Accepting request 913334 from mozilla:Factory
- Update nss-fips-constructor-self-tests.patch to fix crashes reported by upstream. This was likely affecting WebRTC calls. OBS-URL: https://build.opensuse.org/request/show/913334 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/mozilla-nss?expand=0&rev=177
This commit is contained in:
Dominique Leuenberger
Git OBS Bridge
commit
9c0330962e
@ -1,3 +1,9 @@
|
||||
-------------------------------------------------------------------
|
||||
Wed Aug 18 12:41:56 UTC 2021 - Hans Petter Jansson <hpj@suse.com>
|
||||
|
||||
- Update nss-fips-constructor-self-tests.patch to fix crashes
|
||||
reported by upstream. This was likely affecting WebRTC calls.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Aug 5 15:21:31 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
|
||||
|
||||
|
||||
@ -69,7 +69,7 @@ Patch25: nss-fips-detect-fips-mode-fixes.patch
|
||||
Patch26: nss-fips-combined-hash-sign-dsa-ecdsa.patch
|
||||
Patch27: nss-fips-aes-keywrap-post.patch
|
||||
Patch28: nss-btrfs-sqlite.patch
|
||||
Patch37: nss-fips-fix-missing-nspr.patch
|
||||
Patch29: nss-fips-fix-missing-nspr.patch
|
||||
%if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000
|
||||
# aarch64 + gcc4.8 fails to build on SLE-12 due to undefined references
|
||||
BuildRequires: gcc9-c++
|
||||
@ -226,7 +226,7 @@ cd nss
|
||||
%patch26 -p1
|
||||
%patch27 -p1
|
||||
%patch28 -p1
|
||||
%patch37 -p2
|
||||
%patch29 -p2
|
||||
|
||||
# additional CA certificates
|
||||
#cd security/nss/lib/ckfw/builtins
|
||||
|
||||
@ -67,7 +67,7 @@ Index: nss/lib/freebl/fips-selftest.inc
|
||||
===================================================================
|
||||
--- /dev/null
|
||||
+++ nss/lib/freebl/fips-selftest.inc
|
||||
@@ -0,0 +1,293 @@
|
||||
@@ -0,0 +1,296 @@
|
||||
+/*
|
||||
+ * PKCS #11 FIPS Power-Up Self Test - common stuff.
|
||||
+ *
|
||||
@ -250,7 +250,10 @@ Index: nss/lib/freebl/fips-selftest.inc
|
||||
+ strncat(full_lib_name, SHLIB_VERSION"."SHLIB_SUFFIX, l);
|
||||
+ l -= strlen(SHLIB_VERSION"."SHLIB_SUFFIX);
|
||||
+#if 1
|
||||
+ rv = BLAPI_SHVerify(full_lib_name, addr, &err);
|
||||
+ if (NULL == addr)
|
||||
+ rv = BLAPI_SHVerifyFile(full_lib_name, &err);
|
||||
+ else
|
||||
+ rv = BLAPI_SHVerify(full_lib_name, addr, &err);
|
||||
+#else
|
||||
+ rv = 1;
|
||||
+#endif
|
||||
@ -930,7 +933,7 @@ Index: nss/lib/softoken/fips.c
|
||||
===================================================================
|
||||
--- /dev/null
|
||||
+++ nss/lib/softoken/fips.c
|
||||
@@ -0,0 +1,33 @@
|
||||
@@ -0,0 +1,36 @@
|
||||
+#include "../freebl/fips-selftest.inc"
|
||||
+
|
||||
+#include "fips.h"
|
||||
@ -958,9 +961,12 @@ Index: nss/lib/softoken/fips.c
|
||||
+{
|
||||
+ fips_state = fips_initTest("softokn", (PRFuncPtr)fips_initTestSoftoken, fips_checkCryptoSoftoken);
|
||||
+
|
||||
+ /* The legacy DB must be checked unconditionally. The check is performed by
|
||||
+ * its constructor. */
|
||||
+ dlopen (SHLIB_PREFIX "nssdbm" SHLIB_VERSION "." SHLIB_SUFFIX, RTLD_LAZY);
|
||||
+ /* The legacy DB must be checked unconditionally in FIPS mode. */
|
||||
+
|
||||
+ if (fips_state)
|
||||
+ {
|
||||
+ fips_state = fips_initTest("nssdbm", (PRFuncPtr) NULL, NULL);
|
||||
+ }
|
||||
+
|
||||
+ return;
|
||||
+}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user