Update to NSS 3.29.3
This commit is contained in:
Daiki Ueno
parent
558fa42039
commit
28eafb607a
|
|
@ -14,3 +14,4 @@ TestUser51.cert
|
|||
/nss-3.27.0.tar.gz
|
||||
/nss-3.28.1.tar.gz
|
||||
/nss-3.28.3.tar.gz
|
||||
/nss-3.29.3.tar.gz
|
||||
|
|
|
|||
|
|
@ -1,55 +0,0 @@
|
|||
# HG changeset patch
|
||||
# User Tim Taubert <ttaubert@mozilla.com>
|
||||
# Date 1488574640 -3600
|
||||
# Fri Mar 03 21:57:20 2017 +0100
|
||||
# Branch NSS_3_28_BRANCH
|
||||
# Node ID b8145d465ad4086439c4e52df434d9046949127a
|
||||
# Parent 3b9ccd6b37c7242f69404fa4a444b43efb12e319
|
||||
Bug 1342358 - Make sure xtnData->remoteKeyShares was initialized before calling tls13_DestroyKeyShares() r=franziskus
|
||||
|
||||
Differential Revision: https://nss-review.dev.mozaws.net/D234
|
||||
|
||||
diff --git a/lib/ssl/ssl3con.c b/lib/ssl/ssl3con.c
|
||||
--- a/lib/ssl/ssl3con.c
|
||||
+++ b/lib/ssl/ssl3con.c
|
||||
@@ -13294,8 +13294,6 @@ ssl3_DestroySSL3Info(sslSocket *ss)
|
||||
tls13_DestroyEarlyData(&ss->ssl3.hs.bufferedEarlyData);
|
||||
|
||||
ss->ssl3.initialized = PR_FALSE;
|
||||
-
|
||||
- SECITEM_FreeItem(&ss->xtnData.nextProto, PR_FALSE);
|
||||
}
|
||||
|
||||
#define MAP_NULL(x) (((x) != 0) ? (x) : SEC_OID_NULL_CIPHER)
|
||||
diff --git a/lib/ssl/sslsock.c b/lib/ssl/sslsock.c
|
||||
--- a/lib/ssl/sslsock.c
|
||||
+++ b/lib/ssl/sslsock.c
|
||||
@@ -3704,6 +3704,7 @@ ssl_NewSocket(PRBool makeLocks, SSLProto
|
||||
PR_INIT_CLIST(&ss->ssl3.hs.lastMessageFlight);
|
||||
PR_INIT_CLIST(&ss->ssl3.hs.cipherSpecs);
|
||||
PR_INIT_CLIST(&ss->ssl3.hs.bufferedEarlyData);
|
||||
+ ssl3_InitExtensionData(&ss->xtnData);
|
||||
if (makeLocks) {
|
||||
rv = ssl_MakeLocks(ss);
|
||||
if (rv != SECSuccess)
|
||||
@@ -3715,7 +3716,6 @@ ssl_NewSocket(PRBool makeLocks, SSLProto
|
||||
rv = ssl3_InitGather(&ss->gs);
|
||||
if (rv != SECSuccess)
|
||||
goto loser;
|
||||
- ssl3_InitExtensionData(&ss->xtnData);
|
||||
return ss;
|
||||
|
||||
loser:
|
||||
diff --git a/lib/ssl/tls13con.c b/lib/ssl/tls13con.c
|
||||
--- a/lib/ssl/tls13con.c
|
||||
+++ b/lib/ssl/tls13con.c
|
||||
@@ -2853,6 +2853,9 @@ tls13_DestroyKeyShares(PRCList *list)
|
||||
{
|
||||
PRCList *cur_p;
|
||||
|
||||
+ /* The list must be initialized. */
|
||||
+ PORT_Assert(PR_LIST_HEAD(list));
|
||||
+
|
||||
while (!PR_CLIST_IS_EMPTY(list)) {
|
||||
cur_p = PR_LIST_TAIL(list);
|
||||
PR_REMOVE_LINK(cur_p);
|
||||
19
nss.spec
19
nss.spec
|
|
@ -1,6 +1,6 @@
|
|||
%global nspr_version 4.13.0
|
||||
%global nss_util_version 3.28.3
|
||||
%global nss_softokn_version 3.28.3
|
||||
%global nss_util_version 3.29.3
|
||||
%global nss_softokn_version 3.29.3
|
||||
%global unsupported_tools_directory %{_libdir}/nss/unsupported-tools
|
||||
%global allTools "certutil cmsutil crlutil derdump modutil pk12util signtool signver ssltap vfychain vfyserv"
|
||||
|
||||
|
|
@ -18,10 +18,10 @@
|
|||
|
||||
Summary: Network Security Services
|
||||
Name: nss
|
||||
Version: 3.28.3
|
||||
Version: 3.29.3
|
||||
# for Rawhide, please always use release >= 2
|
||||
# for Fedora release branches, please use release < 2 (1.0, 1.1, ...)
|
||||
Release: 1.1%{?dist}
|
||||
Release: 1.0%{?dist}
|
||||
License: MPLv2.0
|
||||
URL: http://www.mozilla.org/projects/security/pki/nss/
|
||||
Group: System Environment/Libraries
|
||||
|
|
@ -112,8 +112,6 @@ Patch58: rhbz1185708-enable-ecc-3des-ciphers-by-default.patch
|
|||
Patch59: nss-check-policy-file.patch
|
||||
# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1280846
|
||||
Patch62: nss-skip-util-gtest.patch
|
||||
# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1342358
|
||||
Patch63: nss-init-extension-data-early.patch
|
||||
|
||||
%description
|
||||
Network Security Services (NSS) is a set of libraries designed to
|
||||
|
|
@ -197,7 +195,6 @@ low level services.
|
|||
pushd nss
|
||||
%patch59 -p1 -b .check_policy_file
|
||||
%patch62 -p0 -b .skip_util_gtest
|
||||
%patch63 -p1 -b .init_extension_data_early
|
||||
popd
|
||||
|
||||
#########################################################
|
||||
|
|
@ -297,7 +294,7 @@ export IN_TREE_FREEBL_HEADERS_FIRST=1
|
|||
##### phase 2: build the rest of nss
|
||||
export NSS_BLTEST_NOT_AVAILABLE=1
|
||||
|
||||
# export NSS_ENABLE_TLS_1_3=1
|
||||
export NSS_DISABLE_TLS_1_3=1
|
||||
|
||||
%{__make} -C ./nss/coreconf
|
||||
%{__make} -C ./nss/lib/dbm
|
||||
|
|
@ -407,7 +404,7 @@ export USE_64
|
|||
|
||||
export NSS_BLTEST_NOT_AVAILABLE=1
|
||||
|
||||
# export NSS_ENABLE_TLS_1_3=1
|
||||
export NSS_DISABLE_TLS_1_3=1
|
||||
|
||||
# needed for the fips mangling test
|
||||
export SOFTOKEN_LIB_DIR=%{_libdir}
|
||||
|
|
@ -806,6 +803,10 @@ fi
|
|||
|
||||
|
||||
%changelog
|
||||
* Mon Mar 20 2017 Daiki Ueno <dueno@redhat.com> - 3.29.3-1.0
|
||||
- Rebase to NSS 3.29.3
|
||||
- Remove upstreamed patch for fixing crash in tls13_DestroyKeyShares
|
||||
|
||||
* Thu Mar 16 2017 Daiki Ueno <dueno@redhat.com> - 3.28.3-1.1
|
||||
- Fix crash in tls13_DestroyKeyShares
|
||||
|
||||
|
|
|
|||
2
sources
2
sources
|
|
@ -3,4 +3,4 @@ SHA512 (blank-cert9.db) = 2f8eab4c0612210ee47db8a3a80c1b58a0b43849551af78c7da403
|
|||
SHA512 (blank-key3.db) = 01f7314e9fc8a7c9aa997652624cfcde213d18a6b3bb31840c1a60bbd662e56b5bc3221d13874abb42ce78163b225a6dfce2e1326cf6dd29366ad9c28ba5a71c
|
||||
SHA512 (blank-key4.db) = 8fedae93af7163da23fe9492ea8e785a44c291604fa98e58438448efb69c85d3253fc22b926d5c3209c62e58a86038fd4d78a1c4c068bc00600a7f3e5382ebe7
|
||||
SHA512 (blank-secmod.db) = 06a2dbd861839ef6315093459328b500d3832333a34b30e6fac4a2503af337f014a4d319f0f93322409e719142904ce8bc08252ae9a4f37f30d4c3312e900310
|
||||
SHA512 (nss-3.28.3.tar.gz) = 77602600c8d1e1b432a3c6be804ad80b2f8c2d521baf8bbe123eee6ded24d2344b4941b883e42145cd1d4d9f93062a63c18747215fb7e226e2a2489a9edaa678
|
||||
SHA512 (nss-3.29.3.tar.gz) = eebc479521dc4e64565929620f60bf457875a2b21d7b5dc2b67f4e4279bfb1a814c31a7b17638052cec44ede9fb686a3ff776cd2239271142100e0fd5f769519
|
||||
|
|
|
|||
Loading…
Reference in New Issue