Closed Bug 507482 Opened 16 years ago Closed 16 years ago

NSS 3.12.3 (and later) doesn't build on AIX 5.1

Categories

(NSS :: Libraries, defect, P1)

Product:
NSS
Component:
Libraries
Version:
3.12.3
Platform:
PowerPC
AIX
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
3.12.4

People

(Reporter: nelson, Assigned: christophe.ravel.bugs)

References

(
URL
)

Details

(Whiteboard: FIPS)

Attachments

(4 files)

fix for softoknt.h (checked in)
545 bytes, patch
nelson
: review+
glenbeasley
: superreview+
Details | Diff | Splinter Review
fix for certi.h (checked in)
673 bytes, patch
nelson
: review+
glenbeasley
: superreview+
Details | Diff | Splinter Review
fix for pkixt.h (checked in)
871 bytes, patch
nelson
: review+
Details | Diff | Splinter Review
fix for pk11table.h (checked in)
748 bytes, patch
nelson
: review+
Details | Diff | Splinter Review
Awwwwww FIPS! We need to build 3.12.3 and/or 3.12.4 on AIX, but in softoknt.h 90 NSS_AUDIT_UNWRAP_KEY, 91 NSS_AUDIT_WRAP_KEY, ^ AIX won't allow this 92 } NSSAuditType;
Priority: -- → P1
Whiteboard: FIPS
Target Milestone: --- → 3.12.4
Likewise, http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/nss/lib/certdb/certi.h&rev=1.30&mark=371#368 368 typedef enum { 369 certRevocationStatusRevoked = 0, 370 certRevocationStatusValid = 1, 371 certRevocationStatusUnknown = 2, ^ AIX says no 372 } CERTRevocationStatus;
Assignee: nobody → christophe.ravel.bugs
Attachment #391895 - Flags: superreview?(glen.beasley)
Attachment #391895 - Flags: review?(nelson)
Not sure if this patch is within the FIPS boundaries. Asking for superreview from Glen anyway.
Attachment #391896 - Flags: superreview?(glen.beasley)
Attachment #391896 - Flags: review?(nelson)
"../../../../../../dist/private/nss/pkixt.h", line 503.30: 1506-275 (S) Unexpected text ',' encountered. "../../../../../../dist/private/nss/pkixt.h", line 510.27: 1506-275 (S) Unexpected text ',' encountered.
Summary: softoken in NSS 3.12.3 (and later) doesn't build on AIX → NSS 3.12.3 (and later) doesn't build on AIX 5.1
Attachment #391898 - Flags: review?(nelson)
"/h/guybrush.red.iplanet.com/export/mccrel3/security/securitytip/builds/20090730.1/wozzeck_Solaris8/mozilla/security/nss/cmd/lib/pk11table.h", line 77.19: 1506-275 (S) Unexpected text ',' encountered. "/h/guybrush.red.iplanet.com/export/mccrel3/security/securitytip/builds/20090730.1/wozzeck_Solaris8/mozilla/security/nss/cmd/lib/pk11table.h", line 106.21: 1506-275 (S) Unexpected text ',' encountered.
Attachment #391900 - Flags: review?(nelson)
Attachment #391896 - Flags: superreview?(glen.beasley) → superreview+
That seems to be all we need to build on AIX 5.1. I applied these 4 changes to my build workspace and the build is complete.
Attachment #391895 - Flags: review?(nelson) → review+
Comment on attachment 391895 [details] [diff] [review] fix for softoknt.h (checked in) I'm giving this patch r+ because it is correct. But this code is clearly inside the FIPS boundary, so we need to decide if it can be committed now, or not. Glen? Bob?
Comment on attachment 391896 [details] [diff] [review] fix for certi.h (checked in) This patch can go in immediately. It is NOT inside the FIPS boundary.
Attachment #391896 - Flags: review?(nelson) → review+
Comment on attachment 391898 [details] [diff] [review] fix for pkixt.h (checked in) This patch can go in immediately since it is outside the FIPS boundary.
Attachment #391898 - Flags: review?(nelson) → review+
Comment on attachment 391900 [details] [diff] [review] fix for pk11table.h (checked in) I believe this fix can go in immediately, as it only affects a test program and not the libraries being FIPS validated.
Attachment #391900 - Flags: review?(nelson) → review+
Checking in lib/certdb/certi.h; /cvsroot/mozilla/security/nss/lib/certdb/certi.h,v <-- certi.h new revision: 1.31; previous revision: 1.30 done Checking in lib/libpkix/include/pkixt.h; /cvsroot/mozilla/security/nss/lib/libpkix/include/pkixt.h,v <-- pkixt.h new revision: 1.19; previous revision: 1.18 done Checking in cmd/lib/pk11table.h; /cvsroot/mozilla/security/nss/cmd/lib/pk11table.h,v <-- pk11table.h new revision: 1.8; previous revision: 1.7 done
Attachment #391896 - Attachment description: fix for certi.h → fix for certi.h (checked in)
Attachment #391898 - Attachment description: fix for pkixt.h → fix for pkixt.h (checked in)
Attachment #391900 - Attachment description: fix for pk11table.h → fix for pk11table.h (checked in)
Attachment #391895 - Attachment description: fix for softoknt.h → fix for softoknt.h (waiting for FIPS approval)
Attachment #391895 - Flags: superreview?(glen.beasley) → superreview+
Checking in softoknt.h; /cvsroot/mozilla/security/nss/lib/softoken/softoknt.h,v <-- softoknt.h new revision: 1.6; previous revision: 1.5 done
Comment on attachment 391895 [details] [diff] [review] fix for softoknt.h (checked in) Change approved for FIPS by the lab.
Attachment #391895 - Attachment description: fix for softoknt.h (waiting for FIPS approval) → fix for softoknt.h (checked in)
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: