From fa84af3e0651e2744fa4dea9d7875a6190854d9d Mon Sep 17 00:00:00 2001
From: Daiki Ueno <dueno@redhat.com>
Date: Wed, 4 Sep 2019 06:31:06 +0200
Subject: [PATCH] Require NSPR 4.22

---
 nss-skip-tls13-fips.patch | 27 ---------------------------
 nss.spec                  |  6 ++----
 2 files changed, 2 insertions(+), 31 deletions(-)
 delete mode 100644 nss-skip-tls13-fips.patch

diff --git a/nss-skip-tls13-fips.patch b/nss-skip-tls13-fips.patch
deleted file mode 100644
index 4a7c707..0000000
--- a/nss-skip-tls13-fips.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-# HG changeset patch
-# User Daiki Ueno <dueno@redhat.com>
-# Date 1558341826 -7200
-#      Mon May 20 10:43:46 2019 +0200
-# Node ID b447f0046807b718d2928d0e33313620d38a287a
-# Parent  02ea5f29ac3c1f1c6e6eb4b655afd9b4fc075a9e
-tests: skip TLS 1.3 tests under FIPS mode
-
-diff --git a/tests/ssl/ssl.sh b/tests/ssl/ssl.sh
---- a/tests/ssl/ssl.sh
-+++ b/tests/ssl/ssl.sh
-@@ -393,6 +393,15 @@ ssl_auth()
-       echo "${testname}" | grep "TLS 1.3" > /dev/null
-       TLS13=$?
- 
-+      # Currently TLS 1.3 tests are known to fail under FIPS mode,
-+      # because HKDF is implemented using the PKCS #11 functions
-+      # prohibited under FIPS mode.
-+      if [ "${TLS13}" -eq 0 ] && \
-+	 [ "$SERVER_MODE" = "fips" -o "$CLIENT_MODE" = "fips" ] ; then
-+          echo "$SCRIPTNAME: skipping  $testname (non-FIPS only)"
-+          continue
-+      fi
-+
-       if [ "${CLIENT_MODE}" = "fips" -a "${CAUTH}" -eq 0 ] ; then
-           echo "$SCRIPTNAME: skipping  $testname (non-FIPS only)"
-       elif [ "$ectype" = "SNI" -a "$NORM_EXT" = "Extended Test" ] ; then
diff --git a/nss.spec b/nss.spec
index ec5f0d9..191359c 100644
--- a/nss.spec
+++ b/nss.spec
@@ -1,4 +1,4 @@
-%global nspr_version 4.21.0
+%global nspr_version 4.22.0
 %global nss_version 3.46.0
 %global unsupported_tools_directory %{_libdir}/nss/unsupported-tools
 %global saved_files_dir %{_libdir}/nss/saved
@@ -43,7 +43,7 @@ rpm.define(string.format("nss_release_tag NSS_%s_RTM",
 Summary:          Network Security Services
 Name:             nss
 Version:          %{nss_version}
-Release:          1%{?dist}
+Release:          2%{?dist}
 License:          MPLv2.0
 URL:              http://www.mozilla.org/projects/security/pki/nss/
 Requires:         nspr >= %{nspr_version}
@@ -105,8 +105,6 @@ Patch2:           nss-539183.patch
 # Once the buildroot aha been bootstrapped the patch may be removed
 # but it doesn't hurt to keep it.
 Patch4:           iquote.patch
-# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1552767
-Patch5:           nss-skip-tls13-fips.patch
 
 %description
 Network Security Services (NSS) is a set of libraries designed to