Closed Bug 491044 Opened 11 years ago Closed 11 years ago
Remove support for VMS (a
.k .a ., Open VMS) from NSS
Doing so will slightly decrease our maintenance burden in the long run.
This patch includes a modification to one file in freebl. That change will obviously need to wait until freebl is open.
Assignee: nobody → nelson
Comment on attachment 375404 [details] [diff] [review] Patch v1 for NSS Trunk It occurs to me that we now must consider mozilla/dbm to be frozen, as well as freebl and softoken. So there are two files modified by this patch whose modifications must wait until the FIPS part of the tree is open (on a branch).
Attachment #375404 - Flags: review?(rrelyea)
There shouldn't be any more issue with mozilla/dbm than with mozilla/security/util or mozilla/security/sqlite dbm itself never gets access to unencrypted keys. bob
Bob, Isn't the dbm code part of the legacy DB shared library, which we just moved inside the FIPS boundary?
No more than mozilla/security/sqlite is part of the boundary before.... oh wait. It's a static library... grumble... yes you are right. The library itself wouldn't have to be, but it's a static library, bound directly to the nssdbm3 shared library (yet another reason I was trying to ditch it). In short: the code itself wouldn't be, but because it is included in the .so itself that makes it part of the boundry. bob
Comment on attachment 375404 [details] [diff] [review] Patch v1 for NSS Trunk r+ I only saw one change to freebl/softoken/libdbm. Those are all separable. If you want them in nominate for FIPS. bob
Attachment #375404 - Flags: review?(rrelyea) → review+
I'm committing this is pieces. First: coreconf. Removing OpenVMS.mk; new revision: delete; previous revision: 1.9 Removing OpenVMSV7.1-2.mk; new revision: delete; previous revision: 1.2 Checking in Linux.mk; new revision: 1.37; previous revision: 1.36 Checking in WINCE.mk; new revision: 1.5; previous revision: 1.4 Checking in arch.mk; new revision: 1.23; previous revision: 1.22 Checking in config.mk; new revision: 1.28; previous revision: 1.27 Checking in rules.mk; new revision: 1.79; previous revision: 1.78
Next: cmd/zlib Checking in cmd/zlib/README; new revision: 1.6; previous revision: 1.5 Checking in cmd/zlib/example.c; new revision: 1.6; previous revision: 1.5 Checking in cmd/zlib/minigzip.c; new revision: 1.6; previous revision: 1.5 Checking in cmd/zlib/zconf.h; new revision: 1.7; previous revision: 1.6 Checking in cmd/zlib/zutil.h; new revision: 1.8; previous revision: 1.7
The rest of cmd Checking in certutil/keystuff.c; new revision: 1.21; previous revision: 1.20 Checking in lib/secpwd.c; new revision: 1.16; previous revision: 1.15 Checking in lib/secutil.c; new revision: 1.98; previous revision: 1.97 Checking in shlibsign/sign.sh; new revision: 1.18; previous revision: 1.17
nss/lib/ssl Checking in lib/ssl/sslmutex.c; new revision: 1.24; previous revision: 1.23 Checking in lib/ssl/sslmutex.h; new revision: 1.12; previous revision: 1.11 Checking in lib/ssl/sslsnce.c; new revision: 1.50; previous revision: 1.49 This leaves only two files from the original patch that are not yet committed, which are: - mozilla/dbm/src/hash.c - mozilla/security/nss/lib/freebl/unix_rand.c Bob, you've already given this patch r+. If you agree, I will commit the changes to the above two files during this window of opportunity.
Whiteboard: FIPS SUN_WANTS
Priority: -- → P2
Target Milestone: --- → 3.12.4
re comment 10 you can check those changes in. bob
dbm/src/hash.c; new revision: 3.26; previous revision: 3.25 security/nss/lib/freebl/unix_rand.c; new revision: 1.38; previous revision: 1.37
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.