kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Fix an insecure connection error with nss 3.28 or later. Bump PKGREVISION

Browse source
This commit is contained in:
ryoon 2017-01-24 13:31:37 +00:00
parent 3770b175b9
commit 3ab159d14d
3 changed files with 22 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
www/seamonkey/Makefile
View file

@ -1,8 +1,8 @@
# $NetBSD: Makefile,v 1.153 2017/01/21 20:06:53 ryoon Exp $
# $NetBSD: Makefile,v 1.154 2017/01/24 13:31:37 ryoon Exp $
DISTNAME= seamonkey-${SM_VER}.source
PKGNAME= seamonkey-${SM_VER:S/b/beta/}
PKGREVISION= 2
PKGREVISION= 3
SM_VER= 2.46
CATEGORIES= www
MASTER_SITES= ${MASTER_SITE_MOZILLA:=seamonkey/releases/${SM_VER}/source/}

3
www/seamonkey/distinfo
View file

@ -1,4 +1,4 @@
$NetBSD: distinfo,v 1.142 2017/01/01 16:14:07 ryoon Exp $
$NetBSD: distinfo,v 1.143 2017/01/24 13:31:37 ryoon Exp $
SHA1 (seamonkey-2.46.source.tar.xz) = 5322723a0c7757f29db5636fc60f4c9f3f6734c5
RMD160 (seamonkey-2.46.source.tar.xz) = ba09b9606457371c46524fdda3b73f3b37571f30
@ -82,6 +82,7 @@ SHA1 (patch-mozilla_modules_libjar_nsZipArchive.cpp) = a399e0bd0e83c47938bbee077
SHA1 (patch-mozilla_modules_libpref_init_all.js) = f366d7acf841117bf8c896d355f04e9549ebf17f
SHA1 (patch-mozilla_mozglue_build_arm.cpp) = 592ae5ce1a404227cc2ab6a06418cc813c5743c9
SHA1 (patch-mozilla_mozglue_build_arm.h) = 94e2b1a1a9ebf20bfa8a542066aa0dad475db320
SHA1 (patch-mozilla_netwerk_protocol_http_Http2Session.cpp) = 7d7556575028ef4ee5fccbcb712d5c9f2827f7e6
SHA1 (patch-mozilla_old-configure.in) = 865300929353ffbd31ae01793dd496352e2ccb70
SHA1 (patch-mozilla_python_mozbuild_mozbuild_configure_options.py) = c95e9ffa8bae63b6e68c8363903dadef93ce7d75
SHA1 (patch-mozilla_toolkit_components_protobuf_src_google_protobuf_stubs_atomicops.h) = 0b5cad33bc9a90f4ae2d6346065707b642aba3a9

18
www/seamonkey/patches/patch-mozilla_netwerk_protocol_http_Http2Session.cpp Normal file
View file

@ -0,0 +1,18 @@
$NetBSD: patch-mozilla_netwerk_protocol_http_Http2Session.cpp,v 1.4 2017/01/24 13:31:37 ryoon Exp $
Fix an insecure connection error with NSS 3.28 or later in HTTP2 case
https://hg.mozilla.org/mozilla-central/rev/361ac226da2a
--- mozilla/netwerk/protocol/http/Http2Session.cpp.orig 2016-12-14 02:10:00.000000000 +0000
+++ mozilla/netwerk/protocol/http/Http2Session.cpp
@@ -3542,8 +3542,8 @@ Http2Session::ConfirmTLSProfile()
LOG3(("Http2Session::ConfirmTLSProfile %p FAILED due to DH %d < 2048\n",
this, keybits));
RETURN_SESSION_ERROR(this, INADEQUATE_SECURITY);
- } else if (kea == ssl_kea_ecdh && keybits < 256) { // 256 bits is "security level" of 128
- LOG3(("Http2Session::ConfirmTLSProfile %p FAILED due to ECDH %d < 256\n",
+ } else if (kea == ssl_kea_ecdh && keybits < 224) { // see rfc7540 9.2.1.
+ LOG3(("Http2Session::ConfirmTLSProfile %p FAILED due to ECDH %d < 224\n",
this, keybits));
RETURN_SESSION_ERROR(this, INADEQUATE_SECURITY);
}