(DIST)/bin
--ifdef HAVE_FREEBL_MODULES
--	$(INSTALL) -m 644 $(DIST)/lib/$(FREEBL_PURE32_CHK) $(DIST)/bin
--	$(INSTALL) -m 755 $(DIST)/lib/$(FREEBL_PURE32_MODULE) $(DIST)/bin
--	$(INSTALL) -m 644 $(DIST)/lib/$(FREEBL_HYBRID_CHK) $(DIST)/bin
--	$(INSTALL) -m 755 $(DIST)/lib/$(FREEBL_HYBRID_MODULE) $(DIST)/bin
+-ifdef HAVE_FREEBL_LIBS
+-ifndef SKIP_CHK
+-	$(INSTALL) -m 644 $(DIST)/lib/$(FREEBL_CHK) $(DIST)/bin
+-endif
+-	$(INSTALL) -m 755 $(DIST)/lib/$(FREEBL_LIB) $(DIST)/bin
+-endif
+-ifdef HAVE_FREEBL_LIBS_32
+-ifndef SKIP_CHK
+-	$(INSTALL) -m 644 $(DIST)/lib/$(FREEBL_32INT_CHK) $(DIST)/bin
+-	$(INSTALL) -m 644 $(DIST)/lib/$(FREEBL_32FPU_CHK) $(DIST)/bin
+-endif
+-	$(INSTALL) -m 755 $(DIST)/lib/$(FREEBL_32INT_LIB) $(DIST)/bin
+-	$(INSTALL) -m 755 $(DIST)/lib/$(FREEBL_32FPU_LIB) $(DIST)/bin
+-endif
+-ifdef HAVE_FREEBL_LIBS_32INT64
+-ifndef SKIP_CHK
+-	$(INSTALL) -m 644 $(DIST)/lib/$(FREEBL_32INT64_CHK) $(DIST)/bin
+-endif
+-	$(INSTALL) -m 755 $(DIST)/lib/$(FREEBL_32INT64_LIB) $(DIST)/bin
+-endif
+-ifdef HAVE_FREEBL_LIBS_64
+-ifndef SKIP_CHK
+-	$(INSTALL) -m 644 $(DIST)/lib/$(FREEBL_64INT_CHK) $(DIST)/bin
+-	$(INSTALL) -m 644 $(DIST)/lib/$(FREEBL_64FPU_CHK) $(DIST)/bin
+-endif
+-	$(INSTALL) -m 755 $(DIST)/lib/$(FREEBL_64INT_LIB) $(DIST)/bin
+-	$(INSTALL) -m 755 $(DIST)/lib/$(FREEBL_64FPU_LIB) $(DIST)/bin
 -endif
  endif
  	$(MAKE) -C boot $@
-@@ -200,18 +147,4 @@
+ 	$(MAKE) -C ssl $@
+@@ -304,42 +207,6 @@ ifdef MOZ_XUL
+ endif
  
  install::
 -	$(SYSINSTALL) -m 755 $(DIST)/lib/$(LOADABLE_ROOT_MODULE) $(DESTDIR)$(mozappdir)
@@ -91,15 +212,39 @@
 -	$(SYSINSTALL) -m 755 $(DIST)/lib/$(NSS3_LIB) $(DESTDIR)$(mozappdir)
 -	$(SYSINSTALL) -m 755 $(DIST)/lib/$(SSL3_LIB) $(DESTDIR)$(mozappdir)
 -	$(SYSINSTALL) -m 755 $(DIST)/lib/$(SMIME3_LIB) $(DESTDIR)$(mozappdir)
--ifdef HAVE_FREEBL_MODULES
--	$(SYSINSTALL) -m 644 $(DIST)/lib/$(FREEBL_PURE32_CHK) $(DESTDIR)$(mozappdir)
--	$(SYSINSTALL) -m 755 $(DIST)/lib/$(FREEBL_PURE32_MODULE) $(DESTDIR)$(mozappdir)
--	$(SYSINSTALL) -m 644 $(DIST)/lib/$(FREEBL_HYBRID_CHK) $(DESTDIR)$(mozappdir)
--	$(SYSINSTALL) -m 755 $(DIST)/lib/$(FREEBL_HYBRID_MODULE) $(DESTDIR)$(mozappdir)
+-ifdef HAVE_FREEBL_LIBS
+-ifndef SKIP_CHK
+-	$(SYSINSTALL) -m 644 $(DIST)/lib/$(FREEBL_CHK) $(DESTDIR)$(mozappdir)
+-endif
+-	$(SYSINSTALL) -m 755 $(DIST)/lib/$(FREEBL_LIB) $(DESTDIR)$(mozappdir)
+-endif
+-ifdef HAVE_FREEBL_LIBS_32
+-ifndef SKIP_CHK
+-	$(SYSINSTALL) -m 644 $(DIST)/lib/$(FREEBL_32INT_CHK) $(DESTDIR)$(mozappdir)
+-	$(SYSINSTALL) -m 644 $(DIST)/lib/$(FREEBL_32FPU_CHK) $(DESTDIR)$(mozappdir)
+-endif
+-	$(SYSINSTALL) -m 755 $(DIST)/lib/$(FREEBL_32INT_LIB) $(DESTDIR)$(mozappdir)
+-	$(SYSINSTALL) -m 755 $(DIST)/lib/$(FREEBL_32FPU_LIB) $(DESTDIR)$(mozappdir)
+-endif
+-ifdef HAVE_FREEBL_LIBS_32INT64
+-ifndef SKIP_CHK
+-	$(SYSINSTALL) -m 644 $(DIST)/lib/$(FREEBL_32INT64_CHK) $(DESTDIR)$(mozappdir)
+-endif
+-	$(SYSINSTALL) -m 755 $(DIST)/lib/$(FREEBL_32INT64_LIB) $(DESTDIR)$(mozappdir)
+-endif
+-ifdef HAVE_FREEBL_LIBS_64
+-ifndef SKIP_CHK
+-	$(SYSINSTALL) -m 644 $(DIST)/lib/$(FREEBL_64INT_CHK) $(DESTDIR)$(mozappdir)
+-	$(SYSINSTALL) -m 644 $(DIST)/lib/$(FREEBL_64FPU_CHK) $(DESTDIR)$(mozappdir)
+-endif
+-	$(SYSINSTALL) -m 755 $(DIST)/lib/$(FREEBL_64INT_LIB) $(DESTDIR)$(mozappdir)
+-	$(SYSINSTALL) -m 755 $(DIST)/lib/$(FREEBL_64FPU_LIB) $(DESTDIR)$(mozappdir)
 -endif
  	$(MAKE) -C boot $@
  	$(MAKE) -C ssl $@
-@@ -227,9 +160,4 @@
+ 	$(MAKE) -C locales $@
+@@ -355,11 +222,6 @@ ifdef MOZ_XUL
+ 	$(MAKE) -C pki $@
  endif
  	$(MAKE) -C $(topsrcdir)/security/coreconf $(DEFAULT_GMAKE_FLAGS) clean
 -	$(MAKE) -C $(topsrcdir)/security/nss/lib $(DEFAULT_GMAKE_FLAGS) clean
@@ -109,70 +254,4 @@
 -endif
  
  echo-requires-recursive::
---- security/manager/ssl/src/Makefile.in	Wed Jan  7 08:36:51 2004
-+++ security/manager/ssl/src/Makefile.in	Tue Aug  2 09:13:07 2005
-@@ -117,5 +117,5 @@
- # Use local includes because they are inserted before INCLUDES
- # so that Mozilla's nss.h is used, not glibc's
--LOCAL_INCLUDES += -I$(DIST)/public/nss \
-+LOCAL_INCLUDES += -I$(LOCALBASE)/include/nss/nss \
-                   $(NULL)
- 
---- config/config.mk	Tue Oct 12 00:11:11 2004
-+++ config/config.mk	Tue Aug  2 09:19:18 2005
-@@ -170,5 +170,4 @@
- NSS_LIBS	= \
- 	$(LIBS_DIR) \
--	$(DIST)/lib/$(LIB_PREFIX)crmf.$(LIB_SUFFIX) \
- 	-lsmime3 \
- 	-lssl3 \
-@@ -189,11 +188,5 @@
- endif
- 
--NSS_DEP_LIBS	= \
--	$(DIST)/lib/$(LIB_PREFIX)crmf.$(LIB_SUFFIX) \
--	$(DIST)/lib/$(DLL_PREFIX)smime3$(DLL_SUFFIX) \
--	$(DIST)/lib/$(DLL_PREFIX)ssl3$(DLL_SUFFIX) \
--	$(DIST)/lib/$(DLL_PREFIX)nss3$(DLL_SUFFIX) \
--	$(DIST)/lib/$(DLL_PREFIX)softokn3$(DLL_SUFFIX) \
--	$(NULL)
-+NSS_DEP_LIBS	=
- 
- MOZ_UNICHARUTIL_LIBS = $(DIST)/lib/$(LIB_PREFIX)unicharutil_s.$(LIB_SUFFIX)
---- security/manager/ssl/src/nsNSSComponent.cpp	Thu Apr 22 15:48:30 2004
-+++ security/manager/ssl/src/nsNSSComponent.cpp	Thu Aug  4 16:44:27 2005
-@@ -88,4 +88,8 @@
- }
- 
-+#include <sys/types.h>
-+#include <sys/stat.h>
-+#include <errno.h>
-+
- #ifdef PR_LOGGING
- PRLogModuleInfo* gPIPNSSLog = nsnull;
-@@ -406,4 +410,5 @@
-     const char *possible_ckbi_locations[] = {
-       NS_GRE_DIR,
-+      NS_UNIX_LIB_DIR,
-       NS_XPCOM_CURRENT_PROCESS_DIR
-     };
-@@ -419,5 +424,5 @@
-       }
- 
--      char *fullModuleName = nsnull;
-+      char *fullModuleName;
- #ifdef XP_MAC
-       nsCAutoString nativePath;
-@@ -431,4 +436,12 @@
-       fullModuleName = PR_GetLibraryName(processDir.get(), "nssckbi");
- #endif
-+      if (fullModuleName == nsnull)
-+        continue;
-+      struct stat sb;
-+      if (stat(fullModuleName, &sb)) {
-+        if (errno != ENOENT)
-+          perror(fullModuleName);
-+        continue;
-+      }
-       /* If a module exists with the same name, delete it. */
-       NS_ConvertUCS2toUTF8 modNameUTF8(modName);
+ 	$(MAKE) -C boot $@
-- 
cgit v1.2.3