On 2010/11/24 11:18, Landry Breuil wrote: > On Mon, Nov 22, 2010 at 10:19:14AM +0000, Federico G. Schwindt wrote: > > Hi, > > > > Move to system sqlite3. Should get rid of those fugly warnings. > > Untested as it requires the sqlite3 update. > > > Index: patches/patch-security_nss_lib_softoken_sdb_c > > =================================================================== > > RCS file: patches/patch-security_nss_lib_softoken_sdb_c > > diff -N -u -p patches/patch-security_nss_lib_softoken_sdb_c > > --- /dev/null 22 Nov 2010 03:16:00 -0000 > > +++ patches/patch-security_nss_lib_softoken_sdb_c 22 Nov 2010 10:15:59 > > -0000 > > @@ -0,0 +1,18 @@ > > +$OpenBSD$ > > +--- security/nss/lib/softoken/sdb.c.orig Mon Nov 22 09:35:19 2010 > > ++++ security/nss/lib/softoken/sdb.c Mon Nov 22 09:40:01 2010 > > +@@ -614,6 +614,14 @@ sdb_openDB(const char *name, sqlite3 **sqlDB, int flag > > + *sqlDB = NULL; > > + return sqlerr; > > + } > > ++ > > ++ sqlerr = sqlite3_exec(sqlDB, "PRAGMA secure_delete = ON", NULL, 0, > > NULL); > > ++ if (sqlerr != SQLITE_OK) { > > ++ sqlite3_close(*sqlDB); > > ++ *sqlDB = NULL; > > ++ return sqlerr; > > ++ } > > ++ > > + return SQLITE_OK; > > + } > > + > > That part should go into security/nss port.. firefox doesn't build its > internal nss, it uses systemwide one. And i'm not sure/dont know if the > sqlite usage in nss needs secure_delete. > The configure script should be amended too i think, because i'm pretty > sure it checks for it, or use the appropriate ac_ macro. > > And to avoid NIH, i'd rather use patches from pkgsrc-wip. > http://cvsweb.netbsd.se/cgi-bin/bsdweb.cgi/wip/xulrunner/mozilla-common.mk.diff?r1=1.11;r2=1.12 > http://cvsweb.netbsd.se/cgi-bin/bsdweb.cgi/wip/xulrunner/patches/patch-al.diff?r1=1.5;r2=1.6
I think I prefer fgs' version which checks the return code > Let's update sqlite to 3.7.x first.. *nod*