5ed56146a2
Rebase to NSS 3.31.0
2017-06-21 17:41:09 +02:00
4a49c5748c
Enable gtests
2017-06-02 15:18:09 +02:00
405310c946
Rebase to NSS 3.30.2
2017-04-24 09:50:22 +02:00
cd8db2917d
Backport upstream mozbz#1328318 to support crypto policy FUTURE.
2017-03-30 11:54:51 +02:00
17cd27bdca
Revert workaround for pkgconf transition
...
This reverts commit 70bf1cefc1
2017-03-21 12:37:13 +01:00
b6664ebb77
Update to NSS 3.30.0
2017-03-21 12:20:45 +01:00
8b601d64b2
Backport mozbz#1334976 and mozbz#1336487.
2017-03-02 13:44:16 +01:00
65a4d20cc7
Update to NSS 3.29.1
2017-02-17 15:32:15 +01:00
07c729494a
Disable TLS 1.3 again
2017-02-09 10:13:07 +01:00
73106743c1
Update to NSS 3.29.0
2017-02-08 16:33:58 +01:00
70bf1cefc1
Work around pkgconfig -> pkgconf transition issue
2017-01-23 14:41:48 +01:00
877f068e97
Temporarily remove Conflicts: for icecat
2017-01-23 14:15:36 +01:00
82e9983e43
Disable TLS 1.3 again
...
Also add Conflicts for old Mozilla apps
2017-01-20 17:41:36 +01:00
c6535e87bd
Add "Conflicts" with older firefox
2017-01-17 12:49:10 +01:00
8b6e6cc656
Fix incorrect version requirement for nss-util/nss-softokn
2017-01-13 09:41:31 +01:00
9168316fa8
Update to NSS 3.28.1
2017-01-06 14:35:27 +01:00
1df1edced7
Update to 3.27.2
2016-11-30 15:35:31 +01:00
f52ebc585d
Revert the previous fix for RSA-PSS and use the upstream fix instead
2016-11-15 16:27:37 +01:00
387bb6b467
Disable the use of RSA-PSS with SSL/TLS. #1383809
2016-11-02 14:19:58 +01:00
74f302809f
Disable TLS 1.3 by default
2016-10-02 07:12:26 +02:00
ddcac56c2e
Update to NSS 3.27.0
2016-09-29 13:52:40 +02:00
e0be40e6f7
Add explanation about NSS_IGNORE_SYSTEM_POLICY=1
2016-08-19 10:33:21 +02:00
351f464ed1
Update to NSS 3.26.0
2016-08-10 14:46:53 +02:00
7854e70d7e
Incorporate more changes requested in upstream review and commited upstream ( #1157720 )
...
- still keeping two separate patches
2016-07-14 10:41:00 -07:00
ff192a931a
Incorporate some changes requested in upstream review and commited upstream ( #1157720 )
2016-07-13 17:44:26 -07:00
270f23d149
Implement changes requested in upstream review and pushed upstream ( #1157720 )
...
- merge the two policy related patches
2016-07-12 20:25:49 -07:00
e666a29edf
Add support for conditionally ignoring the system policy ( #1157720 )
...
- Remove unneeded test scripts patches in order to run more tests
- Remove unneeded test data modifications from the spec file
2016-07-01 18:22:06 -07:00
68e30820ed
Add a reference to bug filed upstream
2016-06-28 09:33:42 -07:00
ef6c2f08e7
Remove obsolete patch and spurious lines from the spec file ( #1347336 )
2016-06-28 07:47:13 -07:00
e51bf1ce38
Cleanup spec file and patches and add references to bugs filed upstream
2016-06-26 15:03:12 -07:00
3792f60887
Rebase to NSS 3.15
...
- Remove three patches obsolted by the rebase and updated two
- Temporarily not building the ecperf tool
- ecperef requires freebl/ec.h and ecl-curve.h and the latter
- causes compile failure because it requires that
- NSS_ECC_MORE_THAN_SUITE_B not be defined yet this is
- required for nss builds to allow external pkcs #11 providers
- to support curves beyond suite-b, such restriction only applies
- to the internal crypto module
2016-06-24 14:13:59 -07:00
1911d47990
Bug 1347336, decouple nss-pem from the nss package, patch contributed by Kamil Dudka
2016-06-22 15:20:39 +02:00
f5c6a9ac04
Apply the patch that was last introduced
...
- Renumber and reorder some of the patches
- Resolves: Bug 1342158
2016-06-03 08:40:01 -07:00
85c6e70f3c
Allow application requests to disable SSL v2 to succeed
...
- Resolves: Bug 1342158 - nss-3.24 does no longer support ssl V2, installation of IPA fails because nss init fails
2016-06-02 13:47:29 -07:00
c460de4d23
Rebase to NSS 3.24.0
...
- Restore setting the policy file location
- Make ssl tests scripts aware of policy
- Ajust tests data expected result for policy
2016-05-29 10:14:36 -07:00
29b52f2caf
Bootstrap build to rebase to NSS 3.24.0
...
- Temporarily not setting the policy file location
2016-05-25 19:55:49 -07:00
fc09930b4d
Update nss_util_version and nss_softoken_version to 3.24.0
...
- Resolves: Bug 1336849 - nss-3.24 is available
2016-05-24 06:49:40 -07:00
3648d70a92
Update to NSS 3.24.0
...
- Resolves: Bug 1336849 - nss-3.24 is available
- Update patches on account of the rebase
- Remove unused patches un account of the rebase
- Patch pem module to compile with wrning for unitilaized variables treated as errors
- Patch to skip some of the gtests as they use private calls and need to statically link with libnssutil.a
- TODO: bring this up with the external_tests framework developers upstream
2016-05-23 18:10:46 -07:00
2e6c8d6f71
Change POLICY_FILE to "nss.config"
2016-05-12 12:04:57 -07:00
299e9058d1
Change POLICY_FILE to "nss.cfg"
2016-04-22 08:25:14 -07:00
21d9cd13e1
Change the POLICY_PATH to "/etc/crypto-policies/back-ends"
...
- Regenerate the check policy patch with hg to provide more context
- the nss-util portion included though not applied here but in nss-util
- todo: file bug upstream once we have done some testing
2016-04-20 08:49:00 -07:00
b9c9bc550c
Fix typo in the last %changelog entry
2016-04-14 14:16:05 -07:00
ea86d5898c
Load policy file if /etc/pki/nssdb/policy.cfg exists
...
- Resolves: Bug 1157720 - NSS should enforce the system-wide crypto policy
2016-03-24 15:18:49 -07:00
b22cf46b7c
Remove unused patch rendered obsolete by pem update
2016-03-08 15:41:14 -08:00
2a45956d5b
Update pem sources to latest from nss-pem upstream
...
- Resolves: Bug 1300652 - [PEM] insufficient input validity checking while loading a private key
- Fixes memory leak on failed ASN1 decoding of RSA keys with rebase
- https://git.fedorahosted.org/cgit/nss-pem.git
2016-03-08 06:47:48 -08:00
e4343992f0
Rebase to NSS 3.23
2016-03-05 12:42:26 -08:00
c0f6099656
Requite nss and nss-softokn version 3.22.2
2016-02-27 16:45:41 -08:00
69c688f3b5
Rebase to NSS 3.22.2
...
- Resolves: Bug 1304135 - nss-3.22.2 is available
2016-02-26 21:59:01 -08:00
fe44847276
Fix ssl2/exp test disabling to run all the required tests
2016-02-22 20:49:28 -08:00
c281a339e1
Rebase to NSS 3.22.1
...
- Bug 1304135 - nss-3.22.1 is available
2016-02-21 11:30:52 -08:00
317de01a4d
Update .gitignore as part of updating to nss 3.22
2016-02-08 13:47:18 -08:00
5953345108
Update to NSS 3.22
2016-02-08 07:57:39 -08:00
f7ddea92df
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
2016-02-04 10:56:52 +00:00
5fe1656484
Resolves: Bug 1299040 - Enable ssl_gtests upstream test suite
...
- Remove 'export NSS_DISABLE_GTESTS=1' go ssl_gtests are built
- Use %define when specifying the nss_tests to run
2016-01-15 11:12:08 -08:00
0483a01742
Add 64-bit MIPS to multilib arches
...
- Patch contributed by Michal Toman <michal.toman@gmail.com>
- Resolves: Bug 1294878 - Add 64-bit MIPS to multilib_arches
2015-12-31 08:11:54 -08:00
337a03cdd8
Fix style of commit message
2015-11-20 14:56:41 -08:00
34058a2a6e
Update %{nss_util_version} and %{nss_softokn_version} to 3.21.0
...
- Bug 1284095 - all https fails with sec_error_no_token
2015-11-20 14:39:49 -08:00
66122a0ff7
Add references to bugs filed upstream
2015-11-15 10:51:54 -08:00
03da09b383
Enclose the _isa_bits check inside a %ifnarch noarch ... %endif one
2015-11-14 14:49:57 -08:00
69b02be530
Change the test to %if 0%{__isa_bits} == 64 as required in fedora
...
- As done in the patch contributed by Marcin Juszkiewicz <mjuszkiewicz@redhat.com>
- Resolves: Bug 1258425 - Use __isa_bits macro instead of list of 64-bit architectures
2015-11-14 11:32:57 -08:00
0a91ce3fe8
Complete the commits to update to NSS 3.21
...
- Add files missed in previous commit as they weren't staged
- Package listsuites as part of the unsupported tools set
- Resolves: Bug 1279912 - nss-3.21 is available
- Resolves: Bug 1258425 - Use __isa_bits macro instead of list of 64-bit
- Resolves: Bug 1280032 - Package listsuites as part of the nss unsupported tools set
2015-11-13 18:03:07 -08:00
75207789dc
Update to NSS 3.20.1
2015-10-31 08:55:27 -07:00
82653be6b2
Enable ECC cipher-suites by default [hrbz#1185708]
...
- Split the enabling patch in two for easier maintenance
- Remove unused patches rendered obsolete by prior rebase
2015-09-30 11:34:48 -07:00
ae64727ebb
Enable ECC cipher-suites by default [hrbz#1185708]
...
- Implement corrections requested in code review
2015-09-16 09:25:43 -07:00
a046ce773a
Enable ECC cipher-suites by default [hrbz#1185708]
2015-09-15 16:21:10 -07:00
17f536942a
- Fix patches that disable ssl2 and export cipher suites support
...
- Fix libssl patch that disables ssl2 & export cipher suites not disable RSA_WITH_NULL ciphers
- Fix syntax erros in patch to skip ssl2 and export cipher suite tests to only skip what;s needed
- Turn ssl2 off by default in the tstclnt tool
- Disable ssl stress tests containing TLS RC4 128 with MD5
- Resolves: Bug 1263005
2015-09-14 18:15:13 -07:00
b10f7b1f18
Fix the version number in last %%changelog entry to be NSS 3.20
2015-08-20 15:15:28 -07:00
c4f83dca30
Update to NSS 3.120
2015-08-20 13:50:06 -07:00
8b92dbf50e
Update to NSS 3.19.3
...
- Resolves: Bug 1251624 - nss-3.19.3 is available
2015-08-07 21:13:01 -07:00
f35af25385
Create on the fly versions of sslcov.txt and sslstress.txt that disable tests for SSL2 and EXPORT ciphers
...
- Enhancement from Kai Engert already used on RHEL-7
2015-06-26 14:53:21 -07:00
0779a363b4
Update to NSS 3.19.2
2015-06-17 21:15:31 +02:00
3a7ef4801d
Update to NSS 3.19.1
2015-05-28 22:28:05 +02:00
856e33f728
Update to NSS 3.19
2015-05-19 21:07:35 +02:00
a58533f703
Replace expired test certificates, upstream bug 1151037
2015-05-15 16:23:25 +02:00
f59c0d1275
Update to nss-3.18.0
...
- Resolves: Bug 1203689 - nss-3.18 is available
2015-03-19 09:52:30 -07:00
9b7199b3db
Disable export suites and SSL2 support at build time
...
- Fix syntax errors in various shell scripts
- Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites
2015-03-03 14:35:20 -08:00
fa80ce0efb
Rebuilt for Fedora 23 Change
...
https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code
2015-02-21 22:27:31 +01:00
8687a87da5
Commented out the export NSS_NO_SSL2=1 line to not disable ssl2
...
- Backing out from disabling ssl2 until the patches are fixed
2015-02-09 17:52:50 -08:00
8cfb70a447
Disable SSL2 support at build time
...
- Fix syntax errors in various shell scripts
- Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites
2015-02-08 18:30:17 -08:00
8c142e52fe
Update to nss-3.17.4
...
- remove a patch rendered obsolete by the rebase
2015-01-28 17:23:35 -08:00
c70e45537d
Own the %{_datadir}/doc/nss-tools dir
...
https://bugzilla.redhat.com/show_bug.cgi?id=1185573
2015-01-27 13:16:42 +02:00
62096f81c3
Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer
...
- Install pp man page in %{_datadir}/doc/nss-tools/pp.1
- Use %{_mandir} instead of /usr/share/man as more generic
2014-12-16 07:43:44 -08:00
a60e3001fe
Install pp man page in alternative location
...
- Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer
2014-12-15 08:26:07 -08:00
a7df0838aa
Update to nss-3.17.3
...
- Resolves: Bug 1171012 - nss-3.17.3 is available
2014-12-05 07:32:38 -08:00
3e2a0ea4de
Resolves: Bug 994599 - Enable TLS 1.2 by default
2014-10-16 16:36:18 -07:00
1765d80a6c
Update to nss-3.17.2
2014-10-12 09:06:05 -07:00
0ac07fb221
- Update to nss-3.17.1
...
- Add a mechanism to skip test suite execution during development work
2014-09-25 02:12:48 +02:00
64ca89cbe4
Rebuild for rpm bug 1131960
2014-08-21 11:48:33 -06:00
3e02cae346
Update to nss-3.17.0
...
- Update the iquote.patch on account of the rebase
2014-08-19 10:38:45 -07:00
db7f9bfa50
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
2014-08-17 12:21:01 +00:00
eaa519320e
Replace expired PayPal test cert with current one to prevent build failure
...
- Using the new cert checked in upstream
- See https://hg.mozilla.org/projects/nss/rev/756ccadf33b3
2014-07-30 11:48:10 -07:00
8025e7be74
fix license handling
2014-07-18 18:52:34 -04:00
fd6a1f2171
Update to nss-3.16.2
...
- Resolves: Bug 1114319 - nss-3.16.2 is available
- Remove no longer needed patch
2014-06-29 10:50:40 -07:00
60816050f2
Remove unwanted source directories at the end of %prep so it truly does it
...
- Skip the cipher suite already run as part of the nss-softokn build
- Brings spec file fixes already approved and applied on rhel-6.6
2014-06-15 10:28:18 -07:00
296fce6af9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
2014-06-07 10:09:47 -05:00
f94fcb299b
Replacing ppc64 and ppc64le with the power64 macro
...
- Related: Bug 1052545 - Trivial change for ppc64le in nss spec
2014-05-12 20:09:13 +02:00
4d04992e9a
Update to nss-3.16.1
...
- Update the iquote patch on account of the rebase
- Improve error detection in the %section
- Resolves: Bug 1094702 - nss-3.16.1 is available
2014-05-06 09:32:26 -07:00
37a942df5c
Require nspr-4.10.4
2014-03-19 08:45:26 -07:00
0834927548
Update to nss-3.16.0
...
- Cleanup the copying of the tools man pages
- Update the iquote.patch on account of the rebase
2014-03-18 17:27:02 -07:00
8b13702a67
Restore requiring nss_softokn_version >= 3.15.5
2014-03-04 07:33:25 -08:00
Daiki Ueno
Kai Engert
Elio Maldonado
Fedora Release Engineering
Till Maas
Ville Skyttä
Kevin Fenzi
Peter Robinson
Tom Callaway
Dennis Gilmore
Jaromir Capik