pool/mozilla-nss
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 178606 from mozilla:Factory

Browse Source 
OBS-URL: https://build.opensuse.org/request/show/178606
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/mozilla-nss?expand=0&rev=80
This commit is contained in:
Stephan Kulow 2013-06-14 14:46:40 +00:00 committed by Git OBS Bridge
commit 4089d6b89b
14 changed files with 123 additions and 296 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

216
bug-834091.patch
View File

@ -1,216 +0,0 @@
Index: security/nss/lib/pkcs7/p7decode.c
===================================================================
RCS file: /cvsroot/mozilla/security/nss/lib/pkcs7/p7decode.c,v
retrieving revision 1.31
diff -u -8 -p -r1.31 p7decode.c
--- security/nss/lib/pkcs7/p7decode.c 12 Dec 2012 19:25:36 -0000 1.31
+++ security/nss/lib/pkcs7/p7decode.c 25 Jan 2013 23:22:54 -0000
@@ -1276,17 +1276,18 @@ SEC_PKCS7ContentIsSigned(SEC_PKCS7Conten
* there should be NO authenticatedAttributes (signerinfo->authAttr should
* be NULL).
*/
static PRBool
sec_pkcs7_verify_signature(SEC_PKCS7ContentInfo *cinfo,
SECCertUsage certusage,
const SECItem *detached_digest,
HASH_HashType digest_type,
- PRBool keepcerts)
+ PRBool keepcerts,
+ PRTime atTime)
{
SECAlgorithmID **digestalgs, *bulkid;
const SECItem *digest;
SECItem **digests;
SECItem **rawcerts;
CERTSignedCrl **crls;
SEC_PKCS7SignerInfo **signerinfos, *signerinfo;
CERTCertificate *cert, **certs;
@@ -1294,17 +1295,18 @@ sec_pkcs7_verify_signature(SEC_PKCS7Cont
CERTCertDBHandle *certdb, *defaultdb;
SECOidTag encTag,digestTag;
HASH_HashType found_type;
int i, certcount;
SECKEYPublicKey *publickey;
SECItem *content_type;
PK11SymKey *sigkey;
SECItem *encoded_stime;
- int64 stime;
+ PRTime stime;
+ PRTime verificationTime;
SECStatus rv;
/*
* Everything needed in order to "goto done" safely.
*/
goodsig = PR_FALSE;
certcount = 0;
cert = NULL;
@@ -1431,18 +1433,20 @@ sec_pkcs7_verify_signature(SEC_PKCS7Cont
/*
* XXX This uses the signing time, if available. Additionally, we
* might want to, if there is no signing time, get the message time
* from the mail header itself, and use that. That would require
* a change to our interface though, and for S/MIME callers to pass
* in a time (and for non-S/MIME callers to pass in nothing, or
* maybe make them pass in the current time, always?).
*/
+ verificationTime = atTime ? atTime
+ : (encoded_stime ? stime : PR_Now());
if (CERT_VerifyCert (certdb, cert, PR_TRUE, certusage,
- encoded_stime != NULL ? stime : PR_Now(),
+ verificationTime,
cinfo->pwfn_arg, NULL) != SECSuccess)
{
/*
* XXX Give the user an option to check the signature anyway?
* If we want to do this, need to give a way to leave and display
* some dialog and get the answer and come back through (or do
* the rest of what we do below elsewhere, maybe by putting it
* in a function that we call below and could call from a dialog
@@ -1752,17 +1756,17 @@ done:
* into our local database.
*/
PRBool
SEC_PKCS7VerifySignature(SEC_PKCS7ContentInfo *cinfo,
SECCertUsage certusage,
PRBool keepcerts)
{
return sec_pkcs7_verify_signature (cinfo, certusage,
- NULL, HASH_AlgNULL, keepcerts);
+ NULL, HASH_AlgNULL, keepcerts, 0);
}
/*
* SEC_PKCS7VerifyDetachedSignature
* Look at a PKCS7 contentInfo and check if the signature matches
* a passed-in digest (calculated, supposedly, from detached contents).
* The verification checks that the signing cert is valid and trusted
* for the purpose specified by "certusage".
@@ -1774,19 +1778,44 @@ PRBool
SEC_PKCS7VerifyDetachedSignature(SEC_PKCS7ContentInfo *cinfo,
SECCertUsage certusage,
const SECItem *detached_digest,
HASH_HashType digest_type,
PRBool keepcerts)
{
return sec_pkcs7_verify_signature (cinfo, certusage,
detached_digest, digest_type,
- keepcerts);
+ keepcerts, 0);
}
+/*
+ * SEC_PKCS7VerifyDetachedSignatureAtTime
+ * Look at a PKCS7 contentInfo and check if the signature matches
+ * a passed-in digest (calculated, supposedly, from detached contents).
+ * The verification checks that the signing cert is valid and trusted
+ * for the purpose specified by "certusage" at time "atTime"
+ * if "atTime" is non-zero, or at the current time (as returned by
+ * PR_Now) otherwise.
+ */
+PRBool
+SEC_PKCS7VerifyDetachedSignatureAtTime(SEC_PKCS7ContentInfo *cinfo,
+ SECCertUsage certusage,
+ const SECItem *detached_digest,
+ HASH_HashType digest_type,
+ PRBool keepcerts,
+ PRTime atTime)
+{
+ if (!atTime) {
+ atTime = PR_Now();
+ }
+
+ return sec_pkcs7_verify_signature (cinfo, certusage,
+ detached_digest, digest_type,
+ keepcerts, atTime);
+}
/*
* Return the asked-for portion of the name of the signer of a PKCS7
* signed object.
*
* Returns a pointer to allocated memory, which must be freed.
* A NULL return value is an error.
*/
@@ -1839,17 +1868,17 @@ sec_pkcs7_get_signer_cert_info(SEC_PKCS7
*/
if (signercert == NULL) {
/*
* The cert usage does not matter in this case, because we do not
* actually care about the verification itself, but we have to pick
* some valid usage to pass in.
*/
(void) sec_pkcs7_verify_signature (cinfo, certUsageEmailSigner,
- NULL, HASH_AlgNULL, PR_FALSE);
+ NULL, HASH_AlgNULL, PR_FALSE, 0);
signercert = signerinfos[0]->cert;
if (signercert == NULL)
return NULL;
}
switch (selector) {
case sec_common_name:
container = CERT_GetCommonName (&signercert->subject);
Index: security/nss/lib/pkcs7/secpkcs7.h
===================================================================
RCS file: /cvsroot/mozilla/security/nss/lib/pkcs7/secpkcs7.h,v
retrieving revision 1.10
diff -u -8 -p -r1.10 secpkcs7.h
--- security/nss/lib/pkcs7/secpkcs7.h 27 Nov 2012 22:48:08 -0000 1.10
+++ security/nss/lib/pkcs7/secpkcs7.h 25 Jan 2013 23:22:54 -0000
@@ -128,16 +128,33 @@ extern PRBool SEC_PKCS7VerifySignature(S
* into our local database.
*/
extern PRBool SEC_PKCS7VerifyDetachedSignature(SEC_PKCS7ContentInfo *cinfo,
SECCertUsage certusage,
const SECItem *detached_digest,
HASH_HashType digest_type,
PRBool keepcerts);
+
+/*
+ * SEC_PKCS7VerifyDetachedSignatureAtTime
+ * Look at a PKCS7 contentInfo and check if the signature matches
+ * a passed-in digest (calculated, supposedly, from detached contents).
+ * The verification checks that the signing cert is valid and trusted
+ * for the purpose specified by "certusage" at time "atTime"
+ * if "atTime" is non-zero, or at the current time (as returned by
+ * PR_Now) otherwise.
+ */
+extern PRBool SEC_PKCS7VerifyDetachedSignatureAtTime(SEC_PKCS7ContentInfo *cinfo,
+ SECCertUsage certusage,
+ const SECItem *detached_digest,
+ HASH_HashType digest_type,
+ PRBool keepcerts,
+ PRTime atTime);
+
/*
* SEC_PKCS7GetSignerCommonName, SEC_PKCS7GetSignerEmailAddress
* The passed-in contentInfo is espected to be Signed, and these
* functions return the specified portion of the full signer name.
*
* Returns a pointer to allocated memory, which must be freed.
* A NULL return value is an error.
*/
Index: security/nss/lib/smime/smime.def
===================================================================
RCS file: /cvsroot/mozilla/security/nss/lib/smime/smime.def,v
retrieving revision 1.39
diff -u -8 -p -r1.39 smime.def
--- security/nss/lib/smime/smime.def 25 Apr 2012 14:50:09 -0000 1.39
+++ security/nss/lib/smime/smime.def 25 Jan 2013 23:22:54 -0000
@@ -262,8 +262,14 @@ NSS_Get_NSS_PointerToCMSGenericWrapperDa
;+ *;
;+};
;+NSS_3.13 { # NSS 3.13 release
;+ global:
NSSSMIME_GetVersion;
;+ local:
;+ *;
;+};
+;+NSS_3.14.3 { # NSS 3.14.3 release
+;+ global:
+SEC_PKCS7VerifyDetachedSignatureAtTime;
+;+ local:
+;+ *;
+;+};

2
char.patch
View File

@ -4,7 +4,7 @@ RCS file: /cvsroot/mozilla/security/nss/cmd/modutil/install-ds.c,v
retrieving revision 1.2
diff -u -p -6 -r1.2 install-ds.c
--- security/nss/cmd/modutil/install-ds.c 25 Apr 2004 15:02:47 -0000 1.2
+++ security/nss/cmd/modutil/install-ds.c 5 Feb 2007 06:57:38 -0000
+++ nss/cmd/modutil/install-ds.c 5 Feb 2007 06:57:38 -0000
@@ -249,13 +249,13 @@ Pk11Install_File_Generate(Pk11Install_Fi
if(!subval || (subval->type != STRING_VALUE)){
errStr = PR_smprintf(errString[BOGUS_FILE_PERMISSIONS],

2
malloc.patch
View File

@ -4,7 +4,7 @@ RCS file: /cvsroot/mozilla/security/nss/tests/ssl/ssl.sh,v
retrieving revision 1.100
diff -u -r1.100 ssl.sh
--- security/nss/tests/ssl/ssl.sh 26 Mar 2009 23:14:34 -0000 1.100
+++ security/nss/tests/ssl/ssl.sh 6 Jun 2009 06:21:07 -0000
+++ nss/tests/ssl/ssl.sh 6 Jun 2009 06:21:07 -0000
@@ -974,6 +974,7 @@
################################# main #################################

70
mozilla-nss.changes
View File

@ -1,3 +1,73 @@
-------------------------------------------------------------------
Tue Jun 11 04:58:56 UTC 2013 - wr@rosenauer.org
- update to 3.15
* Packaging
+ removed obsolete patches
* nss-disable-expired-testcerts.patch
* bug-834091.patch
* New Functionality
+ Support for OCSP Stapling (RFC 6066, Certificate Status
Request) has been added for both client and server sockets.
TLS client applications may enable this via a call to
SSL_OptionSetDefault(SSL_ENABLE_OCSP_STAPLING, PR_TRUE);
+ Added function SECITEM_ReallocItemV2. It replaces function
SECITEM_ReallocItem, which is now declared as obsolete.
+ Support for single-operation (eg: not multi-part) symmetric
key encryption and decryption, via PK11_Encrypt and PK11_Decrypt.
+ certutil has been updated to support creating name constraints
extensions.
* New Functions
in ssl.h
SSL_PeerStapledOCSPResponse - Returns the server's stapled
OCSP response, when used with a TLS client socket that
negotiated the status_request extension.
SSL_SetStapledOCSPResponses - Set's a stapled OCSP response
for a TLS server socket to return when clients send the
status_request extension.
in ocsp.h
CERT_PostOCSPRequest - Primarily intended for testing, permits
the sending and receiving of raw OCSP request/responses.
in secpkcs7.h
SEC_PKCS7VerifyDetachedSignatureAtTime - Verifies a PKCS#7
signature at a specific time other than the present time.
in xconst.h
CERT_EncodeNameConstraintsExtension - Matching function for
CERT_DecodeNameConstraintsExtension, added in NSS 3.10.
in secitem.h
SECITEM_AllocArray
SECITEM_DupArray
SECITEM_FreeArray
SECITEM_ZfreeArray - Utility functions to handle the
allocation and deallocation of SECItemArrays
SECITEM_ReallocItemV2 - Replaces SECITEM_ReallocItem, which is
now obsolete. SECITEM_ReallocItemV2 better matches caller
expectations, in that it updates item->len on allocation.
For more details of the issues with SECITEM_ReallocItem,
see Bug 298649 and Bug 298938.
in pk11pub.h
PK11_Decrypt - Performs decryption as a single PKCS#11
operation (eg: not multi-part). This is necessary for AES-GCM.
PK11_Encrypt - Performs encryption as a single PKCS#11
operation (eg: not multi-part). This is necessary for AES-GCM.
* New Types
in secitem.h
SECItemArray - Represents a variable-length array of SECItems.
* New Macros
in ssl.h
SSL_ENABLE_OCSP_STAPLING - Used with SSL_OptionSet to configure
TLS client sockets to request the certificate_status extension
(eg: OCSP stapling) when set to PR_TRUE
* Notable changes
+ SECITEM_ReallocItem is now deprecated. Please consider using
SECITEM_ReallocItemV2 in all future code.
+ The list of root CA certificates in the nssckbi module has
been updated.
+ The default implementation of SSL_AuthCertificate has been
updated to add certificate status responses stapled by the TLS
server to the OCSP cache.
* a lot of bugfixes
-------------------------------------------------------------------
Tue Apr 16 10:27:04 UTC 2013 - idonmez@suse.com

39
mozilla-nss.spec
View File

@ -25,7 +25,7 @@ BuildRequires: mozilla-nspr-devel
BuildRequires: pkg-config
BuildRequires: sqlite-devel
BuildRequires: zlib-devel
Version: 3.14.3
Version: 3.15
Release: 0
# bug437293
%ifarch ppc64
@ -36,8 +36,8 @@ Summary: Network Security Services
License: MPL-2.0
Group: System/Libraries
Url: http://www.mozilla.org/projects/security/pki/nss/
# cvs -d :pserver:anonymous@cvs-mirror.mozilla.org:/cvsroot co -r <RTM_TAG> NSS
Source: https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_14_3_RTM/src/nss-%{version}.tar.gz
# hg clone https://hg.mozilla.org/projects/nss; hg up NSS_3_15_RTM
Source: https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_15_RTM/src/nss-%{version}.tar.gz
Source1: nss.pc.in
Source3: nss-config.in
Source4: %{name}-rpmlintrc
@ -55,8 +55,6 @@ Patch5: renegotiate-transitional.patch
Patch6: malloc.patch
Patch7: nss-disable-ocsp-test.patch
Patch8: nss-sqlitename.patch
Patch9: nss-disable-expired-testcerts.patch
Patch10: bug-834091.patch
%define nspr_ver %(rpm -q --queryformat '%{VERSION}' mozilla-nspr)
PreReq: mozilla-nspr >= %nspr_ver
PreReq: libfreebl3 >= %{nss_softokn_fips_version}
@ -161,31 +159,29 @@ Mozilla project.
%prep
%setup -n nss-%{version} -q
cd mozilla
%patch1
%patch2
%patch3
%patch4
%patch5
cd nss
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%if %suse_version > 1110
%patch6
%patch6 -p1
%endif
%patch7
%patch8
%patch9
%patch10
%patch7 -p1
%patch8 -p1
# additional CA certificates
#cd security/nss/lib/ckfw/builtins
#cat %{SOURCE2} >> certdata.txt
#make generate
%build
cd nss
modified="$(sed -n '/^----/n;s/ - .*$//;p;q' "%{_sourcedir}/%{name}.changes")"
DATE="\"$(date -d "${modified}" "+%%b %%e %%Y")\""
TIME="\"$(date -d "${modified}" "+%%R")\""
find . -name '*.[ch]' -print -exec sed -i "s/__DATE__/${DATE}/g;s/__TIME__/${TIME}/g" {} +
cd mozilla/security/nss
export FREEBL_NO_DEPEND=1
export NSPR_INCLUDE_DIR=`nspr-config --includedir`
export NSPR_LIB_DIR=`nspr-config --libdir`
@ -214,6 +210,7 @@ fi
%endif
%install
cd nss
mkdir -p $RPM_BUILD_ROOT%{_libdir}
mkdir -p $RPM_BUILD_ROOT%{_libexecdir}/nss
mkdir -p $RPM_BUILD_ROOT%{_includedir}/nss3
@ -221,7 +218,7 @@ mkdir -p $RPM_BUILD_ROOT%{_bindir}
mkdir -p $RPM_BUILD_ROOT%{_sbindir}
mkdir -p $RPM_BUILD_ROOT/%{_lib}
mkdir -p $RPM_BUILD_ROOT%{nssdbdir}
pushd mozilla/dist/Linux*
pushd ../dist/Linux*
# copy headers
cp -rL ../public/nss/*.h $RPM_BUILD_ROOT%{_includedir}/nss3
# copy dynamic libs
@ -278,9 +275,9 @@ s:%%NSPR_VERSION%%:%{nspr_ver}:g" \
%{SOURCE1} > $RPM_BUILD_ROOT%{_libdir}/pkgconfig/nss.pc
# prepare nss-config file
popd
NSS_VMAJOR=`cat mozilla/security/nss/lib/nss/nss.h | grep "#define.*NSS_VMAJOR" | awk '{print $3}'`
NSS_VMINOR=`cat mozilla/security/nss/lib/nss/nss.h | grep "#define.*NSS_VMINOR" | awk '{print $3}'`
NSS_VPATCH=`cat mozilla/security/nss/lib/nss/nss.h | grep "#define.*NSS_VPATCH" | awk '{print $3}'`
NSS_VMAJOR=`cat lib/nss/nss.h | grep "#define.*NSS_VMAJOR" | awk '{print $3}'`
NSS_VMINOR=`cat lib/nss/nss.h | grep "#define.*NSS_VMINOR" | awk '{print $3}'`
NSS_VPATCH=`cat lib/nss/nss.h | grep "#define.*NSS_VPATCH" | awk '{print $3}'`
cat %{SOURCE3} | sed -e "s,@libdir@,%{_libdir},g" \
-e "s,@prefix@,%{_prefix},g" \
-e "s,@exec_prefix@,%{_prefix},g" \

3
nss-3.14.3.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:d9d366be94d33395597ebf82363fcdedfa693a6d627cf7f6bec025f609d54cc0
size 6189790

3
nss-3.15.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:c139f331ddcff4d5485590ee1b4489d3731aa520d4f5d942e2e40bba1e23a3cd
size 6276213

30
nss-disable-expired-testcerts.patch
View File

@ -1,30 +0,0 @@
Index: security/nss/tests/chains/scenarios/realcerts.cfg
===================================================================
RCS file: /cvsroot/mozilla/security/nss/tests/chains/scenarios/realcerts.cfg,v
retrieving revision 1.4
diff -u -r1.4 realcerts.cfg
--- security/nss/tests/chains/scenarios/realcerts.cfg 20 Mar 2012 14:47:29 -0000 1.4
+++ security/nss/tests/chains/scenarios/realcerts.cfg 3 Apr 2013 07:39:49 -0000
@@ -14,15 +14,15 @@
import PayPalEE:x:
import BrAirWaysBadSig:x:
-verify TestUser50:x
- result pass
+#verify TestUser50:x
+# result pass
-verify TestUser51:x
- result pass
+#verify TestUser51:x
+# result pass
-verify PayPalEE:x
- policy OID.2.16.840.1.113733.1.7.23.6
- result pass
+#verify PayPalEE:x
+# policy OID.2.16.840.1.113733.1.7.23.6
+# result pass
verify BrAirWaysBadSig:x
result fail

2
nss-disable-ocsp-test.patch
View File

@ -4,7 +4,7 @@ RCS file: /cvsroot/mozilla/security/nss/tests/chains/scenarios/scenarios,v
retrieving revision 1.10
diff -u -r1.10 scenarios
--- security/nss/tests/chains/scenarios/scenarios 7 Jan 2013 03:56:15 -0000 1.10
+++ security/nss/tests/chains/scenarios/scenarios 28 Jan 2013 18:11:16 -0000
+++ nss/tests/chains/scenarios/scenarios 28 Jan 2013 18:11:16 -0000
@@ -50,6 +50,5 @@
realcerts.cfg
dsa.cfg

2
nss-no-rpath.patch
View File

@ -4,7 +4,7 @@ RCS file: /cvsroot/mozilla/security/nss/cmd/platlibs.mk,v
retrieving revision 1.71
diff -u -p -6 -r1.71 platlibs.mk
--- security/nss/cmd/platlibs.mk 17 Jul 2012 15:22:42 -0000 1.71
+++ security/nss/cmd/platlibs.mk 25 Oct 2012 12:07:35 -0000
+++ nss/cmd/platlibs.mk 25 Oct 2012 12:07:35 -0000
@@ -15,15 +15,15 @@ else
EXTRA_SHARED_LIBS += -R '$$ORIGIN/../lib:/usr/lib/mps/secv1:/usr/lib/mps'
endif

2
nss-opt.patch
View File

@ -4,7 +4,7 @@ RCS file: /cvsroot/mozilla/security/coreconf/Linux.mk,v
retrieving revision 1.45.2.1
diff -u -r1.45.2.1 Linux.mk
--- security/coreconf/Linux.mk 31 Jul 2010 04:23:37 -0000 1.45.2.1
+++ security/coreconf/Linux.mk 5 Aug 2010 07:35:06 -0000
+++ nss/coreconf/Linux.mk 5 Aug 2010 07:35:06 -0000
@@ -112,11 +112,7 @@
endif

2
nss-sqlitename.patch
View File

@ -4,7 +4,7 @@ RCS file: /cvsroot/mozilla/security/nss/lib/sqlite/manifest.mn,v
retrieving revision 1.5
diff -u -r1.5 manifest.mn
--- security/nss/lib/sqlite/manifest.mn 25 Apr 2012 14:50:11 -0000 1.5
+++ security/nss/lib/sqlite/manifest.mn 28 Jan 2013 20:48:22 -0000
+++ nss/lib/sqlite/manifest.mn 28 Jan 2013 20:48:22 -0000
@@ -6,9 +6,10 @@
MODULE = nss

18
renegotiate-transitional.patch
View File

@ -1,11 +1,9 @@
Index: security/nss/lib/ssl/sslsock.c
===================================================================
RCS file: /cvsroot/mozilla/security/nss/lib/ssl/sslsock.c,v
retrieving revision 1.96
diff -u -p -6 -r1.96 sslsock.c
--- security/nss/lib/ssl/sslsock.c 24 Sep 2012 23:57:42 -0000 1.96
+++ security/nss/lib/ssl/sslsock.c 25 Oct 2012 12:08:56 -0000
@@ -147,13 +147,13 @@ static sslOptions ssl_defaults = {
diff --git a/lib/ssl/sslsock.c b/lib/ssl/sslsock.c
--- a/lib/ssl/sslsock.c
+++ b/lib/ssl/sslsock.c
@@ -144,17 +144,17 @@ static sslOptions ssl_defaults = {
PR_FALSE, /* fdx */
PR_FALSE, /* v2CompatibleHello */ /* now defaults to off in NSS 3.13 */
PR_TRUE, /* detectRollBack */
PR_FALSE, /* noStepDown */
PR_FALSE, /* bypassPKCS11 */
@ -16,7 +14,9 @@ diff -u -p -6 -r1.96 sslsock.c
+ 3, /* enableRenegotiation (default: requires extension) */
PR_FALSE, /* requireSafeNegotiation */
PR_FALSE, /* enableFalseStart */
PR_TRUE /* cbcRandomIV */
PR_TRUE, /* cbcRandomIV */
PR_FALSE /* enableOCSPStapling */
};
/*
* default range of enabled SSL/TLS protocols

28
system-nspr.patch
View File

@ -1,16 +1,22 @@
Index: security/nss/Makefile
===================================================================
RCS file: /cvsroot/mozilla/security/nss/Makefile,v
retrieving revision 1.36
diff -u -p -r1.36 Makefile
--- security/nss/Makefile 2 Dec 2008 23:24:39 -0000 1.36
+++ security/nss/Makefile 23 Nov 2009 16:19:04 -0000
@@ -78,7 +78,7 @@ include $(CORE_DEPTH)/coreconf/rules.mk
diff --git a/Makefile b/Makefile
--- a/Makefile
+++ b/Makefile
@@ -39,17 +39,17 @@ include $(CORE_DEPTH)/coreconf/rules.mk
#######################################################################
#######################################################################
# (7) Execute "local" rules. (OPTIONAL). #
#######################################################################
-nss_build_all: build_coreconf build_nspr build_dbm all
+nss_build_all: build_coreconf build_dbm all
-nss_build_all: build_nspr all
+nss_build_all: all
nss_clean_all: clobber_coreconf clobber_nspr clobber_dbm clobber
nss_clean_all: clobber_nspr clobber
NSPR_CONFIG_STATUS = $(CORE_DEPTH)/../nspr/$(OBJDIR_NAME)/config.status
NSPR_CONFIGURE = $(CORE_DEPTH)/../nspr/configure
#
# Translate coreconf build options to NSPR configure options.