"Automated configuration bump, release for firefox 3.0.19build1"

git-svn-id: svn://10.0.0.236/branches/release@259954 18797224-902f-48f8-a5cc-f745e15eee43
"Automated configuration bump, release for firefox 3.0.18build1"
2010-03-13 02:02:11 +00:00 · 2010-02-03 03:05:03 +00:00 · 2009-12-22 12:05:55 +00:00 · 2009-12-22 11:53:54 +00:00 · 2009-12-22 11:47:31 +00:00 · 2009-12-21 23:38:05 +00:00
607 changed files with 2519 additions and 135075 deletions
--- a/mozilla/security/nss/cmd/Makefile
+++ b/mozilla/security/nss/cmd/Makefile
@@ -1,61 +0,0 @@
-#! gmake
-# 
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-CORE_DEPTH = ../..
-DEPTH = ../..
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-
-ifdef BUILD_LIBPKIX_TESTS
-DIRS += libpkix
-endif
-
-ifndef USE_SYSTEM_ZLIB
-ZLIB_SRCDIR = zlib  # Add the zlib directory to DIRS.
-endif
-
-INCLUDES += \
-	-I$(DIST)/../public/security \
-	-I./include \
-	$(NULL)
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-symbols::
-	@echo "TARGETS	= $(TARGETS)"
--- a/mozilla/security/nss/cmd/SSLsample/Makefile
+++ b/mozilla/security/nss/cmd/SSLsample/Makefile
@@ -1,48 +0,0 @@
-#! gmake
-# 
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-# do these once for each target program
-all default export libs program install release_export::
-	$(MAKE) -f make.client $@
-	$(MAKE) -f make.server $@
-
-# only do these things once for the whole directory
-depend dependclean clean clobber realclean clobber_all release_classes release_clean release_cpdistdir release_export release_jars release_md release_policy show::
-	$(MAKE) -f make.client $@
-
-
--- a/mozilla/security/nss/cmd/SSLsample/README
+++ b/mozilla/security/nss/cmd/SSLsample/README
@@ -1,35 +0,0 @@
-These sample programs can be built in either of two ways:
-1) is the NSS source tree, using the coreconf build system, and 
-2) stand alone (as part of the NSS distribution).
-
-The following makefiles are used only when building in the NSS source tree
-using coreconf.  These are NOT part of the distribution.
-
-Makefile
-client.mn
-server.mn
-config.mk
-make.client
-make.server
-
-The following source files are common to both build environments and are
-part of the distribution.
-
-NSPRerrs.h
-SECerrs.h
-SSLerrs.h
-client.c
-getopt.c
-server.c
-sslerror.h
-
-In the NSS 2.0 distribution, the sample code and makefiles are in a 
-directory named "samples".  The directories relevant to building 
-in the distributed tree are:
-
-./samples
-./include/dbm
-./include/nspr
-./include/security
-./lib
-
--- a/mozilla/security/nss/cmd/SSLsample/client.c
+++ b/mozilla/security/nss/cmd/SSLsample/client.c
@@ -1,456 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-/****************************************************************************
- *  SSL client program that sets up a connection to SSL server, transmits   *
- *  some data and then reads the reply                                      *
- ****************************************************************************/ 
-
-#include <stdio.h>
-#include <string.h>
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#endif
-
-#include "prerror.h"
-
-#include "pk11func.h"
-#include "secitem.h"
-
-
-#include <stdlib.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <stdarg.h>
-
-#include "nspr.h"
-#include "plgetopt.h"
-#include "prio.h"
-#include "prnetdb.h"
-#include "nss.h"
-
-#include "sslsample.h"
-
-#define RD_BUF_SIZE (60 * 1024)
-
-extern int ssl2CipherSuites[];
-extern int ssl3CipherSuites[];
-
-GlobalThreadMgr threadMGR;
-char *certNickname = NULL;
-char *hostName = NULL;
-char *password = NULL;
-unsigned short port = 0;
-
-static void
-Usage(const char *progName)
-{
-	fprintf(stderr, 
-	  "Usage: %s [-n rsa_nickname] [-p port] [-d dbdir] [-c connections]\n"
-	  "          [-w dbpasswd] [-C cipher(s)] hostname\n",
-	progName);
-	exit(1);
-}
-
-PRFileDesc *
-setupSSLSocket(PRNetAddr *addr)
-{
-	PRFileDesc         *tcpSocket;
-	PRFileDesc         *sslSocket;
-	PRSocketOptionData	socketOption;
-	PRStatus            prStatus;
-	SECStatus           secStatus;
-
-#if 0
-retry:
-#endif
-
-	tcpSocket = PR_NewTCPSocket();
-	if (tcpSocket == NULL) {
-		errWarn("PR_NewTCPSocket");
-	}
-
-	/* Make the socket blocking. */
-	socketOption.option	            = PR_SockOpt_Nonblocking;
-	socketOption.value.non_blocking = PR_FALSE;
-
-	prStatus = PR_SetSocketOption(tcpSocket, &socketOption);
-	if (prStatus != PR_SUCCESS) {
-		errWarn("PR_SetSocketOption");
-		goto loser;
-	} 
-
-#if 0
-	/* Verify that a connection can be made to the socket. */
-	prStatus = PR_Connect(tcpSocket, addr, PR_INTERVAL_NO_TIMEOUT);
-	if (prStatus != PR_SUCCESS) {
-		PRErrorCode err = PR_GetError();
-		if (err == PR_CONNECT_REFUSED_ERROR) {
-			PR_Close(tcpSocket);
-			PR_Sleep(PR_MillisecondsToInterval(10));
-			fprintf(stderr, "Connection to port refused, retrying.\n");
-			goto retry;
-		}
-		errWarn("PR_Connect");
-		goto loser;
-	}
-#endif
-
-	/* Import the socket into the SSL layer. */
-	sslSocket = SSL_ImportFD(NULL, tcpSocket);
-	if (!sslSocket) {
-		errWarn("SSL_ImportFD");
-		goto loser;
-	}
-
-	/* Set configuration options. */
-	secStatus = SSL_OptionSet(sslSocket, SSL_SECURITY, PR_TRUE);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_OptionSet:SSL_SECURITY");
-		goto loser;
-	}
-
-	secStatus = SSL_OptionSet(sslSocket, SSL_HANDSHAKE_AS_CLIENT, PR_TRUE);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_OptionSet:SSL_HANDSHAKE_AS_CLIENT");
-		goto loser;
-	}
-
-	/* Set SSL callback routines. */
-	secStatus = SSL_GetClientAuthDataHook(sslSocket,
-	                          (SSLGetClientAuthData)myGetClientAuthData,
-	                          (void *)certNickname);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_GetClientAuthDataHook");
-		goto loser;
-	}
-
-	secStatus = SSL_AuthCertificateHook(sslSocket,
-	                                   (SSLAuthCertificate)myAuthCertificate,
-                                       (void *)CERT_GetDefaultCertDB());
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_AuthCertificateHook");
-		goto loser;
-	}
-
-	secStatus = SSL_BadCertHook(sslSocket, 
-	                           (SSLBadCertHandler)myBadCertHandler, NULL);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_BadCertHook");
-		goto loser;
-	}
-
-	secStatus = SSL_HandshakeCallback(sslSocket, 
-	                                 (SSLHandshakeCallback)myHandshakeCallback,
-	                                 NULL);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_HandshakeCallback");
-		goto loser;
-	}
-
-	return sslSocket;
-
-loser:
-
-	PR_Close(tcpSocket);
-	return NULL;
-}
-
-
-const char requestString[] = {"GET /testfile HTTP/1.0\r\n\r\n" };
-
-SECStatus
-handle_connection(PRFileDesc *sslSocket, int connection)
-{
-	int	     countRead = 0;
-	PRInt32  numBytes;
-	char    *readBuffer;
-
-	readBuffer = PORT_Alloc(RD_BUF_SIZE);
-	if (!readBuffer) {
-		exitErr("PORT_Alloc");
-	}
-
-	/* compose the http request here. */
-
-	numBytes = PR_Write(sslSocket, requestString, strlen(requestString));
-	if (numBytes <= 0) {
-		errWarn("PR_Write");
-		PR_Free(readBuffer);
-		readBuffer = NULL;
-		return SECFailure;
-	}
-
-	/* read until EOF */
-	while (PR_TRUE) {
-		numBytes = PR_Read(sslSocket, readBuffer, RD_BUF_SIZE);
-		if (numBytes == 0) {
-			break;	/* EOF */
-		}
-		if (numBytes < 0) {
-			errWarn("PR_Read");
-			break;
-		}
-		countRead += numBytes;
-		fprintf(stderr, "***** Connection %d read %d bytes (%d total).\n", 
-			connection, numBytes, countRead );
-		readBuffer[numBytes] = '\0';
-		fprintf(stderr, "************\n%s\n************\n", readBuffer);
-	}
-
-	printSecurityInfo(sslSocket);
-	
-	PR_Free(readBuffer);
-	readBuffer = NULL;
-
-	/* Caller closes the socket. */
-
-	fprintf(stderr, 
-	        "***** Connection %d read %d bytes total.\n", 
-	        connection, countRead);
-
-	return SECSuccess;	/* success */
-}
-
-/* one copy of this function is launched in a separate thread for each
-** connection to be made.
-*/
-SECStatus
-do_connects(void *a, int connection)
-{
-	PRNetAddr  *addr = (PRNetAddr *)a;
-	PRFileDesc *sslSocket;
-	PRHostEnt   hostEntry;
-	char        buffer[PR_NETDB_BUF_SIZE];
-	PRStatus    prStatus;
-	PRIntn      hostenum;
-	SECStatus   secStatus;
-
-	/* Set up SSL secure socket. */
-	sslSocket = setupSSLSocket(addr);
-	if (sslSocket == NULL) {
-		errWarn("setupSSLSocket");
-		return SECFailure;
-	}
-
-	secStatus = SSL_SetPKCS11PinArg(sslSocket, password);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_SetPKCS11PinArg");
-		return secStatus;
-	}
-
-	secStatus = SSL_SetURL(sslSocket, hostName);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_SetURL");
-		return secStatus;
-	}
-
-	/* Prepare and setup network connection. */
-	prStatus = PR_GetHostByName(hostName, buffer, sizeof(buffer), &hostEntry);
-	if (prStatus != PR_SUCCESS) {
-		errWarn("PR_GetHostByName");
-		return SECFailure;
-	}
-
-	hostenum = PR_EnumerateHostEnt(0, &hostEntry, port, addr);
-	if (hostenum == -1) {
-		errWarn("PR_EnumerateHostEnt");
-		return SECFailure;
-	}
-
-	prStatus = PR_Connect(sslSocket, addr, PR_INTERVAL_NO_TIMEOUT);
-	if (prStatus != PR_SUCCESS) {
-		errWarn("PR_Connect");
-		return SECFailure;
-	}
-
-	/* Established SSL connection, ready to send data. */
-#if 0
-	secStatus = SSL_ForceHandshake(sslSocket);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_ForceHandshake");
-		return secStatus;
-	}
-#endif
-
-	secStatus = SSL_ResetHandshake(sslSocket, /* asServer */ PR_FALSE);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_ResetHandshake");
-		prStatus = PR_Close(sslSocket);
-		if (prStatus != PR_SUCCESS) {
-			errWarn("PR_Close");
-		}
-		return secStatus;
-	}
-
-	secStatus = handle_connection(sslSocket, connection);
-	if (secStatus != SECSuccess) {
-		errWarn("handle_connection");
-		return secStatus;
-	}
-
-	PR_Close(sslSocket);
-	return SECSuccess;
-}
-
-void
-client_main(unsigned short      port, 
-            int	                connections, 
-            const char *        hostName)
-{
-	int			i;
-	SECStatus	secStatus;
-	PRStatus    prStatus;
-	PRInt32     rv;
-	PRNetAddr	addr;
-	PRHostEnt   hostEntry;
-	char        buffer[256];
-
-	/* Setup network connection. */
-	prStatus = PR_GetHostByName(hostName, buffer, 256, &hostEntry);
-	if (prStatus != PR_SUCCESS) {
-		exitErr("PR_GetHostByName");
-	}
-
-	rv = PR_EnumerateHostEnt(0, &hostEntry, port, &addr);
-	if (rv < 0) {
-		exitErr("PR_EnumerateHostEnt");
-	}
-
-	secStatus = launch_thread(&threadMGR, do_connects, &addr, 1);
-	if (secStatus != SECSuccess) {
-		exitErr("launch_thread");
-	}
-
-	if (connections > 1) {
-		/* wait for the first connection to terminate, then launch the rest. */
-		reap_threads(&threadMGR);
-		/* Start up the connections */
-		for (i = 2; i <= connections; ++i) {
-			secStatus = launch_thread(&threadMGR, do_connects, &addr, i);
-			if (secStatus != SECSuccess) {
-				errWarn("launch_thread");
-			}
-		}
-	}
-
-	reap_threads(&threadMGR);
-	destroy_thread_data(&threadMGR);
-}
-
-int
-main(int argc, char **argv)
-{
-	char *               certDir      = ".";
-	char *               progName     = NULL;
-	int					 connections  = 1;
-	char *               cipherString = NULL;
-	SECStatus            secStatus;
-	PLOptState *         optstate;
-	PLOptStatus          status;
-
-	/* Call the NSPR initialization routines */
-	PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-
-	progName = PL_strdup(argv[0]);
-
-	hostName = NULL;
-	optstate = PL_CreateOptState(argc, argv, "C:c:d:n:p:w:");
-	while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
-		switch(optstate->option) {
-		case 'C' : cipherString = PL_strdup(optstate->value); break;
-		case 'c' : connections = PORT_Atoi(optstate->value);  break;
-		case 'd' : certDir = PL_strdup(optstate->value);      break;
-		case 'n' : certNickname = PL_strdup(optstate->value); break;
-		case 'p' : port = PORT_Atoi(optstate->value);         break;
-		case 'w' : password = PL_strdup(optstate->value);     break;
-		case '\0': hostName = PL_strdup(optstate->value);     break;
-		default  : Usage(progName);
-		}
-	}
-
-	if (port == 0 || hostName == NULL)
-		Usage(progName);
-
-	if (certDir == NULL) {
-		certDir = PR_smprintf("%s/.netscape", getenv("HOME"));
-	}
-
-	/* Set our password function callback. */
-	PK11_SetPasswordFunc(myPasswd);
-
-	/* Initialize the NSS libraries. */
-	secStatus = NSS_Init(certDir);
-	if (secStatus != SECSuccess) {
-		exitErr("NSS_Init");
-	}
-
-	/* All cipher suites except RSA_NULL_MD5 are enabled by Domestic Policy. */
-	NSS_SetDomesticPolicy();
-	SSL_CipherPrefSetDefault(SSL_RSA_WITH_NULL_MD5, PR_TRUE);
-
-	/* all the SSL2 and SSL3 cipher suites are enabled by default. */
-	if (cipherString) {
-	    int ndx;
-
-	    /* disable all the ciphers, then enable the ones we want. */
-	    disableAllSSLCiphers();
-
-	    while (0 != (ndx = *cipherString++)) {
-		int *cptr;
-		int  cipher;
-
-		if (! isalpha(ndx))
-		    Usage(progName);
-		cptr = islower(ndx) ? ssl3CipherSuites : ssl2CipherSuites;
-		for (ndx &= 0x1f; (cipher = *cptr++) != 0 && --ndx > 0; )
-		    /* do nothing */;
-		if (cipher) {
-		    SSL_CipherPrefSetDefault(cipher, PR_TRUE);
-		}
-	    }
-	}
-
-	client_main(port, connections, hostName);
-
-	if (NSS_Shutdown() != SECSuccess) {
-            exit(1);
-        }
-	PR_Cleanup();
-	return 0;
-}
-
--- a/mozilla/security/nss/cmd/SSLsample/client.mn
+++ b/mozilla/security/nss/cmd/SSLsample/client.mn
@@ -1,50 +0,0 @@
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-CORE_DEPTH = ../../..
-
-MODULE = nss
-
-EXPORTS = 
-
-CSRCS =  client.c \
-	sslsample.c \
-	$(NULL)
-
-PROGRAM = client
-
-IMPORTS = nss/lib/nss
-
--- a/mozilla/security/nss/cmd/SSLsample/gencerts
+++ b/mozilla/security/nss/cmd/SSLsample/gencerts
@@ -1,81 +0,0 @@
-#!/bin/sh
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-# Directory for db's, use in all subsequent -d flags.
-rm -rf SampleCertDBs
-mkdir SampleCertDBs
-
-# Password to use.
-echo sample > passfile
-
-# Generate the db files, using the above password.
-certutil -N -d SampleCertDBs -f passfile
-
-# Generate the CA cert.  This cert is self-signed and only useful for
-# test purposes.  Set the trust bits to allow it to sign SSL client/server
-# certs.
-certutil -S -n SampleRootCA -x -t "CTu,CTu,CTu" \
-            -s "CN=My Sample Root CA, O=My Organization" \
-            -m 25000 -o ./SampleCertDBs/SampleRootCA.crt \
-            -d SampleCertDBs -f passfile
-
-# Generate the server cert.  This cert is signed by the CA cert generated
-# above.  The CN must be hostname.domain.[com|org|net|...].
-certutil -S -n SampleSSLServerCert -c SampleRootCA -t "u,u,u" \
-            -s "CN=$HOSTNAME.$MYDOMAIN, O=$HOSTNAME Corp." \
-            -m 25001 -o ./SampleCertDBs/SampleSSLServer.crt \
-            -d SampleCertDBs -f passfile
-
-# Generate the client cert.  This cert is signed by the CA cert generated
-# above.
-certutil -S -n SampleSSLClientCert -c SampleRootCA -t "u,u,u" \
-            -s "CN=My Client Cert, O=Client Organization" \
-            -m 25002 -o ./SampleCertDBs/SampleSSLClient.crt \
-            -d SampleCertDBs -f passfile
-
-# Verify the certificates.
-certutil -V -u V -n SampleSSLServerCert -d SampleCertDBs
-certutil -V -u C -n SampleSSLClientCert -d SampleCertDBs
-
-# Remove unneccessary files.
-rm -f passfile
-rm -f tempcert*
-
-# You are now ready to run your client/server!  Example command lines:
-# server -n SampleSSLServerCert -p 8080 -d SampleCertDBs -w sample -c e -R
-# client -n SampleSSLClientCert -p 8080 -d SampleCertDBs -w sample -c 2 trane.mcom.com
--- a/mozilla/security/nss/cmd/SSLsample/make.client
+++ b/mozilla/security/nss/cmd/SSLsample/make.client
@@ -1,81 +0,0 @@
-#! gmake
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include client.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#include $(CORE_DEPTH)/$(MODULE)/config/config.mk
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-#CC = cc 
-
-
--- a/mozilla/security/nss/cmd/SSLsample/make.server
+++ b/mozilla/security/nss/cmd/SSLsample/make.server
@@ -1,80 +0,0 @@
-#! gmake
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include server.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#include $(CORE_DEPTH)/$(MODULE)/config/config.mk
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-
--- a/mozilla/security/nss/cmd/SSLsample/server.c
+++ b/mozilla/security/nss/cmd/SSLsample/server.c
@@ -1,821 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-/****************************************************************************
- *  SSL server program listens on a port, accepts client connection, reads  *
- *  request and responds to it                                              *
- ****************************************************************************/
-
-/* Generic header files */
-
-#include <stdio.h>
-#include <string.h>
-
-/* NSPR header files */
-
-#include "nspr.h"
-#include "plgetopt.h"
-#include "prerror.h"
-#include "prnetdb.h"
-
-/* NSS header files */
-
-#include "pk11func.h"
-#include "secitem.h"
-#include "ssl.h"
-#include "certt.h"
-#include "nss.h"
-#include "secder.h"
-#include "key.h"
-#include "sslproto.h"
-
-/* Custom header files */
-
-#include "sslsample.h"
-
-#ifndef PORT_Sprintf
-#define PORT_Sprintf sprintf
-#endif
-
-#define REQUEST_CERT_ONCE 1
-#define REQUIRE_CERT_ONCE 2
-#define REQUEST_CERT_ALL  3
-#define REQUIRE_CERT_ALL  4
-
-/* Global variables */
-GlobalThreadMgr   threadMGR;
-char             *password = NULL;
-CERTCertificate  *cert = NULL;
-SECKEYPrivateKey *privKey = NULL;
-int               stopping;
-
-static void
-Usage(const char *progName)
-{
-	fprintf(stderr, 
-
-"Usage: %s -n rsa_nickname -p port [-3RFrf] [-w password]\n"
-"					[-c ciphers] [-d dbdir] \n"
-"-3 means disable SSL v3\n"
-"-r means request certificate on first handshake.\n"
-"-f means require certificate on first handshake.\n"
-"-R means request certificate on all handshakes.\n"
-"-F means require certificate on all handshakes.\n"
-"-c ciphers   Letter(s) chosen from the following list\n"
-"A	  SSL2 RC4 128 WITH MD5\n"
-"B	  SSL2 RC4 128 EXPORT40 WITH MD5\n"
-"C	  SSL2 RC2 128 CBC WITH MD5\n"
-"D	  SSL2 RC2 128 CBC EXPORT40 WITH MD5\n"
-"E	  SSL2 DES 64 CBC WITH MD5\n"
-"F	  SSL2 DES 192 EDE3 CBC WITH MD5\n"
-"\n"
-"c	  SSL3 RSA WITH RC4 128 MD5\n"
-"d	  SSL3 RSA WITH 3DES EDE CBC SHA\n"
-"e	  SSL3 RSA WITH DES CBC SHA\n"
-"f	  SSL3 RSA EXPORT WITH RC4 40 MD5\n"
-"g	  SSL3 RSA EXPORT WITH RC2 CBC 40 MD5\n"
-"i	  SSL3 RSA WITH NULL MD5\n"
-"j	  SSL3 RSA FIPS WITH 3DES EDE CBC SHA\n"
-"k	  SSL3 RSA FIPS WITH DES CBC SHA\n"
-"l	  SSL3 RSA EXPORT WITH DES CBC SHA\t(new)\n"
-"m	  SSL3 RSA EXPORT WITH RC4 56 SHA\t(new)\n",
-	progName);
-	exit(1);
-}
-
-/* Function:  readDataFromSocket()
- *
- * Purpose:  Parse an HTTP request by reading data from a GET or POST.
- *
- */
-SECStatus
-readDataFromSocket(PRFileDesc *sslSocket, DataBuffer *buffer, char **fileName)
-{
-	char  *post;
-	int    numBytes = 0;
-	int    newln    = 0;  /* # of consecutive newlns */
-
-	/* Read data while it comes in from the socket. */
-	while (PR_TRUE) {
-		buffer->index = 0;
-		newln = 0;
-
-		/* Read the buffer. */
-		numBytes = PR_Read(sslSocket, &buffer->data[buffer->index], 
-		                   buffer->remaining);
-		if (numBytes <= 0) {
-			errWarn("PR_Read");
-			return SECFailure;
-		}
-		buffer->dataEnd = buffer->dataStart + numBytes;
-
-		/* Parse the input, starting at the beginning of the buffer.
-		 * Stop when we detect two consecutive \n's (or \r\n's) 
-		 * as this signifies the end of the GET or POST portion.
-		 * The posted data follows.
-		 */
-		while (buffer->index < buffer->dataEnd && newln < 2) {
-			int octet = buffer->data[buffer->index++];
-			if (octet == '\n') {
-				newln++;
-			} else if (octet != '\r') {
-				newln = 0;
-			}
-		}
-
-		/* Came to the end of the buffer, or second newline.
-		 * If we didn't get an empty line ("\r\n\r\n"), then keep on reading.
-		 */
-		if (newln < 2) 
-			continue;
-
-		/* we're at the end of the HTTP request.
-		 * If the request is a POST, then there will be one more
-		 * line of data.
-		 * This parsing is a hack, but ok for SSL test purposes.
-		 */
-		post = PORT_Strstr(buffer->data, "POST ");
-		if (!post || *post != 'P') 
-			break;
-
-		/* It's a post, so look for the next and final CR/LF. */
-		/* We should parse content length here, but ... */
-		while (buffer->index < buffer->dataEnd && newln < 3) {
-			int octet = buffer->data[buffer->index++];
-			if (octet == '\n') {
-				newln++;
-			}
-		}
-
-		if (newln == 3)
-			break;
-	}
-
-	/* Have either (a) a complete get, (b) a complete post, (c) EOF */
-
-	/*  Execute a "GET " operation. */
-	if (buffer->index > 0 && PORT_Strncmp(buffer->data, "GET ", 4) == 0) {
-		int fnLength;
-
-		/* File name is the part after "GET ". */
-		fnLength = strcspn(buffer->data + 5, " \r\n");
-		*fileName = (char *)PORT_Alloc(fnLength + 1);
-		PORT_Strncpy(*fileName, buffer->data + 5, fnLength);
-		(*fileName)[fnLength] = '\0';
-	}
-
-	return SECSuccess;
-}
-
-/* Function:  authenticateSocket()
- *
- * Purpose:  Configure a socket for SSL.
- *
- *
- */
-PRFileDesc * 
-setupSSLSocket(PRFileDesc *tcpSocket, int requestCert)
-{
-	PRFileDesc *sslSocket;
-	SSLKEAType  certKEA;
-	int         certErr = 0;
-	SECStatus   secStatus;
-
-	/* Set the appropriate flags. */
-
-	sslSocket = SSL_ImportFD(NULL, tcpSocket);
-	if (sslSocket == NULL) {
-		errWarn("SSL_ImportFD");
-		goto loser;
-	}
-   
-	secStatus = SSL_OptionSet(sslSocket, SSL_SECURITY, PR_TRUE);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_OptionSet SSL_SECURITY");
-		goto loser;
-	}
-
-	secStatus = SSL_OptionSet(sslSocket, SSL_HANDSHAKE_AS_SERVER, PR_TRUE);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_OptionSet:SSL_HANDSHAKE_AS_SERVER");
-		goto loser;
-	}
-
-	secStatus = SSL_OptionSet(sslSocket, SSL_REQUEST_CERTIFICATE, 
-	                       (requestCert >= REQUEST_CERT_ONCE));
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_OptionSet:SSL_REQUEST_CERTIFICATE");
-		goto loser;
-	}
-
-	secStatus = SSL_OptionSet(sslSocket, SSL_REQUIRE_CERTIFICATE, 
-	                       (requestCert == REQUIRE_CERT_ONCE));
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_OptionSet:SSL_REQUIRE_CERTIFICATE");
-		goto loser;
-	}
-
-	/* Set the appropriate callback routines. */
-
-	secStatus = SSL_AuthCertificateHook(sslSocket, myAuthCertificate, 
-	                                    CERT_GetDefaultCertDB());
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_AuthCertificateHook");
-		goto loser;
-	}
-
-	secStatus = SSL_BadCertHook(sslSocket, 
-	                            (SSLBadCertHandler)myBadCertHandler, &certErr);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_BadCertHook");
-		goto loser;
-	}
-
-	secStatus = SSL_HandshakeCallback(sslSocket,
-	                                 (SSLHandshakeCallback)myHandshakeCallback,
-									  NULL);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_HandshakeCallback");
-		goto loser;
-	}
-
-	secStatus = SSL_SetPKCS11PinArg(sslSocket, password);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_HandshakeCallback");
-		goto loser;
-	}
-
-	certKEA = NSS_FindCertKEAType(cert);
-
-	secStatus = SSL_ConfigSecureServer(sslSocket, cert, privKey, certKEA);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_ConfigSecureServer");
-		goto loser;
-	}
-
-	return sslSocket;
-
-loser:
-
-	PR_Close(tcpSocket);
-	return NULL;
-}
-
-/* Function:  authenticateSocket()
- *
- * Purpose:  Perform client authentication on the socket.
- *
- */
-SECStatus
-authenticateSocket(PRFileDesc *sslSocket, PRBool requireCert)
-{
-	CERTCertificate *cert;
-	SECStatus secStatus;
-
-	/* Returns NULL if client authentication is not enabled or if the
-	 * client had no certificate. */
-	cert = SSL_PeerCertificate(sslSocket);
-	if (cert) {
-		/* Client had a certificate, so authentication is through. */
-		CERT_DestroyCertificate(cert);
-		return SECSuccess;
-	}
-
-	/* Request client to authenticate itself. */
-	secStatus = SSL_OptionSet(sslSocket, SSL_REQUEST_CERTIFICATE, PR_TRUE);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_OptionSet:SSL_REQUEST_CERTIFICATE");
-		return SECFailure;
-	}
-
-	/* If desired, require client to authenticate itself.  Note
-	 * SSL_REQUEST_CERTIFICATE must also be on, as above.  */
-	secStatus = SSL_OptionSet(sslSocket, SSL_REQUIRE_CERTIFICATE, requireCert);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_OptionSet:SSL_REQUIRE_CERTIFICATE");
-		return SECFailure;
-	}
-
-	/* Having changed socket configuration parameters, redo handshake. */
-	secStatus = SSL_ReHandshake(sslSocket, PR_TRUE);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_ReHandshake");
-		return SECFailure;
-	}
-
-	/* Force the handshake to complete before moving on. */
-	secStatus = SSL_ForceHandshake(sslSocket);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_ForceHandshake");
-		return SECFailure;
-	}
-
-	return SECSuccess;
-}
-
-/* Function:  writeDataToSocket
- *
- * Purpose:  Write the client's request back to the socket.  If the client
- *           requested a file, dump it to the socket.
- *
- */
-SECStatus
-writeDataToSocket(PRFileDesc *sslSocket, DataBuffer *buffer, char *fileName)
-{
-	int headerLength;
-	int numBytes;
-	char messageBuffer[120];
-	PRFileDesc *local_file_fd = NULL;
-	char header[] = "<html><body><h1>Sample SSL server</h1><br><br>";
-	char filehd[] = "<h2>The file you requested:</h2><br>";
-	char reqhd[]  = "<h2>This is your request:</h2><br>";
-	char link[]   = "Try getting a <a HREF=\"../testfile\">file</a><br>";
-	char footer[] = "<br><h2>End of request.</h2><br></body></html>";
-
-	headerLength = PORT_Strlen(defaultHeader);
-
-	/* Write a header to the socket. */
-	numBytes = PR_Write(sslSocket, header, PORT_Strlen(header));
-	if (numBytes < 0) {
-		errWarn("PR_Write");
-		goto loser;
-	}
-
-	if (fileName) {
-		PRFileInfo  info;
-		PRStatus    prStatus;
-
-		/* Try to open the local file named.	
-		 * If successful, then write it to the client.
-		 */
-		prStatus = PR_GetFileInfo(fileName, &info);
-		if (prStatus != PR_SUCCESS ||
-		    info.type != PR_FILE_FILE ||
-		    info.size < 0) {
-			PORT_Free(fileName);
-			/* Maybe a GET not sent from client.c? */
-			goto writerequest;
-		}
-
-		local_file_fd = PR_Open(fileName, PR_RDONLY, 0);
-		if (local_file_fd == NULL) {
-			PORT_Free(fileName);
-			goto writerequest;
-		}
-
-		/* Write a header to the socket. */
-		numBytes = PR_Write(sslSocket, filehd, PORT_Strlen(filehd));
-		if (numBytes < 0) {
-			errWarn("PR_Write");
-			goto loser;
-		}
-
-		/* Transmit the local file prepended by the default header
-		 * across the socket.
-		 */
-		numBytes = PR_TransmitFile(sslSocket, local_file_fd, 
-		                           defaultHeader, headerLength,
-		                           PR_TRANSMITFILE_KEEP_OPEN,
-		                           PR_INTERVAL_NO_TIMEOUT);
-
-		/* Error in transmission. */
-		if (numBytes < 0) {
-			errWarn("PR_TransmitFile");
-			/*
-			i = PORT_Strlen(errString);
-			PORT_Memcpy(buf, errString, i);
-			*/
-		/* Transmitted bytes successfully. */
-		} else {
-			numBytes -= headerLength;
-			fprintf(stderr, "PR_TransmitFile wrote %d bytes from %s\n",
-			        numBytes, fileName);
-		}
-
-		PORT_Free(fileName);
-		PR_Close(local_file_fd);
-	}
-
-writerequest:
-
-	/* Write a header to the socket. */
-	numBytes = PR_Write(sslSocket, reqhd, PORT_Strlen(reqhd));
-	if (numBytes < 0) {
-		errWarn("PR_Write");
-		goto loser;
-	}
-
-	/* Write the buffer data to the socket. */
-	if (buffer->index <= 0) {
-		/* Reached the EOF.  Report incomplete transaction to socket. */
-		PORT_Sprintf(messageBuffer,
-		             "GET or POST incomplete after %d bytes.\r\n",
-		             buffer->dataEnd);
-		numBytes = PR_Write(sslSocket, messageBuffer, 
-		                    PORT_Strlen(messageBuffer));
-		if (numBytes < 0) {
-			errWarn("PR_Write");
-			goto loser;
-		}
-	} else {
-		/* Display the buffer data. */
-		fwrite(buffer->data, 1, buffer->index, stdout);
-		/* Write the buffer data to the socket. */
-		numBytes = PR_Write(sslSocket, buffer->data, buffer->index);
-		if (numBytes < 0) {
-			errWarn("PR_Write");
-			goto loser;
-		}
-		/* Display security information for the socket. */
-		printSecurityInfo(sslSocket);
-		/* Write any discarded data out to the socket. */
-		if (buffer->index < buffer->dataEnd) {
-			PORT_Sprintf(buffer->data, "Discarded %d characters.\r\n", 
-			             buffer->dataEnd - buffer->index);
-			numBytes = PR_Write(sslSocket, buffer->data, 
-			                    PORT_Strlen(buffer->data));
-			if (numBytes < 0) {
-				errWarn("PR_Write");
-				goto loser;
-			}
-		}
-	}
-
-	/* Write a footer to the socket. */
-	numBytes = PR_Write(sslSocket, footer, PORT_Strlen(footer));
-	if (numBytes < 0) {
-		errWarn("PR_Write");
-		goto loser;
-	}
-
-	/* Write a link to the socket. */
-	numBytes = PR_Write(sslSocket, link, PORT_Strlen(link));
-	if (numBytes < 0) {
-		errWarn("PR_Write");
-		goto loser;
-	}
-
-	/* Complete the HTTP transaction. */
-	numBytes = PR_Write(sslSocket, "EOF\r\n\r\n\r\n", 9);
-	if (numBytes < 0) {
-		errWarn("PR_Write");
-		goto loser;
-	}
-
-	/* Do a nice shutdown if asked. */
-	if (!strncmp(buffer->data, stopCmd, strlen(stopCmd))) {
-		stopping = 1;
-	}
-	return SECSuccess;
-
-loser:
-
-	/* Do a nice shutdown if asked. */
-	if (!strncmp(buffer->data, stopCmd, strlen(stopCmd))) {
-		stopping = 1;
-	}
-	return SECFailure;
-}
-
-/* Function:  int handle_connection()
- *
- * Purpose:  Thread to handle a connection to a socket.
- *
- */
-SECStatus
-handle_connection(void *tcp_sock, int requestCert)
-{
-	PRFileDesc *       tcpSocket = (PRFileDesc *)tcp_sock;
-	PRFileDesc *       sslSocket = NULL;
-	SECStatus          secStatus = SECFailure;
-	PRStatus           prStatus;
-	PRSocketOptionData socketOption;
-	DataBuffer         buffer;
-	char *             fileName = NULL;
-
-	/* Initialize the data buffer. */
-	memset(buffer.data, 0, BUFFER_SIZE);
-	buffer.remaining = BUFFER_SIZE;
-	buffer.index = 0;
-	buffer.dataStart = 0;
-	buffer.dataEnd = 0;
-
-	/* Make sure the socket is blocking. */
-	socketOption.option             = PR_SockOpt_Nonblocking;
-	socketOption.value.non_blocking = PR_FALSE;
-	PR_SetSocketOption(tcpSocket, &socketOption);
-
-	sslSocket = setupSSLSocket(tcpSocket, requestCert);
-	if (sslSocket == NULL) {
-		errWarn("setupSSLSocket");
-		goto cleanup;
-	}
-
-	secStatus = SSL_ResetHandshake(sslSocket, /* asServer */ PR_TRUE);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_ResetHandshake");
-		goto cleanup;
-	}
-
-	/* Read data from the socket, parse it for HTTP content.
-	 * If the user is requesting/requiring authentication, authenticate
-	 * the socket.  Then write the result back to the socket.  */
-	fprintf(stdout, "\nReading data from socket...\n\n");
-	secStatus = readDataFromSocket(sslSocket, &buffer, &fileName);
-	if (secStatus != SECSuccess) {
-		goto cleanup;
-	}
-	if (requestCert >= REQUEST_CERT_ALL) {
-		fprintf(stdout, "\nAuthentication requested.\n\n");
-		secStatus = authenticateSocket(sslSocket, 
-		                               (requestCert == REQUIRE_CERT_ALL));
-		if (secStatus != SECSuccess) {
-			goto cleanup;
-		}
-	}
-
-	fprintf(stdout, "\nWriting data to socket...\n\n");
-	secStatus = writeDataToSocket(sslSocket, &buffer, fileName);
-
-cleanup:
-
-	/* Close down the socket. */
-	prStatus = PR_Close(tcpSocket);
-	if (prStatus != PR_SUCCESS) {
-		errWarn("PR_Close");
-	}
-
-	return secStatus;
-}
-
-/* Function:  int accept_connection()
- *
- * Purpose:  Thread to accept a connection to the socket.
- *
- */
-SECStatus
-accept_connection(void *listener, int requestCert)
-{
-	PRFileDesc *listenSocket = (PRFileDesc*)listener;
-	PRNetAddr   addr;
-	PRStatus    prStatus;
-
-	/* XXX need an SSL socket here? */
-	while (!stopping) {
-		PRFileDesc *tcpSocket;
-		SECStatus	result;
-
-		fprintf(stderr, "\n\n\nAbout to call accept.\n");
-
-		/* Accept a connection to the socket. */
-		tcpSocket = PR_Accept(listenSocket, &addr, PR_INTERVAL_NO_TIMEOUT);
-		if (tcpSocket == NULL) {
-			errWarn("PR_Accept");
-			break;
-		}
-
-		/* Accepted the connection, now handle it. */
-		result = launch_thread(&threadMGR, handle_connection, 
-		                       tcpSocket, requestCert);
-
-		if (result != SECSuccess) {
-			prStatus = PR_Close(tcpSocket);
-			if (prStatus != PR_SUCCESS) {
-				exitErr("PR_Close");
-			}
-			break;
-		}
-	}
-
-	fprintf(stderr, "Closing listen socket.\n");
-
-	prStatus = PR_Close(listenSocket);
-	if (prStatus != PR_SUCCESS) {
-		exitErr("PR_Close");
-	}
-	return SECSuccess;
-}
-
-/* Function:  void server_main()
- *
- * Purpose:  This is the server's main function.  It configures a socket
- *			 and listens to it.
- *
- */
-void
-server_main(
-	unsigned short      port, 
-	int                 requestCert, 
-	SECKEYPrivateKey *  privKey,
-	CERTCertificate *   cert, 
-	PRBool              disableSSL3)
-{
-	SECStatus           secStatus;
-	PRStatus            prStatus;
-	PRFileDesc *        listenSocket;
-	PRNetAddr           addr;
-	PRSocketOptionData  socketOption;
-
-	/* Create a new socket. */
-	listenSocket = PR_NewTCPSocket();
-	if (listenSocket == NULL) {
-		exitErr("PR_NewTCPSocket");
-	}
-
-	/* Set socket to be blocking -
-	 * on some platforms the default is nonblocking.
-	 */
-	socketOption.option = PR_SockOpt_Nonblocking;
-	socketOption.value.non_blocking = PR_FALSE;
-
-	prStatus = PR_SetSocketOption(listenSocket, &socketOption);
-	if (prStatus != PR_SUCCESS) {
-		exitErr("PR_SetSocketOption");
-	}
-
-	/* This cipher is not on by default. The Acceptance test
-	 * would like it to be. Turn this cipher on.
-	 */
-	secStatus = SSL_CipherPrefSetDefault(SSL_RSA_WITH_NULL_MD5, PR_TRUE);
-	if (secStatus != SECSuccess) {
-		exitErr("SSL_CipherPrefSetDefault:SSL_RSA_WITH_NULL_MD5");
-	}
-
-	/* Configure the network connection. */
-	addr.inet.family = PR_AF_INET;
-	addr.inet.ip	 = PR_INADDR_ANY;
-	addr.inet.port	 = PR_htons(port);
-
-	/* Bind the address to the listener socket. */
-	prStatus = PR_Bind(listenSocket, &addr);
-	if (prStatus != PR_SUCCESS) {
-		exitErr("PR_Bind");
-	}
-
-	/* Listen for connection on the socket.  The second argument is
-	 * the maximum size of the queue for pending connections.
-	 */
-	prStatus = PR_Listen(listenSocket, 5);
-	if (prStatus != PR_SUCCESS) {
-		exitErr("PR_Listen");
-	}
-
-	/* Launch thread to handle connections to the socket. */
-	secStatus = launch_thread(&threadMGR, accept_connection, 
-                              listenSocket, requestCert);
-	if (secStatus != SECSuccess) {
-		PR_Close(listenSocket);
-	} else {
-		reap_threads(&threadMGR);
-		destroy_thread_data(&threadMGR);
-	}
-}
-
-/* Function: int main()
- *
- * Purpose:  Parses command arguments and configures SSL server.
- *
- */
-int
-main(int argc, char **argv)
-{
-	char *              progName      = NULL;
-	char *              nickName      = NULL;
-	char *              cipherString  = NULL;
-	char *              dir           = ".";
-	int                 requestCert   = 0;
-	unsigned short      port          = 0;
-	SECStatus           secStatus;
-	PRBool              disableSSL3   = PR_FALSE;
-	PLOptState *        optstate;
-	PLOptStatus         status;
-
-	/* Zero out the thread manager. */
-	PORT_Memset(&threadMGR, 0, sizeof(threadMGR));
-
-	progName = PL_strdup(argv[0]);
-
-	optstate = PL_CreateOptState(argc, argv, "3FRc:d:fp:n:rw:");
-	while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
-		switch(optstate->option) {
-		case '3': disableSSL3 = PR_TRUE;                      break;
-		case 'F': requestCert = REQUIRE_CERT_ALL;             break;
-		case 'R': requestCert = REQUEST_CERT_ALL;             break;
-		case 'c': cipherString = PL_strdup(optstate->value);  break;
-		case 'd': dir = PL_strdup(optstate->value);           break;
-		case 'f': requestCert = REQUIRE_CERT_ONCE;            break;
-		case 'n': nickName = PL_strdup(optstate->value);      break;
-		case 'p': port = PORT_Atoi(optstate->value);          break;
-		case 'r': requestCert = REQUEST_CERT_ONCE;            break;
-		case 'w': password = PL_strdup(optstate->value);      break;
-		default:
-		case '?': Usage(progName);
-		}
-	}
-
-	if (nickName == NULL || port == 0)
-		Usage(progName);
-
-	/* Call the NSPR initialization routines. */
-	PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-
-	/* Set the cert database password callback. */
-	PK11_SetPasswordFunc(myPasswd);
-
-	/* Initialize NSS. */
-	secStatus = NSS_Init(dir);
-	if (secStatus != SECSuccess) {
-		exitErr("NSS_Init");
-	}
-
-	/* Set the policy for this server (REQUIRED - no default). */
-	secStatus = NSS_SetDomesticPolicy();
-	if (secStatus != SECSuccess) {
-		exitErr("NSS_SetDomesticPolicy");
-	}
-
-	/* XXX keep this? */
-	/* all the SSL2 and SSL3 cipher suites are enabled by default. */
-	if (cipherString) {
-	    int ndx;
-
-	    /* disable all the ciphers, then enable the ones we want. */
-	    disableAllSSLCiphers();
-
-	    while (0 != (ndx = *cipherString++)) {
-		int *cptr;
-		int  cipher;
-
-		if (! isalpha(ndx))
-			Usage(progName);
-		cptr = islower(ndx) ? ssl3CipherSuites : ssl2CipherSuites;
-		for (ndx &= 0x1f; (cipher = *cptr++) != 0 && --ndx > 0; ) 
-		    /* do nothing */;
-		if (cipher) {
-		    SECStatus status;
-		    status = SSL_CipherPrefSetDefault(cipher, PR_TRUE);
-		    if (status != SECSuccess) 
-			errWarn("SSL_CipherPrefSetDefault()");
-		}
-	    }
-	}
-
-	/* Get own certificate and private key. */
-	cert = PK11_FindCertFromNickname(nickName, password);
-	if (cert == NULL) {
-		exitErr("PK11_FindCertFromNickname");
-	}
-
-	privKey = PK11_FindKeyByAnyCert(cert, password);
-	if (privKey == NULL) {
-		exitErr("PK11_FindKeyByAnyCert");
-	}
-
-	/* Configure the server's cache for a multi-process application
-	 * using default timeout values (24 hrs) and directory location (/tmp). 
-	 */
-	SSL_ConfigMPServerSIDCache(256, 0, 0, NULL);
-
-	/* Launch server. */
-	server_main(port, requestCert, privKey, cert, disableSSL3);
-
-	/* Shutdown NSS and exit NSPR gracefully. */
-	if (NSS_Shutdown() != SECSuccess) {
-            exit(1);
-        }
-	PR_Cleanup();
-	return 0;
-}
--- a/mozilla/security/nss/cmd/SSLsample/server.mn
+++ b/mozilla/security/nss/cmd/SSLsample/server.mn
@@ -1,48 +0,0 @@
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-CORE_DEPTH = ../../..
-
-MODULE  = nss
-
-EXPORTS = 
-
-CSRCS =  server.c	\
-	sslsample.c	\
-	$(NULL)
-
-PROGRAM  = server
-
--- a/mozilla/security/nss/cmd/SSLsample/sslerror.h
+++ b/mozilla/security/nss/cmd/SSLsample/sslerror.h
@@ -1,113 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-#include <stdio.h>
-#include <string.h>
-#include "nspr.h"
-
-struct tuple_str {
-    PRErrorCode	 errNum;
-    const char * errString;
-};
-
-typedef struct tuple_str tuple_str;
-
-#define ER2(a,b)   {a, b},
-#define ER3(a,b,c) {a, c},
-
-#include "secerr.h"
-#include "sslerr.h"
-
-const tuple_str errStrings[] = {
-
-/* keep this list in asceding order of error numbers */
-#include "SSLerrs.h"
-#include "SECerrs.h"
-#include "NSPRerrs.h"
-
-};
-
-const PRInt32 numStrings = sizeof(errStrings) / sizeof(tuple_str);
-
-/* Returns a UTF-8 encoded constant error string for "errNum".
- * Returns NULL of errNum is unknown.
- */
-const char *
-SSL_Strerror(PRErrorCode errNum) {
-    PRInt32 low  = 0;
-    PRInt32 high = numStrings - 1;
-    PRInt32 i;
-    PRErrorCode num;
-    static int initDone;
-
-    /* make sure table is in ascending order.
-     * binary search depends on it.
-     */
-    if (!initDone) {
-	PRErrorCode lastNum = (PRInt32)0x80000000;
-    	for (i = low; i <= high; ++i) {
-	    num = errStrings[i].errNum;
-	    if (num <= lastNum) {
-	    	fprintf(stderr, 
-"sequence error in error strings at item %d\n"
-"error %d (%s)\n"
-"should come after \n"
-"error %d (%s)\n",
-		        i, lastNum, errStrings[i-1].errString, 
-			num, errStrings[i].errString);
-	    }
-	    lastNum = num;
-	}
-	initDone = 1;
-    }
-
-    /* Do binary search of table. */
-    while (low + 1 < high) {
-    	i = (low + high) / 2;
-	num = errStrings[i].errNum;
-	if (errNum == num) 
-	    return errStrings[i].errString;
-        if (errNum < num)
-	    high = i;
-	else 
-	    low = i;
-    }
-    if (errNum == errStrings[low].errNum)
-    	return errStrings[low].errString;
-    if (errNum == errStrings[high].errNum)
-    	return errStrings[high].errString;
-    return NULL;
-}
--- a/mozilla/security/nss/cmd/SSLsample/sslsample.c
+++ b/mozilla/security/nss/cmd/SSLsample/sslsample.c
@@ -1,594 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-#include "sslsample.h"
-#include "sslerror.h"
-
-/* Declare SSL cipher suites. */
-
-int ssl2CipherSuites[] = {
-	SSL_EN_RC4_128_WITH_MD5,              /* A */
-	SSL_EN_RC4_128_EXPORT40_WITH_MD5,     /* B */
-	SSL_EN_RC2_128_CBC_WITH_MD5,          /* C */
-	SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5, /* D */
-	SSL_EN_DES_64_CBC_WITH_MD5,           /* E */
-	SSL_EN_DES_192_EDE3_CBC_WITH_MD5,     /* F */
-	0
-};
-
-int ssl3CipherSuites[] = {
-	-1, /* SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA  a */
-	-1, /* SSL_FORTEZZA_DMS_WITH_RC4_128_SHA * b */
-	SSL_RSA_WITH_RC4_128_MD5,               /* c */
-	SSL_RSA_WITH_3DES_EDE_CBC_SHA,          /* d */
-	SSL_RSA_WITH_DES_CBC_SHA,               /* e */
-	SSL_RSA_EXPORT_WITH_RC4_40_MD5,         /* f */
-	SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5,     /* g */
-	-1, /* SSL_FORTEZZA_DMS_WITH_NULL_SHA,   * h */
-	SSL_RSA_WITH_NULL_MD5,                  /* i */
-	SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA,     /* j */
-	SSL_RSA_FIPS_WITH_DES_CBC_SHA,          /* k */
-	TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA,    /* l */
-	TLS_RSA_EXPORT1024_WITH_RC4_56_SHA,     /* m */
-	0
-};
-
-/**************************************************************************
-** 
-** SSL callback routines.
-**
-**************************************************************************/
-
-/* Function: char * myPasswd()
- * 
- * Purpose: This function is our custom password handler that is called by
- * SSL when retreiving private certs and keys from the database. Returns a
- * pointer to a string that with a password for the database. Password pointer
- * should point to dynamically allocated memory that will be freed later.
- */
-char *
-myPasswd(PK11SlotInfo *info, PRBool retry, void *arg)
-{
-	char * passwd = NULL;
-
-	if ( (!retry) && arg ) {
-		passwd = PORT_Strdup((char *)arg);
-	}
-
-	return passwd;
-}
-
-/* Function: SECStatus myAuthCertificate()
- *
- * Purpose: This function is our custom certificate authentication handler.
- * 
- * Note: This implementation is essentially the same as the default 
- *       SSL_AuthCertificate().
- */
-SECStatus 
-myAuthCertificate(void *arg, PRFileDesc *socket, 
-                  PRBool checksig, PRBool isServer) 
-{
-
-	SECCertUsage        certUsage;
-	CERTCertificate *   cert;
-	void *              pinArg;
-	char *              hostName;
-	SECStatus           secStatus;
-
-	if (!arg || !socket) {
-		errWarn("myAuthCertificate");
-		return SECFailure;
-	}
-
-	/* Define how the cert is being used based upon the isServer flag. */
-
-	certUsage = isServer ? certUsageSSLClient : certUsageSSLServer;
-
-	cert = SSL_PeerCertificate(socket);
-	
-	pinArg = SSL_RevealPinArg(socket);
-
-	secStatus = CERT_VerifyCertNow((CERTCertDBHandle *)arg,
-	                               cert,
-	                               checksig,
-	                               certUsage,
-	                               pinArg);
-
-	/* If this is a server, we're finished. */
-	if (isServer || secStatus != SECSuccess) {
-		CERT_DestroyCertificate(cert);
-		return secStatus;
-	}
-
-	/* Certificate is OK.  Since this is the client side of an SSL
-	 * connection, we need to verify that the name field in the cert
-	 * matches the desired hostname.  This is our defense against
-	 * man-in-the-middle attacks.
-	 */
-
-	/* SSL_RevealURL returns a hostName, not an URL. */
-	hostName = SSL_RevealURL(socket);
-
-	if (hostName && hostName[0]) {
-		secStatus = CERT_VerifyCertName(cert, hostName);
-	} else {
-		PR_SetError(SSL_ERROR_BAD_CERT_DOMAIN, 0);
-		secStatus = SECFailure;
-	}
-
-	if (hostName)
-		PR_Free(hostName);
-
-	CERT_DestroyCertificate(cert);
-	return secStatus;
-}
-
-/* Function: SECStatus myBadCertHandler()
- *
- * Purpose: This callback is called when the incoming certificate is not
- * valid. We define a certain set of parameters that still cause the
- * certificate to be "valid" for this session, and return SECSuccess to cause
- * the server to continue processing the request when any of these conditions
- * are met. Otherwise, SECFailure is return and the server rejects the 
- * request.
- */
-SECStatus 
-myBadCertHandler(void *arg, PRFileDesc *socket) 
-{
-
-    SECStatus	secStatus = SECFailure;
-    PRErrorCode	err;
-
-    /* log invalid cert here */
-
-    if (!arg) {
-		return secStatus;
-    }
-
-    *(PRErrorCode *)arg = err = PORT_GetError();
-
-    /* If any of the cases in the switch are met, then we will proceed   */
-    /* with the processing of the request anyway. Otherwise, the default */	
-    /* case will be reached and we will reject the request.              */
-
-    switch (err) {
-    case SEC_ERROR_INVALID_AVA:
-    case SEC_ERROR_INVALID_TIME:
-    case SEC_ERROR_BAD_SIGNATURE:
-    case SEC_ERROR_EXPIRED_CERTIFICATE:
-    case SEC_ERROR_UNKNOWN_ISSUER:
-    case SEC_ERROR_UNTRUSTED_CERT:
-    case SEC_ERROR_CERT_VALID:
-    case SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE:
-    case SEC_ERROR_CRL_EXPIRED:
-    case SEC_ERROR_CRL_BAD_SIGNATURE:
-    case SEC_ERROR_EXTENSION_VALUE_INVALID:
-    case SEC_ERROR_CA_CERT_INVALID:
-    case SEC_ERROR_CERT_USAGES_INVALID:
-    case SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION:
-		secStatus = SECSuccess;
-	break;
-    default:
-		secStatus = SECFailure;
-	break;
-    }
-
-	printf("Bad certificate: %d, %s\n", err, SSL_Strerror(err));
-
-    return secStatus;
-}
-
-/* Function: SECStatus ownGetClientAuthData()
- *
- * Purpose: This callback is used by SSL to pull client certificate 
- * information upon server request.
- */
-SECStatus 
-myGetClientAuthData(void *arg,
-                    PRFileDesc *socket,
-                    struct CERTDistNamesStr *caNames,
-                    struct CERTCertificateStr **pRetCert,
-                    struct SECKEYPrivateKeyStr **pRetKey) 
-{
-
-    CERTCertificate *  cert;
-    SECKEYPrivateKey * privKey;
-    char *             chosenNickName = (char *)arg;
-    void *             proto_win      = NULL;
-    SECStatus          secStatus      = SECFailure;
-
-    proto_win = SSL_RevealPinArg(socket);
-
-    if (chosenNickName) {
-		cert = PK11_FindCertFromNickname(chosenNickName, proto_win);
-		if (cert) {
-		    privKey = PK11_FindKeyByAnyCert(cert, proto_win);
-		    if (privKey) {
-				secStatus = SECSuccess;
-		    } else {
-				CERT_DestroyCertificate(cert);
-		    }
-		}
-    } else { /* no nickname given, automatically find the right cert */
-	CERTCertNicknames *names;
-	int                i;
-
-	names = CERT_GetCertNicknames(CERT_GetDefaultCertDB(), 
-				      SEC_CERT_NICKNAMES_USER, proto_win);
-
-	if (names != NULL) {
-	    for(i = 0; i < names->numnicknames; i++ ) {
-
-		cert = PK11_FindCertFromNickname(names->nicknames[i], 
-						 proto_win);
-		if (!cert) {
-		    continue;
-		}
-
-		/* Only check unexpired certs */
-		if (CERT_CheckCertValidTimes(cert, PR_Now(), PR_FALSE)
-		      != secCertTimeValid ) {
-		    CERT_DestroyCertificate(cert);
-		    continue;
-		}
-
-		secStatus = NSS_CmpCertChainWCANames(cert, caNames);
-		if (secStatus == SECSuccess) {
-		    privKey = PK11_FindKeyByAnyCert(cert, proto_win);
-		    if (privKey) {
-			break;
-		    }
-		    secStatus = SECFailure;
-		    break;
-		}
-	    } /* for loop */
-	    CERT_FreeNicknames(names);
-	}
-    }
-
-    if (secStatus == SECSuccess) {
-		*pRetCert = cert;
-		*pRetKey  = privKey;
-    }
-
-    return secStatus;
-}
-
-/* Function: SECStatus myHandshakeCallback()
- *
- * Purpose: Called by SSL to inform application that the handshake is
- * complete. This function is mostly used on the server side of an SSL
- * connection, although it is provided for a client as well.
- * Useful when a non-blocking SSL_ReHandshake or SSL_ResetHandshake 
- * is used to initiate a handshake.
- *
- * A typical scenario would be:
- *
- * 1. Server accepts an SSL connection from the client without client auth.
- * 2. Client sends a request.
- * 3. Server determines that to service request it needs to authenticate the
- * client and initiates another handshake requesting client auth.
- * 4. While handshake is in progress, server can do other work or spin waiting
- * for the handshake to complete.
- * 5. Server is notified that handshake has been successfully completed by
- * the custom handshake callback function and it can service the client's
- * request.
- *
- * Note: This function is not implemented in this sample, as we are using
- * blocking sockets.
- */
-SECStatus 
-myHandshakeCallback(PRFileDesc *socket, void *arg) 
-{
-    printf("Handshake has completed, ready to send data securely.\n");
-    return SECSuccess;
-}
-
-
-/**************************************************************************
-** 
-** Routines for disabling SSL ciphers.
-**
-**************************************************************************/
-
-void
-disableAllSSLCiphers(void)
-{
-    const PRUint16 *cipherSuites = SSL_ImplementedCiphers;
-    int             i            = SSL_NumImplementedCiphers;
-    SECStatus       rv;
-
-    /* disable all the SSL3 cipher suites */
-    while (--i >= 0) {
-	PRUint16 suite = cipherSuites[i];
-        rv = SSL_CipherPrefSetDefault(suite, PR_FALSE);
-	if (rv != SECSuccess) {
-	    printf("SSL_CipherPrefSetDefault didn't like value 0x%04x (i = %d)\n",
-	    	   suite, i);
-	    errWarn("SSL_CipherPrefSetDefault");
-	    exit(2);
-	}
-    }
-}
-
-/**************************************************************************
-** 
-** Error and information routines.
-**
-**************************************************************************/
-
-void
-errWarn(char *function)
-{
-	PRErrorCode  errorNumber = PR_GetError();
-	const char * errorString = SSL_Strerror(errorNumber);
-
-	printf("Error in function %s: %d\n - %s\n",
-			function, errorNumber, errorString);
-}
-
-void
-exitErr(char *function)
-{
-	errWarn(function);
-	/* Exit gracefully. */
-	/* ignoring return value of NSS_Shutdown as code exits with 1*/
-	(void) NSS_Shutdown();
-	PR_Cleanup();
-	exit(1);
-}
-
-void 
-printSecurityInfo(PRFileDesc *fd)
-{
-	char * cp;	/* bulk cipher name */
-	char * ip;	/* cert issuer DN */
-	char * sp;	/* cert subject DN */
-	int    op;	/* High, Low, Off */
-	int    kp0;	/* total key bits */
-	int    kp1;	/* secret key bits */
-	int    result;
-	SSL3Statistics * ssl3stats = SSL_GetStatistics();
-
-	result = SSL_SecurityStatus(fd, &op, &cp, &kp0, &kp1, &ip, &sp);
-	if (result != SECSuccess)
-		return;
-	printf("bulk cipher %s, %d secret key bits, %d key bits, status: %d\n"
-		   "subject DN: %s\n"
-	   "issuer	DN: %s\n", cp, kp1, kp0, op, sp, ip);
-	PR_Free(cp);
-	PR_Free(ip);
-	PR_Free(sp);
-
-	printf("%ld cache hits; %ld cache misses, %ld cache not reusable\n",
-		ssl3stats->hch_sid_cache_hits, ssl3stats->hch_sid_cache_misses,
-	ssl3stats->hch_sid_cache_not_ok);
-
-}
-
-
-/**************************************************************************
-** Begin thread management routines and data.
-**************************************************************************/
-
-void
-thread_wrapper(void * arg)
-{
-	GlobalThreadMgr *threadMGR = (GlobalThreadMgr *)arg;
-	perThread *slot = &threadMGR->threads[threadMGR->index];
-
-	/* wait for parent to finish launching us before proceeding. */
-	PR_Lock(threadMGR->threadLock);
-	PR_Unlock(threadMGR->threadLock);
-
-	slot->rv = (* slot->startFunc)(slot->a, slot->b);
-
-	PR_Lock(threadMGR->threadLock);
-	slot->running = rs_zombie;
-
-	/* notify the thread exit handler. */
-	PR_NotifyCondVar(threadMGR->threadEndQ);
-
-	PR_Unlock(threadMGR->threadLock);
-}
-
-SECStatus
-launch_thread(GlobalThreadMgr *threadMGR,
-              startFn         *startFunc,
-              void            *a,
-              int              b)
-{
-	perThread *slot;
-	int        i;
-
-	if (!threadMGR->threadStartQ) {
-		threadMGR->threadLock   = PR_NewLock();
-		threadMGR->threadStartQ = PR_NewCondVar(threadMGR->threadLock);
-		threadMGR->threadEndQ   = PR_NewCondVar(threadMGR->threadLock);
-	}
-	PR_Lock(threadMGR->threadLock);
-	while (threadMGR->numRunning >= MAX_THREADS) {
-		PR_WaitCondVar(threadMGR->threadStartQ, PR_INTERVAL_NO_TIMEOUT);
-	}
-	for (i = 0; i < threadMGR->numUsed; ++i) {
-		slot = &threadMGR->threads[i];
-		if (slot->running == rs_idle) 
-			break;
-	}
-	if (i >= threadMGR->numUsed) {
-		if (i >= MAX_THREADS) {
-			/* something's really wrong here. */
-			PORT_Assert(i < MAX_THREADS);
-			PR_Unlock(threadMGR->threadLock);
-			return SECFailure;
-		}
-		++(threadMGR->numUsed);
-		PORT_Assert(threadMGR->numUsed == i + 1);
-		slot = &threadMGR->threads[i];
-	}
-
-	slot->a = a;
-	slot->b = b;
-	slot->startFunc = startFunc;
-
-	threadMGR->index = i;
-
-	slot->prThread = PR_CreateThread(PR_USER_THREAD,
-	                                 thread_wrapper, threadMGR,
-	                                 PR_PRIORITY_NORMAL, PR_GLOBAL_THREAD,
-	                                 PR_JOINABLE_THREAD, 0);
-
-	if (slot->prThread == NULL) {
-		PR_Unlock(threadMGR->threadLock);
-		printf("Failed to launch thread!\n");
-		return SECFailure;
-	} 
-
-	slot->inUse   = 1;
-	slot->running = 1;
-	++(threadMGR->numRunning);
-	PR_Unlock(threadMGR->threadLock);
-	printf("Launched thread in slot %d \n", threadMGR->index);
-
-	return SECSuccess;
-}
-
-SECStatus 
-reap_threads(GlobalThreadMgr *threadMGR)
-{
-	perThread * slot;
-	int			i;
-
-	if (!threadMGR->threadLock)
-		return 0;
-	PR_Lock(threadMGR->threadLock);
-	while (threadMGR->numRunning > 0) {
-	    PR_WaitCondVar(threadMGR->threadEndQ, PR_INTERVAL_NO_TIMEOUT);
-	    for (i = 0; i < threadMGR->numUsed; ++i) {
-		slot = &threadMGR->threads[i];
-		if (slot->running == rs_zombie)  {
-		    /* Handle cleanup of thread here. */
-		    printf("Thread in slot %d returned %d\n", i, slot->rv);
-
-		    /* Now make sure the thread has ended OK. */
-		    PR_JoinThread(slot->prThread);
-		    slot->running = rs_idle;
-		    --threadMGR->numRunning;
-
-		    /* notify the thread launcher. */
-		    PR_NotifyCondVar(threadMGR->threadStartQ);
-		}
-	    }
-	}
-
-	/* Safety Sam sez: make sure count is right. */
-	for (i = 0; i < threadMGR->numUsed; ++i) {
-		slot = &threadMGR->threads[i];
-		if (slot->running != rs_idle)  {
-			fprintf(stderr, "Thread in slot %d is in state %d!\n", 
-			                 i, slot->running);
-		}
-	}
-	PR_Unlock(threadMGR->threadLock);
-	return 0;
-}
-
-void
-destroy_thread_data(GlobalThreadMgr *threadMGR)
-{
-	PORT_Memset(threadMGR->threads, 0, sizeof(threadMGR->threads));
-
-	if (threadMGR->threadEndQ) {
-		PR_DestroyCondVar(threadMGR->threadEndQ);
-		threadMGR->threadEndQ = NULL;
-	}
-	if (threadMGR->threadStartQ) {
-		PR_DestroyCondVar(threadMGR->threadStartQ);
-		threadMGR->threadStartQ = NULL;
-	}
-	if (threadMGR->threadLock) {
-		PR_DestroyLock(threadMGR->threadLock);
-		threadMGR->threadLock = NULL;
-	}
-}
-
-/**************************************************************************
-** End	 thread management routines.
-**************************************************************************/
-
-void 
-lockedVars_Init( lockedVars * lv)
-{
-	lv->count	= 0;
-	lv->waiters = 0;
-	lv->lock	= PR_NewLock();
-	lv->condVar = PR_NewCondVar(lv->lock);
-}
-
-void
-lockedVars_Destroy( lockedVars * lv)
-{
-	PR_DestroyCondVar(lv->condVar);
-	lv->condVar = NULL;
-
-	PR_DestroyLock(lv->lock);
-	lv->lock = NULL;
-}
-
-void
-lockedVars_WaitForDone(lockedVars * lv)
-{
-	PR_Lock(lv->lock);
-	while (lv->count > 0) {
-		PR_WaitCondVar(lv->condVar, PR_INTERVAL_NO_TIMEOUT);
-	}
-	PR_Unlock(lv->lock);
-}
-
-int	/* returns count */
-lockedVars_AddToCount(lockedVars * lv, int addend)
-{
-	int rv;
-
-	PR_Lock(lv->lock);
-	rv = lv->count += addend;
-	if (rv <= 0) {
-	PR_NotifyCondVar(lv->condVar);
-	}
-	PR_Unlock(lv->lock);
-	return rv;
-}
--- a/mozilla/security/nss/cmd/SSLsample/sslsample.h
+++ b/mozilla/security/nss/cmd/SSLsample/sslsample.h
@@ -1,180 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-#ifndef SSLSAMPLE_H
-#define SSLSAMPLE_H
-
-/* Generic header files */
-
-#include <stdio.h>
-#include <string.h>
-
-/* NSPR header files */
-
-#include "nspr.h"
-#include "prerror.h"
-#include "prnetdb.h"
-
-/* NSS header files */
-
-#include "pk11func.h"
-#include "secitem.h"
-#include "ssl.h"
-#include "certt.h"
-#include "nss.h"
-#include "secder.h"
-#include "key.h"
-#include "sslproto.h"
-
-/* Custom header files */
-
-/*
-#include "sslerror.h"
-*/
-
-#define BUFFER_SIZE 10240
-
-/* Declare SSL cipher suites. */
-
-extern int cipherSuites[];
-extern int ssl2CipherSuites[];
-extern int ssl3CipherSuites[];
-
-/* Data buffer read from a socket. */
-typedef struct DataBufferStr {
-	char data[BUFFER_SIZE];
-	int  index;
-	int  remaining;
-	int  dataStart;
-	int  dataEnd;
-} DataBuffer;
-
-/* SSL callback routines. */
-
-char * myPasswd(PK11SlotInfo *info, PRBool retry, void *arg);
-
-SECStatus myAuthCertificate(void *arg, PRFileDesc *socket,
-                            PRBool checksig, PRBool isServer);
-
-SECStatus myBadCertHandler(void *arg, PRFileDesc *socket);
-
-SECStatus myHandshakeCallback(PRFileDesc *socket, void *arg);
-
-SECStatus myGetClientAuthData(void *arg, PRFileDesc *socket,
-                              struct CERTDistNamesStr *caNames,
-                              struct CERTCertificateStr **pRetCert,
-                              struct SECKEYPrivateKeyStr **pRetKey);
-
-/* Disable all v2/v3 SSL ciphers. */
-
-void disableAllSSLCiphers(void);
-
-
-/* Error and information utilities. */
-
-void errWarn(char *function);
-
-void exitErr(char *function);
-
-void printSecurityInfo(PRFileDesc *fd);
-
-/* Some simple thread management routines. */
-
-#define MAX_THREADS 32
-
-typedef SECStatus startFn(void *a, int b);
-
-typedef enum { rs_idle = 0, rs_running = 1, rs_zombie = 2 } runState;
-
-typedef struct perThreadStr {
-	PRFileDesc *a;
-	int         b;
-	int         rv;
-	startFn    *startFunc;
-	PRThread   *prThread;
-	PRBool      inUse;
-	runState    running;
-} perThread;
-
-typedef struct GlobalThreadMgrStr {
-	PRLock	  *threadLock;
-	PRCondVar *threadStartQ;
-	PRCondVar *threadEndQ;
-	perThread  threads[MAX_THREADS];
-	int        index;
-	int        numUsed;
-	int        numRunning;
-} GlobalThreadMgr;
-
-void thread_wrapper(void * arg);
-
-SECStatus launch_thread(GlobalThreadMgr *threadMGR, 
-                        startFn *startFunc, void *a, int b);
-
-SECStatus reap_threads(GlobalThreadMgr *threadMGR);
-
-void destroy_thread_data(GlobalThreadMgr *threadMGR);
-
-/* Management of locked variables. */
-
-struct lockedVarsStr {
-	PRLock *    lock;
-	int         count;
-	int         waiters;
-	PRCondVar * condVar;
-};
-
-typedef struct lockedVarsStr lockedVars;
-
-void lockedVars_Init(lockedVars *lv);
-
-void lockedVars_Destroy(lockedVars *lv);
-
-void lockedVars_WaitForDone(lockedVars *lv);
-
-int lockedVars_AddToCount(lockedVars *lv, int addend);
-
-/* Buffer stuff. */
-
-static const char stopCmd[] = { "GET /stop " };
-static const char defaultHeader[] = {
-	"HTTP/1.0 200 OK\r\n"
-	"Server: SSL sample server\r\n"
-	"Content-type: text/plain\r\n"
-	"\r\n"
-};
-
-#endif
--- a/mozilla/security/nss/cmd/addbuiltin/Makefile
+++ b/mozilla/security/nss/cmd/addbuiltin/Makefile
@@ -1,80 +0,0 @@
-#! gmake
-# 
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../platlibs.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-include ../platrules.mk
- 
--- a/mozilla/security/nss/cmd/addbuiltin/addbuiltin.c
+++ b/mozilla/security/nss/cmd/addbuiltin/addbuiltin.c
@@ -1,391 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-/*
- * Tool for converting builtin CA certs.
- *
- * $Id: addbuiltin.c,v 1.14 2007-02-14 00:35:52 alexei.volkov.bugs%sun.com Exp $
- */
-
-#include "nssrenam.h"
-#include "nss.h"
-#include "cert.h"
-#include "certdb.h"
-#include "secutil.h"
-#include "pk11func.h"
-
-#if defined(WIN32)
-#include <fcntl.h>
-#include <io.h>
-#endif
-
-void dumpbytes(unsigned char *buf, int len)
-{
-    int i;
-    for (i=0; i < len; i++) {
-	if ((i !=0) && ((i & 0xf) == 0)) {
-	    printf("\n");
-	}
-	printf("\\%03o",buf[i]);
-    }
-    printf("\n");
-}
-
-char *getTrustString(unsigned int trust)
-{
-    if (trust & CERTDB_TRUSTED) {
-	if (trust & CERTDB_TRUSTED_CA) {
-		return "CKT_NETSCAPE_TRUSTED_DELEGATOR|CKT_NETSCAPE_TRUSTED";
-	} else {
-		return "CKT_NETSCAPE_TRUSTED";
-	}
-    } else {
-	if (trust & CERTDB_TRUSTED_CA) {
-		return "CKT_NETSCAPE_TRUSTED_DELEGATOR";
-	} else if (trust & CERTDB_VALID_CA) {
-		return "CKT_NETSCAPE_VALID_DELEGATOR";
-	} else {
-		return "CKT_NETSCAPE_TRUST_UNKNOWN";
-	}
-    }
-    return "CKT_NETSCAPE_TRUST_UNKNOWN"; /* not reached */
-}
-
-static const SEC_ASN1Template serialTemplate[] = {
-    { SEC_ASN1_INTEGER, offsetof(CERTCertificate,serialNumber) },
-    { 0 }
-};
-
-static SECStatus
-ConvertCertificate(SECItem *sdder, char *nickname, CERTCertTrust *trust)
-{
-    SECStatus rv = SECSuccess;
-    CERTCertificate *cert;
-    unsigned char sha1_hash[SHA1_LENGTH];
-    unsigned char md5_hash[MD5_LENGTH];
-    SECItem *serial = NULL;
-
-    cert = CERT_DecodeDERCertificate(sdder, PR_FALSE, nickname);
-    if (!cert) {
-	return SECFailure;
-    }
-    serial = SEC_ASN1EncodeItem(NULL,NULL,cert,serialTemplate);
-    if (!serial) {
-	return SECFailure;
-    }
-
-    printf("\n#\n# Certificate \"%s\"\n#\n",nickname);
-    printf("CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE\n");
-    printf("CKA_TOKEN CK_BBOOL CK_TRUE\n");
-    printf("CKA_PRIVATE CK_BBOOL CK_FALSE\n");
-    printf("CKA_MODIFIABLE CK_BBOOL CK_FALSE\n");
-    printf("CKA_LABEL UTF8 \"%s\"\n",nickname);
-    printf("CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509\n");
-    printf("CKA_SUBJECT MULTILINE_OCTAL\n");
-    dumpbytes(cert->derSubject.data,cert->derSubject.len);
-    printf("END\n");
-    printf("CKA_ID UTF8 \"0\"\n");
-    printf("CKA_ISSUER MULTILINE_OCTAL\n");
-    dumpbytes(cert->derIssuer.data,cert->derIssuer.len);
-    printf("END\n");
-    printf("CKA_SERIAL_NUMBER MULTILINE_OCTAL\n");
-    dumpbytes(serial->data,serial->len);
-    printf("END\n");
-    printf("CKA_VALUE MULTILINE_OCTAL\n");
-    dumpbytes(sdder->data,sdder->len);
-    printf("END\n");
-
-    PK11_HashBuf(SEC_OID_SHA1, sha1_hash, sdder->data, sdder->len);
-    PK11_HashBuf(SEC_OID_MD5, md5_hash, sdder->data, sdder->len);
-    printf("\n# Trust for Certificate \"%s\"\n",nickname);
-    printf("CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST\n");
-    printf("CKA_TOKEN CK_BBOOL CK_TRUE\n");
-    printf("CKA_PRIVATE CK_BBOOL CK_FALSE\n");
-    printf("CKA_MODIFIABLE CK_BBOOL CK_FALSE\n");
-    printf("CKA_LABEL UTF8 \"%s\"\n",nickname);
-    printf("CKA_CERT_SHA1_HASH MULTILINE_OCTAL\n");
-    dumpbytes(sha1_hash,SHA1_LENGTH);
-    printf("END\n");
-    printf("CKA_CERT_MD5_HASH MULTILINE_OCTAL\n");
-    dumpbytes(md5_hash,MD5_LENGTH);
-    printf("END\n");
-
-    printf("CKA_ISSUER MULTILINE_OCTAL\n");
-    dumpbytes(cert->derIssuer.data,cert->derIssuer.len);
-    printf("END\n");
-    printf("CKA_SERIAL_NUMBER MULTILINE_OCTAL\n");
-    dumpbytes(serial->data,serial->len);
-    printf("END\n");
-    
-    printf("CKA_TRUST_SERVER_AUTH CK_TRUST %s\n",
-				 getTrustString(trust->sslFlags));
-    printf("CKA_TRUST_EMAIL_PROTECTION CK_TRUST %s\n",
-				 getTrustString(trust->emailFlags));
-    printf("CKA_TRUST_CODE_SIGNING CK_TRUST %s\n",
-				 getTrustString(trust->objectSigningFlags));
-#ifdef notdef
-    printf("CKA_TRUST_CLIENT_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED\n");*/
-    printf("CKA_TRUST_DIGITAL_SIGNATURE CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n");
-    printf("CKA_TRUST_NON_REPUDIATION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n");
-    printf("CKA_TRUST_KEY_ENCIPHERMENT CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n");
-    printf("CKA_TRUST_DATA_ENCIPHERMENT CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n");
-    printf("CKA_TRUST_KEY_AGREEMENT CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n");
-    printf("CKA_TRUST_KEY_CERT_SIGN CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n");
-#endif
-    printf("CKA_TRUST_STEP_UP_APPROVED CK_BBOOL %s\n",
-                trust->sslFlags & CERTDB_GOVT_APPROVED_CA ? 
-                "CK_TRUE" : "CK_FALSE");
-
-
-    PORT_Free(sdder->data);
-    return(rv);
-
-}
-
-void printheader() {
-    printf("# \n"
-"# ***** BEGIN LICENSE BLOCK *****\n"
-"# Version: MPL 1.1/GPL 2.0/LGPL 2.1\n"
-"#\n"
-"# The contents of this file are subject to the Mozilla Public License Version\n"
-"# 1.1 (the \"License\"); you may not use this file except in compliance with\n"
-"# the License. You may obtain a copy of the License at\n"
-"# http://www.mozilla.org/MPL/\n"
-"#\n"
-"# Software distributed under the License is distributed on an \"AS IS\" basis,\n"
-"# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License\n"
-"# for the specific language governing rights and limitations under the\n"
-"# License.\n"
-"#\n"
-"# The Original Code is the Netscape security libraries..\n"
-"#\n"
-"# The Initial Developer of the Original Code is\n"
-"# Netscape Communications Corporation.\n"
-"# Portions created by the Initial Developer are Copyright (C) 1994-2000\n"
-"# the Initial Developer. All Rights Reserved.\n"
-"#\n"
-"# Contributor(s):\n"
-"#\n"
-"# Alternatively, the contents of this file may be used under the terms of\n"
-"# either the GNU General Public License Version 2 or later (the \"GPL\"), or\n"
-"# the GNU Lesser General Public License Version 2.1 or later (the \"LGPL\"),\n"
-"# in which case the provisions of the GPL or the LGPL are applicable instead\n"
-"# of those above. If you wish to allow use of your version of this file only\n"
-"# under the terms of either the GPL or the LGPL, and not to allow others to\n"
-"# use your version of this file under the terms of the MPL, indicate your\n"
-"# decision by deleting the provisions above and replace them with the notice\n"
-"# and other provisions required by the GPL or the LGPL. If you do not delete\n"
-"# the provisions above, a recipient may use your version of this file under\n"
-"# the terms of any one of the MPL, the GPL or the LGPL.\n"
-"#\n"
-"# ***** END LICENSE BLOCK *****\n"
-     "#\n"
-     "CVS_ID \"@(#) $RCSfile: addbuiltin.c,v $ $Revision: 1.14 $ $Date: 2007-02-14 00:35:52 $\"\n"
-     "\n"
-     "#\n"
-     "# certdata.txt\n"
-     "#\n"
-     "# This file contains the object definitions for the certs and other\n"
-     "# information \"built into\" NSS.\n"
-     "#\n"
-     "# Object definitions:\n"
-     "#\n"
-     "#    Certificates\n"
-     "#\n"
-     "#  -- Attribute --          -- type --              -- value --\n"
-     "#  CKA_CLASS                CK_OBJECT_CLASS         CKO_CERTIFICATE\n"
-     "#  CKA_TOKEN                CK_BBOOL                CK_TRUE\n"
-     "#  CKA_PRIVATE              CK_BBOOL                CK_FALSE\n"
-     "#  CKA_MODIFIABLE           CK_BBOOL                CK_FALSE\n"
-     "#  CKA_LABEL                UTF8                    (varies)\n"
-     "#  CKA_CERTIFICATE_TYPE     CK_CERTIFICATE_TYPE     CKC_X_509\n"
-     "#  CKA_SUBJECT              DER+base64              (varies)\n"
-     "#  CKA_ID                   byte array              (varies)\n"
-     "#  CKA_ISSUER               DER+base64              (varies)\n"
-     "#  CKA_SERIAL_NUMBER        DER+base64              (varies)\n"
-     "#  CKA_VALUE                DER+base64              (varies)\n"
-     "#  CKA_NETSCAPE_EMAIL       ASCII7                  (unused here)\n"
-     "#\n"
-     "#    Trust\n"
-     "#\n"
-     "#  -- Attribute --              -- type --          -- value --\n"
-     "#  CKA_CLASS                    CK_OBJECT_CLASS     CKO_TRUST\n"
-     "#  CKA_TOKEN                    CK_BBOOL            CK_TRUE\n"
-     "#  CKA_PRIVATE                  CK_BBOOL            CK_FALSE\n"
-     "#  CKA_MODIFIABLE               CK_BBOOL            CK_FALSE\n"
-     "#  CKA_LABEL                    UTF8                (varies)\n"
-     "#  CKA_ISSUER                   DER+base64          (varies)\n"
-     "#  CKA_SERIAL_NUMBER            DER+base64          (varies)\n"
-     "#  CKA_CERT_HASH                binary+base64       (varies)\n"
-     "#  CKA_EXPIRES                  CK_DATE             (not used here)\n"
-     "#  CKA_TRUST_DIGITAL_SIGNATURE  CK_TRUST            (varies)\n"
-     "#  CKA_TRUST_NON_REPUDIATION    CK_TRUST            (varies)\n"
-     "#  CKA_TRUST_KEY_ENCIPHERMENT   CK_TRUST            (varies)\n"
-     "#  CKA_TRUST_DATA_ENCIPHERMENT  CK_TRUST            (varies)\n"
-     "#  CKA_TRUST_KEY_AGREEMENT      CK_TRUST            (varies)\n"
-     "#  CKA_TRUST_KEY_CERT_SIGN      CK_TRUST            (varies)\n"
-     "#  CKA_TRUST_CRL_SIGN           CK_TRUST            (varies)\n"
-     "#  CKA_TRUST_SERVER_AUTH        CK_TRUST            (varies)\n"
-     "#  CKA_TRUST_CLIENT_AUTH        CK_TRUST            (varies)\n"
-     "#  CKA_TRUST_CODE_SIGNING       CK_TRUST            (varies)\n"
-     "#  CKA_TRUST_EMAIL_PROTECTION   CK_TRUST            (varies)\n"
-     "#  CKA_TRUST_IPSEC_END_SYSTEM   CK_TRUST            (varies)\n"
-     "#  CKA_TRUST_IPSEC_TUNNEL       CK_TRUST            (varies)\n"
-     "#  CKA_TRUST_IPSEC_USER         CK_TRUST            (varies)\n"
-     "#  CKA_TRUST_TIME_STAMPING      CK_TRUST            (varies)\n"
-     "#  (other trust attributes can be defined)\n"
-     "#\n"
-     "\n"
-     "#\n"
-     "# The object to tell NSS that this is a root list and we don't\n"
-     "# have to go looking for others.\n"
-     "#\n"
-     "BEGINDATA\n"
-     "CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_BUILTIN_ROOT_LIST\n"
-     "CKA_TOKEN CK_BBOOL CK_TRUE\n"
-     "CKA_PRIVATE CK_BBOOL CK_FALSE\n"
-     "CKA_MODIFIABLE CK_BBOOL CK_FALSE\n"
-     "CKA_LABEL UTF8 \"Mozilla Builtin Roots\"\n");
-}
-
-static void Usage(char *progName)
-{
-    fprintf(stderr, "%s -n nickname -t trust [-i certfile]\n", progName);
-    fprintf(stderr, 
-            "\tRead a der-encoded cert from certfile or stdin, and output\n"
-            "\tit to stdout in a format suitable for the builtin root module.\n"
-            "\tExample: %s -n MyCA -t \"C,C,C\" -i myca.der >> certdata.txt\n"
-            "\t(pipe through atob if the cert is b64-encoded)\n", progName);
-    fprintf(stderr, "%-15s nickname to assign to builtin cert.\n", 
-                    "-n nickname");
-    fprintf(stderr, "%-15s trust flags (cCTpPuw).\n", "-t trust");
-    fprintf(stderr, "%-15s file to read (default stdin)\n", "-i certfile");
-    exit(-1);
-}
-
-enum {
-    opt_Input = 0,
-    opt_Nickname,
-    opt_Trust
-};
-
-static secuCommandFlag addbuiltin_options[] =
-{
-	{ /* opt_Input         */  'i', PR_TRUE, 0, PR_FALSE },
-	{ /* opt_Nickname      */  'n', PR_TRUE, 0, PR_FALSE },
-	{ /* opt_Trust         */  't', PR_TRUE, 0, PR_FALSE }
-};
-
-int main(int argc, char **argv)
-{
-    SECStatus rv;
-    char *nickname;
-    char *trusts;
-    char *progName;
-    PRFileDesc *infile;
-    CERTCertTrust trust = { 0 };
-    SECItem derCert = { 0 };
-
-    secuCommand addbuiltin = { 0 };
-    addbuiltin.numOptions = sizeof(addbuiltin_options)/sizeof(secuCommandFlag);
-    addbuiltin.options = addbuiltin_options;
-
-    progName = strrchr(argv[0], '/');
-    progName = progName ? progName+1 : argv[0];
-
-    rv = SECU_ParseCommandLine(argc, argv, progName, &addbuiltin);
-
-    if (rv != SECSuccess)
-	Usage(progName);
-
-    if (!addbuiltin.options[opt_Nickname].activated &&
-        !addbuiltin.options[opt_Trust].activated) {
-	fprintf(stderr, "%s: you must specify both a nickname and trust.\n",
-		progName);
-	Usage(progName);
-    }
-
-    if (addbuiltin.options[opt_Input].activated) {
-	infile = PR_Open(addbuiltin.options[opt_Input].arg, PR_RDONLY, 00660);
-	if (!infile) {
-	    fprintf(stderr, "%s: failed to open input file.\n", progName);
-	    exit(1);
-	}
-    } else {
-#if defined(WIN32)
-	/* If we're going to read binary data from stdin, we must put stdin
-	** into O_BINARY mode or else incoming \r\n's will become \n's,
-	** and latin-1 characters will be altered.
-	*/
-
-	int smrv = _setmode(_fileno(stdin), _O_BINARY);
-	if (smrv == -1) {
-	    fprintf(stderr,
-	    "%s: Cannot change stdin to binary mode. Use -i option instead.\n",
-	            progName);
-	    exit(1);
-	}
-#endif
-	infile = PR_STDIN;
-    }
-
-    nickname = strdup(addbuiltin.options[opt_Nickname].arg);
-    trusts = strdup(addbuiltin.options[opt_Trust].arg);
-
-    NSS_NoDB_Init(NULL);
-
-    rv = CERT_DecodeTrustString(&trust, trusts);
-    if (rv) {
-	fprintf(stderr, "%s: incorrectly formatted trust string.\n", progName);
-	Usage(progName);
-    }
-
-    SECU_FileToItem(&derCert, infile);
-    
-    /*printheader();*/
-
-    rv = ConvertCertificate(&derCert, nickname, &trust);
-    if (rv) {
-	fprintf(stderr, "%s: failed to convert certificate.\n", progName);
-	exit(1);
-    }
-    
-    if (NSS_Shutdown() != SECSuccess) {
-        exit(1);
-    }
-
-    return(SECSuccess);
-}
--- a/mozilla/security/nss/cmd/addbuiltin/manifest.mn
+++ b/mozilla/security/nss/cmd/addbuiltin/manifest.mn
@@ -1,52 +0,0 @@
-# 
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header  directories are implicitly REQUIRED.
-MODULE = nss 
-
-CSRCS = \
-	addbuiltin.c \
-	$(NULL)
-
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = seccmd
-
-PROGRAM = addbuiltin
-
--- a/mozilla/security/nss/cmd/atob/Makefile
+++ b/mozilla/security/nss/cmd/atob/Makefile
@@ -1,80 +0,0 @@
-#! gmake
-# 
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../platlibs.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-include ../platrules.mk
-
--- a/mozilla/security/nss/cmd/atob/atob.c
+++ b/mozilla/security/nss/cmd/atob/atob.c
@@ -1,180 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-#include "plgetopt.h"
-#include "secutil.h"
-#include "nssb64.h"
-#include <errno.h>
-
-#if defined(XP_WIN) || (defined(__sun) && !defined(SVR4))
-#if !defined(WIN32)
-extern int fread(char *, size_t, size_t, FILE*);
-extern int fwrite(char *, size_t, size_t, FILE*);
-extern int fprintf(FILE *, char *, ...);
-#endif
-#endif
-
-#if defined(WIN32)
-#include "fcntl.h"
-#include "io.h"
-#endif
-
-static PRInt32 
-output_binary (void *arg, const unsigned char *obuf, PRInt32 size)
-{
-    FILE *outFile = arg;
-    int nb;
-
-    nb = fwrite(obuf, 1, size, outFile);
-    if (nb != size) {
-	PORT_SetError(SEC_ERROR_IO);
-	return -1;
-    }
-
-    return nb;
-}
-
-static SECStatus
-decode_file(FILE *outFile, FILE *inFile)
-{
-    NSSBase64Decoder *cx;
-    int nb;
-    SECStatus status = SECFailure;
-    char ibuf[4096];
-
-    cx = NSSBase64Decoder_Create(output_binary, outFile);
-    if (!cx) {
-	return -1;
-    }
-
-    for (;;) {
-	if (feof(inFile)) break;
-	nb = fread(ibuf, 1, sizeof(ibuf), inFile);
-	if (nb != sizeof(ibuf)) {
-	    if (nb == 0) {
-		if (ferror(inFile)) {
-		    PORT_SetError(SEC_ERROR_IO);
-		    goto loser;
-		}
-		/* eof */
-		break;
-	    }
-	}
-
-	status = NSSBase64Decoder_Update(cx, ibuf, nb);
-	if (status != SECSuccess) goto loser;
-    }
-
-    return NSSBase64Decoder_Destroy(cx, PR_FALSE);
-
-  loser:
-    (void) NSSBase64Decoder_Destroy(cx, PR_TRUE);
-    return status;
-}
-
-static void Usage(char *progName)
-{
-    fprintf(stderr,
-	    "Usage: %s [-i input] [-o output]\n",
-	    progName);
-    fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n",
-	    "-i input");
-    fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n",
-	    "-o output");
-    exit(-1);
-}
-
-int main(int argc, char **argv)
-{
-    char *progName;
-    SECStatus rv;
-    FILE *inFile, *outFile;
-    PLOptState *optstate;
-    PLOptStatus status;
-
-    inFile = 0;
-    outFile = 0;
-    progName = strrchr(argv[0], '/');
-    progName = progName ? progName+1 : argv[0];
-
-    /* Parse command line arguments */
-    optstate = PL_CreateOptState(argc, argv, "i:o:");
-    while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
-	switch (optstate->option) {
-	  case '?':
-	    Usage(progName);
-	    break;
-
-	  case 'i':
-	    inFile = fopen(optstate->value, "r");
-	    if (!inFile) {
-		fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
-			progName, optstate->value);
-		return -1;
-	    }
-	    break;
-
-	  case 'o':
-	    outFile = fopen(optstate->value, "wb");
-	    if (!outFile) {
-		fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
-			progName, optstate->value);
-		return -1;
-	    }
-	    break;
-	}
-    }
-    if (!inFile) inFile = stdin;
-    if (!outFile) {
-#if defined(WIN32)
-	int smrv = _setmode(_fileno(stdout), _O_BINARY);
-	if (smrv == -1) {
-	    fprintf(stderr,
-	    "%s: Cannot change stdout to binary mode. Use -o option instead.\n",
-	            progName);
-	    return smrv;
-	}
-#endif
-    	outFile = stdout;
-    }
-    rv = decode_file(outFile, inFile);
-    if (rv != SECSuccess) {
-	fprintf(stderr, "%s: lossage: error=%d errno=%d\n",
-		progName, PORT_GetError(), errno);
-	return -1;
-    }
-    return 0;
-}
--- a/mozilla/security/nss/cmd/atob/manifest.mn
+++ b/mozilla/security/nss/cmd/atob/manifest.mn
@@ -1,54 +0,0 @@
-# 
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-CORE_DEPTH	= ../../..
-
-# MODULE public and private header  directories are implicitly REQUIRED.
-MODULE = nss 
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = seccmd dbm 
-
-DEFINES = -DNSPR20
-
-CSRCS = atob.c
-
-PROGRAM	= atob
-
--- a/mozilla/security/nss/cmd/bltest/Makefile
+++ b/mozilla/security/nss/cmd/bltest/Makefile
@@ -1,86 +0,0 @@
-#! gmake
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-#MKPROG = purify -cache-dir=/u/mcgreer/pcache -best-effort \
-#	-always-use-cache-dir $(CC)
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../platlibs.mk
-
-#EXTRA_SHARED_LIBS += \
-#	-L/usr/lib \
-#	-lposix4 \
-#	$(NULL)
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-include ../platrules.mk
--- a/mozilla/security/nss/cmd/bltest/blapitest.c
+++ b/mozilla/security/nss/cmd/bltest/blapitest.c
--- a/mozilla/security/nss/cmd/bltest/manifest.mn
+++ b/mozilla/security/nss/cmd/bltest/manifest.mn
@@ -1,58 +0,0 @@
-# 
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-CORE_DEPTH = ../../..
-
-MODULE = nss
-
-REQUIRES = seccmd dbm softoken
-
-INCLUDES += -I$(CORE_DEPTH)/nss/lib/softoken
-
-PROGRAM = bltest
-
- USE_STATIC_LIBS = 1
-
-EXPORTS = \
-	$(NULL)
-
-PRIVATE_EXPORTS = \
-	$(NULL)
-
-CSRCS = \
-	blapitest.c \
-	$(NULL)
-
--- a/mozilla/security/nss/cmd/bltest/tests/README
+++ b/mozilla/security/nss/cmd/bltest/tests/README
@@ -1,49 +0,0 @@
-This directory contains a set of tests for each cipher supported by
-BLAPI.  Each subdirectory contains known plaintext and ciphertext pairs
-(and keys and/or iv's if needed).  The tests can be run as a full set
-with:
-    bltest -T
-or as subsets, for example:
-    bltest -T -m des_ecb,md2,rsa
-
-In each subdirectory, the plaintext, key, and iv are ascii, and treated
-as such.  The ciphertext is base64-encoded to avoid the hassle of binary
-files.
-
-To add a test, incremement the value in the numtests file.  Create a
-plaintext, key, and iv file, such that the name of the file is
-incrememted one from the last set of tests.  For example, if you are
-adding the second test, put your data in files named plaintext1, key1,
-and iv1 (ignoring key and iv if they are not needed, of course).  Make
-sure your key and iv are the correct number of bytes for your cipher (a
-trailing \n is okay, but any other trailing bytes will be used!).  Once
-you have your input data, create output data by running bltest on a
-trusted implementation.  For example, for a new DES ECB test, run
-    bltest -E -m des_ecb -i plaintext1 -k key1 -o ciphertext1 -a in the
-tests/des_ecb directory.  Then run
-    bltest -T des_ecb from the cmd/bltest directory in the tree of the
-implementation you want to test.
-
-Note that the -a option above is important, it tells bltest to expect
-the input to be straight ASCII, and not base64 encoded binary!
-
-Special cases:
-
-RC5:
-RC5 can take additional parameters, the number of rounds to perform and
-the wordsize to use.  The number of rounds is between is between 0 and
-255, and the wordsize is either is either 16, 32, or 64 bits (at this
-time only 32-bit is supported).  These parameters are specified in a
-paramsN file, where N is an index as above.  The format of the file is
-"rounds=R\nwordsize=W\n".
-
-public key modes (RSA and DSA):
-Asymmetric key ciphers use keys with special properties, so creating a
-key file with "Mozilla!" in it will not get you very far!  To create a
-public key, run bltest with the plaintext you want to encrypt, using a
-trusted implementation.  bltest will generate a key and store it in
-"tmp.key", rename that file to keyN.  For example:
-    bltest -E -m rsa -i plaintext0 -o ciphertext0 -e 65537 -g 32 -a
-    mv tmp.key key0
-
-[note: specifying a keysize (-g) when using RSA is important!]
--- a/mozilla/security/nss/cmd/bltest/tests/aes_cbc/ciphertext0
+++ b/mozilla/security/nss/cmd/bltest/tests/aes_cbc/ciphertext0
@@ -1 +0,0 @@
-oJLgOzZ1GiWt3DGo2sPKaA==
--- a/mozilla/security/nss/cmd/bltest/tests/aes_cbc/iv0
+++ b/mozilla/security/nss/cmd/bltest/tests/aes_cbc/iv0
@@ -1 +0,0 @@
-qwertyuiopasdfgh
--- a/mozilla/security/nss/cmd/bltest/tests/aes_cbc/key0
+++ b/mozilla/security/nss/cmd/bltest/tests/aes_cbc/key0
@@ -1 +0,0 @@
-fedcba9876543210
--- a/mozilla/security/nss/cmd/bltest/tests/aes_cbc/numtests
+++ b/mozilla/security/nss/cmd/bltest/tests/aes_cbc/numtests
@@ -1 +0,0 @@
-1
--- a/mozilla/security/nss/cmd/bltest/tests/aes_cbc/plaintext0
+++ b/mozilla/security/nss/cmd/bltest/tests/aes_cbc/plaintext0
@@ -1 +0,0 @@
-0123456789abcdef
--- a/mozilla/security/nss/cmd/bltest/tests/aes_ecb/ciphertext0
+++ b/mozilla/security/nss/cmd/bltest/tests/aes_ecb/ciphertext0
@@ -1 +0,0 @@
-PVuaCIiaKQhblgFCbVMTTg==
--- a/mozilla/security/nss/cmd/bltest/tests/aes_ecb/key0
+++ b/mozilla/security/nss/cmd/bltest/tests/aes_ecb/key0
@@ -1 +0,0 @@
-fedcba9876543210
--- a/mozilla/security/nss/cmd/bltest/tests/aes_ecb/numtests
+++ b/mozilla/security/nss/cmd/bltest/tests/aes_ecb/numtests
@@ -1 +0,0 @@
-1
--- a/mozilla/security/nss/cmd/bltest/tests/aes_ecb/plaintext0
+++ b/mozilla/security/nss/cmd/bltest/tests/aes_ecb/plaintext0
@@ -1 +0,0 @@
-0123456789abcdef
--- a/mozilla/security/nss/cmd/bltest/tests/camellia_cbc/ciphertext0
+++ b/mozilla/security/nss/cmd/bltest/tests/camellia_cbc/ciphertext0
@@ -1 +0,0 @@
-taydfPlRJe3wf8Td0xJ9Tw==
--- a/mozilla/security/nss/cmd/bltest/tests/camellia_cbc/ciphertext1
+++ b/mozilla/security/nss/cmd/bltest/tests/camellia_cbc/ciphertext1
@@ -1 +0,0 @@
-yoYCZwKnUMcS4ADHxnwObA==
--- a/mozilla/security/nss/cmd/bltest/tests/camellia_cbc/ciphertext2
+++ b/mozilla/security/nss/cmd/bltest/tests/camellia_cbc/ciphertext2
@@ -1 +0,0 @@
-T+Wn4cs1Sbqrh/XtNd4vzQ==
--- a/mozilla/security/nss/cmd/bltest/tests/camellia_cbc/iv0
+++ b/mozilla/security/nss/cmd/bltest/tests/camellia_cbc/iv0
@@ -1 +0,0 @@
-qwertyuiopasdfgh
--- a/mozilla/security/nss/cmd/bltest/tests/camellia_cbc/key0
+++ b/mozilla/security/nss/cmd/bltest/tests/camellia_cbc/key0
@@ -1 +0,0 @@
-fedcba9876543210
--- a/mozilla/security/nss/cmd/bltest/tests/camellia_cbc/key1
+++ b/mozilla/security/nss/cmd/bltest/tests/camellia_cbc/key1
@@ -1 +0,0 @@
-fedcba9876543210fedcba98
--- a/mozilla/security/nss/cmd/bltest/tests/camellia_cbc/key2
+++ b/mozilla/security/nss/cmd/bltest/tests/camellia_cbc/key2
@@ -1 +0,0 @@
-fedcba9876543210fedcba9876543210
--- a/mozilla/security/nss/cmd/bltest/tests/camellia_cbc/numtests
+++ b/mozilla/security/nss/cmd/bltest/tests/camellia_cbc/numtests
@@ -1 +0,0 @@
-3
--- a/mozilla/security/nss/cmd/bltest/tests/camellia_cbc/plaintext0
+++ b/mozilla/security/nss/cmd/bltest/tests/camellia_cbc/plaintext0
@@ -1 +0,0 @@
-0123456789abcdef
--- a/mozilla/security/nss/cmd/bltest/tests/camellia_ecb/ciphertext0
+++ b/mozilla/security/nss/cmd/bltest/tests/camellia_ecb/ciphertext0
@@ -1 +0,0 @@
-6v0CGxSwow3AhsyhunfdbQ==
--- a/mozilla/security/nss/cmd/bltest/tests/camellia_ecb/ciphertext1
+++ b/mozilla/security/nss/cmd/bltest/tests/camellia_ecb/ciphertext1
@@ -1 +0,0 @@
-Nf1GwJiBtZT+VPJp+gBhPA==
--- a/mozilla/security/nss/cmd/bltest/tests/camellia_ecb/ciphertext2
+++ b/mozilla/security/nss/cmd/bltest/tests/camellia_ecb/ciphertext2
@@ -1 +0,0 @@
-ilB/0K3SI86Oecwh7cruGA==
--- a/mozilla/security/nss/cmd/bltest/tests/camellia_ecb/key0
+++ b/mozilla/security/nss/cmd/bltest/tests/camellia_ecb/key0
@@ -1 +0,0 @@
-fedcba9876543210
--- a/mozilla/security/nss/cmd/bltest/tests/camellia_ecb/key1
+++ b/mozilla/security/nss/cmd/bltest/tests/camellia_ecb/key1
@@ -1 +0,0 @@
-fedcba9876543210fedcba98
--- a/mozilla/security/nss/cmd/bltest/tests/camellia_ecb/key2
+++ b/mozilla/security/nss/cmd/bltest/tests/camellia_ecb/key2
@@ -1 +0,0 @@
-fedcba9876543210fedcba9876543210
--- a/mozilla/security/nss/cmd/bltest/tests/camellia_ecb/numtests
+++ b/mozilla/security/nss/cmd/bltest/tests/camellia_ecb/numtests
@@ -1 +0,0 @@
-3
--- a/mozilla/security/nss/cmd/bltest/tests/camellia_ecb/plaintext0
+++ b/mozilla/security/nss/cmd/bltest/tests/camellia_ecb/plaintext0
@@ -1 +0,0 @@
-0123456789abcdef
--- a/mozilla/security/nss/cmd/bltest/tests/des3_cbc/ciphertext0
+++ b/mozilla/security/nss/cmd/bltest/tests/des3_cbc/ciphertext0
@@ -1 +0,0 @@
-KV3MDNGKWOc=
--- a/mozilla/security/nss/cmd/bltest/tests/des3_cbc/iv0
+++ b/mozilla/security/nss/cmd/bltest/tests/des3_cbc/iv0
@@ -1 +0,0 @@
-12345678
--- a/mozilla/security/nss/cmd/bltest/tests/des3_cbc/key0
+++ b/mozilla/security/nss/cmd/bltest/tests/des3_cbc/key0
@@ -1 +0,0 @@
-abcdefghijklmnopqrstuvwx
--- a/mozilla/security/nss/cmd/bltest/tests/des3_cbc/numtests
+++ b/mozilla/security/nss/cmd/bltest/tests/des3_cbc/numtests
@@ -1 +0,0 @@
-1
--- a/mozilla/security/nss/cmd/bltest/tests/des3_cbc/plaintext0
+++ b/mozilla/security/nss/cmd/bltest/tests/des3_cbc/plaintext0
@@ -1 +0,0 @@
-Mozilla!
--- a/mozilla/security/nss/cmd/bltest/tests/des3_ecb/ciphertext0
+++ b/mozilla/security/nss/cmd/bltest/tests/des3_ecb/ciphertext0
@@ -1 +0,0 @@
-RgckVNh4QcM=
--- a/mozilla/security/nss/cmd/bltest/tests/des3_ecb/key0
+++ b/mozilla/security/nss/cmd/bltest/tests/des3_ecb/key0
@@ -1 +0,0 @@
-abcdefghijklmnopqrstuvwx
--- a/mozilla/security/nss/cmd/bltest/tests/des3_ecb/numtests
+++ b/mozilla/security/nss/cmd/bltest/tests/des3_ecb/numtests
@@ -1 +0,0 @@
-1
--- a/mozilla/security/nss/cmd/bltest/tests/des3_ecb/plaintext0
+++ b/mozilla/security/nss/cmd/bltest/tests/des3_ecb/plaintext0
@@ -1 +0,0 @@
-Mozilla!
--- a/mozilla/security/nss/cmd/bltest/tests/des_cbc/ciphertext0
+++ b/mozilla/security/nss/cmd/bltest/tests/des_cbc/ciphertext0
@@ -1 +0,0 @@
-Perdg9FMYQ4=
--- a/mozilla/security/nss/cmd/bltest/tests/des_cbc/iv0
+++ b/mozilla/security/nss/cmd/bltest/tests/des_cbc/iv0
@@ -1 +0,0 @@
-12345678
--- a/mozilla/security/nss/cmd/bltest/tests/des_cbc/key0
+++ b/mozilla/security/nss/cmd/bltest/tests/des_cbc/key0
@@ -1 +0,0 @@
-zyxwvuts
--- a/mozilla/security/nss/cmd/bltest/tests/des_cbc/numtests
+++ b/mozilla/security/nss/cmd/bltest/tests/des_cbc/numtests
@@ -1 +0,0 @@
-1
--- a/mozilla/security/nss/cmd/bltest/tests/des_cbc/plaintext0
+++ b/mozilla/security/nss/cmd/bltest/tests/des_cbc/plaintext0
@@ -1 +0,0 @@
-Mozilla!
--- a/mozilla/security/nss/cmd/bltest/tests/des_ecb/ciphertext0
+++ b/mozilla/security/nss/cmd/bltest/tests/des_ecb/ciphertext0
@@ -1 +0,0 @@
-3bNoWzzNiFc=
--- a/mozilla/security/nss/cmd/bltest/tests/des_ecb/key0
+++ b/mozilla/security/nss/cmd/bltest/tests/des_ecb/key0
@@ -1 +0,0 @@
-zyxwvuts
--- a/mozilla/security/nss/cmd/bltest/tests/des_ecb/numtests
+++ b/mozilla/security/nss/cmd/bltest/tests/des_ecb/numtests
@@ -1 +0,0 @@
-1
--- a/mozilla/security/nss/cmd/bltest/tests/des_ecb/plaintext0
+++ b/mozilla/security/nss/cmd/bltest/tests/des_ecb/plaintext0
@@ -1 +0,0 @@
-Mozilla!
--- a/mozilla/security/nss/cmd/bltest/tests/dsa/ciphertext0
+++ b/mozilla/security/nss/cmd/bltest/tests/dsa/ciphertext0
@@ -1 +0,0 @@
-fB0bnKWvjT6X5NIkZ5l/Y/DXZ6QNI6j0iPhR/ZERkfj67xRnTWY1cg==
--- a/mozilla/security/nss/cmd/bltest/tests/dsa/key0
+++ b/mozilla/security/nss/cmd/bltest/tests/dsa/key0
@@ -1,6 +0,0 @@
-AAAAQI3ypJRJInaqPSV1m7BoacvqwNg6+40M98u4Mk8NeILl0HYvxbchDq/C6a2s
-Mqt6rElpPfv4NyTC7Ac27jHIApEAAAAUx3MhjHN+yO6ZO08t7TD0jtrOkV8AAABA
-Ym0CeDnqChNBMWOlW0y1ACmdVSKVbO/LO/8Q85nOLC5xy53l+iS6v1jlt5Uhklyc
-xC6fb0ZLCIzFcq9T5teIAgAAAEAZExhx11sWEqgZ8p140bDXNG96p3u2KoWb/WxW
-ddqdIS06Nu8Wcu9mC4x8JVzA7HSFj7oz9EwGaZYwp2sDDuMzAAAAFCBwsyI9ujcv
-3hwP/HsuO0mLJgYU
--- a/mozilla/security/nss/cmd/bltest/tests/dsa/keyseed0
+++ b/mozilla/security/nss/cmd/bltest/tests/dsa/keyseed0
@@ -1 +0,0 @@
-AAAAAAAAAAAAAAAAAAAAAAAAAAA=
--- a/mozilla/security/nss/cmd/bltest/tests/dsa/numtests
+++ b/mozilla/security/nss/cmd/bltest/tests/dsa/numtests
@@ -1 +0,0 @@
-1
--- a/mozilla/security/nss/cmd/bltest/tests/dsa/plaintext0
+++ b/mozilla/security/nss/cmd/bltest/tests/dsa/plaintext0
@@ -1 +0,0 @@
-qZk+NkcGgWq6PiVxeFDCbJzQ2J0=
--- a/mozilla/security/nss/cmd/bltest/tests/dsa/pqg0
+++ b/mozilla/security/nss/cmd/bltest/tests/dsa/pqg0
@@ -1,4 +0,0 @@
-AAAAQI3ypJRJInaqPSV1m7BoacvqwNg6+40M98u4Mk8NeILl0HYvxbchDq/C6a2s
-Mqt6rElpPfv4NyTC7Ac27jHIApEAAAAUx3MhjHN+yO6ZO08t7TD0jtrOkV8AAABA
-Ym0CeDnqChNBMWOlW0y1ACmdVSKVbO/LO/8Q85nOLC5xy53l+iS6v1jlt5Uhklyc
-xC6fb0ZLCIzFcq9T5teIAg==
--- a/mozilla/security/nss/cmd/bltest/tests/dsa/sigseed0
+++ b/mozilla/security/nss/cmd/bltest/tests/dsa/sigseed0
@@ -1 +0,0 @@
-aHpm2QZI+ZOGfhIfTd+d2wEgVYQ=
--- a/mozilla/security/nss/cmd/bltest/tests/ecdsa/README
+++ b/mozilla/security/nss/cmd/bltest/tests/ecdsa/README
@@ -1,22 +0,0 @@
-0  secp160k1
-1  secp160r1
-2  secp160r2
-3  nistk163
-4  sect163r1
-5  nistb163
-6  secp192k1
-7  nistp192
-8  secp224k1
-9  nistp224
-10 nistk233
-11 nistb233
-12 nistp256
-13 nistk283
-14 nistb283
-15 nistp384
-16 nistk409
-17 nistb409
-18 nistk571
-19 nistb571
-# the following tests are not yet implemented
-#20 nistp521
--- a/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext0
+++ b/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext0
@@ -1 +0,0 @@
-GoWqve3YezF7HOABQjioFL/3oq32oM9pHsGTQTJE7aFE62nItVqAdg==
--- a/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext1
+++ b/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext1
@@ -1 +0,0 @@
-PM6xHbiwP6Xcb44mg7BHtaJvd8PkxgvHAB1sh2cF0so3naFf0Tj6vQ==
--- a/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext10
+++ b/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext10
@@ -1,2 +0,0 @@
-AF3bbyED08NTrUgKmag9HiuUbaW0skXA/Bp9RPjRAD6M0rp3nvLDKozI940jxPP1
-nWpHF7VcyCVzJeV6
--- a/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext11
+++ b/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext11
@@ -1,2 +0,0 @@
-AOLrxy4FWd29ToUjOwLs6GyQ+dYZN6NkZ8oVO6dsAEXt55ePlCWZbOtmk6v9PrNG
-JOsY/MHnGhDeAGRl
--- a/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext12
+++ b/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext12
@@ -1,2 +0,0 @@
-aQHMte9cFByD9Ff3rZOPOtPI75luPoxemmgjXIgh/9jEeoTdDk8xuAYQUkayCfs+
-DpDaGnOLkfAyZ8GcuaCujg==
--- a/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext13
+++ b/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext13
@@ -1,2 +0,0 @@
-AaeVCRJQPbpTqa1+zLd/8xAbkz3KKTr0dlS4tuGC8hc9j5esAeEv+7IklbA3v5Jz
-jC+nJy4p81iNO5E9H8nfGGckfQSiFzHG
--- a/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext14
+++ b/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext14
@@ -1,2 +0,0 @@
-AgU0N7zJPg/1UxmCWD5Z+DqDqkRKjy4heFgayCyopb/u4XErAZArgsjashAxzMKC
-PSDJasPT90T5Va8sNtjXtSpHWxc2roV9
--- a/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext15
+++ b/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext15
@@ -1,2 +0,0 @@
-NXo8is+7lAoOwWGt7+GBbT/UX8LGs8TXEHBI+tX9311pJ4J3pfBYobgN0ZK6ZBtp
-dS6PkrPaQp0S9nrfTOS5uAH95eD1eymRfCbOnjTUKzLuIn53V17vRjdcDtLzrhzX
--- a/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext16
+++ b/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext16
@@ -1,3 +0,0 @@
-ADhxjBz/ACTy4GJlL0tYZpyNpC4DsXND9lJuU7x9N7g6gkpJyBPw3vBYU1olw6PH
-dnegpgAm4Gh6MCsZB4KBcLwl1wjt4B3p2eqEqDYn5fiie5f4XuRomvI92jR5Sb+I
-nBLCHIppt/Q=
--- a/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext17
+++ b/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext17
@@ -1,3 +0,0 @@
-AGhHQ6kfdZRgu1svQTXEIewvFVglnUy6ANPumyUbM14AEfRkCUNa1uzvhV1sbWYj
-qT3egQCA9MTjThDNJeDOvvL6hVVOryUv4+C3RtkpQGCtdml+CSsjVTej8h9JbMds
-Dme40b2G6fE=
--- a/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext18
+++ b/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext18
@@ -1,3 +0,0 @@
-AGBuqk48tufy0bKEWpu+xEHsmi+6KCfdwOSRwLDnpVetGe9AWknHDzeTSwe0QxcE
-RsEkUZGDpxfzUlCLSSSU+ErrYY/uyLV2AJTb3prB6A2YNwdmFGeRbDoxeOu7FuQA
-3gxBQhR+TGMuskeM+BdHFmFrwvTTdHCGzjTBa5S8mbgEJTfeik/it28T/9i+duZ8
--- a/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext19
+++ b/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext19
@@ -1,3 +0,0 @@
-AaiotJfCiWU1d2LFe+t0CcWHDSF7EOlApWYJ+RNRSq8TbkXJIzi6abbb7BovtRwf
-i/COYwjS7OnkFQ6x5Pdrb7OZ0dTAdDRXAKtXWSKR20Y4fhnx/HUxisFwKrsCEQ3O
-uVtwDG8rh5V8zjBnCEcs5Iy9CsklucibR0PIyglVmW+ZuY42YNebuOC2VUKqHNF7
--- a/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext2
+++ b/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext2
@@ -1 +0,0 @@
-Vli8Hau3xL8oder6ZdM9Y3fMd92jbguiMq6F+9CUjlUQXy5EwAVGeg==
--- a/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext20
+++ b/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext20
@@ -1,3 +0,0 @@
-ALAM5hGnex7TvBbSEzDlfv+n5g7aWyRyZsBbl2Y6wW1plSovbq2GcV6w1ZV1Vlot
-70zbqkKyNApvTi3xoD4Ens6pAeLMYDILwaQhnyJZWQv3etbWqUKJZNgfH1IDj03k
-n9hbjYLX3y4bc4CnrhOiv5Ab34s7M8wUYcjC+DbHwhLl/S6N
--- a/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext3
+++ b/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext3
@@ -1 +0,0 @@
-AFohw5TN/dpmqbhp/T4z1Rl1boAUA6r9eEPJbYN0zf+eHZzyvezxqjxU
--- a/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext4
+++ b/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext4
@@ -1 +0,0 @@
-AtJdCPXn5yQW34jekhsnsNmaMOeeA3KIVl1d2+7pb6QycUAzYccgwSrp
--- a/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext5
+++ b/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext5
@@ -1 +0,0 @@
-AzEg0sOGHwxd0o3cv+o9dsRPOzXMAdpgtI6O0uUmVN2+a5qI5FYQlItz
--- a/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext6
+++ b/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext6
@@ -1 +0,0 @@
-5+HDXH/ieN8Bzxd3dfxKZoqbbhsm7jyeqWdemt6Xy0kx+7zwSYsh9Ng5KRdy6wtA
--- a/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext7
+++ b/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext7
@@ -1 +0,0 @@
-WcS9umnUASP0X6lHvkWJwPY37ZVvAMLBERHLjL3Vzg6QVjwcS8kDVortTFei3aTx
--- a/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext8
+++ b/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext8
@@ -1,2 +0,0 @@
-ItpmPaGAaoe2feXPbh5+EASLGnEzyYbEnwJ+JFNSOQcoY4a/cMV2rn8FYyBsEDiZ
-LPDBU0i2uOg=
--- a/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext9
+++ b/mozilla/security/nss/cmd/bltest/tests/ecdsa/ciphertext9
@@ -1,2 +0,0 @@
-QjzCVGRUjulOLqeBqC5xpY0GWomOrmQUCtImY0czn98a/jHrdgsSRKiMHukBUxM1
-TIRGjkV2L+A=
--- a/mozilla/security/nss/cmd/bltest/tests/ecdsa/key0
+++ b/mozilla/security/nss/cmd/bltest/tests/ecdsa/key0
@@ -1,2 +0,0 @@
-AAAABwYFK4EEAAkAAAApBPiF0ntSFtn41JULxlA1l/lHE/zUPGJWkCqtdOryS6yD
-WFCoF/IHwHsAAAAUcw+b2b1AJUlmezgu5EjmAGPC0YQ=
--- a/mozilla/security/nss/cmd/bltest/tests/ecdsa/key1
+++ b/mozilla/security/nss/cmd/bltest/tests/ecdsa/key1
@@ -1,2 +0,0 @@
-AAAABwYFK4EEAAgAAAApBI80VWK9xatmkFRiDTcdeFQ0T9h3h6iVOinMURyWZw0T
-5vZqd8/gvwwAAAAUYOQMjDdtNSL5zY0nVWPWY+UJoqQ=
--- a/mozilla/security/nss/cmd/bltest/tests/ecdsa/key10
+++ b/mozilla/security/nss/cmd/bltest/tests/ecdsa/key10
@@ -1,3 +0,0 @@
-AAAABwYFK4EEABoAAAA9BACmzalMQJBOWV2FoyV0tXSpT07Xajq4bB1SUwSY7QGn
-dgGC3GBqjPs9vEpqfMMQ2M9k3+5oubWnexNFhQAAAB4BRha/6sE7VSHl92ZqCj5p
-LYtBpK23jzfdVWO8SAY=
--- a/mozilla/security/nss/cmd/bltest/tests/ecdsa/key11
+++ b/mozilla/security/nss/cmd/bltest/tests/ecdsa/key11
@@ -1,3 +0,0 @@
-AAAABwYFK4EEABsAAAA9BAD2/x9HSYYVEQ9AU4MivlIKPypJjsm0sTrp8BftlQGv
-KaYrKpZCg/CEw3C2kqvke7HAu+10hafK9asRxQAAAB4AXyFCurtsXhahkyJpkb5J
-LUg3xVL00vviR0KyFZY=
--- a/Show More
+++ b/Show More
				`@@ -1 +0,0 @@`
				`fB0bnKWvjT6X5NIkZ5l/Y/DXZ6QNI6j0iPhR/ZERkfj67xRnTWY1cg==`
				`@@ -1 +0,0 @@`
				`GoWqve3YezF7HOABQjioFL/3oq32oM9pHsGTQTJE7aFE62nItVqAdg==`
				`@@ -1 +0,0 @@`
				`PM6xHbiwP6Xcb44mg7BHtaJvd8PkxgvHAB1sh2cF0so3naFf0Tj6vQ==`
				`@@ -1 +0,0 @@`
				`Vli8Hau3xL8oder6ZdM9Y3fMd92jbguiMq6F+9CUjlUQXy5EwAVGeg==`
				`@@ -1 +0,0 @@`
				`AFohw5TN/dpmqbhp/T4z1Rl1boAUA6r9eEPJbYN0zf+eHZzyvezxqjxU`
				`@@ -1 +0,0 @@`
				`AtJdCPXn5yQW34jekhsnsNmaMOeeA3KIVl1d2+7pb6QycUAzYccgwSrp`
				`@@ -1 +0,0 @@`
				`AzEg0sOGHwxd0o3cv+o9dsRPOzXMAdpgtI6O0uUmVN2+a5qI5FYQlItz`
				`@@ -1 +0,0 @@`
				`5+HDXH/ieN8Bzxd3dfxKZoqbbhsm7jyeqWdemt6Xy0kx+7zwSYsh9Ng5KRdy6wtA`
				`@@ -1 +0,0 @@`
				`WcS9umnUASP0X6lHvkWJwPY37ZVvAMLBERHLjL3Vzg6QVjwcS8kDVortTFei3aTx`