Delay new CK_GCM_PARAMS semantics until fedora 34 unless explicitly enabled.

This commit is contained in:
Bob Relyea 2020-05-13 16:02:36 -07:00
parent 26f93fa193
commit 614f823eb3
2 changed files with 30 additions and 1 deletions

View File

@ -0,0 +1,21 @@
diff -up ./lib/util/pkcs11n.h.aes_gcm_pkcs11_v2 ./lib/util/pkcs11n.h
--- ./lib/util/pkcs11n.h.aes_gcm_pkcs11_v2 2020-05-13 13:44:11.312405744 -0700
+++ ./lib/util/pkcs11n.h 2020-05-13 13:45:23.951723660 -0700
@@ -605,7 +605,7 @@ typedef struct CK_NSS_GCM_PARAMS {
typedef CK_NSS_GCM_PARAMS CK_PTR CK_NSS_GCM_PARAMS_PTR;
/* deprecated #defines. Drop in future NSS releases */
-#ifdef NSS_PKCS11_2_0_COMPAT
+#ifndef NSS_PKCS11_3_0_STRICT
/* defines that were changed between NSS's PKCS #11 and the Oasis headers */
#define CKF_EC_FP CKF_EC_F_P
@@ -664,7 +664,7 @@ typedef CK_NSS_GCM_PARAMS CK_PTR CK_GCM_
#define CKT_NETSCAPE_VALID CKT_NSS_VALID
#define CKT_NETSCAPE_VALID_DELEGATOR CKT_NSS_VALID_DELEGATOR
#else
-/* use the new CK_GCM_PARAMS if NSS_PKCS11_2_0_COMPAT is not defined */
+/* use the new CK_GCM_PARAMS if NSS_PKCS11_3_0_STRICT is defined */
typedef struct CK_GCM_PARAMS_V3 CK_GCM_PARAMS;
typedef CK_GCM_PARAMS_V3 CK_PTR CK_GCM_PARAMS_PTR;
#endif

View File

@ -44,7 +44,7 @@ rpm.define(string.format("nss_release_tag NSS_%s_RTM",
Summary: Network Security Services
Name: nss
Version: %{nss_version}
Release: 1%{?dist}
Release: 2%{?dist}
License: MPLv2.0
URL: http://www.mozilla.org/projects/security/pki/nss/
Requires: nspr >= %{nspr_version}
@ -109,6 +109,11 @@ Patch4: iquote.patch
Patch12: nss-signtool-format.patch
# https://github.com/FStarLang/kremlin/issues/166
Patch13: nss-kremlin-ppc64le.patch
%if 0%{?fedora} < 34
%if 0%{?rhel} < 9
Patch20: nss-gcm-param-default-pkcs11v2.patch
%endif
%endif
%description
Network Security Services (NSS) is a set of libraries designed to
@ -887,6 +892,9 @@ update-crypto-policies &> /dev/null || :
%changelog
* Wed May 13 2020 Bob Relyea <rrelyea@redhat.com> - 3.52.0-2
- Delay CK_GCM_PARAMS semantics until fedora 34
* Mon May 11 2020 Daiki Ueno <dueno@redhat.com> - 3.52.0-1
- Update to NSS 3.52