forked from pool/apache2-mod_nss
Dominique Leuenberger
996315919e
- Since the update to NSS 3.35, the default NSS certificate
database format changed from Berkley DB to SQLite
- use %license tag
- Update to 1.0.15
* Try to auto-detect the NSS database format if not specified
* Update nss_pcache.8 man page to drop directory and prefix
* When a token is configured in password file only authenticate once
* Return an error when NSSPassPhraseDialog is invalid
* Move 3DES ciphers down from HIGH to MEDIUM to match OpenSSL 1.0.2k+
* Add -Werror=implicit-function-declaration to CFLAGS
* Handle group membership when testing for file permissions
* NSS system-wide policy now disables SSLv3, don't use it in tests
* Add missing error messages for libssl errors
* Fix doc typo in SSL_[SERVER|CLIENT]_SAN_IPaddr env variable name
* When including additional test config use specific extension
* Fix the TLS Session ID cache
* Make an invalid protocol setting fatal
* Don't use same NSS db in nss_pcache as mod_nss, use NSS_NoDB_Init()
* Add info log message when FIPS is enabled
* Add AES-256 and drop DES, CAST128, SKIPJACK as wrapping key types
* Fix removal of CR from PEM certificates
* Add OCSP caching and timeout tuning knobs
* Check the NSS database directory permissions as well as the files
inside it for read access on startup.
* Add in simple aliases for ciphers to fix those that
don't follow the pattern (dhe_rsa_aes_128_sha256,
dhe_rsa_aes_256_sha256) and those with typos
(camelia_128_sha, camelia_256_sha)
* Fix semaphore leak (forwarded request 584463 from vitezslav_cizek)
OBS-URL: https://build.opensuse.org/request/show/585105
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apache2-mod_nss?expand=0&rev=28