rpms / jss

Clone
Source Code
GIT

Blame jss-ocspSettings.patch

4.5 el4 el5 f10 f11 f12 f13 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f30 f31 f32 f33 f7 f8 f9 fc6 main private-jss-upstream-integration private-jss-upstream-integration-stepwise rawhide
  1.   f20
  2.   jss-ocspSettings.patch
Blob History Raw
Kevin Wright 6722db7 
diff -up jss-4.2.6/mozilla/security/jss/lib/jss.def.orig jss-4.2.6/mozilla/security/jss/lib/jss.def
Kevin Wright 6722db7 
--- jss-4.2.6/mozilla/security/jss/lib/jss.def.orig	2009-11-04 14:26:26.000000000 -0800
Kevin Wright 6722db7 
+++ jss-4.2.6/mozilla/security/jss/lib/jss.def	2009-11-04 14:11:05.000000000 -0800
Kevin Wright 6722db7 
@@ -329,6 +329,8 @@ Java_org_mozilla_jss_pkcs11_PK11Token_ne
Kevin Wright 6722db7 
 Java_org_mozilla_jss_pkcs11_PK11KeyPairGenerator_generateECKeyPairWithOpFlags;
Kevin Wright 6722db7 
 Java_org_mozilla_jss_pkcs11_PK11KeyPairGenerator_generateRSAKeyPairWithOpFlags;
Kevin Wright 6722db7 
 Java_org_mozilla_jss_pkcs11_PK11KeyPairGenerator_generateDSAKeyPairWithOpFlags;
Kevin Wright 6722db7 
+Java_org_mozilla_jss_CryptoManager_OCSPCacheSettingsNative;
Kevin Wright 6722db7 
+Java_org_mozilla_jss_CryptoManager_setOCSPTimeoutNative;
Kevin Wright 6722db7 
 ;+    local:
Kevin Wright 6722db7 
 ;+       *;
Kevin Wright 6722db7 
 ;+};
Kevin Wright 6722db7 
diff -up jss-4.2.6/mozilla/security/jss/org/mozilla/jss/CryptoManager.c.orig jss-4.2.6/mozilla/security/jss/org/mozilla/jss/CryptoManager.c
Kevin Wright 6722db7 
--- jss-4.2.6/mozilla/security/jss/org/mozilla/jss/CryptoManager.c.orig	2009-11-04 14:20:43.000000000 -0800
Kevin Wright 6722db7 
+++ jss-4.2.6/mozilla/security/jss/org/mozilla/jss/CryptoManager.c	2009-11-05 10:48:32.590000000 -0800
Kevin Wright 6722db7 
@@ -976,3 +976,45 @@ Java_org_mozilla_jss_CryptoManager_confi
Kevin Wright 6722db7 
     }
Kevin Wright 6722db7 
 }
Kevin Wright 6722db7
Kevin Wright 6722db7 
+
Kevin Wright 6722db7 
+/**********************************************************************
Kevin Wright 6722db7 
+* OCSPCacheSettingsNative
Kevin Wright 6722db7 
+*
Kevin Wright 6722db7 
+* Allows configuration of the OCSP responder cache during runtime.
Kevin Wright 6722db7 
+*/
Kevin Wright 6722db7 
+JNIEXPORT void JNICALL
Kevin Wright 6722db7 
+Java_org_mozilla_jss_CryptoManager_OCSPCacheSettingsNative(
Kevin Wright 6722db7 
+        JNIEnv *env, jobject this,
Kevin Wright 6722db7 
+        jint ocsp_cache_size,
Kevin Wright 6722db7 
+        jint ocsp_min_cache_entry_duration,
Kevin Wright 6722db7 
+        jint ocsp_max_cache_entry_duration)
Kevin Wright 6722db7 
+{
Kevin Wright 6722db7 
+    SECStatus rv = SECFailure;
Kevin Wright 6722db7 
+
Kevin Wright 6722db7 
+    rv = CERT_OCSPCacheSettings(
Kevin Wright 6722db7 
+        ocsp_cache_size, ocsp_min_cache_entry_duration,
Kevin Wright 6722db7 
+        ocsp_max_cache_entry_duration);
Kevin Wright 6722db7 
+
Kevin Wright 6722db7 
+    if (rv != SECSuccess) {
Kevin Wright 6722db7 
+        JSS_throwMsgPrErr(env,
Kevin Wright 6722db7 
+                     GENERAL_SECURITY_EXCEPTION,
Kevin Wright 6722db7 
+                     "Failed to set OCSP cache: error "+ PORT_GetError());
Kevin Wright 6722db7 
+    }
Kevin Wright 6722db7 
+}
Kevin Wright 6722db7 
+
Kevin Wright 6722db7 
+JNIEXPORT void JNICALL
Kevin Wright 6722db7 
+Java_org_mozilla_jss_CryptoManager_setOCSPTimeoutNative(
Kevin Wright 6722db7 
+        JNIEnv *env, jobject this,
Kevin Wright 6722db7 
+        jint ocsp_timeout )
Kevin Wright 6722db7 
+{
Kevin Wright 6722db7 
+    SECStatus rv = SECFailure;
Kevin Wright 6722db7 
+
Kevin Wright 6722db7 
+    rv = CERT_SetOCSPTimeout(ocsp_timeout);
Kevin Wright 6722db7 
+
Kevin Wright 6722db7 
+    if (rv != SECSuccess) {
Kevin Wright 6722db7 
+        JSS_throwMsgPrErr(env,
Kevin Wright 6722db7 
+                     GENERAL_SECURITY_EXCEPTION,
Kevin Wright 6722db7 
+                     "Failed to set OCSP timeout: error "+ PORT_GetError());
Kevin Wright 6722db7 
+    }
Kevin Wright 6722db7 
+}
Kevin Wright 6722db7 
+
Kevin Wright 6722db7 
diff -up jss-4.2.6/mozilla/security/jss/org/mozilla/jss/CryptoManager.java.orig jss-4.2.6/mozilla/security/jss/org/mozilla/jss/CryptoManager.java
Kevin Wright 6722db7 
--- jss-4.2.6/mozilla/security/jss/org/mozilla/jss/CryptoManager.java.orig	2009-11-04 14:20:33.000000000 -0800
Kevin Wright 6722db7 
+++ jss-4.2.6/mozilla/security/jss/org/mozilla/jss/CryptoManager.java	2009-11-05 10:48:59.415001000 -0800
Kevin Wright 6722db7 
@@ -1479,4 +1479,41 @@ public final class CryptoManager impleme
Kevin Wright 6722db7 
                     String ocspResponderCertNickname )
Kevin Wright 6722db7 
                     throws GeneralSecurityException;
Kevin Wright 6722db7
Kevin Wright 6722db7 
+    /**
Kevin Wright 6722db7 
+     * change OCSP cache settings
Kevin Wright 6722db7 
+     *      * @param ocsp_cache_size max cache entries
Kevin Wright 6722db7 
+     *      * @param ocsp_min_cache_entry_duration minimum seconds to next fetch attempt
Kevin Wright 6722db7 
+     *      * @param ocsp_max_cache_entry_duration maximum seconds to next fetch attempt
Kevin Wright 6722db7 
+     */
Kevin Wright 6722db7 
+    public void OCSPCacheSettings(
Kevin Wright 6722db7 
+        int ocsp_cache_size,
Kevin Wright 6722db7 
+        int ocsp_min_cache_entry_duration,
Kevin Wright 6722db7 
+        int ocsp_max_cache_entry_duration)
Kevin Wright 6722db7 
+    throws GeneralSecurityException
Kevin Wright 6722db7 
+    {
Kevin Wright 6722db7 
+        OCSPCacheSettingsNative(ocsp_cache_size,
Kevin Wright 6722db7 
+                                   ocsp_min_cache_entry_duration,
Kevin Wright 6722db7 
+                                   ocsp_max_cache_entry_duration);
Kevin Wright 6722db7 
+    }
Kevin Wright 6722db7 
+
Kevin Wright 6722db7 
+    private native void OCSPCacheSettingsNative(
Kevin Wright 6722db7 
+        int ocsp_cache_size,
Kevin Wright 6722db7 
+        int ocsp_min_cache_entry_duration,
Kevin Wright 6722db7 
+        int ocsp_max_cache_entry_duration)
Kevin Wright 6722db7 
+                    throws GeneralSecurityException;
Kevin Wright 6722db7 
+
Kevin Wright 6722db7 
+    /**
Kevin Wright 6722db7 
+     * set OCSP timeout value
Kevin Wright 6722db7 
+     *      * @param ocspTimeout OCSP timeout in seconds
Kevin Wright 6722db7 
+     */
Kevin Wright 6722db7 
+    public void setOCSPTimeout(
Kevin Wright 6722db7 
+        int ocsp_timeout )
Kevin Wright 6722db7 
+    throws GeneralSecurityException
Kevin Wright 6722db7 
+    {
Kevin Wright 6722db7 
+        setOCSPTimeoutNative( ocsp_timeout);
Kevin Wright 6722db7 
+    }
Kevin Wright 6722db7 
+
Kevin Wright 6722db7 
+    private native void setOCSPTimeoutNative(
Kevin Wright 6722db7 
+        int ocsp_timeout )
Kevin Wright 6722db7 
+                    throws GeneralSecurityException;
Kevin Wright 6722db7 
 }
Powered by Pagure 5.14.1
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.