034c16be36
Merge branch 'master' into f17
...
- Update to NSS_3_13_4_RTM
- Update the nss-pem source archive to the latest version
- Remove no longer needed patches
- Resolves: Bug 806043 - use pem files interchangeably in a single process
- Resolves: Bug 806051 - PEM various flaws detected by Coverity
- Resolves: Bug 806058 - PEM pem_CreateObject leaks memory given a non-existing file name
2012-04-06 15:26:15 -07:00
5203007534
Update to NSS_3_13_14_RTM
2012-04-06 10:06:51 -07:00
310e64d3c2
Update the nss-pem source archive to the latest version
...
- Resolves: Bug 806043 - use pem files interchangeably in a single process
- Resolves: Bug 806051 - PEM various flaws detected by Coverity
- Resolves: Bug 806058 - PEM pem_CreateObject leaks memory given a non-existing file name
- Remove patches obsoleted by the nss and pem updates
2012-04-02 13:34:11 -07:00
c408966515
Require nss-util and nss-softokn at 3.12.4
2012-04-01 17:24:02 -07:00
89045d8452
Update to NSS_3_13.4_BETA1
2012-04-01 16:35:48 -07:00
51c4dcf0e0
Merge branch 'master' into f17
2012-03-27 15:26:25 -07:00
39b507ea3c
- Resolves: Bug 805723 - Library needs partial RELRO support added
2012-03-21 15:01:07 -07:00
19fee62ac7
Enable the Patch29: nss-ssl-cbc-random-iv-off-by-default.patch
...
- F17 is already aplha, let's treat it as a stable branch
- Todo: Ask communinty members to try turning it on and provide
- feedack on servers and clients that may still be broken.
2012-03-09 18:07:15 -08:00
7d1bd46bd6
Cleanup the spec file
...
- Add references to the upstream bugs
- Fix typo in Summary for sysinit
2012-03-09 14:40:23 -08:00
3ccc11c806
Pick up fixes from RHEL
...
- Resolves: rhbz#800674 - Unable to contact LDAP Server during winsync
- Resolves: rhbz#800682 - Qpid AMQP daemon fails to load after nss update
- Resolves: rhbz#800676 - NSS workaround for freebl bug that causes openswan to drop connections
2012-03-07 18:39:32 -08:00
85a1075a8d
Require nss-softokn 3.13.3 as part of the update to NSS_3_13_3_RTM
2012-03-01 12:48:17 -08:00
ca7f73c317
- Update to NSS_3_13_3_RTM
...
- Keeping the requires on nss-softokn at 3.13.1 temporarily
- Removed nss-ckbi-1.88.rtm.patch which we no longer need due to the update
2012-02-29 19:20:40 -08:00
6e9d7578fc
fix gcc47 issue causing xulrunner to ftbfs in rawhide
2012-01-30 17:10:53 -05:00
81470bd3c4
- Resolves: Bug 784672 - nss should protect against being called before nss_Init
2012-01-26 14:56:36 -08:00
b6f8eca453
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
2012-01-13 05:16:40 -06:00
1f56c5ccc5
- Deactivate a patch currently meant for stable branches only
2012-01-06 16:01:07 -08:00
40928cb8e3
- Resolves: Bug 770682 - nss update breaks pidgin-sipe connectivity
...
- Set NSS_SSL_CBC_RANDOM_IV to 0 by default and change to 1 on user request
2012-01-06 15:50:45 -08:00
d5f0675cc9
- Revert to using current nss_softokn_version
...
- Patch to deal with lack of sha224 is no longer needed
2011-12-13 14:29:45 -08:00
def217ea25
- Resolves: Bug 754771 - [PEM] an unregistered callback causes a SIGSEGV
2011-12-13 06:54:05 -08:00
543ae9ce83
- Resolves: Bug 750376 - nss 3.13 breaks sssd TLS
...
- Fix how pem is built so that nss-3.13.x works with nss-softokn-3.12.y
- Only patch blapitest for the lack of sha224 on system freebl
- Completed the patch to make pem link against system freebl
2011-12-12 15:42:30 -08:00
109e79922c
- Drop the Batiz from my name, it confuses people
2011-12-06 16:56:09 -08:00
3fe2df48eb
- Remove reference to obsoleted terminalrecord.patch
2011-12-05 15:54:44 -08:00
f67889f49c
- Fix the missing CERTDB_TERMINAL_RECORD symbol problem
...
- Removed unwanted /usr/include/nss3 in front of the normal cflags include path
- Removed ugly and unnecessary patch dealing with CERTDB_TERMINAL_RECORD
2011-12-05 15:51:15 -08:00
321e446e77
- Bug 75036 Enable usage of nss-3.13.3 with nss-softokn-3.12.x
2011-12-04 23:21:22 -08:00
cb85c9e1da
- Bug 750376 Enable updating nss to 3.13.x while keeping nss-softokn at 3.12.9
...
- Statically link the pem module against system freebl found in buildroot
- Disable sha224-related powerup selftest until we update softokn
- Disable sha224 and rsapss tests which nss-softokn 3.12.x doesn't support
- nss-softokn 3.12.9 was submitted for FIPS 140 minor revalidation
2011-12-04 23:08:24 -08:00
953f3cef9d
- Rebuild with nss-softokn from 3.12 in the buildroot
...
- Allows the pem module to statically link against 3.12.x freebl
- Required for using nss-3.13.x with nss-softokn-3.12.y for a merge into ia new rhel git repo
- Build to be temporarily placed on buildroot override but never pushed to updates-testing
2011-12-02 14:21:08 -08:00
1c8a4130f1
- Merge from master
...
- This is an experimental build to fix Bug 750376
- To be added to the buildroot override but should not be pushed to updates-testing
until the bug has been verified as fixed
2011-11-28 15:37:12 -08:00
0598777c8d
Merge branch 'master' into f16
...
Keeping softokn at 3.12.10 as we are bootstrapping the system
2011-11-07 08:36:10 -08:00
cc7766a55d
- Fix broken dependencies by updating the nss-util and nss-softokn versions
2011-11-04 12:26:07 -07:00
28928af492
- Fix the name of the patch file
2011-11-03 20:44:32 -07:00
4a87b24862
- Update to NSS_3_13_1_RTM
...
- Update builtin certs to those from NSSCKBI_1_88_RTM
2011-11-03 17:21:40 -07:00
7b078b5247
- Update to NSS_3_13_RTM
2011-10-15 20:24:39 -07:00
bc4ac545c9
- Update to NSS_3_13_RC0
...
- Adjust patches to new sources
- Remove builtin patch which isn't needed due to the update
- update sources
2011-10-08 12:04:26 -07:00
3586aff4e7
- Fix attempt to free initialized pointer ( #717338 )
...
- Fix leak on pem_CreateObject when given non-existing file name (#734760 )
- Fix pem_Initialize to return CKR_CANT_LOCK on multi-treaded calls (#736410 )
2011-09-14 12:28:24 -07:00
a1e61fa589
NSSCKBI_1_87_RTM
2011-09-06 22:51:08 +02:00
c26c5b1326
NSSCKBI_1_87_RTM
2011-09-06 22:48:46 +02:00
d7c5a94ba8
- Update to NSS_3_12_11_RTM
2011-08-09 18:31:35 -07:00
a7fb38e80b
- Indicate the provenance of stripped source tarball ( #688015 )
...
- Add the code stripping script to the sources
2011-07-23 20:16:38 -07:00
e2ce6e022c
Provide virtual -static package to meet guidelines ( #609612 ).
2011-06-27 20:17:03 +02:00
5c50a33200
- Enable pluggable ecc support ( #712556 )
...
- Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045 )
2011-06-11 18:05:04 -07:00
321ca50d42
fix typo in date
2011-05-20 09:09:41 -05:00
7232ae1bc7
make the test suite non fatal on arm arches
2011-05-20 09:07:45 -05:00
c409805d45
- Fix crmf hard-coded maximum size for wrapped private keys ( #703658 )
...
- Use the safer bound off
- ( ( RSA_MAX_MODULUS_BITS / 8 ) *8 ) = RSA_MAX_MODULUS_BITS
- which will accomodate other algorithms
2011-05-17 09:07:55 -07:00
656b5456ab
- Update to NSS_3_12_10_RTM
2011-05-06 14:53:40 -07:00
976de5ebbe
- Update to NSS_3_12_10_BETA1
...
- Update nss-539183.patch for new 3.12.10 sources
2011-04-27 18:05:46 -07:00
6e1b6bdc24
- Implement PEM logging using NSPR's own ( #695011 )
2011-04-12 11:53:46 -07:00
4a912ae4d0
Fix the tag name in changelog comment
2011-03-23 15:17:21 -07:00
0b0026515f
- Update to NSS_3.12.9_WITH_CKPI_1_82_RTM
2011-03-23 15:13:45 -07:00
c40f16fc52
Bug 539183 - Short-term fix for ssl test suites hangs on ipv6 type connections
...
Change selfserv to use a dual-stack IPv6 listening socket, which can accept
connections from both IPv4 and IPv6 clients. NSPR's IPv6 sockets have the
IPV6_V6ONLY socket option default to false.
2011-02-24 15:05:17 -08:00
ab4de6fd80
- Add to pkcs11-devel a requires on nss-softokn-freebl-freebl ( #675196 )
...
- This is needed because the latter now owns headers that pkcs11-devel depends on.
2011-02-18 13:09:28 -08:00
87fcbd4706
- Run the test suites in the check section ( #677809 )
2011-02-15 20:20:54 -08:00
882fcb9fcf
Fix fips mode switch handling bug detected while running JSS tests
...
Fix NSS to swap the internal key slot on fips mode switches
Fix white space usage in cpp reserved words patch per reviewer request
2011-02-11 07:56:25 -08:00
4c53349943
- Fix cms headers to not use c++ reserved words ( #676036 )
...
- Reenabling Bug 499444 patches
2011-02-10 11:58:38 -08:00
a2f2732911
Temorarily revert patches for 499444 until all c++ reserved words are found and extirpated
2011-02-08 17:26:32 -08:00
114f631980
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
2011-02-08 19:07:37 -06:00
cab275f8b6
- Fix cms header to not use c++ reserved word ( #676036 )
...
- Reenable patches for bug 499444
2011-02-08 11:48:11 -08:00
40064d5204
Revert patches for 499444
...
since they use a C++ reserved word and cause compilation of Firefox to fail
2011-02-08 09:39:11 -08:00
1850759856
- Fix the earlier infinite recursion patch ( #499444 )
...
- Remove a header that now nss-softokn-freebl-devel ships
2011-02-04 15:20:54 -08:00
453276ca4d
Fix infinite recursion when encoding NSS enveloped/digested data ( #499444 )
...
Add support in CMS for content types other than S/MIME
2011-02-01 16:13:13 -08:00
f76d0921cd
Bug 633043: Update the patch to implement upstream review requests.
2011-01-31 13:04:01 -08:00
5f7dfcf00d
Update the cacert trust patch per upstream review ( #633043 )
...
- Add comments to the new internal functions
- Rename macro to better reflect purpose and fix typos
- Patch matches the code as checked in upstream
2011-01-26 10:59:29 -08:00
612496b72d
Bug 633043 - nss trusts certificates it shouldn't, fixed
...
- Add patch to honor the user's cert trust preferences (#633043 )
- Rename nss-sysinit-fix-trustorder.patch honor-user-trust-preferences.patch
- Remove nss-sysinit-userdb-first.patch, it's obsoleted by current patch
2011-01-22 09:39:22 -08:00
d7e6ef54a1
Update to 3.12.9
2011-01-12 17:46:43 -08:00
fa715a1966
- Follow the fedora pre-release package naming guidelines
...
- Using the nss-3.12.9-stripped.tar.bz source tar ball
2010-12-27 10:55:39 -08:00
9cfe30c547
- Update to NSS_3_12_9_BETA2
...
- Fix libpnsspem crash when cacert dir contains other directories (#642433 )
- Remove unused-patch
2010-12-10 13:11:24 -08:00
f5fbb3f944
Update to NSS_3_12_9_BETA1
2010-12-08 14:10:33 -08:00
c45196731a
- Update pem source tar with fixes for 614532 and 596674
...
- Remove no longer needed patches
2010-11-25 12:43:08 -08:00
4c96b0e51a
Update test certificate which had expired
2010-11-05 08:24:44 -07:00
2cded812be
Tell rpm to not veryfy md5, sixe, and mtime of the configuration files.
...
Fixes 'rpm -qV nss-sysinit nss' failures.
2010-10-31 09:47:13 -07:00
7292dd3723
- Fix certificates trust order ( #643134 )
...
- Apply nss-sysinit-userdb-first.patch last
2010-10-18 15:54:32 -07:00
50867d6093
Move triggerpostun -n nss-sysinit script ahead of the other ones ( #639248 )
2010-10-06 20:22:32 -07:00
89b371d9fc
Fix invalid %postun scriptlet ( #639248 )
2010-10-05 10:07:31 -07:00
c5201d23da
Improve the fixes for bugs 636787, 636792, 636801
...
Replace posttrans sysinit scriptlet with a triggerpostun one (#636787 )
Fix and cleanup the setup-nsssysinit.sh script (#636792 , #636801 )
2010-09-29 11:46:10 -07:00
c51d121d29
Add posttrans sysinit scriptlet to re-enable nssysinit - resolves rhbz#636787.
2010-09-27 21:47:31 -07:00
53ccaaaa26
Changes related to the fix for 636787 and 609612
...
system-pkcs11.txt has nss-sysinit enabled (#636787 )
Added provides pkcs11-devel-static to comply with packaging guidelines (#609612 )
2010-09-25 13:10:51 -07:00
06f202356f
Fix the nss_util_version and nss_softokn_version to be 3.12.8
2010-09-23 17:52:31 -07:00
1e21f59c8c
Update to 3.12.8 and resolve bugs 636787, 636787, 636801
...
nss.spec prevents disabling of nss-sysinit on package upgrade - #636787
setup-nsssysinit.shc creates pkcs11.txt with correct permissions regardless of umask - #636792
setup-nsssysinit.sh reports whether nss-sysinit is turned on or off - #636801
2010-09-23 17:45:52 -07:00
958c0f4fd5
Update to NSS 3.12.8 RC0
2010-09-19 13:19:26 -07:00
4a3d4a018a
Fix nss-util_version and nss_softokn_version required to be 3.12.7.99.3.
...
This is the currently higest version that can be satisfied, previous value caused build breakage.
2010-09-05 11:03:04 -07:00
759a662b45
Update for NSS 3.12.8 Beta 3
2010-09-04 13:24:39 -07:00
5cb30e27e1
Change BuildRequries to available version of nss-util-devel.
2010-08-30 15:56:50 -07:00
2becd412b2
Complete the change log
2010-08-29 12:56:11 -07:00
8e3710e2cf
Rely on NSS_USE_SYSTEM_SQLITE for no local sql
...
Define NSS_USE_SYSTEM_SQLITE and remove nss-nolocalsql patch
Fix rpmlint warnings about macros in comments and changelog
Build requires nss-softokn-devel >= 3.12.7
2010-08-29 12:46:20 -07:00
1c9dbe330c
Updating to 3.12.7
2010-08-18 18:01:57 -07:00
c647f9551c
Apply the patches to fix rhbz#614532
...
Added 0001-Add-support-for-PKCS-8-encoded-private-keys.patch
Added 0001-Do-not-define-SEC_SkipTemplate.patch
Modified nss.spec to apply the patches
2010-08-14 15:54:14 -07:00
ebb7b25b6f
Remove pem source tar
2010-08-09 21:36:17 -07:00
37584d01a1
Update source tar to add support for PKCS#8 encoded PEM RSA private key files rhbz#614532
2010-08-09 15:06:09 -07:00
a3ec3dfe11
* Fri Jul 31 2010 Elio Maldonado <emaldona@redhat.com> - 3.12.6-9
...
- Fix nsssysinit to return userdb ahead of systemdb (#603313 )
2010-07-31 09:51:45 -07:00
99c5eddfda
fix typo
2010-06-08 19:59:30 +00:00
f2b0bb17ab
changes the requires and BuildRequires versions from = to >=
2010-06-08 19:58:16 +00:00
7edcfc8148
Require nss-softoken 3.12.6
2010-06-08 19:01:01 +00:00
fbbc54fbf1
Fix SIGSEGV within CreateObject rhbz#596674
2010-06-07 04:41:51 +00:00
0b1d72fd87
Synch. up pem source tar with git repo to pick up various fixes
2010-04-12 22:46:45 +00:00
f1e2b65a89
Update test cert in setup phase instead of changing the source tar ball
2010-04-08 01:38:51 +00:00
0578cf1b19
Fix requires for nss-sysinit and update an expired - #576071 , #580207
2010-04-07 23:29:25 +00:00
c2a52bb832
Add sed to sysinit requires as setup-nsssysinit.sh requires it -
...
rhbz#576071
2010-04-06 23:37:08 +00:00
b84ca16585
Remove nss-softokn from requires in ns.pc - rhbz#575001
2010-03-19 04:13:21 +00:00
ba88c56bfa
Reenable all tests
2010-03-07 02:05:27 +00:00
688080c659
Add renegotiate-transitional patch and disable ssl tests suites
2010-03-06 21:52:07 +00:00
f9076c4e22
Update to 3.12.6
2010-03-06 21:13:40 +00:00
Elio Maldonado
Tom Callaway
Dennis Gilmore
Elio Maldonado
Elio Maldonado
Kai Engert
Michael Schwendt
Elio Maldonado
Christopher Aillon
Dennis Gilmore
Elio Maldonado