Compare commits
1 Commits
| Author | SHA256 | Date | |
|---|---|---|---|
| d18f9c1bef |
1340
mozilla-nss.changes
1340
mozilla-nss.changes
File diff suppressed because it is too large
Load Diff
@@ -17,15 +17,14 @@
|
||||
#
|
||||
|
||||
|
||||
%global nss_softokn_fips_version 3.113
|
||||
%global nss_softokn_fips_version 3.112
|
||||
%define NSPR_min_version 4.36
|
||||
%define nspr_ver %(rpm -q --queryformat '%%{VERSION}' mozilla-nspr)
|
||||
%define nssdbdir %{_sysconfdir}/pki/nssdb
|
||||
%global crypto_policies_version 20210218
|
||||
Name: mozilla-nss
|
||||
Version: 3.113
|
||||
Version: 3.112
|
||||
Release: 0
|
||||
%define underscore_version 3_113
|
||||
%define underscore_version 3_112
|
||||
Summary: Network Security Services
|
||||
License: MPL-2.0
|
||||
Group: System/Libraries
|
||||
@@ -285,13 +284,6 @@ export NSS_ENABLE_FIPS_INDICATORS=1
|
||||
export NSS_FIPS_MODULE_ID="\"SUSE Linux Enterprise NSS %{version}-%{release}\""
|
||||
#export SQLITE_LIB_NAME=nsssqlite3
|
||||
export MAKE_FLAGS="BUILD_OPT=1"
|
||||
%if 0%{?suse_version} >= 1550 || 0%{?sle_version} >= 150400
|
||||
# Set the policy file location
|
||||
# if set NSS will always check for the policy file and load if it exists
|
||||
#export POLICY_FILE="nss.config"
|
||||
# location of the policy file
|
||||
#export POLICY_PATH="/etc/crypto-policies/back-ends"
|
||||
%endif
|
||||
EOF
|
||||
|
||||
source ../obsenv.sh
|
||||
@@ -313,30 +305,12 @@ export HOST="localhost"
|
||||
export DOMSUF="localdomain"
|
||||
export USE_IP=TRUE
|
||||
export IP_ADDRESS="127.0.0.1"
|
||||
%if 0%{?suse_version} >= 1550 || 0%{?sle_version} >= 150400
|
||||
# This is necessary because the test suite tests algorithms that are
|
||||
# disabled by the system policy.
|
||||
export NSS_IGNORE_SYSTEM_POLICY=1
|
||||
%endif
|
||||
EOF
|
||||
source ../obsenv.sh
|
||||
source ../obstestenv.sh
|
||||
cd tests
|
||||
./all.sh
|
||||
# This file can live at different places when built in OBS or using "osc build":
|
||||
if [ -s ../../../tests_results/security/localhost.1/output.log ]; then
|
||||
output_log=../../../tests_results/security/localhost.1/output.log
|
||||
elif [ -s ../../tests_results/security/localhost.1/output.log ]; then
|
||||
output_log=../../tests_results/security/localhost.1/output.log
|
||||
elif [ -s ../tests_results/security/localhost.1/output.log ]; then
|
||||
output_log=../tests_results/security/localhost.1/output.log
|
||||
elif [ -s ../security/localhost.1/output.log ]; then
|
||||
output_log=../security/localhost.1/output.log
|
||||
else
|
||||
echo "Cannot find tests_results output.log - Assuming testsuite failed"
|
||||
exit 1
|
||||
fi
|
||||
if grep "FAILED" $output_log ; then
|
||||
if grep "FAILED" ../../../tests_results/security/localhost.1/output.log ; then
|
||||
echo "Testsuite FAILED"
|
||||
exit 1
|
||||
fi
|
||||
@@ -495,11 +469,6 @@ fi
|
||||
|
||||
%postun sysinit -p /sbin/ldconfig
|
||||
|
||||
%if 0%{?suse_version} >= 1550 || 0%{?sle_version} >= 150400
|
||||
%posttrans
|
||||
update-crypto-policies &> /dev/null || :
|
||||
%endif
|
||||
|
||||
%files
|
||||
%{_libdir}/libnss3.so
|
||||
%{_libdir}/libnssutil3.so
|
||||
|
||||
BIN
nss-3.112.tar.gz
(Stored with Git LFS)
Normal file
BIN
nss-3.112.tar.gz
(Stored with Git LFS)
Normal file
Binary file not shown.
@@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:acef06b512d3bd81c87a63b3c8653d258bb689d2191fc0e64decf5a1efa01c0f
|
||||
size 76625834
|
||||
@@ -726,7 +726,9 @@ Index: nss/lib/softoken/fips_algorithms.h
|
||||
/* ------------------------- Hashing Operations ----------------------- */
|
||||
{ CKM_SHA224, { 0, 0, CKF_HSH }, 1, SFTKFIPSNone },
|
||||
{ CKM_SHA224_HMAC, { 112, 224, CKF_SGN }, 1, SFTKFIPSNone },
|
||||
@@ -141,46 +192,88 @@ SFTKFIPSAlgorithmList sftk_fips_mechs[]
|
||||
@@ -139,44 +190,86 @@ SFTKFIPSAlgorithmList sftk_fips_mechs[]
|
||||
{ CKM_SHA512_HMAC, { 256, 512, CKF_SGN }, 1, SFTKFIPSNone },
|
||||
{ CKM_SHA512_HMAC_GENERAL, { 256, 512, CKF_SGN }, 1, SFTKFIPSNone },
|
||||
/* --------------------- Secret Key Operations ------------------------ */
|
||||
- { CKM_GENERIC_SECRET_KEY_GEN, { 8, 256, CKF_GEN }, 1, SFTKFIPSNone },
|
||||
+ { CKM_GENERIC_SECRET_KEY_GEN, { 112, 512, CKF_GEN }, 1, SFTKFIPSNone },
|
||||
@@ -803,10 +805,6 @@ Index: nss/lib/softoken/fips_algorithms.h
|
||||
+ { CKM_NSS_SP800_108_DOUBLE_PIPELINE_KDF_DERIVE_DATA, { 112, CK_MAX, CKF_KDF }, 1, SFTKFIPSChkHashSp800,
|
||||
+ offsetof(CK_SP800_108_KDF_PARAMS, prfType) },
|
||||
/* --------------------IPSEC ----------------------- */
|
||||
{ CKM_IKE2_PRF_PLUS_DERIVE, { 8, 255 * 64, CKF_KDF }, 1, SFTKFIPSNone },
|
||||
{ CKM_IKE_PRF_DERIVE, { 8, 64, CKF_KDF }, 1, SFTKFIPSNone },
|
||||
{ CKM_IKE1_PRF_DERIVE, { 8, 64, CKF_KDF }, 1, SFTKFIPSNone },
|
||||
{ CKM_IKE1_EXTENDED_DERIVE, { 8, 255 * 64, CKF_KDF }, 1, SFTKFIPSNone },
|
||||
- { CKM_NSS_IKE_PRF_PLUS_DERIVE, { 8, 255 * 64, CKF_KDF }, 1, SFTKFIPSNone },
|
||||
- { CKM_NSS_IKE_PRF_DERIVE, { 8, 64, CKF_KDF }, 1, SFTKFIPSNone },
|
||||
- { CKM_NSS_IKE1_PRF_DERIVE, { 8, 64, CKF_KDF }, 1, SFTKFIPSNone },
|
||||
|
||||
Reference in New Issue
Block a user