Changes:
- Bug 1749030 - This patch adds gcc-9 and gcc-10 to the CI.
- Bug 1749794 - Make DottedOIDToCode.py compatible with python3.
- Bug 1749475 - Avoid undefined shift in SSL_CERT_IS while fuzzing.
- Bug 1748386 - Remove redundant key type check.
- Bug 1749869 - Update ABI expectations to match ECH changes.
- Bug 1748386 - Enable CKM_CHACHA20.
- Bug 1747327 - check return on NSS_NoDB_Init and NSS_Shutdown.
- Bug 1747310 - real move assignment operator.
- Bug 1748245 - Run ECDSA test vectors from bltest as part of the CI tests.
- Bug 1743302 - Add ECDSA test vectors to the bltest command line tool.
- Bug 1747772 - Allow to build using clang's integrated assembler.
- Bug 1321398 - Allow to override python for the build.
- Bug 1747317 - test HKDF output rather than input.
- Bug 1747316 - Use ASSERT macros to end failed tests early.
- Bug 1747310 - move assignment operator for DataBuffer.
- Bug 1712879 - Add test cases for ECH compression and unexpected extensions in SH.
- Bug 1725938 - Update tests for ECH-13.
- Bug 1725938 - Tidy up error handling.
- Bug 1728281 - Add tests for ECH HRR Changes.
- Bug 1728281 - Server only sends GREASE HRR extension if enabled by preference.
- Bug 1725938 - Update generation of the Associated Data for ECH-13.
- Bug 1712879 - When ECH is accepted, reject extensions which were only advertised in the Outer Client Hello.
- Bug 1712879 - Allow for compressed, non-contiguous, extensions.
- Bug 1712879 - Scramble the PSK extension in CHOuter.
- Bug 1712647 - Split custom extension handling for ECH.
- Bug 1728281 - Add ECH-13 HRR Handling.
- Bug 1677181 - Client side ECH padding.
- Bug 1725938 - Stricter ClientHelloInner Decompression.
- Bug 1725938 - Remove ECH_inner extension, use new enum format.
- Bug 1725938 - Update the version number for ECH-13 and adjust the ECHConfig size.
All checksums have been double-checked against existing RMD160 and
SHA512 hashes
Could not be committed due to merge conflict:
devel/py-traitlets/distinfo
The following distfiles were unfetchable (note: some may be only fetched
conditionally):
./devel/pvs/distinfo pvs-3.2-solaris.tgz
./devel/eclipse/distinfo eclipse-sourceBuild-srcIncluded-3.0.1.zip
this is still wrong, but it's less wrong than before and once again
both arm64 and arm64eb (and amd64) build.
this is really strange. the code in sha512.c uses:
#if !defined(USE_HW_SHA2) || !defined(IS_LITTLE_ENDIAN)
which originally this patch attempted to match, but IS_LITTLE_ENDIAN
is never defined inside nss, even though it's used a few dozen times.
there is a MP_IS_LITTLE_ENDIAN defined that is setup, but almost
never used.
Bugs fixed:
- Bug 1722613 (Backout) - Disable DTLS 1.0 and 1.1 by default
- Bug 1720226 (Backout) - integrity checks in key4.db not happening on private components with AES_CBC
Bugs fixed:
* Bug 1683710 - Add a means to disable ALPN.
* Bug 1715720 - Fix nssckbi version number in NSS 3.67 (was supposed to be incremented in 3.66).
* Bug 1714719 - Set NSS_USE_64 on riscv64 target when using GYP/Ninja.
* Bug 1566124 - Fix counter increase in ppc-gcm-wrap.c.
* Bug 1566124 - Fix AES_GCM mode on ppc64le for messages of length more than 255-byte.
Bugs fixed:
* Bug 1710716 - Remove Expired Sonera Class2 CA from NSS.
* Bug 1710716 - Remove Expired Root Certificates from NSS - QuoVadis Root Certification Authority.
* Bug 1708307 - Remove Trustis FPS Root CA from NSS.
* Bug 1707097 - Add Certum Trusted Root CA to NSS.
* Bug 1707097 - Add Certum EC-384 CA to NSS.
* Bug 1703942 - Add ANF Secure Server Root CA to NSS.
* Bug 1697071 - Add GLOBALTRUST 2020 root cert to NSS.
* Bug 1712184 - NSS tools manpages need to be updated to reflect that sqlite is the default database.
* Bug 1712230 - Don't build ppc-gcm.s with clang integrated assembler.
* Bug 1712211 - Strict prototype error when trying to compile nss code that includes blapi.h.
* Bug 1710773 - NSS needs FIPS 180-3 FIPS indicators.
* Bug 1709291 - Add VerifyCodeSigningCertificateChain.
* Use GNU tar for the release helper script.
Bugs fixed in NSS 3.65:
* Bug 1709654 - Update for NetBSD configuration.
* Bug 1709750 - Disable HPKE test when fuzzing.
* Bug 1566124 - Optimize AES-GCM for ppc64le.
* Bug 1699021 - Add AES-256-GCM to HPKE.
* Bug 1698419 - ECH -10 updates.
* Bug 1692930 - Update HPKE to final version.
* Bug 1707130 - NSS should use modern algorithms in PKCS#12 files by default.
* Bug 1703936 - New coverity/cpp scanner errors.
* Bug 1697303 - NSS needs to update it's csp clearing to FIPS 180-3 standards.
* Bug 1702663 - Need to support RSA PSS with Hashing PKCS #11 Mechanisms.
* Bug 1705119 - Deadlock when using GCM and non-thread safe tokens.
While the link fix did fix the case of openssl calling nss code,
the other way round still happens, e.g. in libreoffice (since fixed to
not use nss) and konqueror.
Bump PKGREVISION.
For a long time now (at least 15 years), the installed pkg-config
file also linked against libsoftokn3, which is wrong according to
upstream. This library is only intended to be loaded as a module.
Having this library linked added symbols to the namespace that conflict
with openssl symbols. This had caused problems before, and patches
had been added to rename symbols to avoid this conflict.
Instead, fix this correctly by not linking against libsoftokn3.
Switch to using the pkg-config and nss-config files provided in the
distfiles instead of pkgsrc-specific ones.
Remove now unneeded symbol-renaming patches.
Remove DragonFly patches while here.
Bump PKGREVISION.
Changelog:
Bugs fixed in NSS 3.63:
* Bug 1697380 - Make a clang-format run on top of helpful contributions.
* Bug 1683520 - ECCKiila P384, change syntax of nested structs initialization
to prevent build isses with GCC 4.8.
* Bug 1683520 - [lib/freebl/ecl] P-384: allow zero scalars in dual scalar
multiplication.
* Bug 1683520 - ECCKiila P521, change syntax of nested structs initialization
to prevent build isses with GCC 4.8.
* Bug 1683520 - [lib/freebl/ecl] P-521: allow zero scalars in dual scalar
multiplication.
* Bug 1696800 - HACL* update March 2021 -
c95ab70fcb2bc21025d8845281bc4bc8987ca683.
* Bug 1694214 - tstclnt can't enable middlebox compat mode.
* Bug 1694392 - NSS does not work with PKCS #11 modules not supporting
profiles.
* Bug 1685880 - Minor fix to prevent unused variable on early return.
* Bug 1685880 - Fix for the gcc compiler version 7 to support setenv with nss
build.
* Bug 1693217 - Increase nssckbi.h version number for March 2021 batch of root
CA changes, CA list version 2.48.
* Bug 1692094 - Set email distrust after to 21-03-01 for Camerfirma's
'Chambers of Commerce' and 'Global Chambersign' roots.
* Bug 1618407 - Symantec root certs - Set CKA_NSS_EMAIL_DISTRUST_AFTER.
* Bug 1693173 - Add GlobalSign R45, E45, R46, and E46 root certs to NSS.
* Bug 1683738 - Add AC RAIZ FNMT-RCM SERVIDORES SEGUROS root cert to NSS.
* Bug 1686854 - Remove GeoTrust PCA-G2 and VeriSign Universal root certs from
NSS.
* Bug 1687822 - Turn off Websites trust bit for the “Staat der Nederlanden
Root CA - G3” root cert in NSS.
* Bug 1692094 - Turn off Websites Trust Bit for 'Chambers of Commerce Root -
2008' and 'Global Chambersign Root - 2008’.
* Bug 1694291 - Tracing fixes for ECH.
Changelog:
Bugs fixed in NSS 3.61:
* Bug 1682071 - Fix issue with IKE Quick mode deriving incorrect key values
under certain conditions.
* Bug 1684300 - Fix default PBE iteration count when NSS is compiled with
NSS_DISABLE_DBM.
* Bug 1651411 - Improve constant-timeness in RSA operations.
* Bug 1677207 - Upgrade Google Test version to latest release.
* Bug 1654332 - Add aarch64-make target to nss-try.
Changelog:
Notable changes in NSS 3.60:
* TLS 1.3 Encrypted Client Hello (draft-ietf-tls-esni-08) support has been
added, replacing the previous ESNI (draft-ietf-tls-esni-01) implementation.
See bug 1654332 for more information.
* December 2020 batch of Root CA changes, builtins library updated to version
2.46. See bugs 1678189, 1678166, and 1670769 for more information.
Bugs fixed in NSS 3.60:
* Bug 1654332 - Implement Encrypted Client Hello (draft-ietf-tls-esni-08).
* Bug 1678189 - Update CA list version to 2.46.
* Bug 1670769 - Remove 10 GeoTrust, thawte, and VeriSign root certs from NSS.
* Bug 1678166 - Add NAVER Global Root Certification Authority root cert to
NSS.
* Bug 1678384 - Add a build flag to allow building nssckbi-testlib in
mozilla-central.
* Bug 1570539 - Remove -X alt-server-hello option from tstclnt.
* Bug 1675523 - Fix incorrect pkcs11t.h value CKR_PUBLIC_KEY_INVALID.
* Bug 1642174 - Fix PowerPC ABI version 1 build failure.
* Bug 1674819 - Fix undefined shift in fuzzer mode.
* Bug 1678990 - Fix ARM crypto extensions detection on macOS.
* Bug 1679290 - Fix lock order inversion and potential deadlock with
libnsspem.
* Bug 1680400 - Fix memory leak in PK11_UnwrapPrivKey.
Changelog:
Notable Changes in NSS 3.59
Exported two existing functions from libnss, CERT_AddCertToListHeadWithData
and CERT_AddCertToListTailWithData
NOTE: NSS will soon require GCC 4.8 or newer. Gyp-based builds will stop
supporting older GCC versions first, followed a few releases later by the
make-based builds. Users of older GCC versions can continue to use the
make-based build system while they upgrade to newer versions of GCC.
Bugs fixed in NSS 3.59
* Bug 1607449 - Lock cert->nssCertificate to prevent a potential data race
* Bug 1672823 - Add Wycheproof test cases for HMAC, HKDF, and DSA
* Bug 1663661 - Guard against NULL token in nssSlot_IsTokenPresent
* Bug 1670835 - Support enabling and disabling signatures via Crypto Policy
* Bug 1672291 - Resolve libpkix OCSP failures on SHA1 self-signed root certs
when SHA1 signatures are disabled.
* Bug 1644209 - Fix broken SelectedCipherSuiteReplacer filter to solve some
test intermittents
* Bug 1672703 - Tolerate the first CCS in TLS 1.3 to fix a regression in our
CVE-2020-25648 fix that broke purple-discord
* Bug 1666891 - Support key wrap/unwrap with RSA-OAEP
* Bug 1667989 - Fix gyp linking on Solaris
* Bug 1668123 - Export CERT_AddCertToListHeadWithData and
CERT_AddCertToListTailWithData from libnss
* Bug 1634584 - Set CKA_NSS_SERVER_DISTRUST_AFTER for Trustis FPS Root CA
* Bug 1663091 - Remove unnecessary assertions in the streaming ASN.1 decoder
that affected decoding certain PKCS8 private keys when using NSS debug builds
* Bug 1670839 - Use ARM crypto extension for AES, SHA1 and SHA2 on MacOS.
Note that this says the NSPR dependency is bumped. I didn't encounter
any problems with 2.46. It seems to be a change that their automation
was updated to the newer version.
NSS 3.55
P384 and P521 elliptic curve implementations are replaced with verifiable implementations from Fiat-Crypto and ECCKiila. Special thanks to the Network and Information Security Group (NISEC) at Tampere University.
PK11_FindCertInSlot is added. With this function, a given slot can be queried with a DER-Encoded certificate, providing performance and usability improvements over other mechanisms. See Bug 1649633 for more details.
DTLS 1.3 implementation is updated to draft-38. See Bug 1647752 for details.
NSPR dependency updated to 4.27.
NSS 3.54
Support for TLS 1.3 external pre-shared keys (Bug 1603042).
Use ARM Cryptography Extension for SHA256, when available. (Bug 1528113).
Changelog:
Notable Changes in NSS 3.53
* When using the Makefiles, NSS can be built in parallel, speeding up those
builds to more similar performance as the build.sh/ninja/gyp system. (Bug
290526)
* SEED is now moved into a new freebl directory freebl/deprecated (Bug
1636389).
- SEED will be disabled by default in a future release of NSS. At that time,
users will need to set the compile-time flag (Bug 1622033) to disable that
deprecation in order to use the algorithm.
- Algorithms marked as deprecated will ultimately be removed.
* Several root certificates in the Mozilla program now set the
CKA_NSS_SERVER_DISTRUST_AFTER attribute, which NSS consumers can query to
further refine trust decisions. (Bug 1618404, Bug 1621159) If a builtin
certificate has a CKA_NSS_SERVER_DISTRUST_AFTER timestamp before the SCT or
NotBefore date of a certificate that builtin issued, then clients can elect
not to trust it.
- This attribute provides a more graceful phase-out for certificate
authorities than complete removal from the root certificate builtin store.
Bugs fixed in NSS 3.53
* Bug 1640260 - Initialize PBE params (ASAN fix)
* Bug 1618404 - Set CKA_NSS_SERVER_DISTRUST_AFTER for Symantec root certs
* Bug 1621159 - Set CKA_NSS_SERVER_DISTRUST_AFTER for Consorci AOC, GRCA, and
SK ID root certs
* Bug 1629414 - PPC64: Correct compilation error between VMX vs. VSX vector
instructions
* Bug 1639033 - Fix various compile warnings in NSS
* Bug 1640041 - Fix a null pointer in security/nss/lib/ssl/sslencode.c:67
* Bug 1640042 - Fix a null pointer in security/nss/lib/ssl/sslsock.c:4460
* Bug 1638289 - Avoid multiple definitions of SHA{256,384,512}_* symbols when
linking libfreeblpriv3.so in Firefox on ppc64le
* Bug 1636389 - Relocate deprecated SEED algorithm
* Bug 1637083 - lib/ckfw: No such file or directory. Stop.
* Bug 1561331 - Additional modular inverse test
* Bug 1629553 - Rework and cleanup gmake builds
* Bug 1438431 - Remove mkdepend and "depend" make target
* Bug 290526 - Support parallel building of NSS when using the Makefiles
* Bug 1636206 - HACL* update after changes in libintvector.h
* Bug 1636058 - Fix building NSS on Debian s390x, mips64el, and riscv64
* Bug 1622033 - Add option to build without SEED
Changelog:
Notable Changes in NSS 3.52
Bug 1603628 - Update NSS to support PKCS #11 v3.0.
Bug 1623374 - Support new PKCS #11 v3.0 Message Interface for AES-GCM and ChaChaPoly.
Bug 1612493 - Integrate AVX2 ChaCha20, Poly1305, and ChaCha20Poly1305 from HACL*.
Bugs fixed in NSS 3.52
Bug 1633498 - Fix unused variable 'getauxval' error on iOS compilation.
Bug 1630721 - Add Softoken functions for FIPS.
Bug 1630458 - Fix problem of GYP MSVC builds not producing debug symbol files.
Bug 1629663 - Add IKEv1 Quick Mode KDF.
Bug 1629661 - MPConfig calls in SSL initialize policy before NSS is initialized.
Bug 1629655 - Support temporary session objects in ckfw.
Bug 1629105 - Add PKCS11 v3.0 functions to module debug logger.
Bug 1626751 - Fix error in generation of fuzz32 docker image after updates.
Bug 1625133 - Fix implicit declaration of function 'getopt' error.
Bug 1624864 - Allow building of gcm-arm32-neon on non-armv7 architectures.
Bug 1624402 - Fix compilation error in Firefox Android.
Bug 1624130 - Require CK_FUNCTION_LIST structs to be packed.
Bug 1624377 - Fix clang warning for unknown argument '-msse4'.
Bug 1623374 - Support new PKCS #11 v3.0 Message Interface for AES-GCM and ChaChaPoly.
Bug 1623184 - Fix freebl_cpuid for querying Extended Features.
Bug 1622555 - Fix argument parsing in lowhashtest.
Bug 1620799 - Introduce NSS_DISABLE_GCM_ARM32_NEON to build on arm32 without NEON support.
Bug 1619102 - Add workaround option to include both DTLS and TLS versions in DTLS supported_versions.
Bug 1619056 - Update README: TLS 1.3 is not experimental anymore.
Bug 1618915 - Fix UBSAN issue in ssl_ParseSessionTicket.
Bug 1618739 - Don't assert fuzzer behavior in SSL_ParseSessionTicket.
Bug 1617968 - Update Delegated Credentials implementation to draft-07.
Bug 1617533 - Update HACL* dependencies for libintvector.h
Bug 1613238 - Add vector accelerated SHA2 for POWER 8+.
Bug 1612493 - Integrate AVX2 ChaCha20, Poly1305, and ChaCha20Poly1305 from HACL*.
Bug 1612281 - Maintain PKCS11 C_GetAttributeValue semantics on attributes that lack NSS database columns.
Bug 1612260 - Add Wycheproof RSA test vectors.
Bug 1608250 - broken fipstest handling of KI_len.
Bug 1608245 - Consistently handle NULL slot/session.
Bug 1603801 - Avoid dcache pollution from sdb_measureAccess().
Bug 1603628 - Update NSS to support PKCS #11 v3.0.
Bug 1561637 - TLS 1.3 does not work in FIPS mode.
Bug 1531906 - Fix overzealous assertion when evicting a cached sessionID or using external cache.
Bug 1465613 - Fix issue where testlib makefile build produced extraneous object files.
Bug 1619959 - Properly handle multi-block SEED ECB inputs.
Bug 1630925 - Guard all instances of NSSCMSSignedData.signerInfo to avoid a CMS crash
Bug 1571677 - Name Constraints validation: CN treated as DNS name even when syntactically invalid as DNS name
Compatibility
NSS 3.52 shared libraries are backward compatible with all older NSS 3.x
shared libraries. A program linked with older NSS 3.x shared libraries
will work with NSS 3.52 shared libraries without recompiling or relinking.
Furthermore, applications that restrict their use of NSS APIs to the functions
listed in NSS Public Functions will remain compatible with future versions
of the NSS shared libraries.
