Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
[nss] Update to version 3.49. Fixes JB#48386
Update nss to upstream version 3.49. Spec updated and nss added as submodule.
Nss-pem moved to it's own project. Added nss-softoken and nss-util packages.
  • Loading branch information
markolemmetty committed Jan 27, 2020
1 parent cf648ae commit 4f45dd1
Show file tree
Hide file tree
Showing 43 changed files with 1,395 additions and 212 deletions.
3 changes: 3 additions & 0 deletions .gitmodules
@@ -0,0 +1,3 @@
[submodule "nss"]
path = nss
url = https://git.sailfishos.org/mirror/nss
1 change: 1 addition & 0 deletions nss
Submodule nss added at ffdd77
Binary file removed nss-3.39.tar.gz
Binary file not shown.
Binary file removed nss-pem-1.0.4.tar.xz
Binary file not shown.
6 changes: 0 additions & 6 deletions nss-pem.cmake

This file was deleted.

File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
59 changes: 59 additions & 0 deletions rpm/cert8.db.xml
@@ -0,0 +1,59 @@
<?xml version='1.0' encoding='utf-8'?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
<!ENTITY date SYSTEM "date.xml">
<!ENTITY version SYSTEM "version.xml">
]>

<refentry id="cert8.db">

<refentryinfo>
<date>&date;</date>
<title>Network Security Services</title>
<productname>nss</productname>
<productnumber>&version;</productnumber>
</refentryinfo>

<refmeta>
<refentrytitle>cert8.db</refentrytitle>
<manvolnum>5</manvolnum>
</refmeta>

<refnamediv>
<refname>cert8.db</refname>
<refpurpose>Legacy NSS certificate database</refpurpose>
</refnamediv>

<refsection id="description">
<title>Description</title>
<para><emphasis>cert8.db</emphasis> is an NSS certificate database.</para>
<para>This certificate database is in the legacy database format. Consider migrating to cert9.db and key4.db which are the new sqlite-based shared database format with support for concurrent access.
</para>
</refsection>

<refsection>
<title>Files</title>
<para><filename>/etc/pki/nssdb/cert8.db</filename></para>
</refsection>

<refsection>
<title>See also</title>
<para>cert9.db(5), key4.db(5), pkcs11.txt(5), </para>
</refsection>

<refsection id="authors">
<title>Authors</title>
<para>The nss libraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.</para>
<para>Authors: Elio Maldonado &lt;emaldona@redhat.com>.</para>
</refsection>

<!-- don't change -->
<refsection id="license">
<title>LICENSE</title>
<para>Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
</para>

</refsection>


</refentry>
59 changes: 59 additions & 0 deletions rpm/cert9.db.xml
@@ -0,0 +1,59 @@
<?xml version='1.0' encoding='utf-8'?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
<!ENTITY date SYSTEM "date.xml">
<!ENTITY version SYSTEM "version.xml">
]>

<refentry id="cert9.db">

<refentryinfo>
<date>&date;</date>
<title>Network Security Services</title>
<productname>nss</productname>
<productnumber>&version;</productnumber>
</refentryinfo>

<refmeta>
<refentrytitle>cert9.db</refentrytitle>
<manvolnum>5</manvolnum>
</refmeta>

<refnamediv>
<refname>cert9.db</refname>
<refpurpose>NSS certificate database</refpurpose>
</refnamediv>

<refsection id="description">
<title>Description</title>
<para><emphasis>cert9.db</emphasis> is an NSS certificate database.</para>
<para>This certificate database is the sqlite-based shared database with support for concurrent access.
</para>
</refsection>

<refsection>
<title>Files</title>
<para><filename>/etc/pki/nssdb/cert9.db</filename></para>
</refsection>

<refsection>
<title>See also</title>
<para>pkcs11.txt(5)</para>
</refsection>

<refsection id="authors">
<title>Authors</title>
<para>The nss libraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.</para>
<para>Authors: Elio Maldonado &lt;emaldona@redhat.com>.</para>
</refsection>

<!-- don't change -->
<refsection id="license">
<title>LICENSE</title>
<para>Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
</para>

</refsection>


</refentry>
File renamed without changes.
59 changes: 59 additions & 0 deletions rpm/key3.db.xml
@@ -0,0 +1,59 @@
<?xml version='1.0' encoding='utf-8'?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
<!ENTITY date SYSTEM "date.xml">
<!ENTITY version SYSTEM "version.xml">
]>

<refentry id="key3.db">

<refentryinfo>
<date>&date;</date>
<title>Network Security Services</title>
<productname>nss</productname>
<productnumber>&version;</productnumber>
</refentryinfo>

<refmeta>
<refentrytitle>key3.db</refentrytitle>
<manvolnum>5</manvolnum>
</refmeta>

<refnamediv>
<refname>key3.db</refname>
<refpurpose>Legacy NSS certificate database</refpurpose>
</refnamediv>

<refsection id="description">
<title>Description</title>
<para><emphasis>key3.db</emphasis> is an NSS certificate database.</para>
<para>This is a key database in the legacy database format. Consider migrating to cert9.db and key4.db which which are the new sqlite-based shared database format with support for concurrent access.
</para>
</refsection>

<refsection>
<title>Files</title>
<para><filename>/etc/pki/nssdb/key3.db</filename></para>
</refsection>

<refsection>
<title>See also</title>
<para>cert9.db(5), key4.db(5), pkcs11.txt(5), </para>
</refsection>

<refsection id="authors">
<title>Authors</title>
<para>The nss libraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.</para>
<para>Authors: Elio Maldonado &lt;emaldona@redhat.com>.</para>
</refsection>

<!-- don't change -->
<refsection id="license">
<title>LICENSE</title>
<para>Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
</para>

</refsection>


</refentry>
59 changes: 59 additions & 0 deletions rpm/key4.db.xml
@@ -0,0 +1,59 @@
<?xml version='1.0' encoding='utf-8'?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
<!ENTITY date SYSTEM "date.xml">
<!ENTITY version SYSTEM "version.xml">
]>

<refentry id="key4.db">

<refentryinfo>
<date>&date;</date>
<title>Network Security Services</title>
<productname>nss</productname>
<productnumber>&version;</productnumber>
</refentryinfo>

<refmeta>
<refentrytitle>key4.db</refentrytitle>
<manvolnum>5</manvolnum>
</refmeta>

<refnamediv>
<refname>key4.db</refname>
<refpurpose>NSS certificate database</refpurpose>
</refnamediv>

<refsection id="description">
<title>Description</title>
<para><emphasis>key4.db</emphasis> is an NSS key database.</para>
<para>This key database is the sqlite-based shared database format with support for concurrent access.
</para>
</refsection>

<refsection>
<title>Files</title>
<para><filename>/etc/pki/nssdb/key4.db</filename></para>
</refsection>

<refsection>
<title>See also</title>
<para>pkcs11.txt(5)</para>
</refsection>

<refsection id="authors">
<title>Authors</title>
<para>The nss libraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.</para>
<para>Authors: Elio Maldonado &lt;emaldona@redhat.com>.</para>
</refsection>

<!-- don't change -->
<refsection id="license">
<title>LICENSE</title>
<para>Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
</para>

</refsection>


</refentry>
22 changes: 22 additions & 0 deletions rpm/nss-3.47-ike-fix.patch
@@ -0,0 +1,22 @@
diff -up ./nss/lib/softoken/pkcs11.c.ike_fix ./nss/lib/softoken/pkcs11.c
--- ./nss/lib/softoken/pkcs11.c.ike_fix 2019-11-04 10:15:08.022176945 -0800
+++ ./nss/lib/softoken/pkcs11.c 2019-11-04 10:17:35.396733750 -0800
@@ -330,7 +330,7 @@ static const struct mechanismList mechan
{ CKM_AES_CTS, { 16, 32, CKF_EN_DE }, PR_TRUE },
{ CKM_AES_CTR, { 16, 32, CKF_EN_DE }, PR_TRUE },
{ CKM_AES_GCM, { 16, 32, CKF_EN_DE }, PR_TRUE },
- { CKM_AES_XCBC_MAC_96, { 16, 16, CKF_SN_VR }, PR_TRUE },
+ { CKM_AES_XCBC_MAC_96, { 12, 12, CKF_SN_VR }, PR_TRUE },
{ CKM_AES_XCBC_MAC, { 16, 16, CKF_SN_VR }, PR_TRUE },
/* ------------------------- Camellia Operations --------------------- */
{ CKM_CAMELLIA_KEY_GEN, { 16, 32, CKF_GENERATE }, PR_TRUE },
@@ -518,7 +518,8 @@ static const struct mechanismList mechan
/* --------------------IPSEC ----------------------- */
{ CKM_NSS_IKE_PRF_PLUS_DERIVE, { 8, 255 * 64, CKF_DERIVE }, PR_TRUE },
{ CKM_NSS_IKE_PRF_DERIVE, { 8, 64, CKF_DERIVE }, PR_TRUE },
- { CKM_NSS_IKE1_PRF_DERIVE, { 8, 64, CKF_DERIVE }, PR_TRUE }
+ { CKM_NSS_IKE1_PRF_DERIVE, { 8, 64, CKF_DERIVE }, PR_TRUE },
+ { CKM_NSS_IKE1_APP_B_PRF_DERIVE, { 8, 255 * 64, CKF_DERIVE }, PR_TRUE }
};
static const CK_ULONG mechanismCount = sizeof(mechanisms) / sizeof(mechanisms[0]);

0 comments on commit 4f45dd1

Please sign in to comment.