[nss] Update to NSS_3_14_RC1
Elio Maldonado
emaldonado at fedoraproject.org
Mon Oct 22 01:25:54 UTC 2012
commit 1f01ab68b142c0b6571d0f752982ae5b16927a3e
Author: Elio Maldonado <emaldona at redhat.com>
Date: Sun Oct 21 20:47:52 2012 -0400
Update to NSS_3_14_RC1
- update nss-589636.patch to apply to httpdserv
- turn off ocsp tests for now
- remove no longer needed patches
- remove headers shipped by nss-util
Bug-772628-nss_Init-leaks-memory.patch | 27 ------------
...ble-to-contact-LDAP-Server-during-winsync.patch | 27 ------------
...MQP-daemon-fails-to-load-after-nss-update.patch | 15 -------
...672-protect-against-calls-before-nss_init.patch | 40 -----------------
nofipstest.patch | 19 --------
nss-3.14.0.0-disble-ocsp-test.patch | 9 ++++
nss-539183.patch | 43 +++++++++++++++++--
nss-fix-gcc47-secmodt.patch | 12 -----
nss.spec | 45 ++++++++-----------
9 files changed, 67 insertions(+), 170 deletions(-)
---
diff --git a/nss-3.14.0.0-disble-ocsp-test.patch b/nss-3.14.0.0-disble-ocsp-test.patch
new file mode 100644
index 0000000..df4e692
--- /dev/null
+++ b/nss-3.14.0.0-disble-ocsp-test.patch
@@ -0,0 +1,9 @@
+diff -up ./mozilla/security/nss/tests/chains/scenarios/scenarios.disable_ocsp_test ./mozilla/security/nss/tests/chains/scenarios/scenarios
+--- ./mozilla/security/nss/tests/chains/scenarios/scenarios.disable_ocsp_test 2012-10-12 09:30:07.264987000 -0700
++++ ./mozilla/security/nss/tests/chains/scenarios/scenarios 2012-10-12 09:34:55.653123000 -0700
+@@ -49,5 +49,4 @@ bridgewithpolicyextensionandmapping.cfg
+ realcerts.cfg
+ dsa.cfg
+ revoc.cfg
+-ocsp.cfg
+ crldp.cfg
diff --git a/nss-539183.patch b/nss-539183.patch
index 4e04e0b..0a85894 100644
--- a/nss-539183.patch
+++ b/nss-539183.patch
@@ -1,7 +1,42 @@
-diff -up ./mozilla/security/nss/cmd/selfserv/selfserv.c.539183 ./mozilla/security/nss/cmd/selfserv/selfserv.c
---- ./mozilla/security/nss/cmd/selfserv/selfserv.c.539183 2011-10-06 10:42:06.913919000 -0700
-+++ ./mozilla/security/nss/cmd/selfserv/selfserv.c 2011-10-06 10:43:14.858987000 -0700
-@@ -1491,14 +1491,18 @@ getBoundListenSocket(unsigned short port
+Index: ./mozilla/security/nss/cmd/httpserv/httpserv.c
+===================================================================
+RCS file: /cvsroot/mozilla/security/nss/cmd/httpserv/httpserv.c,v
+retrieving revision 1.1
+diff -u -p -r1.1 httpserv.c
+--- ./mozilla/security/nss/cmd/httpserv/httpserv.c 28 Jun 2012 11:11:06 -0000 1.1
++++ ./mozilla/security/nss/cmd/httpserv/httpserv.c 21 Oct 2012 22:22:10 -0000
+@@ -661,14 +661,18 @@ getBoundListenSocket(unsigned short port
+ PRStatus prStatus;
+ PRNetAddr addr;
+ PRSocketOptionData opt;
++ PRUint16 socketDomain = PR_AF_INET;
+
+- addr.inet.family = PR_AF_INET;
+- addr.inet.ip = PR_INADDR_ANY;
+- addr.inet.port = PR_htons(port);
++ if (PR_SetNetAddr(PR_IpAddrAny, PR_AF_INET6, port, &addr) != PR_SUCCESS) {
++ errExit("PR_SetNetAddr");
++ }
+
+- listen_sock = PR_NewTCPSocket();
++ if (PR_GetEnv("NSS_USE_SDP")) {
++ socketDomain = PR_AF_INET_SDP;
++ }
++ listen_sock = PR_OpenTCPSocket(PR_AF_INET6);
+ if (listen_sock == NULL) {
+- errExit("PR_NewTCPSocket");
++ errExit("PR_OpenTCPSocket error");
+ }
+
+ opt.option = PR_SockOpt_Nonblocking;
+Index: ./mozilla/security/nss/cmd/selfserv/selfserv.c
+===================================================================
+RCS file: /cvsroot/mozilla/security/nss/cmd/selfserv/selfserv.c,v
+retrieving revision 1.102
+diff -u -p -r1.102 selfserv.c
+--- ./mozilla/security/nss/cmd/selfserv/selfserv.c 27 Sep 2012 17:13:34 -0000 1.102
++++ ./mozilla/security/nss/cmd/selfserv/selfserv.c 21 Oct 2012 22:22:10 -0000
+@@ -1483,14 +1483,18 @@ getBoundListenSocket(unsigned short port
PRStatus prStatus;
PRNetAddr addr;
PRSocketOptionData opt;
diff --git a/nss.spec b/nss.spec
index 3622e1a..874ee27 100644
--- a/nss.spec
+++ b/nss.spec
@@ -1,13 +1,13 @@
%global nspr_version 4.9.2
-%global nss_util_version 3.13.6
+%global nss_util_version 3.14
%global nss_softokn_fips_version 3.12.9
-%global nss_softokn_version 3.13.6
+%global nss_softokn_version 3.14
%global unsupported_tools_directory %{_libdir}/nss/unsupported-tools
Summary: Network Security Services
Name: nss
-Version: 3.13.6
-Release: 1%{?dist}
+Version: 3.14
+Release: 0.1%{?dist}.rc1.1
License: MPLv1.1 or GPLv2+ or LGPLv2+
URL: http://www.mozilla.org/projects/security/pki/nss/
Group: System Environment/Libraries
@@ -62,22 +62,10 @@ Patch18: nss-646045.patch
# must statically link pem against the freebl in the buildroot
# Needed only when freebl on tree has newe APIS
Patch25: nsspem-use-system-freebl.patch
-# don't compile the fipstest application
-Patch26: nofipstest.patch
# This patch is currently meant for stable branches
Patch29: nss-ssl-cbc-random-iv-off-by-default.patch
-
-# upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=734492
-Patch30: bz784672-protect-against-calls-before-nss_init.patch
-
-# upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=734484
-Patch32: Bug-800674-Unable-to-contact-LDAP-Server-during-winsync.patch
-
-# upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=734492
-Patch33: Bug-800682-Qpid-AMQP-daemon-fails-to-load-after-nss-update.patch
-
-# upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=745224
-Patch34: Bug-772628-nss_Init-leaks-memory.patch
+# TODO: Remove this patch when the ocsp test are fixed
+Patch40: nss-3.14.0.0-disble-ocsp-test.patch
%description
Network Security Services (NSS) is a set of libraries designed to
@@ -157,14 +145,9 @@ low level services.
%patch18 -p0 -b .646045
# link pem against buildroot's freebl, esential wen mixing and matching
%patch25 -p0 -b .systemfreebl
-%patch26 -p0 -b .nofipstest
# activate only if requested for this branch
#%patch29 -p0 -b .770682
-%patch30 -p0 -b .784672
-%patch32 -p0 -b .800674
-%patch33 -p0 -b .800682
-%patch34 -p1 -b .772628
-
+%patch40 -p1 -b .noocsptest
%build
@@ -342,7 +325,7 @@ cd ./mozilla/security/nss/tests/
# don't need to run all the tests when testing packaging
# nss_cycles: standard pkix upgradedb sharedb
-# nss_tests: cipher libpkix cert dbtests tools fips sdr crmf smime ssl ocsp merge pkits chains
+nss_tests="cipher libpkix cert dbtests tools fips sdr crmf smime ssl merge pkits chains"
# nss_ssl_tests: crl bypass_normal normal_bypass normal_fips fips_normal iopr
# nss_ssl_run: cov auth stress
#
@@ -457,8 +440,11 @@ rm -rf $RPM_BUILD_ROOT/%{_includedir}/nss3/secoid.h
rm -rf $RPM_BUILD_ROOT/%{_includedir}/nss3/secoidt.h
rm -rf $RPM_BUILD_ROOT/%{_includedir}/nss3/secport.h
rm -rf $RPM_BUILD_ROOT/%{_includedir}/nss3/utilrename.h
+rm -rf $RPM_BUILD_ROOT/%{_includedir}/nss3/utilmodt.h
+rm -rf $RPM_BUILD_ROOT/%{_includedir}/nss3/utilpars.h
+rm -rf $RPM_BUILD_ROOT/%{_includedir}/nss3/utilparst.h
-#remove the nss-softokn-devel and nss-softokn-freebl-devel headers
+#remove headers shipped nss-softokn-devel and nss-softokn-freebl-devel
rm -rf $RPM_BUILD_ROOT/%{_includedir}/nss3/alghmac.h
rm -rf $RPM_BUILD_ROOT/%{_includedir}/nss3/blapit.h
rm -rf $RPM_BUILD_ROOT/%{_includedir}/nss3/ecl-exp.h
@@ -594,6 +580,13 @@ rm -rf $RPM_BUILD_ROOT/%{_includedir}/nss3/nsslowhash.h
%changelog
+* Sun Oct 21 2012 Elio Maldonado <emaldona at redhat.com> - 3.14-0.1.rc.1
+- Update to NSS_3_14_RC1
+- update nss-589636.patch to apply to httpdserv
+- turn off ocsp tests for now
+- remove no longer needed patches
+- remove headers shipped by nss-util
+
* Fri Oct 05 2012 Kai Engert <kaie at redhat.com> - 3.13.6-1
- Update to NSS_3_13_6_RTM
More information about the scm-commits
mailing list