~chrisccoulson/nss/nss-3.12.5 : contents of debian/patches/85_security

~chrisccoulson/nss/nss-3.12.5 : (revision 108)

## 85_security_load.patch by Mike Hommey <glandium@debian.org>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: Load modules from $ORIGIN/nss.

Index: nss-3.12.6/mozilla/security/nss/cmd/shlibsign/shlibsign.c
===================================================================
--- nss-3.12.6.orig/mozilla/security/nss/cmd/shlibsign/shlibsign.c	2008-11-20 15:44:12.000000000 +0000
+++ nss-3.12.6/mozilla/security/nss/cmd/shlibsign/shlibsign.c	2010-03-29 12:06:03.560531797 +0100
@@ -769,6 +769,8 @@
     libname = PR_GetLibraryName(NULL, "softokn3");
     assert(libname != NULL);
     lib = PR_LoadLibrary(libname);
+    if (!lib)
+        lib = PR_LoadLibrary("/usr/lib/nss/libsoftokn3.so");
     assert(lib != NULL);
     PR_FreeLibraryName(libname);
 
Index: nss-3.12.6/mozilla/security/nss/lib/pk11wrap/pk11load.c
===================================================================
--- nss-3.12.6.orig/mozilla/security/nss/lib/pk11wrap/pk11load.c	2009-10-30 09:44:45.000000000 +0000
+++ nss-3.12.6/mozilla/security/nss/lib/pk11wrap/pk11load.c	2010-03-29 12:14:42.600534017 +0100
@@ -393,6 +393,7 @@
     SECStatus rv;
     PRBool alreadyLoaded = PR_FALSE;
     char *disableUnload = NULL;
+    char * tmp;
 
     if (mod->loaded) return SECSuccess;
 
@@ -440,6 +441,16 @@
 	 * unload the library if anything goes wrong from here on out...
 	 */
 	library = PR_LoadLibrary(full_name);
+	if (library == NULL) {
+            tmp = rindex(full_name, PR_GetDirectorySeparator());
+            if (tmp)
+                tmp++;
+            else
+                tmp = full_name;
+            library = PORT_LoadLibraryFromOrigin(my_shlib_name,
+                                      (PRFuncPtr) &softoken_LoadDSO,
+                                      tmp);
+	}
 	mod->library = (void *)library;
 	PORT_Free(full_name);
 
Index: nss-3.12.6/mozilla/security/nss/lib/util/secload.c
===================================================================
--- nss-3.12.6.orig/mozilla/security/nss/lib/util/secload.c	2009-10-30 09:44:47.000000000 +0000
+++ nss-3.12.6/mozilla/security/nss/lib/util/secload.c	2010-03-29 12:06:03.560531797 +0100
@@ -104,9 +104,14 @@
 
     /* Remove the trailing filename from referencePath and add the new one */
     c = strrchr(referencePath, PR_GetDirectorySeparator());
+    if (!c) { /* referencePath doesn't contain a / means that dladdr gave us argv[0]
+               * and program was called from $PATH. Hack to get libs from /usr/lib */
+        referencePath = "/usr/lib/";
+        c = &referencePath[8]; /* last / */
+    }
     if (c) {
         size_t referencePathSize = 1 + c - referencePath;
-        fullName = (char*) PORT_Alloc(strlen(name) + referencePathSize + 1);
+        fullName = (char*) PORT_Alloc(strlen(name) + referencePathSize + 5);
         if (fullName) {
             memcpy(fullName, referencePath, referencePathSize);
             strcpy(fullName + referencePathSize, name); 
@@ -116,6 +121,12 @@
 #endif
             libSpec.type = PR_LibSpec_Pathname;
             libSpec.value.pathname = fullName;
+            if ((referencePathSize >= 4) &&
+                (strncmp(fullName + referencePathSize - 4, "bin", 3) == 0)) {
+                memcpy(fullName + referencePathSize -4, "lib", 3);
+            }
+            strcpy(fullName + referencePathSize, "nss/");
+            strcpy(fullName + referencePathSize + 4, name);
             dlh = PR_LoadLibraryWithFlags(libSpec, PR_LD_NOW | PR_LD_LOCAL
 #ifdef PR_LD_ALT_SEARCH_PATH
             /* allow library's dependencies to be found in the same directory
@@ -123,6 +134,10 @@
                                           | PR_LD_ALT_SEARCH_PATH 
 #endif
                                           );
+            if (! dlh) {
+                strcpy(fullName + referencePathSize, name);
+                dlh = PR_LoadLibraryWithFlags(libSpec, PR_LD_NOW | PR_LD_LOCAL);
+            }
             PORT_Free(fullName);
         }
     }

105.1.2 by Chris Coulson * New upstream release 3.12.5 RTM (NSS_3_12_5_RTM)	1	## 85_security_load.patch by Mike Hommey <glandium@debian.org>
	2	##
	3	## All lines beginning with `## DP:' are a description of the patch.
	4	## DP: Load modules from $ORIGIN/nss.
	5
105.1.6 by Chris Coulson * Restore previous behaviour of searching for a module in the known paths if it can't be found in the location specified by the calling application:	6	Index: nss-3.12.6/mozilla/security/nss/cmd/shlibsign/shlibsign.c
	7	===================================================================
	8	--- nss-3.12.6.orig/mozilla/security/nss/cmd/shlibsign/shlibsign.c 2008-11-20 15:44:12.000000000 +0000
	9	+++ nss-3.12.6/mozilla/security/nss/cmd/shlibsign/shlibsign.c 2010-03-29 12:06:03.560531797 +0100
	10	@@ -769,6 +769,8 @@
105.1.2 by Chris Coulson * New upstream release 3.12.5 RTM (NSS_3_12_5_RTM)	11	libname = PR_GetLibraryName(NULL, "softokn3");
	12	assert(libname != NULL);
	13	lib = PR_LoadLibrary(libname);
	14	+ if (!lib)
	15	+ lib = PR_LoadLibrary("/usr/lib/nss/libsoftokn3.so");
	16	assert(lib != NULL);
	17	PR_FreeLibraryName(libname);
	18
105.1.6 by Chris Coulson * Restore previous behaviour of searching for a module in the known paths if it can't be found in the location specified by the calling application:	19	Index: nss-3.12.6/mozilla/security/nss/lib/pk11wrap/pk11load.c
	20	===================================================================
	21	--- nss-3.12.6.orig/mozilla/security/nss/lib/pk11wrap/pk11load.c 2009-10-30 09:44:45.000000000 +0000
	22	+++ nss-3.12.6/mozilla/security/nss/lib/pk11wrap/pk11load.c 2010-03-29 12:14:42.600534017 +0100
	23	@@ -393,6 +393,7 @@
	24	SECStatus rv;
	25	PRBool alreadyLoaded = PR_FALSE;
	26	char *disableUnload = NULL;
	27	+ char * tmp;
	28
	29	if (mod->loaded) return SECSuccess;
	30
	31	@@ -440,6 +441,16 @@
105.1.2 by Chris Coulson * New upstream release 3.12.5 RTM (NSS_3_12_5_RTM)	32	* unload the library if anything goes wrong from here on out...
	33	*/
	34	library = PR_LoadLibrary(full_name);
105.1.6 by Chris Coulson * Restore previous behaviour of searching for a module in the known paths if it can't be found in the location specified by the calling application:	35	+ if (library == NULL) {
	36	+ tmp = rindex(full_name, PR_GetDirectorySeparator());
	37	+ if (tmp)
	38	+ tmp++;
	39	+ else
	40	+ tmp = full_name;
105.1.2 by Chris Coulson * New upstream release 3.12.5 RTM (NSS_3_12_5_RTM)	41	+ library = PORT_LoadLibraryFromOrigin(my_shlib_name,
	42	+ (PRFuncPtr) &softoken_LoadDSO,
105.1.6 by Chris Coulson * Restore previous behaviour of searching for a module in the known paths if it can't be found in the location specified by the calling application:	43	+ tmp);
105.1.2 by Chris Coulson * New upstream release 3.12.5 RTM (NSS_3_12_5_RTM)	44	+ }
	45	mod->library = (void *)library;
	46	PORT_Free(full_name);
	47
105.1.6 by Chris Coulson * Restore previous behaviour of searching for a module in the known paths if it can't be found in the location specified by the calling application:	48	Index: nss-3.12.6/mozilla/security/nss/lib/util/secload.c
	49	===================================================================
	50	--- nss-3.12.6.orig/mozilla/security/nss/lib/util/secload.c 2009-10-30 09:44:47.000000000 +0000
	51	+++ nss-3.12.6/mozilla/security/nss/lib/util/secload.c 2010-03-29 12:06:03.560531797 +0100
	52	@@ -104,9 +104,14 @@
28 by Fabien Tassin * new upstream snapshot 3.12.0~cvs20071221t1057	53
	54	/* Remove the trailing filename from referencePath and add the new one */
	55	c = strrchr(referencePath, PR_GetDirectorySeparator());
97 by Alexander Sack * update 85_security_load.patch to latest debian version	56	+ if (!c) { /* referencePath doesn't contain a / means that dladdr gave us argv[0]
	57	+ * and program was called from $PATH. Hack to get libs from /usr/lib */
	58	+ referencePath = "/usr/lib/";
	59	+ c = &referencePath[8]; /* last / */
	60	+ }
28 by Fabien Tassin * new upstream snapshot 3.12.0~cvs20071221t1057	61	if (c) {
	62	size_t referencePathSize = 1 + c - referencePath;
	63	- fullName = (char*) PORT_Alloc(strlen(name) + referencePathSize + 1);
	64	+ fullName = (char*) PORT_Alloc(strlen(name) + referencePathSize + 5);
	65	if (fullName) {
	66	memcpy(fullName, referencePath, referencePathSize);
	67	strcpy(fullName + referencePathSize, name);
105.1.6 by Chris Coulson * Restore previous behaviour of searching for a module in the known paths if it can't be found in the location specified by the calling application:	68	@@ -116,6 +121,12 @@
28 by Fabien Tassin * new upstream snapshot 3.12.0~cvs20071221t1057	69	#endif
	70	libSpec.type = PR_LibSpec_Pathname;
	71	libSpec.value.pathname = fullName;
97 by Alexander Sack * update 85_security_load.patch to latest debian version	72	+ if ((referencePathSize >= 4) &&
	73	+ (strncmp(fullName + referencePathSize - 4, "bin", 3) == 0)) {
	74	+ memcpy(fullName + referencePathSize -4, "lib", 3);
	75	+ }
	76	+ strcpy(fullName + referencePathSize, "nss/");
	77	+ strcpy(fullName + referencePathSize + 4, name);
105.1.2 by Chris Coulson * New upstream release 3.12.5 RTM (NSS_3_12_5_RTM)	78	dlh = PR_LoadLibraryWithFlags(libSpec, PR_LD_NOW \| PR_LD_LOCAL
	79	#ifdef PR_LD_ALT_SEARCH_PATH
	80	/* allow library's dependencies to be found in the same directory
105.1.6 by Chris Coulson * Restore previous behaviour of searching for a module in the known paths if it can't be found in the location specified by the calling application:	81	@@ -123,6 +134,10 @@
105.1.2 by Chris Coulson * New upstream release 3.12.5 RTM (NSS_3_12_5_RTM)	82	\| PR_LD_ALT_SEARCH_PATH
	83	#endif
	84	);
97 by Alexander Sack * update 85_security_load.patch to latest debian version	85	+ if (! dlh) {
	86	+ strcpy(fullName + referencePathSize, name);
	87	+ dlh = PR_LoadLibraryWithFlags(libSpec, PR_LD_NOW \| PR_LD_LOCAL);
	88	+ }
28 by Fabien Tassin * new upstream snapshot 3.12.0~cvs20071221t1057	89	PORT_Free(fullName);
	90	}
	91	}