Commit Graph

521 Commits

Author SHA1 Message Date
Daiki Ueno
c51947784e Remove upstreamed patches 2017-07-11 14:27:48 +02:00
Daiki Ueno
60379b1140 Rebase to NSS 3.31.0 2017-07-11 14:17:26 +02:00
Daiki Ueno
c02a92318d Enable TLS 1.3 again
Also re-enable tests on armv7hl.
2017-05-10 13:28:12 +02:00
Daiki Ueno
8a895b4021 Rebase to NSS 3.30.2 2017-04-24 11:07:51 +02:00
Kai Engert
00dec8e43f temporarily disable tests on armv7hl because of infrastructure timeouts 2017-03-29 17:39:12 +02:00
Kai Engert
f1ccf9b47a Backport upstream mozbz#1328318 to support crypto policy FUTURE. 2017-03-29 14:11:21 +02:00
Daiki Ueno
6870a8a378 Re-add patch to check CKA_NSS_MOZILLA_CA_POLICY 2017-03-22 13:59:37 +01:00
Daiki Ueno
fe7dcb8310 Update to NSS 3.29.3 2017-03-21 16:47:43 +01:00
Kai Engert
571d09fa9e Backport mozbz#1334976 and mozbz#1336487. 2017-03-02 14:10:09 +01:00
Daiki Ueno
65a4d20cc7 Update to NSS 3.29.1 2017-02-17 15:32:15 +01:00
Daiki Ueno
07c729494a Disable TLS 1.3 again 2017-02-09 10:13:07 +01:00
Daiki Ueno
73106743c1 Update to NSS 3.29.0 2017-02-08 16:33:58 +01:00
Daiki Ueno
70bf1cefc1 Work around pkgconfig -> pkgconf transition issue 2017-01-23 14:41:48 +01:00
Daiki Ueno
877f068e97 Temporarily remove Conflicts: for icecat 2017-01-23 14:15:36 +01:00
Daiki Ueno
82e9983e43 Disable TLS 1.3 again
Also add Conflicts for old Mozilla apps
2017-01-20 17:41:36 +01:00
Daiki Ueno
c6535e87bd Add "Conflicts" with older firefox 2017-01-17 12:49:10 +01:00
Daiki Ueno
8b6e6cc656 Fix incorrect version requirement for nss-util/nss-softokn 2017-01-13 09:41:31 +01:00
Daiki Ueno
9168316fa8 Update to NSS 3.28.1 2017-01-06 14:35:27 +01:00
Daiki Ueno
1df1edced7 Update to 3.27.2 2016-11-30 15:35:31 +01:00
Daiki Ueno
f52ebc585d Revert the previous fix for RSA-PSS and use the upstream fix instead 2016-11-15 16:27:37 +01:00
Kai Engert
387bb6b467 Disable the use of RSA-PSS with SSL/TLS. #1383809 2016-11-02 14:19:58 +01:00
Daiki Ueno
74f302809f Disable TLS 1.3 by default 2016-10-02 07:12:26 +02:00
Daiki Ueno
ddcac56c2e Update to NSS 3.27.0 2016-09-29 13:52:40 +02:00
Daiki Ueno
e0be40e6f7 Add explanation about NSS_IGNORE_SYSTEM_POLICY=1 2016-08-19 10:33:21 +02:00
Daiki Ueno
351f464ed1 Update to NSS 3.26.0 2016-08-10 14:46:53 +02:00
Elio Maldonado
7854e70d7e Incorporate more changes requested in upstream review and commited upstream (#1157720)
- still keeping two separate patches
2016-07-14 10:41:00 -07:00
Elio Maldonado
ff192a931a Incorporate some changes requested in upstream review and commited upstream (#1157720) 2016-07-13 17:44:26 -07:00
Elio Maldonado
270f23d149 Implement changes requested in upstream review and pushed upstream (#1157720)
- merge the two policy related patches
2016-07-12 20:25:49 -07:00
Elio Maldonado
e666a29edf Add support for conditionally ignoring the system policy (#1157720)
- Remove unneeded test scripts patches in order to run more tests
- Remove unneeded test data modifications from the spec file
2016-07-01 18:22:06 -07:00
Elio Maldonado
68e30820ed Add a reference to bug filed upstream 2016-06-28 09:33:42 -07:00
Elio Maldonado
ef6c2f08e7 Remove obsolete patch and spurious lines from the spec file (#1347336) 2016-06-28 07:47:13 -07:00
Elio Maldonado
e51bf1ce38 Cleanup spec file and patches and add references to bugs filed upstream 2016-06-26 15:03:12 -07:00
Elio Maldonado
3792f60887 Rebase to NSS 3.15
- Remove three patches obsolted by the rebase and updated two
- Temporarily not building the ecperf tool
- ecperef requires freebl/ec.h and ecl-curve.h and the latter
- causes compile failure because it requires that
- NSS_ECC_MORE_THAN_SUITE_B not be defined yet this is
- required for nss builds to allow external pkcs #11 providers
- to support curves beyond suite-b, such restriction only applies
- to the internal crypto module
2016-06-24 14:13:59 -07:00
Kai Engert
1911d47990 Bug 1347336, decouple nss-pem from the nss package, patch contributed by Kamil Dudka 2016-06-22 15:20:39 +02:00
Elio Maldonado
f5c6a9ac04 Apply the patch that was last introduced
- Renumber and reorder some of the patches
- Resolves: Bug 1342158
2016-06-03 08:40:01 -07:00
Elio Maldonado
85c6e70f3c Allow application requests to disable SSL v2 to succeed
- Resolves: Bug 1342158 - nss-3.24 does no longer support ssl V2, installation of IPA fails because nss init fails
2016-06-02 13:47:29 -07:00
Elio Maldonado
c460de4d23 Rebase to NSS 3.24.0
- Restore setting the policy file location
- Make ssl tests scripts aware of policy
- Ajust tests data expected result for policy
2016-05-29 10:14:36 -07:00
Elio Maldonado
29b52f2caf Bootstrap build to rebase to NSS 3.24.0
- Temporarily not setting the policy file location
2016-05-25 19:55:49 -07:00
Elio Maldonado
fc09930b4d Update nss_util_version and nss_softoken_version to 3.24.0
- Resolves: Bug 1336849 - nss-3.24 is available
2016-05-24 06:49:40 -07:00
Elio Maldonado
3648d70a92 Update to NSS 3.24.0
- Resolves: Bug 1336849 - nss-3.24 is available
- Update patches on account of the rebase
- Remove unused patches un account of the rebase
- Patch pem module to compile with wrning for unitilaized variables treated as errors
- Patch to skip some of the gtests as they use private calls and need to statically link with libnssutil.a
- TODO: bring this up with the external_tests framework developers upstream
2016-05-23 18:10:46 -07:00
Elio Maldonado
2e6c8d6f71 Change POLICY_FILE to "nss.config" 2016-05-12 12:04:57 -07:00
Elio Maldonado
299e9058d1 Change POLICY_FILE to "nss.cfg" 2016-04-22 08:25:14 -07:00
Elio Maldonado
21d9cd13e1 Change the POLICY_PATH to "/etc/crypto-policies/back-ends"
- Regenerate the check policy patch with hg to provide more context
- the nss-util portion included though not applied here but in nss-util
- todo: file bug upstream once we have done some testing
2016-04-20 08:49:00 -07:00
Elio Maldonado
b9c9bc550c Fix typo in the last %changelog entry 2016-04-14 14:16:05 -07:00
Elio Maldonado
ea86d5898c Load policy file if /etc/pki/nssdb/policy.cfg exists
- Resolves: Bug 1157720 - NSS should enforce the system-wide crypto policy
2016-03-24 15:18:49 -07:00
Elio Maldonado
b22cf46b7c Remove unused patch rendered obsolete by pem update 2016-03-08 15:41:14 -08:00
Elio Maldonado
2a45956d5b Update pem sources to latest from nss-pem upstream
- Resolves: Bug 1300652 - [PEM] insufficient input validity checking while loading a private key
- Fixes memory leak on failed ASN1 decoding of RSA keys with rebase
- https://git.fedorahosted.org/cgit/nss-pem.git
2016-03-08 06:47:48 -08:00
Elio Maldonado
e4343992f0 Rebase to NSS 3.23 2016-03-05 12:42:26 -08:00
Elio Maldonado
c0f6099656 Requite nss and nss-softokn version 3.22.2 2016-02-27 16:45:41 -08:00
Elio Maldonado
69c688f3b5 Rebase to NSS 3.22.2
- Resolves: Bug 1304135 - nss-3.22.2 is available
2016-02-26 21:59:01 -08:00