fixup commit for branch 'MOZILLA_0_9_8_BRANCH' MOZILLA_0_9_8_BRANCH
authorcvs2hg
Wed, 16 Jan 2002 05:09:26 +0000
branchMOZILLA_0_9_8_BRANCH
changeset 2560 c7652405378746c7c8d0e04b3b963af40a3b3fe2
parent 2445 5f00e0cb83d253024ebae093c8d13be980b8fd07
child 13839 59ac45209c06f62d33d3d10ba6f4805355a75f47
push idunknown
push userunknown
push dateunknown
fixup commit for branch 'MOZILLA_0_9_8_BRANCH'
dbm/src/Makefile.in
dbm/tests/Makefile.in
security/coreconf/Linux.mk
security/nss/lib/freebl/mpi/mpprime.c
security/nss/lib/freebl/rsa.c
security/nss/lib/nss/nss.h
--- a/dbm/src/Makefile.in
+++ b/dbm/src/Makefile.in
@@ -24,38 +24,46 @@ topsrcdir	= @top_srcdir@
 srcdir		= @srcdir@
 VPATH		= @srcdir@
 
 include $(DEPTH)/config/autoconf.mk
 
 LIBRARY_NAME	= mozdbm_s
 LIB_IS_C_ONLY	= 1
 
+ifeq ($(OS_ARCH),WINNT)
+LIBRARY_NAME	= dbm$(MOZ_BITS)
+endif
+
 CSRCS		= \
 		db.c \
 		h_bigkey.c \
 		h_func.c \
 		h_log2.c \
 		h_page.c \
 		hash.c \
 		hash_buf.c \
 		hsearch.c \
 		mktemp.c \
 		ndbm.c \
 		strerror.c \
 		nsres.c \
 		$(NULL)
 
+ifeq ($(OS_ARCH),WINNT)
+CSRCS		+= memmove.c snprintf.c
+else
 ifeq (,$(filter -DHAVE_MEMMOVE=1,$(DEFS)))
-CSRC += memmove.c
+CSRCS += memmove.c
 endif
 
 ifeq (,$(filter -DHAVE_SNPRINTF=1,$(DEFS)))
-CSRC += snprintf.c
+CSRCS += snprintf.c
 endif
+endif # WINNT
 
 LOCAL_INCLUDES	= -I$(srcdir)/../include
 
 FORCE_STATIC_LIB = 1
 
 include $(topsrcdir)/config/rules.mk
 
 DEFINES		+= -DMEMMOVE -D__DBINTERFACE_PRIVATE $(SECURITY_FLAG)
--- a/dbm/tests/Makefile.in
+++ b/dbm/tests/Makefile.in
@@ -26,17 +26,21 @@ VPATH		= @srcdir@
 
 include $(DEPTH)/config/autoconf.mk
 
 MODULE		= dbm
 PROGRAM		= lots$(BIN_SUFFIX)
 
 CSRCS		= lots.c
 
+ifeq ($(OS_ARCH),WINNT)
+EXTRA_DSO_LIBS	= dbm$(MOZ_BITS)
+else
 EXTRA_DSO_LIBS	= mozdbm_s
+endif
 
 LIBS		= $(EXTRA_DSO_LIBS)
 
 include $(topsrcdir)/config/rules.mk
 
 ifeq ($(OS_ARCH), Linux)
 DEFINES         += -D_BSD_SOURCE
 endif
--- a/security/coreconf/Linux.mk
+++ b/security/coreconf/Linux.mk
@@ -45,16 +45,20 @@ ifeq ($(USE_PTHREADS),1)
 endif
 
 CC			= gcc
 CCC			= g++
 RANLIB			= ranlib
 
 DEFAULT_COMPILER = gcc
 
+ifeq ($(OS_TEST),m68k)
+	OS_REL_CFLAGS	= -DLINUX1_2 -D_XOPEN_SOURCE
+	CPU_ARCH	= m68k
+else		
 ifeq ($(OS_TEST),ppc)
 	OS_REL_CFLAGS	= -DLINUX1_2 -D_XOPEN_SOURCE
 	CPU_ARCH	= ppc
 else
 ifeq ($(OS_TEST),alpha)
         OS_REL_CFLAGS   = -D_ALPHA_ -DLINUX1_2 -D_XOPEN_SOURCE
 	CPU_ARCH	= alpha
 else
@@ -77,16 +81,17 @@ else
 	OS_REL_CFLAGS	= -DLINUX1_2 -Di386 -D_XOPEN_SOURCE
 	CPU_ARCH	= x86
 endif
 endif
 endif
 endif
 endif
 endif
+endif
 
 
 LIBC_TAG		= _glibc
 
 ifeq ($(OS_RELEASE),2.0)
 	OS_REL_CFLAGS	+= -DLINUX2_0
 	MKSHLIB		= $(CC) -shared -Wl,-soname -Wl,$(@:$(OBJDIR)/%.so=%.so)
 	ifdef BUILD_OPT
--- a/security/nss/lib/freebl/mpi/mpprime.c
+++ b/security/nss/lib/freebl/mpi/mpprime.c
@@ -422,17 +422,17 @@ mp_err mpp_make_prime(mp_int *start, mp_
   mp_int        trial;
   mp_int        q;
   mp_size       num_tests;
   /*
    * Always make sieve the last variabale allocated so that 
    * Mac builds don't break by adding an extra variable
    * on the stack. -javi
    */
-#ifdef macintosh
+#if defined(macintosh) || defined (XP_OS2)
   unsigned char *sieve;
   
   sieve = malloc(SIEVE_SIZE);
   ARGCHK(sieve != NULL, MP_MEM);
 #else
   unsigned char sieve[SIEVE_SIZE];
 #endif  
 
@@ -564,17 +564,17 @@ mp_err mpp_make_prime(mp_int *start, mp_
   } /* end of loop through sieved values */
   if (res == MP_YES) 
     mp_exch(&trial, start);
 CLEANUP:
   mp_clear(&trial);
   mp_clear(&q);
   if (nTries)
     *nTries += i;
-#ifdef macintosh
+#if defined(macintosh) || defined(XP_OS2)
   if (sieve != NULL) {
   	memset(sieve, 0, SIEVE_SIZE);
   	free (sieve);
   }
 #endif    
   return res;
 }
 
--- a/security/nss/lib/freebl/rsa.c
+++ b/security/nss/lib/freebl/rsa.c
@@ -449,37 +449,37 @@ cleanup:
 **
 ** As a defense against the attack, carry out the private key operation, 
 ** followed up with a public key operation to invert the result.  
 ** Verify that result against the input.
 */
 static SECStatus 
 rsa_PrivateKeyOpCRTCheckedPubKey(RSAPrivateKey *key, mp_int *m, mp_int *c)
 {
-    mp_int n, e, s;
+    mp_int n, e, v;
     mp_err   err = MP_OKAY;
     SECStatus rv = SECSuccess;
     MP_DIGITS(&n) = 0;
     MP_DIGITS(&e) = 0;
-    MP_DIGITS(&s) = 0;
+    MP_DIGITS(&v) = 0;
     CHECK_MPI_OK( mp_init(&n) );
     CHECK_MPI_OK( mp_init(&e) );
-    CHECK_MPI_OK( mp_init(&s) );
+    CHECK_MPI_OK( mp_init(&v) );
     CHECK_SEC_OK( rsa_PrivateKeyOpCRTNoCheck(key, m, c) );
     SECITEM_TO_MPINT(key->modulus,        &n);
     SECITEM_TO_MPINT(key->publicExponent, &e);
-    /* Perform a public key operation c = m ** e mod n */
-    CHECK_MPI_OK( mp_exptmod(m, &e, &n, &s) );
-    if (mp_cmp(&s, c) != 0) {
+    /* Perform a public key operation v = m ** e mod n */
+    CHECK_MPI_OK( mp_exptmod(m, &e, &n, &v) );
+    if (mp_cmp(&v, c) != 0) {
 	rv = SECFailure;
     }
 cleanup:
     mp_clear(&n);
     mp_clear(&e);
-    mp_clear(&s);
+    mp_clear(&v);
     if (err) {
 	MP_TO_SEC_ERROR(err);
 	rv = SECFailure;
     }
     return rv;
 }
 
 static PRCallOnceType coBPInit = { 0, 0, 0 };
@@ -743,16 +743,39 @@ RSA_PrivateKeyOp(RSAPrivateKey *key,
 SECStatus 
 RSA_PrivateKeyOpDoubleChecked(RSAPrivateKey *key, 
                               unsigned char *output, 
                               const unsigned char *input)
 {
     return rsa_PrivateKeyOp(key, output, input, PR_TRUE);
 }
 
+static SECStatus
+swap_in_key_value(PRArenaPool *arena, mp_int *mpval, SECItem *buffer)
+{
+    int len;
+    mp_err err = MP_OKAY;
+    memset(buffer->data, 0, buffer->len);
+    len = mp_unsigned_octet_size(mpval);
+    if (len <= 0) return SECFailure;
+    if ((unsigned int)len <= buffer->len) {
+	/* The new value is no longer than the old buffer, so use it */
+	err = mp_to_unsigned_octets(mpval, buffer->data, len);
+	buffer->len = len;
+    } else if (arena) {
+	/* The new value is longer, but working within an arena */
+	(void)SECITEM_AllocItem(arena, buffer, len);
+	err = mp_to_unsigned_octets(mpval, buffer->data, len);
+    } else {
+	/* The new value is longer, no arena, can't handle this key */
+	return SECFailure;
+    }
+    return (err == MP_OKAY) ? SECSuccess : SECFailure;
+}
+
 SECStatus
 RSA_PrivateKeyCheck(RSAPrivateKey *key)
 {
     mp_int p, q, n, psub1, qsub1, e, d, d_p, d_q, qInv, res;
     mp_err   err = MP_OKAY;
     SECStatus rv = SECSuccess;
     MP_DIGITS(&n)    = 0;
     MP_DIGITS(&psub1)= 0;
@@ -779,25 +802,25 @@ RSA_PrivateKeyCheck(RSAPrivateKey *key)
     SECITEM_TO_MPINT(key->prime2,          &q);
     SECITEM_TO_MPINT(key->publicExponent,  &e);
     SECITEM_TO_MPINT(key->privateExponent, &d);
     SECITEM_TO_MPINT(key->exponent1,       &d_p);
     SECITEM_TO_MPINT(key->exponent2,       &d_q);
     SECITEM_TO_MPINT(key->coefficient,     &qInv);
     /* p > q  */
     if (mp_cmp(&p, &q) <= 0) {
-	/* mind the p's and q's */
+	/* mind the p's and q's (and d_p's and d_q's) */
 	SECItem tmp;
 	mp_exch(&p, &q);
-	tmp.data = key->prime1.data;
-	tmp.len = key->prime1.len;
-	key->prime1.data = key->prime2.data;
-	key->prime1.len = key->prime2.len;
-	key->prime2.data = tmp.data;
-	key->prime2.len = tmp.len;
+	tmp = key->prime1;
+	key->prime1 = key->prime2;
+	key->prime2 = tmp;
+	tmp = key->exponent1;
+	key->exponent1 = key->exponent2;
+	key->exponent2 = tmp;
     }
 #define VERIFY_MPI_EQUAL(m1, m2) \
     if (mp_cmp(m1, m2) != 0) {   \
 	rv = SECFailure;         \
 	goto cleanup;            \
     }
 #define VERIFY_MPI_EQUAL_1(m)    \
     if (mp_cmp_d(m, 1) != 0) {   \
@@ -826,33 +849,30 @@ RSA_PrivateKeyCheck(RSAPrivateKey *key)
     VERIFY_MPI_EQUAL_1(&res);
     /*
      * The following errors can be recovered from.
      */
     /* d_p == d mod p-1 */
     CHECK_MPI_OK( mp_mod(&d, &psub1, &res) );
     if (mp_cmp(&d_p, &res) != 0) {
 	/* swap in the correct value */
-	SECITEM_ZfreeItem(&key->exponent1, PR_FALSE);
-	MPINT_TO_SECITEM(&res, &key->exponent1, key->arena);
+	CHECK_SEC_OK( swap_in_key_value(key->arena, &res, &key->exponent1) );
     }
     /* d_q == d mod q-1 */
     CHECK_MPI_OK( mp_mod(&d, &qsub1, &res) );
     if (mp_cmp(&d_q, &res) != 0) {
 	/* swap in the correct value */
-	SECITEM_ZfreeItem(&key->exponent2, PR_FALSE);
-	MPINT_TO_SECITEM(&res, &key->exponent2, key->arena);
+	CHECK_SEC_OK( swap_in_key_value(key->arena, &res, &key->exponent2) );
     }
     /* q * q**-1 == 1 mod p */
     CHECK_MPI_OK( mp_mulmod(&q, &qInv, &p, &res) );
     if (mp_cmp_d(&res, 1) != 0) {
 	/* compute the correct value */
 	CHECK_MPI_OK( mp_invmod(&q, &p, &qInv) );
-	SECITEM_ZfreeItem(&key->coefficient, PR_FALSE);
-	MPINT_TO_SECITEM(&res, &key->coefficient, key->arena);
+	CHECK_SEC_OK( swap_in_key_value(key->arena, &qInv, &key->coefficient) );
     }
 cleanup:
     mp_clear(&n);
     mp_clear(&p);
     mp_clear(&q);
     mp_clear(&psub1);
     mp_clear(&qsub1);
     mp_clear(&e);
--- a/security/nss/lib/nss/nss.h
+++ b/security/nss/lib/nss/nss.h
@@ -44,21 +44,21 @@ SEC_BEGIN_PROTOS
 
 /*
  * NSS's major version, minor version, patch level, and whether
  * this is a beta release.
  *
  * The format of the version string should be
  *     "<major version>.<minor version>[.<patch level>] [<Beta>]"
  */
-#define NSS_VERSION  "3.3.2 Beta"
+#define NSS_VERSION  "3.3.2"
 #define NSS_VMAJOR   3
 #define NSS_VMINOR   3
 #define NSS_VPATCH   2
-#define NSS_BETA     PR_TRUE
+#define NSS_BETA     PR_FALSE
 
 
 /*
  * Return a boolean that indicates whether the underlying library
  * will perform as the caller expects.
  *
  * The only argument is a string, which should be the verson
  * identifier of the NSS library. That string will be compared