From fba28f19754f62b5227650143d5441fc86d4c7d7 Mon Sep 17 00:00:00 2001 From: wolfbeast Date: Wed, 25 Apr 2018 21:33:33 +0200 Subject: Revert "Update NSS to 3.35-RTM" This reverts commit f1a0f0a56fdd0fc39f255174ce08c06b91c66c94. --- security/nss/lib/util/nssb64d.c | 2 +- security/nss/lib/util/nssrwlk.c | 2 - security/nss/lib/util/nssutil.def | 16 ---- security/nss/lib/util/nssutil.h | 6 +- security/nss/lib/util/pkcs11uri.c | 2 +- security/nss/lib/util/quickder.c | 3 +- security/nss/lib/util/secasn1d.c | 4 +- security/nss/lib/util/secoid.c | 20 ++-- security/nss/lib/util/secport.c | 62 ------------ security/nss/lib/util/secport.h | 7 -- security/nss/lib/util/utilmod.c | 190 ++----------------------------------- security/nss/lib/util/utilpars.c | 7 +- security/nss/lib/util/utilpars.h | 6 -- security/nss/lib/util/utilparst.h | 2 +- security/nss/lib/util/utilrename.h | 2 - 15 files changed, 37 insertions(+), 294 deletions(-) (limited to 'security/nss/lib/util') diff --git a/security/nss/lib/util/nssb64d.c b/security/nss/lib/util/nssb64d.c index e4bb20a3e..886ce21c0 100644 --- a/security/nss/lib/util/nssb64d.c +++ b/security/nss/lib/util/nssb64d.c @@ -249,7 +249,7 @@ pl_base64_decode_buffer(PLBase64Decoder *data, const unsigned char *in, } i = 0; - PR_ASSERT((PRUint32)(out - data->output_buffer + 3) <= data->output_buflen); + PR_ASSERT((out - data->output_buffer + 3) <= data->output_buflen); /* * Assume we are not at the end; the following function only works diff --git a/security/nss/lib/util/nssrwlk.c b/security/nss/lib/util/nssrwlk.c index 5af021762..dbaeca24b 100644 --- a/security/nss/lib/util/nssrwlk.c +++ b/security/nss/lib/util/nssrwlk.c @@ -120,8 +120,6 @@ NSSRWLock_Destroy(NSSRWLock *rwlock) { PR_ASSERT(rwlock != NULL); PR_ASSERT(rwlock->rw_waiting_readers == 0); - PR_ASSERT(rwlock->rw_writer_locks == 0); - PR_ASSERT(rwlock->rw_reader_locks == 0); /* XXX Shouldn't we lock the PZLock before destroying this?? */ diff --git a/security/nss/lib/util/nssutil.def b/security/nss/lib/util/nssutil.def index 936455f6e..f4b9ef7ba 100644 --- a/security/nss/lib/util/nssutil.def +++ b/security/nss/lib/util/nssutil.def @@ -307,19 +307,3 @@ PK11URI_GetQueryAttribute; ;+ local: ;+ *; ;+}; -;+NSSUTIL_3.33 { # NSS Utilities 3.33 release -;+ global: -PORT_ZAllocAligned_Util; -PORT_ZAllocAlignedOffset_Util; -NSS_SecureMemcmpZero; -;+ local: -;+ *; -;+}; -;-NSSUTIL_3.35 { # NSS Utilities 3.35 release -;- global: -;-# private exports for softoken -_NSSUTIL_UTF8ToWide;- -_NSSUTIL_Access;- -;- local: -;- *; -;-}; diff --git a/security/nss/lib/util/nssutil.h b/security/nss/lib/util/nssutil.h index f86dfa91e..e8cb52aed 100644 --- a/security/nss/lib/util/nssutil.h +++ b/security/nss/lib/util/nssutil.h @@ -19,10 +19,10 @@ * The format of the version string should be * ".[.[.]][ ]" */ -#define NSSUTIL_VERSION "3.35" +#define NSSUTIL_VERSION "3.32.1" #define NSSUTIL_VMAJOR 3 -#define NSSUTIL_VMINOR 35 -#define NSSUTIL_VPATCH 0 +#define NSSUTIL_VMINOR 32 +#define NSSUTIL_VPATCH 1 #define NSSUTIL_VBUILD 0 #define NSSUTIL_BETA PR_FALSE diff --git a/security/nss/lib/util/pkcs11uri.c b/security/nss/lib/util/pkcs11uri.c index 94b00171e..453440293 100644 --- a/security/nss/lib/util/pkcs11uri.c +++ b/security/nss/lib/util/pkcs11uri.c @@ -242,7 +242,7 @@ static int pk11uri_CompareByPosition(const char *a, const char *b, const char **attr_names, size_t num_attr_names) { - size_t i, j; + int i, j; for (i = 0; i < num_attr_names; i++) { if (strcmp(a, attr_names[i]) == 0) { diff --git a/security/nss/lib/util/quickder.c b/security/nss/lib/util/quickder.c index 7a6ac1c53..1b474822e 100644 --- a/security/nss/lib/util/quickder.c +++ b/security/nss/lib/util/quickder.c @@ -520,7 +520,8 @@ DecodeGroup(void* dest, if (SECSuccess == rv) { /* allocate room for pointer array and entries */ /* we want to allocate the array even if there is 0 entry */ - entries = (void**)PORT_ArenaZAlloc(arena, sizeof(void*) * (totalEntries + 1) + /* the extra one is for NULL termination */ + entries = (void**)PORT_ArenaZAlloc(arena, sizeof(void*) * + (totalEntries + 1) + /* the extra one is for NULL termination */ subTemplate->size * totalEntries); if (entries) { diff --git a/security/nss/lib/util/secasn1d.c b/security/nss/lib/util/secasn1d.c index 4c5f0ce4b..e6abb5fd5 100644 --- a/security/nss/lib/util/secasn1d.c +++ b/security/nss/lib/util/secasn1d.c @@ -2721,7 +2721,9 @@ dump_states(SEC_ASN1DecoderContext *cx) (state == cx->current) ? "STATE" : "State", state->theTemplate, kindBuf); - printf(" %s", (state->place >= 0 && state->place <= notInUse) ? place_names[state->place] : "(undefined)"); + printf(" %s", (state->place >= 0 && state->place <= notInUse) + ? place_names[state->place] + : "(undefined)"); if (!i) printf(", expect 0x%02x", state->expect_tag_number | state->expect_tag_modifiers); diff --git a/security/nss/lib/util/secoid.c b/security/nss/lib/util/secoid.c index a05621c59..da03b7c06 100644 --- a/security/nss/lib/util/secoid.c +++ b/security/nss/lib/util/secoid.c @@ -1841,11 +1841,13 @@ secoid_FindDynamic(const SECItem *key) { SECOidData *ret = NULL; - NSSRWLock_LockRead(dynOidLock); if (dynOidHash) { - ret = (SECOidData *)PL_HashTableLookup(dynOidHash, key); + NSSRWLock_LockRead(dynOidLock); + if (dynOidHash) { /* must check it again with lock held. */ + ret = (SECOidData *)PL_HashTableLookup(dynOidHash, key); + } + NSSRWLock_UnlockRead(dynOidLock); } - NSSRWLock_UnlockRead(dynOidLock); if (ret == NULL) { PORT_SetError(SEC_ERROR_UNRECOGNIZED_OID); } @@ -1864,12 +1866,14 @@ secoid_FindDynamicByTag(SECOidTag tagnum) } tagNumDiff = tagnum - SEC_OID_TOTAL; - NSSRWLock_LockRead(dynOidLock); - if (dynOidTable != NULL && - tagNumDiff < dynOidEntriesUsed) { - dxo = dynOidTable[tagNumDiff]; + if (dynOidTable) { + NSSRWLock_LockRead(dynOidLock); + if (dynOidTable != NULL && /* must check it again with lock held. */ + tagNumDiff < dynOidEntriesUsed) { + dxo = dynOidTable[tagNumDiff]; + } + NSSRWLock_UnlockRead(dynOidLock); } - NSSRWLock_UnlockRead(dynOidLock); if (dxo == NULL) { PORT_SetError(SEC_ERROR_UNRECOGNIZED_OID); } diff --git a/security/nss/lib/util/secport.c b/security/nss/lib/util/secport.c index e5bd4c1bb..01a7d0834 100644 --- a/security/nss/lib/util/secport.c +++ b/security/nss/lib/util/secport.c @@ -21,8 +21,6 @@ #include "prenv.h" #include "prinit.h" -#include - #ifdef DEBUG #define THREADMARK #endif /* DEBUG */ @@ -121,51 +119,6 @@ PORT_ZAlloc(size_t bytes) return rv; } -/* aligned_alloc is C11. This is an alternative to get aligned memory. */ -void * -PORT_ZAllocAligned(size_t bytes, size_t alignment, void **mem) -{ - size_t x = alignment - 1; - - /* This only works if alignment is a power of 2. */ - if ((alignment == 0) || (alignment & (alignment - 1))) { - PORT_SetError(SEC_ERROR_INVALID_ARGS); - return NULL; - } - - if (!mem) { - return NULL; - } - - /* Always allocate a non-zero amount of bytes */ - *mem = PORT_ZAlloc((bytes ? bytes : 1) + x); - if (!*mem) { - PORT_SetError(SEC_ERROR_NO_MEMORY); - return NULL; - } - - return (void *)(((uintptr_t)*mem + x) & ~(uintptr_t)x); -} - -void * -PORT_ZAllocAlignedOffset(size_t size, size_t alignment, size_t offset) -{ - PORT_Assert(offset < size); - if (offset > size) { - return NULL; - } - - void *mem = NULL; - void *v = PORT_ZAllocAligned(size, alignment, &mem); - if (!v) { - return NULL; - } - - PORT_Assert(mem); - *((void **)((uintptr_t)v + offset)) = mem; - return v; -} - void PORT_Free(void *ptr) { @@ -780,18 +733,3 @@ NSS_SecureMemcmp(const void *ia, const void *ib, size_t n) return r; } - -/* - * Perform a constant-time check if a memory region is all 0. The return value - * is 0 if the memory region is all zero. - */ -unsigned int -NSS_SecureMemcmpZero(const void *mem, size_t n) -{ - PRUint8 zero = 0; - size_t i; - for (i = 0; i < n; ++i) { - zero |= *(PRUint8 *)((uintptr_t)mem + i); - } - return zero; -} diff --git a/security/nss/lib/util/secport.h b/security/nss/lib/util/secport.h index f1665a2f5..fb9ff4ebb 100644 --- a/security/nss/lib/util/secport.h +++ b/security/nss/lib/util/secport.h @@ -45,7 +45,6 @@ #include #include #include -#include #include "prtypes.h" #include "prlog.h" /* for PR_ASSERT */ #include "plarena.h" @@ -89,9 +88,6 @@ SEC_BEGIN_PROTOS extern void *PORT_Alloc(size_t len); extern void *PORT_Realloc(void *old, size_t len); extern void *PORT_ZAlloc(size_t len); -extern void *PORT_ZAllocAligned(size_t bytes, size_t alignment, void **mem); -extern void *PORT_ZAllocAlignedOffset(size_t bytes, size_t alignment, - size_t offset); extern void PORT_Free(void *ptr); extern void PORT_ZFree(void *ptr, size_t len); extern char *PORT_Strdup(const char *s); @@ -135,8 +131,6 @@ SEC_END_PROTOS #define PORT_CheckSuccess(f) (f) #endif #define PORT_ZNew(type) (type *)PORT_ZAlloc(sizeof(type)) -#define PORT_ZNewAligned(type, alignment, mem) \ - (type *)PORT_ZAllocAlignedOffset(sizeof(type), alignment, offsetof(type, mem)) #define PORT_New(type) (type *)PORT_Alloc(sizeof(type)) #define PORT_ArenaNew(poolp, type) \ (type *)PORT_ArenaAlloc(poolp, sizeof(type)) @@ -252,7 +246,6 @@ sec_port_iso88591_utf8_conversion_function( extern int NSS_PutEnv(const char *envVarName, const char *envValue); extern int NSS_SecureMemcmp(const void *a, const void *b, size_t n); -extern unsigned int NSS_SecureMemcmpZero(const void *mem, size_t n); /* * Load a shared library called "newShLibName" in the same directory as diff --git a/security/nss/lib/util/utilmod.c b/security/nss/lib/util/utilmod.c index 7d3fcda81..971b6c1dc 100644 --- a/security/nss/lib/util/utilmod.c +++ b/security/nss/lib/util/utilmod.c @@ -24,7 +24,6 @@ #if defined(_WIN32) #include -#include #endif #ifdef XP_UNIX #include @@ -35,184 +34,15 @@ #include #if defined(_WIN32) +#define os_open _open #define os_fdopen _fdopen +#define os_stat _stat #define os_truncate_open_flags _O_CREAT | _O_RDWR | _O_TRUNC #define os_append_open_flags _O_CREAT | _O_RDWR | _O_APPEND #define os_open_permissions_type int #define os_open_permissions_default _S_IREAD | _S_IWRITE #define os_stat_type struct _stat - -/* - * Convert a UTF8 string to Unicode wide character - */ -LPWSTR -_NSSUTIL_UTF8ToWide(const char *buf) -{ - DWORD size; - LPWSTR wide; - - if (!buf) { - return NULL; - } - - size = MultiByteToWideChar(CP_UTF8, 0, buf, -1, NULL, 0); - if (size == 0) { - return NULL; - } - wide = PORT_Alloc(sizeof(WCHAR) * size); - if (!wide) { - return NULL; - } - size = MultiByteToWideChar(CP_UTF8, 0, buf, -1, wide, size); - if (size == 0) { - PORT_Free(wide); - return NULL; - } - return wide; -} - -static int -os_open(const char *filename, int oflag, int pmode) -{ - int fd; - - if (!filename) { - return -1; - } - - wchar_t *filenameWide = _NSSUTIL_UTF8ToWide(filename); - if (!filenameWide) { - return -1; - } - fd = _wopen(filenameWide, oflag, pmode); - PORT_Free(filenameWide); - - return fd; -} - -static int -os_stat(const char *path, os_stat_type *buffer) -{ - int result; - - if (!path) { - return -1; - } - - wchar_t *pathWide = _NSSUTIL_UTF8ToWide(path); - if (!pathWide) { - return -1; - } - result = _wstat(pathWide, buffer); - PORT_Free(pathWide); - - return result; -} - -static FILE * -os_fopen(const char *filename, const char *mode) -{ - FILE *fp; - - if (!filename || !mode) { - return NULL; - } - - wchar_t *filenameWide = _NSSUTIL_UTF8ToWide(filename); - if (!filenameWide) { - return NULL; - } - wchar_t *modeWide = _NSSUTIL_UTF8ToWide(mode); - if (!modeWide) { - PORT_Free(filenameWide); - return NULL; - } - fp = _wfopen(filenameWide, modeWide); - PORT_Free(filenameWide); - PORT_Free(modeWide); - - return fp; -} - -PRStatus -_NSSUTIL_Access(const char *path, PRAccessHow how) -{ - int result; - - if (!path) { - return PR_FAILURE; - } - - int mode; - switch (how) { - case PR_ACCESS_WRITE_OK: - mode = 2; - break; - case PR_ACCESS_READ_OK: - mode = 4; - break; - case PR_ACCESS_EXISTS: - mode = 0; - break; - default: - return PR_FAILURE; - } - - wchar_t *pathWide = _NSSUTIL_UTF8ToWide(path); - if (!pathWide) { - return PR_FAILURE; - } - result = _waccess(pathWide, mode); - PORT_Free(pathWide); - - return result < 0 ? PR_FAILURE : PR_SUCCESS; -} - -static PRStatus -nssutil_Delete(const char *name) -{ - BOOL result; - - if (!name) { - return PR_FAILURE; - } - - wchar_t *nameWide = _NSSUTIL_UTF8ToWide(name); - if (!nameWide) { - return PR_FAILURE; - } - result = DeleteFileW(nameWide); - PORT_Free(nameWide); - - return result ? PR_SUCCESS : PR_FAILURE; -} - -static PRStatus -nssutil_Rename(const char *from, const char *to) -{ - BOOL result; - - if (!from || !to) { - return PR_FAILURE; - } - - wchar_t *fromWide = _NSSUTIL_UTF8ToWide(from); - if (!fromWide) { - return PR_FAILURE; - } - wchar_t *toWide = _NSSUTIL_UTF8ToWide(to); - if (!toWide) { - PORT_Free(fromWide); - return PR_FAILURE; - } - result = MoveFileW(fromWide, toWide); - PORT_Free(fromWide); - PORT_Free(toWide); - - return result ? PR_SUCCESS : PR_FAILURE; -} #else -#define os_fopen fopen #define os_open open #define os_fdopen fdopen #define os_stat stat @@ -221,8 +51,6 @@ nssutil_Rename(const char *from, const char *to) #define os_open_permissions_type mode_t #define os_open_permissions_default 0600 #define os_stat_type struct stat -#define nssutil_Delete PR_Delete -#define nssutil_Rename PR_Rename #endif /**************************************************************** @@ -391,7 +219,7 @@ nssutil_ReadSecmodDB(const char *appName, } /* do we really want to use streams here */ - fd = os_fopen(dbname, "r"); + fd = fopen(dbname, "r"); if (fd == NULL) goto done; @@ -575,7 +403,7 @@ done: } /* old one exists */ - status = _NSSUTIL_Access(olddbname, PR_ACCESS_EXISTS); + status = PR_Access(olddbname, PR_ACCESS_EXISTS); if (status == PR_SUCCESS) { PR_smprintf_free(olddbname); PORT_ZFree(moduleList, useCount * sizeof(char *)); @@ -704,7 +532,7 @@ nssutil_DeleteSecmodDBEntry(const char *appName, } /* do we really want to use streams here */ - fd = os_fopen(dbname, "r"); + fd = fopen(dbname, "r"); if (fd == NULL) goto loser; @@ -774,10 +602,10 @@ nssutil_DeleteSecmodDBEntry(const char *appName, fclose(fd2); if (found) { /* rename dbname2 to dbname */ - nssutil_Delete(dbname); - nssutil_Rename(dbname2, dbname); + PR_Delete(dbname); + PR_Rename(dbname2, dbname); } else { - nssutil_Delete(dbname2); + PR_Delete(dbname2); } PORT_Free(dbname2); PORT_Free(lib); @@ -793,7 +621,7 @@ loser: fclose(fd2); } if (dbname2) { - nssutil_Delete(dbname2); + PR_Delete(dbname2); PORT_Free(dbname2); } PORT_Free(lib); diff --git a/security/nss/lib/util/utilpars.c b/security/nss/lib/util/utilpars.c index e7435bfcc..7116d26f3 100644 --- a/security/nss/lib/util/utilpars.c +++ b/security/nss/lib/util/utilpars.c @@ -589,7 +589,6 @@ struct nssutilArgSlotFlagTable { } static struct nssutilArgSlotFlagTable nssutil_argSlotFlagTable[] = { NSSUTIL_ARG_ENTRY(RSA, SECMOD_RSA_FLAG), - NSSUTIL_ARG_ENTRY(ECC, SECMOD_ECC_FLAG), NSSUTIL_ARG_ENTRY(DSA, SECMOD_RSA_FLAG), NSSUTIL_ARG_ENTRY(RC2, SECMOD_RC4_FLAG), NSSUTIL_ARG_ENTRY(RC4, SECMOD_RC2_FLAG), @@ -1111,8 +1110,12 @@ _NSSUTIL_EvaluateConfigDir(const char *configdir, NSSDBType dbType; PRBool checkEnvDefaultDB = PR_FALSE; *appName = NULL; - /* force the default */ +/* force the default */ +#ifdef NSS_DISABLE_DBM dbType = NSS_DB_TYPE_SQL; +#else + dbType = NSS_DB_TYPE_LEGACY; +#endif if (configdir == NULL) { checkEnvDefaultDB = PR_TRUE; } else if (PORT_Strncmp(configdir, MULTIACCESS, sizeof(MULTIACCESS) - 1) == 0) { diff --git a/security/nss/lib/util/utilpars.h b/security/nss/lib/util/utilpars.h index 1b0b1ff1c..70767263a 100644 --- a/security/nss/lib/util/utilpars.h +++ b/security/nss/lib/util/utilpars.h @@ -59,11 +59,5 @@ char *NSSUTIL_MkNSSString(char **slotStrings, int slotCount, PRBool internal, char *_NSSUTIL_GetSecmodName(const char *param, NSSDBType *dbType, char **appName, char **filename, PRBool *rw); const char *_NSSUTIL_EvaluateConfigDir(const char *configdir, NSSDBType *dbType, char **app); -#if defined(_WIN32) -wchar_t *_NSSUTIL_UTF8ToWide(const char *buf); -PRStatus _NSSUTIL_Access(const char *path, PRAccessHow how); -#else -#define _NSSUTIL_Access(path, how) PR_Access((path), (how)) -#endif #endif /* _UTILPARS_H_ */ diff --git a/security/nss/lib/util/utilparst.h b/security/nss/lib/util/utilparst.h index 5dda09028..f2148e6e3 100644 --- a/security/nss/lib/util/utilparst.h +++ b/security/nss/lib/util/utilparst.h @@ -43,7 +43,7 @@ #define NSSUTIL_DEFAULT_INTERNAL_INIT3 \ " askpw=any timeout=30})\"" #define NSSUTIL_DEFAULT_SFTKN_FLAGS \ - "slotFlags=[ECC,RSA,DSA,DH,RC2,RC4,DES,RANDOM,SHA1,MD5,MD2,SSL,TLS,AES,Camellia,SEED,SHA256,SHA512]" + "slotFlags=[RSA,DSA,DH,RC2,RC4,DES,RANDOM,SHA1,MD5,MD2,SSL,TLS,AES,Camellia,SEED,SHA256,SHA512]" #define NSSUTIL_DEFAULT_CIPHER_ORDER 0 #define NSSUTIL_DEFAULT_TRUST_ORDER 50 diff --git a/security/nss/lib/util/utilrename.h b/security/nss/lib/util/utilrename.h index 19ddba666..1aea3d284 100644 --- a/security/nss/lib/util/utilrename.h +++ b/security/nss/lib/util/utilrename.h @@ -70,8 +70,6 @@ #define PORT_UCS2_ASCIIConversion PORT_UCS2_ASCIIConversion_Util #define PORT_UCS2_UTF8Conversion PORT_UCS2_UTF8Conversion_Util #define PORT_ZAlloc PORT_ZAlloc_Util -#define PORT_ZAllocAligned PORT_ZAllocAligned_Util -#define PORT_ZAllocAlignedOffset PORT_ZAllocAlignedOffset_Util #define PORT_ZFree PORT_ZFree_Util #define SEC_ASN1Decode SEC_ASN1Decode_Util #define SEC_ASN1DecodeInteger SEC_ASN1DecodeInteger_Util -- cgit v1.2.3