Commit 261f6338 authored by Jeff Huang's avatar Jeff Huang

nss: update to 3.23

parent 7a6150c9
......@@ -2,13 +2,13 @@
pkgbase=nss
pkgname=(nss ca-certificates-mozilla)
pkgver=3.22
pkgrel=2
pkgver=3.23
pkgrel=1
pkgdesc="Mozilla Network Security Services"
arch=('x86_64')
url="http://www.mozilla.org/projects/security/pki/nss/"
license=('MPL' 'GPL')
_nsprver=4.11
_nsprver=4.12
depends=("nspr>=${_nsprver}" 'sqlite3' 'zlib' 'sh' 'p11-kit')
makedepends=('perl' 'python2')
options=('!strip' '!makeflags' 'staticlibs')
......@@ -16,32 +16,18 @@ source=("https://ftp.mozilla.org/pub/security/nss/releases/NSS_${pkgver//./_}_RT
certdata2pem.py
bundle.sh
nss.pc.in
nss-config.in
ssl-renegotiate-transitional.patch
legacy-certs.patch)
sha256sums=('30ebd121c77e725a1383618eff79a6752d6e9f0f21882ad825ddab12e7227611'
nss-config.in)
sha256sums=('94b383e31c9671e9dfcca81084a8a813817e8f05a57f54533509b318d26e11cf'
'880b10445a9472826698fd186ca870a6492c1bbd264bbeed95cbedc6ee6041b2'
'045f520403f715a4cc7f3607b4e2c9bcc88fee5bce58d462fddaa2fdb0e4c180'
'b9f1428ca2305bf30b109507ff335fa00bce5a7ce0434b50acd26ad7c47dd5bd'
'e44ac5095b4d88f24ec7b2e6a9f1581560bd3ad41a3d198596d67ef22f67adb9'
'12df04bccbf674db1eef7a519a28987927b5e9c107b1dc386686f05e64f49a97'
'704a9608a58d129d8afac787a12f3c46e9fef3025ff3ab9ecacbc35d1f663a8c')
'e44ac5095b4d88f24ec7b2e6a9f1581560bd3ad41a3d198596d67ef22f67adb9')
prepare() {
mkdir certs
cd nss-$pkgver
# Adds transitional SSL renegotiate support - patch from Debian
patch -Np3 -i ../ssl-renegotiate-transitional.patch
# Temporarily reenable several weak certificates until OpenSSL
# and GnuTLS manage to handle multiple intermediates
# https://bugzilla.redhat.com/show_bug.cgi?id=1144808
# https://gist.github.com/grawity/15eabf67191e17080241
# Altered again to readd trust removed in 3.17.3
patch nss/lib/ckfw/builtins/certdata.txt ../legacy-certs.patch
# Respect LDFLAGS
sed -e 's/\$(MKSHLIB) -o/\$(MKSHLIB) \$(LDFLAGS) -o/' \
-i nss/coreconf/rules.mk
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment