77 lines
2.5 KiB
Diff
77 lines
2.5 KiB
Diff
From ec8bb05e15640b1857b94ded128bc33ca7ec7fe0 Mon Sep 17 00:00:00 2001
|
|
Message-Id: <ec8bb05e15640b1857b94ded128bc33ca7ec7fe0.1519917784.git.jan.steffens@gmail.com>
|
|
From: "Jan Alexander Steffens (heftig)" <jan.steffens@gmail.com>
|
|
Date: Thu, 1 Mar 2018 16:20:59 +0100
|
|
Subject: [PATCH] Build and install libnssckbi-p11-kit.so
|
|
|
|
Create an additional library which is a copy of p11-kit-trust.so but
|
|
uses the same label for root certs as libnssckbi.so:
|
|
"Builtin Object Token" instead of "Default Trust".
|
|
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=66161
|
|
---
|
|
trust/Makefile.am | 14 ++++++++++++++
|
|
trust/module.c | 12 +++++++++++-
|
|
2 files changed, 25 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/trust/Makefile.am b/trust/Makefile.am
|
|
index 6e52c4d..157a1d9 100644
|
|
--- a/trust/Makefile.am
|
|
+++ b/trust/Makefile.am
|
|
@@ -66,6 +66,20 @@ p11_kit_trust_la_LDFLAGS = \
|
|
|
|
p11_kit_trust_la_SOURCES = $(TRUST_SRCS)
|
|
|
|
+libnssckbi_compatdir = $(libdir)
|
|
+libnssckbi_compat_LTLIBRARIES = \
|
|
+ libnssckbi-p11-kit.la
|
|
+
|
|
+libnssckbi_p11_kit_la_CFLAGS = \
|
|
+ -DLIBNSSCKBI_COMPAT \
|
|
+ $(p11_kit_trust_la_CFLAGS)
|
|
+
|
|
+libnssckbi_p11_kit_la_LIBADD = $(p11_kit_trust_la_LIBADD)
|
|
+
|
|
+libnssckbi_p11_kit_la_LDFLAGS = $(p11_kit_trust_la_LDFLAGS)
|
|
+
|
|
+libnssckbi_p11_kit_la_SOURCES = $(p11_kit_trust_la_SOURCES)
|
|
+
|
|
libtrust_testable_la_LDFLAGS = \
|
|
-no-undefined
|
|
|
|
diff --git a/trust/module.c b/trust/module.c
|
|
index e8b7256..d578a90 100644
|
|
--- a/trust/module.c
|
|
+++ b/trust/module.c
|
|
@@ -201,7 +201,11 @@ create_tokens_inlock (p11_array *tokens,
|
|
int flags;
|
|
} labels[] = {
|
|
{ "~/", "User Trust", P11_TOKEN_FLAG_NONE },
|
|
+#ifdef LIBNSSCKBI_COMPAT
|
|
+ { P11_DEFAULT_TRUST_PREFIX, "Builtin Object Token", P11_TOKEN_FLAG_WRITE_PROTECTED },
|
|
+#else
|
|
{ P11_DEFAULT_TRUST_PREFIX, "Default Trust", P11_TOKEN_FLAG_WRITE_PROTECTED },
|
|
+#endif
|
|
{ P11_SYSTEM_TRUST_PREFIX, "System Trust", P11_TOKEN_FLAG_NONE },
|
|
{ NULL },
|
|
};
|
|
@@ -529,8 +533,14 @@ sys_C_GetSlotInfo (CK_SLOT_ID id,
|
|
info->flags = CKF_TOKEN_PRESENT;
|
|
strncpy ((char*)info->manufacturerID, MANUFACTURER_ID, 32);
|
|
|
|
+#ifdef LIBNSSCKBI_COMPAT
|
|
+ /* Change description to match libnssckbi so HPKP works in Chromium */
|
|
+ if (strcmp (p11_token_get_label (token), "Builtin Object Token") == 0)
|
|
+ path = "NSS Builtin Objects";
|
|
+ else
|
|
+#endif
|
|
+ path = p11_token_get_path (token);
|
|
/* If too long, copy the first 64 characters into buffer */
|
|
- path = p11_token_get_path (token);
|
|
length = strlen (path);
|
|
if (length > sizeof (info->slotDescription))
|
|
length = sizeof (info->slotDescription);
|
|
--
|
|
2.16.1
|
|
|