Mercurial > hg > release > icedtea7-2.1
changeset 2226:20309a51d2dd
Be verbose whether the NSS-based security provider is enabled or disabled by default.
2010-04-10 Matthias Klose <doko@ubuntu.com>
* Makefile.am (ICEDTEA_PATCHES): Always apply
icedtea-nss-6763530.patch. Apply icedtea-nss-not-enabled-config.patch
if the NSS-based security provider is disabled by default.
* Makefile.am: Be verbose wether the NSS-based security provider
is enabled or disabled by default.
* patches/icedtea-nss-not-enabled-config.patch: New.
author | Matthias Klose <doko@ubuntu.com> |
---|---|
date | Fri, 04 Jun 2010 21:09:06 +0100 |
parents | 3977ba007dc7 |
children | ad0c8b4a1952 |
files | ChangeLog Makefile.am configure.ac patches/icedtea-nss-not-enabled-config.patch |
diffstat | 4 files changed, 33 insertions(+), 4 deletions(-) [+] |
line wrap: on
line diff
--- a/ChangeLog Fri Apr 09 01:26:42 2010 +0100 +++ b/ChangeLog Fri Jun 04 21:09:06 2010 +0100 @@ -1,3 +1,12 @@ +2010-04-10 Matthias Klose <doko@ubuntu.com> + + * Makefile.am (ICEDTEA_PATCHES): Always apply + icedtea-nss-6763530.patch. Apply icedtea-nss-not-enabled-config.patch + if the NSS-based security provider is disabled by default. + * Makefile.am: Be verbose wether the NSS-based security provider + is enabled or disabled by default. + * patches/icedtea-nss-not-enabled-config.patch: New. + 2010-04-08 Andrew John Hughes <ahughes@redhat.com> * configure.ac: Move NSS detection to macros
--- a/Makefile.am Fri Apr 09 01:26:42 2010 +0100 +++ b/Makefile.am Fri Jun 04 21:09:06 2010 +0100 @@ -380,6 +380,8 @@ if ENABLE_NSS ICEDTEA_PATCHES += patches/icedtea-nss-config.patch +else +ICEDTEA_PATCHES += patches/icedtea-nss-not-enabled-config.patch endif ICEDTEA_PATCHES += $(DISTRIBUTION_PATCHES)
--- a/configure.ac Fri Apr 09 01:26:42 2010 +0100 +++ b/configure.ac Fri Jun 04 21:09:06 2010 +0100 @@ -125,13 +125,20 @@ AM_CONDITIONAL([ENABLE_SYSTEMTAP], [test x$ENABLE_SYSTEMTAP = xyes]) AC_MSG_RESULT(${ENABLE_SYSTEMTAP}) -AC_MSG_CHECKING([whether to include elliptic curve cryptography support via NSS]) +IT_LOCATE_NSS + +AC_MSG_CHECKING([whether to include the NSS-based security provider]) AC_ARG_ENABLE([nss], [AS_HELP_STRING([--enable-nss], [Enable inclusion of NSS security provider])], [ENABLE_NSS="${enableval}"], [ENABLE_NSS='no']) AM_CONDITIONAL([ENABLE_NSS], [test x$ENABLE_NSS = xyes]) -AC_MSG_RESULT(${ENABLE_NSS}) +if test "x${ENABLE_NSS}" = "xyes" +then + AC_MSG_RESULT([yes]) +else + AC_MSG_RESULT([yes, disabled by default (edit java.security to enable)]) +fi IT_GET_PKGVERSION IT_GET_LSB_DATA @@ -415,8 +422,6 @@ AC_SUBST(LIBPULSE_LIBS) fi -IT_LOCATE_NSS - if test "x${ZERO_BUILD_TRUE}" = x || test "x${ADD_ZERO_BUILD_TRUE}" = x; then dnl Check for libffi headers and libraries. PKG_CHECK_MODULES(LIBFFI, libffi,[LIBFFI_FOUND=yes],[LIBFFI_FOUND=no])
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/icedtea-nss-not-enabled-config.patch Fri Jun 04 21:09:06 2010 +0100 @@ -0,0 +1,13 @@ +--- openjdk.orig/jdk/src/share/lib/security/java.security 2009-08-25 11:43:59.000000000 +0100 ++++ openjdk/jdk/src/share/lib/security/java.security 2009-08-27 14:23:54.000000000 +0100 +@@ -51,6 +51,10 @@ + security.provider.6=com.sun.security.sasl.Provider + security.provider.7=org.jcp.xml.dsig.internal.dom.XMLDSigRI + security.provider.8=sun.security.smartcardio.SunPCSC ++# the NSS security provider was not enabled for this build; it can be enabled ++# if NSS (libnss3) is available on the machine. The nss.cfg file may need ++# editing to reflect the location of the NSS installation. ++#security.provider.9=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/nss.cfg + + # + # Select the source of seed data for SecureRandom. By default an