Bugzilla bug 130703: fixed several issues in the NSS 3.4 exported hea…

…ders. 1) Preseve the position of NSS 3.3 elements in the data structures. Some new fields replace some old deprecated fields where possible to preserve the total size of the structure. 2) Stan headers are removed from public exports. 3) Some exported functions didn't have prototypes in the public headers. 4) One bug fix: dev3hack.c did not pass the second argument to nssToken_DestroyCertList. 5) Include the necessary headers to fix undeclared function warnings.
sailfishos-mirror · Mar 14, 2002 · 8f388fa · 8f388fa
1 parent a3b1572
commit 8f388fa
Show file tree

Hide file tree

Showing 17 changed files with 56 additions and 30 deletions.
diff --git a/security/nss/cmd/bltest/blapitest.c b/security/nss/cmd/bltest/blapitest.c
@@ -35,6 +35,7 @@
 #include <stdlib.h>
 
 #include "blapi.h"
+#include "secrng.h"
 #include "prmem.h"
 #include "prprf.h"
 #include "prtime.h"

diff --git a/security/nss/lib/asn1/manifest.mn b/security/nss/lib/asn1/manifest.mn
@@ -38,10 +38,10 @@ PRIVATE_EXPORTS = \
 	asn1t.h		  \
 	asn1m.h		  \
 	asn1.h		  \
+	nssasn1t.h	  \
 	$(NULL)
 
 EXPORTS =	   \
-	nssasn1t.h \
 	$(NULL)
 
 MODULE = security

diff --git a/security/nss/lib/certdb/cert.h b/security/nss/lib/certdb/cert.h
@@ -575,6 +575,9 @@ extern CERTCertificate *CERT_DecodeCertFromPackage(char *certbuf, int certlen);
 extern SECStatus
 CERT_ImportCAChain (SECItem *certs, int numcerts, SECCertUsage certUsage);
 
+extern SECStatus
+CERT_ImportCAChainTrusted(SECItem *certs, int numcerts, SECCertUsage certUsage);
+
 /*
 ** Read a certificate chain in some foreign format, and pass it to a 
 ** callback function.

diff --git a/security/nss/lib/certdb/certt.h b/security/nss/lib/certdb/certt.h
@@ -49,10 +49,9 @@
 #include "prio.h"
 #include "prmon.h"
 
-#ifndef NSS_3_4_CODE
-#define NSS_3_4_CODE
-#endif /* NSS_3_4_CODE */
-#include "nsspkit.h"
+/* Stan data types */
+struct NSSCertificateStr;
+struct NSSTrustDomainStr;
 
 /* Non-opaque objects */
 typedef struct CERTAVAStr                        CERTAVA;
@@ -63,7 +62,7 @@ typedef struct CERTBasicConstraintsStr           CERTBasicConstraints;
 #ifdef NSS_CLASSIC
 typedef struct CERTCertDBHandleStr               CERTCertDBHandle;
 #else
-typedef NSSTrustDomain                           CERTCertDBHandle;
+typedef struct NSSTrustDomainStr                 CERTCertDBHandle;
 #endif
 typedef struct CERTCertExtensionStr              CERTCertExtension;
 typedef struct CERTCertKeyStr                    CERTCertKey;
@@ -272,7 +271,7 @@ struct CERTCertificateStr {
     PRBool istemp;
     char *nickname;
     char *dbnickname;
-    void *dbEntry;		 /* database entry struct */
+    struct NSSCertificateStr *nssCertificate;	/* This is Stan stuff. */
     CERTCertTrust *trust;
 
     /* the reference count is modified whenever someone looks up, dups
@@ -300,9 +299,6 @@ struct CERTCertificateStr {
     PK11SlotInfo *slot;		/*if this cert came of a token, which is it*/
     CK_OBJECT_HANDLE pkcs11ID;	/*and which object on that token is it */
     PRBool ownSlot;		/*true if the cert owns the slot reference */
-
-    /* This is Stan stuff. */
-    NSSCertificate *nssCertificate;
 };
 #define SEC_CERTIFICATE_VERSION_1		0	/* default created */
 #define SEC_CERTIFICATE_VERSION_2		1	/* v2 */
@@ -401,17 +397,16 @@ struct CERTCrlKeyStr {
 struct CERTSignedCrlStr {
     PRArenaPool *arena;
     CERTCrl crl;
-    /*certDBEntryRevocation *dbEntry;	 database entry struct */
     SECItem *derCrl;
-    PK11SlotInfo *slot;
-    /* PRBool keep;		 keep this crl in the cache for the  session*/
-    CK_OBJECT_HANDLE pkcs11ID;
+    PRBool reserved;
     PRBool isperm;
     PRBool istemp;
     int referenceCount;
     CERTCertDBHandle *dbhandle;
     CERTSignedData signatureWrap;	/* XXX */
     char *url;
+    PK11SlotInfo *slot;
+    CK_OBJECT_HANDLE pkcs11ID;
 };
 
 

diff --git a/security/nss/lib/ckfw/nssckepv.h b/security/nss/lib/ckfw/nssckepv.h
@@ -31,4 +31,9 @@
  * may use your version of this file under either the MPL or the
  * GPL.
  */
+#ifndef NSSCKEPV_H
+#define NSSCKEPV_H
+
 #include "pkcs11.h"
+
+#endif /* NSSCKEPV_H */
diff --git a/security/nss/lib/ckfw/nssckft.h b/security/nss/lib/ckfw/nssckft.h
@@ -32,4 +32,9 @@
  * GPL.
  */
 
+#ifndef _NSSCKFT_H_
+#define _NSSCKFT_H_ 1
+
 #include "pkcs11t.h"
+
+#endif /* _NSSCKFT_H_ */
diff --git a/security/nss/lib/ckfw/nssckg.h b/security/nss/lib/ckfw/nssckg.h
@@ -31,4 +31,9 @@
  * may use your version of this file under either the MPL or the
  * GPL.
  */
+#ifndef NSSCKG_H
+#define NSSCKG_H
+
 #include "pkcs11.h"
+
+#endif /* NSSCKG_H */
diff --git a/security/nss/lib/dev/manifest.mn b/security/nss/lib/dev/manifest.mn
@@ -38,10 +38,10 @@ PRIVATE_EXPORTS = \
 	ckhelper.h \
 	devt.h     \
 	dev.h      \
+	nssdevt.h  \
 	$(NULL)
 
 EXPORTS =	   \
-	nssdevt.h  \
 	$(NULL)
 
 MODULE = security

diff --git a/security/nss/lib/jar/jarjart.c b/security/nss/lib/jar/jarjart.c
@@ -76,9 +76,8 @@ static SECStatus jar_list_cert_callback
 
   ugly_list = (char **) data;
 
-  if (cert && cert->dbEntry)
+  if (cert)
     {
-    /* name = cert->dbEntry->nickname; */
     name = cert->nickname;
 
     trusted = cert->trust->objectSigningFlags & CERTDB_USER;

diff --git a/security/nss/lib/nss/nss.h b/security/nss/lib/nss/nss.h
@@ -146,7 +146,7 @@ void PK11_ConfigurePKCS11(const char *man, const char *libdes,
  * Dump the contents of the certificate cache and the temporary cert store.
  * Use to detect leaked references of certs at shutdown time.
  */
-void nss_DumpCertificateCacheInfo();
+void nss_DumpCertificateCacheInfo(void);
 
 SEC_END_PROTOS
 

diff --git a/security/nss/lib/pk11wrap/dev3hack.c b/security/nss/lib/pk11wrap/dev3hack.c
@@ -47,6 +47,7 @@ static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
 #include "devt.h"
 #endif /* DEVT_H */
 
+#include "pki3hack.h"
 #include "dev3hack.h"
 
 #ifndef BASE_H
@@ -186,7 +187,7 @@ nssToken_Refresh(NSSToken *token)
                                                        nss3slot->session,
                                                        nss3slot->sessionLock,
                                                        nss3slot->defRWSession);
-    nssToken_DestroyCertList(token);
+    nssToken_DestroyCertList(token, PR_TRUE);
     return nssToken_LoadCerts(token);
 }
 

diff --git a/security/nss/lib/pk11wrap/pk11func.h b/security/nss/lib/pk11wrap/pk11func.h
@@ -47,11 +47,6 @@
 #include "pkcs7t.h"
 #include "cmsreclist.h"
 
-#ifndef NSS_3_4_CODE
-#define NSS_3_4_CODE
-#endif /* NSS_3_4_CODE */
-#include "nssdevt.h"
-
 SEC_BEGIN_PROTOS
 
 /************************************************************
@@ -96,8 +91,6 @@ void PK11_EnterSlotMonitor(PK11SlotInfo *);
 void PK11_ExitSlotMonitor(PK11SlotInfo *);
 void PK11_CleanKeyList(PK11SlotInfo *slot);
 
-void PK11Slot_SetNSSToken(PK11SlotInfo *slot, NSSToken *token);
-
 
 /************************************************************
  *  Slot Password Management

diff --git a/security/nss/lib/pk11wrap/pk11slot.c b/security/nss/lib/pk11wrap/pk11slot.c
@@ -51,6 +51,7 @@
 #include "secerr.h"
 /*#include "secpkcs5.h" */
 
+#include "dev.h"
 #include "dev3hack.h"
 #include "pki3hack.h"
 

diff --git a/security/nss/lib/pk11wrap/secpkcs5.h b/security/nss/lib/pk11wrap/secpkcs5.h
@@ -46,12 +46,26 @@ typedef enum {
 
 typedef struct PBEBitGenContextStr PBEBitGenContext;
 
+SEC_BEGIN_PROTOS
+
 SECAlgorithmID *
 SEC_PKCS5CreateAlgorithmID(SECOidTag algorithm, SECItem *salt, int iteration);
 
+/* Get the initialization vector.  The password is passed in, hashing
+ * is performed, and the initialization vector is returned.
+ *  algid is a pointer to a PBE algorithm ID
+ *  pwitem is the password
+ * If an error occurs or the algorithm id is not a PBE algrithm,
+ * NULL is returned.  Otherwise, the iv is returned in a secitem.
+ */
+SECItem *
+SEC_PKCS5GetIV(SECAlgorithmID *algid, SECItem *pwitem, PRBool faulty3DES);
+
 SECOidTag SEC_PKCS5GetCryptoAlgorithm(SECAlgorithmID *algid);
 PRBool SEC_PKCS5IsAlgorithmPBEAlg(SECAlgorithmID *algid);
 SECOidTag SEC_PKCS5GetPBEAlgorithm(SECOidTag algTag, int keyLen);
 int SEC_PKCS5GetKeyLength(SECAlgorithmID *algid);
 
+SEC_END_PROTOS
+
 #endif /* _SECPKS5_H_ */
diff --git a/security/nss/lib/pkcs7/pkcs7t.h b/security/nss/lib/pkcs7/pkcs7t.h
@@ -224,10 +224,10 @@ struct SEC_PKCS7AttributeStr {
    scenario and data specifics. */
 typedef enum
 {
+	SECKEAInvalid = -1,
 	SECKEAUsesSkipjack = 0,
 	SECKEAUsesNonSkipjack = 1,
-	SECKEAUsesNonSkipjackWithPaddedEncKey = 2,
-	SECKEAInvalid = -1
+	SECKEAUsesNonSkipjackWithPaddedEncKey = 2
 } SECKEATemplateSelector;
 
 /* ### mwelch - S/MIME KEA parameters. These don't really fit here,

diff --git a/security/nss/lib/pki/manifest.mn b/security/nss/lib/pki/manifest.mn
@@ -37,11 +37,11 @@ CORE_DEPTH = ../../..
 PRIVATE_EXPORTS = \
 	pki.h      \
 	pkit.h     \
+	nsspkit.h  \
+	nsspki.h   \
 	$(NULL)
 
 EXPORTS =	   \
-	nsspkit.h \
-	nsspki.h  \
 	$(NULL)
 
 MODULE = security

diff --git a/security/nss/lib/pki/pki3hack.h b/security/nss/lib/pki/pki3hack.h
@@ -38,6 +38,10 @@
 static const char PKINSS3HACK_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
 #endif /* DEBUG */
 
+#ifndef NSSDEVT_H
+#include "nssdevt.h"
+#endif /* NSSDEVT_H */
+
 #ifndef NSSPKIT_H
 #include "nsspkit.h"
 #endif /* NSSPKIT_H */