backout bug 835919, backout bug 850905

sailfishos-mirror · Apr 10, 2013 · f139ef8 · f139ef8
1 parent 0ca144c
commit f139ef8
Show file tree

Hide file tree

Showing 9 changed files with 21 additions and 118 deletions.
diff --git a/cmd/Makefile b/cmd/Makefile
@@ -14,14 +14,6 @@ ifdef BUILD_LIBPKIX_TESTS
 DIRS += libpkix
 endif
 
-ifeq ($(NSS_BUILD_WITHOUT_SOFTOKEN),1)
-BLTEST_SRCDIR=
-FIPSTEST_SRCDIR=
-else
-BLTEST_SRCDIR   = bltest
-FIPSTEST_SRCDIR = fipstest
-endif
-
 LOWHASHTEST_SRCDIR=
 ifeq ($(FREEBL_LOWHASH),1)
 LOWHASHTEST_SRCDIR = lowhashtest  # Add the lowhashtest directory to DIRS.

diff --git a/cmd/manifest.mn b/cmd/manifest.mn
@@ -11,7 +11,7 @@ REQUIRES = nss nspr libdbm
 DIRS = lib  \
  addbuiltin \
  atob  \
- $(BLTEST_SRCDIR) \
+ bltest \
  btoa  \
  certcgi \
  certutil  \
@@ -23,7 +23,7 @@ DIRS = lib  \
  derdump  \
  digest  \
  httpserv  \
- $(FIPSTEST_SRCDIR)  \
+ fipstest  \
  $(LOWHASHTEST_SRCDIR)  \
  listsuites \
  makepqg  \

diff --git a/cmd/platlibs.mk b/cmd/platlibs.mk
@@ -36,18 +36,7 @@ ifdef USE_STATIC_LIBS
 
 DEFINES += -DNSS_USE_STATIC_LIBS
 # $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS)
-ifndef USE_SYSTEM_FREEBL
-CRYPTOLIB=$(DIST)/lib/$(LIB_PREFIX)freebl.$(LIB_SUFFIX)
-SOFTOKENLIB=$(DIST)/lib/$(LIB_PREFIX)softokn.$(LIB_SUFFIX)
-else
-# Use the system freebl and softoken libraries
-CRYPTOLIB=$(FREEBL_LIB_DIR)/$(LIB_PREFIX)freebl.$(LIB_SUFFIX)
-SOFTOKENLIB=
-EXTRA_SHARED_LIBS += \
-	-L$(SOFTOKEN_LIB_DIR) \
-	-lsoftokn3 \
-	$(NULL)
-endif
+CRYPTOLIB=$(SOFTOKEN_LIB_DIR)/$(LIB_PREFIX)freebl.$(LIB_SUFFIX)
 
 PKIXLIB = \
 	$(DIST)/lib/$(LIB_PREFIX)pkixtop.$(LIB_SUFFIX) \
@@ -78,7 +67,7 @@ EXTRA_LIBS += \
 	$(DIST)/lib/$(LIB_PREFIX)cryptohi.$(LIB_SUFFIX) \
 	$(DIST)/lib/$(LIB_PREFIX)pk11wrap.$(LIB_SUFFIX) \
 	$(DIST)/lib/$(LIB_PREFIX)certdb.$(LIB_SUFFIX) \
-	$(SOFTOKENLIB) \
+	$(DIST)/lib/$(LIB_PREFIX)softokn.$(LIB_SUFFIX) \
 	$(CRYPTOLIB) \
 	$(DIST)/lib/$(LIB_PREFIX)nsspki.$(LIB_SUFFIX) \
 	$(DIST)/lib/$(LIB_PREFIX)nssdev.$(LIB_SUFFIX) \
@@ -113,7 +102,7 @@ EXTRA_LIBS += \
 	$(DIST)/lib/$(LIB_PREFIX)certhi.$(LIB_SUFFIX) \
 	$(DIST)/lib/$(LIB_PREFIX)nsspki.$(LIB_SUFFIX) \
 	$(DIST)/lib/$(LIB_PREFIX)pk11wrap.$(LIB_SUFFIX) \
-	$(SOFTOKENLIB) \
+	$(DIST)/lib/$(LIB_PREFIX)softokn.$(LIB_SUFFIX) \
 	$(DIST)/lib/$(LIB_PREFIX)certdb.$(LIB_SUFFIX) \
 	$(DIST)/lib/$(LIB_PREFIX)nsspki.$(LIB_SUFFIX) \
 	$(DIST)/lib/$(LIB_PREFIX)nssdev.$(LIB_SUFFIX) \
@@ -196,22 +185,8 @@ EXTRA_SHARED_LIBS += \
 	$(NULL)
 endif
 
-ifdef SOFTOKEN_LIB_DIR
-ifdef NSS_USE_SYSTEM_FREEBL
-EXTRA_SHARED_LIBS += -L$(SOFTOKEN_LIB_DIR) -lsoftokn3
-endif
-endif
-
 endif # USE_STATIC_LIBS
 
-# If a platform has a system freebl, set USE_SYSTEM_FREEBL to 1 and
-# FREEBL_LIBS to the linker command-line arguments for the system nss-util
-# (for example, -lfreebl3 on fedora) in the platform's config file in coreconf.
-ifdef NSS_USE_SYSTEM_FREEBL
-FREEBL_LIBS = $(FREEBL_LIB_DIR)/$(LIB_PREFIX)freebl.$(LIB_SUFFIX)
-EXTRA_LIBS += $(FREEBL_LIBS)
-endif
-
 # If a platform has a system zlib, set USE_SYSTEM_ZLIB to 1 and
 # ZLIB_LIBS to the linker command-line arguments for the system zlib
 # (for example, -lz) in the platform's config file in coreconf.

diff --git a/cmd/shlibsign/shlibsign.c b/cmd/shlibsign/shlibsign.c
@@ -49,7 +49,6 @@
 #include "pkcs11t.h"
 
 /* freebl headers */
-#include "blapit.h"
 #include "shsign.h"
 
 #define NUM_ELEM(array) (sizeof(array)/sizeof(array[0]))
@@ -64,7 +63,7 @@ usage (const char *program_name)
     PR_fprintf (debug_out,
                 "type %s -H for more detail information.\n", program_name);
     PR_fprintf (debug_out,
-                "Usage: %s [-v] [-V] [-k keysize] [-o outfile] [-d dbdir] [-f pwfile]\n"
+                "Usage: %s [-v] [-V] [-o outfile] [-d dbdir] [-f pwfile]\n"
                 "          [-F] [-p pwd] -[P dbprefix ] "
                 "-i shared_library_name\n",
                 program_name);
@@ -85,7 +84,6 @@ long_usage(const char *program_name)
     PR_fprintf(debug_out, "\t-p <pwd>     password\n");
     PR_fprintf(debug_out, "\t-v           verbose output\n");
     PR_fprintf(debug_out, "\t-V           perform Verify operations\n");
-    PR_fprintf(debug_out, "\t-k <key_size>  key size in bits, default 2048\n");
     PR_fprintf(debug_out, "\t-?           short help message\n");
     PR_fprintf(debug_out, "\t-h           short help message\n");
     PR_fprintf(debug_out, "\t-H           this help message\n");
@@ -727,16 +725,13 @@ int main(int argc, char **argv)
     CK_ULONG slotIndex = 0; 
     CK_MECHANISM digestmech;
     CK_ULONG digestLen = 0;
-    CK_BYTE digest[HASH_LENGTH_MAX];
-    CK_BYTE sign[DSA_MAX_SIGNATURE_LEN];
+    CK_BYTE digest[32]; /* SHA256_LENGTH */
+    CK_BYTE sign[64];   /* DSA SIGNATURE LENGTH */
     CK_ULONG signLen = 0 ;
     CK_MECHANISM signMech = {
         CKM_DSA, NULL, 0
     };
 
-    int expectedDigestLen;
-    int expectedSignatureLen;
-
     /*** DSA Key ***/
 
     CK_MECHANISM dsaKeyPairGenMech;
@@ -918,18 +913,10 @@ int main(int argc, char **argv)
 	    goto cleanup;
 	}
 
-	if (keySize == 0) {
-	    if (mechInfo.ulMaxKeySize >=2048) {
-		keySize = 2048;
-	    } else {
-		keySize = 1024;
-	    }
-	}
-	if (keySize > mechInfo.ulMaxKeySize) {
-	    PR_fprintf(PR_STDERR, 
-		"Requested key size of %d bits exceeds the mechanism's maximum key size of %d bits\n",
-		keySize, mechInfo.ulMaxKeySize);
-	    goto cleanup;
+	if ((keySize == 0) && mechInfo.ulMaxKeySize >=2048 ) {
+	    keySize = 2048;
+	} else {
+	    keySize = 1024;
 	}
     }
 
@@ -947,10 +934,6 @@ int main(int argc, char **argv)
 	digestmech.mechanism = CKM_SHA_1;
 	digestmech.pParameter = NULL;
 	digestmech.ulParameterLen = 0;
-
-	expectedDigestLen = SHA1_LENGTH;
-	expectedSignatureLen = sizeof(subprime)*2;   /* length of q*2 */;
-
     } else if (keySize == 2048) {
 	dsaPubKeyTemplate[0].type       = CKA_PRIME;
 	dsaPubKeyTemplate[0].pValue     = (CK_VOID_PTR) &prime2;
@@ -964,13 +947,9 @@ int main(int argc, char **argv)
 	digestmech.mechanism = CKM_SHA256;
 	digestmech.pParameter = NULL;
 	digestmech.ulParameterLen = 0;
-
-	expectedDigestLen = SHA256_LENGTH;
-	expectedSignatureLen = sizeof(subprime2)*2; /* length of q*2 */
-
     } else {
 	/* future - generate pqg */
-        PR_fprintf(PR_STDERR, "Only keysizes 1024 and 2048 are supported\n");
+        PR_fprintf(PR_STDERR, "Only keysizes 1024 and 2048 are supported");
 	goto cleanup;
     }
     dsaPubKeyTemplate[3].type = CKA_TOKEN;
@@ -1125,9 +1104,9 @@ int main(int argc, char **argv)
         goto cleanup;
     }
 
-    if (digestLen != expectedDigestLen) {
+    if (digestLen != sizeof(digest)) {
         PR_fprintf(PR_STDERR, "digestLen has incorrect length %lu "
-                "it should be %lu \n",digestLen, expectedDigestLen);
+                "it should be %lu \n",digestLen, sizeof(digest));
         goto cleanup;
     }
 
@@ -1148,9 +1127,9 @@ int main(int argc, char **argv)
         goto cleanup;
     }
 
-    if (signLen != expectedSignatureLen) {
+    if (signLen != sizeof(sign)) {
         PR_fprintf(PR_STDERR, "signLen has incorrect length %lu "
-                    "it should be %lu \n", signLen, expectedSignatureLen);
+                    "it should be %lu \n", signLen, sizeof(sign));
         goto cleanup;
     }
 

diff --git a/lib/Makefile b/lib/Makefile
@@ -62,14 +62,3 @@ include $(CORE_DEPTH)/coreconf/rules.mk
 # (7) Execute "local" rules. (OPTIONAL).                              #
 #######################################################################
 
-ifeq ($(NSS_BUILD_WITHOUT_SOFTOKEN),1)
-# Not included when building nss without softoken
-UTIL_SRCDIR=
-FREEBL_SRCDIR=
-SOFTOKEN_SRCDIR=
-else
-# default is to include all
-UTIL_SRCDIR = util
-FREEBL_SRCDIR = freebl
-SOFTOKEN_SRCDIR = softoken
-endif
diff --git a/lib/manifest.mn b/lib/manifest.mn
@@ -16,7 +16,7 @@ DEPTH      = ..
 #  smime
 #  ckfw (builtins module)
 #  crmf jar (not dll's)
-DIRS = $(UTIL_SRCDIR) $(FREEBL_SRCDIR) $(SQLITE_SRCDIR) $(SOFTOKEN_SRCDIR) \
+DIRS =  util freebl $(SQLITE_SRCDIR) $(DBM_SRCDIR) softoken \
 	base dev pki \
 	libpkix \
 	certdb certhigh pk11wrap cryptohi nss \

diff --git a/tests/cipher/cipher.sh b/tests/cipher/cipher.sh
@@ -66,16 +66,13 @@ cipher_main()
           failedStr=""
           inOff=0
           res=0
-          # If built nss without softoken use the system installed bltest tool. 
-          # The FREEBL_BINDIR location is plaform dependent. See the comments
-          # regarding this location in nss/tests/common/init.sh. 
           while [ $inOff -lt 8 ]
           do
              outOff=0
              while [ $outOff -lt 8 ]
              do
                  echo "bltest -T -m $PARAM -d $CIPHERTESTDIR -1 $inOff -2 $outOff"
-                 ${PROFTOOL} ${FREBL_BINDIR}/bltest -T -m $PARAM -d $CIPHERTESTDIR -1 $inOff -2 $outOff
+                 ${PROFTOOL} ${BINDIR}/bltest -T -m $PARAM -d $CIPHERTESTDIR -1 $inOff -2 $outOff
                  if [ $? -ne 0 ]; then
                      failedStr="$failedStr[$inOff:$outOff]"
                  fi
@@ -123,14 +120,6 @@ cipher_cleanup()
 
 ################## main #################################################
 
-# When building without softoken, bltest isn't built. It was already
-# built and the cipher suite run as part of an nss-softoken build. 
-if [ ! -x ${DIST}/${OBJDIR}/bin/bltest${PROG_SUFFIX} ]; then
-    echo "bltest not built, skipping this test." >> ${LOGFILE}
-    res = 0
-    html_msg $res $EXP_RET "$TESTNAME"
-    return 0
-fi
 cipher_init
 cipher_main
 cipher_gcm

diff --git a/tests/common/init.sh b/tests/common/init.sh
@@ -647,14 +647,6 @@ if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
         ulimit -c unlimited
     fi 
 
-    #################################################################
-    # If we built nss without softoken use the system installed tool.
-    # Fedora, for example, uses /usr/lib${ARCH}/unsupported-tools but
-    # other platform may place the system installed tests somewhere else.
-    # The FREEBL_BINDIR environment variable will have been set by the
-    # package maintainer.
-    #
-    FREEBL_BINDIR = [ ${NSS_BUILD_WITHOUT_SOFTOKEN} = "1" ] && ${FREEBL_BINDIR} || ${BINDIR}
     SCRIPTNAME=$0
     INIT_SOURCED=TRUE   #whatever one does - NEVER export this one please
 fi
diff --git a/tests/fips/fips.sh b/tests/fips/fips.sh
@@ -223,22 +223,9 @@ fips_140()
   # is needed to copy files one by one. 
   echo "mkdir ${MANGLEDIR}"
   mkdir ${MANGLEDIR}
-  # When building nss without softoken use the system installed softoken library located
-  # in SOFTOKEN_LIB_DIR. This variable will have been set by the nss package mainainer.
-  # Fedora, for example, installs it in /usr/lib${ARCH} but other platforms may place
-  # the libraries in a different location. 
   for lib in `ls ${LIBDIR}`; do
-    # Only softoken is used in the mangling test
-    if [ ${lib} = ${DLL_PREFIX}softokn3.so ]; then
-      if [ ${NSS_BUILD_WITHOUT_SOFTOKEN} = "1" ]; then
-        # use the system installed softoken library
-        echo "cp ${SOFTOKEN_LIB_DIR}/${lib} ${MANGLEDIR}"
-        cp ${SOFTOKEN_LIB_DIR}/${lib} ${MANGLEDIR}
-      else
-        echo "cp ${LIBDIR}/${lib} ${MANGLEDIR}"
-        cp ${LIBDIR}/${lib} ${MANGLEDIR}
-      fi
-    fi
+    echo "cp ${LIBDIR}/${lib} ${MANGLEDIR}"
+    cp ${LIBDIR}/${lib} ${MANGLEDIR}
   done
 
   echo "$SCRIPTNAME: Detect mangled softoken--------------------------"