Rebase to nss 3.22 WIP
- This is still a work in progress - Temporay added export NSS_DISABLE_GTEST=1 to the spec file - TODO: determine the cause of some gtest failures
This commit is contained in:
parent
95a570d3b3
commit
d825e8736c
|
@ -10,4 +10,4 @@ TestUser51.cert
|
|||
/nss-pem-20140125.tar.bz2
|
||||
/PayPalRootCA.cert
|
||||
/PayPalICA.cert
|
||||
/nss-3.21.0.tar.gz
|
||||
/nss-3.22.0.tar.gz
|
||||
|
|
|
@ -1,6 +1,5 @@
|
|||
diff --git a/lib/ssl/config.mk b/lib/ssl/config.mk
|
||||
--- a/lib/ssl/config.mk
|
||||
+++ b/lib/ssl/config.mk
|
||||
--- ./lib/ssl/config.mk.disableSSL2libssl 2016-01-29 02:30:10.000000000 -0800
|
||||
+++ ./lib/ssl/config.mk 2016-02-06 11:20:50.322990421 -0800
|
||||
@@ -2,16 +2,20 @@
|
||||
# This Source Code Form is subject to the terms of the Mozilla Public
|
||||
# License, v. 2.0. If a copy of the MPL was not distributed with this
|
||||
|
@ -22,10 +21,9 @@ diff --git a/lib/ssl/config.mk b/lib/ssl/config.mk
|
|||
ifdef NSS_NO_PKCS11_BYPASS
|
||||
DEFINES += -DNO_PKCS11_BYPASS
|
||||
else
|
||||
diff --git a/lib/ssl/sslsock.c b/lib/ssl/sslsock.c
|
||||
--- a/lib/ssl/sslsock.c
|
||||
+++ b/lib/ssl/sslsock.c
|
||||
@@ -674,16 +674,22 @@ SSL_OptionSet(PRFileDesc *fd, PRInt32 wh
|
||||
--- ./lib/ssl/sslsock.c.disableSSL2libssl 2016-02-06 11:20:50.312990617 -0800
|
||||
+++ ./lib/ssl/sslsock.c 2016-02-06 11:26:04.123828138 -0800
|
||||
@@ -705,16 +705,22 @@ SSL_OptionSet(PRFileDesc *fd, PRInt32 wh
|
||||
if (ss->cipherSpecs) {
|
||||
PORT_Free(ss->cipherSpecs);
|
||||
ss->cipherSpecs = NULL;
|
||||
|
@ -47,8 +45,8 @@ diff --git a/lib/ssl/sslsock.c b/lib/ssl/sslsock.c
|
|||
}
|
||||
break;
|
||||
}
|
||||
ss->opt.enableSSL2 = on;
|
||||
@@ -691,52 +697,67 @@ SSL_OptionSet(PRFileDesc *fd, PRInt32 wh
|
||||
if (on) {
|
||||
@@ -729,52 +735,67 @@ SSL_OptionSet(PRFileDesc *fd, PRInt32 wh
|
||||
ss->opt.v2CompatibleHello = on;
|
||||
}
|
||||
ss->preferredCipher = NULL;
|
||||
|
@ -116,7 +114,7 @@ diff --git a/lib/ssl/sslsock.c b/lib/ssl/sslsock.c
|
|||
rv = SECFailure;
|
||||
} else {
|
||||
if (PR_FALSE != on) {
|
||||
@@ -1163,16 +1184,32 @@ SSL_OptionSetDefault(PRInt32 which, PRBo
|
||||
@@ -1235,16 +1256,32 @@ SSL_OptionSetDefault(PRInt32 which, PRBo
|
||||
}
|
||||
return SECSuccess;
|
||||
}
|
||||
|
|
|
@ -1,12 +1,11 @@
|
|||
diff --git a/tests/ssl/ssl.sh b/tests/ssl/ssl.sh
|
||||
--- a/tests/ssl/ssl.sh
|
||||
+++ b/tests/ssl/ssl.sh
|
||||
--- ./tests/ssl/ssl.sh.disableSSL2tests 2016-01-29 02:30:10.000000000 -0800
|
||||
+++ ./tests/ssl/ssl.sh 2016-02-06 11:50:26.496668124 -0800
|
||||
@@ -57,19 +57,24 @@ ssl_init()
|
||||
fi
|
||||
|
||||
PORT=${PORT-8443}
|
||||
NSS_SSL_TESTS=${NSS_SSL_TESTS:-normal_normal}
|
||||
nss_ssl_run="stapling cov auth stress"
|
||||
nss_ssl_run="stapling signed_cert_timestamps cov auth stress"
|
||||
NSS_SSL_RUN=${NSS_SSL_RUN:-$nss_ssl_run}
|
||||
|
||||
# Test case files
|
||||
|
@ -20,6 +19,7 @@ diff --git a/tests/ssl/ssl.sh b/tests/ssl/ssl.sh
|
|||
+ fi
|
||||
SSLAUTH=${QADIR}/ssl/sslauth.txt
|
||||
- SSLSTRESS=${QADIR}/ssl/sslstress.txt
|
||||
SSLPOLICY=${QADIR}/ssl/sslpolicy.txt
|
||||
REQUEST_FILE=${QADIR}/ssl/sslreq.dat
|
||||
|
||||
#temparary files
|
||||
|
@ -27,8 +27,7 @@ diff --git a/tests/ssl/ssl.sh b/tests/ssl/ssl.sh
|
|||
SERVERPID=${TMP}/tests_pid.$$
|
||||
|
||||
R_SERVERPID=../tests_pid.$$
|
||||
|
||||
@@ -115,17 +120,21 @@ is_selfserv_alive()
|
||||
@@ -116,17 +121,21 @@ is_selfserv_alive()
|
||||
if [ "${OS_ARCH}" = "WINNT" ] && \
|
||||
[ "$OS_NAME" = "CYGWIN_NT" -o "$OS_NAME" = "MINGW32_NT" ]; then
|
||||
PID=${SHELL_SERVERPID}
|
||||
|
@ -50,7 +49,7 @@ diff --git a/tests/ssl/ssl.sh b/tests/ssl/ssl.sh
|
|||
# local shell function to wait until selfserver is running and initialized
|
||||
########################################################################
|
||||
wait_for_selfserv()
|
||||
@@ -138,17 +147,21 @@ wait_for_selfserv()
|
||||
@@ -139,17 +148,21 @@ wait_for_selfserv()
|
||||
if [ $? -ne 0 ]; then
|
||||
sleep 5
|
||||
echo "retrying to connect to selfserv at `date`"
|
||||
|
@ -72,7 +71,7 @@ diff --git a/tests/ssl/ssl.sh b/tests/ssl/ssl.sh
|
|||
########################### kill_selfserv ##############################
|
||||
# local shell function to kill the selfserver after the tests are done
|
||||
########################################################################
|
||||
@@ -209,25 +222,26 @@ start_selfserv()
|
||||
@@ -210,25 +223,26 @@ start_selfserv()
|
||||
ECC_OPTIONS=""
|
||||
fi
|
||||
if [ "$1" = "mixed" ]; then
|
||||
|
@ -102,7 +101,7 @@ diff --git a/tests/ssl/ssl.sh b/tests/ssl/ssl.sh
|
|||
# process (sh.exe). MKS's kill command has a bug: invoking kill
|
||||
# on the helper process does not terminate the real background
|
||||
# process. Our workaround has been to have selfserv save its PID
|
||||
@@ -274,16 +288,22 @@ ssl_cov()
|
||||
@@ -275,16 +289,22 @@ ssl_cov()
|
||||
exec < ${SSLCOV}
|
||||
while read ectype testmax param testname
|
||||
do
|
||||
|
|
34
iquote.patch
34
iquote.patch
|
@ -171,6 +171,18 @@ diff -up nss/lib/nss/Makefile.iquote nss/lib/nss/Makefile
|
|||
+INCLUDES += -iquote $(DIST)/../public/nss
|
||||
+INCLUDES += -iquote $(DIST)/../private/nss
|
||||
|
||||
#######################################################################
|
||||
# (7) Execute "local" rules. (OPTIONAL). #
|
||||
diff -up ./nss/lib/pk11wrap/Makefile.iquote ./nss/lib/pk11wrap/Makefile
|
||||
--- ./nss/lib/pk11wrap/Makefile.iquote 2016-02-07 09:49:33.310455054 -0800
|
||||
+++ ./nss/lib/pk11wrap/Makefile 2016-02-07 09:51:38.830881330 -0800
|
||||
@@ -38,7 +38,7 @@ include $(CORE_DEPTH)/coreconf/rules.mk
|
||||
# (6) Execute "component" rules. (OPTIONAL) #
|
||||
#######################################################################
|
||||
|
||||
-
|
||||
+INCLUDES += -iquote $(DIST)/../public/nss
|
||||
|
||||
#######################################################################
|
||||
# (7) Execute "local" rules. (OPTIONAL). #
|
||||
diff -up nss/lib/ssl/Makefile.iquote nss/lib/ssl/Makefile
|
||||
|
@ -185,3 +197,25 @@ diff -up nss/lib/ssl/Makefile.iquote nss/lib/ssl/Makefile
|
|||
|
||||
#######################################################################
|
||||
# (7) Execute "local" rules. (OPTIONAL). #
|
||||
diff -up ./nss/external_tests/pk11_gtest/Makefile.iquote ./nss/external_tests/pk11_gtest/Makefile
|
||||
--- ./nss/external_tests/pk11_gtest/Makefile.iquote 2016-02-07 10:07:49.163055808 -0800
|
||||
+++ ./nss/external_tests/pk11_gtest/Makefile 2016-02-07 10:09:07.463478307 -0800
|
||||
@@ -37,6 +37,7 @@ include $(CORE_DEPTH)/coreconf/rules.mk
|
||||
# (6) Execute "component" rules. (OPTIONAL) #
|
||||
#######################################################################
|
||||
|
||||
+INCLUDES += -iquote $(DIST)/../public/nss
|
||||
|
||||
#######################################################################
|
||||
# (7) Execute "local" rules. (OPTIONAL). #
|
||||
diff -up ./nss/external_tests/ssl_gtest/Makefile.iquote ./nss/external_tests/ssl_gtest/Makefile
|
||||
--- ./nss/external_tests/ssl_gtest/Makefile.iquote 2016-02-07 10:19:57.132763142 -0800
|
||||
+++ ./nss/external_tests/ssl_gtest/Makefile 2016-02-07 10:20:42.346957530 -0800
|
||||
@@ -37,6 +37,7 @@ include $(CORE_DEPTH)/coreconf/rules.mk
|
||||
# (6) Execute "component" rules. (OPTIONAL) #
|
||||
#######################################################################
|
||||
|
||||
++INCLUDES += -iquote $(DIST)/../public/nss
|
||||
|
||||
#######################################################################
|
||||
# (7) Execute "local" rules. (OPTIONAL). #
|
||||
|
|
21
nss.spec
21
nss.spec
|
@ -1,6 +1,6 @@
|
|||
%global nspr_version 4.10.10
|
||||
%global nss_util_version 3.21.0
|
||||
%global nss_softokn_version 3.21.0
|
||||
%global nspr_version 4.11.0
|
||||
%global nss_util_version 3.22.0
|
||||
%global nss_softokn_version 3.22.0
|
||||
%global unsupported_tools_directory %{_libdir}/nss/unsupported-tools
|
||||
%global allTools "certutil cmsutil crlutil derdump modutil pk12util signtool signver ssltap vfychain vfyserv"
|
||||
|
||||
|
@ -18,10 +18,10 @@
|
|||
|
||||
Summary: Network Security Services
|
||||
Name: nss
|
||||
Version: 3.21.0
|
||||
Version: 3.22.0
|
||||
# for Rawhide, please always use release >= 2
|
||||
# for Fedora release branches, please use release < 2 (1.0, 1.1, ...)
|
||||
Release: 7%{?dist}
|
||||
Release: 0.2%{?dist}.test.1
|
||||
License: MPLv2.0
|
||||
URL: http://www.mozilla.org/projects/security/pki/nss/
|
||||
Group: System Environment/Libraries
|
||||
|
@ -105,6 +105,8 @@ Patch58: rhbz1185708-enable-ecc-3des-ciphers-by-default.patch
|
|||
# The submission will be very different from this patch as
|
||||
# cleanup there is already in progress there.
|
||||
Patch59: pem-compile-with-Werror.patch
|
||||
# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1246499
|
||||
Patch60: vfyserv-defined-but-not-used.patch
|
||||
|
||||
%description
|
||||
Network Security Services (NSS) is a set of libraries designed to
|
||||
|
@ -195,6 +197,9 @@ popd
|
|||
%patch55 -p1 -b .skip_stress_tls_rc4_128_with_md5
|
||||
%patch58 -p0 -b .1185708_3des
|
||||
%patch59 -p0 -b .compile_Werror
|
||||
pushd nss
|
||||
%patch60 -p1 -b .defined_not_used
|
||||
popd
|
||||
|
||||
#########################################################
|
||||
# Higher-level libraries and test tools need access to
|
||||
|
@ -236,6 +241,9 @@ popd
|
|||
|
||||
%build
|
||||
|
||||
# FIXME comment out once we figure out why the tests file to compile
|
||||
# export NSS_DISABLE_GTESTS=1
|
||||
|
||||
export NSS_NO_SSL2_NO_EXPORT=1
|
||||
|
||||
NSS_NO_PKCS11_BYPASS=1
|
||||
|
@ -824,6 +832,9 @@ fi
|
|||
|
||||
|
||||
%changelog
|
||||
* Sat Feb 06 2016 Elio Maldonado <emaldona@redhat.com> - 3.22.0-0.2.test.1
|
||||
- Rebase to nss 3.22
|
||||
|
||||
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 3.21.0-7
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
|
||||
|
||||
|
|
2
sources
2
sources
|
@ -4,4 +4,4 @@ a5ae49867124ac75f029a9a33af31bad blank-cert8.db
|
|||
691e663ccc07b7a1eaa6f088e03bf8e2 blank-cert9.db
|
||||
2ec9e0606ba40fe65196545564b7cc2a blank-key4.db
|
||||
b8a94e863c852e1f8b75e930e76f8640 nss-pem-20140125.tar.bz2
|
||||
f53ffa490133d29ff930fa4b29bade90 nss-3.21.0.tar.gz
|
||||
a0ae9d27c0261716648e49e3be33badd nss-3.22.0.tar.gz
|
||||
|
|
Loading…
Reference in New Issue