Update to NSS 3.36.0
This commit is contained in:
Daiki Ueno
parent
b85b8ae15c
commit
5fa4ca6305
|
|
@ -23,3 +23,4 @@ TestUser51.cert
|
|||
/nss-3.33.0.tar.gz
|
||||
/nss-3.34.0.tar.gz
|
||||
/nss-3.35.0.tar.gz
|
||||
/nss-3.36.0.tar.gz
|
||||
|
|
|
|||
28
nss.spec
28
nss.spec
|
|
@ -1,6 +1,6 @@
|
|||
%global nspr_version 4.18.0
|
||||
%global nss_util_version 3.35.0
|
||||
%global nss_softokn_version 3.35.0
|
||||
%global nspr_version 4.19.0
|
||||
%global nss_util_version 3.36.0
|
||||
%global nss_softokn_version 3.36.0
|
||||
%global unsupported_tools_directory %{_libdir}/nss/unsupported-tools
|
||||
%global allTools "certutil cmsutil crlutil derdump modutil pk12util signtool signver ssltap vfychain vfyserv"
|
||||
|
||||
|
|
@ -18,10 +18,10 @@
|
|||
|
||||
Summary: Network Security Services
|
||||
Name: nss
|
||||
Version: 3.35.0
|
||||
Version: 3.36.0
|
||||
# for Rawhide, please always use release >= 2
|
||||
# for Fedora release branches, please use release < 2 (1.0, 1.1, ...)
|
||||
Release: 1.1%{?dist}
|
||||
Release: 1.0%{?dist}
|
||||
License: MPLv2.0
|
||||
URL: http://www.mozilla.org/projects/security/pki/nss/
|
||||
Group: System Environment/Libraries
|
||||
|
|
@ -44,6 +44,7 @@ BuildRequires: pkgconfig
|
|||
BuildRequires: gawk
|
||||
BuildRequires: psmisc
|
||||
BuildRequires: perl-interpreter
|
||||
BuildRequires: gcc-c++
|
||||
|
||||
# nss-pem used to be bundled with the nss package on Fedora -- make sure that
|
||||
# programs relying on that continue to work until they are fixed to require
|
||||
|
|
@ -489,21 +490,12 @@ popd
|
|||
killall $RANDSERV || :
|
||||
|
||||
if [ "x$SKIP_NSS_TEST_SUITE" == "x" ]; then
|
||||
TEST_FAILURES=$(grep -c FAILED ./tests_results/security/localhost.1/output.log) || GREP_EXIT_STATUS=$?
|
||||
TEST_FAILURES=$(grep -c -- '- FAILED$' ./tests_results/security/localhost.1/output.log) || GREP_EXIT_STATUS=$?
|
||||
else
|
||||
TEST_FAILURES=0
|
||||
GREP_EXIT_STATUS=1
|
||||
fi
|
||||
|
||||
# ssl_drop_unittest.cc is failing on F27/s390; temporarily ignore the
|
||||
# test failures on s390x
|
||||
%if 0%{fedora} == 27
|
||||
%ifarch s390x
|
||||
TEST_FAILURES=0
|
||||
GREP_EXIT_STATUS=1
|
||||
%endif
|
||||
%endif
|
||||
|
||||
if [ ${GREP_EXIT_STATUS:-0} -eq 1 ]; then
|
||||
echo "okay: test suite detected no failures"
|
||||
else
|
||||
|
|
@ -817,6 +809,12 @@ fi
|
|||
|
||||
|
||||
%changelog
|
||||
* Fri Mar 9 2018 Daiki Ueno <dueno@redhat.com> - 3.36.0-1.0
|
||||
- Update to NSS 3.36.0
|
||||
- Add gcc-c++ to BuildRequires (C++ is needed for gtests)
|
||||
- Make test failure detection robuster
|
||||
- Enable test on s390x again
|
||||
|
||||
* Mon Feb 12 2018 Daiki Ueno <dueno@redhat.com> - 3.35.0-1.1
|
||||
- Temporarily ignore test failures on F27 s390x
|
||||
|
||||
|
|
|
|||
|
|
@ -1,12 +1,12 @@
|
|||
diff -up ./nss/lib/ssl/sslsock.c.transitional ./nss/lib/ssl/sslsock.c
|
||||
--- ./nss/lib/ssl/sslsock.c.transitional 2016-06-23 21:03:16.316480089 -0400
|
||||
+++ ./nss/lib/ssl/sslsock.c 2016-06-23 21:08:07.290202477 -0400
|
||||
@@ -72,7 +72,7 @@ static sslOptions ssl_defaults = {
|
||||
PR_FALSE, /* noLocks */
|
||||
PR_FALSE, /* enableSessionTickets */
|
||||
PR_FALSE, /* enableDeflate */
|
||||
- 2, /* enableRenegotiation (default: requires extension) */
|
||||
+ 3, /* enableRenegotiation (default: transitional) */
|
||||
PR_FALSE, /* requireSafeNegotiation */
|
||||
PR_FALSE, /* enableFalseStart */
|
||||
PR_TRUE, /* cbcRandomIV */
|
||||
diff -up nss/lib/ssl/sslsock.c.transitional nss/lib/ssl/sslsock.c
|
||||
--- nss/lib/ssl/sslsock.c.transitional 2018-03-09 13:57:50.615706802 +0100
|
||||
+++ nss/lib/ssl/sslsock.c 2018-03-09 13:58:23.708974970 +0100
|
||||
@@ -67,7 +67,7 @@ static sslOptions ssl_defaults = {
|
||||
.noLocks = PR_FALSE,
|
||||
.enableSessionTickets = PR_FALSE,
|
||||
.enableDeflate = PR_FALSE,
|
||||
- .enableRenegotiation = SSL_RENEGOTIATE_REQUIRES_XTN,
|
||||
+ .enableRenegotiation = SSL_RENEGOTIATE_TRANSITIONAL,
|
||||
.requireSafeNegotiation = PR_FALSE,
|
||||
.enableFalseStart = PR_FALSE,
|
||||
.cbcRandomIV = PR_TRUE,
|
||||
|
|
|
|||
2
sources
2
sources
|
|
@ -3,4 +3,4 @@ SHA512 (blank-cert9.db) = 2f8eab4c0612210ee47db8a3a80c1b58a0b43849551af78c7da403
|
|||
SHA512 (blank-key3.db) = 01f7314e9fc8a7c9aa997652624cfcde213d18a6b3bb31840c1a60bbd662e56b5bc3221d13874abb42ce78163b225a6dfce2e1326cf6dd29366ad9c28ba5a71c
|
||||
SHA512 (blank-key4.db) = 8fedae93af7163da23fe9492ea8e785a44c291604fa98e58438448efb69c85d3253fc22b926d5c3209c62e58a86038fd4d78a1c4c068bc00600a7f3e5382ebe7
|
||||
SHA512 (blank-secmod.db) = 06a2dbd861839ef6315093459328b500d3832333a34b30e6fac4a2503af337f014a4d319f0f93322409e719142904ce8bc08252ae9a4f37f30d4c3312e900310
|
||||
SHA512 (nss-3.35.0.tar.gz) = a9865fd11d8b2ab83b57b1b50fe6f0d3a6d936f7ae4d0817e9dd1bf3e5182ff7f26ebc21fe7490c3dea2b792e4e4302af876ac70750e8e1f4da6bb710fd3002e
|
||||
SHA512 (nss-3.36.0.tar.gz) = 02559b724d1665be495e52155242a154f9d18c985ff6c180db8ee99460ead12d6a4059f13a8a0b0b6864b643f2435b2e0b45de023c678a4514833f1795c4d6fe
|
||||
|
|
|
|||
Loading…
Reference in New Issue