Bug 618368, Mozilla upgrade to NSS 3.12.9 final (implies NSPR 4.8.7), a=dveditz
authorKai Engert <kaie@kuix.de>
Thu, 17 Feb 2011 15:11:38 +0100
changeset 34937 62bf42e973e9185203a46a29df38e3a2378aaac7
parent 34936 6f191125718d01c8e260b41f5f01c899e31a9257
child 34940 552d318527386f4dadedf388c4f0d0510002b33e
push id1823
push userkaie@kuix.de
push dateThu, 17 Feb 2011 14:11:56 +0000
reviewersdveditz
bugs618368
milestone1.9.2.15pre
Bug 618368, Mozilla upgrade to NSS 3.12.9 final (implies NSPR 4.8.7), a=dveditz
nsprpub/Makefile.in
nsprpub/aclocal.m4
nsprpub/admin/repackage.sh
nsprpub/build/autoconf/acwinpaths.m4
nsprpub/config/autoconf.mk.in
nsprpub/config/prdepend.h
nsprpub/config/rules.mk
nsprpub/configure
nsprpub/configure.in
nsprpub/lib/prstreams/Makefile.in
nsprpub/lib/prstreams/prstrms.cpp
nsprpub/lib/prstreams/prstrms.h
nsprpub/lib/prstreams/tests/testprstrm/testprstrm.cpp
nsprpub/lib/tests/Makefile.in
nsprpub/pr/include/pratom.h
nsprpub/pr/include/prinit.h
nsprpub/pr/include/private/primpl.h
nsprpub/pr/src/Makefile.in
nsprpub/pr/src/io/prlog.c
nsprpub/pr/src/linking/prlink.c
nsprpub/pr/src/md/windows/ntgc.c
nsprpub/pr/src/md/windows/ntmisc.c
nsprpub/pr/src/memory/Makefile.in
nsprpub/pr/src/memory/prgcleak.c
nsprpub/pr/src/misc/prdtoa.c
nsprpub/pr/src/misc/prinit.c
nsprpub/pr/src/misc/prthinfo.c
nsprpub/pr/src/pthreads/ptio.c
nsprpub/pr/src/pthreads/ptthread.c
nsprpub/pr/src/threads/combined/prucpu.c
nsprpub/pr/src/threads/combined/pruthr.c
nsprpub/pr/tests/Makefile.in
nsprpub/pr/tests/op_filok.c
nsprpub/pr/tests/suspend.c
nsprpub/pr/tests/vercheck.c
security/coreconf/coreconf.dep
security/nss/cmd/bltest/blapitest.c
security/nss/cmd/certutil/certutil.c
security/nss/cmd/lib/SECerrs.h
security/nss/cmd/rsapoptst/Makefile
security/nss/cmd/rsapoptst/manifest.mn
security/nss/cmd/rsapoptst/rsapoptst.c
security/nss/cmd/vfychain/vfychain.c
security/nss/lib/certdb/cert.h
security/nss/lib/certdb/stanpcertdb.c
security/nss/lib/certhigh/ocsp.h
security/nss/lib/ckfw/builtins/certdata.c
security/nss/lib/ckfw/builtins/certdata.txt
security/nss/lib/ckfw/builtins/nssckbi.h
security/nss/lib/freebl/Makefile
security/nss/lib/freebl/blapi.h
security/nss/lib/freebl/dsa.c
security/nss/lib/freebl/intel-aes.s
security/nss/lib/freebl/jpake.c
security/nss/lib/freebl/ldvector.c
security/nss/lib/freebl/loader.c
security/nss/lib/freebl/loader.h
security/nss/lib/freebl/manifest.mn
security/nss/lib/freebl/rijndael.c
security/nss/lib/freebl/rsa.c
security/nss/lib/freebl/sha512.c
security/nss/lib/freebl/stubs.c
security/nss/lib/freebl/stubs.h
security/nss/lib/freebl/win_rand.c
security/nss/lib/libpkix/include/pkix_errorstrings.h
security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.c
security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_pk11certstore.c
security/nss/lib/nss/nss.def
security/nss/lib/nss/nss.h
security/nss/lib/pk11wrap/pk11cert.c
security/nss/lib/pk11wrap/pk11pub.h
security/nss/lib/pk11wrap/pk11skey.c
security/nss/lib/pk11wrap/pk11util.c
security/nss/lib/pk11wrap/secmod.h
security/nss/lib/pki/pkistore.c
security/nss/lib/smime/cmsdecode.c
security/nss/lib/smime/cmsencode.c
security/nss/lib/softoken/jpakesftk.c
security/nss/lib/softoken/legacydb/lgfind.c
security/nss/lib/softoken/legacydb/lginit.c
security/nss/lib/softoken/manifest.mn
security/nss/lib/softoken/pkcs11.c
security/nss/lib/softoken/pkcs11c.c
security/nss/lib/softoken/pkcs11i.h
security/nss/lib/softoken/sdb.c
security/nss/lib/softoken/softkver.h
security/nss/lib/util/nssutil.h
security/nss/lib/util/pkcs11n.h
security/nss/lib/util/secerr.h
security/nss/tests/libpkix/certs/PayPalEE.cert
--- a/nsprpub/Makefile.in
+++ b/nsprpub/Makefile.in
@@ -40,18 +40,16 @@
 
 MOD_DEPTH	= .
 topsrcdir	= @top_srcdir@
 srcdir		= @srcdir@
 VPATH		= @srcdir@
 
 include $(MOD_DEPTH)/config/autoconf.mk
 
-MAKE := $(patsubst -j%,,$(MAKE)) -j1
-
 DIRS = config pr lib
 
 ifdef MOZILLA_CLIENT
 # Make nsinstall use absolute symlinks by default for Mozilla OSX builds
 # http://bugzilla.mozilla.org/show_bug.cgi?id=193164
 ifeq ($(OS_ARCH),Darwin)
 ifndef NSDISTMODE
 NSDISTMODE=absolute_symlink
new file mode 100644
--- /dev/null
+++ b/nsprpub/aclocal.m4
@@ -0,0 +1,6 @@
+dnl
+dnl Local autoconf macros used with Mozilla.
+dnl The contents of this file are under the Public Domain.
+dnl 
+
+builtin(include, build/autoconf/acwinpaths.m4)
--- a/nsprpub/admin/repackage.sh
+++ b/nsprpub/admin/repackage.sh
@@ -59,20 +59,20 @@
 # Note! Files written with Gnu tar are not readable by some non-Gnu
 # versions. Sun, in particular.
 # 
 # 
 # 
 # 
 # ------------------------------------------------------------------
 
-FROMTOP=/share/builds/components/nspr20/v4.8.6
-TOTOP=./v4.8.6
-NSPRDIR=nspr-4.8.6
-SOURCETAG=NSPR_4_8_6_RTM
+FROMTOP=/share/builds/components/nspr20/v4.8.7
+TOTOP=./v4.8.7
+NSPRDIR=nspr-4.8.7
+SOURCETAG=NSPR_4_8_7_RTM
 
 #
 # enumerate Unix object directories on /s/b/c
 UNIX_OBJDIRS="
 HP-UXB.11.11_64_DBG.OBJ
 HP-UXB.11.11_64_OPT.OBJ
 HP-UXB.11.11_DBG.OBJ
 HP-UXB.11.11_OPT.OBJ
new file mode 100644
--- /dev/null
+++ b/nsprpub/build/autoconf/acwinpaths.m4
@@ -0,0 +1,65 @@
+dnl ***** BEGIN LICENSE BLOCK *****
+dnl Version: MPL 1.1/GPL 2.0/LGPL 2.1
+dnl
+dnl The contents of this file are subject to the Mozilla Public License Version
+dnl 1.1 (the "License"); you may not use this file except in compliance with
+dnl the License. You may obtain a copy of the License at
+dnl http://www.mozilla.org/MPL/
+dnl
+dnl Software distributed under the License is distributed on an "AS IS" basis,
+dnl WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+dnl for the specific language governing rights and limitations under the
+dnl License.
+dnl
+dnl The Original Code is mozilla.org code.
+dnl
+dnl The Initial Developer of the Original Code is the
+dnl Mozilla Foundation <http://www.mozilla.org>
+dnl
+dnl Portions created by the Initial Developer are Copyright (C) 2009
+dnl the Initial Developer. All Rights Reserved.
+dnl
+dnl Contributor(s):
+dnl   Benjamin Smedberg <benjamin@smedbergs.us>
+dnl
+dnl Alternatively, the contents of this file may be used under the terms of
+dnl either of the GNU General Public License Version 2 or later (the "GPL"),
+dnl or the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+dnl in which case the provisions of the GPL or the LGPL are applicable instead
+dnl of those above. If you wish to allow use of your version of this file only
+dnl under the terms of either the GPL or the LGPL, and not to allow others to
+dnl use your version of this file under the terms of the MPL, indicate your
+dnl decision by deleting the provisions above and replace them with the notice
+dnl and other provisions required by the GPL or the LGPL. If you do not delete
+dnl the provisions above, a recipient may use your version of this file under
+dnl the terms of any one of the MPL, the GPL or the LGPL.
+dnl
+dnl ***** END LICENSE BLOCK *****
+
+define(GENERATE_SUB_ABS, [
+define([AC_OUTPUT_FILES_SUB1], [
+patsubst($@, [/\*)], [/* | ?:/*)])
+])
+])
+GENERATE_SUB_ABS(defn([AC_OUTPUT_FILES]))
+
+define(GENERATE_SUB_NOSPLIT, [
+define([AC_OUTPUT_FILES], [
+patsubst($@, [-e "s%:% \$ac_given_srcdir/%g"], [])
+])
+])
+GENERATE_SUB_NOSPLIT(defn([AC_OUTPUT_FILES_SUB1]))
+
+define(GENERATE_HEADER_NOSPLIT, [
+define([AC_OUTPUT_HEADER], [
+patsubst($@, [-e "s%:% \$ac_given_srcdir/%g"], [])
+])
+])
+GENERATE_HEADER_NOSPLIT(defn([AC_OUTPUT_HEADER]))
+
+define(GENERATE_SUBDIRS_ABS, [
+define([AC_OUTPUT_SUBDIRS], [
+patsubst($@, [/\*)], [/* | ?:/*)])
+])
+])
+GENERATE_SUBDIRS_ABS(defn([AC_OUTPUT_SUBDIRS]))
--- a/nsprpub/config/autoconf.mk.in
+++ b/nsprpub/config/autoconf.mk.in
@@ -39,17 +39,16 @@ CROSS_COMPILE	= @CROSS_COMPILE@
 MOZ_OPTIMIZE	= @MOZ_OPTIMIZE@
 MOZ_DEBUG	= @MOZ_DEBUG@
 MOZ_DEBUG_SYMBOLS = @MOZ_DEBUG_SYMBOLS@
 
 USE_CPLUS	= @USE_CPLUS@
 USE_IPV6	= @USE_IPV6@
 USE_N32		= @USE_N32@
 USE_64		= @USE_64@
-GC_LEAK_DETECTOR = @GC_LEAK_DETECTOR@
 ENABLE_STRIP	= @ENABLE_STRIP@
 
 USE_PTHREADS	= @USE_PTHREADS@
 USE_BTHREADS	= @USE_BTHREADS@
 PTHREADS_USER	= @USE_USER_PTHREADS@
 CLASSIC_NSPR	= @USE_NSPR_THREADS@
 
 AS		= @AS@
--- a/nsprpub/config/prdepend.h
+++ b/nsprpub/config/prdepend.h
@@ -37,8 +37,10 @@
 
 /*
  * A dummy header file that is a dependency for all the object files.
  * Used to force a full recompilation of NSPR in Mozilla's Tinderbox
  * depend builds.  See comments in rules.mk.
  */
 
 #error "Do not include this header file."
+
+
--- a/nsprpub/config/rules.mk
+++ b/nsprpub/config/rules.mk
@@ -301,17 +301,20 @@ endif
 	$(RANLIB) $@
 
 ifeq ($(OS_TARGET), OS2)
 $(IMPORT_LIBRARY): $(MAPFILE)
 	rm -f $@
 	$(IMPLIB) $@ $(MAPFILE)
 else
 ifeq (,$(filter-out WIN95 WINCE WINMO,$(OS_TARGET)))
+# PDBs and import libraries need to depend on the shared library to
+# order dependencies properly.
 $(IMPORT_LIBRARY): $(SHARED_LIBRARY)
+$(SHARED_LIB_PDB): $(SHARED_LIBRARY)
 endif
 endif
 
 $(SHARED_LIBRARY): $(OBJS) $(RES) $(MAPFILE)
 	@$(MAKE_OBJDIR)
 	rm -f $@
 ifeq ($(OS_ARCH)$(OS_RELEASE), AIX4.1)
 	echo "#!" > $(OBJDIR)/lib$(LIBRARY_NAME)_syms
@@ -455,16 +458,24 @@ DUMMY_DEPEND_H = $(topsrcdir)/config/prd
 
 # END OF HACK
 
 ################################################################################
 # Special gmake rules.
 ################################################################################
 
 #
+# Disallow parallel builds with MSVC < 8 since it can't open the PDB file in
+# parallel.
+#
+ifeq (,$(filter-out 1200 1300 1310,$(MSC_VER)))
+.NOTPARALLEL:
+endif
+
+#
 # Re-define the list of default suffixes, so gmake won't have to churn through
 # hundreds of built-in suffix rules for stuff we don't need.
 #
 .SUFFIXES:
 .SUFFIXES: .a .$(OBJ_SUFFIX) .c .cpp .s .h .i .pl
 
 #
 # Fake targets.  Always run these rules, even if a file/directory with that
--- a/nsprpub/configure
+++ b/nsprpub/configure
@@ -67,31 +67,32 @@ ac_help="$ac_help
 ac_help="$ac_help
   --disable-os2-high-mem  Disable high-memory support on OS/2"
 ac_help="$ac_help
   --enable-thumb2              Enable Thumb2 instruction set"
 ac_help="$ac_help
   --with-symbian-sdk=SYMBIAN_SDK_DIR
                           The path to the Symbian SDK"
 ac_help="$ac_help
+  --with-ccache[=path/to/ccache]
+                          Enable compiling with ccache"
+ac_help="$ac_help
   --enable-strip          Enable stripping of shared libs and programs"
 ac_help="$ac_help
   --with-pthreads         Use system pthreads library as thread subsystem"
 ac_help="$ac_help
   --enable-user-pthreads  Build using userland pthreads"
 ac_help="$ac_help
   --enable-nspr-threads   Build using classic nspr threads"
 ac_help="$ac_help
   --with-bthreads         Use system bthreads library as thread subsystem
                           (BeOS only)"
 ac_help="$ac_help
   --enable-ipv6           Compile ipv6 support"
 ac_help="$ac_help
-  --enable-boehm          Enable the Boehm Garbage Collector"
-ac_help="$ac_help
   --enable-wrap-malloc    Wrap malloc calls (gnu linker only)"
 ac_help="$ac_help
   --with-wrap-malloc=SHAREDLIB  Location of malloc wrapper library"
 
 # Initialize some variables set by options.
 # The variables have the same names as the options, with
 # dashes changed to underlines.
 build=NONE
@@ -643,17 +644,17 @@ esac
 
 
 # Make sure we can run config.sub.
 if ${CONFIG_SHELL-/bin/sh} $ac_config_sub sun4 >/dev/null 2>&1; then :
 else { echo "configure: error: can not run $ac_config_sub" 1>&2; exit 1; }
 fi
 
 echo $ac_n "checking host system type""... $ac_c" 1>&6
-echo "configure:652: checking host system type" >&5
+echo "configure:653: checking host system type" >&5
 
 host_alias=$host
 case "$host_alias" in
 NONE)
   case $nonopt in
   NONE)
     if host_alias=`${CONFIG_SHELL-/bin/sh} $ac_config_guess`; then :
     else { echo "configure: error: can not guess host type; you must specify one" 1>&2; exit 1; }
@@ -664,17 +665,17 @@ esac
 
 host=`${CONFIG_SHELL-/bin/sh} $ac_config_sub $host_alias`
 host_cpu=`echo $host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\1/'`
 host_vendor=`echo $host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\2/'`
 host_os=`echo $host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\3/'`
 echo "$ac_t""$host" 1>&6
 
 echo $ac_n "checking target system type""... $ac_c" 1>&6
-echo "configure:673: checking target system type" >&5
+echo "configure:674: checking target system type" >&5
 
 target_alias=$target
 case "$target_alias" in
 NONE)
   case $nonopt in
   NONE) target_alias=$host_alias ;;
   *) target_alias=$nonopt ;;
   esac ;;
@@ -682,17 +683,17 @@ esac
 
 target=`${CONFIG_SHELL-/bin/sh} $ac_config_sub $target_alias`
 target_cpu=`echo $target | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\1/'`
 target_vendor=`echo $target | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\2/'`
 target_os=`echo $target | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\3/'`
 echo "$ac_t""$target" 1>&6
 
 echo $ac_n "checking build system type""... $ac_c" 1>&6
-echo "configure:691: checking build system type" >&5
+echo "configure:692: checking build system type" >&5
 
 build_alias=$build
 case "$build_alias" in
 NONE)
   case $nonopt in
   NONE) build_alias=$host_alias ;;
   *) build_alias=$nonopt ;;
   esac ;;
@@ -707,17 +708,17 @@ echo "$ac_t""$build" 1>&6
 test "$host_alias" != "$target_alias" &&
   test "$program_prefix$program_suffix$program_transform_name" = \
     NONENONEs,x,x, &&
   program_prefix=${target_alias}-
 
 
 MOD_MAJOR_VERSION=4
 MOD_MINOR_VERSION=8
-MOD_PATCH_VERSION=6
+MOD_PATCH_VERSION=7
 NSPR_MODNAME=nspr20
 _HAVE_PTHREADS=
 USE_PTHREADS=
 USE_USER_PTHREADS=
 USE_NSPR_THREADS=
 USE_N32=
 USE_64=
 USE_CPLUS=
@@ -759,17 +760,17 @@ case "$target" in
 *-cygwin*|*-mingw*)
     # Check to see if we are really running in a msvc environemnt
     _WIN32_MSVC=
     for ac_prog in cl
 do
 # Extract the first word of "$ac_prog", so it can be a program name with args.
 set dummy $ac_prog; ac_word=$2
 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:768: checking for $ac_word" >&5
+echo "configure:769: checking for $ac_word" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   if test -n "$CC"; then
   ac_cv_prog_CC="$CC" # Let the user override the test.
 else
   IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS=":"
   ac_dummy="$PATH"
@@ -876,16 +877,18 @@ if test "$target" = "arm-android-eabi" ;
     fi
     if test -z "$HOST_CXXFLAGS" ; then
         HOST_CXXFLAGS=" "
     fi
     if test -z "$HOST_LDFLAGS" ; then
         HOST_LDFLAGS=" "
     fi
 
+    WRAP_MALLOC_CFLAGS="-Wl,--wrap=dlopen -Wl,--wrap=dlclose -Wl,--wrap=dlerror -Wl,--wrap=dlsym -Wl,--wrap=dladdr"
+
     cat >> confdefs.h <<\EOF
 #define ANDROID 1
 EOF
 
 fi
 
 dist_prefix='${MOD_DEPTH}/dist'
 dist_bindir='${dist_prefix}/bin'
@@ -1174,17 +1177,17 @@ if test -z "$CXX"; then
 
     esac
 fi
 
 if test -z "$SKIP_PATH_CHECKS"; then
     # Extract the first word of "$WHOAMI whoami", so it can be a program name with args.
 set dummy $WHOAMI whoami; ac_word=$2
 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:1183: checking for $ac_word" >&5
+echo "configure:1186: checking for $ac_word" >&5
 if eval "test \"`echo '$''{'ac_cv_path_WHOAMI'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   case "$WHOAMI" in
   /*)
   ac_cv_path_WHOAMI="$WHOAMI" # Let the user override the test with a path.
   ;;
   ?:/*)			 
@@ -1245,23 +1248,23 @@ if test "$target" != "$host"; then
     echo "cross compiling from $host to $target"
     cross_compiling=yes
 
     _SAVE_CC="$CC"
     _SAVE_CFLAGS="$CFLAGS"
     _SAVE_LDFLAGS="$LDFLAGS"
 
     echo $ac_n "checking for $host compiler""... $ac_c" 1>&6
-echo "configure:1254: checking for $host compiler" >&5
+echo "configure:1257: checking for $host compiler" >&5
     for ac_prog in $HOST_CC gcc cc /usr/ucb/cc
 do
 # Extract the first word of "$ac_prog", so it can be a program name with args.
 set dummy $ac_prog; ac_word=$2
 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:1260: checking for $ac_word" >&5
+echo "configure:1263: checking for $ac_word" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_HOST_CC'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   if test -n "$HOST_CC"; then
   ac_cv_prog_HOST_CC="$HOST_CC" # Let the user override the test.
 else
   IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS=":"
   ac_dummy="$PATH"
@@ -1297,26 +1300,26 @@ test -n "$HOST_CC" || HOST_CC=""""
         HOST_LDFLAGS="$LDFLAGS"
     fi
 
     CC="$HOST_CC"
     CFLAGS="$HOST_CFLAGS"
     LDFLAGS="$HOST_LDFLAGS"
 
     echo $ac_n "checking whether the $host compiler ($HOST_CC $HOST_CFLAGS $HOST_LDFLAGS) works""... $ac_c" 1>&6
-echo "configure:1306: checking whether the $host compiler ($HOST_CC $HOST_CFLAGS $HOST_LDFLAGS) works" >&5
+echo "configure:1309: checking whether the $host compiler ($HOST_CC $HOST_CFLAGS $HOST_LDFLAGS) works" >&5
     cat > conftest.$ac_ext <<EOF
-#line 1308 "configure"
+#line 1311 "configure"
 #include "confdefs.h"
 
 int main() {
 return(0);
 ; return 0; }
 EOF
-if { (eval echo configure:1315: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:1318: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   ac_cv_prog_host_cc_works=1 echo "$ac_t""yes" 1>&6
 else
   echo "configure: failed program was:" >&5
   cat conftest.$ac_ext >&5
   rm -rf conftest*
   { echo "configure: error: installation or configuration problem: $host compiler $HOST_CC cannot create executables." 1>&2; exit 1; } 
 fi
@@ -1335,17 +1338,17 @@ rm -f conftest*
         ;;        
     esac            
 
     for ac_prog in $CC "${target_alias}-gcc" "${target}-gcc"
 do
 # Extract the first word of "$ac_prog", so it can be a program name with args.
 set dummy $ac_prog; ac_word=$2
 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:1344: checking for $ac_word" >&5
+echo "configure:1347: checking for $ac_word" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   if test -n "$CC"; then
   ac_cv_prog_CC="$CC" # Let the user override the test.
 else
   IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS=":"
   ac_dummy="$PATH"
@@ -1369,17 +1372,17 @@ fi
 test -n "$CC" && break
 done
 test -n "$CC" || CC="echo"
 
     unset ac_cv_prog_CC
     # Extract the first word of "gcc", so it can be a program name with args.
 set dummy gcc; ac_word=$2
 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:1378: checking for $ac_word" >&5
+echo "configure:1381: checking for $ac_word" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   if test -n "$CC"; then
   ac_cv_prog_CC="$CC" # Let the user override the test.
 else
   IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS=":"
   ac_dummy="$PATH"
@@ -1399,17 +1402,17 @@ if test -n "$CC"; then
 else
   echo "$ac_t""no" 1>&6
 fi
 
 if test -z "$CC"; then
   # Extract the first word of "cc", so it can be a program name with args.
 set dummy cc; ac_word=$2
 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:1408: checking for $ac_word" >&5
+echo "configure:1411: checking for $ac_word" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   if test -n "$CC"; then
   ac_cv_prog_CC="$CC" # Let the user override the test.
 else
   IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS=":"
   ac_prog_rejected=no
@@ -1450,17 +1453,17 @@ else
 fi
 
   if test -z "$CC"; then
     case "`uname -s`" in
     *win32* | *WIN32*)
       # Extract the first word of "cl", so it can be a program name with args.
 set dummy cl; ac_word=$2
 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:1459: checking for $ac_word" >&5
+echo "configure:1462: checking for $ac_word" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   if test -n "$CC"; then
   ac_cv_prog_CC="$CC" # Let the user override the test.
 else
   IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS=":"
   ac_dummy="$PATH"
@@ -1482,33 +1485,33 @@ else
 fi
  ;;
     esac
   fi
   test -z "$CC" && { echo "configure: error: no acceptable cc found in \$PATH" 1>&2; exit 1; }
 fi
 
 echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works""... $ac_c" 1>&6
-echo "configure:1491: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works" >&5
+echo "configure:1494: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works" >&5
 
 ac_ext=c
 # CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options.
 ac_cpp='$CPP $CPPFLAGS'
 ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5'
 ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5'
 cross_compiling=$ac_cv_prog_cc_cross
 
 cat > conftest.$ac_ext << EOF
 
-#line 1502 "configure"
+#line 1505 "configure"
 #include "confdefs.h"
 
 main(){return(0);}
 EOF
-if { (eval echo configure:1507: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:1510: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   ac_cv_prog_cc_works=yes
   # If we can't run a trivial program, we are probably using a cross compiler.
   if (./conftest; exit) 2>/dev/null; then
     ac_cv_prog_cc_cross=no
   else
     ac_cv_prog_cc_cross=yes
   fi
 else
@@ -1524,31 +1527,31 @@ ac_compile='${CC-cc} -c $CFLAGS $CPPFLAG
 ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5'
 cross_compiling=$ac_cv_prog_cc_cross
 
 echo "$ac_t""$ac_cv_prog_cc_works" 1>&6
 if test $ac_cv_prog_cc_works = no; then
   { echo "configure: error: installation or configuration problem: C compiler cannot create executables." 1>&2; exit 1; }
 fi
 echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler""... $ac_c" 1>&6
-echo "configure:1533: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler" >&5
+echo "configure:1536: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler" >&5
 echo "$ac_t""$ac_cv_prog_cc_cross" 1>&6
 cross_compiling=$ac_cv_prog_cc_cross
 
 echo $ac_n "checking whether we are using GNU C""... $ac_c" 1>&6
-echo "configure:1538: checking whether we are using GNU C" >&5
+echo "configure:1541: checking whether we are using GNU C" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_gcc'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.c <<EOF
 #ifdef __GNUC__
   yes;
 #endif
 EOF
-if { ac_try='${CC-cc} -E conftest.c'; { (eval echo configure:1547: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then
+if { ac_try='${CC-cc} -E conftest.c'; { (eval echo configure:1550: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then
   ac_cv_prog_gcc=yes
 else
   ac_cv_prog_gcc=no
 fi
 fi
 
 echo "$ac_t""$ac_cv_prog_gcc" 1>&6
 
@@ -1557,17 +1560,17 @@ if test $ac_cv_prog_gcc = yes; then
 else
   GCC=
 fi
 
 ac_test_CFLAGS="${CFLAGS+set}"
 ac_save_CFLAGS="$CFLAGS"
 CFLAGS=
 echo $ac_n "checking whether ${CC-cc} accepts -g""... $ac_c" 1>&6
-echo "configure:1566: checking whether ${CC-cc} accepts -g" >&5
+echo "configure:1569: checking whether ${CC-cc} accepts -g" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_cc_g'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   echo 'void f(){}' > conftest.c
 if test -z "`${CC-cc} -g -c conftest.c 2>&1`"; then
   ac_cv_prog_cc_g=yes
 else
   ac_cv_prog_cc_g=no
@@ -1594,17 +1597,17 @@ else
 fi
 
     if test -n "$USE_CPLUS"; then
         for ac_prog in $CXX "${target_alias}-g++" "${target}-g++"
 do
 # Extract the first word of "$ac_prog", so it can be a program name with args.
 set dummy $ac_prog; ac_word=$2
 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:1603: checking for $ac_word" >&5
+echo "configure:1606: checking for $ac_word" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_CXX'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   if test -n "$CXX"; then
   ac_cv_prog_CXX="$CXX" # Let the user override the test.
 else
   IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS=":"
   ac_dummy="$PATH"
@@ -1630,17 +1633,17 @@ done
 test -n "$CXX" || CXX="echo"
 
         unset ac_cv_prog_CXX
         for ac_prog in $CCC c++ g++ gcc CC cxx cc++ cl
 do
 # Extract the first word of "$ac_prog", so it can be a program name with args.
 set dummy $ac_prog; ac_word=$2
 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:1639: checking for $ac_word" >&5
+echo "configure:1642: checking for $ac_word" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_CXX'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   if test -n "$CXX"; then
   ac_cv_prog_CXX="$CXX" # Let the user override the test.
 else
   IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS=":"
   ac_dummy="$PATH"
@@ -1662,33 +1665,33 @@ else
 fi
 
 test -n "$CXX" && break
 done
 test -n "$CXX" || CXX="gcc"
 
 
 echo $ac_n "checking whether the C++ compiler ($CXX $CXXFLAGS $LDFLAGS) works""... $ac_c" 1>&6
-echo "configure:1671: checking whether the C++ compiler ($CXX $CXXFLAGS $LDFLAGS) works" >&5
+echo "configure:1674: checking whether the C++ compiler ($CXX $CXXFLAGS $LDFLAGS) works" >&5
 
 ac_ext=C
 # CXXFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options.
 ac_cpp='$CXXCPP $CPPFLAGS'
 ac_compile='${CXX-g++} -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext 1>&5'
 ac_link='${CXX-g++} -o conftest${ac_exeext} $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5'
 cross_compiling=$ac_cv_prog_cxx_cross
 
 cat > conftest.$ac_ext << EOF
 
-#line 1682 "configure"
+#line 1685 "configure"
 #include "confdefs.h"
 
 int main(){return(0);}
 EOF
-if { (eval echo configure:1687: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:1690: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   ac_cv_prog_cxx_works=yes
   # If we can't run a trivial program, we are probably using a cross compiler.
   if (./conftest; exit) 2>/dev/null; then
     ac_cv_prog_cxx_cross=no
   else
     ac_cv_prog_cxx_cross=yes
   fi
 else
@@ -1704,31 +1707,31 @@ ac_compile='${CC-cc} -c $CFLAGS $CPPFLAG
 ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5'
 cross_compiling=$ac_cv_prog_cc_cross
 
 echo "$ac_t""$ac_cv_prog_cxx_works" 1>&6
 if test $ac_cv_prog_cxx_works = no; then
   { echo "configure: error: installation or configuration problem: C++ compiler cannot create executables." 1>&2; exit 1; }
 fi
 echo $ac_n "checking whether the C++ compiler ($CXX $CXXFLAGS $LDFLAGS) is a cross-compiler""... $ac_c" 1>&6
-echo "configure:1713: checking whether the C++ compiler ($CXX $CXXFLAGS $LDFLAGS) is a cross-compiler" >&5
+echo "configure:1716: checking whether the C++ compiler ($CXX $CXXFLAGS $LDFLAGS) is a cross-compiler" >&5
 echo "$ac_t""$ac_cv_prog_cxx_cross" 1>&6
 cross_compiling=$ac_cv_prog_cxx_cross
 
 echo $ac_n "checking whether we are using GNU C++""... $ac_c" 1>&6
-echo "configure:1718: checking whether we are using GNU C++" >&5
+echo "configure:1721: checking whether we are using GNU C++" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_gxx'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.C <<EOF
 #ifdef __GNUC__
   yes;
 #endif
 EOF
-if { ac_try='${CXX-g++} -E conftest.C'; { (eval echo configure:1727: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then
+if { ac_try='${CXX-g++} -E conftest.C'; { (eval echo configure:1730: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then
   ac_cv_prog_gxx=yes
 else
   ac_cv_prog_gxx=no
 fi
 fi
 
 echo "$ac_t""$ac_cv_prog_gxx" 1>&6
 
@@ -1737,17 +1740,17 @@ if test $ac_cv_prog_gxx = yes; then
 else
   GXX=
 fi
 
 ac_test_CXXFLAGS="${CXXFLAGS+set}"
 ac_save_CXXFLAGS="$CXXFLAGS"
 CXXFLAGS=
 echo $ac_n "checking whether ${CXX-g++} accepts -g""... $ac_c" 1>&6
-echo "configure:1746: checking whether ${CXX-g++} accepts -g" >&5
+echo "configure:1749: checking whether ${CXX-g++} accepts -g" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_cxx_g'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   echo 'void f(){}' > conftest.cc
 if test -z "`${CXX-g++} -g -c conftest.cc 2>&1`"; then
   ac_cv_prog_cxx_g=yes
 else
   ac_cv_prog_cxx_g=no
@@ -1782,17 +1785,17 @@ fi
         ;;
     esac
 
     for ac_prog in $RANLIB "${target_alias}-ranlib" "${target}-ranlib"
 do
 # Extract the first word of "$ac_prog", so it can be a program name with args.
 set dummy $ac_prog; ac_word=$2
 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:1791: checking for $ac_word" >&5
+echo "configure:1794: checking for $ac_word" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_RANLIB'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   if test -n "$RANLIB"; then
   ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test.
 else
   IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS=":"
   ac_dummy="$PATH"
@@ -1817,17 +1820,17 @@ test -n "$RANLIB" && break
 done
 test -n "$RANLIB" || RANLIB="echo"
 
     for ac_prog in $AR "${target_alias}-ar" "${target}-ar"
 do
 # Extract the first word of "$ac_prog", so it can be a program name with args.
 set dummy $ac_prog; ac_word=$2
 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:1826: checking for $ac_word" >&5
+echo "configure:1829: checking for $ac_word" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_AR'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   if test -n "$AR"; then
   ac_cv_prog_AR="$AR" # Let the user override the test.
 else
   IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS=":"
   ac_dummy="$PATH"
@@ -1852,17 +1855,17 @@ test -n "$AR" && break
 done
 test -n "$AR" || AR="echo"
 
     for ac_prog in $AS "${target_alias}-as" "${target}-as"
 do
 # Extract the first word of "$ac_prog", so it can be a program name with args.
 set dummy $ac_prog; ac_word=$2
 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:1861: checking for $ac_word" >&5
+echo "configure:1864: checking for $ac_word" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_AS'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   if test -n "$AS"; then
   ac_cv_prog_AS="$AS" # Let the user override the test.
 else
   IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS=":"
   ac_dummy="$PATH"
@@ -1887,17 +1890,17 @@ test -n "$AS" && break
 done
 test -n "$AS" || AS="echo"
 
     for ac_prog in $LD "${target_alias}-ld" "${target}-ld"
 do
 # Extract the first word of "$ac_prog", so it can be a program name with args.
 set dummy $ac_prog; ac_word=$2
 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:1896: checking for $ac_word" >&5
+echo "configure:1899: checking for $ac_word" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_LD'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   if test -n "$LD"; then
   ac_cv_prog_LD="$LD" # Let the user override the test.
 else
   IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS=":"
   ac_dummy="$PATH"
@@ -1922,17 +1925,17 @@ test -n "$LD" && break
 done
 test -n "$LD" || LD="echo"
 
     for ac_prog in $STRIP "${target_alias}-strip" "${target}-strip"
 do
 # Extract the first word of "$ac_prog", so it can be a program name with args.
 set dummy $ac_prog; ac_word=$2
 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:1931: checking for $ac_word" >&5
+echo "configure:1934: checking for $ac_word" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_STRIP'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   if test -n "$STRIP"; then
   ac_cv_prog_STRIP="$STRIP" # Let the user override the test.
 else
   IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS=":"
   ac_dummy="$PATH"
@@ -1957,17 +1960,17 @@ test -n "$STRIP" && break
 done
 test -n "$STRIP" || STRIP="echo"
 
     for ac_prog in $WINDRES "${target_alias}-windres" "${target}-windres"
 do
 # Extract the first word of "$ac_prog", so it can be a program name with args.
 set dummy $ac_prog; ac_word=$2
 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:1966: checking for $ac_word" >&5
+echo "configure:1969: checking for $ac_word" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_WINDRES'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   if test -n "$WINDRES"; then
   ac_cv_prog_WINDRES="$WINDRES" # Let the user override the test.
 else
   IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS=":"
   ac_dummy="$PATH"
@@ -1992,17 +1995,17 @@ test -n "$WINDRES" && break
 done
 test -n "$WINDRES" || WINDRES="echo"
 
 
 else
     # Extract the first word of "gcc", so it can be a program name with args.
 set dummy gcc; ac_word=$2
 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:2001: checking for $ac_word" >&5
+echo "configure:2004: checking for $ac_word" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   if test -n "$CC"; then
   ac_cv_prog_CC="$CC" # Let the user override the test.
 else
   IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS=":"
   ac_dummy="$PATH"
@@ -2022,17 +2025,17 @@ if test -n "$CC"; then
 else
   echo "$ac_t""no" 1>&6
 fi
 
 if test -z "$CC"; then
   # Extract the first word of "cc", so it can be a program name with args.
 set dummy cc; ac_word=$2
 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:2031: checking for $ac_word" >&5
+echo "configure:2034: checking for $ac_word" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   if test -n "$CC"; then
   ac_cv_prog_CC="$CC" # Let the user override the test.
 else
   IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS=":"
   ac_prog_rejected=no
@@ -2073,17 +2076,17 @@ else
 fi
 
   if test -z "$CC"; then
     case "`uname -s`" in
     *win32* | *WIN32*)
       # Extract the first word of "cl", so it can be a program name with args.
 set dummy cl; ac_word=$2
 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:2082: checking for $ac_word" >&5
+echo "configure:2085: checking for $ac_word" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   if test -n "$CC"; then
   ac_cv_prog_CC="$CC" # Let the user override the test.
 else
   IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS=":"
   ac_dummy="$PATH"
@@ -2105,33 +2108,33 @@ else
 fi
  ;;
     esac
   fi
   test -z "$CC" && { echo "configure: error: no acceptable cc found in \$PATH" 1>&2; exit 1; }
 fi
 
 echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works""... $ac_c" 1>&6
-echo "configure:2114: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works" >&5
+echo "configure:2117: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works" >&5
 
 ac_ext=c
 # CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options.
 ac_cpp='$CPP $CPPFLAGS'
 ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5'
 ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5'
 cross_compiling=$ac_cv_prog_cc_cross
 
 cat > conftest.$ac_ext << EOF
 
-#line 2125 "configure"
+#line 2128 "configure"
 #include "confdefs.h"
 
 main(){return(0);}
 EOF
-if { (eval echo configure:2130: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:2133: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   ac_cv_prog_cc_works=yes
   # If we can't run a trivial program, we are probably using a cross compiler.
   if (./conftest; exit) 2>/dev/null; then
     ac_cv_prog_cc_cross=no
   else
     ac_cv_prog_cc_cross=yes
   fi
 else
@@ -2147,31 +2150,31 @@ ac_compile='${CC-cc} -c $CFLAGS $CPPFLAG
 ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5'
 cross_compiling=$ac_cv_prog_cc_cross
 
 echo "$ac_t""$ac_cv_prog_cc_works" 1>&6
 if test $ac_cv_prog_cc_works = no; then
   { echo "configure: error: installation or configuration problem: C compiler cannot create executables." 1>&2; exit 1; }
 fi
 echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler""... $ac_c" 1>&6
-echo "configure:2156: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler" >&5
+echo "configure:2159: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler" >&5
 echo "$ac_t""$ac_cv_prog_cc_cross" 1>&6
 cross_compiling=$ac_cv_prog_cc_cross
 
 echo $ac_n "checking whether we are using GNU C""... $ac_c" 1>&6
-echo "configure:2161: checking whether we are using GNU C" >&5
+echo "configure:2164: checking whether we are using GNU C" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_gcc'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.c <<EOF
 #ifdef __GNUC__
   yes;
 #endif
 EOF
-if { ac_try='${CC-cc} -E conftest.c'; { (eval echo configure:2170: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then
+if { ac_try='${CC-cc} -E conftest.c'; { (eval echo configure:2173: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then
   ac_cv_prog_gcc=yes
 else
   ac_cv_prog_gcc=no
 fi
 fi
 
 echo "$ac_t""$ac_cv_prog_gcc" 1>&6
 
@@ -2180,17 +2183,17 @@ if test $ac_cv_prog_gcc = yes; then
 else
   GCC=
 fi
 
 ac_test_CFLAGS="${CFLAGS+set}"
 ac_save_CFLAGS="$CFLAGS"
 CFLAGS=
 echo $ac_n "checking whether ${CC-cc} accepts -g""... $ac_c" 1>&6
-echo "configure:2189: checking whether ${CC-cc} accepts -g" >&5
+echo "configure:2192: checking whether ${CC-cc} accepts -g" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_cc_g'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   echo 'void f(){}' > conftest.c
 if test -z "`${CC-cc} -g -c conftest.c 2>&1`"; then
   ac_cv_prog_cc_g=yes
 else
   ac_cv_prog_cc_g=no
@@ -2220,17 +2223,17 @@ fi
         if test "$CC" = "cl" -a -z "$CXX"; then
             CXX=$CC
         else        
             for ac_prog in $CCC c++ g++ gcc CC cxx cc++ cl
 do
 # Extract the first word of "$ac_prog", so it can be a program name with args.
 set dummy $ac_prog; ac_word=$2
 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:2229: checking for $ac_word" >&5
+echo "configure:2232: checking for $ac_word" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_CXX'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   if test -n "$CXX"; then
   ac_cv_prog_CXX="$CXX" # Let the user override the test.
 else
   IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS=":"
   ac_dummy="$PATH"
@@ -2252,33 +2255,33 @@ else
 fi
 
 test -n "$CXX" && break
 done
 test -n "$CXX" || CXX="gcc"
 
 
 echo $ac_n "checking whether the C++ compiler ($CXX $CXXFLAGS $LDFLAGS) works""... $ac_c" 1>&6
-echo "configure:2261: checking whether the C++ compiler ($CXX $CXXFLAGS $LDFLAGS) works" >&5
+echo "configure:2264: checking whether the C++ compiler ($CXX $CXXFLAGS $LDFLAGS) works" >&5
 
 ac_ext=C
 # CXXFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options.
 ac_cpp='$CXXCPP $CPPFLAGS'
 ac_compile='${CXX-g++} -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext 1>&5'
 ac_link='${CXX-g++} -o conftest${ac_exeext} $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5'
 cross_compiling=$ac_cv_prog_cxx_cross
 
 cat > conftest.$ac_ext << EOF
 
-#line 2272 "configure"
+#line 2275 "configure"
 #include "confdefs.h"
 
 int main(){return(0);}
 EOF
-if { (eval echo configure:2277: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:2280: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   ac_cv_prog_cxx_works=yes
   # If we can't run a trivial program, we are probably using a cross compiler.
   if (./conftest; exit) 2>/dev/null; then
     ac_cv_prog_cxx_cross=no
   else
     ac_cv_prog_cxx_cross=yes
   fi
 else
@@ -2294,31 +2297,31 @@ ac_compile='${CC-cc} -c $CFLAGS $CPPFLAG
 ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5'
 cross_compiling=$ac_cv_prog_cc_cross
 
 echo "$ac_t""$ac_cv_prog_cxx_works" 1>&6
 if test $ac_cv_prog_cxx_works = no; then
   { echo "configure: error: installation or configuration problem: C++ compiler cannot create executables." 1>&2; exit 1; }
 fi
 echo $ac_n "checking whether the C++ compiler ($CXX $CXXFLAGS $LDFLAGS) is a cross-compiler""... $ac_c" 1>&6
-echo "configure:2303: checking whether the C++ compiler ($CXX $CXXFLAGS $LDFLAGS) is a cross-compiler" >&5
+echo "configure:2306: checking whether the C++ compiler ($CXX $CXXFLAGS $LDFLAGS) is a cross-compiler" >&5
 echo "$ac_t""$ac_cv_prog_cxx_cross" 1>&6
 cross_compiling=$ac_cv_prog_cxx_cross
 
 echo $ac_n "checking whether we are using GNU C++""... $ac_c" 1>&6
-echo "configure:2308: checking whether we are using GNU C++" >&5
+echo "configure:2311: checking whether we are using GNU C++" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_gxx'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.C <<EOF
 #ifdef __GNUC__
   yes;
 #endif
 EOF
-if { ac_try='${CXX-g++} -E conftest.C'; { (eval echo configure:2317: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then
+if { ac_try='${CXX-g++} -E conftest.C'; { (eval echo configure:2320: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then
   ac_cv_prog_gxx=yes
 else
   ac_cv_prog_gxx=no
 fi
 fi
 
 echo "$ac_t""$ac_cv_prog_gxx" 1>&6
 
@@ -2327,17 +2330,17 @@ if test $ac_cv_prog_gxx = yes; then
 else
   GXX=
 fi
 
 ac_test_CXXFLAGS="${CXXFLAGS+set}"
 ac_save_CXXFLAGS="$CXXFLAGS"
 CXXFLAGS=
 echo $ac_n "checking whether ${CXX-g++} accepts -g""... $ac_c" 1>&6
-echo "configure:2336: checking whether ${CXX-g++} accepts -g" >&5
+echo "configure:2339: checking whether ${CXX-g++} accepts -g" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_cxx_g'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   echo 'void f(){}' > conftest.cc
 if test -z "`${CXX-g++} -g -c conftest.cc 2>&1`"; then
   ac_cv_prog_cxx_g=yes
 else
   ac_cv_prog_cxx_g=no
@@ -2361,72 +2364,72 @@ else
   else
     CXXFLAGS=
   fi
 fi
 
         fi
     fi
     echo $ac_n "checking how to run the C preprocessor""... $ac_c" 1>&6
-echo "configure:2370: checking how to run the C preprocessor" >&5
+echo "configure:2373: checking how to run the C preprocessor" >&5
 # On Suns, sometimes $CPP names a directory.
 if test -n "$CPP" && test -d "$CPP"; then
   CPP=
 fi
 if test -z "$CPP"; then
 if eval "test \"`echo '$''{'ac_cv_prog_CPP'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
     # This must be in double quotes, not single quotes, because CPP may get
   # substituted into the Makefile and "${CC-cc}" will confuse make.
   CPP="${CC-cc} -E"
   # On the NeXT, cc -E runs the code through the compiler's parser,
   # not just through cpp.
   cat > conftest.$ac_ext <<EOF
-#line 2385 "configure"
+#line 2388 "configure"
 #include "confdefs.h"
 #include <assert.h>
 Syntax Error
 EOF
 ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:2391: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:2394: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
 ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
 if test -z "$ac_err"; then
   :
 else
   echo "$ac_err" >&5
   echo "configure: failed program was:" >&5
   cat conftest.$ac_ext >&5
   rm -rf conftest*
   CPP="${CC-cc} -E -traditional-cpp"
   cat > conftest.$ac_ext <<EOF
-#line 2402 "configure"
+#line 2405 "configure"
 #include "confdefs.h"
 #include <assert.h>
 Syntax Error
 EOF
 ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:2408: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:2411: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
 ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
 if test -z "$ac_err"; then
   :
 else
   echo "$ac_err" >&5
   echo "configure: failed program was:" >&5
   cat conftest.$ac_ext >&5
   rm -rf conftest*
   CPP="${CC-cc} -nologo -E"
   cat > conftest.$ac_ext <<EOF
-#line 2419 "configure"
+#line 2422 "configure"
 #include "confdefs.h"
 #include <assert.h>
 Syntax Error
 EOF
 ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:2425: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:2428: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
 ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
 if test -z "$ac_err"; then
   :
 else
   echo "$ac_err" >&5
   echo "configure: failed program was:" >&5
   cat conftest.$ac_ext >&5
   rm -rf conftest*
@@ -2443,17 +2446,17 @@ fi
 else
   ac_cv_prog_CPP="$CPP"
 fi
 echo "$ac_t""$CPP" 1>&6
 
     # Extract the first word of "ranlib", so it can be a program name with args.
 set dummy ranlib; ac_word=$2
 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:2452: checking for $ac_word" >&5
+echo "configure:2455: checking for $ac_word" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_RANLIB'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   if test -n "$RANLIB"; then
   ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test.
 else
   IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS=":"
   ac_dummy="$PATH"
@@ -2475,17 +2478,17 @@ else
   echo "$ac_t""no" 1>&6
 fi
 
     for ac_prog in as
 do
 # Extract the first word of "$ac_prog", so it can be a program name with args.
 set dummy $ac_prog; ac_word=$2
 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:2484: checking for $ac_word" >&5
+echo "configure:2487: checking for $ac_word" >&5
 if eval "test \"`echo '$''{'ac_cv_path_AS'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   case "$AS" in
   /*)
   ac_cv_path_AS="$AS" # Let the user override the test with a path.
   ;;
   ?:/*)			 
@@ -2516,17 +2519,17 @@ test -n "$AS" && break
 done
 test -n "$AS" || AS="$CC"
 
     for ac_prog in ar
 do
 # Extract the first word of "$ac_prog", so it can be a program name with args.
 set dummy $ac_prog; ac_word=$2
 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:2525: checking for $ac_word" >&5
+echo "configure:2528: checking for $ac_word" >&5
 if eval "test \"`echo '$''{'ac_cv_path_AR'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   case "$AR" in
   /*)
   ac_cv_path_AR="$AR" # Let the user override the test with a path.
   ;;
   ?:/*)			 
@@ -2557,17 +2560,17 @@ test -n "$AR" && break
 done
 test -n "$AR" || AR="echo not_ar"
 
     for ac_prog in ld link
 do
 # Extract the first word of "$ac_prog", so it can be a program name with args.
 set dummy $ac_prog; ac_word=$2
 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:2566: checking for $ac_word" >&5
+echo "configure:2569: checking for $ac_word" >&5
 if eval "test \"`echo '$''{'ac_cv_path_LD'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   case "$LD" in
   /*)
   ac_cv_path_LD="$LD" # Let the user override the test with a path.
   ;;
   ?:/*)			 
@@ -2598,17 +2601,17 @@ test -n "$LD" && break
 done
 test -n "$LD" || LD="echo not_ld"
 
     for ac_prog in strip
 do
 # Extract the first word of "$ac_prog", so it can be a program name with args.
 set dummy $ac_prog; ac_word=$2
 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:2607: checking for $ac_word" >&5
+echo "configure:2610: checking for $ac_word" >&5
 if eval "test \"`echo '$''{'ac_cv_path_STRIP'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   case "$STRIP" in
   /*)
   ac_cv_path_STRIP="$STRIP" # Let the user override the test with a path.
   ;;
   ?:/*)			 
@@ -2639,17 +2642,17 @@ test -n "$STRIP" && break
 done
 test -n "$STRIP" || STRIP="echo not_strip"
 
     for ac_prog in windres
 do
 # Extract the first word of "$ac_prog", so it can be a program name with args.
 set dummy $ac_prog; ac_word=$2
 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:2648: checking for $ac_word" >&5
+echo "configure:2651: checking for $ac_word" >&5
 if eval "test \"`echo '$''{'ac_cv_path_WINDRES'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   case "$WINDRES" in
   /*)
   ac_cv_path_WINDRES="$WINDRES" # Let the user override the test with a path.
   ;;
   ?:/*)			 
@@ -2707,39 +2710,39 @@ esac
 
 if test "$cross_compiling"  = "yes"; then
     CROSS_COMPILE=1
 else
     CROSS_COMPILE=
 fi
 
 echo $ac_n "checking for gcc -pipe support""... $ac_c" 1>&6
-echo "configure:2716: checking for gcc -pipe support" >&5
+echo "configure:2719: checking for gcc -pipe support" >&5
 if test -n "$GNU_CC" && test -n "$GNU_CXX" && test -n "$GNU_AS"; then
     echo '#include <stdio.h>' > dummy-hello.c
     echo 'int main() { printf("Hello World\n"); return 0; }' >> dummy-hello.c
     ${CC} -S dummy-hello.c -o dummy-hello.s 2>&5
     cat dummy-hello.s | ${AS} -o dummy-hello.S - 2>&5
     if test $? = 0; then
         _res_as_stdin="yes"
     else
         _res_as_stdin="no"
     fi
     if test "$_res_as_stdin" = "yes"; then
         _SAVE_CFLAGS=$CFLAGS
         CFLAGS="$CFLAGS -pipe"
         cat > conftest.$ac_ext <<EOF
-#line 2731 "configure"
+#line 2734 "configure"
 #include "confdefs.h"
  #include <stdio.h> 
 int main() {
 printf("Hello World\n");
 ; return 0; }
 EOF
-if { (eval echo configure:2738: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:2741: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
   _res_gcc_pipe="yes"
 else
   echo "configure: failed program was:" >&5
   cat conftest.$ac_ext >&5
   rm -rf conftest*
   _res_gcc_pipe="no" 
 fi
@@ -2759,26 +2762,26 @@ else
     echo "$ac_t""no" 1>&6
 fi
 
 
 _SAVE_CFLAGS="$CFLAGS"
 CFLAGS="$CFLAGS -fprofile-generate -fprofile-correction"
 
 echo $ac_n "checking whether C compiler supports -fprofile-generate""... $ac_c" 1>&6
-echo "configure:2768: checking whether C compiler supports -fprofile-generate" >&5
+echo "configure:2771: checking whether C compiler supports -fprofile-generate" >&5
 cat > conftest.$ac_ext <<EOF
-#line 2770 "configure"
+#line 2773 "configure"
 #include "confdefs.h"
 
 int main() {
 return 0;
 ; return 0; }
 EOF
-if { (eval echo configure:2777: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:2780: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
   rm -rf conftest*
    PROFILE_GEN_CFLAGS="-fprofile-generate"
                  result="yes" 
 else
   echo "configure: failed program was:" >&5
   cat conftest.$ac_ext >&5
   rm -rf conftest*
   result="no"
@@ -2791,17 +2794,17 @@ if test $result = "yes"; then
    PROFILE_USE_CFLAGS="-fprofile-use -fprofile-correction -Wcoverage-mismatch -freorder-blocks-and-partition"
    PROFILE_USE_LDFLAGS="-fprofile-use"
 fi
 
 CFLAGS="$_SAVE_CFLAGS"
 
 if test "$GNU_CC"; then
     echo $ac_n "checking for visibility(hidden) attribute""... $ac_c" 1>&6
-echo "configure:2800: checking for visibility(hidden) attribute" >&5
+echo "configure:2803: checking for visibility(hidden) attribute" >&5
 if eval "test \"`echo '$''{'ac_cv_visibility_hidden'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.c <<EOF
         int foo __attribute__ ((visibility ("hidden"))) = 1;
 EOF
         ac_cv_visibility_hidden=no
         if ${CC-cc} -Werror -S conftest.c -o conftest.s >/dev/null 2>&1; then
@@ -2815,17 +2818,17 @@ fi
 
 echo "$ac_t""$ac_cv_visibility_hidden" 1>&6
     if test "$ac_cv_visibility_hidden" = "yes"; then
         cat >> confdefs.h <<\EOF
 #define HAVE_VISIBILITY_HIDDEN_ATTRIBUTE 1
 EOF
 
         echo $ac_n "checking for visibility pragma support""... $ac_c" 1>&6
-echo "configure:2824: checking for visibility pragma support" >&5
+echo "configure:2827: checking for visibility pragma support" >&5
 if eval "test \"`echo '$''{'ac_cv_visibility_pragma'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.c <<EOF
 #pragma GCC visibility push(hidden)
             int foo_hidden = 1;
 #pragma GCC visibility push(default)
             int foo_default = 1;
@@ -2868,17 +2871,17 @@ fi # GNU_CC
 fi # SKIP_COMPILER_CHECKS
 
 if test -z "$SKIP_PATH_CHECKS"; then
     for ac_prog in perl5 perl
 do
 # Extract the first word of "$ac_prog", so it can be a program name with args.
 set dummy $ac_prog; ac_word=$2
 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:2877: checking for $ac_word" >&5
+echo "configure:2880: checking for $ac_word" >&5
 if eval "test \"`echo '$''{'ac_cv_path_PERL'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   case "$PERL" in
   /*)
   ac_cv_path_PERL="$PERL" # Let the user override the test with a path.
   ;;
   ?:/*)			 
@@ -3104,16 +3107,26 @@ if test -n "$MOZ_THUMB2"; then
       else
         { echo "configure: error: --enable-thumb2 is not supported for non-GNU toolchains" 1>&2; exit 1; }
       fi
     ;;
     *)
       { echo "configure: error: --enable-thumb2 is not supported for non-ARM CPU architectures" 1>&2; exit 1; }
     ;;
   esac
+else
+  case "$target_cpu" in
+    arm*)
+      if test "$GNU_CC"; then
+       CFLAGS="$CFLAGS -march=armv5te -mthumb-interwork -Wa, -march=armv5te -Wa, -mthumb-interwork"
+        CXXFLAGS="$CXXFLAGS -march=armv5te -mthumb-interwork -Wa, -march=armv5te -Wa, -mthumb-interwork"
+        ASFLAGS="$ASFLAGS -march=armv5te -mthumb-interwork"
+      fi
+      ;;
+  esac
 fi
 
 case "$host" in
 *-mingw*)
     NSINSTALL=nsinstall
     ;;
 *-cygwin*|*-msvc*|*-mks*|*-wince*|*-winmo*)
     NSINSTALL='$(CYGWIN_WRAPPER) nsinstall'
@@ -3144,27 +3157,27 @@ EOF
 
     cat >> confdefs.h <<\EOF
 #define SYSV 1
 EOF
 
     DSO_LDOPTS='-brtl -bnortllib -bM:SRE -bnoentry -bexpall -blibpath:/usr/lib:/lib'
     ac_safe=`echo "sys/atomic_op.h" | sed 'y%./+-%__p_%'`
 echo $ac_n "checking for sys/atomic_op.h""... $ac_c" 1>&6
-echo "configure:3153: checking for sys/atomic_op.h" >&5
+echo "configure:3166: checking for sys/atomic_op.h" >&5
 if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 3158 "configure"
+#line 3171 "configure"
 #include "confdefs.h"
 #include <sys/atomic_op.h>
 EOF
 ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:3163: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:3176: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
 ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
 if test -z "$ac_err"; then
   rm -rf conftest*
   eval "ac_cv_header_$ac_safe=yes"
 else
   echo "$ac_err" >&5
   echo "configure: failed program was:" >&5
   cat conftest.$ac_ext >&5
@@ -3311,36 +3324,36 @@ EOF
     PR_MD_ARCH_DIR=beos
     RESOLVE_LINK_SYMBOLS=1
     case "${target_cpu}" in
     i*86)
         _OPTIMIZE_FLAGS=-O2
         _DEBUG_FLAGS='-gdwarf-2 -O0'
         MKSHLIB='$(CCC) $(DSO_LDOPTS) -o $@'
         echo $ac_n "checking for gethostbyaddr in -lbind""... $ac_c" 1>&6
-echo "configure:3320: checking for gethostbyaddr in -lbind" >&5
+echo "configure:3333: checking for gethostbyaddr in -lbind" >&5
 ac_lib_var=`echo bind'_'gethostbyaddr | sed 'y%./+-%__p_%'`
 if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   ac_save_LIBS="$LIBS"
 LIBS="-lbind  $LIBS"
 cat > conftest.$ac_ext <<EOF
-#line 3328 "configure"
+#line 3341 "configure"
 #include "confdefs.h"
 /* Override any gcc2 internal prototype to avoid an error.  */
 /* We use char because int might match the return type of a gcc2
     builtin and then its argument prototype would still apply.  */
 char gethostbyaddr();
 
 int main() {
 gethostbyaddr()
 ; return 0; }
 EOF
-if { (eval echo configure:3339: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:3352: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "ac_cv_lib_$ac_lib_var=yes"
 else
   echo "configure: failed program was:" >&5
   cat conftest.$ac_ext >&5
   rm -rf conftest*
   eval "ac_cv_lib_$ac_lib_var=no"
 fi
@@ -4226,18 +4239,34 @@ EOF
         MSC_VER=${_CC_MAJOR_VERSION}${_CC_MINOR_VERSION}
 
         if test "$_CC_MAJOR_VERSION" -eq "14"; then
                                             if test $_CC_RELEASE -gt 50727; then
               _USE_DYNAMICBASE=1
            elif test $_CC_BUILD -ge 762; then
               _USE_DYNAMICBASE=1
            fi
+           cat >> confdefs.h <<\EOF
+#define _CRT_SECURE_NO_DEPRECATE 1
+EOF
+
+           cat >> confdefs.h <<\EOF
+#define _CRT_NONSTDC_NO_DEPRECATE 1
+EOF
+
         elif test $_CC_MAJOR_VERSION -ge 15; then
            _USE_DYNAMICBASE=1    
+           cat >> confdefs.h <<\EOF
+#define _CRT_SECURE_NO_WARNINGS 1
+EOF
+
+           cat >> confdefs.h <<\EOF
+#define _CRT_NONSTDC_NO_WARNINGS 1
+EOF
+
         fi
 
         if test -n "$_USE_DYNAMICBASE"; then
            DLLFLAGS="$DLLFLAGS -DYNAMICBASE"
         fi
 
         # Ensure that mt is Microsoft (R) Manifest Tool and not magnetic
         # tape manipulation utility (or something else)
@@ -4705,27 +4734,27 @@ EOF
     if test -z "$GNU_CC"; then
         CC="$CC -std1 -ieee_with_inexact"
         if test "$OS_RELEASE" != "V2.0"; then
             CC="$CC -readonly_strings"
         fi
         _OPTIMIZE_FLAGS="$_OPTIMIZE_FLAGS -Olimit 4000"
         ac_safe=`echo "machine/builtins.h" | sed 'y%./+-%__p_%'`
 echo $ac_n "checking for machine/builtins.h""... $ac_c" 1>&6
-echo "configure:4714: checking for machine/builtins.h" >&5
+echo "configure:4743: checking for machine/builtins.h" >&5
 if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 4719 "configure"
+#line 4748 "configure"
 #include "confdefs.h"
 #include <machine/builtins.h>
 EOF
 ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:4724: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:4753: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
 ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
 if test -z "$ac_err"; then
   rm -rf conftest*
   eval "ac_cv_header_$ac_safe=yes"
 else
   echo "$ac_err" >&5
   echo "configure: failed program was:" >&5
   cat conftest.$ac_ext >&5
@@ -5364,63 +5393,63 @@ if test -z "$SKIP_LIBRARY_CHECKS"; then
 
 
 
 case $target in
 *-darwin*|*-beos*|*-os2*)
     ;;
 *)
     echo $ac_n "checking for dlopen in -ldl""... $ac_c" 1>&6
-echo "configure:5373: checking for dlopen in -ldl" >&5
+echo "configure:5402: checking for dlopen in -ldl" >&5
 ac_lib_var=`echo dl'_'dlopen | sed 'y%./+-%__p_%'`
 if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   ac_save_LIBS="$LIBS"
 LIBS="-ldl  $LIBS"
 cat > conftest.$ac_ext <<EOF
-#line 5381 "configure"
+#line 5410 "configure"
 #include "confdefs.h"
 /* Override any gcc2 internal prototype to avoid an error.  */
 /* We use char because int might match the return type of a gcc2
     builtin and then its argument prototype would still apply.  */
 char dlopen();
 
 int main() {
 dlopen()
 ; return 0; }
 EOF
-if { (eval echo configure:5392: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:5421: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "ac_cv_lib_$ac_lib_var=yes"
 else
   echo "configure: failed program was:" >&5
   cat conftest.$ac_ext >&5
   rm -rf conftest*
   eval "ac_cv_lib_$ac_lib_var=no"
 fi
 rm -f conftest*
 LIBS="$ac_save_LIBS"
 
 fi
 if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
   echo "$ac_t""yes" 1>&6
   ac_safe=`echo "dlfcn.h" | sed 'y%./+-%__p_%'`
 echo $ac_n "checking for dlfcn.h""... $ac_c" 1>&6
-echo "configure:5409: checking for dlfcn.h" >&5
+echo "configure:5438: checking for dlfcn.h" >&5
 if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 5414 "configure"
+#line 5443 "configure"
 #include "confdefs.h"
 #include <dlfcn.h>
 EOF
 ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:5419: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:5448: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
 ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
 if test -z "$ac_err"; then
   rm -rf conftest*
   eval "ac_cv_header_$ac_safe=yes"
 else
   echo "$ac_err" >&5
   echo "configure: failed program was:" >&5
   cat conftest.$ac_ext >&5
@@ -5443,23 +5472,23 @@ fi
     ;;
 esac
 
 
 
 
 if test $ac_cv_prog_gcc = yes; then
     echo $ac_n "checking whether ${CC-cc} needs -traditional""... $ac_c" 1>&6
-echo "configure:5452: checking whether ${CC-cc} needs -traditional" >&5
+echo "configure:5481: checking whether ${CC-cc} needs -traditional" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_gcc_traditional'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
     ac_pattern="Autoconf.*'x'"
   cat > conftest.$ac_ext <<EOF
-#line 5458 "configure"
+#line 5487 "configure"
 #include "confdefs.h"
 #include <sgtty.h>
 Autoconf TIOCGETP
 EOF
 if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
   egrep "$ac_pattern" >/dev/null 2>&1; then
   rm -rf conftest*
   ac_cv_prog_gcc_traditional=yes
@@ -5467,17 +5496,17 @@ else
   rm -rf conftest*
   ac_cv_prog_gcc_traditional=no
 fi
 rm -f conftest*
 
 
   if test $ac_cv_prog_gcc_traditional = no; then
     cat > conftest.$ac_ext <<EOF
-#line 5476 "configure"
+#line 5505 "configure"
 #include "confdefs.h"
 #include <termio.h>
 Autoconf TCGETA
 EOF
 if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
   egrep "$ac_pattern" >/dev/null 2>&1; then
   rm -rf conftest*
   ac_cv_prog_gcc_traditional=yes
@@ -5491,22 +5520,22 @@ echo "$ac_t""$ac_cv_prog_gcc_traditional
   if test $ac_cv_prog_gcc_traditional = yes; then
     CC="$CC -traditional"
   fi
 fi
 
 for ac_func in lchown strerror
 do
 echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:5500: checking for $ac_func" >&5
+echo "configure:5529: checking for $ac_func" >&5
 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 5505 "configure"
+#line 5534 "configure"
 #include "confdefs.h"
 /* System header to define __stub macros and hopefully few prototypes,
     which can conflict with char $ac_func(); below.  */
 #include <assert.h>
 /* Override any gcc2 internal prototype to avoid an error.  */
 /* We use char because int might match the return type of a gcc2
     builtin and then its argument prototype would still apply.  */
 char $ac_func();
@@ -5519,17 +5548,17 @@ int main() {
 #if defined (__stub_$ac_func) || defined (__stub___$ac_func)
 choke me
 #else
 $ac_func();
 #endif
 
 ; return 0; }
 EOF
-if { (eval echo configure:5528: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:5557: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
   rm -rf conftest*
   eval "ac_cv_func_$ac_func=yes"
 else
   echo "configure: failed program was:" >&5
   cat conftest.$ac_ext >&5
   rm -rf conftest*
   eval "ac_cv_func_$ac_func=no"
 fi
@@ -5546,31 +5575,100 @@ EOF
 else
   echo "$ac_t""no" 1>&6
 fi
 done
 
 
 
 
+# Check whether --with-ccache or --without-ccache was given.
+if test "${with_ccache+set}" = set; then
+  withval="$with_ccache"
+  CCACHE=$withval
+else
+  CCACHE="no"
+fi
+
+
+if test "$CCACHE" != "no"; then
+    if test -n "$CCACHE"; then
+        if test "$CCACHE" = "yes"; then
+            CCACHE=
+        else
+            if test ! -e "$CCACHE"; then
+                { echo "configure: error: $CCACHE not found" 1>&2; exit 1; }
+            fi
+        fi
+    fi
+    for ac_prog in $CCACHE ccache
+do
+# Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
+echo "configure:5608: checking for $ac_word" >&5
+if eval "test \"`echo '$''{'ac_cv_path_CCACHE'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  case "$CCACHE" in
+  /*)
+  ac_cv_path_CCACHE="$CCACHE" # Let the user override the test with a path.
+  ;;
+  ?:/*)			 
+  ac_cv_path_CCACHE="$CCACHE" # Let the user override the test with a dos path.
+  ;;
+  *)
+  IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS=":"
+  ac_dummy="$PATH"
+  for ac_dir in $ac_dummy; do 
+    test -z "$ac_dir" && ac_dir=.
+    if test -f $ac_dir/$ac_word; then
+      ac_cv_path_CCACHE="$ac_dir/$ac_word"
+      break
+    fi
+  done
+  IFS="$ac_save_ifs"
+  ;;
+esac
+fi
+CCACHE="$ac_cv_path_CCACHE"
+if test -n "$CCACHE"; then
+  echo "$ac_t""$CCACHE" 1>&6
+else
+  echo "$ac_t""no" 1>&6
+fi
+
+test -n "$CCACHE" && break
+done
+
+    if test -z "$CCACHE" -o "$CCACHE" = ":"; then
+        { echo "configure: error: ccache not found" 1>&2; exit 1; }
+    elif test -x "$CCACHE"; then
+        CC="$CCACHE $CC"
+        CXX="$CCACHE $CXX"
+    else
+        { echo "configure: error: $CCACHE is not executable" 1>&2; exit 1; }
+    fi
+fi
+
 # Check whether --enable-strip or --disable-strip was given.
 if test "${enable_strip+set}" = set; then
   enableval="$enable_strip"
    if test "$enableval" = "yes"; then
 	    ENABLE_STRIP=1
       fi 
 fi
 
 
 case "${target_os}" in
 hpux*)
 if test -z "$GNU_CC"; then
 
     echo $ac_n "checking for +Olit support""... $ac_c" 1>&6
-echo "configure:5569: checking for +Olit support" >&5
+echo "configure:5667: checking for +Olit support" >&5
 if eval "test \"`echo '$''{'ac_cv_hpux_usable_olit_option'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
                   ac_cv_hpux_usable_olit_option=no
         rm -f conftest*
         echo 'int main() { return 0; }' | cat > conftest.c
         ${CC-cc} ${CFLAGS} +Olit=all -o conftest conftest.c > conftest.out 2>&1
         if test $? -eq 0; then
@@ -5602,17 +5700,17 @@ darwin*)
     _HAVE_PTHREADS=1
     ;;
 wince*)
     _HAVE_PTHREADS=
     ;;
 *)
     
 echo $ac_n "checking for pthread_create in -lpthreads""... $ac_c" 1>&6
-echo "configure:5611: checking for pthread_create in -lpthreads" >&5
+echo "configure:5709: checking for pthread_create in -lpthreads" >&5
 echo "
     #include <pthread.h> 
     void *foo(void *v) { return v; } 
     int main() { 
         pthread_t t;
         if (!pthread_create(&t, 0, &foo, 0)) {
             pthread_join(t, 0);
         }
@@ -5624,17 +5722,17 @@ echo "
     rm -f dummy.c dummy${ac_exeext} ;
     if test "$_res" = "0"; then
         echo "$ac_t""yes" 1>&6
         _HAVE_PTHREADS=1 _PTHREAD_LDFLAGS="-lpthreads"
     else
         echo "$ac_t""no" 1>&6
         
 echo $ac_n "checking for pthread_create in -lpthread""... $ac_c" 1>&6
-echo "configure:5633: checking for pthread_create in -lpthread" >&5
+echo "configure:5731: checking for pthread_create in -lpthread" >&5
 echo "
     #include <pthread.h> 
     void *foo(void *v) { return v; } 
     int main() { 
         pthread_t t;
         if (!pthread_create(&t, 0, &foo, 0)) {
             pthread_join(t, 0);
         }
@@ -5646,17 +5744,17 @@ echo "
     rm -f dummy.c dummy${ac_exeext} ;
     if test "$_res" = "0"; then
         echo "$ac_t""yes" 1>&6
         _HAVE_PTHREADS=1 _PTHREAD_LDFLAGS="-lpthread"
     else
         echo "$ac_t""no" 1>&6
         
 echo $ac_n "checking for pthread_create in -lc_r""... $ac_c" 1>&6
-echo "configure:5655: checking for pthread_create in -lc_r" >&5
+echo "configure:5753: checking for pthread_create in -lc_r" >&5
 echo "
     #include <pthread.h> 
     void *foo(void *v) { return v; } 
     int main() { 
         pthread_t t;
         if (!pthread_create(&t, 0, &foo, 0)) {
             pthread_join(t, 0);
         }
@@ -5668,17 +5766,17 @@ echo "
     rm -f dummy.c dummy${ac_exeext} ;
     if test "$_res" = "0"; then
         echo "$ac_t""yes" 1>&6
         _HAVE_PTHREADS=1 _PTHREAD_LDFLAGS="-lc_r"
     else
         echo "$ac_t""no" 1>&6
         
 echo $ac_n "checking for pthread_create in -lc""... $ac_c" 1>&6
-echo "configure:5677: checking for pthread_create in -lc" >&5
+echo "configure:5775: checking for pthread_create in -lc" >&5
 echo "
     #include <pthread.h> 
     void *foo(void *v) { return v; } 
     int main() { 
         pthread_t t;
         if (!pthread_create(&t, 0, &foo, 0)) {
             pthread_join(t, 0);
         }
@@ -5782,35 +5880,21 @@ if test "${enable_ipv6+set}" = set; then
    if test "$enableval" = "yes"; then
 	    USE_IPV6=1
       else
 	    USE_IPV6=
       fi
 fi
 
 
-
-# Check whether --enable-boehm or --disable-boehm was given.
-if test "${enable_boehm+set}" = set; then
-  enableval="$enable_boehm"
-   if test "$enableval" = "yes"; then
-        cat >> confdefs.h <<\EOF
-#define GC_LEAK_DETECTOR 1
-EOF
-
-        GC_LEAK_DETECTOR=1
-    fi
-fi
-
-
 if test -n "$USE_PTHREADS"; then
       rm -f conftest*
    ac_cv_have_dash_pthread=no
    echo $ac_n "checking whether ${CC-cc} accepts -pthread""... $ac_c" 1>&6
-echo "configure:5809: checking whether ${CC-cc} accepts -pthread" >&5
+echo "configure:5893: checking whether ${CC-cc} accepts -pthread" >&5
    echo 'int main() { return 0; }' | cat > conftest.c
    ${CC-cc} -pthread -o conftest conftest.c > conftest.out 2>&1
    if test $? -eq 0; then
 	if test -z "`egrep -i '(unrecognize|unknown)' conftest.out | grep pthread`" && test -z "`egrep -i '(error|incorrect)' conftest.out`" ; then
 	    ac_cv_have_dash_pthread=yes
 		case "$target_os" in
 	    freebsd*)
 # Freebsd doesn't use -pthread for compiles, it uses them for linking
@@ -5823,17 +5907,17 @@ echo "configure:5809: checking whether $
 	fi
     fi
     rm -f conftest*
     echo "$ac_t""$ac_cv_have_dash_pthread" 1>&6
 
 			    ac_cv_have_dash_pthreads=no
     if test "$ac_cv_have_dash_pthread" = "no"; then
 	    echo $ac_n "checking whether ${CC-cc} accepts -pthreads""... $ac_c" 1>&6
-echo "configure:5832: checking whether ${CC-cc} accepts -pthreads" >&5
+echo "configure:5916: checking whether ${CC-cc} accepts -pthreads" >&5
     	echo 'int main() { return 0; }' | cat > conftest.c
 	    ${CC-cc} -pthreads -o conftest conftest.c > conftest.out 2>&1
     	if test $? -eq 0; then
 	    	if test -z "`egrep -i '(unrecognize|unknown)' conftest.out | grep pthreads`" && test -z "`egrep -i '(error|incorrect)' conftest.out`" ; then
 			    ac_cv_have_dash_pthreads=yes
 			    CFLAGS="$CFLAGS -pthreads"
 			    CXXFLAGS="$CXXFLAGS -pthreads"
 		    fi
@@ -6147,17 +6231,17 @@ if test "${enable_wrap_malloc+set}" = se
        if test "$enableval" = "yes"; then
 	    _WRAP_MALLOC=1
       fi 
 fi
 
 
 if test -n "$_WRAP_MALLOC"; then
     if test "$GNU_CC"; then
-       WRAP_MALLOC_CFLAGS="${LDFLAGS} -Wl,--wrap -Wl,malloc -Wl,--wrap -Wl,calloc -Wl,--wrap -Wl,valloc -Wl,--wrap -Wl,free -Wl,--wrap -Wl,realloc -Wl,--wrap -Wl,memalign -Wl,--wrap -Wl,__builtin_new -Wl,--wrap -Wl,__builtin_vec_new -Wl,--wrap -Wl,__builtin_delete -Wl,--wrap -Wl,__builtin_vec_delete -Wl,--wrap -Wl,PR_Free -Wl,--wrap -Wl,PR_Malloc -Wl,--wrap -Wl,PR_Calloc -Wl,--wrap -Wl,PR_Realloc -Wl,--wrap -Wl,strdup -Wl,--wrap -Wl,strndup -Wl,--wrap -Wl,posix_memalign"
+       WRAP_MALLOC_CFLAGS="${LDFLAGS} ${WRAP_MALLOC_CFLAGS} -Wl,--wrap -Wl,malloc -Wl,--wrap -Wl,calloc -Wl,--wrap -Wl,valloc -Wl,--wrap -Wl,free -Wl,--wrap -Wl,realloc -Wl,--wrap -Wl,memalign -Wl,--wrap -Wl,__builtin_new -Wl,--wrap -Wl,__builtin_vec_new -Wl,--wrap -Wl,__builtin_delete -Wl,--wrap -Wl,__builtin_vec_delete -Wl,--wrap -Wl,PR_Free -Wl,--wrap -Wl,PR_Malloc -Wl,--wrap -Wl,PR_Calloc -Wl,--wrap -Wl,PR_Realloc -Wl,--wrap -Wl,strdup -Wl,--wrap -Wl,strndup -Wl,--wrap -Wl,posix_memalign"
        DSO_LDOPTS="$DSO_LDOPTS $WRAP_MALLOC_CFLAGS"
     else
        { echo "configure: error: --enable-wrap-malloc is not supported for non-GNU toolchains" 1>&2; exit 1; }
     fi
 fi
 
 # Check whether --with-wrap-malloc or --without-wrap-malloc was given.
 if test "${with_wrap_malloc+set}" = set; then
@@ -6266,17 +6350,16 @@ fi
 
 
 
 
 
 
 
 
-
 MAKEFILES="
 Makefile 
 config/Makefile
 config/autoconf.mk
 config/nsprincl.mk
 config/nsprincl.sh
 config/nspr-config
 lib/Makefile 
@@ -6434,16 +6517,18 @@ do
 done
 
 ac_given_srcdir=$srcdir
 
 trap 'rm -fr `echo "$MAKEFILES" | sed "s/:[^ ]*//g"` conftest*; exit 1' 1 2 15
 EOF
 cat >> $CONFIG_STATUS <<EOF
 
+
+
 # Protect against being on the right side of a sed subst in config.status.
 sed 's/%@/@@/; s/@%/@@/; s/%g\$/@g/; /@g\$/s/[\\\\&%]/\\\\&/g;
  s/@@/%@/; s/@@/@%/; s/@g\$/%g/' > conftest.subs <<\\CEOF
 $ac_vpsub
 $extrasub
 s%@SHELL@%$SHELL%g
 s%@CFLAGS@%$CFLAGS%g
 s%@CPPFLAGS@%$CPPFLAGS%g
@@ -6493,33 +6578,33 @@ s%@CXX@%$CXX%g
 s%@RANLIB@%$RANLIB%g
 s%@AR@%$AR%g
 s%@AS@%$AS%g
 s%@LD@%$LD%g
 s%@STRIP@%$STRIP%g
 s%@WINDRES@%$WINDRES%g
 s%@CPP@%$CPP%g
 s%@PERL@%$PERL%g
+s%@CCACHE@%$CCACHE%g
 s%@SHELL_OVERRIDE@%$SHELL_OVERRIDE%g
 s%@MOZILLA_CLIENT@%$MOZILLA_CLIENT%g
 s%@HOST_CFLAGS@%$HOST_CFLAGS%g
 s%@HOST_LDFLAGS@%$HOST_LDFLAGS%g
 s%@GNU_CC@%$GNU_CC%g
 s%@GCC_USE_GNU_LD@%$GCC_USE_GNU_LD%g
 s%@MSC_VER@%$MSC_VER%g
 s%@CROSS_COMPILE@%$CROSS_COMPILE%g
 s%@MOZ_OPTIMIZE@%$MOZ_OPTIMIZE%g
 s%@MOZ_DEBUG@%$MOZ_DEBUG%g
 s%@MOZ_DEBUG_SYMBOLS@%$MOZ_DEBUG_SYMBOLS%g
 s%@USE_CPLUS@%$USE_CPLUS%g
 s%@USE_IPV6@%$USE_IPV6%g
 s%@USE_N32@%$USE_N32%g
 s%@USE_64@%$USE_64%g
 s%@OBJECT_MODE@%$OBJECT_MODE%g
-s%@GC_LEAK_DETECTOR@%$GC_LEAK_DETECTOR%g
 s%@ENABLE_STRIP@%$ENABLE_STRIP%g
 s%@USE_PTHREADS@%$USE_PTHREADS%g
 s%@USE_BTHREADS@%$USE_BTHREADS%g
 s%@USE_USER_PTHREADS@%$USE_USER_PTHREADS%g
 s%@USE_NSPR_THREADS@%$USE_NSPR_THREADS%g
 s%@LIBNSPR@%$LIBNSPR%g
 s%@LIBPLC@%$LIBPLC%g
 s%@MOD_MAJOR_VERSION@%$MOD_MAJOR_VERSION%g
@@ -6642,41 +6727,43 @@ for ac_file in .. $CONFIG_FILES; do if t
   else
     ac_dir_suffix= ac_dots=
   fi
 
   case "$ac_given_srcdir" in
   .)  srcdir=.
       if test -z "$ac_dots"; then top_srcdir=.
       else top_srcdir=`echo $ac_dots|sed 's%/$%%'`; fi ;;
-  /*) srcdir="$ac_given_srcdir$ac_dir_suffix"; top_srcdir="$ac_given_srcdir" ;;
+  /* | ?:/*) srcdir="$ac_given_srcdir$ac_dir_suffix"; top_srcdir="$ac_given_srcdir" ;;
   *) # Relative path.
     srcdir="$ac_dots$ac_given_srcdir$ac_dir_suffix"
     top_srcdir="$ac_dots$ac_given_srcdir" ;;
   esac
 
 
   echo creating "$ac_file"
   rm -f "$ac_file"
   configure_input="Generated automatically from `echo $ac_file_in|sed 's%.*/%%'` by configure."
   case "$ac_file" in
   *Makefile*) ac_comsub="1i\\
 # $configure_input" ;;
   *) ac_comsub= ;;
   esac
 
-  ac_file_inputs=`echo $ac_file_in|sed -e "s%^%$ac_given_srcdir/%" -e "s%:% $ac_given_srcdir/%g"`
+  ac_file_inputs=`echo $ac_file_in|sed -e "s%^%$ac_given_srcdir/%" `
   sed -e "$ac_comsub
 s%@configure_input@%$configure_input%g
 s%@srcdir@%$srcdir%g
 s%@top_srcdir@%$top_srcdir%g
 " $ac_file_inputs | (eval "$ac_sed_cmds") > $ac_file
 fi; done
 rm -f conftest.s*
 
+
+
 EOF
 cat >> $CONFIG_STATUS <<EOF
 
 EOF
 cat >> $CONFIG_STATUS <<\EOF
 chmod +x config/nspr-config
 exit 0
 EOF
--- a/nsprpub/configure.in
+++ b/nsprpub/configure.in
@@ -45,17 +45,17 @@ AC_INIT(config/libc_r.h)
 AC_CONFIG_AUX_DIR(${srcdir}/build/autoconf)
 AC_CANONICAL_SYSTEM
 
 dnl ========================================================
 dnl = Defaults
 dnl ========================================================
 MOD_MAJOR_VERSION=4
 MOD_MINOR_VERSION=8
-MOD_PATCH_VERSION=6
+MOD_PATCH_VERSION=7
 NSPR_MODNAME=nspr20
 _HAVE_PTHREADS=
 USE_PTHREADS=
 USE_USER_PTHREADS=
 USE_NSPR_THREADS=
 USE_N32=
 USE_64=
 USE_CPLUS=
@@ -189,16 +189,18 @@ if test "$target" = "arm-android-eabi" ;
     fi
     if test -z "$HOST_CXXFLAGS" ; then
         HOST_CXXFLAGS=" "
     fi
     if test -z "$HOST_LDFLAGS" ; then
         HOST_LDFLAGS=" "
     fi
 
+    WRAP_MALLOC_CFLAGS="-Wl,--wrap=dlopen -Wl,--wrap=dlclose -Wl,--wrap=dlerror -Wl,--wrap=dlsym -Wl,--wrap=dladdr"
+
     AC_DEFINE(ANDROID)
 fi
 
 dnl ========================================================
 dnl =
 dnl = Check options that may affect the compiler
 dnl =
 dnl ========================================================
@@ -929,16 +931,26 @@ if test -n "$MOZ_THUMB2"; then
       else
         AC_MSG_ERROR([--enable-thumb2 is not supported for non-GNU toolchains])
       fi
     ;;
     *)
       AC_MSG_ERROR([--enable-thumb2 is not supported for non-ARM CPU architectures])
     ;;
   esac
+else
+  case "$target_cpu" in
+    arm*)
+      if test "$GNU_CC"; then
+       CFLAGS="$CFLAGS -march=armv5te -mthumb-interwork -Wa, -march=armv5te -Wa, -mthumb-interwork"
+        CXXFLAGS="$CXXFLAGS -march=armv5te -mthumb-interwork -Wa, -march=armv5te -Wa, -mthumb-interwork"
+        ASFLAGS="$ASFLAGS -march=armv5te -mthumb-interwork"
+      fi
+      ;;
+  esac
 fi
 
 dnl ========================================================
 dnl Override of system specific host options
 dnl ========================================================
 case "$host" in
 *-mingw*)
     NSINSTALL=nsinstall
@@ -1693,18 +1705,22 @@ arm-android-eabi)
            dnl -DYNAMICBASE is only supported on VC8SP1 or newer,
            dnl so be very specific here!
            dnl VC8 is 14.00.50727.42, VC8SP1 is 14.00.50727.762
            if test $_CC_RELEASE -gt 50727; then
               _USE_DYNAMICBASE=1
            elif test $_CC_BUILD -ge 762; then
               _USE_DYNAMICBASE=1
            fi
+           AC_DEFINE(_CRT_SECURE_NO_DEPRECATE)
+           AC_DEFINE(_CRT_NONSTDC_NO_DEPRECATE)
         elif test $_CC_MAJOR_VERSION -ge 15; then
            _USE_DYNAMICBASE=1    
+           AC_DEFINE(_CRT_SECURE_NO_WARNINGS)
+           AC_DEFINE(_CRT_NONSTDC_NO_WARNINGS)
         fi
 
         if test -n "$_USE_DYNAMICBASE"; then
            DLLFLAGS="$DLLFLAGS -DYNAMICBASE"
         fi
 
         # Ensure that mt is Microsoft (R) Manifest Tool and not magnetic
         # tape manipulation utility (or something else)
@@ -2506,16 +2522,45 @@ dnl AC_FUNC_STRFTIME
 dnl AC_FUNC_UTIME_NULL
 dnl AC_FUNC_VPRINTF
 dnl AC_CHECK_FUNCS(ftime getcwd gethostname gettimeofday getwd mkdir mktime putenv rmdir select socket strdup strerror strstr strtol strtoul uname)
 
 dnl ========================================================
 dnl Check options
 dnl ========================================================
 
+dnl ======================================================
+dnl = Enable compiling with ccache
+dnl ======================================================
+AC_ARG_WITH(ccache,
+[  --with-ccache[=path/to/ccache]
+                          Enable compiling with ccache],
+    CCACHE=$withval, CCACHE="no")
+
+if test "$CCACHE" != "no"; then
+    if test -n "$CCACHE"; then
+        if test "$CCACHE" = "yes"; then
+            CCACHE=
+        else
+            if test ! -e "$CCACHE"; then
+                AC_MSG_ERROR([$CCACHE not found])
+            fi
+        fi
+    fi
+    AC_PATH_PROGS(CCACHE, $CCACHE ccache)
+    if test -z "$CCACHE" -o "$CCACHE" = ":"; then
+        AC_MSG_ERROR([ccache not found])
+    elif test -x "$CCACHE"; then
+        CC="$CCACHE $CC"
+        CXX="$CCACHE $CXX"
+    else
+        AC_MSG_ERROR([$CCACHE is not executable])
+    fi
+fi
+
 dnl ========================================================
 dnl =
 dnl = --enable-strip
 dnl = 
 dnl = Enable stripping of libs and executables
 dnl = 
 dnl ========================================================
 AC_ARG_ENABLE(strip,
@@ -2669,24 +2714,16 @@ fi # SKIP_LIBRARY_CHECKS
 AC_ARG_ENABLE(ipv6,
     [  --enable-ipv6           Compile ipv6 support],
     [ if test "$enableval" = "yes"; then
 	    USE_IPV6=1
       else
 	    USE_IPV6=
       fi])
 
-
-AC_ARG_ENABLE(boehm,
-    [  --enable-boehm          Enable the Boehm Garbage Collector],
-    [ if test "$enableval" = "yes"; then
-        AC_DEFINE(GC_LEAK_DETECTOR)
-        GC_LEAK_DETECTOR=1
-    fi])
-
 if test -n "$USE_PTHREADS"; then
    dnl See if -pthread is supported.
    rm -f conftest*
    ac_cv_have_dash_pthread=no
    AC_MSG_CHECKING(whether ${CC-cc} accepts -pthread)
    echo 'int main() { return 0; }' | cat > conftest.c
    ${CC-cc} -pthread -o conftest conftest.c > conftest.out 2>&1
    if test $? -eq 0; then
@@ -2949,17 +2986,17 @@ dnl ====================================
 AC_ARG_ENABLE(wrap-malloc,
 [  --enable-wrap-malloc    Wrap malloc calls (gnu linker only)],
 [     if test "$enableval" = "yes"; then
 	    _WRAP_MALLOC=1
       fi ])
 
 if test -n "$_WRAP_MALLOC"; then
     if test "$GNU_CC"; then
-       WRAP_MALLOC_CFLAGS="${LDFLAGS} -Wl,--wrap -Wl,malloc -Wl,--wrap -Wl,calloc -Wl,--wrap -Wl,valloc -Wl,--wrap -Wl,free -Wl,--wrap -Wl,realloc -Wl,--wrap -Wl,memalign -Wl,--wrap -Wl,__builtin_new -Wl,--wrap -Wl,__builtin_vec_new -Wl,--wrap -Wl,__builtin_delete -Wl,--wrap -Wl,__builtin_vec_delete -Wl,--wrap -Wl,PR_Free -Wl,--wrap -Wl,PR_Malloc -Wl,--wrap -Wl,PR_Calloc -Wl,--wrap -Wl,PR_Realloc -Wl,--wrap -Wl,strdup -Wl,--wrap -Wl,strndup -Wl,--wrap -Wl,posix_memalign"
+       WRAP_MALLOC_CFLAGS="${LDFLAGS} ${WRAP_MALLOC_CFLAGS} -Wl,--wrap -Wl,malloc -Wl,--wrap -Wl,calloc -Wl,--wrap -Wl,valloc -Wl,--wrap -Wl,free -Wl,--wrap -Wl,realloc -Wl,--wrap -Wl,memalign -Wl,--wrap -Wl,__builtin_new -Wl,--wrap -Wl,__builtin_vec_new -Wl,--wrap -Wl,__builtin_delete -Wl,--wrap -Wl,__builtin_vec_delete -Wl,--wrap -Wl,PR_Free -Wl,--wrap -Wl,PR_Malloc -Wl,--wrap -Wl,PR_Calloc -Wl,--wrap -Wl,PR_Realloc -Wl,--wrap -Wl,strdup -Wl,--wrap -Wl,strndup -Wl,--wrap -Wl,posix_memalign"
        DSO_LDOPTS="$DSO_LDOPTS $WRAP_MALLOC_CFLAGS"
     else
        AC_MSG_ERROR([--enable-wrap-malloc is not supported for non-GNU toolchains])
     fi
 fi
 
 dnl ========================================================
 dnl = Location of malloc wrapper lib
@@ -2992,17 +3029,16 @@ AC_SUBST(MOZ_OPTIMIZE)
 AC_SUBST(MOZ_DEBUG)
 AC_SUBST(MOZ_DEBUG_SYMBOLS)
 
 AC_SUBST(USE_CPLUS)
 AC_SUBST(USE_IPV6)
 AC_SUBST(USE_N32)
 AC_SUBST(USE_64)
 AC_SUBST(OBJECT_MODE)
-AC_SUBST(GC_LEAK_DETECTOR)
 AC_SUBST(ENABLE_STRIP)
 
 AC_SUBST(USE_PTHREADS)
 AC_SUBST(USE_BTHREADS)
 AC_SUBST(USE_USER_PTHREADS)
 AC_SUBST(USE_NSPR_THREADS)
 
 AC_SUBST(LIBNSPR)
--- a/nsprpub/lib/prstreams/Makefile.in
+++ b/nsprpub/lib/prstreams/Makefile.in
@@ -41,33 +41,16 @@ MOD_DEPTH	= ../..
 topsrcdir	= @top_srcdir@
 srcdir		= @srcdir@
 VPATH		= @srcdir@
 
 include $(MOD_DEPTH)/config/autoconf.mk
 
 include $(topsrcdir)/config/config.mk
 
-# Disable optimization of the nspr on SunOS4.1.3
-ifeq ($(OS_ARCH),SunOS)
-    ifeq ($(OS_RELEASE),4.1.3_U1)
-        OPTIMIZER =
-    else
-        # The C++ compiler in Workshop 5.0 uses standard
-        # iostreams as default.  -library=iostream will
-        # allow Workshop 5.0 to work with classic iostreams.
-        ifndef NS_USE_GCC
-        CCC_VERSION := $(shell $(CCC) -V 2>&1)
-        ifneq (,$(findstring 5.0,$(CCC_VERSION)))
-        CCC_ONLY_FLAGS += -library=iostream
-        endif
-        endif
-    endif
-endif
-
 ifeq ($(OS_ARCH), IRIX)
     ifneq ($(OS_RELEASE),5.3)
         CCC_ONLY_FLAGS += -exceptions
     endif
 endif
 
 ifeq ($(OS_ARCH), BeOS)
     CFLAGS += -frtti -fexceptions
--- a/nsprpub/lib/prstreams/prstrms.cpp
+++ b/nsprpub/lib/prstreams/prstrms.cpp
@@ -32,515 +32,517 @@
  * and other provisions required by the GPL or the LGPL. If you do not delete
  * the provisions above, a recipient may use your version of this file under
  * the terms of any one of the MPL, the GPL or the LGPL.
  *
  * ***** END LICENSE BLOCK ***** */
 
 /*
  * Robin J. Maxwell 11-22-96
+ * Fredrik Roubert <roubert@google.com> 2010-07-23
+ * Matt Austern <austern@google.com> 2010-07-23
  */
 
 #include "prstrms.h"
-#include <string.h> // memmove
 
-//
-// Definition of macros _PRSTR_BP, _PRSTR_DELBUF, and _PRSTR_DELBUF_C.
-//
-// _PRSTR_BP is the protected member of class ios that is returned
-// by the public method rdbuf().
-//
-// _PRSTR_DELBUF is the method or data member of class ios, if available,
-// with which we can ensure that the ios destructor does not delete
-// the associated streambuf.  If such a method or data member does not
-// exist, define _PRSTR_DELBUF to be empty.
-//
-// _PRSTR_DELBUF_C is just _PRSTR_DELBUF qualified by a base class.
-//
+#include <cstdio>
+#include <cstring>
+#include <ios>
+#include <new>
 
-#if defined(__GNUC__)
-#define _PRSTR_BP _strbuf
-#define _PRSTR_DELBUF(x)    /* as nothing */
-#define _PRSTR_DELBUF_C(c, x)  /* as nothing */
-#elif defined(WIN32)
-#define _PRSTR_BP bp
-#define _PRSTR_DELBUF(x)	delbuf(x)
-#define _PRSTR_DELBUF_C(c, x)	c::_PRSTR_DELBUF(x)
-#elif defined(OSF1)
-#define _PRSTR_BP m_psb
-#define _PRSTR_DELBUF(x) /* as nothing */
-#define _PRSTR_DELBUF_C(c, x)	/* as nothing */
-#elif defined(QNX)
-#define PRFSTREAMS_BROKEN
-#else
-#define _PRSTR_BP bp
-// Unix compilers don't believe in encapsulation
-// At least on Solaris this is also ignored
-#define _PRSTR_DELBUF(x)	delbuf = x
-#define _PRSTR_DELBUF_C(c, x)	c::_PRSTR_DELBUF(x)
-#endif
+using std::ios_base;
+using std::iostream;
+using std::istream;
+using std::nothrow;
+using std::ostream;
+using std::streambuf;
+using std::streamsize;
 
-const PRIntn STRM_BUFSIZ = 8192;
-
-#if !defined (PRFSTREAMS_BROKEN)   
 
 PRfilebuf::PRfilebuf():
-_fd(0),
-_opened(PR_FALSE),
-_allocated(PR_FALSE)
-{
-}
+    _fd(NULL),
+    _opened(false),
+    _allocated(false),
+    _unbuffered(false),
+    _user_buf(false),
+    _buf_base(NULL),
+    _buf_end(NULL) { }
+
 
 PRfilebuf::PRfilebuf(PRFileDesc *fd):
-streambuf(),
-_fd(fd),
-_opened(PR_FALSE),
-_allocated(PR_FALSE)
+    _fd(fd),
+    _opened(false),
+    _allocated(false),
+    _unbuffered(false),
+    _user_buf(false),
+    _buf_base(NULL),
+    _buf_end(NULL) { }
+
+
+PRfilebuf::PRfilebuf(PRFileDesc *fd, char_type *ptr, streamsize len):
+    _fd(fd),
+    _opened(false),
+    _allocated(false),
+    _unbuffered(false),
+    _user_buf(false),
+    _buf_base(NULL),
+    _buf_end(NULL)
 {
+    setbuf(ptr, len);
 }
 
-PRfilebuf::PRfilebuf(PRFileDesc *fd, char * buffptr, int bufflen):
-_fd(fd),
-_opened(PR_FALSE),
-_allocated(PR_FALSE)
-{
-    PRfilebuf::setbuf(buffptr, bufflen);
-}
 
 PRfilebuf::~PRfilebuf()
 {
-    if (_opened){
+    if (_opened) {
         close();
-    }else
+    } else {
         sync();
-	if (_allocated)
-		delete base();
+    }
+    if (_allocated) {
+        delete _buf_base;
+    }
 }
 
-PRfilebuf*	
-PRfilebuf::open(const char *name, int mode, int flags)
+
+PRfilebuf *PRfilebuf::open(
+    const char *name, ios_base::openmode flags, PRIntn mode)
 {
-     if (_fd != 0)
-        return 0;    // error if already open
-     PRIntn PRmode = 0;
-    // translate mode argument
-    if (!(mode & ios::nocreate))
-        PRmode |= PR_CREATE_FILE;
-    //if (mode & ios::noreplace)
-    //    PRmode |= O_EXCL;
-    if (mode & ios::app){
-        mode |= ios::out;
-        PRmode |= PR_APPEND;
-    }
-    if (mode & ios::trunc){
-        mode |= ios::out;  // IMPLIED
-        PRmode |= PR_TRUNCATE;
+    if (_fd != NULL) {
+        return NULL;  // Error if already open.
     }
-    if (mode & ios::out){
-        if (mode & ios::in)
-            PRmode |= PR_RDWR;
-        else
-            PRmode |= PR_WRONLY;
-        if (!(mode & (ios::in|ios::app|ios::ate|ios::noreplace))){
-            mode |= ios::trunc; // IMPLIED
-            PRmode |= PR_TRUNCATE;
-        }
-    }else if (mode & ios::in)
-        PRmode |= PR_RDONLY;
-    else
-        return 0;    // error if not ios:in or ios::out
+
+    // Translate flags argument.
+    PRIntn prflags = 0;
+    bool ate = (flags & ios_base::ate) != 0;
+    flags &= ~(ios_base::ate | ios_base::binary);
 
+    // TODO: The flag PR_CREATE_FILE should probably be used for the cases
+    // (out), (out|app), (out|trunc) and (in|out|trunc) as the C++ standard
+    // specifies that these cases should open files 'as if by using fopen with
+    // "w"'. But adding that flag here will cause the unit test to leave files
+    // behind after running (which might or might not be an error in the unit
+    // test) so the matter needs further investigation before any changes are
+    // made. The old prstreams implementation used the non-standard flag
+    // ios::nocreate to control the use of PR_CREATE_FILE.
 
-    //
-    // The usual portable across unix crap...
-    // NT gets a hokey piece of junk layer that prevents
-    // access to the API.
-#ifdef WIN32
-    _fd = PR_Open(name, PRmode, PRmode);
-#else
-    _fd = PR_Open(name, PRmode, flags);
-#endif
-    if (_fd == 0)
-        return 0;
-    _opened = PR_TRUE;
-    if ((!unbuffered()) && (!ebuf())){
-        char * sbuf = new char[STRM_BUFSIZ];
-        if (!sbuf)
-            unbuffered(1);
-        else{
-			_allocated = PR_TRUE;
-            streambuf::setb(sbuf,sbuf+STRM_BUFSIZ,0);
-		}
+    if (flags == (ios_base::out)) {
+        prflags = PR_WRONLY | PR_TRUNCATE;
+    } else if (flags == (ios_base::out | ios_base::app)) {
+        prflags = PR_RDWR | PR_APPEND;
+    } else if (flags == (ios_base::out | ios_base::trunc)) {
+        prflags = PR_WRONLY | PR_TRUNCATE;
+    } else if (flags == (ios_base::in)) {
+        prflags = PR_RDONLY;
+    } else if (flags == (ios_base::in | ios_base::out)) {
+        prflags = PR_RDWR;
+    } else if (flags == (ios_base::in | ios_base::out | ios_base::trunc)) {
+        prflags = PR_RDWR | PR_TRUNCATE;
+    } else {
+        return NULL;  // Unrecognized flag combination.
     }
-    if (mode & ios::ate){
-        if (seekoff(0,ios::end,mode)==EOF){
-            close();
-            return 0;
-        }
+
+    if ((_fd = PR_Open(name, prflags, mode)) == NULL) {
+        return NULL;
     }
+
+    _opened = true;
+
+    if (ate &&
+            seekoff(0, ios_base::end, flags) == pos_type(traits_type::eof())) {
+        close();
+        return NULL;
+    }
+
     return this;
 }
 
-PRfilebuf*	
-PRfilebuf::attach(PRFileDesc *fd)
+
+PRfilebuf *PRfilebuf::attach(PRFileDesc *fd)
 {
-    _opened = PR_FALSE;
+    if (_fd != NULL) {
+        return NULL;  // Error if already open.
+    }
+
+    _opened = false;
     _fd = fd;
     return this;
 }
 
-int	
-PRfilebuf::overflow(int c)
+
+PRfilebuf *PRfilebuf::close()
 {
-    if (allocate()==EOF)        // make sure there is a reserve area
-        return EOF;
-    if (PRfilebuf::sync()==EOF) // sync before new buffer created below
-        return EOF;
-
-    if (!unbuffered())
-        setp(base(),ebuf());
-
-    if (c!=EOF){
-        if ((!unbuffered()) && (pptr() < epptr())) // guard against recursion
-            sputc(c);
-        else{
-            if (PR_Write(_fd, &c, 1)!=1)
-                return(EOF);
-        }
-    }
-    return(1);  // return something other than EOF if successful
-}
-
-int	
-PRfilebuf::underflow()
-{
-    int count;
-    unsigned char tbuf;
+    if (_fd == NULL)
+        return NULL;
 
-    if (in_avail())
-        return (int)(unsigned char) *gptr();
-
-    if (allocate()==EOF)        // make sure there is a reserve area
-        return EOF;
-    if (PRfilebuf::sync()==EOF)
-        return EOF;
-
-    if (unbuffered())
-        {
-        if (PR_Read(_fd,(void *)&tbuf,1)<=0)
-            return EOF;
-        return (int)tbuf;
-        }
+    int status = sync();
 
-    if ((count=PR_Read(_fd,(void *)base(),blen())) <= 0)
-        return EOF;     // reached EOF
-    setg(base(),base(),base()+count);
-    return (int)(unsigned char) *gptr();
-}
+    if (PR_Close(_fd) == PR_FAILURE ||
+            traits_type::eq_int_type(status, traits_type::eof())) {
+        return NULL;
+    }
 
-streambuf*	
-PRfilebuf::setbuf(char *buffptr, PRstreambuflen bufflen)
-{
-    if (is_open() && (ebuf()))
-        return 0;
-    if ((!buffptr) || (bufflen <= 0))
-        unbuffered(1);
-    else
-        setb(buffptr, buffptr+bufflen, 0);
+    _fd = NULL;
     return this;
 }
 
-streampos	
-PRfilebuf::seekoff(streamoff offset, ios::seek_dir dir, int /* mode */)
+
+streambuf *PRfilebuf::setbuf(char_type *ptr, streamsize len)
 {
-    if (PR_GetDescType(_fd) == PR_DESC_FILE){
-        PRSeekWhence fdir;
-        PRInt32 retpos;
-        switch (dir) {
-            case ios::beg :
-                fdir = PR_SEEK_SET;
-                break;
-            case ios::cur :
-                fdir = PR_SEEK_CUR;
-                break;
-            case ios::end :
-                fdir = PR_SEEK_END;
-                break;
-            default:
-            // error
-                return(EOF);
-            }
-
-        if (PRfilebuf::sync()==EOF)
-            return EOF;
-        if ((retpos=PR_Seek(_fd, offset, fdir))==-1L)
-            return (EOF);
-        return((streampos)retpos);
-    }else
-        return (EOF);
-}
-
-
-int 
-PRfilebuf::sync()
-{
-    PRInt32 count; 
-
-    if (_fd==0)
-        return(EOF);
+    if (is_open() && _buf_end) {
+        return NULL;
+    }
 
-    if (!unbuffered()){
-        // Sync write area
-        if ((count=out_waiting())!=0){
-            PRInt32 nout;
-            if ((nout =PR_Write(_fd,
-                               (void *) pbase(),
-                               (unsigned int)count)) != count){
-                if (nout > 0) {
-                    // should set _pptr -= nout
-                    pbump(-(int)nout);
-                    memmove(pbase(), pbase()+nout, (int)(count-nout));
-                }
-                return(EOF);
-            }
-        }
-        setp(0,0); // empty put area
+    if (!ptr || len <= 0) {
+        _unbuffered = true;
+    } else {
+        setb(ptr, ptr + len, false);
+    }
 
-        if (PR_GetDescType(_fd) == PR_DESC_FILE){
-            // Sockets can't seek; don't need this
-            if ((count=in_avail()) > 0){
-                if (PR_Seek(_fd, -count, PR_SEEK_CUR)!=-1L)
-                {
-                    return (EOF);
-                }
-            }
-        }
-        setg(0,0,0); // empty get area
-    }
-    return(0);
-}
-
-PRfilebuf * 
-PRfilebuf::close()
-{
-    int retval;
-    if (_fd==0)
-        return 0;
-
-    retval = sync();
-
-    if ((PR_Close(_fd)==0) || (retval==EOF))
-        return 0;
-    _fd = 0;
     return this;
 }
 
-PRifstream::PRifstream():
-istream(new PRfilebuf)
+
+streambuf::pos_type PRfilebuf::seekoff(
+    off_type offset, ios_base::seekdir dir, ios_base::openmode /*flags*/)
 {
-    _PRSTR_DELBUF(0);
-}
+    if (PR_GetDescType(_fd) != PR_DESC_FILE) {
+        return traits_type::eof();
+    }
+
+    PRSeekWhence whence;
+    PRInt64 pos;
 
-PRifstream::PRifstream(PRFileDesc *fd):
-istream(new PRfilebuf(fd))
-{
-    _PRSTR_DELBUF(0);
-}
+    switch (dir) {
+        case ios_base::beg: whence = PR_SEEK_SET; break;
+        case ios_base::cur: whence = PR_SEEK_CUR; break;
+        case ios_base::end: whence = PR_SEEK_END; break;
+        default:
+            return traits_type::eof();  // This should never happen.
+    }
 
-PRifstream::PRifstream(PRFileDesc *fd, char *buff, int bufflen):
-istream(new PRfilebuf(fd, buff, bufflen))
-{
-    _PRSTR_DELBUF(0);
+    if (traits_type::eq_int_type(sync(), traits_type::eof())) {
+        return traits_type::eof();
+    }
+
+    if ((pos = PR_Seek64(_fd, offset, whence)) == -1) {
+        return traits_type::eof();
+    }
+
+    return pos;
 }
 
-PRifstream::PRifstream(const char * name, int mode, int flags):
-istream(new PRfilebuf)
+
+int PRfilebuf::sync()
 {
-    _PRSTR_DELBUF(0);
-    if (!rdbuf()->open(name, (mode|ios::in), flags))
-        clear(rdstate() | ios::failbit);
-}
-
-PRifstream::~PRifstream()
-{
-	sync();
+    if (_fd == NULL) {
+        return traits_type::eof();
+    }
 
-	delete rdbuf();
-#ifdef _PRSTR_BP
-	_PRSTR_BP = 0;
-#endif
-}
+    if (!_unbuffered) {
+        // Sync write area.
+        PRInt32 waiting;
+        if ((waiting = pptr() - pbase()) != 0) {
+            PRInt32 nout;
+            if ((nout = PR_Write(_fd, pbase(), waiting)) != waiting) {
+                if (nout > 0) {
+                    // Should set _pptr -= nout.
+                    pbump(-nout);
+                    memmove(pbase(), pbase() + nout, waiting - nout);
+                }
+                return traits_type::eof();
+            }
+        }
+        setp(NULL, NULL);  // Empty put area.
 
-streambuf * 
-PRifstream::setbuf(char * ptr, int len)
-{
-    if ((is_open()) || (!(rdbuf()->setbuf(ptr, len)))){
-        clear(rdstate() | ios::failbit);
-        return 0;
+        if (PR_GetDescType(_fd) == PR_DESC_FILE) {
+            // Sockets can't seek; don't need this.
+            PROffset64 avail;
+            if ((avail = in_avail()) > 0) {
+                if (PR_Seek64(_fd, -avail, PR_SEEK_CUR) != -1) {
+                    return traits_type::eof();
+                }
+            }
+        }
+        setg(NULL, NULL, NULL);  // Empty get area.
     }
-    return rdbuf();
+
+    return 0;
 }
 
-void 
-PRifstream::attach(PRFileDesc *fd)
-{
-    if (!(rdbuf()->attach(fd)))
-        clear(rdstate() | ios::failbit);
-}
 
-void 
-PRifstream::open(const char * name, int mode, int flags)
+streambuf::int_type PRfilebuf::underflow()
 {
-    if (is_open() || !(rdbuf()->open(name, (mode|ios::in), flags)))
-        clear(rdstate() | ios::failbit);
-}
+    PRInt32 count;
+    char_type byte;
+
+    if (gptr() != NULL && gptr() < egptr()) {
+        return traits_type::to_int_type(*gptr());
+    }
+
+    // Make sure there is a reserve area.
+    if (!_unbuffered && _buf_base == NULL && !allocate()) {
+        return traits_type::eof();
+    }
 
-void 
-PRifstream::close()
-{
-    clear((rdbuf()->close()) ? 0 : (rdstate() | ios::failbit));
-}
+    // Sync before new buffer created below.
+    if (traits_type::eq_int_type(sync(), traits_type::eof())) {
+        return traits_type::eof();
+    }
+
+    if (_unbuffered) {
+        if (PR_Read(_fd, &byte, 1) <= 0) {
+            return traits_type::eof();
+        }
 
-PRofstream::PRofstream():
-ostream(new PRfilebuf)
-{
-    _PRSTR_DELBUF(0);
+        return traits_type::to_int_type(byte);
+    }
+
+    if ((count = PR_Read(_fd, _buf_base, _buf_end - _buf_base)) <= 0) {
+        return traits_type::eof();  // Reached EOF.
+    }
+
+    setg(_buf_base, _buf_base, _buf_base + count);
+    return traits_type::to_int_type(*gptr());
 }
 
-PRofstream::PRofstream(PRFileDesc *fd):
-ostream(new PRfilebuf(fd))
+
+streambuf::int_type PRfilebuf::overflow(int_type c)
 {
-    _PRSTR_DELBUF(0);
-}
+    // Make sure there is a reserve area.
+    if (!_unbuffered && _buf_base == NULL && !allocate()) {
+        return traits_type::eof();
+    }
+
+    // Sync before new buffer created below.
+    if (traits_type::eq_int_type(sync(), traits_type::eof())) {
+        return traits_type::eof();
+    }
+
+    if (!_unbuffered) {
+        setp(_buf_base, _buf_end);
+    }
 
-PRofstream::PRofstream(PRFileDesc *fd, char *buff, int bufflen):
-ostream(new PRfilebuf(fd, buff, bufflen))
-{
-    _PRSTR_DELBUF(0);
+    if (!traits_type::eq_int_type(c, traits_type::eof())) {
+        // Extract the byte to be written.
+        // (Required on big-endian architectures.)
+        char_type byte = traits_type::to_char_type(c);
+        if (!_unbuffered && pptr() < epptr()) {  // Guard against recursion.
+            return sputc(byte);
+        } else {
+            if (PR_Write(_fd, &byte, 1) != 1) {
+                return traits_type::eof();
+            }
+        }
+    }
+
+    return traits_type::not_eof(c);
 }
 
-PRofstream::PRofstream(const char *name, int mode, int flags):
-ostream(new PRfilebuf)
+
+bool PRfilebuf::allocate()
 {
-    _PRSTR_DELBUF(0);
-    if (!rdbuf()->open(name, (mode|ios::out), flags))
-        clear(rdstate() | ios::failbit);
+    char_type *buf = new(nothrow) char_type[BUFSIZ];
+    if (buf == NULL) {
+        return false;
+    }
+
+    setb(buf, buf + BUFSIZ, true);
+    return true;
 }
 
-PRofstream::~PRofstream()
+
+void PRfilebuf::setb(char_type *buf_base, char_type *buf_end, bool user_buf)
 {
-	flush();
+    if (_buf_base && !_user_buf) {
+        delete[] _buf_base;
+    }
 
-	delete rdbuf();
-#ifdef _PRSTR_BP
-	_PRSTR_BP = 0;
-#endif
+    _buf_base = buf_base;
+    _buf_end = buf_end;
+    _user_buf = user_buf;
+}
+
+
+PRifstream::PRifstream():
+    istream(NULL),
+    _filebuf()
+{
+    init(&_filebuf);
 }
 
-streambuf * 
-PRofstream::setbuf(char * ptr, int len)
+
+PRifstream::PRifstream(PRFileDesc *fd):
+    istream(NULL),
+    _filebuf(fd)
 {
-    if ((is_open()) || (!(rdbuf()->setbuf(ptr, len)))){
-        clear(rdstate() | ios::failbit);
-        return 0;
-    }
-    return rdbuf();
+    init(&_filebuf);
+}
+
+
+PRifstream::PRifstream(PRFileDesc *fd, char_type *ptr, streamsize len):
+    istream(NULL),
+    _filebuf(fd, ptr, len)
+{
+    init(&_filebuf);
 }
 
-void 
-PRofstream::attach(PRFileDesc *fd)
+
+PRifstream::PRifstream(const char *name, openmode flags, PRIntn mode):
+    istream(NULL),
+    _filebuf()
 {
-    if (!(rdbuf()->attach(fd)))
-        clear(rdstate() | ios::failbit);
+    init(&_filebuf);
+    if (!_filebuf.open(name, flags | in, mode)) {
+        setstate(failbit);
+    }
 }
 
-void 
-PRofstream::open(const char * name, int mode, int flags)
+
+PRifstream::~PRifstream() { }
+
+
+void PRifstream::open(const char *name, openmode flags, PRIntn mode)
 {
-    if (is_open() || !(rdbuf()->open(name, (mode|ios::out), flags)))
-        clear(rdstate() | ios::failbit);
+    if (is_open() || !_filebuf.open(name, flags | in, mode)) {
+        setstate(failbit);
+    }
 }
 
-void 
-PRofstream::close()
+
+void PRifstream::attach(PRFileDesc *fd)
 {
-    clear((rdbuf()->close()) ? 0 : (rdstate() | ios::failbit));
+    if (!_filebuf.attach(fd)) {
+        setstate(failbit);
+    }
 }
 
-PRfstream::PRfstream():
-iostream(new PRfilebuf)
+
+void PRifstream::close()
 {
-	_PRSTR_DELBUF_C(istream, 0);
-	_PRSTR_DELBUF_C(ostream, 0);
+    if (_filebuf.close() == NULL) {
+        setstate(failbit);
+    }
+}
+
+
+PRofstream::PRofstream():
+    ostream(NULL),
+    _filebuf()
+{
+    init(&_filebuf);
 }
 
-PRfstream::PRfstream(PRFileDesc *fd):
-iostream(new PRfilebuf(fd))
+
+PRofstream::PRofstream(PRFileDesc *fd):
+    ostream(NULL),
+    _filebuf(fd)
 {
-	_PRSTR_DELBUF_C(istream, 0);
-	_PRSTR_DELBUF_C(ostream, 0);
+    init(&_filebuf);
 }
 
-PRfstream::PRfstream(PRFileDesc *fd, char *buff, int bufflen):
-iostream(new PRfilebuf(fd, buff, bufflen))
+
+PRofstream::PRofstream(PRFileDesc *fd, char_type *ptr, streamsize len):
+    ostream(NULL),
+    _filebuf(fd, ptr, len)
 {
-	_PRSTR_DELBUF_C(istream, 0);
-	_PRSTR_DELBUF_C(ostream, 0);
+    init(&_filebuf);
+}
+
+
+PRofstream::PRofstream(const char *name, openmode flags, PRIntn mode):
+    ostream(NULL),
+    _filebuf()
+{
+    init(&_filebuf);
+    if (!_filebuf.open(name, flags | out, mode)) {
+        setstate(failbit);
+    }
 }
 
-PRfstream::PRfstream(const char *name, int mode, int flags):
-iostream(new PRfilebuf)
+
+PRofstream::~PRofstream() { }
+
+
+void PRofstream::open(const char *name, openmode flags, PRIntn mode)
 {
-	_PRSTR_DELBUF_C(istream, 0);
-	_PRSTR_DELBUF_C(ostream, 0);
-    if (!rdbuf()->open(name, (mode|(ios::in|ios::out)), flags))
-        clear(rdstate() | ios::failbit);
+    if (is_open() || !_filebuf.open(name, flags | out, mode)) {
+        setstate(failbit);
+    }
+}
+
+
+void PRofstream::attach(PRFileDesc *fd)
+{
+    if (!_filebuf.attach(fd)) {
+        setstate(failbit);
+    }
 }
 
-PRfstream::~PRfstream()
+
+void PRofstream::close()
 {
-	sync();
-	flush();
+    if (_filebuf.close() == NULL) {
+        setstate(failbit);
+    }
+}
+
 
-	delete rdbuf();
-#ifdef _PRSTR_BP
-	istream::_PRSTR_BP = 0;
-	ostream::_PRSTR_BP = 0;
-#endif
+PRfstream::PRfstream():
+    iostream(NULL),
+    _filebuf()
+{
+    init(&_filebuf);
+}
+
+
+PRfstream::PRfstream(PRFileDesc *fd):
+    iostream(NULL),
+    _filebuf(fd)
+{
+    init(&_filebuf);
 }
 
-streambuf * 
-PRfstream::setbuf(char * ptr, int len)
+
+PRfstream::PRfstream(PRFileDesc *fd, char_type *ptr, streamsize len):
+    iostream(NULL),
+    _filebuf(fd, ptr, len)
 {
-    if ((is_open()) || (!(rdbuf()->setbuf(ptr, len)))){
-        clear(rdstate() | ios::failbit);
-        return 0;
-    }
-    return rdbuf();
+    init(&_filebuf);
 }
 
-void 
-PRfstream::attach(PRFileDesc *fd)
+
+PRfstream::PRfstream(const char *name, openmode flags, PRIntn mode):
+    iostream(NULL),
+    _filebuf()
 {
-    if (!(rdbuf()->attach(fd)))
-        clear(rdstate() | ios::failbit);
+    init(&_filebuf);
+    if (!_filebuf.open(name, flags | in | out, mode)) {
+        setstate(failbit);
+    }
 }
 
-void 
-PRfstream::open(const char * name, int mode, int flags)
+
+PRfstream::~PRfstream() { }
+
+
+void PRfstream::open(const char *name, openmode flags, PRIntn mode)
 {
-    if (is_open() || !(rdbuf()->open(name, (mode|(ios::in|ios::out)), flags)))
-        clear(rdstate() | ios::failbit);
+    if (is_open() || !_filebuf.open(name, flags | in | out, mode)) {
+        setstate(failbit);
+    }
 }
 
-void 
-PRfstream::close()
+
+void PRfstream::attach(PRFileDesc *fd)
 {
-    clear((rdbuf()->close()) ? 0 : (rdstate() | ios::failbit));
+    if (!_filebuf.attach(fd)) {
+        setstate(failbit);
+    }
 }
 
-#else
 
-// fix it sometime
-
-int fix_prfstreams ()	{	return 0; }
-
-#endif
+void PRfstream::close()
+{
+    if (_filebuf.close() == NULL) {
+        setstate(failbit);
+    }
+}
--- a/nsprpub/lib/prstreams/prstrms.h
+++ b/nsprpub/lib/prstreams/prstrms.h
@@ -32,122 +32,141 @@
  * and other provisions required by the GPL or the LGPL. If you do not delete
  * the provisions above, a recipient may use your version of this file under
  * the terms of any one of the MPL, the GPL or the LGPL.
  *
  * ***** END LICENSE BLOCK ***** */
 
 /*
  * Robin J. Maxwell 11-22-96
+ * Fredrik Roubert <roubert@google.com> 2010-07-23
+ * Matt Austern <austern@google.com> 2010-07-23
  */
 
 #ifndef _PRSTRMS_H
 #define _PRSTRMS_H
 
-#include "prtypes.h"
+#include <cstddef>
+#include <istream>
+#include <ostream>
+#include <streambuf>
+
 #include "prio.h"
 
 #ifdef _MSC_VER
-#pragma warning( disable : 4275)
-#endif
-#include <iostream.h>
-
-#if defined(AIX) && defined(__64BIT__)
-typedef long PRstreambuflen;
-#else
-typedef int PRstreambuflen;
+// http://support.microsoft.com/kb/q168958/
+class PR_IMPLEMENT(std::_Mutex);
+class PR_IMPLEMENT(std::ios_base);
 #endif
 
-#if defined (PRFSTREAMS_BROKEN)
 
-// fix it sometime
-
-#define	 PRfilebuf	streambuf
-#define  PRifstream	ifstream
-#define	 PRofstream	ofstream
-#define	 PRfstream	fstream
-
-#else
-
-class PR_IMPLEMENT(PRfilebuf): public streambuf
+class PR_IMPLEMENT(PRfilebuf): public std::streambuf
 {
 public:
     PRfilebuf();
     PRfilebuf(PRFileDesc *fd);
-    PRfilebuf(PRFileDesc *fd, char * buffptr, int bufflen);
-    ~PRfilebuf();
-    virtual	int	overflow(int=EOF);
-    virtual	int	underflow();
-    virtual	streambuf *setbuf(char *buff, PRstreambuflen bufflen);
-    virtual	streampos seekoff(streamoff, ios::seek_dir, int);
+    PRfilebuf(PRFileDesc *fd, char_type *ptr, std::streamsize len);
+    virtual ~PRfilebuf();
+
+    bool is_open() const { return _fd != NULL; }
+
+    PRfilebuf *open(
+                  const char *name,
+                  std::ios_base::openmode flags,
+                  PRIntn mode);
+    PRfilebuf *attach(PRFileDesc *fd);
+    PRfilebuf *close();
+
+protected:
+    virtual std::streambuf *setbuf(char_type *ptr, std::streamsize len);
+    virtual pos_type seekoff(
+                         off_type offset,
+                         std::ios_base::seekdir dir,
+                         std::ios_base::openmode flags);
+    virtual pos_type seekpos(
+                         pos_type pos,
+                         std::ios_base::openmode flags) {
+        return seekoff(pos, std::ios_base::beg, flags);
+    }
     virtual int sync();
-    PRfilebuf *open(const char *name, int mode, int flags);
-   	PRfilebuf *attach(PRFileDesc *fd);
-    PRfilebuf *close();
-   	int	is_open() const {return (_fd != 0);}
-    PRFileDesc *fd(){return _fd;}
+    virtual int_type underflow();
+    virtual int_type overflow(int_type c = traits_type::eof());
+
+    // TODO: Override pbackfail(), showmanyc(), uflow(), xsgetn(), and xsputn().
 
 private:
-    PRFileDesc * _fd;
-    PRBool _opened;
-	PRBool _allocated;
-};
+    bool allocate();
+    void setb(char_type *buf_base, char_type *buf_end, bool user_buf);
 
-class PR_IMPLEMENT(PRifstream): public istream {
-public:
-	PRifstream();
-	PRifstream(const char *, int mode=ios::in, int flags = 0);
-	PRifstream(PRFileDesc *);
-	PRifstream(PRFileDesc *, char *, int);
-	~PRifstream();
-
-	streambuf * setbuf(char *, int);
-	PRfilebuf* rdbuf(){return (PRfilebuf*) ios::rdbuf(); }
-
-	void attach(PRFileDesc *fd);
-	PRFileDesc *fd() {return rdbuf()->fd();}
-
-	int is_open(){return rdbuf()->is_open();}
-	void open(const char *, int mode=ios::in, int flags= 0);
-	void close();
+    PRFileDesc *_fd;
+    bool _opened;
+    bool _allocated;
+    bool _unbuffered;
+    bool _user_buf;
+    char_type *_buf_base;
+    char_type *_buf_end;
 };
 
-class PR_IMPLEMENT(PRofstream) : public ostream {
+
+class PR_IMPLEMENT(PRifstream): public std::istream
+{
 public:
-	PRofstream();
-	PRofstream(const char *, int mode=ios::out, int flags = 0);
-	PRofstream(PRFileDesc *);
-	PRofstream(PRFileDesc *, char *, int);
-	~PRofstream();
-
-	streambuf * setbuf(char *, int);
-	PRfilebuf* rdbuf() { return (PRfilebuf*) ios::rdbuf(); }
-
-	void attach(PRFileDesc *);
-	PRFileDesc *fd() {return rdbuf()->fd();}
+    PRifstream();
+    PRifstream(PRFileDesc *fd);
+    PRifstream(PRFileDesc *fd, char_type *ptr, std::streamsize len);
+    PRifstream(const char *name, openmode flags = in, PRIntn mode = 0);
+    virtual ~PRifstream();
 
-	int is_open(){return rdbuf()->is_open();}
-	void open(const char *, int =ios::out, int = 0);
-	void close();
-};
-	
-class PR_IMPLEMENT(PRfstream) : public iostream {
-public:
-	PRfstream();
-	PRfstream(const char *name, int mode, int flags= 0);
-	PRfstream(PRFileDesc *fd);
-	PRfstream(PRFileDesc *fd, char *buff, int bufflen);
-	~PRfstream();
+    PRfilebuf *rdbuf() const { return &_filebuf; }
+    bool is_open() const { return _filebuf.is_open(); }
 
-	streambuf * setbuf(char *, int);
-	PRfilebuf* rdbuf(){ return (PRfilebuf*) ostream::rdbuf(); }
+    void open(const char *name, openmode flags = in, PRIntn mode = 0);
+    void attach(PRFileDesc *fd);
+    void close();
 
-	void attach(PRFileDesc *);
-	PRFileDesc *fd() { return rdbuf()->fd(); }
-
-	int is_open() { return rdbuf()->is_open(); }
-	void open(const char *, int, int = 0);
-	void close();
+private:
+    mutable PRfilebuf _filebuf;
 };
 
-#endif
+
+class PR_IMPLEMENT(PRofstream): public std::ostream
+{
+public:
+    PRofstream();
+    PRofstream(PRFileDesc *fd);
+    PRofstream(PRFileDesc *fd, char_type *ptr, std::streamsize len);
+    PRofstream(const char *name, openmode flags = out, PRIntn mode = 0);
+    virtual ~PRofstream();
+
+    PRfilebuf *rdbuf() const { return &_filebuf; }
+    bool is_open() const { return _filebuf.is_open(); }
+
+    void open(const char *name, openmode flags = out, PRIntn mode = 0);
+    void attach(PRFileDesc *fd);
+    void close();
+
+private:
+    mutable PRfilebuf _filebuf;
+};
+
+
+class PR_IMPLEMENT(PRfstream): public std::iostream
+{
+public:
+    PRfstream();
+    PRfstream(PRFileDesc *fd);
+    PRfstream(PRFileDesc *fd, char_type *ptr, std::streamsize len);
+    PRfstream(const char *name, openmode flags = in | out, PRIntn mode = 0);
+    virtual ~PRfstream();
+
+    PRfilebuf *rdbuf() const { return &_filebuf; }
+    bool is_open() const { return _filebuf.is_open(); }
+
+    void open(const char *name, openmode flags = in | out, PRIntn mode = 0);
+    void attach(PRFileDesc *fd);
+    void close();
+
+private:
+    mutable PRfilebuf _filebuf;
+};
+
 
 #endif /* _PRSTRMS_H */
--- a/nsprpub/lib/prstreams/tests/testprstrm/testprstrm.cpp
+++ b/nsprpub/lib/prstreams/tests/testprstrm/testprstrm.cpp
@@ -30,67 +30,71 @@
  * use your version of this file under the terms of the MPL, indicate your
  * decision by deleting the provisions above and replace them with the notice
  * and other provisions required by the GPL or the LGPL. If you do not delete
  * the provisions above, a recipient may use your version of this file under
  * the terms of any one of the MPL, the GPL or the LGPL.
  *
  * ***** END LICENSE BLOCK ***** */
 
+#include "prstrms.h"
+
 #include "prinit.h"
-#include "prstrms.h"
 #include "prio.h"
-#include <string.h>
-#include <stdio.h>
-#if defined(XP_UNIX) || defined(XP_OS2)
-#include <sys/types.h>
+#include "prthread.h"
+
+#include <cstring>
+#include <iostream>
+
+#ifdef XP_UNIX
 #include <sys/stat.h>
 #endif
 
+using std::cout;
+using std::endl;
+using std::ios;
+
 const unsigned int MaxCnt = 1;
 
-void threadwork(void *mytag);
-
+typedef struct threadarg {
+    const char *mytag;
+} threadarg;
 
-typedef struct threadarg {
-    void *mytag;
-} threadarg;
+void threadwork(threadarg *arg);
 
 void 
 threadmain(void *mytag)
 {
     threadarg arg;
 
-    arg.mytag = mytag;
+    arg.mytag = static_cast<const char *>(mytag);
 
     threadwork(&arg);
 }
 
-
 void
-threadwork(void *_arg)
+threadwork(threadarg *arg)
 {
-	threadarg *arg = (threadarg *)_arg;
 	unsigned int i;
 
 	char fname1[256];
 	char fname2[256];
 
-	strcpy(fname1, (char *)arg->mytag);
-	strcpy(fname2, (char *)arg->mytag);
+	strcpy(fname1, arg->mytag);
+	strcpy(fname2, arg->mytag);
 	strcat(fname2, "2");
 	PR_Delete(fname1);
 	PR_Delete(fname2);
 
 	PRfilebuf *fb[MaxCnt];
 	PRifstream *ifs[MaxCnt];
 	PRofstream *ofs[MaxCnt];
 	int mode = 0;
 #ifdef XP_UNIX
-	mode = S_IRUSR|S_IWUSR|S_IRGRP|S_IRGRP|S_IWOTH|S_IROTH;
+	mode = S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH;
 #endif
 
 	//
 	// Allocate a bunch
 	cout << "Testing unused filebufs ----------------" << endl;
 	for (i=0; i < MaxCnt; i++){
 		fb[i] = new PRfilebuf;
 	}
@@ -162,40 +166,38 @@ threadwork(void *_arg)
 		*ais2 >> achar;
 	}
 	delete ais2;
 	cout << "Testing use of ifstream 2 complete -------------" << endl;
 }
 
 #define STACKSIZE 1024*1024
 int
-main(int argc, char **argv)
+main()
 {
 	PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 256);
-	threadmain("TestFile");
+	threadmain(const_cast<char *>("TestFile"));
 	PRThread *thr1 = PR_CreateThread(PR_SYSTEM_THREAD, 
 					 threadmain, 
-					 (void *)"TestFile1",
+					 const_cast<char *>("TestFile1"),
 					 PR_PRIORITY_NORMAL,
 					 PR_GLOBAL_THREAD,
 					 PR_JOINABLE_THREAD,
 					 STACKSIZE);
 	PRThread *thr2 = PR_CreateThread(PR_SYSTEM_THREAD, 
 					 threadmain, 
-					 (void *)"TestFile2",
+					 const_cast<char *>("TestFile2"),
 					 PR_PRIORITY_NORMAL,
 					 PR_GLOBAL_THREAD,
 					 PR_JOINABLE_THREAD,
 					 STACKSIZE);
-
 	PRThread *thr3 = PR_CreateThread(PR_SYSTEM_THREAD, 
 					 threadmain, 
-					 (void *)"TestFile3",
+					 const_cast<char *>("TestFile3"),
 					 PR_PRIORITY_NORMAL,
 					 PR_GLOBAL_THREAD,
 					 PR_JOINABLE_THREAD,
 					 STACKSIZE);
 	PR_JoinThread(thr1);
 	PR_JoinThread(thr2);
 	PR_JoinThread(thr3);
 	return 0;
 }
-
--- a/nsprpub/lib/tests/Makefile.in
+++ b/nsprpub/lib/tests/Makefile.in
@@ -47,21 +47,21 @@ include $(MOD_DEPTH)/config/autoconf.mk
 include $(topsrcdir)/config/config.mk
 
 CSRCS = \
 	arena.c \
 	base64t.c \
 	getopt.c \
 	string.c
 
-ifeq (,$(filter-out WINNT OS2,$(OS_ARCH)))
+ifeq (,$(filter-out WINCE WINNT OS2,$(OS_ARCH)))
 CSRCS += arena.c
 endif
 
-ifeq (,$(filter-out WINNT OS2,$(OS_ARCH)))
+ifeq (,$(filter-out WINCE WINNT OS2,$(OS_ARCH)))
 PROG_SUFFIX = .exe
 else
 PROG_SUFFIX =
 endif
 
 PROGS = $(addprefix $(OBJDIR)/, $(CSRCS:.c=$(PROG_SUFFIX)))
 
 TARGETS = $(PROGS) $(OBJS)
@@ -70,19 +70,19 @@ INCLUDES = -I$(dist_includedir)
 
 # Setting the variables LDOPTS and LIBPR.  We first initialize
 # them to the default values, then adjust them for some platforms.
 LDOPTS = -L$(dist_libdir)
 LIBPR = -lnspr$(MOD_MAJOR_VERSION)
 LIBPLC = -lplc$(MOD_MAJOR_VERSION)
 LIBPLDS = -lplds$(MOD_MAJOR_VERSION)
 
-ifeq ($(OS_ARCH), WINNT)
+ifeq (,$(filter-out WINCE WINNT, $(OS_ARCH)))
   LDOPTS = -NOLOGO -DEBUG -INCREMENTAL:NO
-  ifeq ($(OS_TARGET), WIN95)
+  ifeq (,$(filter-out WIN95 WINCE WINMO, $(OS_TARGET)))
   LIBPR = $(dist_libdir)/nspr$(MOD_MAJOR_VERSION).$(LIB_SUFFIX)
   LIBPLC= $(dist_libdir)/plc$(MOD_MAJOR_VERSION).$(LIB_SUFFIX)
   LIBPLDS= $(dist_libdir)/plds$(MOD_MAJOR_VERSION).$(LIB_SUFFIX)
   else
   LIBPR = $(dist_libdir)/libnspr$(MOD_MAJOR_VERSION).$(LIB_SUFFIX)
   LIBPLC= $(dist_libdir)/libplc$(MOD_MAJOR_VERSION).$(LIB_SUFFIX)
   LIBPLDS= $(dist_libdir)/libplds$(MOD_MAJOR_VERSION).$(LIB_SUFFIX)
   endif
@@ -157,16 +157,20 @@ ifeq ($(OS_ARCH), NCR)
 # system libraries when we built libnspr.so.
 EXTRA_LIBS = -lsocket -lnsl
 # This hardcodes in the executable programs the directory to find
 # libnspr.so etc. at program startup.  Equivalent to the -R or -rpath
 # option for ld on other platforms.
 export LD_RUN_PATH = $(PWD)/$(dist_libdir)
 endif
 
+ifeq ($(OS_TARGET),Android)
+LDOPTS = $(OS_LDFLAGS) $(WRAP_MALLOC_LIB)
+endif
+
 #####################################################
 #
 # The rules
 #
 #####################################################
 
 include $(topsrcdir)/config/rules.mk
 
@@ -201,19 +205,23 @@ else
 # All platforms that are not AIX pre-4.2.
 
 $(OBJDIR)/%$(PROG_SUFFIX): $(OBJDIR)/%.$(OBJ_SUFFIX)
 	@$(MAKE_OBJDIR)
 
 ifeq ($(OS_ARCH), WINNT)
 	link $(LDOPTS) $< $(LIBPLC) $(LIBPLDS) $(LIBPR) wsock32.lib -out:$@
 else
+ifeq ($(OS_ARCH), WINCE)
+	$(LD) $(LDOPTS) $< $(LIBPLC) $(LIBPLDS) $(LIBPR) ws2.lib -out:$@
+else
 ifeq ($(OS_ARCH),OS2)
 	$(LINK) $(EXEFLAGS) $(LDOPTS) $< $(LIBPLC)  $(LIBPLDS) $(LIBPR) $(OS_LIBS) $(EXTRA_LIBS)
 else
 	$(CC) $(XCFLAGS) $< $(LDOPTS) $(LIBPLC) $(LIBPLDS) $(LIBPR) $(EXTRA_LIBS) -o $@
 endif
 endif
 endif
+endif
 
 export:: $(TARGETS)
 clean::
 	rm -f $(TARGETS)
--- a/nsprpub/pr/include/pratom.h
+++ b/nsprpub/pr/include/pratom.h
@@ -106,29 +106,29 @@ NSPR_API(PRInt32)	PR_AtomicAdd(PRInt32 *
 ** IMPORTANT NOTE TO NSPR MAINTAINERS:
 **    Implement these macros with compiler intrinsics only on platforms
 **    where the PR_AtomicXXX functions are truly atomic (i.e., where the
 **    configuration macro _PR_HAVE_ATOMIC_OPS is defined).  Otherwise,
 **    the macros and functions won't be compatible and can't be used
 **    interchangeably.
 */
 #if defined(_WIN32) && !defined(_WIN32_WCE) && \
-    defined(_MSC_VER) && (_MSC_VER >= 1310)
+    (!defined(_MSC_VER) || (_MSC_VER >= 1310))
 
 long __cdecl _InterlockedIncrement(long volatile *Addend);
-#pragma intrinsic(_InterlockedIncrement)
-
 long __cdecl _InterlockedDecrement(long volatile *Addend);
-#pragma intrinsic(_InterlockedDecrement)
+long __cdecl _InterlockedExchange(long volatile *Target, long Value);
+long __cdecl _InterlockedExchangeAdd(long volatile *Addend, long Value);
 
-long __cdecl _InterlockedExchange(long volatile *Target, long Value);
+#ifdef _MSC_VER
+#pragma intrinsic(_InterlockedIncrement)
+#pragma intrinsic(_InterlockedDecrement)
 #pragma intrinsic(_InterlockedExchange)
-
-long __cdecl _InterlockedExchangeAdd(long volatile *Addend, long Value);
 #pragma intrinsic(_InterlockedExchangeAdd)
+#endif
 
 #define PR_ATOMIC_INCREMENT(val) _InterlockedIncrement((long volatile *)(val))
 #define PR_ATOMIC_DECREMENT(val) _InterlockedDecrement((long volatile *)(val))
 #define PR_ATOMIC_SET(val, newval) \
         _InterlockedExchange((long volatile *)(val), (long)(newval))
 #define PR_ATOMIC_ADD(ptr, val) \
         (_InterlockedExchangeAdd((long volatile *)(ptr), (long)(val)) + (val))
 
--- a/nsprpub/pr/include/prinit.h
+++ b/nsprpub/pr/include/prinit.h
@@ -58,20 +58,20 @@ PR_BEGIN_EXTERN_C
 /*
 ** NSPR's version is used to determine the likelihood that the version you
 ** used to build your component is anywhere close to being compatible with
 ** what is in the underlying library.
 **
 ** The format of the version string is
 **     "<major version>.<minor version>[.<patch level>] [<Beta>]"
 */
-#define PR_VERSION  "4.8.6"
+#define PR_VERSION  "4.8.7"
 #define PR_VMAJOR   4
 #define PR_VMINOR   8
-#define PR_VPATCH   6
+#define PR_VPATCH   7
 #define PR_BETA     PR_FALSE
 
 /*
 ** PRVersionCheck
 **
 ** The basic signature of the function that is called to provide version
 ** checking. The result will be a boolean that indicates the likelihood
 ** that the underling library will perform as the caller expects.
--- a/nsprpub/pr/include/private/primpl.h
+++ b/nsprpub/pr/include/private/primpl.h
@@ -187,22 +187,17 @@ struct _PT_Notified
 
 #define _PT_THREAD_INTERRUPTED(thr)					\
 		(!(thr->interrupt_blocked) && (thr->state & PT_THREAD_ABORTED))
 #define _PT_THREAD_BLOCK_INTERRUPT(thr)				\
 		(thr->interrupt_blocked = 1)
 #define _PT_THREAD_UNBLOCK_INTERRUPT(thr)			\
 		(thr->interrupt_blocked = 0)
 
-#ifdef GC_LEAK_DETECTOR
-/* All threads are GCable. */
-#define _PT_IS_GCABLE_THREAD(thr) 1
-#else
 #define _PT_IS_GCABLE_THREAD(thr) ((thr)->state & PT_THREAD_GCABLE)
-#endif /* GC_LEAK_DETECTOR */
 
 /* 
 ** Possible values for thread's suspend field
 ** Note that the first two can be the same as they are really mutually exclusive,
 ** i.e. both cannot be happening at the same time. We have two symbolic names
 ** just as a mnemonic.
 **/
 #define PT_THREAD_RESUMED   0x80    /* thread has been resumed */
@@ -628,22 +623,17 @@ NSPR_API(void) _PR_Notify(PRMonitor *mon
                 stackSize = _MD_MINIMUM_STACK_SIZE; \
     stackSize = (stackSize + (1 << _pr_pageShift) - 1) >> _pr_pageShift; \
     stackSize <<= _pr_pageShift; \
         PR_END_MACRO
 #else
 #define        _PR_ADJUST_STACKSIZE(stackSize)
 #endif
 
-#ifdef GC_LEAK_DETECTOR
-/* All threads are GCable. */
-#define _PR_IS_GCABLE_THREAD(thr) 1
-#else
 #define _PR_IS_GCABLE_THREAD(thr) ((thr)->flags & _PR_GCABLE_THREAD)
-#endif /* GC_LEAK_DETECTOR */
 
 #define _PR_PENDING_INTERRUPT(thr)					\
 		(!((thr)->flags & _PR_INTERRUPT_BLOCKED) && ((thr)->flags & _PR_INTERRUPT))
 #define _PR_THREAD_BLOCK_INTERRUPT(thr)			\
 		(thr->flags |= _PR_INTERRUPT_BLOCKED)
 #define _PR_THREAD_UNBLOCK_INTERRUPT(thr)			\
 		(thr->flags &= ~_PR_INTERRUPT_BLOCKED)
 
@@ -1798,19 +1788,16 @@ extern void _PR_CleanupStacks(void);
 #ifdef WINNT
 extern void _PR_CleanupCPUs(void);
 #endif
 extern void _PR_CleanupThreads(void);
 extern void _PR_CleanupTPD(void);
 extern void _PR_Cleanup(void);
 extern void _PR_LogCleanup(void);
 extern void _PR_InitLayerCache(void);
-#ifdef GC_LEAK_DETECTOR
-extern void _PR_InitGarbageCollector(void);
-#endif
 
 extern PRBool _pr_initialized;
 extern void _PR_ImplicitInitialization(void);
 extern PRBool _PR_Obsolete(const char *obsolete, const char *preferred);
 
 /************************************************************************/
 
 struct PRSegment {
--- a/nsprpub/pr/src/Makefile.in
+++ b/nsprpub/pr/src/Makefile.in
@@ -200,24 +200,24 @@ else
 OS_LIBS		= advapi32.lib wsock32.lib winmm.lib
 endif
 endif
 
 ifeq ($(OS_ARCH),WINCE)
 OS_LIBS		= ws2.lib
 endif
 
+ifeq ($(OS_TARGET),Android)
+OS_LIBS		+= -llog
+endif
+
 ifeq ($(OS_TARGET),MacOSX)
 OS_LIBS		= -framework CoreServices -framework CoreFoundation
 endif
 
-ifdef GC_LEAK_DETECTOR
-EXTRA_LIBS	= -L$(dist_libdir) -lboehm
-endif
-
 EXTRA_LIBS += $(OS_LIBS)
 
 #
 # Define platform-dependent OBJS
 #
 
 OBJS = \
     $(OBJDIR)/prvrsion.$(OBJ_SUFFIX) \
@@ -304,20 +304,16 @@ OBJS += \
 	cplus/$(OBJDIR)/rcio.$(OBJ_SUFFIX) \
 	cplus/$(OBJDIR)/rclock.$(OBJ_SUFFIX) \
 	cplus/$(OBJDIR)/rcnetdb.$(OBJ_SUFFIX) \
 	cplus/$(OBJDIR)/rcnetio.$(OBJ_SUFFIX) \
 	cplus/$(OBJDIR)/rcthread.$(OBJ_SUFFIX) \
 	cplus/$(OBJDIR)/rctime.$(OBJ_SUFFIX)
 endif
 
-ifdef GC_LEAK_DETECTOR
-OBJS += memory/$(OBJDIR)/prgcleak.$(OBJ_SUFFIX)
-endif
-
 ifeq ($(OS_ARCH), WINNT)
 RES=$(OBJDIR)/nspr.res
 RESNAME=nspr.rc
 endif # WINNT
 
 include $(srcdir)/md/$(PR_MD_ARCH_DIR)/objs.mk
 ifdef USE_BTHREADS
 include $(srcdir)/bthreads/objs.mk
@@ -379,22 +375,29 @@ ifeq ($(NS_USE_GCC)_$(OS_ARCH),_WINNT)
 else
 	$(CC) -o $@ -c $(CFLAGS) -I$(OBJDIR) $<
 endif
 #
 # Version information generation (end)
 #
 
 
+# We use a 'build' target here to ensure that we build $(TARGETS) after
+# looping over $(DIRS) to create the object files in a parallel build.
+# Recipe commands are executed sequentially in a parallel build while
+# target dependencies are executed in parallel.
+export::
+	$(MAKE) build
+
 #
 # The Client build wants the shared libraries in $(dist_bindir)
 # so we also install them there.
 #
 
-export:: $(TARGETS)
+build:: $(TARGETS)
 	$(INSTALL) -m 444 $(TARGETS) $(dist_libdir)
 ifdef SHARED_LIBRARY
 ifeq ($(OS_ARCH),HP-UX)
 	$(INSTALL) -m 755 $(SHARED_LIBRARY) $(dist_libdir)
 	$(INSTALL) -m 755 $(SHARED_LIBRARY) $(dist_bindir)
 else
 	$(INSTALL) -m 444 $(SHARED_LIBRARY) $(dist_bindir)
 endif
--- a/nsprpub/pr/src/io/prlog.c
+++ b/nsprpub/pr/src/io/prlog.c
@@ -36,16 +36,19 @@
  * the terms of any one of the MPL, the GPL or the LGPL.
  *
  * ***** END LICENSE BLOCK ***** */
 
 #include "primpl.h"
 #include "prenv.h"
 #include "prprf.h"
 #include <string.h>
+#ifdef ANDROID
+#include <android/log.h>
+#endif
 
 /*
  * Lock used to lock the log.
  *
  * We can't define _PR_LOCK_LOG simply as PR_Lock because PR_Lock may
  * contain assertions.  We have to avoid assertions in _PR_LOCK_LOG
  * because PR_ASSERT calls PR_LogPrint, which in turn calls _PR_LOCK_LOG.
  * This can lead to infinite recursion.
@@ -121,16 +124,28 @@ static void OutputDebugStringA(const cha
         buf[nb] = savebyte; \
     } else { \
         fwrite(buf, 1, nb, fd); \
         fflush(fd); \
     } \
     PR_END_MACRO
 #elif defined(_PR_USE_STDIO_FOR_LOGGING)
 #define _PUT_LOG(fd, buf, nb) {fwrite(buf, 1, nb, fd); fflush(fd);}
+#elif defined(ANDROID)
+#define _PUT_LOG(fd, buf, nb)                                \
+    PR_BEGIN_MACRO                                           \
+    if (fd == _pr_stderr) {                                  \
+        char savebyte = buf[nb];                             \
+        buf[nb] = '\0';                                      \
+        __android_log_write(ANDROID_LOG_INFO, "PRLog", buf); \
+        buf[nb] = savebyte;                                  \
+    } else {                                                 \
+        PR_Write(fd, buf, nb);                               \
+    }                                                        \
+    PR_END_MACRO
 #elif defined(_PR_PTHREADS)
 #define _PUT_LOG(fd, buf, nb) PR_Write(fd, buf, nb)
 #else
 #define _PUT_LOG(fd, buf, nb) _PR_MD_WRITE(fd, buf, nb)
 #endif
 
 /************************************************************************/
 
@@ -546,19 +561,18 @@ PR_IMPLEMENT(void) PR_Abort(void)
 {
     PR_LogPrint("Aborting");
     abort();
 }
 
 PR_IMPLEMENT(void) PR_Assert(const char *s, const char *file, PRIntn ln)
 {
     PR_LogPrint("Assertion failure: %s, at %s:%d\n", s, file, ln);
-#if defined(XP_UNIX) || defined(XP_OS2) || defined(XP_BEOS)
     fprintf(stderr, "Assertion failure: %s, at %s:%d\n", s, file, ln);
-#endif
+    fflush(stderr);
 #ifdef WIN32
     DebugBreak();
 #endif
 #ifdef XP_OS2
     asm("int $3");
 #endif
     abort();
 }
--- a/nsprpub/pr/src/linking/prlink.c
+++ b/nsprpub/pr/src/linking/prlink.c
@@ -480,20 +480,26 @@ static NSModule
 pr_LoadMachDyldModule(const char *name)
 {
     NSObjectFileImage ofi;
     NSModule h = NULL;
     if (NSCreateObjectFileImageFromFile(name, &ofi)
             == NSObjectFileImageSuccess) {
         h = NSLinkModule(ofi, name, NSLINKMODULE_OPTION_PRIVATE
                          | NSLINKMODULE_OPTION_RETURN_ON_ERROR);
-        /*
-         * TODO: If NSLinkModule fails, use NSLinkEditError to retrieve
-         * error information.
-         */
+        if (h == NULL) {
+            NSLinkEditErrors linkEditError;
+            int errorNum;
+            const char *fileName;
+            const char *errorString;
+            NSLinkEditError(&linkEditError, &errorNum, &fileName, &errorString);
+            PR_LOG(_pr_linker_lm, PR_LOG_MIN, 
+                   ("LoadMachDyldModule error %d:%d for file %s:\n%s",
+                    linkEditError, errorNum, fileName, errorString));
+        }
         if (NSDestroyObjectFileImage(ofi) == FALSE) {
             if (h) {
                 (void)NSUnLinkModule(h, NSUNLINKMODULE_OPTION_NONE);
                 h = NULL;
             }
         }
     }
     return h;
@@ -643,18 +649,18 @@ pr_LoadViaDyld(const char *name, PRLibra
 {
     lm->dlh = pr_LoadMachDyldModule(name);
     if (lm->dlh == NULL) {
         lm->image = NSAddImage(name, NSADDIMAGE_OPTION_RETURN_ON_ERROR
                                | NSADDIMAGE_OPTION_WITH_SEARCHING);
         if (lm->image == NULL) {
             NSLinkEditErrors linkEditError;
             int errorNum;
+            const char *fileName;
             const char *errorString;
-            const char *fileName;
             NSLinkEditError(&linkEditError, &errorNum, &fileName, &errorString);
             PR_LOG(_pr_linker_lm, PR_LOG_MIN, 
                    ("LoadMachDyldModule error %d:%d for file %s:\n%s",
                     linkEditError, errorNum, fileName, errorString));
         }
     }
     return (lm->dlh != NULL || lm->image != NULL) ? PR_SUCCESS : PR_FAILURE;
 }
--- a/nsprpub/pr/src/md/windows/ntgc.c
+++ b/nsprpub/pr/src/md/windows/ntgc.c
@@ -82,17 +82,17 @@ PRWord *_MD_HomeGCRegisters(PRThread *t,
         /* 
         ** EAX is on the stack (ESP+0)
         ** EDX is on the stack (ESP+4)
         ** ECX is on the stack (ESP+8)
         */
         t->md.gcContext[0] = 0;                /* context.Eax */
         t->md.gcContext[1] = fiberData[0x2e];  /* context.Ebx */
         t->md.gcContext[2] = 0;                /* context.Ecx */
-        t->md.gcContext[2] = 0;                /* context.Edx */
+        t->md.gcContext[3] = 0;                /* context.Edx */
         t->md.gcContext[4] = fiberData[0x2d];  /* context.Esi */
         t->md.gcContext[5] = fiberData[0x2c];  /* context.Edi */
         t->md.gcContext[6] = fiberData[0x36];  /* context.Esp */
         t->md.gcContext[7] = fiberData[0x32];  /* context.Ebp */
         *np = PR_NUM_GCREGS;
 #endif
     }
     return (PRWord *)&t->md.gcContext;
--- a/nsprpub/pr/src/md/windows/ntmisc.c
+++ b/nsprpub/pr/src/md/windows/ntmisc.c
@@ -592,16 +592,17 @@ PRProcess * _PR_CreateWindowsProcess(
 #ifdef WINCE
     STARTUPINFOW startupInfo;
     PRUnichar *wideCmdLine;
     PRUnichar *wideCwd;
     int len = 0;
 #else
     STARTUPINFO startupInfo;
 #endif
+    DWORD creationFlags = 0;
     PROCESS_INFORMATION procInfo;
     BOOL retVal;
     char *cmdLine = NULL;
     char *envBlock = NULL;
     char **newEnvp = NULL;
     const char *cwd = NULL; /* current working directory */
     PRProcess *proc = NULL;
     PRBool hasFdInheritBuffer;
@@ -672,16 +673,22 @@ PRProcess * _PR_CreateWindowsProcess(
         startupInfo.hStdError = GetStdHandle(STD_ERROR_HANDLE);
         if (attr->stdinFd) {
             startupInfo.hStdInput = (HANDLE) attr->stdinFd->secret->md.osfd;
             redirected = PR_TRUE;
         }
         if (attr->stdoutFd) {
             startupInfo.hStdOutput = (HANDLE) attr->stdoutFd->secret->md.osfd;
             redirected = PR_TRUE;
+            /*
+             * If stdout is redirected, we can assume that the process will
+             * not write anything useful to the console windows, and therefore
+             * automatically set the CREATE_NO_WINDOW flag.
+             */
+            creationFlags |= CREATE_NO_WINDOW;
         }
         if (attr->stderrFd) {
             startupInfo.hStdError = (HANDLE) attr->stderrFd->secret->md.osfd;
             redirected = PR_TRUE;
         }
         if (redirected) {
             startupInfo.dwFlags |= STARTF_USESTDHANDLES;
         }
@@ -698,17 +705,17 @@ PRProcess * _PR_CreateWindowsProcess(
     MultiByteToWideChar(CP_ACP, 0, cwd, -1, wideCwd, len);
     retVal = CreateProcessW(NULL,
                             wideCmdLine,
                             NULL,  /* security attributes for the new
                                     * process */
                             NULL,  /* security attributes for the primary
                                     * thread in the new process */
                             TRUE,  /* inherit handles */
-                            0,     /* creation flags */
+                            creationFlags,
                             envBlock,  /* an environment block, consisting
                                         * of a null-terminated block of
                                         * null-terminated strings.  Each
                                         * string is in the form:
                                         *     name=value
                                         * XXX: usually NULL */
                             wideCwd,  /* current drive and directory */
                             &startupInfo,
@@ -719,17 +726,17 @@ PRProcess * _PR_CreateWindowsProcess(
 #else
     retVal = CreateProcess(NULL,
                            cmdLine,
                            NULL,  /* security attributes for the new
                                    * process */
                            NULL,  /* security attributes for the primary
                                    * thread in the new process */
                            TRUE,  /* inherit handles */
-                           0,     /* creation flags */
+                           creationFlags,
                            envBlock,  /* an environment block, consisting
                                        * of a null-terminated block of
                                        * null-terminated strings.  Each
                                        * string is in the form:
                                        *     name=value
                                        * XXX: usually NULL */
                            cwd,  /* current drive and directory */
                            &startupInfo,
--- a/nsprpub/pr/src/memory/Makefile.in
+++ b/nsprpub/pr/src/memory/Makefile.in
@@ -43,27 +43,19 @@ srcdir		= @srcdir@
 VPATH		= @srcdir@
 
 include $(MOD_DEPTH)/config/autoconf.mk
 
 include $(topsrcdir)/config/config.mk
 
 CSRCS = prseg.c prshm.c prshma.c
 
-ifdef GC_LEAK_DETECTOR
-CSRCS += prgcleak.c
-endif
-
 TARGETS	= $(OBJS)
 
 INCLUDES = -I$(dist_includedir) -I$(topsrcdir)/pr/include -I$(topsrcdir)/pr/include/private
 
-ifdef GC_LEAK_DETECTOR
-INCLUDES += -I$(dist_includedir)/.. -I$(dist_includedir)/../boehm
-endif
-
 DEFINES += -D_NSPR_BUILD_
 
 include $(topsrcdir)/config/rules.mk
 
 export:: $(TARGETS)
 
 
deleted file mode 100644
--- a/nsprpub/pr/src/memory/prgcleak.c
+++ /dev/null
@@ -1,122 +0,0 @@
-/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape Portable Runtime (NSPR).
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1999-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *   Patrick Beard <beard@netscape.com>
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-/*
- * prgcleak.c
- */
-
-#ifdef GC_LEAK_DETECTOR
-
-/* for FILE */
-#include <stdio.h>
-
-/* NSPR stuff */
-#include "generic_threads.h"
-#include "primpl.h"
-
-extern FILE *GC_stdout, *GC_stderr;
-
-extern void GC_gcollect(void);
-extern void GC_clear_roots(void);
-
-static PRStatus PR_CALLBACK scanner(PRThread* t, void** baseAddr,
-                                    PRUword count, void* closure)
-{
-    if (count) {
-        char* begin = (char*)baseAddr;
-        char* end = (char*)(baseAddr + count);
-        GC_mark_range_proc marker = (GC_mark_range_proc) closure;
-        marker(begin, end);
-    }
-    return PR_SUCCESS;
-}
-
-static void mark_all_stacks(GC_mark_range_proc marker)
-{
-    PR_ScanStackPointers(&scanner, (void *)marker);
-}
-
-#if defined(_PR_PTHREADS)
-#define _PR_MD_CURRENT_CPU() 1
-#endif
-
-static void locker(void* mutex)
-{
-    if (_PR_MD_CURRENT_CPU())
-        PR_EnterMonitor(mutex);
-}
-
-static void unlocker(void* mutex)
-{
-    if (_PR_MD_CURRENT_CPU())
-        PR_ExitMonitor(mutex);
-}
-
-static void stopper(void* unused)
-{
-    if (_PR_MD_CURRENT_CPU())
-        PR_SuspendAll();
-}
-
-static void starter(void* unused)
-{
-    if (_PR_MD_CURRENT_CPU())
-        PR_ResumeAll();
-}
-
-void _PR_InitGarbageCollector()
-{
-    void* mutex;
-
-    /* redirect GC's stderr to catch startup leaks. */
-    GC_stderr = fopen("StartupLeaks", "w");
-
-    mutex = PR_NewMonitor();
-    PR_ASSERT(mutex != NULL);
-
-    GC_generic_init_threads(&mark_all_stacks, mutex,
-            &locker, &unlocker,
-            &stopper, &starter);
-}
-
-void _PR_ShutdownGarbageCollector()
-{
-    /* do anything you need to shut down the collector. */
-}
-
-#endif /* GC_LEAK_DETECTOR */
--- a/nsprpub/pr/src/misc/prdtoa.c
+++ b/nsprpub/pr/src/misc/prdtoa.c
@@ -79,16 +79,18 @@ void _PR_CleanupDtoa(void)
 #else
 #define IEEE_MC68k
 #endif
 
 #define Long PRInt32
 #define ULong PRUint32
 #define NO_LONG_LONG
 
+#define No_Hex_NaN
+
 /****************************************************************
  *
  * The author of this software is David M. Gay.
  *
  * Copyright (c) 1991, 2000, 2001 by Lucent Technologies.
  *
  * Permission to use, copy, modify, and distribute this software for any
  * purpose without fee is hereby granted, provided that this entire notice
--- a/nsprpub/pr/src/misc/prinit.c
+++ b/nsprpub/pr/src/misc/prinit.c
@@ -200,20 +200,16 @@ static void _PR_InitStuff(void)
 	_PR_InitTPD();
     _PR_InitEnv();
     _PR_InitLayerCache();
     _PR_InitClock();
 
     _pr_sleeplock = PR_NewLock();
     PR_ASSERT(NULL != _pr_sleeplock);
 
-#ifdef GC_LEAK_DETECTOR
-    _PR_InitGarbageCollector();
-#endif
-
     _PR_InitThreads(PR_USER_THREAD, PR_PRIORITY_NORMAL, 0);
     
 #ifdef WIN16
 	{
 	PRInt32 top;   /* artificial top of stack, win16 */
     _pr_top_of_task_stack = (char *) &top;
 	}
 #endif    
--- a/nsprpub/pr/src/misc/prthinfo.c
+++ b/nsprpub/pr/src/misc/prthinfo.c
@@ -144,25 +144,23 @@ PR_ThreadScanStackPointers(PRThread* t,
     **
     ** The execution environment better be accounted for otherwise it
     ** will be collected
     */
     status = scanFun(t, (void**)&t->environment, 1, scanClosure);
     if (status != PR_SUCCESS)
         return status;
 
-#ifndef GC_LEAK_DETECTOR
     /* if thread is not allocated on stack, this is redundant. */
     ptd = t->privateData;
     for (index = 0; index < t->tpdLength; index++, ptd++) {
         status = scanFun(t, (void**)ptd, 1, scanClosure);
         if (status != PR_SUCCESS)
             return status;
     }
-#endif
     
     return PR_SUCCESS;
 }
 
 /* transducer for PR_EnumerateThreads */
 typedef struct PRScanStackData {
     PRScanStackFun      scanFun;
     void*               scanClosure;
--- a/nsprpub/pr/src/pthreads/ptio.c
+++ b/nsprpub/pr/src/pthreads/ptio.c
@@ -3447,17 +3447,19 @@ PRInt32 osfd;
 #endif	/* _PR_INET6_PROBE */
 #endif
 
 PR_IMPLEMENT(PRFileDesc*) PR_Socket(PRInt32 domain, PRInt32 type, PRInt32 proto)
 {
     PRIntn osfd;
     PRDescType ftype;
     PRFileDesc *fd = NULL;
-	PRInt32 tmp_domain = domain;
+#if defined(_PR_INET6_PROBE) || !defined(_PR_INET6)
+    PRInt32 tmp_domain = domain;
+#endif
 
     if (!_pr_initialized) _PR_ImplicitInitialization();
 
     if (pt_TestAbort()) return NULL;
 
     if (PF_INET != domain
         && PR_AF_INET6 != domain
         && PF_UNIX != domain)
--- a/nsprpub/pr/src/pthreads/ptthread.c
+++ b/nsprpub/pr/src/pthreads/ptthread.c
@@ -97,76 +97,35 @@ static PRIntn pt_PriorityMap(PRThreadPri
     return 10;
 #else
     return pt_book.minPrio +
 	    pri * (pt_book.maxPrio - pt_book.minPrio) / PR_PRIORITY_LAST;
 #endif
 }
 #endif
 
-#if defined(GC_LEAK_DETECTOR) && (__GLIBC__ >= 2) && defined(__i386__) 
-
-#include <setjmp.h>
-
-typedef struct stack_frame stack_frame;
-
-struct stack_frame {
-    stack_frame* next;
-    void* pc;
-};
-
-static stack_frame* GetStackFrame()
-{
-    jmp_buf jb;
-    stack_frame* currentFrame;
-    setjmp(jb);
-    currentFrame = (stack_frame*)(jb[0].__jmpbuf[JB_BP]);
-    currentFrame = currentFrame->next;
-    return currentFrame;
-}
-
-static void* GetStackTop()
-{
-    stack_frame* frame;
-    frame = GetStackFrame();
-    while (frame != NULL)
-    {
-        ptrdiff_t pc = (ptrdiff_t)frame->pc;
-        if ((pc < 0x08000000) || (pc > 0x7fffffff) || (frame->next < frame))
-            return frame;
-        frame = frame->next;
-    }
-    return NULL;
-}
-#endif /* GC_LEAK_DETECTOR && (__GLIBC__ >= 2) && __i386__ */
-
 /*
 ** Initialize a stack for a native pthread thread
 */
 static void _PR_InitializeStack(PRThreadStack *ts)
 {
     if( ts && (ts->stackTop == 0) ) {
         ts->allocBase = (char *) &ts;
         ts->allocSize = ts->stackSize;
 
         /*
         ** Setup stackTop and stackBottom values.
         */
 #ifdef HAVE_STACK_GROWING_UP
         ts->stackBottom = ts->allocBase + ts->stackSize;
         ts->stackTop = ts->allocBase;
 #else
-#ifdef GC_LEAK_DETECTOR
-        ts->stackTop    = GetStackTop();
-        ts->stackBottom = ts->stackTop - ts->stackSize;
-#else
         ts->stackTop    = ts->allocBase;
         ts->stackBottom = ts->allocBase - ts->stackSize;
 #endif
-#endif
     }
 }
 
 static void *_pt_root(void *arg)
 {
     PRIntn rv;
     PRThread *thred = (PRThread*)arg;
     PRBool detached = (thred->state & PT_THREAD_DETACHED) ? PR_TRUE : PR_FALSE;
@@ -816,18 +775,38 @@ PR_IMPLEMENT(PRStatus) PR_Sleep(PRInterv
         PR_Unlock(_pr_sleeplock);
         PR_DestroyCondVar(cv);
     }
     return rv;
 }  /* PR_Sleep */
 
 static void _pt_thread_death(void *arg)
 {
+    void *thred;
+    int rv;
+
+    _PT_PTHREAD_GETSPECIFIC(pt_book.key, thred);
+    if (NULL == thred)
+    {
+        /*
+         * Have PR_GetCurrentThread return the expected value to the
+         * destructors.
+         */
+        rv = pthread_setspecific(pt_book.key, arg);
+        PR_ASSERT(0 == rv);
+    }
+
     /* PR_TRUE for: call destructors */ 
     _pt_thread_death_internal(arg, PR_TRUE);
+
+    if (NULL == thred)
+    {
+        rv = pthread_setspecific(pt_book.key, NULL);
+        PR_ASSERT(0 == rv);
+    }
 }
 
 static void _pt_thread_death_internal(void *arg, PRBool callDestructors)
 {
     PRThread *thred = (PRThread*)arg;
 
     if (thred->state & (PT_THREAD_FOREIGN|PT_THREAD_PRIMORD))
     {
--- a/nsprpub/pr/src/threads/combined/prucpu.c
+++ b/nsprpub/pr/src/threads/combined/prucpu.c
@@ -49,17 +49,17 @@ PRInt32 _pr_md_idle_cpus;       /* numbe
  */
 #if !defined(_PR_LOCAL_THREADS_ONLY) && !defined(_PR_GLOBAL_THREADS_ONLY)
 #ifndef _PR_HAVE_ATOMIC_OPS
 static _MDLock _pr_md_idle_cpus_lock;
 #endif
 #endif
 PRUintn _pr_numCPU;
 PRInt32 _pr_cpus_exit;
-PRInt32 _pr_cpu_affinity_mask = 0;
+PRUint32 _pr_cpu_affinity_mask = 0;
 
 #if !defined (_PR_GLOBAL_THREADS_ONLY)
 
 static PRUintn _pr_cpuID;
 
 static void PR_CALLBACK _PR_CPU_Idle(void *);
 
 static _PRCPU *_PR_CreateCPU(void);
--- a/nsprpub/pr/src/threads/combined/pruthr.c
+++ b/nsprpub/pr/src/threads/combined/pruthr.c
@@ -1260,24 +1260,16 @@ PR_IMPLEMENT(PRThread*) _PR_CreateThread
             thread = (PRThread*) top;
             /*
              * Make stack 64-byte aligned
              */
             if ((PRUptrdiff)top & 0x3f) {
                 top = (char*)((PRUptrdiff)top & ~0x3f);
             }
 #endif
-#if defined(GC_LEAK_DETECTOR)
-            /*
-             * sorry, it is not safe to allocate the thread on the stack,
-             * because we assign to this object before the GC can learn
-             * about this thread. we'll just leak thread objects instead.
-             */
-            thread = PR_NEW(PRThread);
-#endif
             stack->thr = thread;
             memset(thread, 0, sizeof(PRThread));
             thread->threadAllocatedOnStack = 1;
 #else
             thread = _PR_MD_CREATE_USER_THREAD(stackSize, start, arg);
             if (!thread) {
                 PR_SetError(PR_OUT_OF_MEMORY_ERROR, 0);
                 return NULL;
--- a/nsprpub/pr/tests/Makefile.in
+++ b/nsprpub/pr/tests/Makefile.in
@@ -446,19 +446,19 @@ ifeq (,$(filter-out FreeBSD OpenBSD BSD_
 LIBPTHREAD =
 endif
 ifeq ($(OS_ARCH)$(basename $(OS_RELEASE)),HP-UXB.10)
 LIBPTHREAD = -ldce
 endif
 endif
 
 ifeq ($(OS_TARGET),Android)
-LDOPTS=$(OS_LDFLAGS)
-LIBPTHREAD=
-XCFLAGS=${OS_CFLAGS}
+LDOPTS = $(OS_LDFLAGS) $(WRAP_MALLOC_LIB)
+LIBPTHREAD =
+XCFLAGS = $(OS_CFLAGS)
 endif
 
 #####################################################
 #
 # The rules
 #
 #####################################################
 
--- a/nsprpub/pr/tests/op_filok.c
+++ b/nsprpub/pr/tests/op_filok.c
@@ -50,48 +50,27 @@
 ***********************************************************************/
 /* Used to get the command line option */
 #include "prinit.h"
 #include "prmem.h"
 #include "prio.h"
 #include "prerror.h"
 #include <stdio.h>
 
-/*
- * The name of a file that is guaranteed to exist
- * on every machine of a particular OS.
- */
-#if defined(SYMBIAN)
-#define EXISTING_FILENAME "z:\\system\\install\\Series60v3.0.sis"
-#elif defined (XP_UNIX)
-#define EXISTING_FILENAME "/bin/sh"
-#elif defined(WINCE)
-#define EXISTING_FILENAME "/Windows/services.exe"
-#elif defined(WIN32)
-#define EXISTING_FILENAME "c:/autoexec.bat"
-#elif defined(OS2)
-#define EXISTING_FILENAME "c:/config.sys"
-#elif defined(BEOS)
-#define EXISTING_FILENAME "/boot/beos/bin/sh"
-#else
-#error "Unknown OS"
-#endif
-
 static PRFileDesc *t1;
 
 int main(int argc, char **argv)
 {
     PR_STDIO_INIT();
 
-	t1 = PR_Open(EXISTING_FILENAME, PR_RDONLY, 0666);
+ 	t1 = PR_Open(argv[0], PR_RDONLY, 0666);
 
 	if (t1 == NULL) {
 		printf ("error code is %d \n", PR_GetError());
-		printf ("File %s should be found\n",
-				EXISTING_FILENAME);
+ 		printf ("File %s should be found\n", argv[0]);
 		return 1;
 	} else {
 		if (PR_Close(t1) == PR_SUCCESS) {
 			printf ("Test passed \n");
 			return 0;
 		} else {
 			printf ("cannot close file\n");
 			printf ("error code is %d\n", PR_GetError());
--- a/nsprpub/pr/tests/suspend.c
+++ b/nsprpub/pr/tests/suspend.c
@@ -103,18 +103,19 @@ static PRStatus PR_CALLBACK print_thread
     PRInt32 words;
     PRWord *registers;
 
     printf(
         "\nprint_thread[0x%lx]: %-20s - i = %ld\n",thread, 
         (PR_GLOBAL_THREAD == PR_GetThreadScope(thread)) ?
         "PR_GLOBAL_THREAD" : "PR_LOCAL_THREAD", i);
     registers = PR_GetGCRegisters(thread, 0, (int *)&words);
-    printf("Regsters R0 = 0x%x R1 = 0x%x R2 = 0x%x R3 = 0x%x\n",
-        registers[0],registers[1],registers[2],registers[3]);
+    if (registers)
+        printf("Registers R0 = 0x%x R1 = 0x%x R2 = 0x%x R3 = 0x%x\n",
+            registers[0],registers[1],registers[2],registers[3]);
     printf("Stack Pointer = 0x%lx\n", PR_GetSP(thread));
     return PR_SUCCESS;
 }
 
 static void Level_0_Thread(PRThreadScope scope1, PRThreadScope scope2)
 {
     PRThread *thr;
     PRThread *me = PR_GetCurrentThread();
@@ -144,18 +145,19 @@ static void Level_0_Thread(PRThreadScope
             "PR_GLOBAL_THREAD" : "PR_LOCAL_THREAD",
             thr);
 
         PR_Sleep(0);
     }
     PR_SuspendAll();
     PR_EnumerateThreads(print_thread, NULL);
     registers = PR_GetGCRegisters(me, 1, (int *)&words);
-    printf("My Registers: R0 = 0x%x R1 = 0x%x R2 = 0x%x R3 = 0x%x\n",
-        registers[0],registers[1],registers[2],registers[3]);
+    if (registers)
+        printf("My Registers: R0 = 0x%x R1 = 0x%x R2 = 0x%x R3 = 0x%x\n",
+            registers[0],registers[1],registers[2],registers[3]);
     printf("My Stack Pointer = 0x%lx\n", PR_GetSP(me));
     PR_ResumeAll();
 
     /* Wait for all threads to exit */
     PR_EnterMonitor(mon);
     while (alive) {
         PR_Wait(mon, PR_INTERVAL_NO_TIMEOUT);
     }
--- a/nsprpub/pr/tests/vercheck.c
+++ b/nsprpub/pr/tests/vercheck.c
@@ -47,31 +47,31 @@
  */
 
 #include "prinit.h"
 
 #include <stdio.h>
 #include <stdlib.h>
 
 /*
- * This release (4.8.6) is backward compatible with the
+ * This release (4.8.7) is backward compatible with the
  * 4.0.x, 4.1.x, 4.2.x, 4.3.x, 4.4.x, 4.5.x, 4.6.x, 4.7.x,
- * 4.8, 4.8.1, 4.8.2, 4.8.3, 4.8.4, and 4.8.5 releases.
+ * 4.8, 4.8.1, 4.8.2, 4.8.3, 4.8.4, 4.8.5, and 4.8.6 releases.
  * It, of course, is compatible with itself.
  */
 static char *compatible_version[] = {
     "4.0", "4.0.1", "4.1", "4.1.1", "4.1.2", "4.1.3",
     "4.2", "4.2.1", "4.2.2", "4.3", "4.4", "4.4.1",
     "4.5", "4.5.1",
     "4.6", "4.6.1", "4.6.2", "4.6.3", "4.6.4", "4.6.5",
     "4.6.6", "4.6.7", "4.6.8",
     "4.7", "4.7.1", "4.7.2", "4.7.3", "4.7.4", "4.7.5",
     "4.7.6",
     "4.8", "4.8.1", "4.8.2", "4.8.3", "4.8.4", "4.8.5",
-    PR_VERSION
+    "4.8.6", PR_VERSION
 };
 
 /*
  * This release is not backward compatible with the old
  * NSPR 2.1 and 3.x releases.
  *
  * Any release is incompatible with future releases and
  * patches.
--- a/security/coreconf/coreconf.dep
+++ b/security/coreconf/coreconf.dep
@@ -38,8 +38,9 @@
 /*
  * A dummy header file that is a dependency for all the object files.
  * Used to force a full recompilation of NSS in Mozilla's Tinderbox
  * depend builds.  See comments in rules.mk.
  */
 
 #error "Do not include this header file."
 
+
--- a/security/nss/cmd/bltest/blapitest.c
+++ b/security/nss/cmd/bltest/blapitest.c
@@ -116,17 +116,17 @@ char *testdir = NULL;
 #define TIMETOFINISH() \
     PR_IntervalNow() - time1 >= time2
 
 static void Usage()
 {
 #define PRINTUSAGE(subject, option, predicate) \
     fprintf(stderr, "%10s %s\t%s\n", subject, option, predicate);
     fprintf(stderr, "\n");
-    PRINTUSAGE(progName, "[-DEHSV]", "List available cipher modes"); /* XXX */
+    PRINTUSAGE(progName, "[-DEHSVR]", "List available cipher modes"); /* XXX */
     fprintf(stderr, "\n");
     PRINTUSAGE(progName, "-E -m mode ", "Encrypt a buffer");
     PRINTUSAGE("",	"", "[-i plaintext] [-o ciphertext] [-k key] [-v iv]");
     PRINTUSAGE("",	"", "[-b bufsize] [-g keysize] [-e exp] [-r rounds]");
     PRINTUSAGE("",	"", "[-w wordsize] [-p repetitions | -5 time_interval]");
     PRINTUSAGE("",	"", "[-4 th_num]");
     PRINTUSAGE("",	"-m", "cipher mode to use");
     PRINTUSAGE("",	"-i", "file which contains input buffer");
@@ -213,16 +213,23 @@ static void Usage()
     PRINTUSAGE("",	"-5", "run test for specified time interval(in seconds)");
     fprintf(stderr, "\n");
     PRINTUSAGE(progName, "-N -m mode -b bufsize", 
                                             "Create a nonce plaintext and key");
     PRINTUSAGE("",      "", "[-g keysize] [-u cxreps]");
     PRINTUSAGE("",	"-g", "key size (in bytes)");
     PRINTUSAGE("",      "-u", "number of repetitions of context creation");
     fprintf(stderr, "\n");
+    PRINTUSAGE(progName, "-R [-g keysize] [-e exp]", 
+                                            "Test the RSA populate key function");
+    PRINTUSAGE("",      "", "[-r repetitions]");
+    PRINTUSAGE("",	"-g", "key size (in bytes)");
+    PRINTUSAGE("", 	"-e", "rsa public exponent");
+    PRINTUSAGE("", 	"-r", "repetitions of the test");
+    fprintf(stderr, "\n");
     PRINTUSAGE(progName, "-F", "Run the FIPS self-test");
     fprintf(stderr, "\n");
     PRINTUSAGE(progName, "-T [-m mode1,mode2...]", "Run the BLAPI self-test");
     fprintf(stderr, "\n");
     exit(1);
 }
 
 /*  Helper functions for ascii<-->binary conversion/reading/writing */
@@ -3132,24 +3139,211 @@ void ThreadExecTest(void *data)
                    cipherInfo->input.buf.len);
         }
     } else {
         cipherDoOp(cipherInfo);
     }
     cipherFinish(cipherInfo);
 }
 
+static void rsaPrivKeyReset(RSAPrivateKey *tstKey)
+{
+    PLArenaPool *arena;
+
+    tstKey->version.data = NULL;
+    tstKey->version.len = 0;
+    tstKey->modulus.data = NULL;
+    tstKey->modulus.len = 0;
+    tstKey->publicExponent.data = NULL;
+    tstKey->publicExponent.len = 0;
+    tstKey->privateExponent.data = NULL;
+    tstKey->privateExponent.len = 0;
+    tstKey->prime1.data = NULL;
+    tstKey->prime1.len = 0;
+    tstKey->prime2.data = NULL;
+    tstKey->prime2.len = 0;
+    tstKey->exponent1.data = NULL;
+    tstKey->exponent1.len = 0;
+    tstKey->exponent2.data = NULL;
+    tstKey->exponent2.len = 0;
+    tstKey->coefficient.data = NULL;
+    tstKey->coefficient.len = 0;
+
+    arena = tstKey->arena;
+    tstKey->arena = NULL;
+    if (arena) {
+	PORT_FreeArena(arena, PR_TRUE);
+    }
+}
+
+
+#define RSA_TEST_EQUAL(comp) \
+    if (!SECITEM_ItemsAreEqual(&(src->comp),&(dest->comp))) { \
+	fprintf(stderr, "key->" #comp " not equal"); \
+	if (src->comp.len != dest->comp.len) { \
+	    fprintf(stderr, "src_len = %d, dest_len = %d",  \
+					src->comp.len, dest->comp.len); \
+	} \
+	fprintf(stderr, "\n"); \
+	areEqual = PR_FALSE; \
+    }
+	    
+
+static PRBool rsaPrivKeysAreEqual(RSAPrivateKey *src, RSAPrivateKey *dest)
+{
+    PRBool areEqual = PR_TRUE;
+    RSA_TEST_EQUAL(modulus)
+    RSA_TEST_EQUAL(publicExponent)
+    RSA_TEST_EQUAL(privateExponent)
+    RSA_TEST_EQUAL(prime1)
+    RSA_TEST_EQUAL(prime2)
+    RSA_TEST_EQUAL(exponent1)
+    RSA_TEST_EQUAL(exponent2)
+    RSA_TEST_EQUAL(coefficient)
+    if (!areEqual) {
+	fprintf(stderr, "original key:\n");
+	dump_rsakey(src);
+	fprintf(stderr, "recreated key:\n");
+	dump_rsakey(dest);
+    }
+    return areEqual;
+}
+
+/*
+ * Test the RSA populate command to see that it can really build
+ * keys from it's components.
+ */
+static int doRSAPopulateTest(unsigned int keySize, unsigned long exponent)
+{
+    RSAPrivateKey *srcKey;
+    RSAPrivateKey tstKey = { 0 };
+    SECItem expitem = { 0, 0, 0 };
+    SECStatus rv;
+    unsigned char pubExp[4];
+    int expLen = 0;
+    int failed = 0;
+    int i;
+
+    for (i=0; i < sizeof(unsigned long); i++) {
+	int shift = (sizeof(unsigned long) - i -1 ) * 8;
+	if (expLen || (exponent && ((unsigned long)0xffL << shift))) {
+	    pubExp[expLen] = (unsigned char) ((exponent >> shift) & 0xff);
+	    expLen++;
+        }
+    }
+
+    expitem.data = pubExp;
+    expitem.len = expLen;
+
+    srcKey = RSA_NewKey(keySize, &expitem);
+    if (srcKey == NULL) {
+	fprintf(stderr, "RSA Key Gen failed");
+	return -1;
+    }
+
+    /* test the basic case - most common, public exponent, modulus, prime */
+    tstKey.arena = NULL;
+    rsaPrivKeyReset(&tstKey);
+
+    tstKey.publicExponent = srcKey->publicExponent;
+    tstKey.modulus = srcKey->modulus;
+    tstKey.prime1 = srcKey->prime1;
+
+    rv = RSA_PopulatePrivateKey(&tstKey);
+    if (rv != SECSuccess) {
+	fprintf(stderr, "RSA Populate failed: pubExp mod p\n");
+	failed = 1;
+    } else if (!rsaPrivKeysAreEqual(&tstKey, srcKey)) {
+	fprintf(stderr, "RSA Populate key mismatch: pubExp mod p\n");
+	failed = 1;
+    }
+
+    /* test the basic2 case, public exponent, modulus, prime2 */
+    rsaPrivKeyReset(&tstKey);
+
+    tstKey.publicExponent = srcKey->publicExponent;
+    tstKey.modulus = srcKey->modulus;
+    tstKey.prime1 = srcKey->prime2; /* test with q in the prime1 position */
+
+    rv = RSA_PopulatePrivateKey(&tstKey);
+    if (rv != SECSuccess) {
+	fprintf(stderr, "RSA Populate failed: pubExp mod q\n");
+	failed = 1;
+    } else if (!rsaPrivKeysAreEqual(&tstKey, srcKey)) {
+	fprintf(stderr, "RSA Populate key mismatch: pubExp mod q\n");
+	failed = 1;
+    }
+
+    /* test the medium case, private exponent, prime1, prime2 */
+    rsaPrivKeyReset(&tstKey);
+
+    tstKey.privateExponent = srcKey->privateExponent;
+    tstKey.prime1 = srcKey->prime2; /* purposefully swap them to make */
+    tstKey.prime2 = srcKey->prime1; /* sure populated swaps them back */
+
+    rv = RSA_PopulatePrivateKey(&tstKey);
+    if (rv != SECSuccess) {
+	fprintf(stderr, "RSA Populate failed: privExp p q\n");
+	failed = 1;
+    } else if (!rsaPrivKeysAreEqual(&tstKey, srcKey)) {
+	fprintf(stderr, "RSA Populate key mismatch: privExp  p q\n");
+	failed = 1;
+    }
+
+    /* test the advanced case, public exponent, private exponent, prime2 */
+    rsaPrivKeyReset(&tstKey);
+
+    tstKey.privateExponent = srcKey->privateExponent;
+    tstKey.publicExponent = srcKey->publicExponent;
+    tstKey.prime2 = srcKey->prime2; /* use q in the prime2 position */
+
+    rv = RSA_PopulatePrivateKey(&tstKey);
+    if (rv != SECSuccess) {
+	fprintf(stderr, "RSA Populate failed: pubExp privExp q\n");
+	fprintf(stderr, " - not fatal\n");
+	/* it's possible that we can't uniquely determine the original key
+	 * from just the exponents and prime. Populate returns an error rather
+	 * than return the wrong key. */
+    } else if (!rsaPrivKeysAreEqual(&tstKey, srcKey)) {
+	/* if we returned a key, it *must* be correct */
+	fprintf(stderr, "RSA Populate key mismatch: pubExp privExp  q\n");
+	rv = RSA_PrivateKeyCheck(&tstKey);
+	failed = 1;
+    }
+
+    /* test the advanced case2, public exponent, private exponent, modulus */
+    rsaPrivKeyReset(&tstKey);
+
+    tstKey.privateExponent = srcKey->privateExponent;
+    tstKey.publicExponent = srcKey->publicExponent;
+    tstKey.modulus = srcKey->modulus;
+
+    rv = RSA_PopulatePrivateKey(&tstKey);
+    if (rv != SECSuccess) {
+	fprintf(stderr, "RSA Populate failed: pubExp privExp mod\n");
+	failed = 1;
+    } else if (!rsaPrivKeysAreEqual(&tstKey, srcKey)) {
+	fprintf(stderr, "RSA Populate key mismatch: pubExp privExp  mod\n");
+	failed = 1;
+    }
+
+    return failed ? -1 : 0;
+}
+
+
+
 /* bltest commands */
 enum {
     cmd_Decrypt = 0,
     cmd_Encrypt,
     cmd_FIPS,
     cmd_Hash,
     cmd_Nonce,
     cmd_Dump,
+    cmd_RSAPopulate,
     cmd_Sign,
     cmd_SelfTest,
     cmd_Verify
 };
 
 /* bltest options */
 enum {
     opt_B64 = 0,
@@ -3191,16 +3385,17 @@ enum {
 static secuCommandFlag bltest_commands[] =
 {
     { /* cmd_Decrypt	*/ 'D', PR_FALSE, 0, PR_FALSE },
     { /* cmd_Encrypt	*/ 'E', PR_FALSE, 0, PR_FALSE },
     { /* cmd_FIPS	*/ 'F', PR_FALSE, 0, PR_FALSE },
     { /* cmd_Hash	*/ 'H', PR_FALSE, 0, PR_FALSE },
     { /* cmd_Nonce      */ 'N', PR_FALSE, 0, PR_FALSE },
     { /* cmd_Dump	*/ 'P', PR_FALSE, 0, PR_FALSE },
+    { /* cmd_RSAPopulate*/ 'R', PR_FALSE, 0, PR_FALSE },
     { /* cmd_Sign	*/ 'S', PR_FALSE, 0, PR_FALSE },
     { /* cmd_SelfTest	*/ 'T', PR_FALSE, 0, PR_FALSE },
     { /* cmd_Verify	*/ 'V', PR_FALSE, 0, PR_FALSE }
 };
 
 static secuCommandFlag bltest_options[] =
 {
     { /* opt_B64	  */ 'a', PR_FALSE, 0, PR_FALSE },
@@ -3304,16 +3499,17 @@ int main(int argc, char **argv)
         goto print_usage;
     }
 
     if (commandsEntered == 0) {
 	fprintf(stderr, "%s: you must enter a command!\n", progName);
         goto print_usage;
     }
 
+
     if (bltest.commands[cmd_Sign].activated)
 	bltest.commands[cmd_Encrypt].activated = PR_TRUE;
     if (bltest.commands[cmd_Verify].activated)
 	bltest.commands[cmd_Decrypt].activated = PR_TRUE;
     if (bltest.commands[cmd_Hash].activated)
 	bltest.commands[cmd_Encrypt].activated = PR_TRUE;
 
     inoff = outoff = 0;
@@ -3324,16 +3520,46 @@ int main(int argc, char **argv)
 
     testdir = (bltest.options[opt_SelfTestDir].activated) ? 
                  strdup(bltest.options[opt_SelfTestDir].arg) : ".";
 
     /*
      * Handle three simple cases first
      */
 
+    /* test the RSA_PopulatePrivateKey function */
+    if (bltest.commands[cmd_RSAPopulate].activated) {
+	unsigned int keySize = 1024;
+	unsigned long exponent = 65537;
+	int rounds = 1;
+	int ret;
+	
+	if (bltest.options[opt_KeySize].activated) {
+	    keySize = PORT_Atoi(bltest.options[opt_KeySize].arg);
+	}
+	if (bltest.options[opt_Rounds].activated) {
+	    rounds = PORT_Atoi(bltest.options[opt_Rounds].arg);
+	}
+	if (bltest.options[opt_Exponent].activated) {
+	    exponent = PORT_Atoi(bltest.options[opt_Exponent].arg);
+	}
+
+	for (i=0; i < rounds; i++) {
+	    printf("Running RSA Populate test round %d\n",i);
+	    ret = doRSAPopulateTest(keySize,exponent);
+	    if (ret != 0) {
+		break;
+	    }
+	}
+	if (ret != 0) {
+	    fprintf(stderr,"RSA Populate test round %d: FAILED\n",i);
+	}
+	return ret;
+    }
+
     /* Do BLAPI self-test */
     if (bltest.commands[cmd_SelfTest].activated) {
 	PRBool encrypt = PR_TRUE, decrypt = PR_TRUE;
 	/* user may specified a set of ciphers to test.  parse them. */
 	bltestCipherMode modesToTest[NUMMODES];
 	int numModesToTest = 0;
 	char *tok, *str;
 	str = bltest.options[opt_Mode].arg;
--- a/security/nss/cmd/certutil/certutil.c
+++ b/security/nss/cmd/certutil/certutil.c
@@ -457,17 +457,17 @@ DumpChain(CERTCertDBHandle *handle, char
 	printf("\"%s\" [%s]\n\n", c->nickname, c->subjectName);
 	CERT_DestroyCertificate(c);
     }
     CERT_DestroyCertificateList(chain);
     return SECSuccess;
 }
 
 static SECStatus
-listCerts(CERTCertDBHandle *handle, char *name, PK11SlotInfo *slot,
+listCerts(CERTCertDBHandle *handle, char *name, char *email, PK11SlotInfo *slot,
           PRBool raw, PRBool ascii, PRFileDesc *outfile, void *pwarg)
 {
     SECItem data;
     PRInt32 numBytes;
     SECStatus rv = SECFailure;
     CERTCertList *certs;
     CERTCertListNode *node;
 
@@ -525,18 +525,55 @@ listCerts(CERTCertDBHandle *handle, char
 		    SECU_PrintError(progName, "problem printing certificate");
 		}
 
 	    }
 	    if (rv != SECSuccess) {
 		break;
 	    }
 	}
+    } else if (email) {
+	CERTCertificate *the_cert;
+	certs = PK11_FindCertsFromEmailAddress(email, NULL);
+	if (!certs) {
+	    SECU_PrintError(progName, 
+			"Could not find certificates for email address: %s\n", 
+			email);
+	    return SECFailure;
+	}
+	for (node = CERT_LIST_HEAD(certs); !CERT_LIST_END(node,certs);
+						node = CERT_LIST_NEXT(node)) {
+	    the_cert = node->cert;
+	    /* now get the subjectList that matches this cert */
+	    data.data = the_cert->derCert.data;
+	    data.len  = the_cert->derCert.len;
+	    if (ascii) {
+		PR_fprintf(outfile, "%s\n%s\n%s\n", NS_CERT_HEADER, 
+		           BTOA_DataToAscii(data.data, data.len), 
+			   NS_CERT_TRAILER);
+		rv = SECSuccess;
+	    } else if (raw) {
+		numBytes = PR_Write(outfile, data.data, data.len);
+		rv = SECSuccess;
+		if (numBytes != (PRInt32) data.len) {
+		    SECU_PrintSystemError(progName, "error writing raw cert");
+		    rv = SECFailure;
+		}
+	    } else {
+		rv = SEC_PrintCertificateAndTrust(the_cert, "Certificate",
+                                                  the_cert->trust);
+		if (rv != SECSuccess) {
+		    SECU_PrintError(progName, "problem printing certificate");
+		}
+	    }
+	    if (rv != SECSuccess) {
+		break;
+	    }
+	}
     } else {
-
 	certs = PK11_ListCertsInSlot(slot);
 	if (certs) {
 	    for (node = CERT_LIST_HEAD(certs); !CERT_LIST_END(node,certs);
 						node = CERT_LIST_NEXT(node)) {
 		SECU_PrintCertNickname(node,stdout);
 	    }
 	    rv = SECSuccess;
 	}
@@ -548,41 +585,40 @@ listCerts(CERTCertDBHandle *handle, char
 	SECU_PrintError(progName, "problem printing certificate nicknames");
 	return SECFailure;
     }
 
     return SECSuccess;	/* not rv ?? */
 }
 
 static SECStatus
-ListCerts(CERTCertDBHandle *handle, char *nickname, PK11SlotInfo *slot,
-          PRBool raw, PRBool ascii, PRFileDesc *outfile, secuPWData *pwdata)
+ListCerts(CERTCertDBHandle *handle, char *nickname, char *email, 
+          PK11SlotInfo *slot, PRBool raw, PRBool ascii, PRFileDesc *outfile, 
+	  secuPWData *pwdata)
 {
     SECStatus rv;
 
-    if (!ascii && !raw && !nickname) {
+    if (!ascii && !raw && !nickname && !email) {
         PR_fprintf(outfile, "\n%-60s %-5s\n%-60s %-5s\n\n",
                    "Certificate Nickname", "Trust Attributes", "",
                    "SSL,S/MIME,JAR/XPI");
     }
     if (slot == NULL) {
 	CERTCertList *list;
 	CERTCertListNode *node;
 
 	list = PK11_ListCerts(PK11CertListAll, pwdata);
 	for (node = CERT_LIST_HEAD(list); !CERT_LIST_END(node, list);
-	     node = CERT_LIST_NEXT(node)) 
-	{
+	     node = CERT_LIST_NEXT(node)) {
 	    SECU_PrintCertNickname(node, stdout);
 	}
 	CERT_DestroyCertList(list);
 	return SECSuccess;
-    } else {
-	rv = listCerts(handle,nickname,slot,raw,ascii,outfile,pwdata);
-    }
+    } 
+    rv = listCerts(handle, nickname, email, slot, raw, ascii, outfile, pwdata);
     return rv;
 }
 
 static SECStatus 
 DeleteCert(CERTCertDBHandle *handle, char *name)
 {
     SECStatus rv;
     CERTCertificate *cert;
@@ -593,20 +629,18 @@ DeleteCert(CERTCertDBHandle *handle, cha
 			name);
 	return SECFailure;
     }
 
     rv = SEC_DeletePermCertificate(cert);
     CERT_DestroyCertificate(cert);
     if (rv) {
 	SECU_PrintError(progName, "unable to delete certificate");
-	return SECFailure;
     }
-
-    return SECSuccess;
+    return rv;
 }
 
 static SECStatus
 ValidateCert(CERTCertDBHandle *handle, char *name, char *date,
              char *certUsage, PRBool checkSig, PRBool logit,
              PRBool ascii, secuPWData *pwdata)
 {
     SECStatus rv;
@@ -990,17 +1024,19 @@ Usage(char *progName)
 	progName);
     FPS "\t\t [--upgrade-token-name tokenName] [-d targetDBDir]\n");
     FPS "\t\t [-P targetDBPrefix] [--source-prefix upgradeDBPrefix]\n");
     FPS "\t\t [-f targetPWfile] [-@ upgradePWFile]\n");
     FPS "\t%s --merge --source-dir sourceDBDir [-d targetDBdir]\n",
 	progName);
     FPS "\t\t [-P targetDBPrefix] [--source-prefix sourceDBPrefix]\n");
     FPS "\t\t [-f targetPWfile] [-@ sourcePWFile]\n");
-    FPS "\t%s -L [-n cert-name] [-X] [-d certdir] [-P dbprefix] [-r] [-a]\n", progName);
+    FPS "\t%s -L [-n cert-name] [--email email-address] [-X] [-r] [-a]\n",
+	progName);
+    FPS "\t\t [-d certdir] [-P dbprefix]\n");
     FPS "\t%s -M -n cert-name -t trustargs [-d certdir] [-P dbprefix]\n",
 	progName);
     FPS "\t%s -O -n cert-name [-X] [-d certdir] [-a] [-P dbprefix]\n", progName);
     FPS "\t%s -R -s subj -o cert-request-file [-d certdir] [-P dbprefix] [-p phone] [-a]\n"
 	"\t\t [-7 emailAddrs] [-k key-type-or-id] [-h token-name] [-f pwfile] [-g key-size]\n",
 	progName);
     FPS "\t%s -V -n cert-name -u usage [-b time] [-e] [-a]\n"
 	"\t\t[-X] [-d certdir] [-P dbprefix]\n",
@@ -1203,16 +1239,19 @@ static void LongUsage(char *progName)
     FPS "%-20s force the database to open R/W\n",
 	"   -X");
     FPS "\n");
 
     FPS "%-15s List all certs, or print out a single named cert\n",
 	"-L");
     FPS "%-20s Pretty print named cert (list all if unspecified)\n",
 	"   -n cert-name");
+    FPS "%-20s \n"
+              "%-20s Pretty print cert with email address (list all if unspecified)\n",
+	"   --email email-address", "");
     FPS "%-20s Cert database directory (default is ~/.netscape)\n",
 	"   -d certdir");
     FPS "%-20s Cert & Key database prefix\n",
 	"   -P dbprefix");
     FPS "%-20s force the database to open R/W\n",
 	"   -X");
     FPS "%-20s For single cert, print binary DER encoding\n",
 	"   -r");
@@ -1822,16 +1861,17 @@ enum certutilOpts {
     opt_ValidityTime,
     opt_IssuerName,
     opt_CertDir,
     opt_VerifySig,
     opt_PasswordFile,
     opt_KeySize,
     opt_TokenName,
     opt_InputFile,
+    opt_Emailaddress,
     opt_KeyIndex,
     opt_KeyType,
     opt_DetailedInfo,
     opt_SerialNumber,
     opt_Nickname,
     opt_OutputFile,
     opt_PhoneNumber,
     opt_DBPrefix,
@@ -1909,16 +1949,17 @@ secuCommandFlag options_init[] =
 	{ /* opt_ValidityTime        */  'b', PR_TRUE,  0, PR_FALSE },
 	{ /* opt_IssuerName          */  'c', PR_TRUE,  0, PR_FALSE },
 	{ /* opt_CertDir             */  'd', PR_TRUE,  0, PR_FALSE },
 	{ /* opt_VerifySig           */  'e', PR_FALSE, 0, PR_FALSE },
 	{ /* opt_PasswordFile        */  'f', PR_TRUE,  0, PR_FALSE },
 	{ /* opt_KeySize             */  'g', PR_TRUE,  0, PR_FALSE },
 	{ /* opt_TokenName           */  'h', PR_TRUE,  0, PR_FALSE },
 	{ /* opt_InputFile           */  'i', PR_TRUE,  0, PR_FALSE },
+	{ /* opt_Emailaddress        */  0,   PR_TRUE,  0, PR_FALSE, "email" },
 	{ /* opt_KeyIndex            */  'j', PR_TRUE,  0, PR_FALSE },
 	{ /* opt_KeyType             */  'k', PR_TRUE,  0, PR_FALSE },
 	{ /* opt_DetailedInfo        */  'l', PR_FALSE, 0, PR_FALSE },
 	{ /* opt_SerialNumber        */  'm', PR_TRUE,  0, PR_FALSE },
 	{ /* opt_Nickname            */  'n', PR_TRUE,  0, PR_FALSE },
 	{ /* opt_OutputFile          */  'o', PR_TRUE,  0, PR_FALSE },
 	{ /* opt_PhoneNumber         */  'p', PR_TRUE,  0, PR_FALSE },
 	{ /* opt_DBPrefix            */  'P', PR_TRUE,  0, PR_FALSE },
@@ -1986,16 +2027,17 @@ certutil_main(int argc, char **argv, PRB
     char *      slotname        = "internal";
     char *      certPrefix      = "";
     char *      sourceDir       = "";
     char *      srcCertPrefix   = "";
     char *      upgradeID        = "";
     char *      upgradeTokenName     = "";
     KeyType     keytype         = rsaKey;
     char *      name            = NULL;
+    char *      email            = NULL;
     char *      keysource       = NULL;
     SECOidTag   hashAlgTag      = SEC_OID_UNKNOWN;
     int	        keysize	        = DEFAULT_KEY_BITS;
     int         publicExponent  = 0x010001;
     unsigned int serialNumber   = 0;
     int         warpmonths      = 0;
     int         validityMonths  = 3;
     int         commandsEntered = 0;
@@ -2384,16 +2426,17 @@ certutil_main(int argc, char **argv, PRB
 	               "%s:  unable to open \"%s\" for writing (%ld, %ld).\n",
 	               progName, certutil.options[opt_OutputFile].arg,
 	               PR_GetError(), PR_GetOSError());
 	    return 255;
 	}
     }
 
     name = SECU_GetOptionArg(&certutil, opt_Nickname);
+    email = SECU_GetOptionArg(&certutil, opt_Emailaddress);
 
     PK11_SetPasswordFunc(SECU_GetModulePassword);
 
     if (PR_TRUE == initialize) {
         /*  Initialize NSPR and NSS.  */
         PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
 	if (!certutil.commands[cmd_UpgradeMerge].activated) {
             rv = NSS_Initialize(SECU_ConfigDirectory(NULL), 
@@ -2574,17 +2617,17 @@ merge_fail:
 	PK11_FreeSlot(sourceSlot);
 	goto shutdown;
     }
 
     /* The following 8 options are mutually exclusive with all others. */
 
     /*  List certs (-L)  */
     if (certutil.commands[cmd_ListCerts].activated) {
-	rv = ListCerts(certHandle, name, slot,
+	rv = ListCerts(certHandle, name, email, slot,
 	               certutil.options[opt_BinaryDER].activated,
 	               certutil.options[opt_ASCIIForIO].activated, 
                        (outFile) ? outFile : PR_STDOUT, &pwdata);
 	goto shutdown;
     }
     if (certutil.commands[cmd_DumpChain].activated) {
 	rv = DumpChain(certHandle, name,
                        certutil.options[opt_ASCIIForIO].activated);
--- a/security/nss/cmd/lib/SECerrs.h
+++ b/security/nss/cmd/lib/SECerrs.h
@@ -562,8 +562,14 @@ ER3(SEC_ERROR_BAD_INFO_ACCESS_METHOD,   
 ER3(SEC_ERROR_CRL_IMPORT_FAILED,        		(SEC_ERROR_BASE + 171),
 "Error attempting to import a CRL.")
 
 ER3(SEC_ERROR_EXPIRED_PASSWORD,        		(SEC_ERROR_BASE + 172),
 "The password expired.")
 
 ER3(SEC_ERROR_LOCKED_PASSWORD,        		(SEC_ERROR_BASE + 173),
 "The password is locked.")
+
+ER3(SEC_ERROR_UNKNOWN_PKCS11_ERROR,        		(SEC_ERROR_BASE + 174),
+"Unknown PKCS #11 error.")
+
+ER3(SEC_ERROR_BAD_CRL_DP_URL,			(SEC_ERROR_BASE + 175),
+"Invalid or unsupported URL in CRL distribution point name.")
new file mode 100644
--- /dev/null
+++ b/security/nss/cmd/rsapoptst/Makefile
@@ -0,0 +1,86 @@
+#! gmake
+#
+# ***** BEGIN LICENSE BLOCK *****
+# Version: MPL 1.1/GPL 2.0/LGPL 2.1
+#
+# The contents of this file are subject to the Mozilla Public License Version
+# 1.1 (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+# http://www.mozilla.org/MPL/
+#
+# Software distributed under the License is distributed on an "AS IS" basis,
+# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+# for the specific language governing rights and limitations under the
+# License.
+#
+# The Original Code is the Netscape security libraries.
+#
+# The Initial Developer of the Original Code is
+# Netscape Communications Corporation.
+# Portions created by the Initial Developer are Copyright (C) 1994-2000
+# the Initial Developer. All Rights Reserved.
+#
+# Contributor(s):
+#
+# Alternatively, the contents of this file may be used under the terms of
+# either the GNU General Public License Version 2 or later (the "GPL"), or
+# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+# in which case the provisions of the GPL or the LGPL are applicable instead
+# of those above. If you wish to allow use of your version of this file only
+# under the terms of either the GPL or the LGPL, and not to allow others to
+# use your version of this file under the terms of the MPL, indicate your
+# decision by deleting the provisions above and replace them with the notice
+# and other provisions required by the GPL or the LGPL. If you do not delete
+# the provisions above, a recipient may use your version of this file under
+# the terms of any one of the MPL, the GPL or the LGPL.
+#
+# ***** END LICENSE BLOCK *****
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY).   #
+#######################################################################
+
+include manifest.mn
+#MKPROG = purify -cache-dir=/u/mcgreer/pcache -best-effort \
+#	-always-use-cache-dir $(CC)
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL)          #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL)       #
+#######################################################################
+
+
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
+#######################################################################
+
+include ../platlibs.mk
+
+#EXTRA_SHARED_LIBS += \
+#	-L/usr/lib \
+#	-lposix4 \
+#	$(NULL)
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL)                              #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL)                           #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL).                              #
+#######################################################################
+
+include ../platrules.mk
new file mode 100644
--- /dev/null
+++ b/security/nss/cmd/rsapoptst/manifest.mn
@@ -0,0 +1,54 @@
+# 
+# ***** BEGIN LICENSE BLOCK *****
+# Version: MPL 1.1/GPL 2.0/LGPL 2.1
+#
+# The contents of this file are subject to the Mozilla Public License Version
+# 1.1 (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+# http://www.mozilla.org/MPL/
+#
+# Software distributed under the License is distributed on an "AS IS" basis,
+# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+# for the specific language governing rights and limitations under the
+# License.
+#
+# The Original Code is the Netscape security libraries.
+#
+# The Initial Developer of the Original Code is
+# Netscape Communications Corporation.
+# Portions created by the Initial Developer are Copyright (C) 1994-2000
+# the Initial Developer. All Rights Reserved.
+#
+# Contributor(s):
+#
+# Alternatively, the contents of this file may be used under the terms of
+# either the GNU General Public License Version 2 or later (the "GPL"), or
+# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+# in which case the provisions of the GPL or the LGPL are applicable instead
+# of those above. If you wish to allow use of your version of this file only
+# under the terms of either the GPL or the LGPL, and not to allow others to
+# use your version of this file under the terms of the MPL, indicate your
+# decision by deleting the provisions above and replace them with the notice
+# and other provisions required by the GPL or the LGPL. If you do not delete
+# the provisions above, a recipient may use your version of this file under
+# the terms of any one of the MPL, the GPL or the LGPL.
+#
+# ***** END LICENSE BLOCK *****
+CORE_DEPTH = ../../..
+
+MODULE = nss
+
+REQUIRES = seccmd dbm softoken
+
+PROGRAM = rsapoptst
+
+EXPORTS = \
+	$(NULL)
+
+PRIVATE_EXPORTS = \
+	$(NULL)
+
+CSRCS = \
+	rsapoptst.c \
+	$(NULL)
+
new file mode 100644
--- /dev/null
+++ b/security/nss/cmd/rsapoptst/rsapoptst.c
@@ -0,0 +1,550 @@
+/* ***** BEGIN LICENSE BLOCK *****
+ * Version: MPL 1.1/GPL 2.0/LGPL 2.1
+ *
+ * The contents of this file are subject to the Mozilla Public License Version
+ * 1.1 (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ * http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+ * for the specific language governing rights and limitations under the
+ * License.
+ *
+ * The Original Code is the Netscape security libraries.
+ *
+ * The Initial Developer of the Original Code is
+ * Netscape Communications Corporation.
+ * Portions created by the Initial Developer are Copyright (C) 1994-2000
+ * the Initial Developer. All Rights Reserved.
+ * Portions created by the Red Hat, Inc. are Copyright (C) 2010
+ * the Red Hat, Inc.. All Rights Reserved.
+ *
+ * Contributor(s):
+ *
+ * Alternatively, the contents of this file may be used under the terms of
+ * either the GNU General Public License Version 2 or later (the "GPL"), or
+ * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+ * in which case the provisions of the GPL or the LGPL are applicable instead
+ * of those above. If you wish to allow use of your version of this file only
+ * under the terms of either the GPL or the LGPL, and not to allow others to
+ * use your version of this file under the terms of the MPL, indicate your
+ * decision by deleting the provisions above and replace them with the notice
+ * and other provisions required by the GPL or the LGPL. If you do not delete
+ * the provisions above, a recipient may use your version of this file under
+ * the terms of any one of the MPL, the GPL or the LGPL.
+ *
+ * ***** END LICENSE BLOCK ***** */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "plgetopt.h"
+#include "nss.h"
+#include "secutil.h"
+#include "pk11table.h"
+#include "secmodt.h"
+#include "pk11pub.h"
+
+
+struct test_args {
+    char *arg;
+    int  mask_value;
+    char *description;
+};
+
+static const struct test_args test_array[] = {
+    {"all",   0x1f, "run all the tests" },
+    {"e_n_p", 0x01, "public exponent, modulus, prime1"},
+    {"d_n_q", 0x02, "private exponent, modulus, prime2"},
+    {"d_p_q", 0x04, "private exponent, prime1, prime2"},
+    {"e_d_q", 0x08, "public exponent, private exponent, prime2"},
+    {"e_d_n", 0x10, "public exponent, private exponent, moduls"}
+};
+static const int test_array_size = 
+		(sizeof(test_array)/sizeof(struct test_args));
+
+static void Usage(char *progName)
+{
+    int i;
+#define PRINTUSAGE(subject, option, predicate) \
+    fprintf(stderr, "%10s %s\t%s\n", subject, option, predicate);
+    fprintf(stderr, "%s [-k keysize] [-e exp] [-r rounds] [-t tests]\n "
+            "Test creating RSA private keys from Partial components\n", 
+	    progName);
+    PRINTUSAGE("", "-k", "key size (in bit)");
+    PRINTUSAGE("", "-e", "rsa public exponent");
+    PRINTUSAGE("", "-r", "number times to repeat the test");
+    PRINTUSAGE("", "-t", "run the specified tests");
+    for (i=0; i < test_array_size; i++) {
+	PRINTUSAGE("", test_array[i].arg, test_array[i].description);
+    }
+    fprintf(stderr,"\n");
+}
+
+/*
+ * Test the RSA populate command to see that it can really build
+ * keys from it's components.
+ */
+
+const static CK_ATTRIBUTE rsaTemplate[] = {
+    {CKA_CLASS, NULL, 0 },
+    {CKA_KEY_TYPE, NULL, 0 },
+    {CKA_TOKEN, NULL, 0 },
+    {CKA_SENSITIVE, NULL, 0 },
+    {CKA_PRIVATE, NULL, 0 },
+    {CKA_MODULUS, NULL, 0 },
+    {CKA_PUBLIC_EXPONENT, NULL, 0 },
+    {CKA_PRIVATE_EXPONENT, NULL, 0 },
+    {CKA_PRIME_1, NULL, 0 },
+    {CKA_PRIME_2, NULL, 0 },
+    {CKA_EXPONENT_1, NULL, 0 },
+    {CKA_EXPONENT_2, NULL, 0 },
+    {CKA_COEFFICIENT, NULL, 0 },
+};
+
+#define RSA_SIZE (sizeof(rsaTemplate))
+#define RSA_ATTRIBUTES (sizeof(rsaTemplate)/sizeof(CK_ATTRIBUTE))
+
+static void
+resetTemplate(CK_ATTRIBUTE *attribute, int start, int end)
+{
+    int i;
+    for (i=start; i < end; i++) {
+	if (attribute[i].pValue) {
+	    PORT_Free(attribute[i].pValue);
+	}
+	attribute[i].pValue = NULL;
+	attribute[i].ulValueLen = 0;
+    }
+}
+
+static SECStatus
+copyAttribute(PK11ObjectType objType, void *object, CK_ATTRIBUTE *template, 
+		int offset, CK_ATTRIBUTE_TYPE attrType)
+{
+    SECItem attributeItem = {0, 0, 0};
+    SECStatus rv;
+
+    rv = PK11_ReadRawAttribute(objType, object, attrType, &attributeItem);
+    if (rv != SECSuccess) {
+	return rv;
+    }
+    template[offset].type = attrType;
+    template[offset].pValue = attributeItem.data;
+    template[offset].ulValueLen = attributeItem.len;
+    return SECSuccess;
+}
+
+static SECStatus
+readKey(PK11ObjectType objType, void *object, CK_ATTRIBUTE *template,
+	int start, int end)
+{
+    int i;
+    SECStatus rv;
+
+    for (i=start; i < end; i++) {
+	rv = copyAttribute(objType, object, template, i, template[i].type);
+	if (rv != SECSuccess) {
+	     goto fail;
+	}
+    }
+    return SECSuccess;
+
+fail:
+    resetTemplate(template, start, i);
+    return rv;
+}
+
+#define ATTR_STRING(x) getNameFromAttribute(x)
+
+void
+dumpTemplate(CK_ATTRIBUTE *template, int start, int end)
+{
+    int i,j;
+    for (i=0; i < end; i++) {
+	unsigned char cval;
+	CK_ULONG ulval;
+	unsigned char *cpval;
+
+	fprintf(stderr, "%s:", ATTR_STRING(template[i].type));
+	switch (template[i].ulValueLen) {
+	case 1:
+	    cval =*(unsigned char *)template[i].pValue;
+	    switch(cval) {
+	    case 0: fprintf(stderr, " false"); break;
+	    case 1: fprintf(stderr, " true"); break;
+	    default: 
+		fprintf(stderr, " %d (=0x%02x,'%c')",cval,cval,cval);
+		 break;
+	    }
+	    break;
+	case sizeof(CK_ULONG):
+	    ulval = *(CK_ULONG *)template[i].pValue;
+	    fprintf(stderr," %ld (=0x%04lx)", ulval, ulval);
+	    break;
+	default:
+	    cpval = (unsigned char *)template[i].pValue;
+	    for (j=0; j < template[i].ulValueLen; j++) {
+	        if ((j % 16) == 0) fprintf(stderr, "\n ");
+		fprintf(stderr," %02x",cpval[j]);
+	    }
+	    break;
+	}
+	fprintf(stderr,"\n");
+    }
+}
+
+PRBool
+rsaKeysAreEqual(PK11ObjectType srcType, void *src, 
+		PK11ObjectType destType, void *dest)
+{
+
+    CK_ATTRIBUTE srcTemplate[RSA_ATTRIBUTES];
+    CK_ATTRIBUTE destTemplate[RSA_ATTRIBUTES];
+    PRBool areEqual = PR_TRUE;
+    SECStatus rv;
+    int i;
+
+    memcpy(srcTemplate, rsaTemplate, RSA_SIZE);
+    memcpy(destTemplate, rsaTemplate, RSA_SIZE);
+
+    rv = readKey(srcType, src, srcTemplate, 0, RSA_ATTRIBUTES);
+    if (rv != SECSuccess) {
+	printf("Could read source key\n");
+	return PR_FALSE;
+    }
+    readKey(destType, dest, destTemplate, 0, RSA_ATTRIBUTES);
+    if (rv != SECSuccess) {
+	printf("Could read dest key\n");
+	return PR_FALSE;
+    }
+
+    for (i=0; i < RSA_ATTRIBUTES; i++) {
+	if (srcTemplate[i].ulValueLen != destTemplate[i].ulValueLen) {
+	    printf("key->%s not equal src_len = %ld, dest_len=%ld\n",
+		    ATTR_STRING(srcTemplate[i].type), 
+		    srcTemplate[i].ulValueLen, destTemplate[i].ulValueLen);
+	    areEqual = 0;
+	} else if (memcmp(srcTemplate[i].pValue, destTemplate[i].pValue,
+			  destTemplate[i].ulValueLen) != 0) {
+	    printf("key->%s not equal.\n", ATTR_STRING(srcTemplate[i].type));
+	    areEqual = 0;
+	}
+    }
+    if (!areEqual) {
+	fprintf(stderr, "original key:\n");
+	dumpTemplate(srcTemplate,0, RSA_ATTRIBUTES);
+	fprintf(stderr, "created key:\n");
+	dumpTemplate(destTemplate,0, RSA_ATTRIBUTES);
+    }
+    return areEqual;
+}
+
+static int exp_exp_prime_fail_count = 0;
+   
+static int 
+doRSAPopulateTest(unsigned int keySize, unsigned long exponent, 
+	          int mask, void *pwarg)
+{
+    SECKEYPrivateKey *rsaPrivKey;
+    SECKEYPublicKey *rsaPubKey;
+    PK11GenericObject *tstPrivKey;
+    CK_ATTRIBUTE tstTemplate[RSA_ATTRIBUTES];
+    int tstHeaderCount;
+    PK11SlotInfo *slot = NULL;
+    PK11RSAGenParams rsaParams;
+    CK_OBJECT_CLASS obj_class = CKO_PRIVATE_KEY;
+    CK_KEY_TYPE key_type = CKK_RSA;
+    CK_BBOOL ck_false = CK_FALSE;
+    int failed = 0;
+
+    rsaParams.pe = exponent;
+    rsaParams.keySizeInBits = keySize;
+
+    slot = PK11_GetInternalSlot();
+    if (slot == NULL) {
+	fprintf(stderr, "Couldn't get the internal slot for the test \n");
+	return -1;
+    }
+
+    rsaPrivKey = PK11_GenerateKeyPair(slot, CKM_RSA_PKCS_KEY_PAIR_GEN, 
+				     &rsaParams, &rsaPubKey, PR_FALSE, 
+				     PR_FALSE, pwarg);
+    if (rsaPrivKey == NULL) {
+	fprintf(stderr, "RSA Key Gen failed");
+	PK11_FreeSlot(slot);
+	return -1;
+    }
+
+    memcpy(tstTemplate, rsaTemplate, RSA_SIZE);
+
+    tstTemplate[0].pValue = &obj_class;
+    tstTemplate[0].ulValueLen = sizeof(obj_class);
+    tstTemplate[1].pValue = &key_type;
+    tstTemplate[1].ulValueLen = sizeof(key_type);
+    tstTemplate[2].pValue = &ck_false;
+    tstTemplate[2].ulValueLen = sizeof(ck_false);
+    tstTemplate[3].pValue = &ck_false;
+    tstTemplate[3].ulValueLen = sizeof(ck_false);
+    tstTemplate[4].pValue = &ck_false;
+    tstTemplate[4].ulValueLen = sizeof(ck_false);
+    tstHeaderCount = 5;
+
+    if (mask & 1) {
+	printf("%s\n",test_array[1].description);
+	resetTemplate(tstTemplate, tstHeaderCount, RSA_ATTRIBUTES);
+	copyAttribute(PK11_TypePrivKey, rsaPrivKey, tstTemplate, 
+		  tstHeaderCount, CKA_PUBLIC_EXPONENT);
+	copyAttribute(PK11_TypePrivKey, rsaPrivKey, tstTemplate, 
+		  tstHeaderCount+1, CKA_MODULUS);
+	copyAttribute(PK11_TypePrivKey, rsaPrivKey, tstTemplate, 
+		  tstHeaderCount+2, CKA_PRIME_1);
+
+	tstPrivKey = PK11_CreateGenericObject(slot, tstTemplate, 
+			tstHeaderCount+3, PR_FALSE);
+	if (tstPrivKey == NULL) {
+	    fprintf(stderr, "RSA Populate failed: pubExp mod p\n");
+	    failed = 1;
+	} else if (!rsaKeysAreEqual(PK11_TypePrivKey, rsaPrivKey, 
+				PK11_TypeGeneric, tstPrivKey)) {
+	    fprintf(stderr, "RSA Populate key mismatch: pubExp mod p\n");
+	    failed = 1;
+	}
+	if (tstPrivKey) PK11_DestroyGenericObject(tstPrivKey);
+    }
+    if (mask & 2) {
+	printf("%s\n",test_array[2].description);
+	/* test the basic2 case, public exponent, modulus, prime2 */
+	resetTemplate(tstTemplate, tstHeaderCount, RSA_ATTRIBUTES);
+	copyAttribute(PK11_TypePrivKey, rsaPrivKey, tstTemplate, 
+	    	  tstHeaderCount, CKA_PUBLIC_EXPONENT);
+	copyAttribute(PK11_TypePrivKey, rsaPrivKey, tstTemplate, 
+	    	  tstHeaderCount+1, CKA_MODULUS);
+	copyAttribute(PK11_TypePrivKey, rsaPrivKey, tstTemplate, 
+	    	  tstHeaderCount+2, CKA_PRIME_2);
+	/* test with q in the prime1 position */
+	tstTemplate[tstHeaderCount+2].type = CKA_PRIME_1;
+
+	tstPrivKey = PK11_CreateGenericObject(slot, tstTemplate, 
+	    		tstHeaderCount+3, PR_FALSE);
+	if (tstPrivKey == NULL) {
+	    fprintf(stderr, "RSA Populate failed: pubExp mod q\n");
+	    failed = 1;
+	} else if (!rsaKeysAreEqual(PK11_TypePrivKey, rsaPrivKey, 
+	    			PK11_TypeGeneric, tstPrivKey)) {
+	    fprintf(stderr, "RSA Populate key mismatch: pubExp mod q\n");
+	    failed = 1;
+	}
+	if (tstPrivKey) PK11_DestroyGenericObject(tstPrivKey);
+    }
+    if (mask & 4) {
+	printf("%s\n",test_array[3].description);
+	/* test the medium case, private exponent, prime1, prime2 */
+	resetTemplate(tstTemplate, tstHeaderCount, RSA_ATTRIBUTES);
+
+	copyAttribute(PK11_TypePrivKey, rsaPrivKey, tstTemplate, 
+	    	  tstHeaderCount, CKA_PRIVATE_EXPONENT);
+	copyAttribute(PK11_TypePrivKey, rsaPrivKey, tstTemplate, 
+	    	  tstHeaderCount+1, CKA_PRIME_1);
+	copyAttribute(PK11_TypePrivKey, rsaPrivKey, tstTemplate, 
+	    	  tstHeaderCount+2, CKA_PRIME_2);
+	/* test with p & q swapped. Underlying code should swap these back */
+	tstTemplate[tstHeaderCount+2].type = CKA_PRIME_1;
+	tstTemplate[tstHeaderCount+1].type = CKA_PRIME_2;
+
+	tstPrivKey = PK11_CreateGenericObject(slot, tstTemplate, 
+	    		tstHeaderCount+3, PR_FALSE);
+	if (tstPrivKey == NULL) {
+	    fprintf(stderr, "RSA Populate failed: privExp p q\n");
+	    failed = 1;
+	} else if (!rsaKeysAreEqual(PK11_TypePrivKey, rsaPrivKey, 
+	    			PK11_TypeGeneric, tstPrivKey)) {
+	    fprintf(stderr, "RSA Populate key mismatch: privExp p q\n");
+	    failed = 1;
+	}
+	if (tstPrivKey) PK11_DestroyGenericObject(tstPrivKey);
+    }
+    if (mask & 8) {
+	printf("%s\n",test_array[4].description);
+	/* test the advanced case, public exponent, private exponent, prime2 */
+	resetTemplate(tstTemplate, tstHeaderCount, RSA_ATTRIBUTES);
+	copyAttribute(PK11_TypePrivKey, rsaPrivKey, tstTemplate, 
+	    	  tstHeaderCount, CKA_PRIVATE_EXPONENT);
+	copyAttribute(PK11_TypePrivKey, rsaPrivKey, tstTemplate, 
+	    	  tstHeaderCount+1, CKA_PUBLIC_EXPONENT);
+	copyAttribute(PK11_TypePrivKey, rsaPrivKey, tstTemplate, 
+	    	  tstHeaderCount+2, CKA_PRIME_2);
+
+	tstPrivKey = PK11_CreateGenericObject(slot, tstTemplate, 
+	    		tstHeaderCount+3, PR_FALSE);
+	if (tstPrivKey == NULL) {
+	    fprintf(stderr, "RSA Populate failed: pubExp privExp q\n");
+	    fprintf(stderr, " this is expected periodically. It means we\n");
+	    fprintf(stderr, " had more than one key that meets the "
+			    "specification\n");
+	    exp_exp_prime_fail_count++;
+	} else if (!rsaKeysAreEqual(PK11_TypePrivKey, rsaPrivKey, 
+	    			PK11_TypeGeneric, tstPrivKey)) {
+	    fprintf(stderr, "RSA Populate key mismatch: pubExp privExp q\n");
+	    failed = 1;
+	}
+	if (tstPrivKey) PK11_DestroyGenericObject(tstPrivKey);
+    }
+    if (mask & 16) {
+	printf("%s\n",test_array[5].description);
+	/* test the advanced case2, public exponent, private exponent, modulus 
+	 */
+	resetTemplate(tstTemplate, tstHeaderCount, RSA_ATTRIBUTES);
+
+	copyAttribute(PK11_TypePrivKey, rsaPrivKey, tstTemplate, 
+	    	  tstHeaderCount, CKA_PRIVATE_EXPONENT);
+	copyAttribute(PK11_TypePrivKey, rsaPrivKey, tstTemplate, 
+	    	  tstHeaderCount+1, CKA_PUBLIC_EXPONENT);
+	copyAttribute(PK11_TypePrivKey, rsaPrivKey, tstTemplate, 
+	    	  tstHeaderCount+2, CKA_MODULUS);
+
+	tstPrivKey = PK11_CreateGenericObject(slot, tstTemplate, 
+	    		tstHeaderCount+3, PR_FALSE);
+	if (tstPrivKey == NULL) {
+	    fprintf(stderr, "RSA Populate failed: pubExp privExp mod\n");
+	    failed = 1;
+	} else if (!rsaKeysAreEqual(PK11_TypePrivKey, rsaPrivKey, 
+	    			PK11_TypeGeneric, tstPrivKey)) {
+	    fprintf(stderr, "RSA Populate key mismatch: pubExp privExp mod\n");
+	    failed = 1;
+	}
+	if (tstPrivKey) PK11_DestroyGenericObject(tstPrivKey);
+    }
+
+
+    PK11_FreeSlot(slot);
+    return failed ? -1 : 0;
+}
+
+/* populate options */
+enum {
+    opt_Exponent = 0,
+    opt_KeySize,
+    opt_Repeat,
+    opt_Tests
+};
+
+static secuCommandFlag populate_options[] =
+{
+    { /* opt_Exponent	  */ 'e', PR_TRUE,  0, PR_FALSE },
+    { /* opt_KeySize	  */ 'k', PR_TRUE,  0, PR_FALSE },
+    { /* opt_Repeat	  */ 'r', PR_TRUE,  0, PR_FALSE },
+    { /* opt_Tests	  */ 't', PR_TRUE,  0, PR_FALSE },
+};
+
+int
+is_delimiter(char c)
+{
+    if ((c=='+') || (c==',') || (c=='|')) {
+	return 1;
+    }
+    return 0;
+}
+
+int 
+parse_tests(char *test_string)
+{
+    int mask = 0;
+    int i;
+
+    while (*test_string) {
+	if (is_delimiter(*test_string)) {
+	    test_string++;
+	}
+	for (i=0; i < test_array_size; i++) {
+	    char *arg = test_array[i].arg;
+	    int len = strlen(arg);
+	    if (strncmp(test_string,arg,len) == 0) {
+		test_string += len;
+		mask |= test_array[i].mask_value;
+		break;
+	    }
+	}
+	if (i == test_array_size) {
+	    break;
+	}
+    }
+    return mask;
+}
+
+int main(int argc, char **argv)
+{
+    unsigned int keySize = 1024;
+    unsigned long exponent = 65537;
+    int i, repeat = 1, ret = 0;
+    SECStatus rv = SECFailure;
+    secuCommand populateArgs;
+    char *progName;
+    int mask = 0xff;
+
+    populateArgs.numCommands = 0;
+    populateArgs.numOptions = sizeof(populate_options) / 
+			      sizeof(secuCommandFlag);
+    populateArgs.commands = NULL;
+    populateArgs.options = populate_options;
+
+    progName = strrchr(argv[0], '/');
+    if (!progName) 
+	progName = strrchr(argv[0], '\\');
+    progName = progName ? progName+1 : argv[0];
+
+    rv = NSS_NoDB_Init(NULL);
+    if (rv != SECSuccess) {
+    	SECU_PrintPRandOSError(progName);
+	return -1;
+    }
+
+    rv = SECU_ParseCommandLine(argc, argv, progName, &populateArgs);
+    if (rv == SECFailure) {
+        fprintf(stderr, "%s: command line parsing error!\n", progName);
+        Usage(progName);
+	return -1;
+    }
+    rv = SECFailure;
+
+	
+    if (populateArgs.options[opt_KeySize].activated) {
+	keySize = PORT_Atoi(populateArgs.options[opt_KeySize].arg);
+    }
+    if (populateArgs.options[opt_Repeat].activated) {
+	repeat = PORT_Atoi(populateArgs.options[opt_Repeat].arg);
+    }
+    if (populateArgs.options[opt_Exponent].activated) {
+	exponent = PORT_Atoi(populateArgs.options[opt_Exponent].arg);
+    }
+    if (populateArgs.options[opt_Tests].activated) {
+	char * test_string = populateArgs.options[opt_Tests].arg;
+	mask = PORT_Atoi(test_string);
+	if (mask == 0) {
+	    mask = parse_tests(test_string);
+	}
+	if (mask == 0) {
+	    Usage(progName);
+	    return -1;
+	}
+    }
+
+    exp_exp_prime_fail_count = 0;
+    for (i=0; i < repeat; i++) {
+	printf("Running RSA Populate test run %d\n",i);
+	ret = doRSAPopulateTest(keySize, exponent, mask, NULL);
+	if (ret != 0) {
+	    i++;
+	    break;
+	}
+    }
+    if (ret != 0) {
+	fprintf(stderr,"RSA Populate test round %d: FAILED\n",i);
+    }
+    if (repeat > 1) {
+	printf(" pub priv prime test:  %d failures out of %d runs (%f %%)\n",
+		exp_exp_prime_fail_count, i,
+		(((double)exp_exp_prime_fail_count) * 100.0)/(double) i);
+    }
+    return ret;
+}
--- a/security/nss/cmd/vfychain/vfychain.c
+++ b/security/nss/cmd/vfychain/vfychain.c
@@ -724,18 +724,17 @@ breakout:
                 }
                 issuerCert = cvout[0].value.pointer.cert;
                 builtChain = cvout[1].value.pointer.chain;
             } while (0);
         
         /* Display validation results */
         if (secStatus != SECSuccess || log.count > 0) {
             CERTVerifyLogNode *node = NULL;
-            PRIntn err = PR_GetError();
-            fprintf(stderr, "Chain is bad, %d = %s\n", err, SECU_Strerror(err));
+            fprintf(stderr, "Chain is bad!\n");
             
             SECU_displayVerifyLog(stderr, &log, verbose); 
             /* Have cert refs in the log only in case of failure.
              * Destroy them. */
             for (node = log.head; node; node = node->next) {
                 if (node->cert)
                     CERT_DestroyCertificate(node->cert);
             }
--- a/security/nss/lib/certdb/cert.h
+++ b/security/nss/lib/certdb/cert.h
@@ -32,17 +32,17 @@
  * the provisions above, a recipient may use your version of this file under
  * the terms of any one of the MPL, the GPL or the LGPL.
  *
  * ***** END LICENSE BLOCK ***** */
 
 /*
  * cert.h - public data structures and prototypes for the certificate library
  *
- * $Id: cert.h,v 1.80 2010/04/30 07:47:47 nelson%bolyard.com Exp $
+ * $Id: cert.h,v 1.80.2.1 2010/09/24 13:31:57 kaie%kuix.de Exp $
  */
 
 #ifndef _CERT_H_
 #define _CERT_H_
 
 #include "utilrename.h"
 #include "plarena.h"
 #include "plhash.h"
@@ -602,16 +602,26 @@ CERT_FindCertByEmailAddr(CERTCertDBHandl
 /*
 ** Find a certificate in the database by a email address or nickname
 **	"name" is the email address or nickname to look up
 */
 CERTCertificate *
 CERT_FindCertByNicknameOrEmailAddr(CERTCertDBHandle *handle, const char *name);
 
 /*
+** Find a certificate in the database by a email address or nickname
+** and require it to have the given usage.
+**      "name" is the email address or nickname to look up
+*/
+CERTCertificate *
+CERT_FindCertByNicknameOrEmailAddrForUsage(CERTCertDBHandle *handle,
+                                           const char *name, 
+                                           SECCertUsage lookingForUsage);
+
+/*
 ** Find a certificate in the database by a digest of a subject public key
 **	"spkDigest" is the digest to look up
 */
 extern CERTCertificate *
 CERT_FindCertBySPKDigest(CERTCertDBHandle *handle, SECItem *spkDigest);
 
 /*
  * Find the issuer of a cert
--- a/security/nss/lib/certdb/stanpcertdb.c
+++ b/security/nss/lib/certdb/stanpcertdb.c
@@ -609,53 +609,108 @@ CERT_FindCertByDERCert(CERTCertDBHandle 
     if (!c) {
 	c = NSSTrustDomain_FindCertificateByEncodedCertificate(handle, 
 	                                                       &encoding);
 	if (!c) return NULL;
     }
     return STAN_GetCERTCertificateOrRelease(c);
 }
 
-CERTCertificate *
-CERT_FindCertByNicknameOrEmailAddr(CERTCertDBHandle *handle, const char *name)
+static CERTCertificate *
+common_FindCertByNicknameOrEmailAddrForUsage(CERTCertDBHandle *handle, 
+                                             char *name,
+                                             PRBool anyUsage,
+                                             SECCertUsage lookingForUsage)
 {
     NSSCryptoContext *cc;
     NSSCertificate *c, *ct;
     CERTCertificate *cert;
     NSSUsage usage;
+    CERTCertList *certlist;
 
     if (NULL == name) {
         PORT_SetError(SEC_ERROR_INVALID_ARGS);
 	return NULL;
     }
-    usage.anyUsage = PR_TRUE;
+
+    usage.anyUsage = anyUsage;
+
+    if (!anyUsage) {
+      usage.nss3lookingForCA = PR_FALSE;
+      usage.nss3usage = lookingForUsage;
+    }
+
     cc = STAN_GetDefaultCryptoContext();
     ct = NSSCryptoContext_FindBestCertificateByNickname(cc, name, 
                                                        NULL, &usage, NULL);
     if (!ct && PORT_Strchr(name, '@') != NULL) {
         char* lowercaseName = CERT_FixupEmailAddr(name);
         if (lowercaseName) {
 	    ct = NSSCryptoContext_FindBestCertificateByEmail(cc, lowercaseName, 
 							    NULL, &usage, NULL);
             PORT_Free(lowercaseName);
         }
     }
-    cert = PK11_FindCertFromNickname(name, NULL);
+
+    if (anyUsage) {
+      cert = PK11_FindCertFromNickname(name, NULL);
+    }
+    else {
+      if (ct) {
+        /* Does ct really have the required usage? */
+          nssDecodedCert *dc;
+          dc = nssCertificate_GetDecoding(ct);
+          if (!dc->matchUsage(dc, &usage)) {
+            CERT_DestroyCertificate(STAN_GetCERTCertificateOrRelease(ct));
+            ct = NULL;
+          }
+      }
+
+      certlist = PK11_FindCertsFromNickname(name, NULL);
+      if (certlist) {
+        SECStatus rv = CERT_FilterCertListByUsage(certlist, 
+                                                  lookingForUsage, 
+                                                  PR_FALSE);
+        if (SECSuccess == rv &&
+            !CERT_LIST_END(CERT_LIST_HEAD(certlist), certlist)) {
+          cert = CERT_DupCertificate(CERT_LIST_HEAD(certlist)->cert);
+        }
+        CERT_DestroyCertList(certlist);
+      }
+    }
+
     if (cert) {
 	c = get_best_temp_or_perm(ct, STAN_GetNSSCertificate(cert));
 	CERT_DestroyCertificate(cert);
 	if (ct) {
 	    CERT_DestroyCertificate(STAN_GetCERTCertificateOrRelease(ct));
 	}
     } else {
 	c = ct;
     }
     return c ? STAN_GetCERTCertificateOrRelease(c) : NULL;
 }
 
+CERTCertificate *
+CERT_FindCertByNicknameOrEmailAddr(CERTCertDBHandle *handle, const char *name)
+{
+  return common_FindCertByNicknameOrEmailAddrForUsage(handle, name, 
+                                                      PR_TRUE, 0);
+}
+
+CERTCertificate *
+CERT_FindCertByNicknameOrEmailAddrForUsage(CERTCertDBHandle *handle, 
+                                           const char *name, 
+                                           SECCertUsage lookingForUsage)
+{
+  return common_FindCertByNicknameOrEmailAddrForUsage(handle, name, 
+                                                      PR_FALSE, 
+                                                      lookingForUsage);
+}
+
 static void 
 add_to_subject_list(CERTCertList *certList, CERTCertificate *cert,
                     PRBool validOnly, int64 sorttime)
 {
     SECStatus secrv;
     if (!validOnly ||
 	CERT_CheckCertValidTimes(cert, sorttime, PR_FALSE) 
 	 == secCertTimeValid) {
--- a/security/nss/lib/certhigh/ocsp.h
+++ b/security/nss/lib/certhigh/ocsp.h
@@ -32,17 +32,17 @@
  * the provisions above, a recipient may use your version of this file under
  * the terms of any one of the MPL, the GPL or the LGPL.
  *
  * ***** END LICENSE BLOCK ***** */
 
 /*
  * Interface to the OCSP implementation.
  *
- * $Id: ocsp.h,v 1.17 2010/02/01 20:09:32 wtc%google.com Exp $
+ * $Id: ocsp.h,v 1.17.2.1 2010/09/27 21:22:20 wtc%google.com Exp $
  */
 
 #ifndef _OCSP_H_
 #define _OCSP_H_
 
 
 #include "plarena.h"
 #include "seccomon.h"
@@ -471,33 +471,33 @@ CERT_GetOCSPAuthorityInfoAccessLocation(
  */
 extern SECStatus
 CERT_RegisterAlternateOCSPAIAInfoCallBack(
 			CERT_StringFromCertFcn   newCallback,
 			CERT_StringFromCertFcn * oldCallback);
 
 /*
  * FUNCTION: CERT_ParseURL
- *   Parse the URI of a OCSP responder into hostname, port, and path.
+ *   Parse a URI into hostname, port, and path.  The scheme in the URI must
+ *   be "http".
  * INPUTS:
- *   const char *location
+ *   const char *url
  *     The URI to be parsed
  * OUTPUTS:
  *   char *pHostname
  *     Pointer to store the hostname obtained from the URI.
  *     This result should be freed (via PORT_Free) when no longer in use.
  *   PRUint16 *pPort
  *     Pointer to store the port number obtained from the URI.
  *   char *pPath
  *     Pointer to store the path obtained from the URI.
  *     This result should be freed (via PORT_Free) when no longer in use.
  * RETURN:
- *   Returns SECSuccess when parsing was successful. Anything else means
+ *   Returns SECSuccess when parsing was successful. Returns SECFailure when
  *   problems were encountered.
- *     
  */
 extern SECStatus
 CERT_ParseURL(const char *url, char **pHostname, PRUint16 *pPort, char **pPath);
 
 /*
  * FUNCTION: CERT_CheckOCSPStatus
  *   Checks the status of a certificate via OCSP.  Will only check status for
  *   a certificate that has an AIA (Authority Information Access) extension
--- a/security/nss/lib/ckfw/builtins/certdata.c
+++ b/security/nss/lib/ckfw/builtins/certdata.c
@@ -30,17 +30,17 @@
  * use your version of this file under the terms of the MPL, indicate your
  * decision by deleting the provisions above and replace them with the notice
  * and other provisions required by the GPL or the LGPL. If you do not delete
  * the provisions above, a recipient may use your version of this file under
  * the terms of any one of the MPL, the GPL or the LGPL.
  *
  * ***** END LICENSE BLOCK ***** */
 #ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile: certdata.c,v $ $Revision: 1.67.2.1 $ $Date: 2010/08/27 15:46:44 $""; @(#) $RCSfile: certdata.c,v $ $Revision: 1.67.2.1 $ $Date: 2010/08/27 15:46:44 $";
+static const char CVS_ID[] = "@(#) $RCSfile: certdata.c,v $ $Revision: 1.67.2.6 $ $Date: 2010/12/02 23:26:35 $""; @(#) $RCSfile: certdata.c,v $ $Revision: 1.67.2.6 $ $Date: 2010/12/02 23:26:35 $";
 #endif /* DEBUG */
 
 #ifndef BUILTINS_H
 #include "builtins.h"
 #endif /* BUILTINS_H */
 
 static const CK_BBOOL ck_false = CK_FALSE;
 static const CK_BBOOL ck_true = CK_TRUE;
@@ -993,111 +993,31 @@ static const CK_ATTRIBUTE_TYPE nss_built
 #ifdef DEBUG
 static const NSSItem nss_builtins_items_0 [] = {
   { (void *)&cko_data, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"CVS ID", (PRUint32)7 },
   { (void *)"NSS", (PRUint32)4 },
-  { (void *)"@(#) $RCSfile: certdata.c,v $ $Revision: 1.67.2.1 $ $Date: 2010/08/27 15:46:44 $""; @(#) $RCSfile: certdata.c,v $ $Revision: 1.67.2.1 $ $Date: 2010/08/27 15:46:44 $", (PRUint32)160 }
+  { (void *)"@(#) $RCSfile: certdata.c,v $ $Revision: 1.67.2.6 $ $Date: 2010/12/02 23:26:35 $""; @(#) $RCSfile: certdata.c,v $ $Revision: 1.67.2.6 $ $Date: 2010/12/02 23:26:35 $", (PRUint32)164 }
 };
 #endif /* DEBUG */
 static const NSSItem nss_builtins_items_1 [] = {
   { (void *)&cko_netscape_builtin_root_list, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Mozilla Builtin Roots", (PRUint32)22 }
 };
 static const NSSItem nss_builtins_items_2 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"GTE CyberTrust Root CA", (PRUint32)23 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\105\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157"
-"\162\160\157\162\141\164\151\157\156\061\034\060\032\006\003\125"
-"\004\003\023\023\107\124\105\040\103\171\142\145\162\124\162\165"
-"\163\164\040\122\157\157\164"
-, (PRUint32)71 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\105\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157"
-"\162\160\157\162\141\164\151\157\156\061\034\060\032\006\003\125"
-"\004\003\023\023\107\124\105\040\103\171\142\145\162\124\162\165"
-"\163\164\040\122\157\157\164"
-, (PRUint32)71 },
-  { (void *)"\002\002\001\243"
-, (PRUint32)4 },
-  { (void *)"\060\202\001\372\060\202\001\143\002\002\001\243\060\015\006\011"
-"\052\206\110\206\367\015\001\001\004\005\000\060\105\061\013\060"
-"\011\006\003\125\004\006\023\002\125\123\061\030\060\026\006\003"
-"\125\004\012\023\017\107\124\105\040\103\157\162\160\157\162\141"
-"\164\151\157\156\061\034\060\032\006\003\125\004\003\023\023\107"
-"\124\105\040\103\171\142\145\162\124\162\165\163\164\040\122\157"
-"\157\164\060\036\027\015\071\066\060\062\062\063\062\063\060\061"
-"\060\060\132\027\015\060\066\060\062\062\063\062\063\065\071\060"
-"\060\132\060\105\061\013\060\011\006\003\125\004\006\023\002\125"
-"\123\061\030\060\026\006\003\125\004\012\023\017\107\124\105\040"
-"\103\157\162\160\157\162\141\164\151\157\156\061\034\060\032\006"
-"\003\125\004\003\023\023\107\124\105\040\103\171\142\145\162\124"
-"\162\165\163\164\040\122\157\157\164\060\201\237\060\015\006\011"
-"\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060"
-"\201\211\002\201\201\000\270\346\117\272\333\230\174\161\174\257"
-"\104\267\323\017\106\331\144\345\223\301\102\216\307\272\111\215"
-"\065\055\172\347\213\275\345\005\061\131\306\261\057\012\014\373"
-"\237\247\077\242\011\146\204\126\036\067\051\033\207\351\176\014"
-"\312\232\237\245\177\365\025\224\243\325\242\106\202\330\150\114"
-"\321\067\025\006\150\257\275\370\260\263\360\051\365\225\132\011"
-"\026\141\167\012\042\045\324\117\105\252\307\275\345\226\337\371"
-"\324\250\216\102\314\044\300\036\221\047\112\265\155\006\200\143"
-"\071\304\242\136\070\003\002\003\001\000\001\060\015\006\011\052"
-"\206\110\206\367\015\001\001\004\005\000\003\201\201\000\022\263"
-"\165\306\137\035\341\141\125\200\000\324\201\113\173\061\017\043"
-"\143\347\075\363\003\371\364\066\250\273\331\343\245\227\115\352"
-"\053\051\340\326\152\163\201\346\300\211\243\323\361\340\245\245"
-"\042\067\232\143\302\110\040\264\333\162\343\310\366\331\174\276"
-"\261\257\123\332\024\264\041\270\326\325\226\343\376\116\014\131"
-"\142\266\232\112\371\102\335\214\157\201\251\161\377\364\012\162"
-"\155\155\104\016\235\363\164\164\250\325\064\111\351\136\236\351"
-"\264\172\341\345\132\037\204\060\234\323\237\245\045\330"
-, (PRUint32)510 }
-};
-static const NSSItem nss_builtins_items_3 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"GTE CyberTrust Root CA", (PRUint32)23 },
-  { (void *)"\220\336\336\236\114\116\237\157\330\206\027\127\235\323\221\274"
-"\145\246\211\144"
-, (PRUint32)20 },
-  { (void *)"\304\327\360\262\243\305\175\141\147\360\004\315\103\323\272\130"
-, (PRUint32)16 },
-  { (void *)"\060\105\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157"
-"\162\160\157\162\141\164\151\157\156\061\034\060\032\006\003\125"
-"\004\003\023\023\107\124\105\040\103\171\142\145\162\124\162\165"
-"\163\164\040\122\157\157\164"
-, (PRUint32)71 },
-  { (void *)"\002\002\001\243"
-, (PRUint32)4 },
-  { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
-};
-static const NSSItem nss_builtins_items_4 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"GTE CyberTrust Global Root", (PRUint32)27 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\165\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
 "\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157"
 "\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125"
 "\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165"
 "\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156"
 "\143\056\061\043\060\041\006\003\125\004\003\023\032\107\124\105"
@@ -1151,17 +1071,17 @@ static const NSSItem nss_builtins_items_
 "\026\063\201\023\010\236\173\064\116\337\100\310\164\327\271\175"
 "\334\364\166\125\175\233\143\124\030\351\360\352\363\134\261\331"
 "\213\102\036\271\300\225\116\272\372\325\342\174\365\150\141\277"
 "\216\354\005\227\137\133\260\327\243\205\064\304\044\247\015\017"
 "\225\223\357\313\224\330\236\037\235\134\205\155\307\252\256\117"
 "\037\042\265\315\225\255\272\247\314\371\253\013\172\177"
 , (PRUint32)606 }
 };
-static const NSSItem nss_builtins_items_5 [] = {
+static const NSSItem nss_builtins_items_3 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"GTE CyberTrust Global Root", (PRUint32)27 },
   { (void *)"\227\201\171\120\330\034\226\160\314\064\330\011\317\171\104\061"
 "\066\176\364\164"
 , (PRUint32)20 },
@@ -1178,17 +1098,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)119 },
   { (void *)"\002\002\001\245"
 , (PRUint32)4 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_6 [] = {
+static const NSSItem nss_builtins_items_4 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Thawte Personal Freemail CA", (PRUint32)28 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\201\321\061\013\060\011\006\003\125\004\006\023\002\132\101"
 "\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
@@ -1272,17 +1192,17 @@ static const NSSItem nss_builtins_items_
 "\234\027\254\107\051\337\235\230\136\322\154\140\161\134\242\254"
 "\334\171\343\347\156\000\107\037\265\015\050\350\002\235\344\232"
 "\375\023\364\246\331\174\261\370\334\137\043\046\011\221\200\163"
 "\320\024\033\336\103\251\203\045\362\346\234\057\025\312\376\246"
 "\253\212\007\165\213\014\335\121\204\153\344\370\321\316\167\242"
 "\201"
 , (PRUint32)817 }
 };
-static const NSSItem nss_builtins_items_7 [] = {
+static const NSSItem nss_builtins_items_5 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Thawte Personal Freemail CA", (PRUint32)28 },
   { (void *)"\040\231\000\266\075\225\127\050\024\014\321\066\042\330\306\207"
 "\244\353\000\205"
 , (PRUint32)20 },
@@ -1305,17 +1225,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)212 },
   { (void *)"\002\001\000"
 , (PRUint32)3 },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_8 [] = {
+static const NSSItem nss_builtins_items_6 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Thawte Server CA", (PRUint32)17 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\201\304\061\013\060\011\006\003\125\004\006\023\002\132\101"
 "\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
@@ -1395,17 +1315,17 @@ static const NSSItem nss_builtins_items_
 "\225\075\241\213\267\013\142\230\172\165\212\335\210\116\116\236"
 "\100\333\250\314\062\164\271\157\015\306\343\263\104\013\331\212"
 "\157\232\051\233\231\030\050\073\321\343\100\050\232\132\074\325"
 "\265\347\040\033\213\312\244\253\215\351\121\331\342\114\054\131"
 "\251\332\271\262\165\033\366\102\362\357\307\362\030\371\211\274"
 "\243\377\212\043\056\160\107"
 , (PRUint32)791 }
 };
-static const NSSItem nss_builtins_items_9 [] = {
+static const NSSItem nss_builtins_items_7 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Thawte Server CA", (PRUint32)17 },
   { (void *)"\043\345\224\224\121\225\362\101\110\003\264\325\144\322\243\243"
 "\365\330\213\214"
 , (PRUint32)20 },
@@ -1427,17 +1347,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)199 },
   { (void *)"\002\001\001"
 , (PRUint32)3 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_10 [] = {
+static const NSSItem nss_builtins_items_8 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Thawte Premium Server CA", (PRUint32)25 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\201\316\061\013\060\011\006\003\125\004\006\023\002\132\101"
 "\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
@@ -1520,17 +1440,17 @@ static const NSSItem nss_builtins_items_
 "\205\374\311\001\070\377\115\276\362\026\102\103\347\273\132\106"
 "\373\301\306\021\037\361\112\260\050\106\311\303\304\102\175\274"
 "\372\253\131\156\325\267\121\210\021\343\244\205\031\153\202\114"
 "\244\014\022\255\351\244\256\077\361\303\111\145\232\214\305\310"
 "\076\045\267\224\231\273\222\062\161\007\360\206\136\355\120\047"
 "\246\015\246\043\371\273\313\246\007\024\102"
 , (PRUint32)811 }
 };
-static const NSSItem nss_builtins_items_11 [] = {
+static const NSSItem nss_builtins_items_9 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Thawte Premium Server CA", (PRUint32)25 },
   { (void *)"\142\177\215\170\047\145\143\231\322\175\177\220\104\311\376\263"
 "\363\076\372\232"
 , (PRUint32)20 },
@@ -1553,17 +1473,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)209 },
   { (void *)"\002\001\001"
 , (PRUint32)3 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_12 [] = {
+static const NSSItem nss_builtins_items_10 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Equifax Secure CA", (PRUint32)18 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
 "\020\060\016\006\003\125\004\012\023\007\105\161\165\151\146\141"
@@ -1628,17 +1548,17 @@ static const NSSItem nss_builtins_items_
 "\356\250\377\132\310\323\125\262\146\161\127\336\300\041\353\075"
 "\052\247\043\111\001\004\206\102\173\374\356\177\242\026\122\265"
 "\147\147\323\100\333\073\046\130\262\050\167\075\256\024\167\141"
 "\326\372\052\146\047\240\015\372\247\163\134\352\160\361\224\041"
 "\145\104\137\372\374\357\051\150\251\242\207\171\357\171\357\117"
 "\254\007\167\070"
 , (PRUint32)804 }
 };
-static const NSSItem nss_builtins_items_13 [] = {
+static const NSSItem nss_builtins_items_11 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Equifax Secure CA", (PRUint32)18 },
   { (void *)"\322\062\011\255\043\323\024\043\041\164\344\015\177\235\142\023"
 "\227\206\143\072"
 , (PRUint32)20 },
@@ -1652,17 +1572,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)80 },
   { (void *)"\002\004\065\336\364\317"
 , (PRUint32)6 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_14 [] = {
+static const NSSItem nss_builtins_items_12 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Digital Signature Trust Co. Global CA 1", (PRUint32)40 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
 "\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141"
@@ -1727,17 +1647,17 @@ static const NSSItem nss_builtins_items_
 "\102\307\222\046\240\134\064\232\070\162\370\375\153\026\076\040"
 "\356\202\213\061\052\223\066\205\043\210\212\074\003\150\323\311"
 "\011\017\115\374\154\244\332\050\162\223\016\211\200\260\175\376"
 "\200\157\145\155\030\063\227\213\302\153\211\356\140\075\310\233"
 "\357\177\053\062\142\163\223\313\074\343\173\342\166\170\105\274"
 "\241\223\004\273\206\237\072\133\103\172\303\212\145"
 , (PRUint32)813 }
 };
-static const NSSItem nss_builtins_items_15 [] = {
+static const NSSItem nss_builtins_items_13 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Digital Signature Trust Co. Global CA 1", (PRUint32)40 },
   { (void *)"\201\226\213\072\357\034\334\160\365\372\062\151\302\222\243\143"
 "\133\321\043\323"
 , (PRUint32)20 },
@@ -1751,17 +1671,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)72 },
   { (void *)"\002\004\066\160\025\226"
 , (PRUint32)6 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_16 [] = {
+static const NSSItem nss_builtins_items_14 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Digital Signature Trust Co. Global CA 3", (PRUint32)40 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
 "\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141"
@@ -1826,17 +1746,17 @@ static const NSSItem nss_builtins_items_
 "\305\327\364\012\045\017\075\170\201\236\017\261\147\304\220\114"
 "\143\335\136\247\342\272\237\365\367\115\245\061\173\234\051\055"
 "\114\376\144\076\354\266\123\376\352\233\355\202\333\164\165\113"
 "\007\171\156\036\330\031\203\163\336\365\076\320\265\336\347\113"
 "\150\175\103\056\052\040\341\176\240\170\104\236\010\365\230\371"
 "\307\177\033\033\326\006\040\002\130\241\303\242\003"
 , (PRUint32)813 }
 };
-static const NSSItem nss_builtins_items_17 [] = {
+static const NSSItem nss_builtins_items_15 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Digital Signature Trust Co. Global CA 3", (PRUint32)40 },
   { (void *)"\253\110\363\063\333\004\253\271\300\162\332\133\014\301\320\127"
 "\360\066\233\106"
 , (PRUint32)20 },
@@ -1850,17 +1770,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)72 },
   { (void *)"\002\004\066\156\323\316"
 , (PRUint32)6 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_18 [] = {
+static const NSSItem nss_builtins_items_16 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Verisign Class 1 Public Primary Certification Authority", (PRUint32)56 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
 "\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
@@ -1916,17 +1836,17 @@ static const NSSItem nss_builtins_items_
 "\220\222\166\371\342\274\112\351\217\315\240\200\012\367\305\051"
 "\361\202\042\135\270\261\335\201\043\243\173\045\025\106\060\171"
 "\026\370\352\005\113\224\177\035\302\034\310\343\267\364\020\100"
 "\074\023\303\137\037\123\350\110\344\206\264\173\241\065\260\173"
 "\045\272\270\323\216\253\077\070\235\000\064\000\230\363\321\161"
 "\224"
 , (PRUint32)577 }
 };
-static const NSSItem nss_builtins_items_19 [] = {
+static const NSSItem nss_builtins_items_17 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Verisign Class 1 Public Primary Certification Authority", (PRUint32)56 },
   { (void *)"\220\256\242\151\205\377\024\200\114\103\111\122\354\351\140\204"
 "\167\257\125\157"
 , (PRUint32)20 },
@@ -1943,17 +1863,17 @@ static const NSSItem nss_builtins_items_
   { (void *)"\002\021\000\315\272\177\126\360\337\344\274\124\376\042\254\263"
 "\162\252\125"
 , (PRUint32)19 },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_20 [] = {
+static const NSSItem nss_builtins_items_18 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Verisign Class 2 Public Primary Certification Authority", (PRUint32)56 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
 "\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
@@ -2008,17 +1928,17 @@ static const NSSItem nss_builtins_items_
 "\047\312\105\122\316\026\357\077\006\144\347\224\150\174\140\063"
 "\025\021\151\257\235\142\215\243\003\124\153\246\276\345\356\005"
 "\030\140\004\277\102\200\375\320\250\250\036\001\073\367\243\134"
 "\257\243\334\346\046\200\043\074\270\104\164\367\012\256\111\213"
 "\141\170\314\044\277\210\212\247\016\352\163\031\101\375\115\003"
 "\360\210\321\345\170\215\245\052\117\366\227\015\027\167\312\330"
 , (PRUint32)576 }
 };
-static const NSSItem nss_builtins_items_21 [] = {
+static const NSSItem nss_builtins_items_19 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Verisign Class 2 Public Primary Certification Authority", (PRUint32)56 },
   { (void *)"\147\202\252\340\355\356\342\032\130\071\323\300\315\024\150\012"
 "\117\140\024\052"
 , (PRUint32)20 },
@@ -2035,17 +1955,17 @@ static const NSSItem nss_builtins_items_
   { (void *)"\002\020\055\033\374\112\027\215\243\221\353\347\377\365\213\105"
 "\276\013"
 , (PRUint32)18 },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_22 [] = {
+static const NSSItem nss_builtins_items_20 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Verisign Class 3 Public Primary Certification Authority", (PRUint32)56 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
 "\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
@@ -2100,17 +2020,17 @@ static const NSSItem nss_builtins_items_
 "\225\274\035\217\154\054\250\121\314\163\330\244\300\123\360\116"
 "\326\046\300\166\001\127\201\222\136\041\361\321\261\377\347\320"
 "\041\130\315\151\027\343\104\034\234\031\104\071\211\134\334\234"
 "\000\017\126\215\002\231\355\242\220\105\114\344\273\020\244\075"
 "\360\062\003\016\361\316\370\350\311\121\214\346\142\237\346\237"
 "\300\175\267\162\234\311\066\072\153\237\116\250\377\144\015\144"
 , (PRUint32)576 }
 };
-static const NSSItem nss_builtins_items_23 [] = {
+static const NSSItem nss_builtins_items_21 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Verisign Class 3 Public Primary Certification Authority", (PRUint32)56 },
   { (void *)"\164\054\061\222\346\007\344\044\353\105\111\124\053\341\273\305"
 "\076\141\164\342"
 , (PRUint32)20 },
@@ -2127,17 +2047,17 @@ static const NSSItem nss_builtins_items_
   { (void *)"\002\020\160\272\344\035\020\331\051\064\266\070\312\173\003\314"
 "\272\277"
 , (PRUint32)18 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_24 [] = {
+static const NSSItem nss_builtins_items_22 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Verisign Class 1 Public Primary Certification Authority - G2", (PRUint32)61 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
 "\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
@@ -2217,17 +2137,17 @@ static const NSSItem nss_builtins_items_
 "\261\135\363\307\266\012\333\340\025\223\015\335\003\274\307\166"
 "\212\265\335\117\303\233\023\165\270\001\300\346\311\133\153\245"
 "\270\211\334\254\244\335\162\355\116\241\367\117\274\006\323\352"
 "\310\144\164\173\302\225\101\234\145\163\130\361\220\232\074\152"
 "\261\230\311\304\207\274\317\105\155\105\342\156\042\077\376\274"
 "\017\061\134\350\362\331"
 , (PRUint32)774 }
 };
-static const NSSItem nss_builtins_items_25 [] = {
+static const NSSItem nss_builtins_items_23 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Verisign Class 1 Public Primary Certification Authority - G2", (PRUint32)61 },
   { (void *)"\047\076\341\044\127\375\304\371\014\125\350\053\126\026\177\142"
 "\365\062\345\107"
 , (PRUint32)20 },
@@ -2250,17 +2170,17 @@ static const NSSItem nss_builtins_items_
   { (void *)"\002\020\114\307\352\252\230\076\161\323\223\020\370\075\072\211"
 "\221\222"
 , (PRUint32)18 },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_26 [] = {
+static const NSSItem nss_builtins_items_24 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Verisign Class 2 Public Primary Certification Authority - G2", (PRUint32)61 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
 "\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
@@ -2340,17 +2260,17 @@ static const NSSItem nss_builtins_items_
 "\225\366\044\140\206\115\104\056\203\245\304\055\240\323\256\170"
 "\151\157\162\332\154\256\010\360\143\222\067\346\273\304\060\027"
 "\255\167\314\111\065\252\317\330\217\321\276\267\030\226\107\163"
 "\152\124\042\064\144\055\266\026\233\131\133\264\121\131\072\263"
 "\013\024\364\022\337\147\240\364\255\062\144\136\261\106\162\047"
 "\214\022\173\305\104\264\256"
 , (PRUint32)775 }
 };
-static const NSSItem nss_builtins_items_27 [] = {
+static const NSSItem nss_builtins_items_25 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Verisign Class 2 Public Primary Certification Authority - G2", (PRUint32)61 },
   { (void *)"\263\352\304\107\166\311\310\034\352\362\235\225\266\314\240\010"
 "\033\147\354\235"
 , (PRUint32)20 },
@@ -2373,17 +2293,17 @@ static const NSSItem nss_builtins_items_
   { (void *)"\002\021\000\271\057\140\314\210\237\241\172\106\011\270\133\160"
 "\154\212\257"
 , (PRUint32)19 },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_28 [] = {
+static const NSSItem nss_builtins_items_26 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Verisign Class 3 Public Primary Certification Authority - G2", (PRUint32)61 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
 "\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
@@ -2463,17 +2383,17 @@ static const NSSItem nss_builtins_items_
 "\141\222\137\246\304\035\020\141\066\323\054\047\074\350\051\011"
 "\271\021\144\164\314\265\163\237\034\110\251\274\141\001\356\342"
 "\027\246\014\343\100\010\073\016\347\353\104\163\052\232\361\151"
 "\222\357\161\024\303\071\254\161\247\221\011\157\344\161\006\263"
 "\272\131\127\046\171\000\366\370\015\242\063\060\050\324\252\130"
 "\240\235\235\151\221\375"
 , (PRUint32)774 }
 };
-static const NSSItem nss_builtins_items_29 [] = {
+static const NSSItem nss_builtins_items_27 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Verisign Class 3 Public Primary Certification Authority - G2", (PRUint32)61 },
   { (void *)"\205\067\034\246\345\120\024\075\316\050\003\107\033\336\072\011"
 "\350\370\167\017"
 , (PRUint32)20 },
@@ -2496,17 +2416,17 @@ static const NSSItem nss_builtins_items_
   { (void *)"\002\020\175\331\376\007\317\250\036\267\020\171\147\373\247\211"
 "\064\306"
 , (PRUint32)18 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_30 [] = {
+static const NSSItem nss_builtins_items_28 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Verisign Class 4 Public Primary Certification Authority - G2", (PRUint32)61 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
 "\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
@@ -2586,17 +2506,17 @@ static const NSSItem nss_builtins_items_
 "\104\133\267\237\201\073\222\150\075\342\067\044\365\173\154\217"
 "\166\065\226\011\250\131\235\271\316\043\253\164\326\203\375\062"
 "\163\047\330\151\076\103\164\366\256\305\211\232\347\123\174\351"
 "\173\366\113\363\301\145\203\336\215\212\234\074\210\215\071\131"
 "\374\252\077\042\215\241\301\146\120\201\162\114\355\042\144\117"
 "\117\312\200\221\266\051"
 , (PRUint32)774 }
 };
-static const NSSItem nss_builtins_items_31 [] = {
+static const NSSItem nss_builtins_items_29 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Verisign Class 4 Public Primary Certification Authority - G2", (PRUint32)61 },
   { (void *)"\013\167\276\273\313\172\242\107\005\336\314\017\275\152\002\374"
 "\172\275\233\122"
 , (PRUint32)20 },
@@ -2619,17 +2539,17 @@ static const NSSItem nss_builtins_items_
   { (void *)"\002\020\062\210\216\232\322\365\353\023\107\370\177\304\040\067"
 "\045\370"
 , (PRUint32)18 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_32 [] = {
+static const NSSItem nss_builtins_items_30 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"GlobalSign Root CA", (PRUint32)19 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061"
 "\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154"
@@ -2701,17 +2621,17 @@ static const NSSItem nss_builtins_items_
 "\052\304\126\061\225\320\147\211\205\053\371\154\246\135\106\235"
 "\014\252\202\344\231\121\335\160\267\333\126\075\141\344\152\341"
 "\134\326\366\376\075\336\101\314\007\256\143\122\277\123\123\364"
 "\053\351\307\375\266\367\202\137\205\322\101\030\333\201\263\004"
 "\034\305\037\244\200\157\025\040\311\336\014\210\012\035\326\146"
 "\125\342\374\110\311\051\046\151\340"
 , (PRUint32)889 }
 };
-static const NSSItem nss_builtins_items_33 [] = {
+static const NSSItem nss_builtins_items_31 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"GlobalSign Root CA", (PRUint32)19 },
   { (void *)"\261\274\226\213\324\364\235\142\052\250\232\201\362\025\001\122"
 "\244\035\202\234"
 , (PRUint32)20 },
@@ -2726,17 +2646,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)89 },
   { (void *)"\002\013\004\000\000\000\000\001\025\113\132\303\224"
 , (PRUint32)13 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_34 [] = {
+static const NSSItem nss_builtins_items_32 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"GlobalSign Root CA - R2", (PRUint32)24 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\114\061\040\060\036\006\003\125\004\013\023\027\107\154\157"
 "\142\141\154\123\151\147\156\040\122\157\157\164\040\103\101\040"
@@ -2810,17 +2730,17 @@ static const NSSItem nss_builtins_items_
 "\001\373\303\155\271\357\104\155\171\106\061\176\012\376\251\202"
 "\301\377\357\253\156\040\304\120\311\137\235\115\233\027\214\014"
 "\345\001\311\240\101\152\163\123\372\245\120\264\156\045\017\373"
 "\114\030\364\375\122\331\216\151\261\350\021\017\336\210\330\373"
 "\035\111\367\252\336\225\317\040\170\302\140\022\333\045\100\214"
 "\152\374\176\102\070\100\144\022\367\236\201\341\223\056"
 , (PRUint32)958 }
 };
-static const NSSItem nss_builtins_items_35 [] = {
+static const NSSItem nss_builtins_items_33 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"GlobalSign Root CA - R2", (PRUint32)24 },
   { (void *)"\165\340\253\266\023\205\022\047\034\004\370\137\335\336\070\344"
 "\267\044\056\376"
 , (PRUint32)20 },
@@ -2834,17 +2754,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)78 },
   { (void *)"\002\013\004\000\000\000\000\001\017\206\046\346\015"
 , (PRUint32)13 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_36 [] = {
+static const NSSItem nss_builtins_items_34 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"ValiCert Class 1 VA", (PRUint32)20 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141"
 "\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
@@ -2919,17 +2839,17 @@ static const NSSItem nss_builtins_items_
 "\322\265\247\122\376\234\261\266\342\133\167\027\100\352\162\326"
 "\043\313\050\201\062\303\000\171\030\354\131\027\211\311\306\152"
 "\036\161\311\375\267\164\245\045\105\151\305\110\253\031\341\105"
 "\212\045\153\031\356\345\273\022\365\177\367\246\215\121\303\360"
 "\235\164\267\251\076\240\245\377\266\111\003\023\332\042\314\355"
 "\161\202\053\231\317\072\267\365\055\162\310"
 , (PRUint32)747 }
 };
-static const NSSItem nss_builtins_items_37 [] = {
+static const NSSItem nss_builtins_items_35 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"ValiCert Class 1 VA", (PRUint32)20 },
   { (void *)"\345\337\164\074\266\001\304\233\230\103\334\253\214\350\152\201"
 "\020\237\344\216"
 , (PRUint32)20 },
@@ -2950,17 +2870,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)190 },
   { (void *)"\002\001\001"
 , (PRUint32)3 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_38 [] = {
+static const NSSItem nss_builtins_items_36 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"ValiCert Class 2 VA", (PRUint32)20 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141"
 "\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
@@ -3035,17 +2955,17 @@ static const NSSItem nss_builtins_items_
 "\250\130\177\241\171\000\265\273\351\215\257\101\331\017\064\356"
 "\041\201\031\240\062\111\050\364\304\216\126\325\122\063\375\120"
 "\325\176\231\154\003\344\311\114\374\313\154\253\146\263\112\041"
 "\214\345\265\014\062\076\020\262\314\154\241\334\232\230\114\002"
 "\133\363\316\271\236\245\162\016\112\267\077\074\346\026\150\370"
 "\276\355\164\114\274\133\325\142\037\103\335"
 , (PRUint32)747 }
 };
-static const NSSItem nss_builtins_items_39 [] = {
+static const NSSItem nss_builtins_items_37 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"ValiCert Class 2 VA", (PRUint32)20 },
   { (void *)"\061\172\052\320\177\053\063\136\365\241\303\116\113\127\350\267"
 "\330\361\374\246"
 , (PRUint32)20 },
@@ -3066,17 +2986,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)190 },
   { (void *)"\002\001\001"
 , (PRUint32)3 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_40 [] = {
+static const NSSItem nss_builtins_items_38 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"RSA Root Certificate 1", (PRUint32)23 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141"
 "\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
@@ -3151,17 +3071,17 @@ static const NSSItem nss_builtins_items_
 "\076\317\251\124\364\361\330\222\026\214\321\004\313\113\253\311"
 "\237\105\256\074\212\251\260\161\063\135\310\305\127\337\257\250"
 "\065\263\177\211\207\351\350\045\222\270\177\205\172\256\326\274"
 "\036\067\130\052\147\311\221\317\052\201\076\355\306\071\337\300"
 "\076\031\234\031\314\023\115\202\101\265\214\336\340\075\140\010"
 "\040\017\105\176\153\242\177\243\214\025\356"
 , (PRUint32)747 }
 };
-static const NSSItem nss_builtins_items_41 [] = {
+static const NSSItem nss_builtins_items_39 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"RSA Root Certificate 1", (PRUint32)23 },
   { (void *)"\151\275\214\364\234\323\000\373\131\056\027\223\312\125\152\363"
 "\354\252\065\373"
 , (PRUint32)20 },
@@ -3182,17 +3102,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)190 },
   { (void *)"\002\001\001"
 , (PRUint32)3 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_42 [] = {
+static const NSSItem nss_builtins_items_40 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Verisign Class 1 Public Primary Certification Authority - G3", (PRUint32)61 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
 "\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
@@ -3289,17 +3209,17 @@ static const NSSItem nss_builtins_items_
 "\245\040\200\151\150\241\117\176\341\153\317\007\101\372\203\216"
 "\274\070\335\260\056\021\261\153\262\102\314\232\274\371\110\042"
 "\171\112\031\017\262\034\076\040\164\331\152\303\276\362\050\170"
 "\023\126\171\117\155\120\352\033\260\265\127\261\067\146\130\043"
 "\363\334\017\337\012\207\304\357\206\005\325\070\024\140\231\243"
 "\113\336\006\226\161\054\362\333\266\037\244\357\077\356"
 , (PRUint32)1054 }
 };
-static const NSSItem nss_builtins_items_43 [] = {
+static const NSSItem nss_builtins_items_41 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Verisign Class 1 Public Primary Certification Authority - G3", (PRUint32)61 },
   { (void *)"\040\102\205\334\367\353\166\101\225\127\216\023\153\324\267\321"
 "\351\216\106\245"
 , (PRUint32)20 },
@@ -3322,17 +3242,17 @@ static const NSSItem nss_builtins_items_
   { (void *)"\002\021\000\213\133\165\126\204\124\205\013\000\317\257\070\110"
 "\316\261\244"
 , (PRUint32)19 },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_44 [] = {
+static const NSSItem nss_builtins_items_42 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Verisign Class 2 Public Primary Certification Authority - G3", (PRUint32)61 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
 "\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
@@ -3429,17 +3349,17 @@ static const NSSItem nss_builtins_items_
 "\260\177\373\066\045\332\225\320\361\044\024\027\335\030\200\153"
 "\106\043\071\124\365\216\142\011\004\035\224\220\246\233\346\045"
 "\342\102\105\252\270\220\255\276\010\217\251\013\102\030\224\317"
 "\162\071\341\261\103\340\050\317\267\347\132\154\023\153\111\263"
 "\377\343\030\174\211\213\063\135\254\063\327\247\371\332\072\125"
 "\311\130\020\371\252\357\132\266\317\113\113\337\052"
 , (PRUint32)1053 }
 };
-static const NSSItem nss_builtins_items_45 [] = {
+static const NSSItem nss_builtins_items_43 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Verisign Class 2 Public Primary Certification Authority - G3", (PRUint32)61 },
   { (void *)"\141\357\103\327\177\312\324\141\121\274\230\340\303\131\022\257"
 "\237\353\143\021"
 , (PRUint32)20 },
@@ -3462,17 +3382,17 @@ static const NSSItem nss_builtins_items_
   { (void *)"\002\020\141\160\313\111\214\137\230\105\051\347\260\246\331\120"
 "\133\172"
 , (PRUint32)18 },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_46 [] = {
+static const NSSItem nss_builtins_items_44 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Verisign Class 3 Public Primary Certification Authority - G3", (PRUint32)61 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
 "\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
@@ -3569,17 +3489,17 @@ static const NSSItem nss_builtins_items_
 "\027\201\053\132\067\311\136\052\364\306\342\241\134\124\233\246"
 "\124\000\317\360\361\301\307\230\060\032\073\066\026\333\243\156"
 "\352\375\255\262\302\332\357\002\107\023\212\300\361\263\061\255"
 "\117\034\341\117\234\257\017\014\235\367\170\015\330\364\065\126"
 "\200\332\267\155\027\217\235\036\201\144\341\376\305\105\272\255"
 "\153\271\012\172\116\117\113\204\356\113\361\175\335\021"
 , (PRUint32)1054 }
 };
-static const NSSItem nss_builtins_items_47 [] = {
+static const NSSItem nss_builtins_items_45 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Verisign Class 3 Public Primary Certification Authority - G3", (PRUint32)61 },
   { (void *)"\023\055\015\105\123\113\151\227\315\262\325\303\071\342\125\166"
 "\140\233\134\306"
 , (PRUint32)20 },
@@ -3602,17 +3522,17 @@ static const NSSItem nss_builtins_items_
   { (void *)"\002\021\000\233\176\006\111\243\076\142\271\325\356\220\110\161"
 "\051\357\127"
 , (PRUint32)19 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_48 [] = {
+static const NSSItem nss_builtins_items_46 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Verisign Class 4 Public Primary Certification Authority - G3", (PRUint32)61 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
 "\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
@@ -3709,17 +3629,17 @@ static const NSSItem nss_builtins_items_
 "\330\325\074\102\035\027\301\022\135\105\070\303\070\363\374\205"
 "\056\203\106\110\262\327\040\137\222\066\217\347\171\017\230\136"
 "\231\350\360\320\244\273\365\123\275\052\316\131\260\257\156\177"
 "\154\273\322\036\000\260\041\355\370\101\142\202\271\330\262\304"
 "\273\106\120\363\061\305\217\001\250\164\353\365\170\047\332\347"
 "\367\146\103\363\236\203\076\040\252\303\065\140\221\316"
 , (PRUint32)1054 }
 };
-static const NSSItem nss_builtins_items_49 [] = {
+static const NSSItem nss_builtins_items_47 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Verisign Class 4 Public Primary Certification Authority - G3", (PRUint32)61 },
   { (void *)"\310\354\214\207\222\151\313\113\253\071\351\215\176\127\147\363"
 "\024\225\163\235"
 , (PRUint32)20 },
@@ -3742,17 +3662,17 @@ static const NSSItem nss_builtins_items_
   { (void *)"\002\021\000\354\240\247\213\156\165\152\001\317\304\174\314\057"
 "\224\136\327"
 , (PRUint32)19 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_50 [] = {
+static const NSSItem nss_builtins_items_48 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Entrust.net Secure Server CA", (PRUint32)29 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\201\303\061\013\060\011\006\003\125\004\006\023\002\125\123"
 "\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165"
@@ -3860,17 +3780,17 @@ static const NSSItem nss_builtins_items_
 "\367\222\276\361\303\325\325\225\152\004\273\054\316\046\066\145"
 "\310\061\306\347\356\077\343\127\165\204\172\021\357\106\117\030"
 "\364\323\230\273\250\207\062\272\162\366\074\342\075\237\327\035"
 "\331\303\140\103\214\130\016\042\226\057\142\243\054\037\272\255"
 "\005\357\253\062\170\207\240\124\163\031\265\134\005\371\122\076"
 "\155\055\105\013\367\012\223\352\355\006\371\262"
 , (PRUint32)1244 }
 };
-static const NSSItem nss_builtins_items_51 [] = {
+static const NSSItem nss_builtins_items_49 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Entrust.net Secure Server CA", (PRUint32)29 },
   { (void *)"\231\246\233\346\032\376\210\153\115\053\202\000\174\270\124\374"
 "\061\176\025\071"
 , (PRUint32)20 },
@@ -3892,17 +3812,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)198 },
   { (void *)"\002\004\067\112\322\103"
 , (PRUint32)6 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_52 [] = {
+static const NSSItem nss_builtins_items_50 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Entrust.net Secure Personal CA", (PRUint32)31 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\201\311\061\013\060\011\006\003\125\004\006\023\002\125\123"
 "\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165"
@@ -4012,17 +3932,17 @@ static const NSSItem nss_builtins_items_
 "\001\241\113\371\237\045\073\226\312\231\303\076\241\121\034\363"
 "\303\056\104\367\260\147\106\252\222\345\073\332\034\031\024\070"
 "\060\325\342\242\061\045\056\361\354\105\070\355\370\006\130\003"
 "\163\142\260\020\061\217\100\277\144\340\134\076\305\117\037\332"
 "\022\103\377\114\346\006\046\250\233\031\252\104\074\166\262\134"
 "\354"
 , (PRUint32)1265 }
 };
-static const NSSItem nss_builtins_items_53 [] = {
+static const NSSItem nss_builtins_items_51 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Entrust.net Secure Personal CA", (PRUint32)31 },
   { (void *)"\332\171\301\161\021\120\302\064\071\252\053\013\014\142\375\125"
 "\262\371\365\200"
 , (PRUint32)20 },
@@ -4044,17 +3964,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)204 },
   { (void *)"\002\004\070\003\221\356"
 , (PRUint32)6 },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_54 [] = {
+static const NSSItem nss_builtins_items_52 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Entrust.net Premium 2048 Secure Server CA", (PRUint32)42 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156"
 "\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125"
@@ -4152,17 +4072,17 @@ static const NSSItem nss_builtins_items_
 "\015\063\333\004\321\346\111\100\023\053\166\373\076\351\234\211"
 "\017\025\316\030\260\205\170\041\117\153\117\016\372\066\147\315"
 "\007\362\377\010\320\342\336\331\277\052\257\270\207\206\041\074"
 "\004\312\267\224\150\177\317\074\351\230\327\070\377\354\300\331"
 "\120\360\056\113\130\256\106\157\320\056\303\140\332\162\125\162"
 "\275\114\105\236\141\272\277\204\201\222\003\321\322\151\174\305"
 , (PRUint32)1120 }
 };
-static const NSSItem nss_builtins_items_55 [] = {
+static const NSSItem nss_builtins_items_53 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Entrust.net Premium 2048 Secure Server CA", (PRUint32)42 },
   { (void *)"\200\035\142\320\173\104\235\134\134\003\134\230\352\141\372\104"
 "\074\052\130\376"
 , (PRUint32)20 },
@@ -4183,17 +4103,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)183 },
   { (void *)"\002\004\070\143\271\146"
 , (PRUint32)6 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_56 [] = {
+static const NSSItem nss_builtins_items_54 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Baltimore CyberTrust Root", (PRUint32)26 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\132\061\013\060\011\006\003\125\004\006\023\002\111\105\061"
 "\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155"
@@ -4265,17 +4185,17 @@ static const NSSItem nss_builtins_items_
 "\144\346\037\267\316\360\362\237\056\273\033\267\362\120\210\163"
 "\222\302\342\343\026\215\232\062\002\253\216\030\335\351\020\021"
 "\356\176\065\253\220\257\076\060\224\172\320\063\075\247\145\017"
 "\365\374\216\236\142\317\107\104\054\001\135\273\035\265\062\322"
 "\107\322\070\056\320\376\201\334\062\152\036\265\356\074\325\374"
 "\347\201\035\031\303\044\102\352\143\071\251"
 , (PRUint32)891 }
 };
-static const NSSItem nss_builtins_items_57 [] = {
+static const NSSItem nss_builtins_items_55 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Baltimore CyberTrust Root", (PRUint32)26 },
   { (void *)"\324\336\040\320\136\146\374\123\376\032\120\210\054\170\333\050"
 "\122\312\344\164"
 , (PRUint32)20 },
@@ -4290,17 +4210,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)92 },
   { (void *)"\002\004\002\000\000\271"
 , (PRUint32)6 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_58 [] = {
+static const NSSItem nss_builtins_items_56 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Equifax Secure Global eBusiness CA", (PRUint32)35 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\132\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
 "\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141"
@@ -4358,17 +4278,17 @@ static const NSSItem nss_builtins_items_
 "\147\275\001\257\315\340\161\374\132\317\144\304\340\226\230\320"
 "\243\100\342\001\212\357\047\007\361\145\001\212\104\055\006\145"
 "\165\122\300\206\020\040\041\137\154\153\017\154\256\011\034\257"
 "\362\242\030\064\304\165\244\163\034\361\215\334\357\255\371\263"
 "\166\264\222\277\334\225\020\036\276\313\310\073\132\204\140\031"
 "\126\224\251\125"
 , (PRUint32)660 }
 };
-static const NSSItem nss_builtins_items_59 [] = {
+static const NSSItem nss_builtins_items_57 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Equifax Secure Global eBusiness CA", (PRUint32)35 },
   { (void *)"\176\170\112\020\034\202\145\314\055\341\361\155\107\264\100\312"
 "\331\012\031\105"
 , (PRUint32)20 },
@@ -4383,17 +4303,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)92 },
   { (void *)"\002\001\001"
 , (PRUint32)3 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_60 [] = {
+static const NSSItem nss_builtins_items_58 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Equifax Secure eBusiness CA 1", (PRUint32)30 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\123\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
 "\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141"
@@ -4450,17 +4370,17 @@ static const NSSItem nss_builtins_items_
 "\142\040\247\204\113\130\145\361\342\371\225\041\077\365\324\176"
 "\130\036\107\207\124\076\130\241\265\265\370\052\357\161\347\274"
 "\303\366\261\111\106\342\327\240\153\345\126\172\232\047\230\174"
 "\106\142\024\347\311\374\156\003\022\171\200\070\035\110\202\215"
 "\374\027\376\052\226\053\265\142\246\246\075\275\177\222\131\315"
 "\132\052\202\262\067\171"
 , (PRUint32)646 }
 };
-static const NSSItem nss_builtins_items_61 [] = {
+static const NSSItem nss_builtins_items_59 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Equifax Secure eBusiness CA 1", (PRUint32)30 },
   { (void *)"\332\100\030\213\221\211\243\355\356\256\332\227\376\057\235\365"
 "\267\321\212\101"
 , (PRUint32)20 },
@@ -4475,17 +4395,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)85 },
   { (void *)"\002\001\004"
 , (PRUint32)3 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_62 [] = {
+static const NSSItem nss_builtins_items_60 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Equifax Secure eBusiness CA 2", (PRUint32)30 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
 "\027\060\025\006\003\125\004\012\023\016\105\161\165\151\146\141"
@@ -4550,17 +4470,17 @@ static const NSSItem nss_builtins_items_
 "\321\301\076\123\237\003\104\260\176\113\364\157\344\174\037\347"
 "\342\261\344\270\232\357\303\275\316\336\013\062\064\331\336\050"
 "\355\063\153\304\324\327\075\022\130\253\175\011\055\313\160\365"
 "\023\212\224\241\047\244\326\160\305\155\224\265\311\175\235\240"
 "\322\306\010\111\331\146\233\246\323\364\013\334\305\046\127\341"
 "\221\060\352\315"
 , (PRUint32)804 }
 };
-static const NSSItem nss_builtins_items_63 [] = {
+static const NSSItem nss_builtins_items_61 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Equifax Secure eBusiness CA 2", (PRUint32)30 },
   { (void *)"\071\117\366\205\013\006\276\122\345\030\126\314\020\341\200\350"
 "\202\263\205\314"
 , (PRUint32)20 },
@@ -4574,151 +4494,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)80 },
   { (void *)"\002\004\067\160\317\265"
 , (PRUint32)6 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_64 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"beTRUSTed Root CA", (PRUint32)18 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\132\061\013\060\011\006\003\125\004\006\023\002\127\127\061"
-"\022\060\020\006\003\125\004\012\023\011\142\145\124\122\125\123"
-"\124\145\144\061\033\060\031\006\003\125\004\003\023\022\142\145"
-"\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\163"
-"\061\032\060\030\006\003\125\004\003\023\021\142\145\124\122\125"
-"\123\124\145\144\040\122\157\157\164\040\103\101"
-, (PRUint32)92 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\132\061\013\060\011\006\003\125\004\006\023\002\127\127\061"
-"\022\060\020\006\003\125\004\012\023\011\142\145\124\122\125\123"
-"\124\145\144\061\033\060\031\006\003\125\004\003\023\022\142\145"
-"\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\163"
-"\061\032\060\030\006\003\125\004\003\023\021\142\145\124\122\125"
-"\123\124\145\144\040\122\157\157\164\040\103\101"
-, (PRUint32)92 },
-  { (void *)"\002\004\071\117\175\207"
-, (PRUint32)6 },
-  { (void *)"\060\202\005\054\060\202\004\024\240\003\002\001\002\002\004\071"
-"\117\175\207\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\132\061\013\060\011\006\003\125\004\006\023\002\127"
-"\127\061\022\060\020\006\003\125\004\012\023\011\142\145\124\122"
-"\125\123\124\145\144\061\033\060\031\006\003\125\004\003\023\022"
-"\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040\103"
-"\101\163\061\032\060\030\006\003\125\004\003\023\021\142\145\124"
-"\122\125\123\124\145\144\040\122\157\157\164\040\103\101\060\036"
-"\027\015\060\060\060\066\062\060\061\064\062\061\060\064\132\027"
-"\015\061\060\060\066\062\060\061\063\062\061\060\064\132\060\132"
-"\061\013\060\011\006\003\125\004\006\023\002\127\127\061\022\060"
-"\020\006\003\125\004\012\023\011\142\145\124\122\125\123\124\145"
-"\144\061\033\060\031\006\003\125\004\003\023\022\142\145\124\122"
-"\125\123\124\145\144\040\122\157\157\164\040\103\101\163\061\032"
-"\060\030\006\003\125\004\003\023\021\142\145\124\122\125\123\124"
-"\145\144\040\122\157\157\164\040\103\101\060\202\001\042\060\015"
-"\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001"
-"\017\000\060\202\001\012\002\202\001\001\000\324\264\163\172\023"
-"\012\070\125\001\276\211\126\341\224\236\324\276\132\353\112\064"
-"\165\033\141\051\304\341\255\010\140\041\170\110\377\264\320\372"
-"\136\101\215\141\104\207\350\355\311\130\372\374\223\232\337\117"
-"\352\076\065\175\370\063\172\346\361\327\315\157\111\113\075\117"
-"\055\156\016\203\072\030\170\167\243\317\347\364\115\163\330\232"
-"\073\032\035\276\225\123\317\040\227\302\317\076\044\122\154\014"
-"\216\145\131\305\161\377\142\011\217\252\305\217\314\140\240\163"
-"\112\327\070\077\025\162\277\242\227\267\160\350\257\342\176\026"
-"\006\114\365\252\144\046\162\007\045\255\065\374\030\261\046\327"
-"\330\377\031\016\203\033\214\334\170\105\147\064\075\364\257\034"
-"\215\344\155\153\355\040\263\147\232\264\141\313\027\157\211\065"
-"\377\347\116\300\062\022\347\356\354\337\377\227\060\164\355\215"
-"\107\216\353\264\303\104\346\247\114\177\126\103\350\270\274\266"
-"\276\372\203\227\346\273\373\304\266\223\276\031\030\076\214\201"
-"\271\163\210\026\364\226\103\234\147\163\027\220\330\011\156\143"
-"\254\112\266\043\304\001\241\255\244\344\305\002\003\001\000\001"
-"\243\202\001\370\060\202\001\364\060\017\006\003\125\035\023\001"
-"\001\377\004\005\060\003\001\001\377\060\202\001\131\006\003\125"
-"\035\040\004\202\001\120\060\202\001\114\060\202\001\110\006\012"
-"\053\006\001\004\001\261\076\001\000\000\060\202\001\070\060\202"
-"\001\001\006\010\053\006\001\005\005\007\002\002\060\201\364\032"
-"\201\361\122\145\154\151\141\156\143\145\040\157\156\040\164\150"
-"\151\163\040\143\145\162\164\151\146\151\143\141\164\145\040\142"
-"\171\040\141\156\171\040\160\141\162\164\171\040\141\163\163\165"
-"\155\145\163\040\141\143\143\145\160\164\141\156\143\145\040\157"
-"\146\040\164\150\145\040\164\150\145\156\040\141\160\160\154\151"
-"\143\141\142\154\145\040\163\164\141\156\144\141\162\144\040\164"
-"\145\162\155\163\040\141\156\144\040\143\157\156\144\151\164\151"
-"\157\156\163\040\157\146\040\165\163\145\054\040\141\156\144\040"
-"\143\145\162\164\151\146\151\143\141\164\151\157\156\040\160\162"
-"\141\143\164\151\143\145\040\163\164\141\164\145\155\145\156\164"
-"\054\040\167\150\151\143\150\040\143\141\156\040\142\145\040\146"
-"\157\165\156\144\040\141\164\040\142\145\124\122\125\123\124\145"
-"\144\047\163\040\167\145\142\040\163\151\164\145\054\040\150\164"
-"\164\160\163\072\057\057\167\167\167\056\142\145\124\122\125\123"
-"\124\145\144\056\143\157\155\057\166\141\165\154\164\057\164\145"
-"\162\155\163\060\061\006\010\053\006\001\005\005\007\002\001\026"
-"\045\150\164\164\160\163\072\057\057\167\167\167\056\142\145\124"
-"\122\125\123\124\145\144\056\143\157\155\057\166\141\165\154\164"
-"\057\164\145\162\155\163\060\064\006\003\125\035\037\004\055\060"
-"\053\060\051\240\047\240\045\244\043\060\041\061\022\060\020\006"
-"\003\125\004\012\023\011\142\145\124\122\125\123\124\145\144\061"
-"\013\060\011\006\003\125\004\006\023\002\127\127\060\035\006\003"
-"\125\035\016\004\026\004\024\052\271\233\151\056\073\233\330\315"
-"\336\052\061\004\064\153\312\007\030\253\147\060\037\006\003\125"
-"\035\043\004\030\060\026\200\024\052\271\233\151\056\073\233\330"
-"\315\336\052\061\004\064\153\312\007\030\253\147\060\016\006\003"
-"\125\035\017\001\001\377\004\004\003\002\001\376\060\015\006\011"
-"\052\206\110\206\367\015\001\001\005\005\000\003\202\001\001\000"
-"\171\141\333\243\136\156\026\261\352\166\121\371\313\025\233\313"
-"\151\276\346\201\153\237\050\037\145\076\335\021\205\222\324\350"
-"\101\277\176\063\275\043\347\361\040\277\244\264\246\031\001\306"
-"\214\215\065\174\145\244\117\011\244\326\330\043\025\005\023\247"
-"\103\171\257\333\243\016\233\173\170\032\363\004\206\132\306\366"
-"\214\040\107\070\111\120\006\235\162\147\072\360\230\003\255\226"
-"\147\104\374\077\020\015\206\115\344\000\073\051\173\316\073\073"
-"\231\206\141\045\100\204\334\023\142\267\372\312\131\326\003\036"
-"\326\123\001\315\155\114\150\125\100\341\356\153\307\052\000\000"
-"\110\202\263\012\001\303\140\052\014\367\202\065\356\110\206\226"
-"\344\164\324\075\352\001\161\272\004\165\100\247\251\177\071\071"
-"\232\125\227\051\145\256\031\125\045\005\162\107\323\350\030\334"
-"\270\351\257\103\163\001\022\164\243\341\134\137\025\135\044\363"
-"\371\344\364\266\147\147\022\347\144\042\212\366\245\101\246\034"
-"\266\140\143\105\212\020\264\272\106\020\256\101\127\145\154\077"
-"\043\020\077\041\020\131\267\344\100\335\046\014\043\366\252\256"
-, (PRUint32)1328 }
-};
-static const NSSItem nss_builtins_items_65 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"beTRUSTed Root CA", (PRUint32)18 },
-  { (void *)"\133\315\315\314\146\366\334\344\104\037\343\175\134\303\023\114"
-"\106\364\160\070"
-, (PRUint32)20 },
-  { (void *)"\205\312\166\132\033\321\150\042\334\242\043\022\312\306\200\064"
-, (PRUint32)16 },
-  { (void *)"\060\132\061\013\060\011\006\003\125\004\006\023\002\127\127\061"
-"\022\060\020\006\003\125\004\012\023\011\142\145\124\122\125\123"
-"\124\145\144\061\033\060\031\006\003\125\004\003\023\022\142\145"
-"\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\163"
-"\061\032\060\030\006\003\125\004\003\023\021\142\145\124\122\125"
-"\123\124\145\144\040\122\157\157\164\040\103\101"
-, (PRUint32)92 },
-  { (void *)"\002\004\071\117\175\207"
-, (PRUint32)6 },
-  { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
-};
-static const NSSItem nss_builtins_items_66 [] = {
+static const NSSItem nss_builtins_items_62 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"AddTrust Low-Value Services Root", (PRUint32)33 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\145\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
 "\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
@@ -4802,17 +4588,17 @@ static const NSSItem nss_builtins_items_
 "\247\077\376\321\146\255\013\274\153\231\206\357\077\175\363\030"
 "\062\312\173\306\343\253\144\106\225\370\046\151\331\125\203\173"
 "\054\226\007\377\131\054\104\243\306\345\351\251\334\241\143\200"
 "\132\041\136\041\317\123\124\360\272\157\211\333\250\252\225\317"
 "\213\343\161\314\036\033\040\104\010\300\172\266\100\375\304\344"
 "\065\341\035\026\034\320\274\053\216\326\161\331"
 , (PRUint32)1052 }
 };
-static const NSSItem nss_builtins_items_67 [] = {
+static const NSSItem nss_builtins_items_63 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"AddTrust Low-Value Services Root", (PRUint32)33 },
   { (void *)"\314\253\016\240\114\043\001\326\151\173\335\067\237\315\022\353"
 "\044\343\224\235"
 , (PRUint32)20 },
@@ -4828,17 +4614,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)103 },
   { (void *)"\002\001\001"
 , (PRUint32)3 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_68 [] = {
+static const NSSItem nss_builtins_items_64 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"AddTrust External Root", (PRUint32)23 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
 "\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
@@ -4926,17 +4712,17 @@ static const NSSItem nss_builtins_items_
 "\142\041\150\025\040\103\074\231\347\174\275\044\330\251\221\027"
 "\163\210\077\126\033\061\070\030\264\161\017\232\315\310\016\236"
 "\216\056\033\341\214\230\203\313\037\061\361\104\114\306\004\163"
 "\111\166\140\017\307\370\275\027\200\153\056\351\314\114\016\132"
 "\232\171\017\040\012\056\325\236\143\046\036\125\222\224\330\202"
 "\027\132\173\320\274\307\217\116\206\004"
 , (PRUint32)1082 }
 };
-static const NSSItem nss_builtins_items_69 [] = {
+static const NSSItem nss_builtins_items_65 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"AddTrust External Root", (PRUint32)23 },
   { (void *)"\002\372\363\342\221\103\124\150\140\170\127\151\115\365\344\133"
 "\150\205\030\150"
 , (PRUint32)20 },
@@ -4953,17 +4739,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)113 },
   { (void *)"\002\001\001"
 , (PRUint32)3 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_70 [] = {
+static const NSSItem nss_builtins_items_66 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"AddTrust Public Services Root", (PRUint32)30 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\144\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
 "\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
@@ -5047,17 +4833,17 @@ static const NSSItem nss_builtins_items_
 "\341\042\015\207\000\144\376\214\175\142\071\145\246\357\102\266"
 "\200\045\022\141\001\250\044\023\160\000\021\046\137\372\065\120"
 "\305\110\314\006\107\350\047\330\160\215\137\144\346\241\104\046"
 "\136\042\354\222\315\377\102\232\104\041\155\134\305\343\042\035"
 "\137\107\022\347\316\137\135\372\330\252\261\063\055\331\166\362"
 "\116\072\063\014\053\263\055\220\006"
 , (PRUint32)1049 }
 };
-static const NSSItem nss_builtins_items_71 [] = {
+static const NSSItem nss_builtins_items_67 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"AddTrust Public Services Root", (PRUint32)30 },
   { (void *)"\052\266\050\110\136\170\373\363\255\236\171\020\335\153\337\231"
 "\162\054\226\345"
 , (PRUint32)20 },
@@ -5073,17 +4859,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)102 },
   { (void *)"\002\001\001"
 , (PRUint32)3 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_72 [] = {
+static const NSSItem nss_builtins_items_68 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"AddTrust Qualified Certificates Root", (PRUint32)37 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\147\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
 "\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
@@ -5097,18 +4883,18 @@ static const NSSItem nss_builtins_items_
   { (void *)"\060\147\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
 "\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
 "\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024"
 "\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164"
 "\167\157\162\153\061\043\060\041\006\003\125\004\003\023\032\101"
 "\144\144\124\162\165\163\164\040\121\165\141\154\151\146\151\145"
 "\144\040\103\101\040\122\157\157\164"
 , (PRUint32)105 },
-  { (void *)"\001"
-, (PRUint32)1 },
+  { (void *)"\002\001\001"
+, (PRUint32)3 },
   { (void *)"\060\202\004\036\060\202\003\006\240\003\002\001\002\002\001\001"
 "\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060"
 "\147\061\013\060\011\006\003\125\004\006\023\002\123\105\061\024"
 "\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165\163"
 "\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024\101"
 "\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164\167"
 "\157\162\153\061\043\060\041\006\003\125\004\003\023\032\101\144"
 "\144\124\162\165\163\164\040\121\165\141\154\151\146\151\145\144"
@@ -5168,17 +4954,17 @@ static const NSSItem nss_builtins_items_
 "\011\371\277\122\241\356\302\200\076\006\134\056\125\100\301\033"
 "\365\160\105\260\334\135\372\366\162\132\167\322\143\315\317\130"
 "\211\000\102\143\077\171\071\320\104\260\202\156\101\031\350\335"
 "\340\301\210\132\321\036\161\223\037\044\060\164\345\036\250\336"
 "\074\047\067\177\203\256\236\167\317\360\060\261\377\113\231\350"
 "\306\241"
 , (PRUint32)1058 }
 };
-static const NSSItem nss_builtins_items_73 [] = {
+static const NSSItem nss_builtins_items_69 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"AddTrust Qualified Certificates Root", (PRUint32)37 },
   { (void *)"\115\043\170\354\221\225\071\265\000\177\165\217\003\073\041\036"
 "\305\115\213\317"
 , (PRUint32)20 },
@@ -5194,17 +4980,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)105 },
   { (void *)"\002\001\001"
 , (PRUint32)3 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_74 [] = {
+static const NSSItem nss_builtins_items_70 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Thawte Time Stamping CA", (PRUint32)24 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\201\213\061\013\060\011\006\003\125\004\006\023\002\132\101"
 "\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
@@ -5269,17 +5055,17 @@ static const NSSItem nss_builtins_items_
 "\151\306\136\344\260\224\157\112\271\347\336\133\210\266\173\333"
 "\343\047\345\166\303\360\065\301\313\265\047\233\063\171\334\220"
 "\246\000\236\167\372\374\315\047\224\102\026\234\323\034\150\354"
 "\277\134\335\345\251\173\020\012\062\164\124\023\061\213\205\003"
 "\204\221\267\130\001\060\024\070\257\050\312\374\261\120\031\031"
 "\011\254\211\111\323"
 , (PRUint32)677 }
 };
-static const NSSItem nss_builtins_items_75 [] = {
+static const NSSItem nss_builtins_items_71 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Thawte Time Stamping CA", (PRUint32)24 },
   { (void *)"\276\066\244\126\057\262\356\005\333\263\323\043\043\255\364\105"
 "\010\116\326\126"
 , (PRUint32)20 },
@@ -5297,17 +5083,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)142 },
   { (void *)"\002\001\000"
 , (PRUint32)3 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_76 [] = {
+static const NSSItem nss_builtins_items_72 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Entrust.net Global Secure Server CA", (PRUint32)36 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\201\272\061\024\060\022\006\003\125\004\012\023\013\105\156"
 "\164\162\165\163\164\056\156\145\164\061\077\060\075\006\003\125"
@@ -5409,17 +5195,17 @@ static const NSSItem nss_builtins_items_
 "\126\055\346\312\152\031\163\252\123\276\222\263\120\002\266\205"
 "\046\162\143\330\165\120\142\165\024\267\263\120\032\077\312\021"
 "\000\013\205\105\151\155\266\245\256\121\341\112\334\202\077\154"
 "\214\064\262\167\153\331\002\366\177\016\352\145\004\361\315\124"
 "\312\272\311\314\340\204\367\310\076\021\227\323\140\011\030\274"
 "\005\377\154\211\063\360\354\025\017"
 , (PRUint32)1177 }
 };
-static const NSSItem nss_builtins_items_77 [] = {
+static const NSSItem nss_builtins_items_73 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Entrust.net Global Secure Server CA", (PRUint32)36 },
   { (void *)"\211\071\127\156\027\215\367\005\170\017\314\136\310\117\204\366"
 "\045\072\110\223"
 , (PRUint32)20 },
@@ -5440,17 +5226,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)189 },
   { (void *)"\002\004\070\233\021\074"
 , (PRUint32)6 },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_78 [] = {
+static const NSSItem nss_builtins_items_74 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Entrust.net Global Secure Personal CA", (PRUint32)38 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156"
 "\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125"
@@ -5551,17 +5337,17 @@ static const NSSItem nss_builtins_items_
 "\352\060\340\073\142\174\177\213\153\174\112\247\325\065\074\276"
 "\250\134\352\113\273\223\216\200\146\253\017\051\375\115\055\277"
 "\032\233\012\220\305\253\332\321\263\206\324\057\044\122\134\172"
 "\155\306\362\376\345\115\032\060\214\220\362\272\327\112\076\103"
 "\176\324\310\120\032\207\370\117\201\307\166\013\204\072\162\235"
 "\316\145\146\227\256\046\136"
 , (PRUint32)1159 }
 };
-static const NSSItem nss_builtins_items_79 [] = {
+static const NSSItem nss_builtins_items_75 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Entrust.net Global Secure Personal CA", (PRUint32)38 },
   { (void *)"\317\164\277\377\233\206\201\133\010\063\124\100\066\076\207\266"
 "\266\360\277\163"
 , (PRUint32)20 },
@@ -5582,17 +5368,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)183 },
   { (void *)"\002\004\070\236\366\344"
 , (PRUint32)6 },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_80 [] = {
+static const NSSItem nss_builtins_items_76 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Entrust Root Certification Authority", (PRUint32)37 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\201\260\061\013\060\011\006\003\125\004\006\023\002\125\123"
 "\061\026\060\024\006\003\125\004\012\023\015\105\156\164\162\165"
@@ -5694,17 +5480,17 @@ static const NSSItem nss_builtins_items_
 "\234\066\303\046\342\021\366\147\111\035\222\253\214\373\353\377"
 "\172\356\205\112\247\120\200\360\247\134\112\224\056\137\005\231"
 "\074\122\101\340\315\264\143\317\001\103\272\234\203\334\217\140"
 "\073\363\132\264\264\173\256\332\013\220\070\165\357\201\035\146"
 "\322\367\127\160\066\263\277\374\050\257\161\045\205\133\023\376"
 "\036\177\132\264\074"
 , (PRUint32)1173 }
 };
-static const NSSItem nss_builtins_items_81 [] = {
+static const NSSItem nss_builtins_items_77 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Entrust Root Certification Authority", (PRUint32)37 },
   { (void *)"\263\036\261\267\100\343\154\204\002\332\334\067\324\115\365\324"
 "\147\111\122\371"
 , (PRUint32)20 },
@@ -5725,17 +5511,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)179 },
   { (void *)"\002\004\105\153\120\124"
 , (PRUint32)6 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_82 [] = {
+static const NSSItem nss_builtins_items_78 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"AOL Time Warner Root Certification Authority 1", (PRUint32)47 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\201\203\061\013\060\011\006\003\125\004\006\023\002\125\123"
 "\061\035\060\033\006\003\125\004\012\023\024\101\117\114\040\124"
@@ -5820,17 +5606,17 @@ static const NSSItem nss_builtins_items_
 "\237\141\150\317\055\114\004\235\327\045\117\012\016\115\220\213"
 "\030\126\250\223\110\127\334\157\256\275\236\147\127\167\211\120"
 "\263\276\021\233\105\147\203\206\031\207\323\230\275\010\032\026"
 "\037\130\202\013\341\226\151\005\113\216\354\203\121\061\007\325"
 "\324\237\377\131\173\250\156\205\317\323\113\251\111\260\137\260"
 "\071\050\150\016\163\335\045\232\336\022"
 , (PRUint32)1002 }
 };
-static const NSSItem nss_builtins_items_83 [] = {
+static const NSSItem nss_builtins_items_79 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"AOL Time Warner Root Certification Authority 1", (PRUint32)47 },
   { (void *)"\164\124\123\134\044\243\247\130\040\176\076\076\323\044\370\026"
 "\373\041\026\111"
 , (PRUint32)20 },
@@ -5848,17 +5634,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)134 },
   { (void *)"\002\001\001"
 , (PRUint32)3 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_84 [] = {
+static const NSSItem nss_builtins_items_80 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"AOL Time Warner Root Certification Authority 2", (PRUint32)47 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\201\203\061\013\060\011\006\003\125\004\006\023\002\125\123"
 "\061\035\060\033\006\003\125\004\012\023\024\101\117\114\040\124"
@@ -5975,17 +5761,17 @@ static const NSSItem nss_builtins_items_
 "\050\030\244\026\017\061\375\072\154\043\223\040\166\341\375\007"
 "\205\321\133\077\322\034\163\062\335\372\271\370\214\317\002\207"
 "\172\232\226\344\355\117\211\215\123\103\253\016\023\300\001\025"
 "\264\171\070\333\374\156\075\236\121\266\270\023\213\147\317\371"
 "\174\331\042\035\366\135\305\034\001\057\230\350\172\044\030\274"
 "\204\327\372\334\162\133\367\301\072\150"
 , (PRUint32)1514 }
 };
-static const NSSItem nss_builtins_items_85 [] = {
+static const NSSItem nss_builtins_items_81 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"AOL Time Warner Root Certification Authority 2", (PRUint32)47 },
   { (void *)"\374\041\232\166\021\057\166\301\305\010\203\074\232\057\242\272"
 "\204\254\010\172"
 , (PRUint32)20 },
@@ -6003,457 +5789,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)134 },
   { (void *)"\002\001\001"
 , (PRUint32)3 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_86 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"beTRUSTed Root CA-Baltimore Implementation", (PRUint32)43 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\146\061\022\060\020\006\003\125\004\012\023\011\142\145\124"
-"\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023"
-"\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040"
-"\103\101\163\061\063\060\061\006\003\125\004\003\023\052\142\145"
-"\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\055"
-"\102\141\154\164\151\155\157\162\145\040\111\155\160\154\145\155"
-"\145\156\164\141\164\151\157\156"
-, (PRUint32)104 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\146\061\022\060\020\006\003\125\004\012\023\011\142\145\124"
-"\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023"
-"\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040"
-"\103\101\163\061\063\060\061\006\003\125\004\003\023\052\142\145"
-"\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\055"
-"\102\141\154\164\151\155\157\162\145\040\111\155\160\154\145\155"
-"\145\156\164\141\164\151\157\156"
-, (PRUint32)104 },
-  { (void *)"\002\004\074\265\075\106"
-, (PRUint32)6 },
-  { (void *)"\060\202\005\152\060\202\004\122\240\003\002\001\002\002\004\074"
-"\265\075\106\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\146\061\022\060\020\006\003\125\004\012\023\011\142"
-"\145\124\122\125\123\124\145\144\061\033\060\031\006\003\125\004"
-"\013\023\022\142\145\124\122\125\123\124\145\144\040\122\157\157"
-"\164\040\103\101\163\061\063\060\061\006\003\125\004\003\023\052"
-"\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040\103"
-"\101\055\102\141\154\164\151\155\157\162\145\040\111\155\160\154"
-"\145\155\145\156\164\141\164\151\157\156\060\036\027\015\060\062"
-"\060\064\061\061\060\067\063\070\065\061\132\027\015\062\062\060"
-"\064\061\061\060\067\063\070\065\061\132\060\146\061\022\060\020"
-"\006\003\125\004\012\023\011\142\145\124\122\125\123\124\145\144"
-"\061\033\060\031\006\003\125\004\013\023\022\142\145\124\122\125"
-"\123\124\145\144\040\122\157\157\164\040\103\101\163\061\063\060"
-"\061\006\003\125\004\003\023\052\142\145\124\122\125\123\124\145"
-"\144\040\122\157\157\164\040\103\101\055\102\141\154\164\151\155"
-"\157\162\145\040\111\155\160\154\145\155\145\156\164\141\164\151"
-"\157\156\060\202\001\042\060\015\006\011\052\206\110\206\367\015"
-"\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202"
-"\001\001\000\274\176\304\071\234\214\343\326\034\206\377\312\142"
-"\255\340\177\060\105\172\216\032\263\270\307\371\321\066\377\042"
-"\363\116\152\137\204\020\373\146\201\303\224\171\061\322\221\341"
-"\167\216\030\052\303\024\336\121\365\117\243\053\274\030\026\342"
-"\265\335\171\336\042\370\202\176\313\201\037\375\047\054\217\372"
-"\227\144\042\216\370\377\141\243\234\033\036\222\217\300\250\011"
-"\337\011\021\354\267\175\061\232\032\352\203\041\006\074\237\272"
-"\134\377\224\352\152\270\303\153\125\064\117\075\062\037\335\201"
-"\024\340\304\074\315\235\060\370\060\251\227\323\356\314\243\320"
-"\037\137\034\023\201\324\030\253\224\321\143\303\236\177\065\222"
-"\236\137\104\352\354\364\042\134\267\350\075\175\244\371\211\251"
-"\221\262\052\331\353\063\207\356\245\375\343\332\314\210\346\211"
-"\046\156\307\053\202\320\136\235\131\333\024\354\221\203\005\303"
-"\136\016\306\052\320\004\335\161\075\040\116\130\047\374\123\373"
-"\170\170\031\024\262\374\220\122\211\070\142\140\007\264\240\354"
-"\254\153\120\326\375\271\050\153\357\122\055\072\262\377\361\001"
-"\100\254\067\002\003\001\000\001\243\202\002\036\060\202\002\032"
-"\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001"
-"\377\060\202\001\265\006\003\125\035\040\004\202\001\254\060\202"
-"\001\250\060\202\001\244\006\017\053\006\001\004\001\261\076\000"
-"\000\001\011\050\203\221\061\060\202\001\217\060\202\001\110\006"
-"\010\053\006\001\005\005\007\002\002\060\202\001\072\032\202\001"
-"\066\122\145\154\151\141\156\143\145\040\157\156\040\157\162\040"
-"\165\163\145\040\157\146\040\164\150\151\163\040\103\145\162\164"
-"\151\146\151\143\141\164\145\040\143\162\145\141\164\145\163\040"
-"\141\156\040\141\143\153\156\157\167\154\145\144\147\155\145\156"
-"\164\040\141\156\144\040\141\143\143\145\160\164\141\156\143\145"
-"\040\157\146\040\164\150\145\040\164\150\145\156\040\141\160\160"
-"\154\151\143\141\142\154\145\040\163\164\141\156\144\141\162\144"
-"\040\164\145\162\155\163\040\141\156\144\040\143\157\156\144\151"
-"\164\151\157\156\163\040\157\146\040\165\163\145\054\040\164\150"
-"\145\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\120\162\141\143\164\151\143\145\040\123\164\141\164\145\155\145"
-"\156\164\040\141\156\144\040\164\150\145\040\122\145\154\171\151"
-"\156\147\040\120\141\162\164\171\040\101\147\162\145\145\155\145"
-"\156\164\054\040\167\150\151\143\150\040\143\141\156\040\142\145"
-"\040\146\157\165\156\144\040\141\164\040\164\150\145\040\142\145"
-"\124\122\125\123\124\145\144\040\167\145\142\040\163\151\164\145"
-"\054\040\150\164\164\160\072\057\057\167\167\167\056\142\145\164"
-"\162\165\163\164\145\144\056\143\157\155\057\160\162\157\144\165"
-"\143\164\163\137\163\145\162\166\151\143\145\163\057\151\156\144"
-"\145\170\056\150\164\155\154\060\101\006\010\053\006\001\005\005"
-"\007\002\001\026\065\150\164\164\160\072\057\057\167\167\167\056"
-"\142\145\164\162\165\163\164\145\144\056\143\157\155\057\160\162"
-"\157\144\165\143\164\163\137\163\145\162\166\151\143\145\163\057"
-"\151\156\144\145\170\056\150\164\155\154\060\035\006\003\125\035"
-"\016\004\026\004\024\105\075\303\251\321\334\077\044\126\230\034"
-"\163\030\210\152\377\203\107\355\266\060\037\006\003\125\035\043"
-"\004\030\060\026\200\024\105\075\303\251\321\334\077\044\126\230"
-"\034\163\030\210\152\377\203\107\355\266\060\016\006\003\125\035"
-"\017\001\001\377\004\004\003\002\001\006\060\015\006\011\052\206"
-"\110\206\367\015\001\001\005\005\000\003\202\001\001\000\111\222"
-"\274\243\356\254\275\372\015\311\213\171\206\034\043\166\260\200"
-"\131\167\374\332\177\264\113\337\303\144\113\152\116\016\255\362"
-"\175\131\167\005\255\012\211\163\260\372\274\313\334\215\000\210"
-"\217\246\240\262\352\254\122\047\277\241\110\174\227\020\173\272"
-"\355\023\035\232\007\156\313\061\142\022\350\143\003\252\175\155"
-"\343\370\033\166\041\170\033\237\113\103\214\323\111\206\366\033"
-"\134\366\056\140\025\323\351\343\173\165\077\320\002\203\320\030"
-"\202\101\315\145\067\352\216\062\176\275\153\231\135\060\021\310"
-"\333\110\124\034\073\341\247\023\323\152\110\223\367\075\214\177"
-"\005\350\316\363\210\052\143\004\270\352\176\130\174\001\173\133"
-"\341\305\175\357\041\340\215\016\135\121\175\261\147\375\243\275"
-"\070\066\306\362\070\206\207\032\226\150\140\106\373\050\024\107"
-"\125\341\247\200\014\153\342\352\337\115\174\220\110\240\066\275"
-"\011\027\211\177\303\362\323\234\234\343\335\304\033\335\365\267"
-"\161\263\123\005\211\006\320\313\112\200\301\310\123\220\265\074"
-"\061\210\027\120\237\311\304\016\213\330\250\002\143\015"
-, (PRUint32)1390 }
-};
-static const NSSItem nss_builtins_items_87 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"beTRUSTed Root CA-Baltimore Implementation", (PRUint32)43 },
-  { (void *)"\334\273\236\267\031\113\304\162\005\301\021\165\051\206\203\133"
-"\123\312\344\370"
-, (PRUint32)20 },
-  { (void *)"\201\065\271\373\373\022\312\030\151\066\353\256\151\170\241\361"
-, (PRUint32)16 },
-  { (void *)"\060\146\061\022\060\020\006\003\125\004\012\023\011\142\145\124"
-"\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023"
-"\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040"
-"\103\101\163\061\063\060\061\006\003\125\004\003\023\052\142\145"
-"\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\055"
-"\102\141\154\164\151\155\157\162\145\040\111\155\160\154\145\155"
-"\145\156\164\141\164\151\157\156"
-, (PRUint32)104 },
-  { (void *)"\002\004\074\265\075\106"
-, (PRUint32)6 },
-  { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
-};
-static const NSSItem nss_builtins_items_88 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"beTRUSTed Root CA - Entrust Implementation", (PRUint32)43 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\146\061\022\060\020\006\003\125\004\012\023\011\142\145\124"
-"\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023"
-"\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040"
-"\103\101\163\061\063\060\061\006\003\125\004\003\023\052\142\145"
-"\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\040"
-"\055\040\105\156\164\162\165\163\164\040\111\155\160\154\145\155"
-"\145\156\164\141\164\151\157\156"
-, (PRUint32)104 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\146\061\022\060\020\006\003\125\004\012\023\011\142\145\124"
-"\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023"
-"\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040"
-"\103\101\163\061\063\060\061\006\003\125\004\003\023\052\142\145"
-"\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\040"
-"\055\040\105\156\164\162\165\163\164\040\111\155\160\154\145\155"
-"\145\156\164\141\164\151\157\156"
-, (PRUint32)104 },
-  { (void *)"\002\004\074\265\117\100"
-, (PRUint32)6 },
-  { (void *)"\060\202\006\121\060\202\005\071\240\003\002\001\002\002\004\074"
-"\265\117\100\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\146\061\022\060\020\006\003\125\004\012\023\011\142"
-"\145\124\122\125\123\124\145\144\061\033\060\031\006\003\125\004"
-"\013\023\022\142\145\124\122\125\123\124\145\144\040\122\157\157"
-"\164\040\103\101\163\061\063\060\061\006\003\125\004\003\023\052"
-"\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040\103"
-"\101\040\055\040\105\156\164\162\165\163\164\040\111\155\160\154"
-"\145\155\145\156\164\141\164\151\157\156\060\036\027\015\060\062"
-"\060\064\061\061\060\070\062\064\062\067\132\027\015\062\062\060"
-"\064\061\061\060\070\065\064\062\067\132\060\146\061\022\060\020"
-"\006\003\125\004\012\023\011\142\145\124\122\125\123\124\145\144"
-"\061\033\060\031\006\003\125\004\013\023\022\142\145\124\122\125"
-"\123\124\145\144\040\122\157\157\164\040\103\101\163\061\063\060"
-"\061\006\003\125\004\003\023\052\142\145\124\122\125\123\124\145"
-"\144\040\122\157\157\164\040\103\101\040\055\040\105\156\164\162"
-"\165\163\164\040\111\155\160\154\145\155\145\156\164\141\164\151"
-"\157\156\060\202\001\042\060\015\006\011\052\206\110\206\367\015"
-"\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202"
-"\001\001\000\272\364\104\003\252\022\152\265\103\354\125\222\266"
-"\060\175\065\127\014\333\363\015\047\156\114\367\120\250\233\116"
-"\053\157\333\365\255\034\113\135\263\251\301\376\173\104\353\133"
-"\243\005\015\037\305\064\053\060\000\051\361\170\100\262\244\377"
-"\072\364\001\210\027\176\346\324\046\323\272\114\352\062\373\103"
-"\167\227\207\043\305\333\103\243\365\052\243\121\136\341\073\322"
-"\145\151\176\125\025\233\172\347\151\367\104\340\127\265\025\350"
-"\146\140\017\015\003\373\202\216\243\350\021\173\154\276\307\143"
-"\016\027\223\337\317\113\256\156\163\165\340\363\252\271\244\300"
-"\011\033\205\352\161\051\210\101\062\371\360\052\016\154\011\362"
-"\164\153\146\154\122\023\037\030\274\324\076\367\330\156\040\236"
-"\312\376\374\041\224\356\023\050\113\327\134\136\014\146\356\351"
-"\273\017\301\064\261\177\010\166\363\075\046\160\311\213\045\035"
-"\142\044\014\352\034\165\116\300\022\344\272\023\035\060\051\055"
-"\126\063\005\273\227\131\176\306\111\117\211\327\057\044\250\266"
-"\210\100\265\144\222\123\126\044\344\242\240\205\263\136\220\264"
-"\022\063\315\002\003\001\000\001\243\202\003\005\060\202\003\001"
-"\060\202\001\267\006\003\125\035\040\004\202\001\256\060\202\001"
-"\252\060\202\001\246\006\017\053\006\001\004\001\261\076\000\000"
-"\002\011\050\203\221\061\060\202\001\221\060\202\001\111\006\010"
-"\053\006\001\005\005\007\002\002\060\202\001\073\032\202\001\067"
-"\122\145\154\151\141\156\143\145\040\157\156\040\157\162\040\165"
-"\163\145\040\157\146\040\164\150\151\163\040\103\145\162\164\151"
-"\146\151\143\141\164\145\040\143\162\145\141\164\145\163\040\141"
-"\156\040\141\143\153\156\157\167\154\145\144\147\155\145\156\164"
-"\040\141\156\144\040\141\143\143\145\160\164\141\156\143\145\040"
-"\157\146\040\164\150\145\040\164\150\145\156\040\141\160\160\154"
-"\151\143\141\142\154\145\040\163\164\141\156\144\141\162\144\040"
-"\164\145\162\155\163\040\141\156\144\040\143\157\156\144\151\164"
-"\151\157\156\163\040\157\146\040\165\163\145\054\040\164\150\145"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\120"
-"\162\141\143\164\151\143\145\040\123\164\141\164\145\155\145\156"
-"\164\040\141\156\144\040\164\150\145\040\122\145\154\171\151\156"
-"\147\040\120\141\162\164\171\040\101\147\162\145\145\155\145\156"
-"\164\054\040\167\150\151\143\150\040\143\141\156\040\142\145\040"
-"\146\157\165\156\144\040\141\164\040\164\150\145\040\142\145\124"
-"\122\125\123\124\145\144\040\167\145\142\040\163\151\164\145\054"
-"\040\150\164\164\160\163\072\057\057\167\167\167\056\142\145\164"
-"\162\165\163\164\145\144\056\143\157\155\057\160\162\157\144\165"
-"\143\164\163\137\163\145\162\166\151\143\145\163\057\151\156\144"
-"\145\170\056\150\164\155\154\060\102\006\010\053\006\001\005\005"
-"\007\002\001\026\066\150\164\164\160\163\072\057\057\167\167\167"
-"\056\142\145\164\162\165\163\164\145\144\056\143\157\155\057\160"
-"\162\157\144\165\143\164\163\137\163\145\162\166\151\143\145\163"
-"\057\151\156\144\145\170\056\150\164\155\154\060\021\006\011\140"
-"\206\110\001\206\370\102\001\001\004\004\003\002\000\007\060\201"
-"\211\006\003\125\035\037\004\201\201\060\177\060\175\240\173\240"
-"\171\244\167\060\165\061\022\060\020\006\003\125\004\012\023\011"
-"\142\145\124\122\125\123\124\145\144\061\033\060\031\006\003\125"
-"\004\013\023\022\142\145\124\122\125\123\124\145\144\040\122\157"
-"\157\164\040\103\101\163\061\063\060\061\006\003\125\004\003\023"
-"\052\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040"
-"\103\101\040\055\040\105\156\164\162\165\163\164\040\111\155\160"
-"\154\145\155\145\156\164\141\164\151\157\156\061\015\060\013\006"
-"\003\125\004\003\023\004\103\122\114\061\060\053\006\003\125\035"
-"\020\004\044\060\042\200\017\062\060\060\062\060\064\061\061\060"
-"\070\062\064\062\067\132\201\017\062\060\062\062\060\064\061\061"
-"\060\070\065\064\062\067\132\060\013\006\003\125\035\017\004\004"
-"\003\002\001\006\060\037\006\003\125\035\043\004\030\060\026\200"
-"\024\175\160\345\256\070\213\006\077\252\034\032\217\371\317\044"
-"\060\252\204\204\026\060\035\006\003\125\035\016\004\026\004\024"
-"\175\160\345\256\070\213\006\077\252\034\032\217\371\317\044\060"
-"\252\204\204\026\060\014\006\003\125\035\023\004\005\060\003\001"
-"\001\377\060\035\006\011\052\206\110\206\366\175\007\101\000\004"
-"\020\060\016\033\010\126\066\056\060\072\064\056\060\003\002\004"
-"\220\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000"
-"\003\202\001\001\000\052\270\027\316\037\020\224\353\270\232\267"
-"\271\137\354\332\367\222\044\254\334\222\073\307\040\215\362\231"
-"\345\135\070\241\302\064\355\305\023\131\134\005\265\053\117\141"
-"\233\221\373\101\374\374\325\074\115\230\166\006\365\201\175\353"
-"\335\220\346\321\126\124\332\343\055\014\237\021\062\224\042\001"
-"\172\366\154\054\164\147\004\314\245\217\216\054\263\103\265\224"
-"\242\320\175\351\142\177\006\276\047\001\203\236\072\375\212\356"
-"\230\103\112\153\327\265\227\073\072\277\117\155\264\143\372\063"
-"\000\064\056\055\155\226\311\173\312\231\143\272\276\364\366\060"
-"\240\055\230\226\351\126\104\005\251\104\243\141\020\353\202\241"
-"\147\135\274\135\047\165\252\212\050\066\052\070\222\331\335\244"
-"\136\000\245\314\314\174\051\052\336\050\220\253\267\341\266\377"
-"\175\045\013\100\330\252\064\243\055\336\007\353\137\316\012\335"
-"\312\176\072\175\046\301\142\150\072\346\057\067\363\201\206\041"
-"\304\251\144\252\357\105\066\321\032\146\174\370\351\067\326\326"
-"\141\276\242\255\110\347\337\346\164\376\323\155\175\322\045\334"
-"\254\142\127\251\367"
-, (PRUint32)1621 }
-};
-static const NSSItem nss_builtins_items_89 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"beTRUSTed Root CA - Entrust Implementation", (PRUint32)43 },
-  { (void *)"\162\231\171\023\354\233\015\256\145\321\266\327\262\112\166\243"
-"\256\302\356\026"
-, (PRUint32)20 },
-  { (void *)"\175\206\220\217\133\361\362\100\300\367\075\142\265\244\251\073"
-, (PRUint32)16 },
-  { (void *)"\060\146\061\022\060\020\006\003\125\004\012\023\011\142\145\124"
-"\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023"
-"\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040"
-"\103\101\163\061\063\060\061\006\003\125\004\003\023\052\142\145"
-"\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\040"
-"\055\040\105\156\164\162\165\163\164\040\111\155\160\154\145\155"
-"\145\156\164\141\164\151\157\156"
-, (PRUint32)104 },
-  { (void *)"\002\004\074\265\117\100"
-, (PRUint32)6 },
-  { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
-};
-static const NSSItem nss_builtins_items_90 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"beTRUSTed Root CA - RSA Implementation", (PRUint32)39 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\142\061\022\060\020\006\003\125\004\012\023\011\142\145\124"
-"\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023"
-"\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040"
-"\103\101\163\061\057\060\055\006\003\125\004\003\023\046\142\145"
-"\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\040"
-"\055\040\122\123\101\040\111\155\160\154\145\155\145\156\164\141"
-"\164\151\157\156"
-, (PRUint32)100 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\142\061\022\060\020\006\003\125\004\012\023\011\142\145\124"
-"\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023"
-"\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040"
-"\103\101\163\061\057\060\055\006\003\125\004\003\023\046\142\145"
-"\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\040"
-"\055\040\122\123\101\040\111\155\160\154\145\155\145\156\164\141"
-"\164\151\157\156"
-, (PRUint32)100 },
-  { (void *)"\002\020\073\131\307\173\315\133\127\236\275\067\122\254\166\264"
-"\252\032"
-, (PRUint32)18 },
-  { (void *)"\060\202\005\150\060\202\004\120\240\003\002\001\002\002\020\073"
-"\131\307\173\315\133\127\236\275\067\122\254\166\264\252\032\060"
-"\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\142"
-"\061\022\060\020\006\003\125\004\012\023\011\142\145\124\122\125"
-"\123\124\145\144\061\033\060\031\006\003\125\004\013\023\022\142"
-"\145\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101"
-"\163\061\057\060\055\006\003\125\004\003\023\046\142\145\124\122"
-"\125\123\124\145\144\040\122\157\157\164\040\103\101\040\055\040"
-"\122\123\101\040\111\155\160\154\145\155\145\156\164\141\164\151"
-"\157\156\060\036\027\015\060\062\060\064\061\061\061\061\061\070"
-"\061\063\132\027\015\062\062\060\064\061\062\061\061\060\067\062"
-"\065\132\060\142\061\022\060\020\006\003\125\004\012\023\011\142"
-"\145\124\122\125\123\124\145\144\061\033\060\031\006\003\125\004"
-"\013\023\022\142\145\124\122\125\123\124\145\144\040\122\157\157"
-"\164\040\103\101\163\061\057\060\055\006\003\125\004\003\023\046"
-"\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040\103"
-"\101\040\055\040\122\123\101\040\111\155\160\154\145\155\145\156"
-"\164\141\164\151\157\156\060\202\001\042\060\015\006\011\052\206"
-"\110\206\367\015\001\001\001\005\000\003\202\001\017\000\060\202"
-"\001\012\002\202\001\001\000\344\272\064\060\011\216\127\320\271"
-"\006\054\157\156\044\200\042\277\135\103\246\372\117\254\202\347"
-"\034\150\160\205\033\243\156\265\252\170\331\156\007\113\077\351"
-"\337\365\352\350\124\241\141\212\016\057\151\165\030\267\014\345"
-"\024\215\161\156\230\270\125\374\014\225\320\233\156\341\055\210"
-"\324\072\100\153\222\361\231\226\144\336\333\377\170\364\356\226"
-"\035\107\211\174\324\276\271\210\167\043\072\011\346\004\236\155"
-"\252\136\322\310\275\232\116\031\337\211\352\133\016\176\303\344"
-"\264\360\340\151\073\210\017\101\220\370\324\161\103\044\301\217"
-"\046\113\073\126\351\377\214\154\067\351\105\255\205\214\123\303"
-"\140\206\220\112\226\311\263\124\260\273\027\360\034\105\331\324"
-"\033\031\144\126\012\031\367\314\341\377\206\257\176\130\136\254"
-"\172\220\037\311\050\071\105\173\242\266\307\234\037\332\205\324"
-"\041\206\131\060\223\276\123\063\067\366\357\101\317\063\307\253"
-"\162\153\045\365\363\123\033\014\114\056\361\165\113\357\240\207"
-"\367\376\212\025\320\154\325\313\371\150\123\271\160\025\023\302"
-"\365\056\373\103\065\165\055\002\003\001\000\001\243\202\002\030"
-"\060\202\002\024\060\014\006\003\125\035\023\004\005\060\003\001"
-"\001\377\060\202\001\265\006\003\125\035\040\004\202\001\254\060"
-"\202\001\250\060\202\001\244\006\017\053\006\001\004\001\261\076"
-"\000\000\003\011\050\203\221\061\060\202\001\217\060\101\006\010"
-"\053\006\001\005\005\007\002\001\026\065\150\164\164\160\072\057"
-"\057\167\167\167\056\142\145\164\162\165\163\164\145\144\056\143"
-"\157\155\057\160\162\157\144\165\143\164\163\137\163\145\162\166"
-"\151\143\145\163\057\151\156\144\145\170\056\150\164\155\154\060"
-"\202\001\110\006\010\053\006\001\005\005\007\002\002\060\202\001"
-"\072\032\202\001\066\122\145\154\151\141\156\143\145\040\157\156"
-"\040\157\162\040\165\163\145\040\157\146\040\164\150\151\163\040"
-"\103\145\162\164\151\146\151\143\141\164\145\040\143\162\145\141"
-"\164\145\163\040\141\156\040\141\143\153\156\157\167\154\145\144"
-"\147\155\145\156\164\040\141\156\144\040\141\143\143\145\160\164"
-"\141\156\143\145\040\157\146\040\164\150\145\040\164\150\145\156"
-"\040\141\160\160\154\151\143\141\142\154\145\040\163\164\141\156"
-"\144\141\162\144\040\164\145\162\155\163\040\141\156\144\040\143"
-"\157\156\144\151\164\151\157\156\163\040\157\146\040\165\163\145"
-"\054\040\164\150\145\040\103\145\162\164\151\146\151\143\141\164"
-"\151\157\156\040\120\162\141\143\164\151\143\145\040\123\164\141"
-"\164\145\155\145\156\164\040\141\156\144\040\164\150\145\040\122"
-"\145\154\171\151\156\147\040\120\141\162\164\171\040\101\147\162"
-"\145\145\155\145\156\164\054\040\167\150\151\143\150\040\143\141"
-"\156\040\142\145\040\146\157\165\156\144\040\141\164\040\164\150"
-"\145\040\142\145\124\122\125\123\124\145\144\040\167\145\142\040"
-"\163\151\164\145\054\040\150\164\164\160\072\057\057\167\167\167"
-"\056\142\145\164\162\165\163\164\145\144\056\143\157\155\057\160"
-"\162\157\144\165\143\164\163\137\163\145\162\166\151\143\145\163"
-"\057\151\156\144\145\170\056\150\164\155\154\060\013\006\003\125"
-"\035\017\004\004\003\002\001\006\060\037\006\003\125\035\043\004"
-"\030\060\026\200\024\251\354\024\176\371\331\103\314\123\053\024"
-"\255\317\367\360\131\211\101\315\031\060\035\006\003\125\035\016"
-"\004\026\004\024\251\354\024\176\371\331\103\314\123\053\024\255"
-"\317\367\360\131\211\101\315\031\060\015\006\011\052\206\110\206"
-"\367\015\001\001\005\005\000\003\202\001\001\000\333\227\260\165"
-"\352\014\304\301\230\312\126\005\300\250\255\046\110\257\055\040"
-"\350\201\307\266\337\103\301\054\035\165\113\324\102\215\347\172"
-"\250\164\334\146\102\131\207\263\365\151\155\331\251\236\263\175"
-"\034\061\301\365\124\342\131\044\111\345\356\275\071\246\153\212"
-"\230\104\373\233\327\052\203\227\064\055\307\175\065\114\055\064"
-"\270\076\015\304\354\210\047\257\236\222\375\120\141\202\250\140"
-"\007\024\123\314\145\023\301\366\107\104\151\322\061\310\246\335"
-"\056\263\013\336\112\215\133\075\253\015\302\065\122\242\126\067"
-"\314\062\213\050\205\102\234\221\100\172\160\053\070\066\325\341"
-"\163\032\037\345\372\176\137\334\326\234\073\060\352\333\300\133"
-"\047\134\323\163\007\301\302\363\114\233\157\237\033\312\036\252"
-"\250\070\063\011\130\262\256\374\007\350\066\334\125\272\057\117"
-"\100\376\172\275\006\246\201\301\223\042\174\206\021\012\006\167"
-"\110\256\065\267\057\062\232\141\136\213\276\051\237\051\044\210"
-"\126\071\054\250\322\253\226\003\132\324\110\237\271\100\204\013"
-"\230\150\373\001\103\326\033\342\011\261\227\034"
-, (PRUint32)1388 }
-};
-static const NSSItem nss_builtins_items_91 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"beTRUSTed Root CA - RSA Implementation", (PRUint32)39 },
-  { (void *)"\035\202\131\312\041\047\303\313\301\154\331\062\366\054\145\051"
-"\214\250\207\022"
-, (PRUint32)20 },
-  { (void *)"\206\102\005\011\274\247\235\354\035\363\056\016\272\330\035\320"
-, (PRUint32)16 },
-  { (void *)"\060\142\061\022\060\020\006\003\125\004\012\023\011\142\145\124"
-"\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023"
-"\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040"
-"\103\101\163\061\057\060\055\006\003\125\004\003\023\046\142\145"
-"\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\040"
-"\055\040\122\123\101\040\111\155\160\154\145\155\145\156\164\141"
-"\164\151\157\156"
-, (PRUint32)100 },
-  { (void *)"\002\020\073\131\307\173\315\133\127\236\275\067\122\254\166\264"
-"\252\032"
-, (PRUint32)18 },
-  { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
-};
-static const NSSItem nss_builtins_items_92 [] = {
+static const NSSItem nss_builtins_items_82 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"RSA Security 2048 v3", (PRUint32)21 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\072\061\031\060\027\006\003\125\004\012\023\020\122\123\101"
 "\040\123\145\143\165\162\151\164\171\040\111\156\143\061\035\060"
@@ -6521,17 +5867,17 @@ static const NSSItem nss_builtins_items_
 "\022\000\360\137\254\015\341\254\160\143\163\367\177\171\237\062"
 "\045\102\164\005\200\050\277\275\301\044\226\130\025\261\027\041"
 "\351\211\113\333\007\210\147\364\025\255\160\076\057\115\205\073"
 "\302\267\333\376\230\150\043\211\341\164\017\336\364\305\204\143"
 "\051\033\314\313\007\311\000\244\251\327\302\042\117\147\327\167"
 "\354\040\005\141\336"
 , (PRUint32)869 }
 };
-static const NSSItem nss_builtins_items_93 [] = {
+static const NSSItem nss_builtins_items_83 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"RSA Security 2048 v3", (PRUint32)21 },
   { (void *)"\045\001\220\031\317\373\331\231\034\267\150\045\164\215\224\137"
 "\060\223\225\102"
 , (PRUint32)20 },
@@ -6545,17 +5891,17 @@ static const NSSItem nss_builtins_items_
   { (void *)"\002\020\012\001\001\001\000\000\002\174\000\000\000\012\000\000"
 "\000\002"
 , (PRUint32)18 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_94 [] = {
+static const NSSItem nss_builtins_items_84 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"GeoTrust Global CA", (PRUint32)19 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\102\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
 "\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162\165"
@@ -6623,17 +5969,17 @@ static const NSSItem nss_builtins_items_
 "\207\016\004\154\325\377\335\240\135\355\207\122\267\053\025\002"
 "\256\071\246\152\164\351\332\304\347\274\115\064\036\251\134\115"
 "\063\137\222\011\057\210\146\135\167\227\307\035\166\023\251\325"
 "\345\361\026\011\021\065\325\254\333\044\161\160\054\230\126\013"
 "\331\027\264\321\343\121\053\136\165\350\325\320\334\117\064\355"
 "\302\005\146\200\241\313\346\063"
 , (PRUint32)856 }
 };
-static const NSSItem nss_builtins_items_95 [] = {
+static const NSSItem nss_builtins_items_85 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"GeoTrust Global CA", (PRUint32)19 },
   { (void *)"\336\050\364\244\377\345\271\057\243\305\003\321\243\111\247\371"
 "\226\052\202\022"
 , (PRUint32)20 },
@@ -6647,17 +5993,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)68 },
   { (void *)"\002\003\002\064\126"
 , (PRUint32)5 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_96 [] = {
+static const NSSItem nss_builtins_items_86 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"GeoTrust Global CA 2", (PRUint32)21 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\104\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
 "\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162\165"
@@ -6726,17 +6072,17 @@ static const NSSItem nss_builtins_items_
 "\136\054\157\025\231\046\347\266\051\377\042\354\311\002\307\126"
 "\000\315\111\271\263\154\173\123\004\032\342\250\311\252\022\005"
 "\043\302\316\347\273\004\002\314\300\107\242\344\304\051\057\133"
 "\105\127\211\121\356\074\353\122\010\377\007\065\036\237\065\152"
 "\107\112\126\230\321\132\205\037\214\365\042\277\253\316\203\363"
 "\342\042\051\256\175\203\100\250\272\154"
 , (PRUint32)874 }
 };
-static const NSSItem nss_builtins_items_97 [] = {
+static const NSSItem nss_builtins_items_87 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"GeoTrust Global CA 2", (PRUint32)21 },
   { (void *)"\251\351\170\010\024\067\130\210\362\005\031\260\155\053\015\053"
 "\140\026\220\175"
 , (PRUint32)20 },
@@ -6750,17 +6096,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)70 },
   { (void *)"\002\001\001"
 , (PRUint32)3 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_98 [] = {
+static const NSSItem nss_builtins_items_88 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"GeoTrust Universal CA", (PRUint32)22 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\105\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
 "\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162\165"
@@ -6861,17 +6207,17 @@ static const NSSItem nss_builtins_items_
 "\014\136\011\154\010\227\174\243\075\174\223\377\077\241\024\247"
 "\317\265\135\353\333\333\034\304\166\337\210\271\275\105\005\225"
 "\033\256\374\106\152\114\257\110\343\316\256\017\322\176\353\346"
 "\154\234\117\201\152\172\144\254\273\076\325\347\313\166\056\305"
 "\247\110\301\134\220\017\313\310\077\372\346\062\341\215\033\157"
 "\244\346\216\330\371\051\110\212\316\163\376\054"
 , (PRUint32)1388 }
 };
-static const NSSItem nss_builtins_items_99 [] = {
+static const NSSItem nss_builtins_items_89 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"GeoTrust Universal CA", (PRUint32)22 },
   { (void *)"\346\041\363\065\103\171\005\232\113\150\060\235\212\057\164\042"
 "\025\207\354\171"
 , (PRUint32)20 },
@@ -6885,17 +6231,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)71 },
   { (void *)"\002\001\001"
 , (PRUint32)3 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_100 [] = {
+static const NSSItem nss_builtins_items_90 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"GeoTrust Universal CA 2", (PRUint32)24 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\107\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
 "\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162\165"
@@ -6996,17 +6342,17 @@ static const NSSItem nss_builtins_items_
 "\351\242\334\257\176\030\022\203\375\126\027\101\056\325\051\202"
 "\175\231\364\061\366\161\251\317\054\001\047\245\005\271\252\262"
 "\110\116\052\357\237\223\122\121\225\074\122\163\216\126\114\027"
 "\100\300\011\050\344\213\152\110\123\333\354\315\125\125\361\306"
 "\370\351\242\054\114\246\321\046\137\176\257\132\114\332\037\246"
 "\362\034\054\176\256\002\026\322\126\320\057\127\123\107\350\222"
 , (PRUint32)1392 }
 };
-static const NSSItem nss_builtins_items_101 [] = {
+static const NSSItem nss_builtins_items_91 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"GeoTrust Universal CA 2", (PRUint32)24 },
   { (void *)"\067\232\031\173\101\205\105\065\014\246\003\151\363\074\056\257"
 "\107\117\040\171"
 , (PRUint32)20 },
@@ -7020,17 +6366,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)73 },
   { (void *)"\002\001\001"
 , (PRUint32)3 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_102 [] = {
+static const NSSItem nss_builtins_items_92 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"UTN-USER First-Network Applications", (PRUint32)36 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\201\243\061\013\060\011\006\003\125\004\006\023\002\125\123"
 "\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060"
@@ -7128,17 +6474,17 @@ static const NSSItem nss_builtins_items_
 "\255\006\264\334\010\243\004\325\051\244\226\232\022\147\112\214"
 "\140\105\235\361\043\232\260\000\234\150\265\230\120\323\357\216"
 "\056\222\145\261\110\076\041\276\025\060\052\015\265\014\243\153"
 "\077\256\177\127\365\037\226\174\337\157\335\202\060\054\145\033"
 "\100\112\315\150\271\162\354\161\166\354\124\216\037\205\014\001"
 "\152\372\246\070\254\037\304\204"
 , (PRUint32)1128 }
 };
-static const NSSItem nss_builtins_items_103 [] = {
+static const NSSItem nss_builtins_items_93 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"UTN-USER First-Network Applications", (PRUint32)36 },
   { (void *)"\135\230\234\333\025\226\021\066\121\145\144\033\126\017\333\352"
 "\052\302\076\361"
 , (PRUint32)20 },
@@ -7159,17 +6505,17 @@ static const NSSItem nss_builtins_items_
   { (void *)"\002\020\104\276\014\213\120\000\044\264\021\323\066\060\113\300"
 "\063\167"
 , (PRUint32)18 },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_104 [] = {
+static const NSSItem nss_builtins_items_94 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"America Online Root Certification Authority 1", (PRUint32)46 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\143\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
 "\034\060\032\006\003\125\004\012\023\023\101\155\145\162\151\143"
@@ -7246,17 +6592,17 @@ static const NSSItem nss_builtins_items_
 "\335\245\270\062\237\215\340\051\337\041\164\206\202\333\057\202"
 "\060\306\307\065\206\263\371\226\137\106\333\014\105\375\363\120"
 "\303\157\306\303\110\255\106\246\341\047\107\012\035\016\233\266"
 "\302\167\177\143\362\340\175\032\276\374\340\337\327\307\247\154"
 "\260\371\256\272\074\375\164\264\021\350\130\015\200\274\323\250"
 "\200\072\231\355\165\314\106\173"
 , (PRUint32)936 }
 };
-static const NSSItem nss_builtins_items_105 [] = {
+static const NSSItem nss_builtins_items_95 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"America Online Root Certification Authority 1", (PRUint32)46 },
   { (void *)"\071\041\301\025\301\135\016\312\134\313\133\304\360\175\041\330"
 "\005\013\126\152"
 , (PRUint32)20 },
@@ -7272,17 +6618,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)101 },
   { (void *)"\002\001\001"
 , (PRUint32)3 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_106 [] = {
+static const NSSItem nss_builtins_items_96 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"America Online Root Certification Authority 2", (PRUint32)46 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\143\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
 "\034\060\032\006\003\125\004\012\023\023\101\155\145\162\151\143"
@@ -7391,17 +6737,17 @@ static const NSSItem nss_builtins_items_
 "\375\034\215\000\017\270\067\337\147\212\235\146\251\002\152\221"
 "\377\023\312\057\135\203\274\207\223\154\334\044\121\026\004\045"
 "\146\372\263\331\302\272\051\276\232\110\070\202\231\364\277\073"
 "\112\061\031\371\277\216\041\063\024\312\117\124\137\373\316\373"
 "\217\161\177\375\136\031\240\017\113\221\270\304\124\274\006\260"
 "\105\217\046\221\242\216\376\251"
 , (PRUint32)1448 }
 };
-static const NSSItem nss_builtins_items_107 [] = {
+static const NSSItem nss_builtins_items_97 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"America Online Root Certification Authority 2", (PRUint32)46 },
   { (void *)"\205\265\377\147\233\014\171\226\037\310\156\104\042\000\106\023"
 "\333\027\222\204"
 , (PRUint32)20 },
@@ -7417,17 +6763,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)101 },
   { (void *)"\002\001\001"
 , (PRUint32)3 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_108 [] = {
+static const NSSItem nss_builtins_items_98 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Visa eCommerce Root", (PRUint32)20 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\153\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
 "\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057"
@@ -7505,17 +6851,17 @@ static const NSSItem nss_builtins_items_
 "\004\231\040\066\320\140\156\141\006\273\026\102\214\160\367\060"
 "\373\340\333\146\243\000\001\275\346\054\332\221\137\240\106\213"
 "\115\152\234\075\075\335\005\106\376\166\277\240\012\074\344\000"
 "\346\047\267\377\204\055\336\272\042\047\226\020\161\353\042\355"
 "\337\337\063\234\317\343\255\256\216\324\216\346\117\121\257\026"
 "\222\340\134\366\007\017"
 , (PRUint32)934 }
 };
-static const NSSItem nss_builtins_items_109 [] = {
+static const NSSItem nss_builtins_items_99 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Visa eCommerce Root", (PRUint32)20 },
   { (void *)"\160\027\233\206\214\000\244\372\140\221\122\042\077\237\076\062"
 "\275\340\005\142"
 , (PRUint32)20 },
@@ -7532,17 +6878,17 @@ static const NSSItem nss_builtins_items_
   { (void *)"\002\020\023\206\065\115\035\077\006\362\301\371\145\005\325\220"
 "\034\142"
 , (PRUint32)18 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_110 [] = {
+static const NSSItem nss_builtins_items_100 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"TC TrustCenter, Germany, Class 2 CA", (PRUint32)36 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105"
 "\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165"
@@ -7624,17 +6970,17 @@ static const NSSItem nss_builtins_items_
 "\214\265\137\172\162\241\205\006\316\206\370\005\216\350\371\045"
 "\312\332\203\214\006\254\353\066\155\205\221\064\004\066\364\102"
 "\360\370\171\056\012\110\134\253\314\121\117\170\166\240\331\254"
 "\031\275\052\321\151\004\050\221\312\066\020\047\200\127\133\322"
 "\134\365\302\133\253\144\201\143\164\121\364\227\277\315\022\050"
 "\367\115\146\177\247\360\034\001\046\170\262\146\107\160\121\144"
 , (PRUint32)864 }
 };
-static const NSSItem nss_builtins_items_111 [] = {
+static const NSSItem nss_builtins_items_101 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"TC TrustCenter, Germany, Class 2 CA", (PRUint32)36 },
   { (void *)"\203\216\060\367\177\335\024\252\070\136\321\105\000\234\016\042"
 "\066\111\117\252"
 , (PRUint32)20 },
@@ -7655,17 +7001,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)191 },
   { (void *)"\002\002\003\352"
 , (PRUint32)4 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_112 [] = {
+static const NSSItem nss_builtins_items_102 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"TC TrustCenter, Germany, Class 3 CA", (PRUint32)36 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105"
 "\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165"
@@ -7747,17 +7093,17 @@ static const NSSItem nss_builtins_items_
 "\115\275\175\001\243\077\366\354\316\361\336\376\175\345\341\076"
 "\273\306\253\136\013\335\075\226\304\313\251\324\371\046\346\006"
 "\116\236\014\245\172\272\156\303\174\202\031\321\307\261\261\303"
 "\333\015\216\233\100\174\067\013\361\135\350\375\037\220\210\245"
 "\016\116\067\144\041\250\116\215\264\237\361\336\110\255\325\126"
 "\030\122\051\213\107\064\022\011\324\273\222\065\357\017\333\064"
 , (PRUint32)864 }
 };
-static const NSSItem nss_builtins_items_113 [] = {
+static const NSSItem nss_builtins_items_103 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"TC TrustCenter, Germany, Class 3 CA", (PRUint32)36 },
   { (void *)"\237\307\226\350\370\122\117\206\072\341\111\155\070\022\102\020"
 "\137\033\170\365"
 , (PRUint32)20 },
@@ -7778,17 +7124,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)191 },
   { (void *)"\002\002\003\353"
 , (PRUint32)4 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_114 [] = {
+static const NSSItem nss_builtins_items_104 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Certum Root CA", (PRUint32)15 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\076\061\013\060\011\006\003\125\004\006\023\002\120\114\061"
 "\033\060\031\006\003\125\004\012\023\022\125\156\151\172\145\164"
@@ -7849,17 +7195,17 @@ static const NSSItem nss_builtins_items_
 "\345\114\121\343\001\255\205\135\032\073\261\325\163\020\244\323"
 "\362\274\156\144\365\132\126\220\250\307\016\114\164\017\056\161"
 "\073\367\310\107\364\151\157\025\362\021\136\203\036\234\174\122"
 "\256\375\002\332\022\250\131\147\030\333\274\160\335\233\261\151"
 "\355\200\316\211\100\110\152\016\065\312\051\146\025\041\224\054"
 "\350\140\052\233\205\112\100\363\153\212\044\354\006\026\054\163"
 , (PRUint32)784 }
 };
-static const NSSItem nss_builtins_items_115 [] = {
+static const NSSItem nss_builtins_items_105 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Certum Root CA", (PRUint32)15 },
   { (void *)"\142\122\334\100\367\021\103\242\057\336\236\367\064\216\006\102"
 "\121\261\201\030"
 , (PRUint32)20 },
@@ -7872,17 +7218,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)64 },
   { (void *)"\002\003\001\000\040"
 , (PRUint32)5 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_116 [] = {
+static const NSSItem nss_builtins_items_106 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Comodo AAA Services root", (PRUint32)25 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\173\061\013\060\011\006\003\125\004\006\023\002\107\102\061"
 "\033\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145"
@@ -7970,17 +7316,17 @@ static const NSSItem nss_builtins_items_
 "\372\272\002\316\247\054\251\020\023\054\324\345\010\046\253\042"
 "\227\140\370\220\136\164\324\242\232\123\275\362\251\150\340\242"
 "\156\302\327\154\261\243\017\236\277\353\150\347\126\362\256\362"
 "\343\053\070\072\011\201\265\153\205\327\276\055\355\077\032\267"
 "\262\143\342\365\142\054\202\324\152\000\101\120\361\071\203\237"
 "\225\351\066\226\230\156"
 , (PRUint32)1078 }
 };
-static const NSSItem nss_builtins_items_117 [] = {
+static const NSSItem nss_builtins_items_107 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Comodo AAA Services root", (PRUint32)25 },
   { (void *)"\321\353\043\244\155\027\326\217\331\045\144\302\361\361\140\027"
 "\144\330\343\111"
 , (PRUint32)20 },
@@ -7997,17 +7343,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)125 },
   { (void *)"\002\001\001"
 , (PRUint32)3 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_118 [] = {
+static const NSSItem nss_builtins_items_108 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Comodo Secure Services root", (PRUint32)28 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\176\061\013\060\011\006\003\125\004\006\023\002\107\102\061"
 "\033\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145"
@@ -8096,17 +7442,17 @@ static const NSSItem nss_builtins_items_
 "\150\076\265\046\127\356\266\340\266\335\271\051\200\171\175\217"
 "\243\360\244\050\244\025\304\205\364\047\324\153\277\345\134\344"
 "\145\002\166\124\264\343\067\146\044\323\031\141\310\122\020\345"
 "\213\067\232\271\251\371\035\277\352\231\222\141\226\377\001\315"
 "\241\137\015\274\161\274\016\254\013\035\107\105\035\301\354\174"
 "\354\375\051"
 , (PRUint32)1091 }
 };
-static const NSSItem nss_builtins_items_119 [] = {
+static const NSSItem nss_builtins_items_109 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Comodo Secure Services root", (PRUint32)28 },
   { (void *)"\112\145\325\364\035\357\071\270\270\220\112\112\323\144\201\063"
 "\317\307\241\321"
 , (PRUint32)20 },
@@ -8123,17 +7469,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)128 },
   { (void *)"\002\001\001"
 , (PRUint32)3 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_120 [] = {
+static const NSSItem nss_builtins_items_110 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Comodo Trusted Services root", (PRUint32)29 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\177\061\013\060\011\006\003\125\004\006\023\002\107\102\061"
 "\033\060\031\006\003\125\004\010\014\022\107\162\145\141\164\145"
@@ -8224,17 +7570,17 @@ static const NSSItem nss_builtins_items_
 "\306\241\161\354\077\240\040\214\146\072\211\264\216\324\330\261"
 "\115\045\107\356\057\210\310\265\341\005\105\300\276\024\161\336"
 "\172\375\216\173\175\115\010\226\245\022\163\360\055\312\067\047"
 "\164\022\047\114\313\266\227\351\331\256\010\155\132\071\100\335"
 "\005\107\165\152\132\041\263\243\030\317\116\367\056\127\267\230"
 "\160\136\310\304\170\260\142"
 , (PRUint32)1095 }
 };
-static const NSSItem nss_builtins_items_121 [] = {
+static const NSSItem nss_builtins_items_111 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"Comodo Trusted Services root", (PRUint32)29 },
   { (void *)"\341\237\343\016\213\204\140\236\200\233\027\015\162\250\305\272"
 "\156\024\011\275"
 , (PRUint32)20 },
@@ -8252,17 +7598,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)129 },
   { (void *)"\002\001\001"
 , (PRUint32)3 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_122 [] = {
+static const NSSItem nss_builtins_items_112 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"IPS Chained CAs root", (PRUint32)21 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\202\001\034\061\013\060\011\006\003\125\004\006\023\002\105"
 "\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143"
@@ -8430,17 +7776,17 @@ static const NSSItem nss_builtins_items_
 "\307\276\227\052\223\200\064\206\003\372\334\330\075\036\007\315"
 "\036\163\103\044\140\365\035\141\334\334\226\240\274\373\035\343"
 "\347\022\000\047\063\002\300\300\053\123\075\330\153\003\201\243"
 "\333\326\223\225\040\357\323\226\176\046\220\211\234\046\233\315"
 "\157\146\253\355\003\042\104\070\314\131\275\237\333\366\007\242"
 "\001\177\046\304\143\365\045\102\136\142\275"
 , (PRUint32)2043 }
 };
-static const NSSItem nss_builtins_items_123 [] = {
+static const NSSItem nss_builtins_items_113 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"IPS Chained CAs root", (PRUint32)21 },
   { (void *)"\310\302\137\026\236\370\120\164\325\276\350\315\242\324\074\256"
 "\347\137\322\127"
 , (PRUint32)20 },
@@ -8467,17 +7813,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)288 },
   { (void *)"\002\001\000"
 , (PRUint32)3 },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_124 [] = {
+static const NSSItem nss_builtins_items_114 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"IPS CLASE1 root", (PRUint32)16 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\202\001\022\061\013\060\011\006\003\125\004\006\023\002\105"
 "\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143"
@@ -8644,17 +7990,17 @@ static const NSSItem nss_builtins_items_
 "\112\266\162\100\256\123\164\364\274\005\264\306\331\310\311\167"
 "\373\267\371\064\177\170\000\370\326\244\344\122\077\054\112\143"
 "\127\201\165\132\216\350\214\373\002\300\224\306\051\272\263\334"
 "\034\350\262\257\322\056\142\133\032\251\216\016\314\305\127\105"
 "\121\024\351\116\034\210\245\221\364\243\367\216\121\310\251\276"
 "\206\063\076\346\057\110\156\257\124\220\116\255\261\045"
 , (PRUint32)2030 }
 };
-static const NSSItem nss_builtins_items_125 [] = {
+static const NSSItem nss_builtins_items_115 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"IPS CLASE1 root", (PRUint32)16 },
   { (void *)"\103\236\122\137\132\152\107\303\054\353\304\134\143\355\071\061"
 "\174\345\364\337"
 , (PRUint32)20 },
@@ -8681,17 +8027,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)278 },
   { (void *)"\002\001\000"
 , (PRUint32)3 },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_126 [] = {
+static const NSSItem nss_builtins_items_116 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"IPS CLASE3 root", (PRUint32)16 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\202\001\022\061\013\060\011\006\003\125\004\006\023\002\105"
 "\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143"
@@ -8858,17 +8204,17 @@ static const NSSItem nss_builtins_items_
 "\006\055\176\046\305\074\372\241\301\201\316\123\260\102\321\227"
 "\127\032\027\176\244\121\141\306\356\351\136\357\005\272\353\275"
 "\017\247\222\157\330\243\006\150\051\216\171\365\377\277\371\247"
 "\257\344\261\316\302\321\200\102\047\005\004\064\370\303\177\026"
 "\170\043\014\007\044\362\106\107\255\073\124\320\257\325\061\262"
 "\257\175\310\352\351\324\126\331\016\023\262\305\105\120"
 , (PRUint32)2030 }
 };
-static const NSSItem nss_builtins_items_127 [] = {
+static const NSSItem nss_builtins_items_117 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"IPS CLASE3 root", (PRUint32)16 },
   { (void *)"\101\170\253\114\277\316\173\101\002\254\332\304\223\076\157\365"
 "\015\317\161\134"
 , (PRUint32)20 },
@@ -8895,17 +8241,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)278 },
   { (void *)"\002\001\000"
 , (PRUint32)3 },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_128 [] = {
+static const NSSItem nss_builtins_items_118 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"IPS CLASEA1 root", (PRUint32)17 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\202\001\024\061\013\060\011\006\003\125\004\006\023\002\105"
 "\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143"
@@ -9073,17 +8419,17 @@ static const NSSItem nss_builtins_items_
 "\113\130\040\065\066\161\355\242\012\065\022\245\246\145\247\205"
 "\151\012\016\343\141\356\352\276\050\223\063\325\354\350\276\304"
 "\333\137\177\250\371\143\061\310\153\226\342\051\302\133\240\347"
 "\227\066\235\167\136\061\153\376\323\247\333\052\333\333\226\213"
 "\037\146\336\266\003\300\053\263\170\326\125\007\345\217\071\120"
 "\336\007\043\162\346\275\040\024\113\264\206"
 , (PRUint32)2043 }
 };
-static const NSSItem nss_builtins_items_129 [] = {
+static const NSSItem nss_builtins_items_119 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"IPS CLASEA1 root", (PRUint32)17 },
   { (void *)"\063\243\065\302\074\350\003\113\004\341\075\345\304\216\171\032"
 "\353\214\062\004"
 , (PRUint32)20 },
@@ -9110,17 +8456,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)280 },
   { (void *)"\002\001\000"
 , (PRUint32)3 },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_130 [] = {
+static const NSSItem nss_builtins_items_120 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"IPS CLASEA3 root", (PRUint32)17 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\202\001\024\061\013\060\011\006\003\125\004\006\023\002\105"
 "\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143"
@@ -9288,17 +8634,17 @@ static const NSSItem nss_builtins_items_
 "\201\000\045\107\257\324\017\016\236\140\046\250\225\247\203\010"
 "\337\055\254\351\016\367\234\310\237\313\223\105\361\272\152\306"
 "\147\121\112\151\117\153\376\175\013\057\122\051\302\120\255\044"
 "\104\355\043\263\110\313\104\100\301\003\225\014\012\170\006\022"
 "\001\365\221\061\055\111\215\273\077\105\116\054\340\350\315\265"
 "\311\024\025\014\343\007\203\233\046\165\357"
 , (PRUint32)2043 }
 };
-static const NSSItem nss_builtins_items_131 [] = {
+static const NSSItem nss_builtins_items_121 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"IPS CLASEA3 root", (PRUint32)17 },
   { (void *)"\026\324\044\376\226\020\341\165\031\257\043\053\266\207\164\342"
 "\101\104\276\156"
 , (PRUint32)20 },
@@ -9325,17 +8671,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)280 },
   { (void *)"\002\001\000"
 , (PRUint32)3 },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_132 [] = {
+static const NSSItem nss_builtins_items_122 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"IPS Timestamping root", (PRUint32)22 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\202\001\036\061\013\060\011\006\003\125\004\006\023\002\105"
 "\123\061\022\060\020\006\003\125\004\010\023\011\102\141\162\143"
@@ -9509,17 +8855,17 @@ static const NSSItem nss_builtins_items_
 "\350\303\133\260\304\147\055\150\132\262\137\016\012\372\315\077"
 "\072\105\241\352\066\317\046\036\247\021\050\305\224\217\204\114"
 "\123\010\305\223\263\374\342\177\365\215\363\261\251\205\137\210"
 "\336\221\226\356\027\133\256\245\352\160\145\170\054\041\144\001"
 "\225\316\316\114\076\120\364\266\131\313\143\215\266\275\030\324"
 "\207\112\137\334\357\351\126\360\012\014\350\165"
 , (PRUint32)2108 }
 };
-static const NSSItem nss_builtins_items_133 [] = {
+static const NSSItem nss_builtins_items_123 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"IPS Timestamping root", (PRUint32)22 },
   { (void *)"\226\231\134\167\021\350\345\055\371\343\113\354\354\147\323\313"
 "\361\266\304\322"
 , (PRUint32)20 },
@@ -9547,17 +8893,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)290 },
   { (void *)"\002\001\000"
 , (PRUint32)3 },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trust_unknown, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_134 [] = {
+static const NSSItem nss_builtins_items_124 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"QuoVadis Root CA", (PRUint32)17 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\177\061\013\060\011\006\003\125\004\006\023\002\102\115\061"
 "\031\060\027\006\003\125\004\012\023\020\121\165\157\126\141\144"
@@ -9673,17 +9019,17 @@ static const NSSItem nss_builtins_items_
 "\154\241\273\236\372\004\154\111\046\164\217\322\163\353\314\060"
 "\242\346\352\131\042\207\370\227\365\016\375\352\314\222\244\026"
 "\304\122\030\352\041\316\261\361\346\204\201\345\272\251\206\050"
 "\362\103\132\135\022\235\254\036\331\250\345\012\152\247\177\240"
 "\207\051\317\362\211\115\324\354\305\342\346\172\320\066\043\212"
 "\112\164\066\371"
 , (PRUint32)1492 }
 };
-static const NSSItem nss_builtins_items_135 [] = {
+static const NSSItem nss_builtins_items_125 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"QuoVadis Root CA", (PRUint32)17 },
   { (void *)"\336\077\100\275\120\223\323\233\154\140\366\332\274\007\142\001"
 "\000\211\166\311"
 , (PRUint32)20 },
@@ -9701,17 +9047,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)129 },
   { (void *)"\002\004\072\266\120\213"
 , (PRUint32)6 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_136 [] = {
+static const NSSItem nss_builtins_items_126 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"QuoVadis Root CA 2", (PRUint32)19 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\105\061\013\060\011\006\003\125\004\006\023\002\102\115\061"
 "\031\060\027\006\003\125\004\012\023\020\121\165\157\126\141\144"
@@ -9817,17 +9163,17 @@ static const NSSItem nss_builtins_items_
 "\272\027\102\202\227\161\201\123\061\251\237\366\175\142\277\162"
 "\341\243\223\035\314\212\046\132\011\070\320\316\327\015\200\026"
 "\264\170\245\072\207\114\215\212\245\325\106\227\362\054\020\271"
 "\274\124\042\300\001\120\151\103\236\364\262\357\155\370\354\332"
 "\361\343\261\357\337\221\217\124\052\013\045\301\046\031\304\122"
 "\020\005\145\325\202\020\352\302\061\315\056"
 , (PRUint32)1467 }
 };
-static const NSSItem nss_builtins_items_137 [] = {
+static const NSSItem nss_builtins_items_127 [] = {
   { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"QuoVadis Root CA 2", (PRUint32)19 },
   { (void *)"\312\072\373\317\022\100\066\113\104\262\026\040\210\200\110\071"
 "\031\223\174\367"
 , (PRUint32)20 },
@@ -9841,17 +9187,17 @@ static const NSSItem nss_builtins_items_
 , (PRUint32)71 },
   { (void *)"\002\002\005\011"
 , (PRUint32)4 },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
 };
-static const NSSItem nss_builtins_items_138 [] = {
+static const NSSItem nss_builtins_items_128 [] = {
   { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
   { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
   { (void *)"QuoVadis Root CA 3", (PRUint32)19 },
   { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
   { (void *)"\060\105\061\013\060\011\006\003\125\004\006\023\002\102\115\061"
 "\031\060\027\006\003\125\004\012\02