- update to 3.15

* Packaging
    + removed obsolete patches
      * nss-disable-expired-testcerts.patch
      * bug-834091.patch
  * New Functionality
    + Support for OCSP Stapling (RFC 6066, Certificate Status
      Request) has been added for both client and server sockets.
      TLS client applications may enable this via a call to
      SSL_OptionSetDefault(SSL_ENABLE_OCSP_STAPLING, PR_TRUE);
    + Added function SECITEM_ReallocItemV2. It replaces function
      SECITEM_ReallocItem, which is now declared as obsolete.
    + Support for single-operation (eg: not multi-part) symmetric
      key encryption and decryption, via PK11_Encrypt and PK11_Decrypt.
    + certutil has been updated to support creating name constraints
      extensions.
  * New Functions
    in ssl.h
      SSL_PeerStapledOCSPResponse - Returns the server's stapled
        OCSP response, when used with a TLS client socket that
        negotiated the status_request extension.
      SSL_SetStapledOCSPResponses - Set's a stapled OCSP response
        for a TLS server socket to return when clients send the
        status_request extension.
    in ocsp.h
      CERT_PostOCSPRequest - Primarily intended for testing, permits
        the sending and receiving of raw OCSP request/responses.
    in secpkcs7.h
      SEC_PKCS7VerifyDetachedSignatureAtTime - Verifies a PKCS#7
        signature at a specific time other than the present time.

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/mozilla-nss?expand=0&rev=124
This commit is contained in:
Wolfgang Rosenauer 2013-06-11 15:41:13 +00:00 committed by Git OBS Bridge
parent ddbab3a3b8
commit 506ad33ba3
13 changed files with 119 additions and 295 deletions

View File

@ -1,216 +0,0 @@
Index: security/nss/lib/pkcs7/p7decode.c
===================================================================
RCS file: /cvsroot/mozilla/security/nss/lib/pkcs7/p7decode.c,v
retrieving revision 1.31
diff -u -8 -p -r1.31 p7decode.c
--- security/nss/lib/pkcs7/p7decode.c 12 Dec 2012 19:25:36 -0000 1.31
+++ security/nss/lib/pkcs7/p7decode.c 25 Jan 2013 23:22:54 -0000
@@ -1276,17 +1276,18 @@ SEC_PKCS7ContentIsSigned(SEC_PKCS7Conten
* there should be NO authenticatedAttributes (signerinfo->authAttr should
* be NULL).
*/
static PRBool
sec_pkcs7_verify_signature(SEC_PKCS7ContentInfo *cinfo,
SECCertUsage certusage,
const SECItem *detached_digest,
HASH_HashType digest_type,
- PRBool keepcerts)
+ PRBool keepcerts,
+ PRTime atTime)
{
SECAlgorithmID **digestalgs, *bulkid;
const SECItem *digest;
SECItem **digests;
SECItem **rawcerts;
CERTSignedCrl **crls;
SEC_PKCS7SignerInfo **signerinfos, *signerinfo;
CERTCertificate *cert, **certs;
@@ -1294,17 +1295,18 @@ sec_pkcs7_verify_signature(SEC_PKCS7Cont
CERTCertDBHandle *certdb, *defaultdb;
SECOidTag encTag,digestTag;
HASH_HashType found_type;
int i, certcount;
SECKEYPublicKey *publickey;
SECItem *content_type;
PK11SymKey *sigkey;
SECItem *encoded_stime;
- int64 stime;
+ PRTime stime;
+ PRTime verificationTime;
SECStatus rv;
/*
* Everything needed in order to "goto done" safely.
*/
goodsig = PR_FALSE;
certcount = 0;
cert = NULL;
@@ -1431,18 +1433,20 @@ sec_pkcs7_verify_signature(SEC_PKCS7Cont
/*
* XXX This uses the signing time, if available. Additionally, we
* might want to, if there is no signing time, get the message time
* from the mail header itself, and use that. That would require
* a change to our interface though, and for S/MIME callers to pass
* in a time (and for non-S/MIME callers to pass in nothing, or
* maybe make them pass in the current time, always?).
*/
+ verificationTime = atTime ? atTime
+ : (encoded_stime ? stime : PR_Now());
if (CERT_VerifyCert (certdb, cert, PR_TRUE, certusage,
- encoded_stime != NULL ? stime : PR_Now(),
+ verificationTime,
cinfo->pwfn_arg, NULL) != SECSuccess)
{
/*
* XXX Give the user an option to check the signature anyway?
* If we want to do this, need to give a way to leave and display
* some dialog and get the answer and come back through (or do
* the rest of what we do below elsewhere, maybe by putting it
* in a function that we call below and could call from a dialog
@@ -1752,17 +1756,17 @@ done:
* into our local database.
*/
PRBool
SEC_PKCS7VerifySignature(SEC_PKCS7ContentInfo *cinfo,
SECCertUsage certusage,
PRBool keepcerts)
{
return sec_pkcs7_verify_signature (cinfo, certusage,
- NULL, HASH_AlgNULL, keepcerts);
+ NULL, HASH_AlgNULL, keepcerts, 0);
}
/*
* SEC_PKCS7VerifyDetachedSignature
* Look at a PKCS7 contentInfo and check if the signature matches
* a passed-in digest (calculated, supposedly, from detached contents).
* The verification checks that the signing cert is valid and trusted
* for the purpose specified by "certusage".
@@ -1774,19 +1778,44 @@ PRBool
SEC_PKCS7VerifyDetachedSignature(SEC_PKCS7ContentInfo *cinfo,
SECCertUsage certusage,
const SECItem *detached_digest,
HASH_HashType digest_type,
PRBool keepcerts)
{
return sec_pkcs7_verify_signature (cinfo, certusage,
detached_digest, digest_type,
- keepcerts);
+ keepcerts, 0);
}
+/*
+ * SEC_PKCS7VerifyDetachedSignatureAtTime
+ * Look at a PKCS7 contentInfo and check if the signature matches
+ * a passed-in digest (calculated, supposedly, from detached contents).
+ * The verification checks that the signing cert is valid and trusted
+ * for the purpose specified by "certusage" at time "atTime"
+ * if "atTime" is non-zero, or at the current time (as returned by
+ * PR_Now) otherwise.
+ */
+PRBool
+SEC_PKCS7VerifyDetachedSignatureAtTime(SEC_PKCS7ContentInfo *cinfo,
+ SECCertUsage certusage,
+ const SECItem *detached_digest,
+ HASH_HashType digest_type,
+ PRBool keepcerts,
+ PRTime atTime)
+{
+ if (!atTime) {
+ atTime = PR_Now();
+ }
+
+ return sec_pkcs7_verify_signature (cinfo, certusage,
+ detached_digest, digest_type,
+ keepcerts, atTime);
+}
/*
* Return the asked-for portion of the name of the signer of a PKCS7
* signed object.
*
* Returns a pointer to allocated memory, which must be freed.
* A NULL return value is an error.
*/
@@ -1839,17 +1868,17 @@ sec_pkcs7_get_signer_cert_info(SEC_PKCS7
*/
if (signercert == NULL) {
/*
* The cert usage does not matter in this case, because we do not
* actually care about the verification itself, but we have to pick
* some valid usage to pass in.
*/
(void) sec_pkcs7_verify_signature (cinfo, certUsageEmailSigner,
- NULL, HASH_AlgNULL, PR_FALSE);
+ NULL, HASH_AlgNULL, PR_FALSE, 0);
signercert = signerinfos[0]->cert;
if (signercert == NULL)
return NULL;
}
switch (selector) {
case sec_common_name:
container = CERT_GetCommonName (&signercert->subject);
Index: security/nss/lib/pkcs7/secpkcs7.h
===================================================================
RCS file: /cvsroot/mozilla/security/nss/lib/pkcs7/secpkcs7.h,v
retrieving revision 1.10
diff -u -8 -p -r1.10 secpkcs7.h
--- security/nss/lib/pkcs7/secpkcs7.h 27 Nov 2012 22:48:08 -0000 1.10
+++ security/nss/lib/pkcs7/secpkcs7.h 25 Jan 2013 23:22:54 -0000
@@ -128,16 +128,33 @@ extern PRBool SEC_PKCS7VerifySignature(S
* into our local database.
*/
extern PRBool SEC_PKCS7VerifyDetachedSignature(SEC_PKCS7ContentInfo *cinfo,
SECCertUsage certusage,
const SECItem *detached_digest,
HASH_HashType digest_type,
PRBool keepcerts);
+
+/*
+ * SEC_PKCS7VerifyDetachedSignatureAtTime
+ * Look at a PKCS7 contentInfo and check if the signature matches
+ * a passed-in digest (calculated, supposedly, from detached contents).
+ * The verification checks that the signing cert is valid and trusted
+ * for the purpose specified by "certusage" at time "atTime"
+ * if "atTime" is non-zero, or at the current time (as returned by
+ * PR_Now) otherwise.
+ */
+extern PRBool SEC_PKCS7VerifyDetachedSignatureAtTime(SEC_PKCS7ContentInfo *cinfo,
+ SECCertUsage certusage,
+ const SECItem *detached_digest,
+ HASH_HashType digest_type,
+ PRBool keepcerts,
+ PRTime atTime);
+
/*
* SEC_PKCS7GetSignerCommonName, SEC_PKCS7GetSignerEmailAddress
* The passed-in contentInfo is espected to be Signed, and these
* functions return the specified portion of the full signer name.
*
* Returns a pointer to allocated memory, which must be freed.
* A NULL return value is an error.
*/
Index: security/nss/lib/smime/smime.def
===================================================================
RCS file: /cvsroot/mozilla/security/nss/lib/smime/smime.def,v
retrieving revision 1.39
diff -u -8 -p -r1.39 smime.def
--- security/nss/lib/smime/smime.def 25 Apr 2012 14:50:09 -0000 1.39
+++ security/nss/lib/smime/smime.def 25 Jan 2013 23:22:54 -0000
@@ -262,8 +262,14 @@ NSS_Get_NSS_PointerToCMSGenericWrapperDa
;+ *;
;+};
;+NSS_3.13 { # NSS 3.13 release
;+ global:
NSSSMIME_GetVersion;
;+ local:
;+ *;
;+};
+;+NSS_3.14.3 { # NSS 3.14.3 release
+;+ global:
+SEC_PKCS7VerifyDetachedSignatureAtTime;
+;+ local:
+;+ *;
+;+};

View File

@ -4,7 +4,7 @@ RCS file: /cvsroot/mozilla/security/nss/cmd/modutil/install-ds.c,v
retrieving revision 1.2
diff -u -p -6 -r1.2 install-ds.c
--- security/nss/cmd/modutil/install-ds.c 25 Apr 2004 15:02:47 -0000 1.2
+++ security/nss/cmd/modutil/install-ds.c 5 Feb 2007 06:57:38 -0000
+++ nss/cmd/modutil/install-ds.c 5 Feb 2007 06:57:38 -0000
@@ -249,13 +249,13 @@ Pk11Install_File_Generate(Pk11Install_Fi
if(!subval || (subval->type != STRING_VALUE)){
errStr = PR_smprintf(errString[BOGUS_FILE_PERMISSIONS],

View File

@ -4,7 +4,7 @@ RCS file: /cvsroot/mozilla/security/nss/tests/ssl/ssl.sh,v
retrieving revision 1.100
diff -u -r1.100 ssl.sh
--- security/nss/tests/ssl/ssl.sh 26 Mar 2009 23:14:34 -0000 1.100
+++ security/nss/tests/ssl/ssl.sh 6 Jun 2009 06:21:07 -0000
+++ nss/tests/ssl/ssl.sh 6 Jun 2009 06:21:07 -0000
@@ -974,6 +974,7 @@
################################# main #################################

View File

@ -1,3 +1,73 @@
-------------------------------------------------------------------
Tue Jun 11 04:58:56 UTC 2013 - wr@rosenauer.org
- update to 3.15
* Packaging
+ removed obsolete patches
* nss-disable-expired-testcerts.patch
* bug-834091.patch
* New Functionality
+ Support for OCSP Stapling (RFC 6066, Certificate Status
Request) has been added for both client and server sockets.
TLS client applications may enable this via a call to
SSL_OptionSetDefault(SSL_ENABLE_OCSP_STAPLING, PR_TRUE);
+ Added function SECITEM_ReallocItemV2. It replaces function
SECITEM_ReallocItem, which is now declared as obsolete.
+ Support for single-operation (eg: not multi-part) symmetric
key encryption and decryption, via PK11_Encrypt and PK11_Decrypt.
+ certutil has been updated to support creating name constraints
extensions.
* New Functions
in ssl.h
SSL_PeerStapledOCSPResponse - Returns the server's stapled
OCSP response, when used with a TLS client socket that
negotiated the status_request extension.
SSL_SetStapledOCSPResponses - Set's a stapled OCSP response
for a TLS server socket to return when clients send the
status_request extension.
in ocsp.h
CERT_PostOCSPRequest - Primarily intended for testing, permits
the sending and receiving of raw OCSP request/responses.
in secpkcs7.h
SEC_PKCS7VerifyDetachedSignatureAtTime - Verifies a PKCS#7
signature at a specific time other than the present time.
in xconst.h
CERT_EncodeNameConstraintsExtension - Matching function for
CERT_DecodeNameConstraintsExtension, added in NSS 3.10.
in secitem.h
SECITEM_AllocArray
SECITEM_DupArray
SECITEM_FreeArray
SECITEM_ZfreeArray - Utility functions to handle the
allocation and deallocation of SECItemArrays
SECITEM_ReallocItemV2 - Replaces SECITEM_ReallocItem, which is
now obsolete. SECITEM_ReallocItemV2 better matches caller
expectations, in that it updates item->len on allocation.
For more details of the issues with SECITEM_ReallocItem,
see Bug 298649 and Bug 298938.
in pk11pub.h
PK11_Decrypt - Performs decryption as a single PKCS#11
operation (eg: not multi-part). This is necessary for AES-GCM.
PK11_Encrypt - Performs encryption as a single PKCS#11
operation (eg: not multi-part). This is necessary for AES-GCM.
* New Types
in secitem.h
SECItemArray - Represents a variable-length array of SECItems.
* New Macros
in ssl.h
SSL_ENABLE_OCSP_STAPLING - Used with SSL_OptionSet to configure
TLS client sockets to request the certificate_status extension
(eg: OCSP stapling) when set to PR_TRUE
* Notable changes
+ SECITEM_ReallocItem is now deprecated. Please consider using
SECITEM_ReallocItemV2 in all future code.
+ The list of root CA certificates in the nssckbi module has
been updated.
+ The default implementation of SSL_AuthCertificate has been
updated to add certificate status responses stapled by the TLS
server to the OCSP cache.
* a lot of bugfixes
-------------------------------------------------------------------
Tue Apr 16 10:27:04 UTC 2013 - idonmez@suse.com

View File

@ -25,7 +25,7 @@ BuildRequires: mozilla-nspr-devel
BuildRequires: pkg-config
BuildRequires: sqlite-devel
BuildRequires: zlib-devel
Version: 3.14.3
Version: 3.15
Release: 0
# bug437293
%ifarch ppc64
@ -36,8 +36,8 @@ Summary: Network Security Services
License: MPL-2.0
Group: System/Libraries
Url: http://www.mozilla.org/projects/security/pki/nss/
# cvs -d :pserver:anonymous@cvs-mirror.mozilla.org:/cvsroot co -r <RTM_TAG> NSS
Source: https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_14_3_RTM/src/nss-%{version}.tar.gz
# hg clone https://hg.mozilla.org/projects/nss; hg up NSS_3_15_RTM
Source: https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_15_RTM/src/nss-%{version}.tar.gz
Source1: nss.pc.in
Source3: nss-config.in
Source4: %{name}-rpmlintrc
@ -55,8 +55,6 @@ Patch5: renegotiate-transitional.patch
Patch6: malloc.patch
Patch7: nss-disable-ocsp-test.patch
Patch8: nss-sqlitename.patch
Patch9: nss-disable-expired-testcerts.patch
Patch10: bug-834091.patch
%define nspr_ver %(rpm -q --queryformat '%{VERSION}' mozilla-nspr)
PreReq: mozilla-nspr >= %nspr_ver
PreReq: libfreebl3 >= %{nss_softokn_fips_version}
@ -161,19 +159,16 @@ Mozilla project.
%prep
%setup -n nss-%{version} -q
cd mozilla
%patch1
%patch2
%patch3
%patch4
%patch5
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%if %suse_version > 1110
%patch6
%patch6 -p1
%endif
%patch7
%patch8
%patch9
%patch10
%patch7 -p1
%patch8 -p1
# additional CA certificates
#cd security/nss/lib/ckfw/builtins
#cat %{SOURCE2} >> certdata.txt
@ -185,7 +180,6 @@ DATE="\"$(date -d "${modified}" "+%%b %%e %%Y")\""
TIME="\"$(date -d "${modified}" "+%%R")\""
find . -name '*.[ch]' -print -exec sed -i "s/__DATE__/${DATE}/g;s/__TIME__/${TIME}/g" {} +
cd mozilla/security/nss
export FREEBL_NO_DEPEND=1
export NSPR_INCLUDE_DIR=`nspr-config --includedir`
export NSPR_LIB_DIR=`nspr-config --libdir`
@ -221,7 +215,7 @@ mkdir -p $RPM_BUILD_ROOT%{_bindir}
mkdir -p $RPM_BUILD_ROOT%{_sbindir}
mkdir -p $RPM_BUILD_ROOT/%{_lib}
mkdir -p $RPM_BUILD_ROOT%{nssdbdir}
pushd mozilla/dist/Linux*
pushd ../dist/Linux*
# copy headers
cp -rL ../public/nss/*.h $RPM_BUILD_ROOT%{_includedir}/nss3
# copy dynamic libs
@ -278,9 +272,9 @@ s:%%NSPR_VERSION%%:%{nspr_ver}:g" \
%{SOURCE1} > $RPM_BUILD_ROOT%{_libdir}/pkgconfig/nss.pc
# prepare nss-config file
popd
NSS_VMAJOR=`cat mozilla/security/nss/lib/nss/nss.h | grep "#define.*NSS_VMAJOR" | awk '{print $3}'`
NSS_VMINOR=`cat mozilla/security/nss/lib/nss/nss.h | grep "#define.*NSS_VMINOR" | awk '{print $3}'`
NSS_VPATCH=`cat mozilla/security/nss/lib/nss/nss.h | grep "#define.*NSS_VPATCH" | awk '{print $3}'`
NSS_VMAJOR=`cat lib/nss/nss.h | grep "#define.*NSS_VMAJOR" | awk '{print $3}'`
NSS_VMINOR=`cat lib/nss/nss.h | grep "#define.*NSS_VMINOR" | awk '{print $3}'`
NSS_VPATCH=`cat lib/nss/nss.h | grep "#define.*NSS_VPATCH" | awk '{print $3}'`
cat %{SOURCE3} | sed -e "s,@libdir@,%{_libdir},g" \
-e "s,@prefix@,%{_prefix},g" \
-e "s,@exec_prefix@,%{_prefix},g" \

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:d9d366be94d33395597ebf82363fcdedfa693a6d627cf7f6bec025f609d54cc0
size 6189790

3
nss-3.15.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:8bc424aa4d7cf2b9e0930132f00c36e0c15fb9c3c352d352629914d8b165747b
size 6629252

View File

@ -1,30 +0,0 @@
Index: security/nss/tests/chains/scenarios/realcerts.cfg
===================================================================
RCS file: /cvsroot/mozilla/security/nss/tests/chains/scenarios/realcerts.cfg,v
retrieving revision 1.4
diff -u -r1.4 realcerts.cfg
--- security/nss/tests/chains/scenarios/realcerts.cfg 20 Mar 2012 14:47:29 -0000 1.4
+++ security/nss/tests/chains/scenarios/realcerts.cfg 3 Apr 2013 07:39:49 -0000
@@ -14,15 +14,15 @@
import PayPalEE:x:
import BrAirWaysBadSig:x:
-verify TestUser50:x
- result pass
+#verify TestUser50:x
+# result pass
-verify TestUser51:x
- result pass
+#verify TestUser51:x
+# result pass
-verify PayPalEE:x
- policy OID.2.16.840.1.113733.1.7.23.6
- result pass
+#verify PayPalEE:x
+# policy OID.2.16.840.1.113733.1.7.23.6
+# result pass
verify BrAirWaysBadSig:x
result fail

View File

@ -4,7 +4,7 @@ RCS file: /cvsroot/mozilla/security/nss/tests/chains/scenarios/scenarios,v
retrieving revision 1.10
diff -u -r1.10 scenarios
--- security/nss/tests/chains/scenarios/scenarios 7 Jan 2013 03:56:15 -0000 1.10
+++ security/nss/tests/chains/scenarios/scenarios 28 Jan 2013 18:11:16 -0000
+++ nss/tests/chains/scenarios/scenarios 28 Jan 2013 18:11:16 -0000
@@ -50,6 +50,5 @@
realcerts.cfg
dsa.cfg

View File

@ -4,7 +4,7 @@ RCS file: /cvsroot/mozilla/security/nss/cmd/platlibs.mk,v
retrieving revision 1.71
diff -u -p -6 -r1.71 platlibs.mk
--- security/nss/cmd/platlibs.mk 17 Jul 2012 15:22:42 -0000 1.71
+++ security/nss/cmd/platlibs.mk 25 Oct 2012 12:07:35 -0000
+++ nss/cmd/platlibs.mk 25 Oct 2012 12:07:35 -0000
@@ -15,15 +15,15 @@ else
EXTRA_SHARED_LIBS += -R '$$ORIGIN/../lib:/usr/lib/mps/secv1:/usr/lib/mps'
endif

View File

@ -4,7 +4,7 @@ RCS file: /cvsroot/mozilla/security/nss/lib/sqlite/manifest.mn,v
retrieving revision 1.5
diff -u -r1.5 manifest.mn
--- security/nss/lib/sqlite/manifest.mn 25 Apr 2012 14:50:11 -0000 1.5
+++ security/nss/lib/sqlite/manifest.mn 28 Jan 2013 20:48:22 -0000
+++ nss/lib/sqlite/manifest.mn 28 Jan 2013 20:48:22 -0000
@@ -6,9 +6,10 @@
MODULE = nss

View File

@ -1,11 +1,9 @@
Index: security/nss/lib/ssl/sslsock.c
===================================================================
RCS file: /cvsroot/mozilla/security/nss/lib/ssl/sslsock.c,v
retrieving revision 1.96
diff -u -p -6 -r1.96 sslsock.c
--- security/nss/lib/ssl/sslsock.c 24 Sep 2012 23:57:42 -0000 1.96
+++ security/nss/lib/ssl/sslsock.c 25 Oct 2012 12:08:56 -0000
@@ -147,13 +147,13 @@ static sslOptions ssl_defaults = {
diff --git a/lib/ssl/sslsock.c b/lib/ssl/sslsock.c
--- a/lib/ssl/sslsock.c
+++ b/lib/ssl/sslsock.c
@@ -144,17 +144,17 @@ static sslOptions ssl_defaults = {
PR_FALSE, /* fdx */
PR_FALSE, /* v2CompatibleHello */ /* now defaults to off in NSS 3.13 */
PR_TRUE, /* detectRollBack */
PR_FALSE, /* noStepDown */
PR_FALSE, /* bypassPKCS11 */
@ -16,7 +14,9 @@ diff -u -p -6 -r1.96 sslsock.c
+ 3, /* enableRenegotiation (default: requires extension) */
PR_FALSE, /* requireSafeNegotiation */
PR_FALSE, /* enableFalseStart */
PR_TRUE /* cbcRandomIV */
PR_TRUE, /* cbcRandomIV */
PR_FALSE /* enableOCSPStapling */
};
/*
* default range of enabled SSL/TLS protocols

View File

@ -1,16 +1,22 @@
Index: security/nss/Makefile
===================================================================
RCS file: /cvsroot/mozilla/security/nss/Makefile,v
retrieving revision 1.36
diff -u -p -r1.36 Makefile
--- security/nss/Makefile 2 Dec 2008 23:24:39 -0000 1.36
+++ security/nss/Makefile 23 Nov 2009 16:19:04 -0000
@@ -78,7 +78,7 @@ include $(CORE_DEPTH)/coreconf/rules.mk
diff --git a/Makefile b/Makefile
--- a/Makefile
+++ b/Makefile
@@ -39,17 +39,17 @@ include $(CORE_DEPTH)/coreconf/rules.mk
#######################################################################
#######################################################################
# (7) Execute "local" rules. (OPTIONAL). #
#######################################################################
-nss_build_all: build_coreconf build_nspr build_dbm all
+nss_build_all: build_coreconf build_dbm all
-nss_build_all: build_nspr all
+nss_build_all: all
nss_clean_all: clobber_coreconf clobber_nspr clobber_dbm clobber
nss_clean_all: clobber_nspr clobber
NSPR_CONFIG_STATUS = $(CORE_DEPTH)/../nspr/$(OBJDIR_NAME)/config.status
NSPR_CONFIGURE = $(CORE_DEPTH)/../nspr/configure
#
# Translate coreconf build options to NSPR configure options.