Bug 967153: Update to NSS 3.16 beta 2 (NSS_3_16_BETA2), r=me, a=sledru
authorBrian Smith <brian@briansmith.org>
Tue, 18 Feb 2014 13:23:26 -0800
changeset 182909 b0b52ea69cec5481c3529983c127cf06c510765b
parent 182908 a4b2ec56361dfff0ec40856beaa6b1e6988cce9c
child 182910 0f5364659f88f5e763b932944a024707b2991d67
push id3343
push userffxbld
push dateMon, 17 Mar 2014 21:55:32 +0000
treeherdermozilla-beta@2f7d3415f79f [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersme, sledru
bugs967153
milestone29.0a2
Bug 967153: Update to NSS 3.16 beta 2 (NSS_3_16_BETA2), r=me, a=sledru
security/nss/TAG-INFO
security/nss/cmd/atob/atob.c
security/nss/coreconf/coreconf.dep
security/nss/lib/smime/smime.def
--- a/security/nss/TAG-INFO
+++ b/security/nss/TAG-INFO
@@ -1,1 +1,1 @@
-NSS_3_16_BETA1
+NSS_3_16_BETA2
--- a/security/nss/cmd/atob/atob.c
+++ b/security/nss/cmd/atob/atob.c
@@ -30,44 +30,65 @@ output_binary (void *arg, const unsigned
     if (nb != size) {
 	PORT_SetError(SEC_ERROR_IO);
 	return -1;
     }
 
     return nb;
 }
 
+static PRBool
+isBase64Char(char c)
+{
+    return ((c >= 'A' && c <= 'Z')
+	    || (c >= 'a' && c <= 'z')
+	    || (c >= '0' && c <= '9')
+	    || c == '+'
+	    || c == '/'
+	    || c == '=');
+}
+
 static SECStatus
 decode_file(FILE *outFile, FILE *inFile)
 {
     NSSBase64Decoder *cx;
-    int nb;
     SECStatus status = SECFailure;
     char ibuf[4096];
+    const char *ptr;
 
     cx = NSSBase64Decoder_Create(output_binary, outFile);
     if (!cx) {
 	return -1;
     }
 
     for (;;) {
 	if (feof(inFile)) break;
-	nb = fread(ibuf, 1, sizeof(ibuf), inFile);
-	if (nb != sizeof(ibuf)) {
-	    if (nb == 0) {
-		if (ferror(inFile)) {
-		    PORT_SetError(SEC_ERROR_IO);
-		    goto loser;
-		}
-		/* eof */
-		break;
+	if (!fgets(ibuf, sizeof(ibuf), inFile)) {
+	    if (ferror(inFile)) {
+		PORT_SetError(SEC_ERROR_IO);
+		goto loser;
+	    }
+	    /* eof */
+	    break;
+	}
+	for (ptr = ibuf; *ptr; ++ptr) {
+	    char c = *ptr;
+	    if (c == '\n' || c == '\r') {
+		break; /* found end of line */
+	    }
+	    if (!isBase64Char(c)) {
+	      ptr = ibuf; /* ignore line */
+	      break;
 	    }
 	}
+	if (ibuf == ptr) {
+	    continue; /* skip empty or non-base64 line */
+	}
 
-	status = NSSBase64Decoder_Update(cx, ibuf, nb);
+	status = NSSBase64Decoder_Update(cx, ibuf, ptr-ibuf);
 	if (status != SECSuccess) goto loser;
     }
 
     return NSSBase64Decoder_Destroy(cx, PR_FALSE);
 
   loser:
     (void) NSSBase64Decoder_Destroy(cx, PR_TRUE);
     return status;
@@ -94,20 +115,21 @@ int main(int argc, char **argv)
     PLOptStatus status;
 
     inFile = 0;
     outFile = 0;
     progName = strrchr(argv[0], '/');
     progName = progName ? progName+1 : argv[0];
 
     /* Parse command line arguments */
-    optstate = PL_CreateOptState(argc, argv, "i:o:");
+    optstate = PL_CreateOptState(argc, argv, "?hi:o:");
     while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
 	switch (optstate->option) {
 	  case '?':
+	  case 'h':
 	    Usage(progName);
 	    break;
 
 	  case 'i':
 	    inFile = fopen(optstate->value, "r");
 	    if (!inFile) {
 		fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
 			progName, optstate->value);
--- a/security/nss/coreconf/coreconf.dep
+++ b/security/nss/coreconf/coreconf.dep
@@ -5,8 +5,9 @@
 
 /*
  * A dummy header file that is a dependency for all the object files.
  * Used to force a full recompilation of NSS in Mozilla's Tinderbox
  * depend builds.  See comments in rules.mk.
  */
 
 #error "Do not include this header file."
+
--- a/security/nss/lib/smime/smime.def
+++ b/security/nss/lib/smime/smime.def
@@ -268,8 +268,14 @@ NSSSMIME_GetVersion;
 ;+       *;
 ;+};
 ;+NSS_3.15 {    # NSS 3.15 release
 ;+    global:
 SEC_PKCS7VerifyDetachedSignatureAtTime;
 ;+    local:
 ;+       *;
 ;+};
+;+NSS_3.16 {    # NSS 3.16 release
+;+    global:
+NSS_CMSSignerInfo_Verify;
+;+    local:
+;+       *;
+;+};