[arch-commits] Commit in lib32-nss/trunk (PKGBUILD ssl-renegotiate-transitional.patch)

[Felix Yan]

    Date: Monday, October 5, 2015 @ 05:04:23
  Author: fyan
Revision: 142947

upgpkg: lib32-nss 3.20-1

sync with [core]

Modified:
  lib32-nss/trunk/PKGBUILD
Deleted:
  lib32-nss/trunk/ssl-renegotiate-transitional.patch

------------------------------------+
 PKGBUILD                           |   13 ++++---------
 ssl-renegotiate-transitional.patch |   21 ---------------------
 2 files changed, 4 insertions(+), 30 deletions(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2015-10-05 02:57:05 UTC (rev 142946)
+++ PKGBUILD	2015-10-05 03:04:23 UTC (rev 142947)
@@ -5,7 +5,7 @@
 
 _pkgbasename=nss
 pkgname=lib32-${_pkgbasename}
-pkgver=3.18.1
+pkgver=3.20
 pkgrel=1
 pkgdesc="Mozilla Network Security Services (32-bit)"
 arch=('x86_64')
@@ -22,18 +22,13 @@
 makedepends=('gcc-multilib' 'perl')
 options=('!strip' '!makeflags' staticlibs)
 source=(http://ftp.mozilla.org/pub/security/nss/releases/NSS_${pkgver//./_}_RTM/src/${_pkgbasename}-${pkgver}.tar.gz
-        nss.pc.in
-        ssl-renegotiate-transitional.patch)
-sha256sums=('10d005ca1b143a8b77032a169c595d06cf42d16d54809558ea30f1ffe73fef70'
-            'b9f1428ca2305bf30b109507ff335fa00bce5a7ce0434b50acd26ad7c47dd5bd'
-            '12df04bccbf674db1eef7a519a28987927b5e9c107b1dc386686f05e64f49a97')
+        nss.pc.in)
+sha256sums=('5e38d4b9837ca338af966b97fc91c07f67ad647fb38dc4af3cfd0d84e477d15c'
+            'b9f1428ca2305bf30b109507ff335fa00bce5a7ce0434b50acd26ad7c47dd5bd')
 
 prepare() {
   cd "${srcdir}"/${_pkgbasename}-${pkgver}/
 
-  # Adds transitional SSL renegotiate support - patch from Debian
-  patch -Np3 -i "${srcdir}/ssl-renegotiate-transitional.patch"
-
   # Respect LDFLAGS
   sed -e 's/\$(MKSHLIB) -o/\$(MKSHLIB) \$(LDFLAGS) -o/' \
       -i nss/coreconf/rules.mk

Deleted: ssl-renegotiate-transitional.patch
===================================================================
--- ssl-renegotiate-transitional.patch	2015-10-05 02:57:05 UTC (rev 142946)
+++ ssl-renegotiate-transitional.patch	2015-10-05 03:04:23 UTC (rev 142947)
@@ -1,21 +0,0 @@
-Enable transitional scheme for ssl renegotiation:
-
-(from mozilla/security/nss/lib/ssl/ssl.h)
-Disallow unsafe renegotiation in server sockets only, but allow clients
-to continue to renegotiate with vulnerable servers.
-This value should only be used during the transition period when few
-servers have been upgraded.
-
-diff --git a/mozilla/security/nss/lib/ssl/sslsock.c b/mozilla/security/nss/lib/ssl/sslsock.c
-index f1d1921..c074360 100644
---- a/mozilla/security/nss/lib/ssl/sslsock.c
-+++ b/mozilla/security/nss/lib/ssl/sslsock.c
-@@ -181,7 +181,7 @@ static sslOptions ssl_defaults = {
-     PR_FALSE,   /* noLocks            */
-     PR_FALSE,   /* enableSessionTickets */
-     PR_FALSE,   /* enableDeflate      */
--    2,          /* enableRenegotiation (default: requires extension) */
-+    3,          /* enableRenegotiation (default: transitional) */
-     PR_FALSE,   /* requireSafeNegotiation */
- };
-