Bug 618368, Mozilla upgrade to NSS 3.12.9 final (includes NSPR 4.8.7 final). a=blocking-fennec-2.0+=doug.turner
authorKai Engert <kaie@kuix.de>
Thu, 13 Jan 2011 14:22:51 +0100
changeset 60440 17fae822d2d753587934bec672a9950b2dde6fe5
parent 60439 b9029c71a63a18fa3222252f14764d40797a4a07
child 60441 7fcae0c7f36a0adec53e2e4e0eef6e4db49612a6
push id17992
push userkaie@kuix.de
push dateThu, 13 Jan 2011 13:24:05 +0000
treeherdermozilla-central@17fae822d2d7 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersblocking-fennec-2.0
bugs618368
milestone2.0b10pre
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 618368, Mozilla upgrade to NSS 3.12.9 final (includes NSPR 4.8.7 final). a=blocking-fennec-2.0+=doug.turner
nsprpub/TAG-INFO
nsprpub/config/prdepend.h
nsprpub/config/rules.mk
nsprpub/pr/include/prinit.h
security/coreconf/coreconf.dep
security/nss/TAG-INFO
security/nss/lib/freebl/jpake.c
security/nss/lib/freebl/win_rand.c
security/nss/lib/nss/nss.h
security/nss/lib/pki/pkistore.c
security/nss/lib/smime/cmsdecode.c
security/nss/lib/smime/cmsencode.c
security/nss/lib/softoken/legacydb/lginit.c
security/nss/lib/softoken/sdb.c
security/nss/lib/softoken/softkver.h
security/nss/lib/util/nssutil.h
security/nss/tests/libpkix/certs/PayPalEE.cert
--- a/nsprpub/TAG-INFO
+++ b/nsprpub/TAG-INFO
@@ -1,1 +1,1 @@
-NSPR_4_8_7_BETA2
+NSPR_4_8_7_RTM
--- a/nsprpub/config/prdepend.h
+++ b/nsprpub/config/prdepend.h
@@ -38,8 +38,9 @@
 /*
  * A dummy header file that is a dependency for all the object files.
  * Used to force a full recompilation of NSPR in Mozilla's Tinderbox
  * depend builds.  See comments in rules.mk.
  */
 
 #error "Do not include this header file."
 
+
--- a/nsprpub/config/rules.mk
+++ b/nsprpub/config/rules.mk
@@ -458,16 +458,24 @@ DUMMY_DEPEND_H = $(topsrcdir)/config/prd
 
 # END OF HACK
 
 ################################################################################
 # Special gmake rules.
 ################################################################################
 
 #
+# Disallow parallel builds with MSVC < 8 since it can't open the PDB file in
+# parallel.
+#
+ifeq (,$(filter-out 1200 1300 1310,$(MSC_VER)))
+.NOTPARALLEL:
+endif
+
+#
 # Re-define the list of default suffixes, so gmake won't have to churn through
 # hundreds of built-in suffix rules for stuff we don't need.
 #
 .SUFFIXES:
 .SUFFIXES: .a .$(OBJ_SUFFIX) .c .cpp .s .h .i .pl
 
 #
 # Fake targets.  Always run these rules, even if a file/directory with that
--- a/nsprpub/pr/include/prinit.h
+++ b/nsprpub/pr/include/prinit.h
@@ -58,21 +58,21 @@ PR_BEGIN_EXTERN_C
 /*
 ** NSPR's version is used to determine the likelihood that the version you
 ** used to build your component is anywhere close to being compatible with
 ** what is in the underlying library.
 **
 ** The format of the version string is
 **     "<major version>.<minor version>[.<patch level>] [<Beta>]"
 */
-#define PR_VERSION  "4.8.7 Beta"
+#define PR_VERSION  "4.8.7"
 #define PR_VMAJOR   4
 #define PR_VMINOR   8
 #define PR_VPATCH   7
-#define PR_BETA     PR_TRUE
+#define PR_BETA     PR_FALSE
 
 /*
 ** PRVersionCheck
 **
 ** The basic signature of the function that is called to provide version
 ** checking. The result will be a boolean that indicates the likelihood
 ** that the underling library will perform as the caller expects.
 **
--- a/security/coreconf/coreconf.dep
+++ b/security/coreconf/coreconf.dep
@@ -39,8 +39,9 @@
  * A dummy header file that is a dependency for all the object files.
  * Used to force a full recompilation of NSS in Mozilla's Tinderbox
  * depend builds.  See comments in rules.mk.
  */
 
 #error "Do not include this header file."
 
 
+
--- a/security/nss/TAG-INFO
+++ b/security/nss/TAG-INFO
@@ -1,1 +1,1 @@
-NSS_3_12_9_BETA2
+NSS_3_12_9_RTM
--- a/security/nss/lib/freebl/jpake.c
+++ b/security/nss/lib/freebl/jpake.c
@@ -417,17 +417,18 @@ JPAKE_Round2(PLArenaPool * arena,
     if (x2s != NULL) {
         CHECK_MPI_OK( mp_init(&X2) );
         CHECK_MPI_OK( mp_init(&S) );
 
         SECITEM_TO_MPINT(*q, &Q);
         SECITEM_TO_MPINT(*x2, &X2);
         
         SECITEM_TO_MPINT(*s, &S);
-        if (mp_cmp(&S, &Q) >= 0) {
+        /* S must be in [1, Q-1] */
+        if (mp_cmp_z(&S) <= 0 || mp_cmp(&S, &Q) >= 0) {
             err = MP_BADARG;
             goto cleanup;
         }
 
         CHECK_MPI_OK( mp_mulmod(&X2, &S, &Q, &result) );
         MPINT_TO_SECITEM(&result, x2s, arena);
     }
 
--- a/security/nss/lib/freebl/win_rand.c
+++ b/security/nss/lib/freebl/win_rand.c
@@ -146,29 +146,31 @@ EnumSystemFilesInFolder(Handler func, PR
     HANDLE              lFindHandle;
     WIN32_FIND_DATAW    fdData;
     PRUnichar           szFileName[_MAX_PATH];
 
     if (maxDepth < 0)
     	return;
     // append *.* so we actually look for files.
     _snwprintf(szFileName, _MAX_PATH, L"%s\\*.*", szSysDir);
+    szFileName[_MAX_PATH - 1] = L'\0';
 
     lFindHandle = FindFirstFileW(szFileName, &fdData);
     if (lFindHandle == INVALID_HANDLE_VALUE)
         return;
     do {
 	iContinue = 1;
 	if (wcscmp(fdData.cFileName, L".") == 0 ||
             wcscmp(fdData.cFileName, L"..") == 0) {
 	    // skip "." and ".."
 	} else {
 	    // pass the full pathname to the callback
 	    _snwprintf(szFileName, _MAX_PATH, L"%s\\%s", szSysDir, 
 		       fdData.cFileName);
+	    szFileName[_MAX_PATH - 1] = L'\0';
 	    if (fdData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) {
 		if (++uFolders <= MAX_FOLDERS)
 		    EnumSystemFilesInFolder(func, szFileName, maxDepth - 1);
 	    } else {
 		iContinue = (++uFiles <= MAX_FILES) && !(*func)(szFileName);
 	    }
 	}
 	if (iContinue)
--- a/security/nss/lib/nss/nss.h
+++ b/security/nss/lib/nss/nss.h
@@ -31,17 +31,17 @@
  * under the terms of either the GPL or the LGPL, and not to allow others to
  * use your version of this file under the terms of the MPL, indicate your
  * decision by deleting the provisions above and replace them with the notice
  * and other provisions required by the GPL or the LGPL. If you do not delete
  * the provisions above, a recipient may use your version of this file under
  * the terms of any one of the MPL, the GPL or the LGPL.
  *
  * ***** END LICENSE BLOCK ***** */
-/* $Id: nss.h,v 1.81.2.3 2010/09/23 17:07:52 christophe.ravel.bugs%sun.com Exp $ */
+/* $Id: nss.h,v 1.81.2.4 2011/01/06 18:04:16 christophe.ravel.bugs%sun.com Exp $ */
 
 #ifndef __nss_h_
 #define __nss_h_
 
 /* The private macro _NSS_ECC_STRING is for NSS internal use only. */
 #ifdef NSS_ENABLE_ECC
 #ifdef NSS_ECC_MORE_THAN_SUITE_B
 #define _NSS_ECC_STRING " Extended ECC"
@@ -61,22 +61,22 @@
 
 /*
  * NSS's major version, minor version, patch level, build number, and whether
  * this is a beta release.
  *
  * The format of the version string should be
  *     "<major version>.<minor version>[.<patch level>[.<build number>]][ <ECC>][ <Beta>]"
  */
-#define NSS_VERSION  "3.12.9.0" _NSS_ECC_STRING _NSS_CUSTOMIZED " Beta"
+#define NSS_VERSION  "3.12.9.0" _NSS_ECC_STRING _NSS_CUSTOMIZED
 #define NSS_VMAJOR   3
 #define NSS_VMINOR   12
 #define NSS_VPATCH   9
 #define NSS_VBUILD   0
-#define NSS_BETA     PR_TRUE
+#define NSS_BETA     PR_FALSE
 
 #ifndef RC_INVOKED
 
 #include "seccomon.h"
 
 typedef struct NSSInitParametersStr NSSInitParameters;
 
 /*
--- a/security/nss/lib/pki/pkistore.c
+++ b/security/nss/lib/pki/pkistore.c
@@ -30,17 +30,17 @@
  * decision by deleting the provisions above and replace them with the notice
  * and other provisions required by the GPL or the LGPL. If you do not delete
  * the provisions above, a recipient may use your version of this file under
  * the terms of any one of the MPL, the GPL or the LGPL.
  *
  * ***** END LICENSE BLOCK ***** */
 
 #ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile: pkistore.c,v $ $Revision: 1.33 $ $Date: 2008/06/06 01:19:30 $";
+static const char CVS_ID[] = "@(#) $RCSfile: pkistore.c,v $ $Revision: 1.33.40.1 $ $Date: 2010/12/17 20:14:38 $";
 #endif /* DEBUG */
 
 #ifndef PKIM_H
 #include "pkim.h"
 #endif /* PKIM_H */
 
 #ifndef PKI_H
 #include "pki.h"
@@ -645,17 +645,21 @@ nssCertificateStore_AddTrust (
 {
     NSSCertificate *cert;
     certificate_hash_entry *entry;
     cert = trust->certificate;
     PZ_Lock(store->lock);
     entry = (certificate_hash_entry *)
                               nssHash_Lookup(store->issuer_and_serial, cert);
     if (entry) {
-	entry->trust = nssTrust_AddRef(trust);
+	NSSTrust* newTrust = nssTrust_AddRef(trust);
+	if (entry->trust) {
+	    nssTrust_Destroy(entry->trust);
+	}
+	entry->trust = newTrust;
     }
     PZ_Unlock(store->lock);
     return (entry) ? PR_SUCCESS : PR_FAILURE;
 }
 
 NSS_IMPLEMENT NSSTrust *
 nssCertificateStore_FindTrustForCertificate (
   nssCertificateStore *store,
@@ -682,17 +686,21 @@ nssCertificateStore_AddSMIMEProfile (
 {
     NSSCertificate *cert;
     certificate_hash_entry *entry;
     cert = profile->certificate;
     PZ_Lock(store->lock);
     entry = (certificate_hash_entry *)
                               nssHash_Lookup(store->issuer_and_serial, cert);
     if (entry) {
-	entry->profile = nssSMIMEProfile_AddRef(profile);
+	nssSMIMEProfile* newProfile = nssSMIMEProfile_AddRef(profile);
+	if (entry->profile) {
+	    nssSMIMEProfile_Destroy(entry->profile);
+	}
+	entry->profile = newProfile;
     }
     PZ_Unlock(store->lock);
     return (entry) ? PR_SUCCESS : PR_FAILURE;
 }
 
 NSS_IMPLEMENT nssSMIMEProfile *
 nssCertificateStore_FindSMIMEProfileForCertificate (
   nssCertificateStore *store,
--- a/security/nss/lib/smime/cmsdecode.c
+++ b/security/nss/lib/smime/cmsdecode.c
@@ -32,17 +32,17 @@
  * the provisions above, a recipient may use your version of this file under
  * the terms of any one of the MPL, the GPL or the LGPL.
  *
  * ***** END LICENSE BLOCK ***** */
 
 /*
  * CMS decoding.
  *
- * $Id: cmsdecode.c,v 1.9 2006/08/05 01:19:23 julien.pierre.bugs%sun.com Exp $
+ * $Id: cmsdecode.c,v 1.9.66.1 2010/12/23 18:03:41 kaie%kuix.de Exp $
  */
 
 #include "cmslocal.h"
 
 #include "cert.h"
 #include "key.h"
 #include "secasn1.h"
 #include "secitem.h"
@@ -458,16 +458,21 @@ nss_cms_decoder_work_data(NSSCMSDecoderC
      * to finish/flush the last block.  (This is an overly paranoid
      * check since all callers are in this file and simple inspection
      * proves they do it right.  But it could find a bug in future
      * modifications/development, that is why it is here.)
      */
     PORT_Assert ((data != NULL && len) || final);
 
     cinfo = NSS_CMSContent_GetContentInfo(p7dcx->content.pointer, p7dcx->type);
+    if (!cinfo) {
+	/* The original programmer didn't expect this to happen */
+	p7dcx->error = SEC_ERROR_LIBRARY_FAILURE;
+	goto loser;
+    }
 
     if (cinfo->ciphcx != NULL) {
 	/*
 	 * we are decrypting.
 	 * 
 	 * XXX If we get an error, we do not want to do the digest or callback,
 	 * but we want to keep decoding.  Or maybe we want to stop decoding
 	 * altogether if there is a callback, because obviously we are not
--- a/security/nss/lib/smime/cmsencode.c
+++ b/security/nss/lib/smime/cmsencode.c
@@ -32,17 +32,17 @@
  * the provisions above, a recipient may use your version of this file under
  * the terms of any one of the MPL, the GPL or the LGPL.
  *
  * ***** END LICENSE BLOCK ***** */
 
 /*
  * CMS encoding.
  *
- * $Id: cmsencode.c,v 1.6 2006/06/08 22:01:02 nelson%bolyard.com Exp $
+ * $Id: cmsencode.c,v 1.6.66.1 2010/12/23 18:03:41 kaie%kuix.de Exp $
  */
 
 #include "cmslocal.h"
 
 #include "cert.h"
 #include "key.h"
 #include "secasn1.h"
 #include "secoid.h"
@@ -420,16 +420,21 @@ nss_cms_encoder_work_data(NSSCMSEncoderC
      * check since all callers are in this file and simple inspection
      * proves they do it right.  But it could find a bug in future
      * modifications/development, that is why it is here.)
      */
     PORT_Assert ((data != NULL && len) || final);
 
     /* we got data (either from the caller, or from a lower level encoder) */
     cinfo = NSS_CMSContent_GetContentInfo(p7ecx->content.pointer, p7ecx->type);
+    if (!cinfo) {
+	/* The original programmer didn't expect this to happen */
+	p7ecx->error = SEC_ERROR_LIBRARY_FAILURE;
+	return SECFailure;
+    }
 
     /* Update the running digest. */
     if (len && cinfo->digcx != NULL)
 	NSS_CMSDigestContext_Update(cinfo->digcx, data, len);
 
     /* Encrypt this chunk. */
     if (cinfo->ciphcx != NULL) {
 	unsigned int inlen;	/* length of data being encrypted */
@@ -623,16 +628,22 @@ NSS_CMSEncoder_Update(NSSCMSEncoderConte
     /* hand data to the innermost decoder */
     if (p7ecx->childp7ecx) {
 	/* recursion here */
 	rv = NSS_CMSEncoder_Update(p7ecx->childp7ecx, data, len);
     } else {
 	/* we are at innermost decoder */
 	/* find out about our inner content type - must be data */
 	cinfo = NSS_CMSContent_GetContentInfo(p7ecx->content.pointer, p7ecx->type);
+	if (!cinfo) {
+	    /* The original programmer didn't expect this to happen */
+	    p7ecx->error = SEC_ERROR_LIBRARY_FAILURE;
+	    return SECFailure;
+	}
+
 	childtype = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
 	if (childtype != SEC_OID_PKCS7_DATA)
 	    return SECFailure;
 	/* and we must not have preset data */
 	if (cinfo->content.data != NULL)
 	    return SECFailure;
 
 	/*  hand it the data so it can encode it (let DER trickle up the chain) */
@@ -723,16 +734,22 @@ NSS_CMSEncoder_Finish(NSSCMSEncoderConte
     rv = nss_cms_encoder_work_data(p7ecx, NULL, NULL, 0, PR_TRUE, (p7ecx->childp7ecx == NULL));
     if (rv != SECSuccess)
 	goto loser;
 
     p7ecx->childp7ecx = NULL;
 
     /* find out about our inner content type - must be data */
     cinfo = NSS_CMSContent_GetContentInfo(p7ecx->content.pointer, p7ecx->type);
+    if (!cinfo) {
+	/* The original programmer didn't expect this to happen */
+	p7ecx->error = SEC_ERROR_LIBRARY_FAILURE;
+	rv = SECFailure;
+	goto loser;
+    }
     childtype = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
     if (childtype == SEC_OID_PKCS7_DATA && cinfo->content.data == NULL) {
 	SEC_ASN1EncoderClearTakeFromBuf(p7ecx->ecx);
 	/* now that TakeFromBuf is off, this will kick this encoder to finish encoding */
 	rv = SEC_ASN1EncoderUpdate(p7ecx->ecx, NULL, 0);
     }
 
     SEC_ASN1EncoderClearStreaming(p7ecx->ecx);
--- a/security/nss/lib/softoken/legacydb/lginit.c
+++ b/security/nss/lib/softoken/legacydb/lginit.c
@@ -31,17 +31,17 @@
  * under the terms of either the GPL or the LGPL, and not to allow others to
  * use your version of this file under the terms of the MPL, indicate your
  * decision by deleting the provisions above and replace them with the notice
  * and other provisions required by the GPL or the LGPL. If you do not delete
  * the provisions above, a recipient may use your version of this file under
  * the terms of any one of the MPL, the GPL or the LGPL.
  *
  * ***** END LICENSE BLOCK ***** */
-/* $Id: lginit.c,v 1.14 2009/02/03 23:18:48 julien.pierre.boogz%sun.com Exp $ */
+/* $Id: lginit.c,v 1.14.22.1 2011/01/06 19:55:02 wtc%google.com Exp $ */
 
 #include "lowkeyi.h"
 #include "pcert.h"
 #include "keydbi.h"
 #include "lgdb.h"
 #include "secoid.h"
 #include "prenv.h"
 
@@ -535,19 +535,21 @@ lg_init(SDB **pSdb, int flags, NSSLOWCER
 	goto loser;
     }
     lgdb_p->hashTable = PL_NewHashTable(64, lg_HashNumber, lg_CompareValues,
 			SECITEM_HashCompare, NULL, 0);
     if (lgdb_p->hashTable == NULL) {
 	goto loser;
     }
 
+    sdb->private = lgdb_p;
+    sdb->version = 0;
     sdb->sdb_type = SDB_LEGACY;
     sdb->sdb_flags = flags;
-    sdb->private = lgdb_p;
+    sdb->app_private = NULL;
     sdb->sdb_FindObjectsInit = lg_FindObjectsInit;
     sdb->sdb_FindObjects = lg_FindObjects;
     sdb->sdb_FindObjectsFinal = lg_FindObjectsFinal;
     sdb->sdb_GetAttributeValue = lg_GetAttributeValue;
     sdb->sdb_SetAttributeValue = lg_SetAttributeValue;
     sdb->sdb_CreateObject = lg_CreateObject;
     sdb->sdb_DestroyObject = lg_DestroyObject;
     sdb->sdb_GetMetaData = lg_GetMetaData;
--- a/security/nss/lib/softoken/sdb.c
+++ b/security/nss/lib/softoken/sdb.c
@@ -15,16 +15,17 @@
  *
  * The Initial Developer of the Original Code is
  * Red Hat, Inc.
  * Portions created by the Initial Developer are Copyright (C) 2005
  * the Initial Developer. All Rights Reserved.
  *
  * Contributor(s):
  *   Robert Relyea (rrelyea@redhat.com)
+ *   Meena Vyas (meena.vyas@oracle.com)
  *
  * Alternatively, the contents of this file may be used under the terms of
  * either the GNU General Public License Version 2 or later (the "GPL"), or
  * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
  * in which case the provisions of the GPL or the LGPL are applicable instead
  * of those above. If you wish to allow use of your version of this file only
  * under the terms of either the GPL or the LGPL, and not to allow others to
  * use your version of this file under the terms of the MPL, indicate your
@@ -1905,30 +1906,33 @@ sdb_init(char *dbname, char *table, sdbD
     /* set the cache delay time. This is how long we will wait before we
      * decide the existing cache is stale. Currently set to 10 sec */
     sdb_p->updateInterval = PR_SecondsToInterval(10); 
     sdb_p->dbMon = PR_NewMonitor();
     /* these fields are protected by the lock */
     sdb_p->sqlXactDB = NULL;
     sdb_p->sqlXactThread = NULL;
     sdb->private = sdb_p;
+    sdb->version = 0;
     sdb->sdb_type = SDB_SQL;
     sdb->sdb_flags = flags | SDB_HAS_META;
+    sdb->app_private = NULL;
     sdb->sdb_FindObjectsInit = sdb_FindObjectsInit;
     sdb->sdb_FindObjects = sdb_FindObjects;
     sdb->sdb_FindObjectsFinal = sdb_FindObjectsFinal;
     sdb->sdb_GetAttributeValue = sdb_GetAttributeValue;
     sdb->sdb_SetAttributeValue = sdb_SetAttributeValue;
     sdb->sdb_CreateObject = sdb_CreateObject;
     sdb->sdb_DestroyObject = sdb_DestroyObject;
     sdb->sdb_GetMetaData = sdb_GetMetaData;
     sdb->sdb_PutMetaData = sdb_PutMetaData;
     sdb->sdb_Begin = sdb_Begin;
     sdb->sdb_Commit = sdb_Commit;
     sdb->sdb_Abort = sdb_Abort;
+    sdb->sdb_Reset = sdb_Reset;
     sdb->sdb_Close = sdb_Close;
     sdb->sdb_SetForkState = sdb_SetForkState;
 
     if (inTransaction) {
 	sqlerr = sqlite3_exec(sqlDB, COMMIT_CMD, NULL, 0, NULL);
 	if (sqlerr != SQLITE_OK) {
 	    error = sdb_mapSQLError(sdb_p->type, sqlerr);
 	    goto loser;
--- a/security/nss/lib/softoken/softkver.h
+++ b/security/nss/lib/softoken/softkver.h
@@ -52,16 +52,16 @@
 
 /*
  * Softoken's major version, minor version, patch level, build number,
  * and whether this is a beta release.
  *
  * The format of the version string should be
  *     "<major version>.<minor version>[.<patch level>[.<build number>]][ <ECC>][ <Beta>]"
  */
-#define SOFTOKEN_VERSION  "3.12.9.0" SOFTOKEN_ECC_STRING " Beta"
+#define SOFTOKEN_VERSION  "3.12.9.0" SOFTOKEN_ECC_STRING
 #define SOFTOKEN_VMAJOR   3
 #define SOFTOKEN_VMINOR   12
 #define SOFTOKEN_VPATCH   9
 #define SOFTOKEN_VBUILD   0
-#define SOFTOKEN_BETA     PR_TRUE
+#define SOFTOKEN_BETA     PR_FALSE
 
 #endif /* _SOFTKVER_H_ */
--- a/security/nss/lib/util/nssutil.h
+++ b/security/nss/lib/util/nssutil.h
@@ -46,16 +46,16 @@
 
 /*
  * NSS utilities's major version, minor version, patch level, build number,
  * and whether this is a beta release.
  *
  * The format of the version string should be
  *     "<major version>.<minor version>[.<patch level>[.<build number>]][ <Beta>]"
  */
-#define NSSUTIL_VERSION  "3.12.9.0 Beta"
+#define NSSUTIL_VERSION  "3.12.9.0"
 #define NSSUTIL_VMAJOR   3
 #define NSSUTIL_VMINOR   12
 #define NSSUTIL_VPATCH   9
 #define NSSUTIL_VBUILD   0
-#define NSSUTIL_BETA     PR_TRUE
+#define NSSUTIL_BETA     PR_FALSE
 
 #endif /* __nssutil_h_ */
index e49d8bddfaba281d41a2491a3f8361bf11113a70..cca202a47e5203645bec5173ab9e53daa0fe3d5b
GIT binary patch
literal 1615
zc$|GyeM}Pv6z^TH1<JQAts>Zi2~w2uu22P?Mn1ZUOz0?7!xTBofrZkRUZH|aqzW=;
z!dL?;Ooc!&5k#4Zq__{KLkE)Sbj!#@&E}THp(5%gQ<=L%AhIRiAD4UI@BQBU9oYHF
zVCO|Ob5R6EeQZG!0Wa?OSk9%crZ+ty<G_>e7GAxk`iUok@OT`k>?Pd6jnB=%_(C*8
zLrB1n6$C;rEoISb^m)c5c#=^kC!`R_8r+5AX#<{aDW<J>3T3sKECs|0h<)jxNT)1?
zG;Yepi)jict@u`})l4ssjI`No@)9PPW`gB9Q(>gVOyXfW87w8DLBR%dg^OphCm2YY
z#-ni6HY;V!p>l97Y0&48R=vrHYc%iR330GM;z<BR5zLEyG8vJ8Xdo0(%2;J=CfE^g
zLI}Qm_r-h!L+s1mL=o=fl=DFHsuC5tCQ=5{Mp`IhKFnh~@fOa}5^`9=w!w~}l!tAR
z5kBC>8hJvOC?KL0OP9?CkFCWBz9K=al87QA6rdocm99cT0y99a$zs%#gfDorN*9r<
zhBV@9O*BP_LBy)uM4k#J3Qxfa23(Dm@B`uGMnoQJvQ$kPruGp4{*!Qvgh@swY2g$w
zrL>hQq^H-&6?w6so5@l$X<#8|APIi;1P~sF%b>(z^a9k5Ae<BJ+oVG$dgSpPE#qb0
zp<JC4MK15EH;8*R3Hx5G$9elT;b%0R71jKcqg7qe*8_I-=k;o1%x!}Uu9Y7=byWC!
zM|V?JJ9kCCb1+iT8!`N|vtHJ_SN-cPTS@6Rjxy?8UrW-rS$-L%Jv--bdTZ>5FWTZ8
zr45>quA<vH*He>vd+G+vp^4oW3;plyIC4BD=*C#QI^gu4qO>_G2)4x5+HE`C97h!$
ztL`3f6geMsRc+VqdX#^pz$g6p-xI!mR|5PxcW4q+gSDaA$8v(=Oa+yVeVKl@wqHJ6
zRVHZqB&B9~h`RX_G5YMzg(1;sNu|d%tEuRxr;*uhj_&v4>rgJjL0av|BL<Pt$=wDD
zF%&qH*B|JGi80Z!m_<ELzkHq}8ZOeR<{H;^<XzeZ?yT7x!?-A~8RA(%iZP6UWzEXw
zsA__x0K)*4RzvBEEmVZgVwg>ZX^R42shqJwBAWxpRszc__w4F5NcFf1agp#L9K!gn
z%<=MgE+`@ncpbZ5b{&GTw>1^QMP|NGkh11Cu(=@KDSEzF-Fw&>lDR#jDz%=YtG%<K
zAOXs!oe=~xgApR8Wk9Nf{yUUON1JE004rzQ(f?yW>dDt(Kv}>zQ{4mG0@*ED%^M*T
zHh@;_rY|J(sK`8hE(C!TT==}jUR=~46D1co!y5P=XRf5hG|4)XT|Nxr&4p0$!l~j0
zQ=Vyd(Gr@~5pp)w?0+Md<-?NiVuBw(hTBKpmMLq3pY+F`mY)B3tlOuNmbA5Uweo`w
z2|u|)<J@EUlZ3W4j|H1si~qP9OPaBR>5AP+XZL;;zqNhnGQIG#5!roPV`p8z+Vkd9
zh4sCb4`f{#*nWAXtmYqUZD98Kvev&g)}C86-Z$dDPg5aEDc`(X-q}>*v(70wi49~~
zzgB*fA9MFgt0ZCK(}B3?5dYuqQB7(0zu(k1`25hbW6NpB!}_z=avyk)J>U$K!y!kS
zvTo7m_eR!Ei06&}@~~oPxLxg<wVv<ssKOYt=wi@~^o;uWqIVPRl)x=jb@QrYPyU65
WIsO|CV5e%_8dePdSQ|cK>HilOyAE3b