[ooo-build-commit] .: patches/dev300

Petr Mladek pmladek at kemper.freedesktop.org
Wed Sep 8 08:41:24 PDT 2010 

 patches/dev300/apply                                  |    6 +
 patches/dev300/xmlsecurity-build-with-nss-3.12.0.diff |   74 ++++++++++++++++++
 2 files changed, 79 insertions(+), 1 deletion(-)

New commits:
commit d3a1924aae7971301aa3911b7bbb34434b30534f
Author: Petr Mladek <pmladek at walk.suse.cz>
Date:   Wed Sep 8 17:40:00 2010 +0200

    fix build with nss-3.12.0

diff --git a/patches/dev300/apply b/patches/dev300/apply
index 09081ec..b6f6bf7 100644
--- a/patches/dev300/apply
+++ b/patches/dev300/apply
@@ -11,7 +11,7 @@ OLDEST_SUPPORTED=ooo330-m7 ooo-build-3.2.98.0
 
 # -------- Functional sub-sets --------
 Common : PreprocessPatches, BuildBits, TemporaryHacks, FixesNotForUpstream, \
-	 Fixes, DefaultSettings, Features, VCL, Misc, HelpContent, \
+	 BuildFixes, Fixes, DefaultSettings, Features, VCL, Misc, HelpContent, \
 	 Icons, Branding, CalcFixes, WriterFixes, EasterEgg, \
 	 GStreamer, CWSBackports, WPG, Cleanups, WMF, GnomeVFS, WebDAV, \
 	 Layout, VBABits, VBAObjects, CalcErrors, CJK, GCJ, Lwp, WPS, \
@@ -196,6 +196,10 @@ cws-vmiklos01.diff, vmiklos
 # add accelerator to the OK and Cancel buttons.
 ok-cancel-btn-add-accel.diff, kohei
 
+[ BuildFixes ]
+# nss-3.12.0 does not support all the newly used features
+xmlsecurity-build-with-nss-3.12.0.diff, i#114417, pmladek
+
 [ TemporaryHacks ]
 
 # add idl target to toplevel makefile
diff --git a/patches/dev300/xmlsecurity-build-with-nss-3.12.0.diff b/patches/dev300/xmlsecurity-build-with-nss-3.12.0.diff
new file mode 100644
index 0000000..d52799a
--- /dev/null
+++ b/patches/dev300/xmlsecurity-build-with-nss-3.12.0.diff
@@ -0,0 +1,74 @@
+--- xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx.old	2010-08-25 22:34:06.000000000 +0200
++++ xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx	2010-09-08 16:50:08.000000000 +0200
+@@ -830,9 +830,14 @@ verifyCertificate( const Reference< csss
+         CERT_DisableOCSPDefaultResponder(certDb);
+         CERTValOutParam cvout[5];
+         CERTValInParam cvin[3];
++        int ncvinCount=0;
+ 
+-        cvin[0].type = cert_pi_useAIACertFetch;
+-        cvin[0].value.scalar.b = PR_TRUE;
++#if ( NSS_VMAJOR > 3 ) || ( NSS_VMAJOR == 3 && NSS_VMINOR > 12 ) || ( NSS_VMAJOR == 3 && NSS_VMINOR == 12 && NSS_VPATCH > 0 )
++        // cert_pi_useAIACertFetch was added in NSS 3.12.1
++        cvin[ncvinCount].type = cert_pi_useAIACertFetch;
++        cvin[ncvinCount].value.scalar.b = PR_TRUE;
++        ncvinCount++;
++#endif
+ 
+         PRUint64 revFlagsLeaf[2];
+         PRUint64 revFlagsChain[2];
+@@ -879,12 +884,14 @@ verifyCertificate( const Reference< csss
+ //            | CERT_REV_MI_REQUIRE_SOME_FRESH_INFO_AVAILABLE;
+ 
+         
+-        cvin[1].type = cert_pi_revocationFlags;
+-        cvin[1].value.pointer.revocation = &rev;
++        cvin[ncvinCount].type = cert_pi_revocationFlags;
++        cvin[ncvinCount].value.pointer.revocation = &rev;
++        ncvinCount++;
+         // does not work, not implemented yet in 3.12.4
+-//         cvin[2].type = cert_pi_keyusage;
+-//         cvin[2].value.scalar.ui = KU_DIGITAL_SIGNATURE;
+-        cvin[2].type = cert_pi_end;
++//         cvin[ncvinCount].type = cert_pi_keyusage;
++//         cvin[ncvinCount].value.scalar.ui = KU_DIGITAL_SIGNATURE;
++//         ncvinCount++;
++        cvin[ncvinCount].type = cert_pi_end;
+ 
+         cvout[0].type = cert_po_trustAnchor;
+         cvout[0].value.pointer.cert = NULL;
+--- xmlsecurity/source/xmlsec/nss/certerrors.h.old	2010-08-25 22:34:06.000000000 +0200
++++ xmlsecurity/source/xmlsec/nss/certerrors.h	2010-09-08 17:18:18.000000000 +0200
+@@ -28,7 +28,6 @@
+  *
+  ************************************************************************/
+ 
+-
+ {SEC_ERROR_IO, "An I/O error occurred during security authorization."},
+ 
+ {SEC_ERROR_LIBRARY_FAILURE, "security library failure."},
+@@ -372,13 +371,24 @@ an existing cert, but that is not the sa
+ 
+ {SEC_ERROR_LIBPKIX_INTERNAL, "Libpkix internal error occured during cert validation."},
+ 
++#if ( NSS_VMAJOR > 3 ) || ( NSS_VMAJOR == 3 && NSS_VMINOR > 12 ) || ( NSS_VMAJOR == 3 && NSS_VMINOR == 12 && NSS_VPATCH > 2 )
++// following 3 errors got first used in NSS 3.12.3
++// they were in the header even in 3.12.2 but there was missing the mapping in pk11err.c
++// see also https://bugzilla.mozilla.org/show_bug.cgi?id=453364 
++
+ {SEC_ERROR_PKCS11_GENERAL_ERROR, "A PKCS #11 module returned CKR_GENERAL_ERROR, indicating that an unrecoverable error has occurred."},
+ 
+ {SEC_ERROR_PKCS11_FUNCTION_FAILED, "A PKCS #11 module returned CKR_FUNCTION_FAILED, indicating that the requested function could not be performed.  Trying the same operation again might succeed."},
+ 
+ {SEC_ERROR_PKCS11_DEVICE_ERROR, "A PKCS #11 module returned CKR_DEVICE_ERROR, indicating that a problem has occurred with the token or slot."},
+ 
++#endif
++
++#if ( NSS_VMAJOR > 3 ) || ( NSS_VMAJOR == 3 && NSS_VMINOR > 12 ) || ( NSS_VMAJOR == 3 && NSS_VMINOR == 12 && NSS_VPATCH > 3 )
++// following 2 errors got added in NSS 3.12.4
++
+ {SEC_ERROR_BAD_INFO_ACCESS_METHOD, "Unknown information access method in certificate extension."},
+ 
+ {SEC_ERROR_CRL_IMPORT_FAILED, "Error attempting to import a CRL."},
+ 
++#endif

More information about the ooo-build-commit mailing list