rpms/nss
5
0
Fork 0
Code Issues Pull Requests Releases Activity
596 Commits 7 Branches 59 Tags 3.7 MiB
4567b678cc
Commit Graph

500 Commits

Author SHA1 Message Date
Igor Gnatenko
7504d3f5b2 Remove BuildRoot definition 
None of currently supported distributions need that.
It was needed last for EL5 which is EOL now

Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
 2018-02-13 23:55:40 +01:00
Fedora Release Engineering
51a16f5968 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2018-02-08 08:28:30 +00:00
Kai Engert
1689d12cbb Set NSS_FORCE_FIPS=1 at %%build time, and remove from %%check. 2018-02-01 14:26:39 +01:00
Kai Engert
0a70bce56d Fix a compiler error with gcc 8, mozbz#1434070 2018-01-29 22:58:11 +01:00
Kai Engert
ccf407af47 Stop pulling in nss-pem automatically, packages that need it should depend on it, rhbz#1539401 2018-01-29 19:03:50 +01:00
Daiki Ueno
08f152ebf9 Update to NSS 3.35.0 2018-01-23 14:38:31 +01:00
Daiki Ueno
bd239c046a Update to NSS 3.34.0 2017-11-14 14:20:29 +01:00
Daiki Ueno
6d15c06123 Fix nss-pem requirement on multilib 2017-11-10 15:13:21 +01:00
Kai Engert
423cf344b1 fix test script 2017-11-08 14:53:14 +01:00
Kai Engert
cd77ff2c17 Update tests to be compatible with default NSS DB changed to sql (the default was changed in the nss-util package). 2017-11-07 14:13:10 +01:00
Kai Engert
c4dce982fc rhbz#1505487, backport upstream fixes required for rhbz#1496560 2017-10-24 14:05:16 +02:00
Daiki Ueno
06c6c5b05b Forcibly run FIPS tests, and install new header file 2017-10-03 15:41:34 +02:00
Daiki Ueno
8a8a89e2ed Update to NSS 3.33.0 2017-10-03 10:18:40 +02:00
Daiki Ueno
c6bdcf333a Update to NSS 3.32.1 2017-09-15 14:21:47 +02:00
Daiki Ueno
3e4febd5a1 Prefer in-tree headers over system headers 
See https://bugzilla.redhat.com/show_bug.cgi?id=1422046#c6
 2017-09-06 14:38:46 +02:00
Kai Engert
61169569b1 NSS libnssckbi.so has already been obsoleted by p11-kit-trust, rhbz#1484449 2017-08-23 19:41:28 +02:00
Daiki Ueno
2d62c98a25 Don't build util_gtest 2017-08-08 12:47:53 +02:00
Daiki Ueno
7ae9f54af6 Update to NSS 3.32.0 2017-08-07 13:58:01 +02:00
Fedora Release Engineering
3bbfdef75c - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild 2017-08-03 04:07:03 +00:00
Fedora Release Engineering
7a90b2748d - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild 2017-07-27 01:18:19 +00:00
Daiki Ueno
943827bba4 Fix the previous commit 2017-07-19 18:34:50 +02:00
Daiki Ueno
82b3129713 Fix the previous commit for deprecating signtool 
signtool.1 must be installed even if it is unsupported
 2017-07-19 15:39:19 +02:00
Daiki Ueno
4b45ae6d65 Backport mozbz#1381784 to avoid deadlock in dnf 2017-07-18 13:18:15 +02:00
Daiki Ueno
314afd2133 Move signtool to %%_libdir/nss/unsupported-tools 2017-07-13 16:16:30 +02:00
Petr Písař
b2ceaeb648 perl dependency renamed to perl-interpreter <https://fedoraproject.org/wiki/Changes/perl_Package_to_Install_Core_Modules> 2017-07-12 14:42:33 +02:00
Daiki Ueno
5ed56146a2 Rebase to NSS 3.31.0 2017-06-21 17:41:09 +02:00
Daiki Ueno
4a49c5748c Enable gtests 2017-06-02 15:18:09 +02:00
Daiki Ueno
405310c946 Rebase to NSS 3.30.2 2017-04-24 09:50:22 +02:00
Kai Engert
cd8db2917d Backport upstream mozbz#1328318 to support crypto policy FUTURE. 2017-03-30 11:54:51 +02:00
Daiki Ueno
17cd27bdca Revert workaround for pkgconf transition 
This reverts commit 70bf1cefc1.
 2017-03-21 12:37:13 +01:00
Daiki Ueno
b6664ebb77 Update to NSS 3.30.0 2017-03-21 12:20:45 +01:00
Kai Engert
8b601d64b2 Backport mozbz#1334976 and mozbz#1336487. 2017-03-02 13:44:16 +01:00
Daiki Ueno
65a4d20cc7 Update to NSS 3.29.1 2017-02-17 15:32:15 +01:00
Daiki Ueno
07c729494a Disable TLS 1.3 again 2017-02-09 10:13:07 +01:00
Daiki Ueno
73106743c1 Update to NSS 3.29.0 2017-02-08 16:33:58 +01:00
Daiki Ueno
70bf1cefc1 Work around pkgconfig -> pkgconf transition issue 2017-01-23 14:41:48 +01:00
Daiki Ueno
877f068e97 Temporarily remove Conflicts: for icecat 2017-01-23 14:15:36 +01:00
Daiki Ueno
82e9983e43 Disable TLS 1.3 again 
Also add Conflicts for old Mozilla apps
 2017-01-20 17:41:36 +01:00
Daiki Ueno
c6535e87bd Add "Conflicts" with older firefox 2017-01-17 12:49:10 +01:00
Daiki Ueno
8b6e6cc656 Fix incorrect version requirement for nss-util/nss-softokn 2017-01-13 09:41:31 +01:00
Daiki Ueno
9168316fa8 Update to NSS 3.28.1 2017-01-06 14:35:27 +01:00
Daiki Ueno
1df1edced7 Update to 3.27.2 2016-11-30 15:35:31 +01:00
Daiki Ueno
f52ebc585d Revert the previous fix for RSA-PSS and use the upstream fix instead 2016-11-15 16:27:37 +01:00
Kai Engert
387bb6b467 Disable the use of RSA-PSS with SSL/TLS. #1383809 2016-11-02 14:19:58 +01:00
Daiki Ueno
74f302809f Disable TLS 1.3 by default 2016-10-02 07:12:26 +02:00
Daiki Ueno
ddcac56c2e Update to NSS 3.27.0 2016-09-29 13:52:40 +02:00
Daiki Ueno
e0be40e6f7 Add explanation about NSS_IGNORE_SYSTEM_POLICY=1 2016-08-19 10:33:21 +02:00
Daiki Ueno
351f464ed1 Update to NSS 3.26.0 2016-08-10 14:46:53 +02:00
Elio Maldonado
7854e70d7e Incorporate more changes requested in upstream review and commited upstream (#1157720) 
- still keeping two separate patches
 2016-07-14 10:41:00 -07:00
Elio Maldonado
ff192a931a Incorporate some changes requested in upstream review and commited upstream (#1157720) 2016-07-13 17:44:26 -07:00
Elio Maldonado
270f23d149 Implement changes requested in upstream review and pushed upstream (#1157720) 
- merge the two policy related patches
 2016-07-12 20:25:49 -07:00
Elio Maldonado
e666a29edf Add support for conditionally ignoring the system policy (#1157720) 
- Remove unneeded test scripts patches in order to run more tests
- Remove unneeded test data modifications from the spec file
 2016-07-01 18:22:06 -07:00
Elio Maldonado
68e30820ed Add a reference to bug filed upstream 2016-06-28 09:33:42 -07:00
Elio Maldonado
ef6c2f08e7 Remove obsolete patch and spurious lines from the spec file (#1347336) 2016-06-28 07:47:13 -07:00
Elio Maldonado
e51bf1ce38 Cleanup spec file and patches and add references to bugs filed upstream 2016-06-26 15:03:12 -07:00
Elio Maldonado
3792f60887 Rebase to NSS 3.15 
- Remove three patches obsolted by the rebase and updated two
- Temporarily not building the ecperf tool
- ecperef requires freebl/ec.h and ecl-curve.h and the latter
- causes compile failure because it requires that
- NSS_ECC_MORE_THAN_SUITE_B not be defined yet this is
- required for nss builds to allow external pkcs #11 providers
- to support curves beyond suite-b, such restriction only applies
- to the internal crypto module
 2016-06-24 14:13:59 -07:00
Kai Engert
1911d47990 Bug 1347336, decouple nss-pem from the nss package, patch contributed by Kamil Dudka 2016-06-22 15:20:39 +02:00
Elio Maldonado
f5c6a9ac04 Apply the patch that was last introduced 
- Renumber and reorder some of the patches
- Resolves: Bug 1342158
 2016-06-03 08:40:01 -07:00
Elio Maldonado
85c6e70f3c Allow application requests to disable SSL v2 to succeed 
- Resolves: Bug 1342158 - nss-3.24 does no longer support ssl V2, installation of IPA fails because nss init fails
 2016-06-02 13:47:29 -07:00
Elio Maldonado
c460de4d23 Rebase to NSS 3.24.0 
- Restore setting the policy file location
- Make ssl tests scripts aware of policy
- Ajust tests data expected result for policy
 2016-05-29 10:14:36 -07:00
Elio Maldonado
29b52f2caf Bootstrap build to rebase to NSS 3.24.0 
- Temporarily not setting the policy file location
 2016-05-25 19:55:49 -07:00
Elio Maldonado
fc09930b4d Update nss_util_version and nss_softoken_version to 3.24.0 
- Resolves: Bug 1336849 - nss-3.24 is available
 2016-05-24 06:49:40 -07:00
Elio Maldonado
3648d70a92 Update to NSS 3.24.0 
- Resolves: Bug 1336849 - nss-3.24 is available
- Update patches on account of the rebase
- Remove unused patches un account of the rebase
- Patch pem module to compile with wrning for unitilaized variables treated as errors
- Patch to skip some of the gtests as they use private calls and need to statically link with libnssutil.a
- TODO: bring this up with the external_tests framework developers upstream
 2016-05-23 18:10:46 -07:00
Elio Maldonado
2e6c8d6f71 Change POLICY_FILE to "nss.config" 2016-05-12 12:04:57 -07:00
Elio Maldonado
299e9058d1 Change POLICY_FILE to "nss.cfg" 2016-04-22 08:25:14 -07:00
Elio Maldonado
21d9cd13e1 Change the POLICY_PATH to "/etc/crypto-policies/back-ends" 
- Regenerate the check policy patch with hg to provide more context
- the nss-util portion included though not applied here but in nss-util
- todo: file bug upstream once we have done some testing
 2016-04-20 08:49:00 -07:00
Elio Maldonado
b9c9bc550c Fix typo in the last %changelog entry 2016-04-14 14:16:05 -07:00
Elio Maldonado
ea86d5898c Load policy file if /etc/pki/nssdb/policy.cfg exists 
- Resolves: Bug 1157720 - NSS should enforce the system-wide crypto policy
 2016-03-24 15:18:49 -07:00
Elio Maldonado
b22cf46b7c Remove unused patch rendered obsolete by pem update 2016-03-08 15:41:14 -08:00
Elio Maldonado
2a45956d5b Update pem sources to latest from nss-pem upstream 
- Resolves: Bug 1300652 - [PEM] insufficient input validity checking while loading a private key
- Fixes memory leak on failed ASN1 decoding of RSA keys with rebase
- https://git.fedorahosted.org/cgit/nss-pem.git
 2016-03-08 06:47:48 -08:00
Elio Maldonado
e4343992f0 Rebase to NSS 3.23 2016-03-05 12:42:26 -08:00
Elio Maldonado
c0f6099656 Requite nss and nss-softokn version 3.22.2 2016-02-27 16:45:41 -08:00
Elio Maldonado
69c688f3b5 Rebase to NSS 3.22.2 
- Resolves: Bug 1304135 - nss-3.22.2 is available
 2016-02-26 21:59:01 -08:00
Elio Maldonado
fe44847276 Fix ssl2/exp test disabling to run all the required tests 2016-02-22 20:49:28 -08:00
Elio Maldonado
c281a339e1 Rebase to NSS 3.22.1 
- Bug 1304135 - nss-3.22.1 is available
 2016-02-21 11:30:52 -08:00
Elio Maldonado
317de01a4d Update .gitignore as part of updating to nss 3.22 2016-02-08 13:47:18 -08:00
Elio Maldonado
5953345108 Update to NSS 3.22 2016-02-08 07:57:39 -08:00
Fedora Release Engineering
f7ddea92df - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild 2016-02-04 10:56:52 +00:00
Elio Maldonado
5fe1656484 Resolves: Bug 1299040 - Enable ssl_gtests upstream test suite 
- Remove 'export NSS_DISABLE_GTESTS=1' go ssl_gtests are built
- Use %define when specifying the nss_tests to run
 2016-01-15 11:12:08 -08:00
Elio Maldonado
0483a01742 Add 64-bit MIPS to multilib arches 
- Patch contributed by Michal Toman <michal.toman@gmail.com>
- Resolves: Bug 1294878 - Add 64-bit MIPS to multilib_arches
 2015-12-31 08:11:54 -08:00
Elio Maldonado
337a03cdd8 Fix style of commit message 2015-11-20 14:56:41 -08:00
Elio Maldonado
34058a2a6e Update %{nss_util_version} and %{nss_softokn_version} to 3.21.0 
- Bug 1284095 - all https fails with sec_error_no_token
 2015-11-20 14:39:49 -08:00
Elio Maldonado
66122a0ff7 Add references to bugs filed upstream 2015-11-15 10:51:54 -08:00
Elio Maldonado
03da09b383 Enclose the _isa_bits check inside a %ifnarch noarch ... %endif one 2015-11-14 14:49:57 -08:00
Elio Maldonado
69b02be530 Change the test to %if 0%{__isa_bits} == 64 as required in fedora 
- As done in the patch contributed by Marcin Juszkiewicz <mjuszkiewicz@redhat.com>
- Resolves: Bug 1258425 - Use __isa_bits macro instead of list of 64-bit architectures
 2015-11-14 11:32:57 -08:00
Elio Maldonado
0a91ce3fe8 Complete the commits to update to NSS 3.21 
- Add files missed in previous commit as they weren't staged
- Package listsuites as part of the unsupported tools set
- Resolves: Bug 1279912 - nss-3.21 is available
- Resolves: Bug 1258425 - Use __isa_bits macro instead of list of 64-bit
- Resolves: Bug 1280032 - Package listsuites as part of the nss unsupported tools set
 2015-11-13 18:03:07 -08:00
Elio Maldonado
75207789dc Update to NSS 3.20.1 2015-10-31 08:55:27 -07:00
Elio Maldonado
82653be6b2 Enable ECC cipher-suites by default [hrbz#1185708] 
- Split the enabling patch in two for easier maintenance
- Remove unused patches rendered obsolete by prior rebase
 2015-09-30 11:34:48 -07:00
Elio Maldonado
ae64727ebb Enable ECC cipher-suites by default [hrbz#1185708] 
- Implement corrections requested in code review
 2015-09-16 09:25:43 -07:00
Elio Maldonado
a046ce773a Enable ECC cipher-suites by default [hrbz#1185708] 2015-09-15 16:21:10 -07:00
Elio Maldonado
17f536942a - Fix patches that disable ssl2 and export cipher suites support 
- Fix libssl patch that disables ssl2 & export cipher suites not disable RSA_WITH_NULL ciphers
- Fix syntax erros in patch to skip ssl2 and export cipher suite tests to only skip what;s needed
- Turn ssl2 off by default in the tstclnt tool
- Disable ssl stress tests containing TLS RC4 128 with MD5
- Resolves: Bug 1263005
 2015-09-14 18:15:13 -07:00
Elio Maldonado
b10f7b1f18 Fix the version number in last %%changelog entry to be NSS 3.20 2015-08-20 15:15:28 -07:00
Elio Maldonado
c4f83dca30 Update to NSS 3.120 2015-08-20 13:50:06 -07:00
Elio Maldonado
8b92dbf50e Update to NSS 3.19.3 
- Resolves: Bug 1251624 - nss-3.19.3 is available
 2015-08-07 21:13:01 -07:00
Elio Maldonado
f35af25385 Create on the fly versions of sslcov.txt and sslstress.txt that disable tests for SSL2 and EXPORT ciphers 
- Enhancement from Kai Engert already used on RHEL-7
 2015-06-26 14:53:21 -07:00
Kai Engert
0779a363b4 Update to NSS 3.19.2 2015-06-17 21:15:31 +02:00
Kai Engert
3a7ef4801d Update to NSS 3.19.1 2015-05-28 22:28:05 +02:00
Kai Engert
856e33f728 Update to NSS 3.19 2015-05-19 21:07:35 +02:00
Kai Engert
a58533f703 Replace expired test certificates, upstream bug 1151037 2015-05-15 16:23:25 +02:00
Elio Maldonado
f59c0d1275 Update to nss-3.18.0 
- Resolves: Bug 1203689 - nss-3.18 is available
 2015-03-19 09:52:30 -07:00