Daiki Ueno
60379b1140
Rebase to NSS 3.31.0
2017-07-11 14:17:26 +02:00
Daiki Ueno
c02a92318d
Enable TLS 1.3 again
...
Also re-enable tests on armv7hl.
2017-05-10 13:28:12 +02:00
Daiki Ueno
8a895b4021
Rebase to NSS 3.30.2
2017-04-24 11:07:51 +02:00
Kai Engert
00dec8e43f
temporarily disable tests on armv7hl because of infrastructure timeouts
2017-03-29 17:39:12 +02:00
Kai Engert
f1ccf9b47a
Backport upstream mozbz#1328318 to support crypto policy FUTURE.
2017-03-29 14:11:21 +02:00
Daiki Ueno
6870a8a378
Re-add patch to check CKA_NSS_MOZILLA_CA_POLICY
2017-03-22 13:59:37 +01:00
Daiki Ueno
fe7dcb8310
Update to NSS 3.29.3
2017-03-21 16:47:43 +01:00
Kai Engert
571d09fa9e
Backport mozbz#1334976 and mozbz#1336487.
2017-03-02 14:10:09 +01:00
Daiki Ueno
65a4d20cc7
Update to NSS 3.29.1
2017-02-17 15:32:15 +01:00
Daiki Ueno
07c729494a
Disable TLS 1.3 again
2017-02-09 10:13:07 +01:00
Daiki Ueno
73106743c1
Update to NSS 3.29.0
2017-02-08 16:33:58 +01:00
Daiki Ueno
70bf1cefc1
Work around pkgconfig -> pkgconf transition issue
2017-01-23 14:41:48 +01:00
Daiki Ueno
877f068e97
Temporarily remove Conflicts: for icecat
2017-01-23 14:15:36 +01:00
Daiki Ueno
82e9983e43
Disable TLS 1.3 again
...
Also add Conflicts for old Mozilla apps
2017-01-20 17:41:36 +01:00
Daiki Ueno
c6535e87bd
Add "Conflicts" with older firefox
2017-01-17 12:49:10 +01:00
Daiki Ueno
8b6e6cc656
Fix incorrect version requirement for nss-util/nss-softokn
2017-01-13 09:41:31 +01:00
Daiki Ueno
9168316fa8
Update to NSS 3.28.1
2017-01-06 14:35:27 +01:00
Daiki Ueno
1df1edced7
Update to 3.27.2
2016-11-30 15:35:31 +01:00
Daiki Ueno
f52ebc585d
Revert the previous fix for RSA-PSS and use the upstream fix instead
2016-11-15 16:27:37 +01:00
Kai Engert
387bb6b467
Disable the use of RSA-PSS with SSL/TLS. #1383809
2016-11-02 14:19:58 +01:00
Daiki Ueno
74f302809f
Disable TLS 1.3 by default
2016-10-02 07:12:26 +02:00
Daiki Ueno
ddcac56c2e
Update to NSS 3.27.0
2016-09-29 13:52:40 +02:00
Daiki Ueno
e0be40e6f7
Add explanation about NSS_IGNORE_SYSTEM_POLICY=1
2016-08-19 10:33:21 +02:00
Daiki Ueno
351f464ed1
Update to NSS 3.26.0
2016-08-10 14:46:53 +02:00
Elio Maldonado
7854e70d7e
Incorporate more changes requested in upstream review and commited upstream ( #1157720 )
...
- still keeping two separate patches
2016-07-14 10:41:00 -07:00
Elio Maldonado
ff192a931a
Incorporate some changes requested in upstream review and commited upstream ( #1157720 )
2016-07-13 17:44:26 -07:00
Elio Maldonado
270f23d149
Implement changes requested in upstream review and pushed upstream ( #1157720 )
...
- merge the two policy related patches
2016-07-12 20:25:49 -07:00
Elio Maldonado
e666a29edf
Add support for conditionally ignoring the system policy ( #1157720 )
...
- Remove unneeded test scripts patches in order to run more tests
- Remove unneeded test data modifications from the spec file
2016-07-01 18:22:06 -07:00
Elio Maldonado
68e30820ed
Add a reference to bug filed upstream
2016-06-28 09:33:42 -07:00
Elio Maldonado
ef6c2f08e7
Remove obsolete patch and spurious lines from the spec file ( #1347336 )
2016-06-28 07:47:13 -07:00
Elio Maldonado
e51bf1ce38
Cleanup spec file and patches and add references to bugs filed upstream
2016-06-26 15:03:12 -07:00
Elio Maldonado
3792f60887
Rebase to NSS 3.15
...
- Remove three patches obsolted by the rebase and updated two
- Temporarily not building the ecperf tool
- ecperef requires freebl/ec.h and ecl-curve.h and the latter
- causes compile failure because it requires that
- NSS_ECC_MORE_THAN_SUITE_B not be defined yet this is
- required for nss builds to allow external pkcs #11 providers
- to support curves beyond suite-b, such restriction only applies
- to the internal crypto module
2016-06-24 14:13:59 -07:00
Kai Engert
1911d47990
Bug 1347336, decouple nss-pem from the nss package, patch contributed by Kamil Dudka
2016-06-22 15:20:39 +02:00
Elio Maldonado
f5c6a9ac04
Apply the patch that was last introduced
...
- Renumber and reorder some of the patches
- Resolves: Bug 1342158
2016-06-03 08:40:01 -07:00
Elio Maldonado
85c6e70f3c
Allow application requests to disable SSL v2 to succeed
...
- Resolves: Bug 1342158 - nss-3.24 does no longer support ssl V2, installation of IPA fails because nss init fails
2016-06-02 13:47:29 -07:00
Elio Maldonado
c460de4d23
Rebase to NSS 3.24.0
...
- Restore setting the policy file location
- Make ssl tests scripts aware of policy
- Ajust tests data expected result for policy
2016-05-29 10:14:36 -07:00
Elio Maldonado
29b52f2caf
Bootstrap build to rebase to NSS 3.24.0
...
- Temporarily not setting the policy file location
2016-05-25 19:55:49 -07:00
Elio Maldonado
fc09930b4d
Update nss_util_version and nss_softoken_version to 3.24.0
...
- Resolves: Bug 1336849 - nss-3.24 is available
2016-05-24 06:49:40 -07:00
Elio Maldonado
3648d70a92
Update to NSS 3.24.0
...
- Resolves: Bug 1336849 - nss-3.24 is available
- Update patches on account of the rebase
- Remove unused patches un account of the rebase
- Patch pem module to compile with wrning for unitilaized variables treated as errors
- Patch to skip some of the gtests as they use private calls and need to statically link with libnssutil.a
- TODO: bring this up with the external_tests framework developers upstream
2016-05-23 18:10:46 -07:00
Elio Maldonado
2e6c8d6f71
Change POLICY_FILE to "nss.config"
2016-05-12 12:04:57 -07:00
Elio Maldonado
299e9058d1
Change POLICY_FILE to "nss.cfg"
2016-04-22 08:25:14 -07:00
Elio Maldonado
21d9cd13e1
Change the POLICY_PATH to "/etc/crypto-policies/back-ends"
...
- Regenerate the check policy patch with hg to provide more context
- the nss-util portion included though not applied here but in nss-util
- todo: file bug upstream once we have done some testing
2016-04-20 08:49:00 -07:00
Elio Maldonado
b9c9bc550c
Fix typo in the last %changelog entry
2016-04-14 14:16:05 -07:00
Elio Maldonado
ea86d5898c
Load policy file if /etc/pki/nssdb/policy.cfg exists
...
- Resolves: Bug 1157720 - NSS should enforce the system-wide crypto policy
2016-03-24 15:18:49 -07:00
Elio Maldonado
b22cf46b7c
Remove unused patch rendered obsolete by pem update
2016-03-08 15:41:14 -08:00
Elio Maldonado
2a45956d5b
Update pem sources to latest from nss-pem upstream
...
- Resolves: Bug 1300652 - [PEM] insufficient input validity checking while loading a private key
- Fixes memory leak on failed ASN1 decoding of RSA keys with rebase
- https://git.fedorahosted.org/cgit/nss-pem.git
2016-03-08 06:47:48 -08:00
Elio Maldonado
e4343992f0
Rebase to NSS 3.23
2016-03-05 12:42:26 -08:00
Elio Maldonado
c0f6099656
Requite nss and nss-softokn version 3.22.2
2016-02-27 16:45:41 -08:00
Elio Maldonado
69c688f3b5
Rebase to NSS 3.22.2
...
- Resolves: Bug 1304135 - nss-3.22.2 is available
2016-02-26 21:59:01 -08:00
Elio Maldonado
fe44847276
Fix ssl2/exp test disabling to run all the required tests
2016-02-22 20:49:28 -08:00