Bugzilla bug 130703: fixed several issues in the NSS 3.4 exported headers.

1) Preseve the position of NSS 3.3 elements in the data structures. Some new fields replace some old deprecated fields where possible to preserve the total size of the structure. 2) Stan headers are removed from public exports. 3) Some exported functions didn't have prototypes in the public headers. 4) One bug fix: dev3hack.c did not pass the second argument to nssToken_DestroyCertList. 5) Include the necessary headers to fix undeclared function warnings.
2002-03-14 04:12:25 +00:00 · 2002-03-14 04:12:25 +00:00 · 62b88996d5
--- a/security/nss/cmd/bltest/blapitest.c
+++ b/security/nss/cmd/bltest/blapitest.c
@ -35,6 +35,7 @@
 #include <stdlib.h>

 #include "blapi.h"
+#include "secrng.h"
 #include "prmem.h"
 #include "prprf.h"
 #include "prtime.h"
--- a/security/nss/lib/asn1/manifest.mn
+++ b/security/nss/lib/asn1/manifest.mn
@ -30,7 +30,7 @@
 # may use your version of this file under either the MPL or the
 # GPL.
 #
-MANIFEST_CVS_ID = "@(#) $RCSfile: manifest.mn,v $ $Revision: 1.1 $ $Date: 2000/03/31 19:56:37 $ $Name:  $"
+MANIFEST_CVS_ID = "@(#) $RCSfile: manifest.mn,v $ $Revision: 1.2 $ $Date: 2002/03/14 04:12:09 $ $Name:  $"

 CORE_DEPTH = ../../..

@ -38,10 +38,10 @@ PRIVATE_EXPORTS = \
 	asn1t.h		  \
 	asn1m.h		  \
 	asn1.h		  \
+	nssasn1t.h	  \
 	$(NULL)

 EXPORTS =	   \
-	nssasn1t.h \
 	$(NULL)

 MODULE = security
--- a/security/nss/lib/certdb/cert.h
+++ b/security/nss/lib/certdb/cert.h
@ -34,7 +34,7 @@
 /*
 * cert.h - public data structures and prototypes for the certificate library
 *
- * $Id: cert.h,v 1.14 2001/12/07 01:35:47 relyea%netscape.com Exp $
+ * $Id: cert.h,v 1.15 2002/03/14 04:12:11 wtc%netscape.com Exp $
 */

 #ifndef _CERT_H_
@ -575,6 +575,9 @@ extern CERTCertificate *CERT_DecodeCertFromPackage(char *certbuf, int certlen);
 extern SECStatus
 CERT_ImportCAChain (SECItem *certs, int numcerts, SECCertUsage certUsage);

+extern SECStatus
+CERT_ImportCAChainTrusted(SECItem *certs, int numcerts, SECCertUsage certUsage);
+
 /*
 ** Read a certificate chain in some foreign format, and pass it to a 
 ** callback function.
--- a/security/nss/lib/certdb/certt.h
+++ b/security/nss/lib/certdb/certt.h
@ -33,7 +33,7 @@
 /*
 * certt.h - public data structures for the certificate library
 *
- * $Id: certt.h,v 1.14 2002/01/11 17:31:09 relyea%netscape.com Exp $
+ * $Id: certt.h,v 1.15 2002/03/14 04:12:11 wtc%netscape.com Exp $
 */
 #ifndef _CERTT_H_
 #define _CERTT_H_
@ -49,10 +49,9 @@
 #include "prio.h"
 #include "prmon.h"

-#ifndef NSS_3_4_CODE
-#define NSS_3_4_CODE
-#endif /* NSS_3_4_CODE */
-#include "nsspkit.h"
+/* Stan data types */
+struct NSSCertificateStr;
+struct NSSTrustDomainStr;

 /* Non-opaque objects */
 typedef struct CERTAVAStr                        CERTAVA;
@ -63,7 +62,7 @@ typedef struct CERTBasicConstraintsStr           CERTBasicConstraints;
 #ifdef NSS_CLASSIC
 typedef struct CERTCertDBHandleStr               CERTCertDBHandle;
 #else
-typedef NSSTrustDomain                           CERTCertDBHandle;
+typedef struct NSSTrustDomainStr                 CERTCertDBHandle;
 #endif
 typedef struct CERTCertExtensionStr              CERTCertExtension;
 typedef struct CERTCertKeyStr                    CERTCertKey;
@ -272,7 +271,7 @@ struct CERTCertificateStr {
    PRBool istemp;
    char *nickname;
    char *dbnickname;
-    void *dbEntry;		 /* database entry struct */
+    struct NSSCertificateStr *nssCertificate;	/* This is Stan stuff. */
    CERTCertTrust *trust;

    /* the reference count is modified whenever someone looks up, dups
@ -300,9 +299,6 @@ struct CERTCertificateStr {
    PK11SlotInfo *slot;		/*if this cert came of a token, which is it*/
    CK_OBJECT_HANDLE pkcs11ID;	/*and which object on that token is it */
    PRBool ownSlot;		/*true if the cert owns the slot reference */
-
-    /* This is Stan stuff. */
-    NSSCertificate *nssCertificate;
 };
 #define SEC_CERTIFICATE_VERSION_1		0	/* default created */
 #define SEC_CERTIFICATE_VERSION_2		1	/* v2 */
@ -401,17 +397,16 @@ struct CERTCrlKeyStr {
 struct CERTSignedCrlStr {
    PRArenaPool *arena;
    CERTCrl crl;
-    /*certDBEntryRevocation *dbEntry;	 database entry struct */
    SECItem *derCrl;
-    PK11SlotInfo *slot;
-    /* PRBool keep;		 keep this crl in the cache for the  session*/
-    CK_OBJECT_HANDLE pkcs11ID;
+    PRBool reserved;
    PRBool isperm;
    PRBool istemp;
    int referenceCount;
    CERTCertDBHandle *dbhandle;
    CERTSignedData signatureWrap;	/* XXX */
    char *url;
+    PK11SlotInfo *slot;
+    CK_OBJECT_HANDLE pkcs11ID;
 };


--- a/security/nss/lib/ckfw/nssckepv.h
+++ b/security/nss/lib/ckfw/nssckepv.h
@ -31,4 +31,9 @@
 * may use your version of this file under either the MPL or the
 * GPL.
 */
+#ifndef NSSCKEPV_H
+#define NSSCKEPV_H
+
 #include "pkcs11.h"
+
+#endif /* NSSCKEPV_H */
--- a/security/nss/lib/ckfw/nssckft.h
+++ b/security/nss/lib/ckfw/nssckft.h
@ -32,4 +32,9 @@
 * GPL.
 */

+#ifndef _NSSCKFT_H_
+#define _NSSCKFT_H_ 1
+
 #include "pkcs11t.h"
+
+#endif /* _NSSCKFT_H_ */
--- a/security/nss/lib/ckfw/nssckg.h
+++ b/security/nss/lib/ckfw/nssckg.h
@ -31,4 +31,9 @@
 * may use your version of this file under either the MPL or the
 * GPL.
 */
+#ifndef NSSCKG_H
+#define NSSCKG_H
+
 #include "pkcs11.h"
+
+#endif /* NSSCKG_H */
--- a/security/nss/lib/dev/manifest.mn
+++ b/security/nss/lib/dev/manifest.mn
@ -30,7 +30,7 @@
 # may use your version of this file under either the MPL or the
 # GPL.
 #
-MANIFEST_CVS_ID = "@(#) $RCSfile: manifest.mn,v $ $Revision: 1.4 $ $Date: 2001/11/28 16:23:39 $ $Name:  $"
+MANIFEST_CVS_ID = "@(#) $RCSfile: manifest.mn,v $ $Revision: 1.5 $ $Date: 2002/03/14 04:12:15 $ $Name:  $"

 CORE_DEPTH = ../../..

@ -38,10 +38,10 @@ PRIVATE_EXPORTS = \
 	ckhelper.h \
 	devt.h     \
 	dev.h      \
+	nssdevt.h  \
 	$(NULL)

 EXPORTS =	   \
-	nssdevt.h  \
 	$(NULL)

 MODULE = security
--- a/security/nss/lib/jar/jarjart.c
+++ b/security/nss/lib/jar/jarjart.c
@ -76,9 +76,8 @@ static SECStatus jar_list_cert_callback

  ugly_list = (char **) data;

-  if (cert && cert->dbEntry)
+  if (cert)
    {
-    /* name = cert->dbEntry->nickname; */
    name = cert->nickname;

    trusted = cert->trust->objectSigningFlags & CERTDB_USER;
--- a/security/nss/lib/nss/nss.h
+++ b/security/nss/lib/nss/nss.h
@ -32,7 +32,7 @@
 * may use your version of this file under either the MPL or the
 * GPL.
 *
- * $Id: nss.h,v 1.17 2002/02/02 19:39:45 ian.mcgreer%sun.com Exp $
+ * $Id: nss.h,v 1.18 2002/03/14 04:12:19 wtc%netscape.com Exp $
 */

 #ifndef __nss_h_
@ -146,7 +146,7 @@ void PK11_ConfigurePKCS11(const char *man, const char *libdes,
 * Dump the contents of the certificate cache and the temporary cert store.
 * Use to detect leaked references of certs at shutdown time.
 */
-void nss_DumpCertificateCacheInfo();
+void nss_DumpCertificateCacheInfo(void);

 SEC_END_PROTOS

--- a/security/nss/lib/pk11wrap/dev3hack.c
+++ b/security/nss/lib/pk11wrap/dev3hack.c
@ -32,7 +32,7 @@
 */

 #ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile: dev3hack.c,v $ $Revision: 1.8 $ $Date: 2002/03/06 01:44:49 $ $Name:  $";
+static const char CVS_ID[] = "@(#) $RCSfile: dev3hack.c,v $ $Revision: 1.9 $ $Date: 2002/03/14 04:12:20 $ $Name:  $";
 #endif /* DEBUG */

 #ifndef NSS_3_4_CODE
@ -47,6 +47,7 @@ static const char CVS_ID[] = "@(#) $RCSfile: dev3hack.c,v $ $Revision: 1.8 $ $Da
 #include "devt.h"
 #endif /* DEVT_H */

+#include "pki3hack.h"
 #include "dev3hack.h"

 #ifndef BASE_H
@ -186,7 +187,7 @@ nssToken_Refresh(NSSToken *token)
                                                       nss3slot->session,
                                                       nss3slot->sessionLock,
                                                       nss3slot->defRWSession);
-    nssToken_DestroyCertList(token);
+    nssToken_DestroyCertList(token, PR_TRUE);
    return nssToken_LoadCerts(token);
 }

--- a/security/nss/lib/pk11wrap/pk11func.h
+++ b/security/nss/lib/pk11wrap/pk11func.h
@ -47,11 +47,6 @@
 #include "pkcs7t.h"
 #include "cmsreclist.h"

-#ifndef NSS_3_4_CODE
-#define NSS_3_4_CODE
-#endif /* NSS_3_4_CODE */
-#include "nssdevt.h"
-
 SEC_BEGIN_PROTOS

 /************************************************************
@ -96,8 +91,6 @@ void PK11_EnterSlotMonitor(PK11SlotInfo *);
 void PK11_ExitSlotMonitor(PK11SlotInfo *);
 void PK11_CleanKeyList(PK11SlotInfo *slot);

-void PK11Slot_SetNSSToken(PK11SlotInfo *slot, NSSToken *token);
-

 /************************************************************
 *  Slot Password Management
--- a/security/nss/lib/pk11wrap/pk11slot.c
+++ b/security/nss/lib/pk11wrap/pk11slot.c
@ -51,6 +51,7 @@
 #include "secerr.h"
 /*#include "secpkcs5.h" */

+#include "dev.h"
 #include "dev3hack.h"
 #include "pki3hack.h"

--- a/security/nss/lib/pk11wrap/secpkcs5.h
+++ b/security/nss/lib/pk11wrap/secpkcs5.h
@ -46,12 +46,26 @@ typedef enum {

 typedef struct PBEBitGenContextStr PBEBitGenContext;

+SEC_BEGIN_PROTOS
+
 SECAlgorithmID *
 SEC_PKCS5CreateAlgorithmID(SECOidTag algorithm, SECItem *salt, int iteration);

+/* Get the initialization vector.  The password is passed in, hashing
+ * is performed, and the initialization vector is returned.
+ *  algid is a pointer to a PBE algorithm ID
+ *  pwitem is the password
+ * If an error occurs or the algorithm id is not a PBE algrithm,
+ * NULL is returned.  Otherwise, the iv is returned in a secitem.
+ */
+SECItem *
+SEC_PKCS5GetIV(SECAlgorithmID *algid, SECItem *pwitem, PRBool faulty3DES);
+
 SECOidTag SEC_PKCS5GetCryptoAlgorithm(SECAlgorithmID *algid);
 PRBool SEC_PKCS5IsAlgorithmPBEAlg(SECAlgorithmID *algid);
 SECOidTag SEC_PKCS5GetPBEAlgorithm(SECOidTag algTag, int keyLen);
 int SEC_PKCS5GetKeyLength(SECAlgorithmID *algid);

+SEC_END_PROTOS
+
 #endif /* _SECPKS5_H_ */
--- a/security/nss/lib/pkcs7/pkcs7t.h
+++ b/security/nss/lib/pkcs7/pkcs7t.h
@ -34,7 +34,7 @@
 /*
 * Header for pkcs7 types.
 *
- * $Id: pkcs7t.h,v 1.3 2001/09/20 21:37:16 relyea%netscape.com Exp $
+ * $Id: pkcs7t.h,v 1.4 2002/03/14 04:12:23 wtc%netscape.com Exp $
 */

 #ifndef _PKCS7T_H_
@ -224,10 +224,10 @@ struct SEC_PKCS7AttributeStr {
   scenario and data specifics. */
 typedef enum
 {
+	SECKEAInvalid = -1,
 	SECKEAUsesSkipjack = 0,
 	SECKEAUsesNonSkipjack = 1,
-	SECKEAUsesNonSkipjackWithPaddedEncKey = 2,
-	SECKEAInvalid = -1
+	SECKEAUsesNonSkipjackWithPaddedEncKey = 2
 } SECKEATemplateSelector;

 /* ### mwelch - S/MIME KEA parameters. These don't really fit here,
--- a/security/nss/lib/pki/manifest.mn
+++ b/security/nss/lib/pki/manifest.mn
@ -30,18 +30,18 @@
 # may use your version of this file under either the MPL or the
 # GPL.
 #
-MANIFEST_CVS_ID = "@(#) $RCSfile: manifest.mn,v $ $Revision: 1.9 $ $Date: 2002/01/07 19:14:40 $ $Name:  $"
+MANIFEST_CVS_ID = "@(#) $RCSfile: manifest.mn,v $ $Revision: 1.10 $ $Date: 2002/03/14 04:12:25 $ $Name:  $"

 CORE_DEPTH = ../../..

 PRIVATE_EXPORTS = \
 	pki.h      \
 	pkit.h     \
+	nsspkit.h  \
+	nsspki.h   \
 	$(NULL)

 EXPORTS =	   \
-	nsspkit.h \
-	nsspki.h  \
 	$(NULL)

 MODULE = security
--- a/security/nss/lib/pki/pki3hack.h
+++ b/security/nss/lib/pki/pki3hack.h
@ -35,9 +35,13 @@
 #define PKINSS3HACK_H

 #ifdef DEBUG
-static const char PKINSS3HACK_CVS_ID[] = "@(#) $RCSfile: pki3hack.h,v $ $Revision: 1.7 $ $Date: 2002/02/28 22:55:30 $ $Name:  $";
+static const char PKINSS3HACK_CVS_ID[] = "@(#) $RCSfile: pki3hack.h,v $ $Revision: 1.8 $ $Date: 2002/03/14 04:12:25 $ $Name:  $";
 #endif /* DEBUG */

+#ifndef NSSDEVT_H
+#include "nssdevt.h"
+#endif /* NSSDEVT_H */
+
 #ifndef NSSPKIT_H
 #include "nsspkit.h"
 #endif /* NSSPKIT_H */