LibreOffice/core
1
0
Fork 0
mirror of https://github.com/LibreOffice/core.git synced 2025-08-07 11:19:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

nss: upgrade to 3.109

Browse Source 
Downloaded from https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_109_RTM/src/nss-3.109-with-nspr-4.36.tar.gz

Change-Id: I2210c384f629ccc9a671c2bb3260b822a302dd1d
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/181773
Tested-by: Jenkins
Reviewed-by: Xisco Fauli <xiscofauli@libreoffice.org>
This commit is contained in:
Xisco Fauli
2025-02-17 12:06:37 +01:00
parent 44b4ff646e
commit e39a1baeb4
8 changed files with 237 additions and 255 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
download.lst
View File

@ -512,8 +512,8 @@ MYTHES_TARBALL := mythes-1.2.5.tar.xz
# three static lines
# so that git cherry-pick
# will not run into conflicts
NSS_SHA256SUM := 0ea8bab27345e4e0fc0ec0587d01bb54ba7eb46cb5b369c9ed59ee42baa78fa9
NSS_TARBALL := nss-3.104-with-nspr-4.35.tar.gz
NSS_SHA256SUM := 25be414ff9c207dd67355f19e9e71001db45957b6bb74adf5b094c92e05116b4
NSS_TARBALL := nss-3.109-with-nspr-4.36.tar.gz
# three static lines
# so that git cherry-pick
# will not run into conflicts

391
external/nss/Wincompatible-function-pointer-types.patch.0 vendored
View File

@ -1,234 +1,215 @@
--- nspr/pr/tests/testfile.c
+++ nspr/pr/tests/testfile.c
@@ -86,7 +86,7 @@
@@ -72,7 +72,7 @@
#endif
#define TMPDIR_LEN 64
#define TMPDIR_LEN 64
char testdir[TMPDIR_LEN];
-static PRInt32 PR_CALLBACK DirTest(void *argunused);
+static void PR_CALLBACK DirTest(void *argunused);
-static PRInt32 PR_CALLBACK DirTest(void* argunused);
+static void PR_CALLBACK DirTest(void* argunused);
PRInt32 dirtest_failed = 0;
PRThread* create_new_thread(PRThreadType type,
@@ -123,7 +123,7 @@
if (native_thread) {
#if defined(_PR_PTHREADS)
pthread_t tid;
- if (!pthread_create(&tid, NULL, start, arg)) {
+ if (!pthread_create(&tid, NULL, (void *(*)(void *))start, arg)) {
return((PRThread *) tid);
}
else {
@@ -594,7 +594,7 @@
return 0;
@@ -134,7 +134,7 @@
if (native_thread) {
# if defined(_PR_PTHREADS)
pthread_t tid;
- if (!pthread_create(&tid, NULL, nativeStart, arg)) {
+ if (!pthread_create(&tid, NULL, (void *(*)(void *))nativeStart, arg)) {
return ((PRThread*)tid);
} else {
return (NULL);
@@ -595,7 +595,7 @@
return 0;
}
-static PRInt32 PR_CALLBACK DirTest(void *arg)
+static void PR_CALLBACK DirTest(void *arg)
{
struct dirtest_arg *tinfo = (struct dirtest_arg *) arg;
PRFileDesc *fd_file;
@@ -618,14 +618,14 @@
printf(
"testfile failed to create dir %s [%d, %d]\n",
TEST_DIR, PR_GetError(), PR_GetOSError());
- return -1;
+ return;
}
fd_dir = PR_OpenDir(TEST_DIR);
if (fd_dir == NULL) {
printf(
"testfile failed to open dirctory %s [%d, %d]\n",
TEST_DIR, PR_GetError(), PR_GetOSError());
- return -1;
+ return;
}
-static PRInt32 PR_CALLBACK DirTest(void* arg) {
+static void PR_CALLBACK DirTest(void* arg) {
struct dirtest_arg* tinfo = (struct dirtest_arg*)arg;
PRFileDesc* fd_file;
PRDir* fd_dir;
@@ -617,13 +617,13 @@
if ((PR_MkDir(TEST_DIR, 0777)) < 0) {
printf("testfile failed to create dir %s [%d, %d]\n", TEST_DIR,
PR_GetError(), PR_GetOSError());
- return -1;
+ return;
}
fd_dir = PR_OpenDir(TEST_DIR);
if (fd_dir == NULL) {
printf("testfile failed to open dirctory %s [%d, %d]\n", TEST_DIR,
PR_GetError(), PR_GetOSError());
- return -1;
+ return;
}
strcpy(pathname, TEST_DIR);
@@ -645,7 +645,7 @@
printf(
"testfile failed to create/open file %s [%d, %d]\n",
pathname, PR_GetError(), PR_GetOSError());
- return -1;
+ return;
}
PR_Close(fd_file);
}
@@ -664,7 +664,7 @@
printf(
"testfile failed to create/open hidden file %s [%d, %d]\n",
pathname, PR_GetError(), PR_GetOSError());
- return -1;
+ return;
}
PR_Close(fd_file);
@@ -681,7 +681,7 @@
if (hfile == INVALID_HANDLE_VALUE) {
printf("testfile failed to create/open hidden file %s [0, %d]\n",
pathname, GetLastError());
- return -1;
+ return;
}
CloseHandle(hfile);
@@ -696,7 +696,7 @@
if (hfile == INVALID_HANDLE_VALUE) {
printf("testfile failed to create/open hidden file %s [0, %d]\n",
pathname, GetLastError());
- return -1;
+ return;
}
CloseHandle(hfile);
@@ -707,7 +707,7 @@
strcpy(pathname, TEST_DIR);
@@ -641,7 +641,7 @@
if (fd_file == NULL) {
printf("testfile failed to create/open hidden file %s [%d, %d]\n",
pathname, PR_GetError(), PR_GetOSError());
- return -1;
+ return;
printf("testfile failed to create/open file %s [%d, %d]\n", pathname,
PR_GetError(), PR_GetOSError());
- return -1;
+ return;
}
PR_Close(fd_file);
#endif /* XP_UNIX */
@@ -720,14 +720,14 @@
printf(
"testfile failed to close dirctory %s [%d, %d]\n",
TEST_DIR, PR_GetError(), PR_GetOSError());
- return -1;
+ return;
}
fd_dir = PR_OpenDir(TEST_DIR);
if (fd_dir == NULL) {
printf(
"testfile failed to reopen dirctory %s [%d, %d]\n",
TEST_DIR, PR_GetError(), PR_GetOSError());
- return -1;
+ return;
}
@@ -659,7 +659,7 @@
if (fd_file == NULL) {
printf("testfile failed to create/open hidden file %s [%d, %d]\n", pathname,
PR_GetError(), PR_GetOSError());
- return -1;
+ return;
}
PR_Close(fd_file);
@@ -673,7 +673,7 @@
if (hfile == INVALID_HANDLE_VALUE) {
printf("testfile failed to create/open hidden file %s [0, %d]\n", pathname,
GetLastError());
- return -1;
+ return;
}
CloseHandle(hfile);
@@ -684,7 +684,7 @@
if (hfile == INVALID_HANDLE_VALUE) {
printf("testfile failed to create/open hidden file %s [0, %d]\n", pathname,
GetLastError());
- return -1;
+ return;
}
CloseHandle(hfile);
@@ -695,13 +695,13 @@
if (PR_FAILURE == PR_CloseDir(fd_dir)) {
printf("testfile failed to close dirctory %s [%d, %d]\n", TEST_DIR,
PR_GetError(), PR_GetOSError());
- return -1;
+ return;
}
fd_dir = PR_OpenDir(TEST_DIR);
if (fd_dir == NULL) {
printf("testfile failed to reopen dirctory %s [%d, %d]\n", TEST_DIR,
PR_GetError(), PR_GetOSError());
- return -1;
+ return;
}
/*
@@ -723,19 +723,19 @@
if ((PR_GetFileInfo(pathname, &info)) < 0) {
printf("testfile failed to GetFileInfo file %s [%d, %d]\n", pathname,
PR_GetError(), PR_GetOSError());
- return -1;
+ return;
}
/*
@@ -750,14 +750,14 @@
printf(
"testfile failed to GetFileInfo file %s [%d, %d]\n",
pathname, PR_GetError(), PR_GetOSError());
- return -1;
+ return;
}
if (info.type != PR_FILE_FILE) {
printf("testfile incorrect fileinfo for file %s [%d, %d]\n", pathname,
PR_GetError(), PR_GetOSError());
- return -1;
+ return;
}
}
if (num_files != 0) {
printf("testfile failed to find all files in directory %s [%d, %d]\n",
TEST_DIR, PR_GetError(), PR_GetOSError());
- return -1;
+ return;
}
if (info.type != PR_FILE_FILE) {
printf(
"testfile incorrect fileinfo for file %s [%d, %d]\n",
pathname, PR_GetError(), PR_GetOSError());
- return -1;
+ return;
}
}
if (num_files != 0)
@@ -765,7 +765,7 @@
printf(
"testfile failed to find all files in directory %s [%d, %d]\n",
TEST_DIR, PR_GetError(), PR_GetOSError());
- return -1;
+ return;
}
PR_CloseDir(fd_dir);
@@ -750,7 +750,7 @@
if (fd_dir == NULL) {
printf("testfile failed to reopen dirctory %s [%d, %d]\n", TEST_DIR,
PR_GetError(), PR_GetOSError());
- return -1;
+ return;
}
PR_CloseDir(fd_dir);
@@ -781,7 +781,7 @@
printf(
"testfile failed to reopen dirctory %s [%d, %d]\n",
TEST_DIR, PR_GetError(), PR_GetOSError());
- return -1;
+ return;
DPRINTF(("Listing non-hidden files in directory %s\n", TEST_DIR));
@@ -758,7 +758,7 @@
DPRINTF(("\t%s\n", dirEntry->name));
if (!strcmp(HIDDEN_FILE_NAME, dirEntry->name)) {
printf("testfile found hidden file %s\n", pathname);
- return -1;
+ return;
}
}
/*
@@ -770,7 +770,7 @@
if (PR_FAILURE == PR_Delete(pathname)) {
printf("testfile failed to delete hidden file %s [%d, %d]\n", pathname,
PR_GetError(), PR_GetOSError());
- return -1;
+ return;
}
DPRINTF(("Listing non-hidden files in directory %s\n",TEST_DIR));
@@ -789,7 +789,7 @@
DPRINTF(("\t%s\n",dirEntry->name));
if (!strcmp(HIDDEN_FILE_NAME, dirEntry->name)) {
printf("testfile found hidden file %s\n", pathname);
- return -1;
+ return;
}
PR_CloseDir(fd_dir);
@@ -781,35 +781,35 @@
if (PR_FAILURE == PR_Rename(TEST_DIR, renamename)) {
printf("testfile failed to rename directory %s [%d, %d]\n", TEST_DIR,
PR_GetError(), PR_GetOSError());
- return -1;
+ return;
}
}
@@ -803,7 +803,7 @@
printf(
"testfile failed to delete hidden file %s [%d, %d]\n",
pathname, PR_GetError(), PR_GetOSError());
- return -1;
+ return;
}
if (PR_FAILURE == PR_MkDir(TEST_DIR, 0777)) {
printf("testfile failed to recreate dir %s [%d, %d]\n", TEST_DIR,
PR_GetError(), PR_GetOSError());
- return -1;
+ return;
}
if (PR_SUCCESS == PR_Rename(renamename, TEST_DIR)) {
printf("testfile renamed directory to existing name %s\n", renamename);
- return -1;
+ return;
}
PR_CloseDir(fd_dir);
@@ -815,41 +815,41 @@
printf(
"testfile failed to rename directory %s [%d, %d]\n",
TEST_DIR, PR_GetError(), PR_GetOSError());
- return -1;
+ return;
}
if (PR_FAILURE == PR_RmDir(TEST_DIR)) {
printf("testfile failed to rmdir %s [%d, %d]\n", TEST_DIR, PR_GetError(),
PR_GetOSError());
- return -1;
+ return;
}
if (PR_FAILURE == PR_MkDir(TEST_DIR, 0777)) {
printf(
"testfile failed to recreate dir %s [%d, %d]\n",
TEST_DIR, PR_GetError(), PR_GetOSError());
- return -1;
+ return;
}
if (PR_SUCCESS == PR_Rename(renamename, TEST_DIR)) {
printf(
"testfile renamed directory to existing name %s\n",
renamename);
- return -1;
+ return;
}
if (PR_FAILURE == PR_Rename(renamename, TEST_DIR)) {
printf("testfile failed to rename directory %s [%d, %d]\n", renamename,
PR_GetError(), PR_GetOSError());
- return -1;
+ return;
}
fd_dir = PR_OpenDir(TEST_DIR);
if (fd_dir == NULL) {
printf("testfile failed to reopen directory %s [%d, %d]\n", TEST_DIR,
PR_GetError(), PR_GetOSError());
- return -1;
+ return;
}
if (PR_FAILURE == PR_RmDir(TEST_DIR)) {
printf(
"testfile failed to rmdir %s [%d, %d]\n",
TEST_DIR, PR_GetError(), PR_GetOSError());
- return -1;
+ return;
strcpy(pathname, TEST_DIR);
@@ -823,7 +823,7 @@
if (PR_FAILURE == PR_Delete(pathname)) {
printf("testfile failed to delete file %s [%d, %d]\n", pathname,
PR_GetError(), PR_GetOSError());
- return -1;
+ return;
}
}
if (PR_FAILURE == PR_Rename(renamename, TEST_DIR)) {
printf(
"testfile failed to rename directory %s [%d, %d]\n",
renamename, PR_GetError(), PR_GetOSError());
- return -1;
+ return;
}
fd_dir = PR_OpenDir(TEST_DIR);
if (fd_dir == NULL) {
printf(
"testfile failed to reopen directory %s [%d, %d]\n",
TEST_DIR, PR_GetError(), PR_GetOSError());
- return -1;
+ return;
}
@@ -832,14 +832,13 @@
if (PR_FAILURE == PR_RmDir(TEST_DIR)) {
printf("testfile failed to rmdir %s [%d, %d]\n", TEST_DIR, PR_GetError(),
PR_GetOSError());
- return -1;
+ return;
}
PR_EnterMonitor(tinfo->mon);
tinfo->done = 1;
PR_Notify(tinfo->mon);
PR_ExitMonitor(tinfo->mon);
strcpy(pathname, TEST_DIR);
@@ -865,7 +865,7 @@
printf(
"testfile failed to delete file %s [%d, %d]\n",
pathname, PR_GetError(), PR_GetOSError());
- return -1;
+ return;
}
}
@@ -875,14 +875,13 @@
printf(
"testfile failed to rmdir %s [%d, %d]\n",
TEST_DIR, PR_GetError(), PR_GetOSError());
- return -1;
+ return;
}
PR_EnterMonitor(tinfo->mon);
tinfo->done = 1;
PR_Notify(tinfo->mon);
PR_ExitMonitor(tinfo->mon);
- return 0;
- return 0;
}
/************************************************************************/

18
external/nss/macos-dlopen.patch.0 vendored
View File

@ -1,14 +1,14 @@
--- nspr/pr/src/linking/prlink.c
+++ nspr/pr/src/linking/prlink.c
@@ -555,7 +555,7 @@
* The reason is that DARWIN's dlopen ignores the provided path
* and checks for the plain filename in DYLD_LIBRARY_PATH,
* which could load an unexpected version of a library. */
- if (strchr(name, PR_DIRECTORY_SEPARATOR) == NULL) {
+ if (strchr(name, PR_DIRECTORY_SEPARATOR) == NULL || strncmp(name, "@loader_path/", 13) == 0) {
/* no slash, allow to load from any location */
okToLoad = PR_TRUE;
} else {
@@ -502,7 +502,7 @@
* The reason is that DARWIN's dlopen ignores the provided path
* and checks for the plain filename in DYLD_LIBRARY_PATH,
* which could load an unexpected version of a library. */
- if (strchr(name, PR_DIRECTORY_SEPARATOR) == NULL) {
+ if (strchr(name, PR_DIRECTORY_SEPARATOR) == NULL || strncmp(name, "@loader_path/", 13) == 0) {
/* no slash, allow to load from any location */
okToLoad = PR_TRUE;
} else {
--- nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_httpcertstore.c
+++ nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_httpcertstore.c
@@ -224,7 +224,11 @@

4
external/nss/nss-android.patch.1 vendored
View File

@ -16,7 +16,7 @@ diff -ur nss.org/nspr/build/autoconf/config.sub nss/nspr/build/autoconf/config.s
diff -ur nss.org/nspr/configure nss/nspr/configure
--- nss.org/nspr/configure 2017-09-07 15:29:45.018246359 +0200
+++ nss/nspr/configure 2017-09-07 15:31:47.604075663 +0200
@@ -2728,18 +2728,15 @@
@@ -3253,18 +3253,15 @@
esac
AS="$android_toolchain"/bin/"$android_tool_prefix"-as
@ -36,7 +36,7 @@ diff -ur nss.org/nspr/configure nss/nspr/configure
- CXXFLAGS="-mandroid -I$android_platform/usr/include -fpic -fno-short-enums -fno-exceptions $CXXFLAGS"
- LDFLAGS="-mandroid -L$android_platform/usr/lib -Wl,-rpath-link=$android_platform/usr/lib --sysroot=$android_platform $LDFLAGS"
$as_echo "#define ANDROID 1" >>confdefs.h
printf "%s\n" "#define ANDROID 1" >>confdefs.h
diff -ur nss.org/nss/Makefile nss/nss/Makefile
--- nss.org/nss/Makefile 2017-09-07 15:29:44.933245745 +0200

32
external/nss/nss-ios.patch vendored
View File

@ -58,24 +58,15 @@
--- a/a/nss/lib/pk11wrap/pk11load.c
+++ a/a/nss/lib/pk11wrap/pk11load.c
@@ -390,6 +390,8 @@
/*
* load a new module into our address space and initialize it.
*/
+extern CK_RV NSSCKBI_C_GetFunctionList();
+
SECStatus
secmod_LoadPKCS11Module(SECMODModule *mod, SECMODModule **oldModule)
{
@@ -468,6 +470,7 @@
@@ -456,6 +456,7 @@
/* load the library. If this succeeds, then we have to remember to
* unload the library if anything goes wrong from here on out...
*/
* unload the library if anything goes wrong from here on out...
*/
+#ifndef NSS_STATIC_PKCS11 // With NSS_STATIC_PKCS11, the only module wodule we load here is nssckbi
#if defined(_WIN32)
if (nssUTF8_Length(mod->dllName, NULL)) {
wchar_t *dllNameWide = _NSSUTIL_UTF8ToWide(mod->dllName);
@@ -507,6 +510,10 @@
@@ -495,6 +496,11 @@
mod->moduleDBFunc = (void *)
PR_FindSymbol(library, "NSS_ReturnModuleSpecData");
}
@ -83,11 +74,12 @@
+ if (strcmp(mod->dllName, "NSSCKBI") == 0)
+ fentry = NSSCKBI_C_GetFunctionList;
+#endif
+
if (mod->moduleDBFunc == NULL)
mod->isModuleDB = PR_FALSE;
if ((ientry == NULL) && (fentry == NULL)) {
@@ -643,10 +650,12 @@
}
@@ -545,10 +551,12 @@
fail:
mod->functionList = NULL;
+#ifndef NSS_STATIC_PKCS11
@ -99,6 +91,16 @@
return SECFailure;
}
@@ -656,6 +664,8 @@
/*
* load a new module into our address space and initialize it.
*/
+extern CK_RV NSSCKBI_C_GetFunctionList();
+
SECStatus
secmod_LoadPKCS11Module(SECMODModule *mod, SECMODModule **oldModule)
{
--- a/a/nss/lib/ckfw/nssck.api
+++ a/a/nss/lib/ckfw/nssck.api
@@ -1842,7 +1842,11 @@

23
external/nss/nss.getrandom.patch vendored
View File

@ -1,23 +1,22 @@
--- a/nss/nspr/pr/src/md/unix/uxrng.c
+++ b/nss/nspr/pr/src/md/unix/uxrng.c
@@ -68,13 +68,18 @@
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
+#include <dlfcn.h>
@@ -56,12 +56,17 @@
# include <sys/types.h>
# include <sys/stat.h>
# include <fcntl.h>
+# include <dlfcn.h>
static int fdDevURandom;
static int fdDevURandom;
static PRCallOnceType coOpenDevURandom;
static PRStatus OpenDevURandom( void )
{
- fdDevURandom = open( "/dev/urandom", O_RDONLY );
static PRStatus OpenDevURandom(void) {
- fdDevURandom = open("/dev/urandom", O_RDONLY);
+ static int (*lok_open_urandom)();
+ if (!lok_open_urandom)
+ lok_open_urandom = dlsym(RTLD_DEFAULT, "lok_open_urandom");
+ if (!lok_open_urandom || (fdDevURandom = lok_open_urandom()) < 0)
+ fdDevURandom = open( "/dev/urandom", O_RDONLY );
return((-1 == fdDevURandom)? PR_FAILURE : PR_SUCCESS );
return ((-1 == fdDevURandom) ? PR_FAILURE : PR_SUCCESS);
} /* end OpenDevURandom() */
--- a/nss/nss/lib/freebl/unix_rand.c
@ -82,10 +81,10 @@
#include "secerr.h"
#include "secrng.h"
#include "prprf.h"
@@ -62,7 +63,11 @@
@@ -66,7 +66,11 @@
* Reset the number of bytes to get and fall back to /dev/urandom. */
fileBytes = 0;
#endif
#endif /* platorm has getentropy */
- fd = open("/dev/urandom", O_RDONLY);
+ static int (*lok_open_urandom)();
+ if (!lok_open_urandom)

16
external/nss/nss.patch vendored
View File

@ -11,15 +11,15 @@
# combo is not yet good at debugging inlined
--- a/nss.orig/nspr/pr/src/misc/prnetdb.c 2017-08-29 23:44:13.690045031 +0530
+++ b/nss/nspr/pr/src/misc/prnetdb.c 2017-08-29 23:47:03.810814019 +0530
@@ -441,7 +441,7 @@
char *buf = *bufp;
PRIntn buflen = *buflenp;
@@ -405,7 +405,7 @@
char* buf = *bufp;
PRIntn buflen = *buflenp;
- if (align && ((long)buf & (align - 1))) {
+ if (align && ((ptrdiff_t)buf & (align - 1))) {
PRIntn skip = align - ((ptrdiff_t)buf & (align - 1));
if (buflen < skip) {
return 0;
- if (align && ((long)buf & (align - 1))) {
+ if (align && ((ptrdiff_t)buf & (align - 1))) {
PRIntn skip = align - ((ptrdiff_t)buf & (align - 1));
if (buflen < skip) {
return 0;
--- a/a/nss/cmd/platlibs.mk 2017-08-29 23:44:13.554044416 +0530
+++ b/b/nss/cmd/platlibs.mk 2017-08-29 23:46:09.638569150 +0530
@@ -10,17 +10,22 @@

4
external/nss/nss_macosx.patch vendored
View File

@ -11,8 +11,8 @@ diff -ru a/nspr/configure b/nspr/configure
arm*)
CPU_ARCH=arm
;;
@@ -6483,7 +6486,7 @@
@@ -7221,7 +7221,7 @@
fi
DSO_CFLAGS=-fPIC
- DSO_LDOPTS='-dynamiclib -compatibility_version 1 -current_version 1 -all_load -install_name @executable_path/$@ -headerpad_max_install_names'