gnu: nss, nss-certs: Update to 3.31.

Release notes:
<https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.31_release_notes>

* gnu/packages/certs.scm (nss-certs): Update to 3.31.
* gnu/packages/gnuzilla.scm (nss): Likewise.
[source]<patches>: Remove upstream 'nss-disable-long-b64-tests' patch.
[arguments]<#:phases>: Move armhf timeout substitution ...
* gnu/packages/patches/nss-increase-test-timeout.patch: ... here.
* gnu/packages/patches/nss-disable-long-b64-tests.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.

gnu/local.mk

@@ -852,7 +852,6 @@ dist_patch_DATA =						\
   %D%/packages/patches/ngircd-handle-zombies.patch		\
   %D%/packages/patches/ninja-zero-mtime.patch			\
   %D%/packages/patches/node-9077.patch				\
-  %D%/packages/patches/nss-disable-long-b64-tests.patch		\
   %D%/packages/patches/nss-increase-test-timeout.patch		\
   %D%/packages/patches/nss-pkgconfig.patch			\
   %D%/packages/patches/ntfs-3g-CVE-2017-0358.patch		\

gnu/packages/certs.scm

@@ -74,7 +74,7 @@
 (define-public nss-certs
   (package
     (name "nss-certs")
-    (version "3.30.2")
+    (version "3.31")
     (source (origin
               (method url-fetch)
               (uri (let ((version-with-underscores
@@ -85,7 +85,7 @@
                       "nss-" version ".tar.gz")))
               (sha256
                (base32
-                "096frzvyp3z257x84rxknscfgsbavzh2a0gyibx7kvmw4vzpfjhd"))))
+                "0pd643a8ns7q5az5ai3ascrw666i2kbfiyy1c9hlhw9jd8jn21g9"))))
     (build-system gnu-build-system)
     (outputs '("out"))
     (native-inputs

gnu/packages/gnuzilla.scm

@@ -282,7 +282,7 @@ in the Mozilla clients.")
 (define-public nss
   (package
     (name "nss")
-    (version "3.30.2")
+    (version "3.31")
     (source (origin
               (method url-fetch)
               (uri (let ((version-with-underscores
@@ -293,10 +293,9 @@ in the Mozilla clients.")
                       "nss-" version ".tar.gz")))
               (sha256
                (base32
-                "096frzvyp3z257x84rxknscfgsbavzh2a0gyibx7kvmw4vzpfjhd"))
+                "0pd643a8ns7q5az5ai3ascrw666i2kbfiyy1c9hlhw9jd8jn21g9"))
               ;; Create nss.pc and nss-config.
               (patches (search-patches "nss-pkgconfig.patch"
-                                       "nss-disable-long-b64-tests.patch"
                                        "nss-increase-test-timeout.patch"))))
     (build-system gnu-build-system)
     (outputs '("out" "bin"))
@@ -329,16 +328,6 @@ in the Mozilla clients.")
                   `((setenv "USE_64" "1")))
                  (_
                   '()))
-             ;; The timeout values in "increase-test-timeouts" are still
-             ;; too low, so apply this workaround on armhf for now to avoid
-             ;; rebuilding on all platforms. This should be incorporated in
-             ;; the patch for the next update.
-             ;; https://lists.gnu.org/archive/html/guix-devel/2017-04/msg00472.html
-             ,@(if (string-prefix? "armhf" (or (%current-target-system)
-                                               (%current-system)))
-                   `((substitute* "nss/gtests/ssl_gtest/tls_connect.cc"
-                       (("25000\\);") "300000);")))
-                   '())
              #t))
          (replace 'check
            (lambda _

gnu/packages/patches/nss-disable-long-b64-tests.patch

@@ -1,34 +0,0 @@
-Disable long b64 tests, which consistently fail on armhf.
-This is based on an excerpt of the following upstream patch:
-
-  https://hg.mozilla.org/projects/nss/rev/00b2cc2b33c7
-
-(we exclude the part of the upstream patch that reverts
-an earlier failed attempt, and adapt the file names)
-
-diff --git a/gtests/util_gtest/util_b64_unittest.cc b/gtests/util_gtest/util_b64_unittest.cc
---- a/nss/gtests/util_gtest/util_b64_unittest.cc
-+++ b/nss/gtests/util_gtest/util_b64_unittest.cc
-@@ -63,17 +63,19 @@ TEST_F(B64EncodeDecodeTest, EncDecTest) 
- 
- TEST_F(B64EncodeDecodeTest, FakeDecTest) { EXPECT_TRUE(TestFakeDecode(100)); }
- 
- TEST_F(B64EncodeDecodeTest, FakeEncDecTest) {
-   EXPECT_TRUE(TestFakeEncode(100));
- }
- 
- // These takes a while ...
--TEST_F(B64EncodeDecodeTest, LongFakeDecTest1) {
-+TEST_F(B64EncodeDecodeTest, DISABLED_LongFakeDecTest1) {
-   EXPECT_TRUE(TestFakeDecode(0x66666666));
- }
--TEST_F(B64EncodeDecodeTest, LongFakeEncDecTest1) { TestFakeEncode(0x3fffffff); }
--TEST_F(B64EncodeDecodeTest, LongFakeEncDecTest2) {
-+TEST_F(B64EncodeDecodeTest, DISABLED_LongFakeEncDecTest1) {
-+  TestFakeEncode(0x3fffffff);
-+}
-+TEST_F(B64EncodeDecodeTest, DISABLED_LongFakeEncDecTest2) {
-   EXPECT_FALSE(TestFakeEncode(0x40000000));
- }
- 
- }  // namespace nss_test

gnu/packages/patches/nss-increase-test-timeout.patch

@@ -1,4 +1,4 @@
-We've seen some tests take more than 20s to complete on a busy armhf
+We've seen some tests take up to 60s to complete on a busy armhf
 machine. Even a busy x86_64 machine can use more than 5s on some tests.
 
 Increase timeouts to increase chances of a successful build.
@@ -10,7 +10,7 @@ Increase timeouts to increase chances of a successful build.
    ASSERT_TRUE_WAIT((client_->state() != TlsAgent::STATE_CONNECTING) &&
                         (server_->state() != TlsAgent::STATE_CONNECTING),
 -                   5000);
-+                   25000);
++                   300000);
  }
  
  void TlsConnectTestBase::EnableExtendedMasterSecret() {
@@ -19,7 +19,7 @@ Increase timeouts to increase chances of a successful build.
      failing_agent = client_;
    }
 -  ASSERT_TRUE_WAIT(failing_agent->state() == TlsAgent::STATE_ERROR, 5000);
-+  ASSERT_TRUE_WAIT(failing_agent->state() == TlsAgent::STATE_ERROR, 25000);
++  ASSERT_TRUE_WAIT(failing_agent->state() == TlsAgent::STATE_ERROR, 300000);
  }
  
  void TlsConnectTestBase::ConfigureVersion(uint16_t version) {