Bug 487712, Pick up NSS_HEAD_20090409 to fix WINCE

Got r=nelson and r=rrelyea in today's NSS conference call.
CLOSED TREE

security/coreconf/coreconf.dep

@@ -43,4 +43,3 @@
 
 #error "Do not include this header file."
 
-

security/nss/cmd/modutil/pk11jar.html

@@ -193,7 +193,6 @@ NSPR changes, you will have to add some special code to deal with this case.
 <li>SONY (mips)
 <li>SUNOS (sparc)
 <li>UnixWare (x86)
-<li>WIN16 (x86)
 <li>WIN95 (x86)
 <li>WINNT (x86)
 </ul>

security/nss/cmd/pk12util/pk12util.c

@@ -112,7 +112,8 @@ p12u_DestroyContext(p12uContext **ppCtx, PRBool removeFile)
 	if(removeFile) {
 	    PR_Delete((*ppCtx)->filename);
 	}
-	PR_Free((*ppCtx)->filename);
+	PL_strfree((*ppCtx)->filename);
+	(*ppCtx)->filename = NULL;
     }
 
     PR_Free(*ppCtx);
@@ -134,7 +135,7 @@ p12u_InitContext(PRBool fileImport, char *filename)
 
     p12cxt->error = PR_FALSE;
     p12cxt->errorValue = 0;
-    p12cxt->filename = strdup(filename);
+    p12cxt->filename = PL_strdup(filename);
 
     if(!p12u_OpenFile(p12cxt, fileImport)) {
 	p12u_DestroyContext(&p12cxt, PR_FALSE);
@@ -583,7 +584,7 @@ p12u_WriteToExportFile(void *arg, const char *buf, unsigned long len)
 
     if(writeLen != (int)len) {
 	PR_Close(p12cxt->file);
-	PR_Free(p12cxt->filename);
+	PL_strfree(p12cxt->filename);
 	p12cxt->filename = NULL;
 	p12cxt->file = NULL;
 	p12cxt->errorValue = SEC_ERROR_PKCS12_UNABLE_TO_WRITE;
@@ -669,8 +670,9 @@ P12U_ExportPKCS12Object(char *nn, char *outfile, PK11SlotInfo *inSlot,
         goto loser;
     }
 
-    for (node = CERT_LIST_HEAD(certlist);!CERT_LIST_END(node,certlist);node=CERT_LIST_NEXT(node))
-    {
+    for (node = CERT_LIST_HEAD(certlist);
+         !CERT_LIST_END(node,certlist);
+	 node=CERT_LIST_NEXT(node)) {
         CERTCertificate* cert = node->cert;
         if (!cert->slot) {
             SECU_PrintError(progName,"cert does not have a slot");
@@ -744,8 +746,7 @@ P12U_ListPKCS12File(char *in_file, PK11SlotInfo *slot,
     SECStatus rv = SECFailure;
     const SEC_PKCS12DecoderItem *dip;
 
-    p12dcx = p12U_ReadPKCS12File(&uniPwitem, in_file, slot, slotPw,
-                             p12FilePw);
+    p12dcx = p12U_ReadPKCS12File(&uniPwitem, in_file, slot, slotPw, p12FilePw);
     /* did the blob authenticate properly? */
     if(p12dcx == NULL) {
 	SECU_PrintError(progName,"PKCS12 decode not verified");
@@ -1010,22 +1011,22 @@ main(int argc, char **argv)
 
     if (pk12util.options[opt_P12FilePWFile].activated) {
 	p12FilePw.source = PW_FROMFILE;
-	p12FilePw.data = PL_strdup(pk12util.options[opt_P12FilePWFile].arg);
+	p12FilePw.data = PORT_Strdup(pk12util.options[opt_P12FilePWFile].arg);
     }
 
     if (pk12util.options[opt_P12FilePW].activated) {
 	p12FilePw.source = PW_PLAINTEXT;
-	p12FilePw.data = PL_strdup(pk12util.options[opt_P12FilePW].arg);
+	p12FilePw.data = PORT_Strdup(pk12util.options[opt_P12FilePW].arg);
     }
 
     if (pk12util.options[opt_SlotPWFile].activated) {
 	slotPw.source = PW_FROMFILE;
-	slotPw.data = PL_strdup(pk12util.options[opt_SlotPWFile].arg);
+	slotPw.data = PORT_Strdup(pk12util.options[opt_SlotPWFile].arg);
     }
 
     if (pk12util.options[opt_SlotPW].activated) {
 	slotPw.source = PW_PLAINTEXT;
-	slotPw.data = PL_strdup(pk12util.options[opt_SlotPW].arg);
+	slotPw.data = PORT_Strdup(pk12util.options[opt_SlotPW].arg);
     }
 
     if (pk12util.options[opt_CertDir].activated) {
@@ -1094,8 +1095,7 @@ main(int argc, char **argv)
 	   
 
     if (pk12util.options[opt_Import].activated) {
-	P12U_ImportPKCS12Object(import_file, slot,  &slotPw,
-					   &p12FilePw);
+	P12U_ImportPKCS12Object(import_file, slot,  &slotPw, &p12FilePw);
 
     } else if (pk12util.options[opt_Export].activated) {
 	P12U_ExportPKCS12Object(pk12util.options[opt_Nickname].arg,
@@ -1115,7 +1115,8 @@ done:
 	PORT_ZFree(slotPw.data, PL_strlen(slotPw.data));
     if (p12FilePw.data != NULL)
 	PORT_ZFree(p12FilePw.data, PL_strlen(p12FilePw.data));
-    if (slot) PK11_FreeSlot(slot);
+    if (slot) 
+    	PK11_FreeSlot(slot);
     if (NSS_Shutdown() != SECSuccess) {
 	pk12uErrno = 1;
     }

security/nss/lib/base/nssbaset.h

@@ -38,7 +38,7 @@
 #define NSSBASET_H
 
 #ifdef DEBUG
-static const char NSSBASET_CVS_ID[] = "@(#) $RCSfile: nssbaset.h,v $ $Revision: 1.7 $ $Date: 2008/10/05 20:59:16 $";
+static const char NSSBASET_CVS_ID[] = "@(#) $RCSfile: nssbaset.h,v $ $Revision: 1.8 $ $Date: 2009/04/07 23:52:05 $";
 #endif /* DEBUG */
 
 /*
@@ -56,8 +56,7 @@ static const char NSSBASET_CVS_ID[] = "@(#) $RCSfile: nssbaset.h,v $ $Revision:
  * NSS has its own versions of these NSPR macros, in a form which
  * does not confuse ctags and other related utilities.  NSPR 
  * defines these macros to take the type as an argument, because
- * of a requirement to support win16 dlls.  We do not have that
- * requirement, so we can drop that restriction.
+ * of certain OS requirements on platforms not supported by NSS.
  */
 
 #define DUMMY	/* dummy */

security/nss/lib/ckfw/capi/staticobj.c

@@ -37,7 +37,7 @@
  * ***** END LICENSE BLOCK ***** */
 
 #ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile: staticobj.c,v $ $Revision: 1.2 $ $Date: 2008/10/05 20:59:19 $""; @(#) $RCSfile: staticobj.c,v $ $Revision: 1.2 $ $Date: 2008/10/05 20:59:19 $";
+static const char CVS_ID[] = "@(#) $RCSfile: staticobj.c,v $ $Revision: 1.3 $ $Date: 2009/04/09 02:28:50 $""; @(#) $RCSfile: staticobj.c,v $ $Revision: 1.3 $ $Date: 2009/04/09 02:28:50 $";
 #endif /* DEBUG */
 
 #ifndef CKCAPI_H
@@ -68,7 +68,10 @@ static const NSSItem nss_ckcapi_items_1 [] = {
 };
 
 ckcapiInternalObject nss_ckcapi_data[] = {
-  { ckcapiRaw, { 5, nss_ckcapi_types_1, nss_ckcapi_items_1} , {NULL} },
+  { ckcapiRaw,
+    { 5, nss_ckcapi_types_1, nss_ckcapi_items_1} ,
+  },
+
 };
 
 const PRUint32 nss_ckcapi_nObjects = 1;

security/nss/lib/freebl/Makefile

@@ -90,7 +90,7 @@ ifeq ($(OS_TARGET),OSF1)
     MPI_SRCS += mpvalpha.c
 endif
 
-ifeq (,$(filter-out WINNT WIN95,$(OS_TARGET)))  #omits WIN16 and WINCE
+ifeq (,$(filter-out WINNT WIN95,$(OS_TARGET)))  #omits WINCE
 ifndef USE_64
 # 32-bit Windows
 ifdef NS_USE_GCC

security/nss/lib/softoken/legacydb/pcertdb.c

@@ -37,7 +37,7 @@
 /*
  * Permanent Certificate database handling code 
  *
- * $Id: pcertdb.c,v 1.7 2009/02/03 05:34:44 julien.pierre.boogz%sun.com Exp $
+ * $Id: pcertdb.c,v 1.9 2009/04/09 02:00:33 nelson%bolyard.com Exp $
  */
 #include "lowkeyti.h"
 #include "pcert.h"
@@ -761,14 +761,17 @@ DecodeDBCertEntry(certDBEntryCert *entry, SECItem *dbentry)
     entry->derCert.len = ( ( dbentry->data[lenoff] << 8 ) |
 			  dbentry->data[lenoff+1] );
     nnlen = ( ( dbentry->data[lenoff+2] << 8 ) | dbentry->data[lenoff+3] );
-    if ( ( entry->derCert.len + nnlen + headerlen )
-	!= dbentry->len) {
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
-	goto loser;
+    lenoff = dbentry->len - ( entry->derCert.len + nnlen + headerlen );
+    if ( lenoff ) {
+	if ( lenoff < 0 || (lenoff & 0xffff) != 0 ) {
+	    PORT_SetError(SEC_ERROR_BAD_DATABASE);
+	    goto loser;
+	}
+	/* The cert size exceeded 64KB.  Reconstruct the correct length. */
+	entry->derCert.len += lenoff;
     }
     
     /* copy the dercert */
-
     entry->derCert.data = pkcs11_copyStaticData(&dbentry->data[headerlen],
 	entry->derCert.len,entry->derCertSpace,sizeof(entry->derCertSpace));
     if ( entry->derCert.data == NULL ) {
@@ -1175,8 +1178,9 @@ loser:
 static SECStatus
 DecodeDBCrlEntry(certDBEntryRevocation *entry, SECItem *dbentry)
 {
-    unsigned int nnlen;
-    
+    unsigned int urlLen;
+    int lenDiff;
+
     /* is record long enough for header? */
     if ( dbentry->len < DB_CRL_ENTRY_HEADER_LEN ) {
 	PORT_SetError(SEC_ERROR_BAD_DATABASE);
@@ -1185,20 +1189,19 @@ DecodeDBCrlEntry(certDBEntryRevocation *entry, SECItem *dbentry)
     
     /* is database entry correct length? */
     entry->derCrl.len = ( ( dbentry->data[0] << 8 ) | dbentry->data[1] );
-    nnlen = ( ( dbentry->data[2] << 8 ) | dbentry->data[3] );
-    if ( ( entry->derCrl.len + nnlen + DB_CRL_ENTRY_HEADER_LEN )
-	!= dbentry->len) {
-      /* CRL entry is greater than 64 K. Hack to make this continue to work */
-      if (dbentry->len >= (0xffff - DB_CRL_ENTRY_HEADER_LEN) - nnlen) {
-          entry->derCrl.len = 
-                      (dbentry->len - DB_CRL_ENTRY_HEADER_LEN) - nnlen;
-      } else {
-          PORT_SetError(SEC_ERROR_BAD_DATABASE);
-          goto loser;
-      }    
+    urlLen =            ( ( dbentry->data[2] << 8 ) | dbentry->data[3] );
+    lenDiff = dbentry->len - 
+			(entry->derCrl.len + urlLen + DB_CRL_ENTRY_HEADER_LEN);
+    if (lenDiff) {
+    	if (lenDiff < 0 || (lenDiff & 0xffff) != 0) {
+	    PORT_SetError(SEC_ERROR_BAD_DATABASE);
+	    goto loser;
+	}    
+	/* CRL entry is greater than 64 K. Hack to make this continue to work */
+	entry->derCrl.len += lenDiff;
     }
     
-    /* copy the dercert */
+    /* copy the der CRL */
     entry->derCrl.data = (unsigned char *)PORT_ArenaAlloc(entry->common.arena,
 							 entry->derCrl.len);
     if ( entry->derCrl.data == NULL ) {
@@ -1210,15 +1213,15 @@ DecodeDBCrlEntry(certDBEntryRevocation *entry, SECItem *dbentry)
 
     /* copy the url */
     entry->url = NULL;
-    if (nnlen != 0) {
-	entry->url = (char *)PORT_ArenaAlloc(entry->common.arena, nnlen);
+    if (urlLen != 0) {
+	entry->url = (char *)PORT_ArenaAlloc(entry->common.arena, urlLen);
 	if ( entry->url == NULL ) {
 	    PORT_SetError(SEC_ERROR_NO_MEMORY);
 	    goto loser;
 	}
 	PORT_Memcpy(entry->url,
 	      &dbentry->data[DB_CRL_ENTRY_HEADER_LEN + entry->derCrl.len],
-	      nnlen);
+	      urlLen);
     }
     
     return(SECSuccess);
@@ -1500,6 +1503,8 @@ static SECStatus
 DecodeDBNicknameEntry(certDBEntryNickname *entry, SECItem *dbentry,
                       char *nickname)
 {
+    int lenDiff;
+
     /* is record long enough for header? */
     if ( dbentry->len < DB_NICKNAME_ENTRY_HEADER_LEN ) {
 	PORT_SetError(SEC_ERROR_BAD_DATABASE);
@@ -1508,12 +1513,17 @@ DecodeDBNicknameEntry(certDBEntryNickname *entry, SECItem *dbentry,
     
     /* is database entry correct length? */
     entry->subjectName.len = ( ( dbentry->data[0] << 8 ) | dbentry->data[1] );
-    if (( entry->subjectName.len + DB_NICKNAME_ENTRY_HEADER_LEN ) !=
-	dbentry->len ){
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
-	goto loser;
+    lenDiff = dbentry->len - 
+	      (entry->subjectName.len + DB_NICKNAME_ENTRY_HEADER_LEN);
+    if (lenDiff) {
+	if (lenDiff < 0 || (lenDiff & 0xffff) != 0 ) { 
+	    PORT_SetError(SEC_ERROR_BAD_DATABASE);
+	    goto loser;
+	}
+	/* The entry size exceeded 64KB.  Reconstruct the correct length. */
+	entry->subjectName.len += lenDiff;
     }
-    
+
     /* copy the certkey */
     entry->subjectName.data =
 	(unsigned char *)PORT_ArenaAlloc(entry->common.arena,
@@ -1828,6 +1838,8 @@ loser:
 static SECStatus
 DecodeDBSMimeEntry(certDBEntrySMime *entry, SECItem *dbentry, char *emailAddr)
 {
+    int lenDiff;
+
     /* is record long enough for header? */
     if ( dbentry->len < DB_SMIME_ENTRY_HEADER_LEN ) {
 	PORT_SetError(SEC_ERROR_BAD_DATABASE);
@@ -1835,15 +1847,22 @@ DecodeDBSMimeEntry(certDBEntrySMime *entry, SECItem *dbentry, char *emailAddr)
     }
     
     /* is database entry correct length? */
-    entry->subjectName.len = ( ( dbentry->data[0] << 8 ) | dbentry->data[1] );
-    entry->smimeOptions.len = ( ( dbentry->data[2] << 8 ) | dbentry->data[3] );
-    entry->optionsDate.len = ( ( dbentry->data[4] << 8 ) | dbentry->data[5] );
-    if (( entry->subjectName.len + entry->smimeOptions.len +
-	 entry->optionsDate.len + DB_SMIME_ENTRY_HEADER_LEN ) != dbentry->len){
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
-	goto loser;
+    entry->subjectName.len  = (( dbentry->data[0] << 8 ) | dbentry->data[1] );
+    entry->smimeOptions.len = (( dbentry->data[2] << 8 ) | dbentry->data[3] );
+    entry->optionsDate.len  = (( dbentry->data[4] << 8 ) | dbentry->data[5] );
+    lenDiff = dbentry->len - (entry->subjectName.len + 
+                              entry->smimeOptions.len + 
+			      entry->optionsDate.len + 
+			      DB_SMIME_ENTRY_HEADER_LEN);
+    if (lenDiff) {
+	if (lenDiff < 0 || (lenDiff & 0xffff) != 0 ) { 
+	    PORT_SetError(SEC_ERROR_BAD_DATABASE);
+	    goto loser;
+	}
+	/* The entry size exceeded 64KB.  Reconstruct the correct length. */
+	entry->subjectName.len += lenDiff;
     }
-    
+
     /* copy the subject name */
     entry->subjectName.data =
 	(unsigned char *)PORT_ArenaAlloc(entry->common.arena,
@@ -4223,7 +4242,7 @@ nsslowcert_TraverseDBEntries(NSSLOWCERTCertDBHandle *handle,
 {
     DBT data;
     DBT key;
-    SECStatus rv;
+    SECStatus rv = SECSuccess;
     int ret;
     SECItem dataitem;
     SECItem keyitem;
@@ -4231,11 +4250,12 @@ nsslowcert_TraverseDBEntries(NSSLOWCERTCertDBHandle *handle,
     unsigned char *keybuf;
     
     ret = certdb_Seq(handle->permCertDB, &key, &data, R_FIRST);
-
     if ( ret ) {
 	return(SECFailure);
     }
-    
+    /* here, ret is zero and rv is SECSuccess.  
+     * Below here, ret is a count of successful calls to the callback function.
+     */
     do {
 	buf = (unsigned char *)data.data;
 	
@@ -4250,13 +4270,15 @@ nsslowcert_TraverseDBEntries(NSSLOWCERTCertDBHandle *handle,
 	    /* type should equal keybuf[0].  */
 
 	    rv = (* callback)(&dataitem, &keyitem, type, udata);
-	    if ( rv != SECSuccess ) {
-		return(rv);
+	    if ( rv == SECSuccess ) {
+		++ret;
 	    }
 	}
     } while ( certdb_Seq(handle->permCertDB, &key, &data, R_NEXT) == 0 );
-
-    return(SECSuccess);
+    /* If any callbacks succeeded, or no calls to callbacks were made, 
+     * then report success.  Otherwise, report failure.
+     */
+    return (ret ? SECSuccess : rv);
 }
 /*
  * Decode a certificate and enter it into the temporary certificate database.

security/nss/lib/softoken/sdb.c

@@ -1718,7 +1718,9 @@ sdb_init(char *dbname, char *table, sdbDataType type, int *inUpdate,
      * a database */
     if (create) {
 	/* NO NSPR call for this? :( */
+#ifndef WINCE
 	chmod (dbname, 0600);
+#endif
     }
 
     if (flags != SDB_RDONLY) {

security/nss/lib/softoken/sftkmod.c

@@ -197,6 +197,7 @@ char *sftk_getOldSecmodName(const char *dbname,const char *filename)
 #endif
 #include <fcntl.h>
 
+#ifndef WINCE
 /* same as fopen, except it doesn't use umask, but explicit */
 FILE *
 lfopen(const char *name, const char *mode, int flags)
@@ -215,6 +216,7 @@ lfopen(const char *name, const char *mode, int flags)
     /* file inherits fd */
     return file;
 }
+#endif
 
 #define MAX_LINE_LENGTH 2048
 #define SFTK_DEFAULT_INTERNAL_INIT1 "library= name=\"NSS Internal PKCS #11 Module\" parameters="
@@ -559,7 +561,11 @@ sftkdb_DeleteSecmodDB(SDBType dbType, const char *appName,
     /* do we really want to use streams here */
     fd = fopen(dbname, "r");
     if (fd == NULL) goto loser;
+#ifdef WINCE
+    fd2 = fopen(dbname2, "w+");
+#else
     fd2 = lfopen(dbname2, "w+", O_CREAT|O_RDWR|O_TRUNC);
+#endif
     if (fd2 == NULL) goto loser;
 
     name = sftk_argGetParamValue("name",args);
@@ -668,7 +674,11 @@ sftkdb_AddSecmodDB(SDBType dbType, const char *appName,
     /* remove the previous version if it exists */
     (void) sftkdb_DeleteSecmodDB(dbType, appName, filename, dbname, module, rw);
 
+#ifdef WINCE
+    fd = fopen(dbname, "a+");
+#else
     fd = lfopen(dbname, "a+", O_CREAT|O_RDWR|O_APPEND);
+#endif
     if (fd == NULL) {
 	return SECFailure;
     }

security/nss/lib/ssl/sslsock.c

@@ -40,7 +40,7 @@
  * the terms of any one of the MPL, the GPL or the LGPL.
  *
  * ***** END LICENSE BLOCK ***** */
-/* $Id: sslsock.c,v 1.56 2008/12/17 06:09:19 nelson%bolyard.com Exp $ */
+/* $Id: sslsock.c,v 1.57 2009/04/09 01:46:22 nelson%bolyard.com Exp $ */
 #include "seccomon.h"
 #include "cert.h"
 #include "keyhi.h"
@@ -1558,8 +1558,13 @@ SSL_SetSockPeerID(PRFileDesc *fd, char *peerID)
 	return SECFailure;
     }
 
-    ss->peerID = PORT_Strdup(peerID);
-    return SECSuccess;
+    if (ss->peerID) {
+    	PORT_Free(ss->peerID);
+	ss->peerID = NULL;
+    }
+    if (peerID)
+	ss->peerID = PORT_Strdup(peerID);
+    return (ss->peerID || !peerID) ? SECSuccess : SECFailure;
 }
 
 #define PR_POLL_RW (PR_POLL_WRITE | PR_POLL_READ)

security/nss/lib/util/nssutil.h

@@ -40,7 +40,9 @@
 #ifndef __nssutil_h_
 #define __nssutil_h_
 
+#ifndef RC_INVOKED
 #include "seccomon.h"
+#endif
 
 /*
  * NSS utilities's major version, minor version, patch level, and whether

security/nss/lib/util/pkcs11.h

@@ -74,12 +74,6 @@ extern "C" {
  *
  * #pragma pack(pop, cryptoki)
  *
- * In a Win16 environment, this might be done by using the
- * following preprocessor directive before including pkcs11.h
- * or pkcs11t.h:
- *
- * #pragma pack(1)
- *
  * In a UNIX environment, you're on your own here.  You might
  * not need to do anything.
  *
@@ -96,10 +90,6 @@ extern "C" {
  *
  * #define CK_PTR *
  *
- * In a Win16 environment, it might be defined by
- *
- * #define CK_PTR far *
- *
  * In a UNIX environment, it might be defined by
  *
  * #define CK_PTR *
@@ -124,12 +114,6 @@ extern "C" {
  * #define CK_DEFINE_FUNCTION(returnType, name) \
  *   returnType __declspec(dllexport) name
  *
- * For defining a function in a Win16 PKCS #11 .dll, it might be
- * defined by
- *
- * #define CK_DEFINE_FUNCTION(returnType, name) \
- *   returnType __export _far _pascal name
- *
  * In a UNIX environment, it might be defined by
  *
  * #define CK_DEFINE_FUNCTION(returnType, name) \
@@ -151,12 +135,6 @@ extern "C" {
  * #define CK_DECLARE_FUNCTION(returnType, name) \
  *   returnType __declspec(dllimport) name
  *
- * For declaring a function in a Win16 PKCS #11 .dll, it might
- * be defined by
- *
- * #define CK_DECLARE_FUNCTION(returnType, name) \
- *   returnType __export _far _pascal name
- *
  * In a UNIX environment, it might be defined by
  *
  * #define CK_DECLARE_FUNCTION(returnType, name) \
@@ -187,12 +165,6 @@ extern "C" {
  * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
  *   returnType __declspec(dllimport) (* name)
  *
- * For accessing functions in a Win16 PKCS #11 .dll, it might be
- * defined by
- *
- * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
- *   returnType __export _far _pascal (* name)
- *
  * In a UNIX environment, it might be defined by
  *
  * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
@@ -218,11 +190,6 @@ extern "C" {
  * #define CK_CALLBACK_FUNCTION(returnType, name) \
  *   returnType (* name)
  *
- * In a Win16 environment, it might be defined by
- *
- * #define CK_CALLBACK_FUNCTION(returnType, name) \
- *   returnType _far _pascal (* name)
- *
  * In a UNIX environment, it might be defined by
  *
  * #define CK_CALLBACK_FUNCTION(returnType, name) \

security/nss/lib/util/secasn1d.c

@@ -38,7 +38,7 @@
  * Support for DEcoding ASN.1 data based on BER/DER (Basic/Distinguished
  * Encoding Rules).
  *
- * $Id: secasn1d.c,v 1.38 2007/10/12 01:44:51 julien.pierre.boogz%sun.com Exp $
+ * $Id: secasn1d.c,v 1.39 2009/04/07 23:52:10 julien.pierre.boogz%sun.com Exp $
  */
 
 /* #define DEBUG_ASN1D_STATES 1 */
@@ -2086,11 +2086,7 @@ sec_asn1d_concat_substrings (sec_asn1d_state *state)
 	}
 
 	if (is_bit_string) {
-#ifdef XP_WIN16		/* win16 compiler gets an internal error otherwise */
-	    alloc_len = (((long)item_len + 7) / 8);
-#else
 	    alloc_len = ((item_len + 7) >> 3);
-#endif
 	} else {
 	    /*
 	     * Add 2 for the end-of-contents octets of an indefinite-length

security/nss/lib/util/secport.h

@@ -37,7 +37,7 @@
 /*
  * secport.h - portability interfaces for security libraries
  *
- * $Id: secport.h,v 1.19 2009/02/27 00:15:03 nelson%bolyard.com Exp $
+ * $Id: secport.h,v 1.21 2009/04/08 01:07:00 julien.pierre.boogz%sun.com Exp $
  */
 
 #ifndef _SECPORT_H_
@@ -57,10 +57,6 @@
 # ifndef XP_WIN32
 # define XP_WIN32
 # endif
-#else
-# ifndef XP_WIN16
-# define XP_WIN16
-# endif
 #endif
 #endif
 

security/nss/tests/memleak/ignored

@@ -41,6 +41,6 @@
 #463631
 vfychain/main/PL_CreateOptState/**
 
-#486928
-selfserv/main/PORT_Strdup_Util/PORT_Alloc_Util/**
+#486298
+selfserv/main/PORT_Strdup_Util**
 

security/nss/trademarks.txt

@@ -113,7 +113,6 @@ URL             Uniform Resource Locator
 UTF-8           Unicode Transformation Format
 Unisys
 Verisign
-WIN16           Windows
 WIN32           Windows
 WINNT           Windows NT
 Windows