updating security/nss
Mikhail Teterin
mi+mx at aldan.algebra.com
Thu Jul 28 22:42:52 GMT 2005
> http://www.marcuscom.com/downloads/nss.diff
Ok. Here it is. I build both -- your version and mine and ran the vendor's
tests (was a little trickier with yours, of course). The results (output.log,
dbtest.log, cert.log) are exactly the same. Except in your version there is
an unfixed complaint about using gets() in certutil.
Here is where my version is better :-)
1.1) Your version seems to go through considerable pains to get and build
nss-dbm-3.10.tar.gz -- mine just uses -lc's implementation (accomplished by
the port's Makefile excluding dbm and by the new patch-sysdb patch). We do
not need to build the Netscape's dbm part. Not for NSS, nor for the
browsers...
1.2) Instead of zlib, my version uses -lz and does not install the bin/example
and the bin/minigzip (accomplished by the port's Makefile excluding
security/nss/cmd/zlib and by the new hunks in patch-cmd::platlibs.mk).
1.3) And, of course, my version makes running tests as easy as "make
test" (test-target in the port's Makefile and patch-tests).
1.4) Perhaps, least importantly, I fix some warnings (including the gets()).
Common shortcomings:
2.1) There is no need for patch-Makefile any more. Build seems to quietly skip
the non-existing directories. But your version accidentally removed the
$FreeBSD$ version from this patch, instead simply deleting it altogether.
2.2) In both of our versions there is a problem on amd64 :-( The crlutil
appears to have a memory corruption -- look at output.log around the
"Generating CRL for range 40-42 TestCA authority" on amd64. I intend to debug
this with Purify on Linux/i386 and-or Solaris/sparc64 and report to
maintainers.
Now, not to be impolite, but merely blunt: after this examination, I do not
see a single reason, why your version is better than mine. It is the same in
some respects and worse in others. Honestly, you should just take mine --
unless you do find faults in it. But you'll need to conduct an examination of
your own for that :-)
Thank you. Yours,
-mi
More information about the freebsd-gnome
mailing list