[arch-commits] Commit in lib32-nss/trunk (PKGBUILD ssl-renegotiate-transitional.patch)
Felix Yan
fyan at archlinux.org
Mon Oct 5 03:04:24 UTC 2015
Date: Monday, October 5, 2015 @ 05:04:23
Author: fyan
Revision: 142947
upgpkg: lib32-nss 3.20-1
sync with [core]
Modified:
lib32-nss/trunk/PKGBUILD
Deleted:
lib32-nss/trunk/ssl-renegotiate-transitional.patch
------------------------------------+
PKGBUILD | 13 ++++---------
ssl-renegotiate-transitional.patch | 21 ---------------------
2 files changed, 4 insertions(+), 30 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2015-10-05 02:57:05 UTC (rev 142946)
+++ PKGBUILD 2015-10-05 03:04:23 UTC (rev 142947)
@@ -5,7 +5,7 @@
_pkgbasename=nss
pkgname=lib32-${_pkgbasename}
-pkgver=3.18.1
+pkgver=3.20
pkgrel=1
pkgdesc="Mozilla Network Security Services (32-bit)"
arch=('x86_64')
@@ -22,18 +22,13 @@
makedepends=('gcc-multilib' 'perl')
options=('!strip' '!makeflags' staticlibs)
source=(http://ftp.mozilla.org/pub/security/nss/releases/NSS_${pkgver//./_}_RTM/src/${_pkgbasename}-${pkgver}.tar.gz
- nss.pc.in
- ssl-renegotiate-transitional.patch)
-sha256sums=('10d005ca1b143a8b77032a169c595d06cf42d16d54809558ea30f1ffe73fef70'
- 'b9f1428ca2305bf30b109507ff335fa00bce5a7ce0434b50acd26ad7c47dd5bd'
- '12df04bccbf674db1eef7a519a28987927b5e9c107b1dc386686f05e64f49a97')
+ nss.pc.in)
+sha256sums=('5e38d4b9837ca338af966b97fc91c07f67ad647fb38dc4af3cfd0d84e477d15c'
+ 'b9f1428ca2305bf30b109507ff335fa00bce5a7ce0434b50acd26ad7c47dd5bd')
prepare() {
cd "${srcdir}"/${_pkgbasename}-${pkgver}/
- # Adds transitional SSL renegotiate support - patch from Debian
- patch -Np3 -i "${srcdir}/ssl-renegotiate-transitional.patch"
-
# Respect LDFLAGS
sed -e 's/\$(MKSHLIB) -o/\$(MKSHLIB) \$(LDFLAGS) -o/' \
-i nss/coreconf/rules.mk
Deleted: ssl-renegotiate-transitional.patch
===================================================================
--- ssl-renegotiate-transitional.patch 2015-10-05 02:57:05 UTC (rev 142946)
+++ ssl-renegotiate-transitional.patch 2015-10-05 03:04:23 UTC (rev 142947)
@@ -1,21 +0,0 @@
-Enable transitional scheme for ssl renegotiation:
-
-(from mozilla/security/nss/lib/ssl/ssl.h)
-Disallow unsafe renegotiation in server sockets only, but allow clients
-to continue to renegotiate with vulnerable servers.
-This value should only be used during the transition period when few
-servers have been upgraded.
-
-diff --git a/mozilla/security/nss/lib/ssl/sslsock.c b/mozilla/security/nss/lib/ssl/sslsock.c
-index f1d1921..c074360 100644
---- a/mozilla/security/nss/lib/ssl/sslsock.c
-+++ b/mozilla/security/nss/lib/ssl/sslsock.c
-@@ -181,7 +181,7 @@ static sslOptions ssl_defaults = {
- PR_FALSE, /* noLocks */
- PR_FALSE, /* enableSessionTickets */
- PR_FALSE, /* enableDeflate */
-- 2, /* enableRenegotiation (default: requires extension) */
-+ 3, /* enableRenegotiation (default: transitional) */
- PR_FALSE, /* requireSafeNegotiation */
- };
-
More information about the arch-commits
mailing list