RPM Package Manager, CVS Repository
http://rpm5.org/cvs/
____________________________________________________________________________
Server: rpm5.org Name: Pinto Elia
Root: /v/rpm/cvs Email: devzero2...@rpm5.org
Module: rpm Date: 10-Aug-2010 12:46:40
Branch: HEAD Handle: 2010081010463901
Modified files:
rpm/macros macros.in
rpm/rpmio rpmnss.c rpmpgp.c
Log:
Patch for to FIPS 140-2 @rpm5.org crypto stack validation
Based on a original patch from Jeff Johnson for rpm 5.1.9
Slightly revised for 5.3 HEAD branch
Submitted by: jbj
Summary:
Revision Changes Path
1.30 +3 -1 rpm/macros/macros.in
1.39 +8 -0 rpm/rpmio/rpmnss.c
2.124 +2 -2 rpm/rpmio/rpmpgp.c
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: rpm/macros/macros.in
============================================================================
$ cvs diff -u -r1.29 -r1.30 macros.in
--- rpm/macros/macros.in 21 May 2010 03:16:15 -0000 1.29
+++ rpm/macros/macros.in 10 Aug 2010 10:46:39 -0000 1.30
@@ -1,7 +1,7 @@
#/*! \page config_macros Default configuration: @USRLIBRPM@/macros
# \verbatim
#
-# $Id: macros.in,v 1.29 2010/05/21 03:16:15 jbj Exp $
+# $Id: macros.in,v 1.30 2010/08/10 10:46:39 devzero2000 Exp $
#
# This is a global RPM configuration file. All changes made here will
# be lost when the rpm package is upgraded. Any per-system configuration
@@ -502,6 +502,8 @@
%_hkp_keyserver hkp://keys.rpm5.org
%_hkp_keyserver_query %{_hkp_keyserver}/pks/lookup?op=get&search=
+
+%_nssdb_path /etc/pki/nssdb
#==============================================================================
# ---- Transaction macros.
# Macro(s) used to parameterize transactions.
@@ .
patch -p0 <<'@@ .'
Index: rpm/rpmio/rpmnss.c
============================================================================
$ cvs diff -u -r1.38 -r1.39 rpmnss.c
--- rpm/rpmio/rpmnss.c 9 Jun 2010 19:19:44 -0000 1.38
+++ rpm/rpmio/rpmnss.c 10 Aug 2010 10:46:40 -0000 1.39
@@ -3,6 +3,7 @@
*/
#include "system.h"
+#include <rpmio.h>
#include <rpmiotypes.h>
#define _RPMPGP_INTERNAL
@@ -10,6 +11,7 @@
#define _RPMNSS_INTERNAL
#include <rpmnss.h>
#endif
+#include <rpmmacro.h>
#include "debug.h"
@@ -1258,10 +1260,16 @@
/*...@modifies _rpmnss_init @*/
{
rpmnss nss = xcalloc(1, sizeof(*nss));
+ const char * _nssdb_path = rpmExpand("%{?_nssdb_path}", NULL);
/*...@-moduncon@*/
+ if (_nssdb_path != NULL && *_nssdb_path == '/')
+ (void) NSS_Init(_nssdb_path);
+ else
(void) NSS_NoDB_Init(NULL);
/*...@=moduncon@*/
+ _nssdb_path = _free(_nssdb_path);
+
_rpmnss_init = 1;
return (void *) nss;
@@ .
patch -p0 <<'@@ .'
Index: rpm/rpmio/rpmpgp.c
============================================================================
$ cvs diff -u -r2.123 -r2.124 rpmpgp.c
--- rpm/rpmio/rpmpgp.c 23 Jun 2010 06:47:29 -0000 2.123
+++ rpm/rpmio/rpmpgp.c 10 Aug 2010 10:46:40 -0000 2.124
@@ -47,12 +47,12 @@
#elif defined(USE_CRYPTO_TOMCRYPT) && defined(WITH_TOMCRYPT)
&rpmltcImplVecs;
/* implict selection (order DOES matter) */
+#elif defined(WITH_NSS)
+ &rpmnssImplVecs;
#elif defined(WITH_BEECRYPT)
&rpmbcImplVecs;
#elif defined(WITH_GCRYPT)
&rpmgcImplVecs;
-#elif defined(WITH_NSS)
- &rpmnssImplVecs;
#elif defined(WITH_SSL)
&rpmsslImplVecs;
#elif defined(WITH_CDSA)
@@ .
______________________________________________________________________
RPM Package Manager http://rpm5.org
CVS Sources Repository rpm-cvs@rpm5.org
