Closed
Bug 1666567
Opened 4 years ago
Closed 4 years ago
Upgrade Firefox 83 to use NSS 3.58
Categories
(Core :: Security: PSM, enhancement, P1)
Core
Security: PSM
Tracking
()
RESOLVED
FIXED
83 Branch
| Tracking | Status | |
|---|---|---|
| firefox83 | --- | fixed |
People
(Reporter: jcj, Assigned: jcj)
References
()
Details
Attachments
(6 files)
Tracking NSS 3.58 for Firefox 83. Ultimate tag will be NSS_3_58_RTM.
|
Assignee | |
Updated•4 years ago
|
Keywords: leave-open
|
|
Assignee | |
Comment 1•4 years ago
|
||
|
|
Assignee | |
Updated•4 years ago
|
Pushed by jjones@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/0dc1fc4850cd
land NSS c28e20f61e5d UPGRADE_NSS_RELEASE, r=kjacobs
|
||
Comment 3•4 years ago
|
||
| bugherder | ||
|
|
Assignee | |
Comment 4•4 years ago
|
||
2020-09-23 Dana Keeler <dkeeler@mozilla.com>
* gtests/mozpkix_gtest/pkixbuild_tests.cpp,
gtests/mozpkix_gtest/pkixcert_extension_tests.cpp,
gtests/mozpkix_gtest/pkixcert_signature_algorithm_tests.cpp,
gtests/mozpkix_gtest/pkixcheck_CheckExtendedKeyUsage_tests.cpp,
gtests/mozpkix_gtest/pkixcheck_CheckSignatureAlgorithm_tests.cpp,
gtests/mozpkix_gtest/pkixgtest.h,
lib/mozpkix/include/pkix/pkixtypes.h, lib/mozpkix/lib/pkixbuild.cpp:
Bug 1665715 - (2/2) pass encoded signed certificate timestamp
extension (if present) in CheckRevocation r=jcj
This will allow Firefox to make decisions based on the earliest
known time that a certificate exists (with respect to certificate
transparency) that a CA is unlikely to back-date. In particular,
this is essential for CRLite. Note that if the SCT signature isn't
validated, a CA could still make a certificate appear to have
existed for longer than it really has. However, this change is not
an attempt to catch malicious CAs. The aim is to avoid false
positives in CRLite resulting from CAs backdating the notBefore
field on certificates they issue.
Depends on D90595
[8ebee3cec9cf] [tip]
2020-09-18 Dana Keeler <dkeeler@mozilla.com>
* gtests/mozpkix_gtest/pkixbuild_tests.cpp,
gtests/mozpkix_gtest/pkixcert_extension_tests.cpp,
gtests/mozpkix_gtest/pkixcert_signature_algorithm_tests.cpp,
gtests/mozpkix_gtest/pkixcheck_CheckExtendedKeyUsage_tests.cpp,
gtests/mozpkix_gtest/pkixcheck_CheckSignatureAlgorithm_tests.cpp,
gtests/mozpkix_gtest/pkixgtest.h,
lib/mozpkix/include/pkix/pkixtypes.h, lib/mozpkix/lib/pkixbuild.cpp:
Bug 1665715 - (1/2) revert e8f2720c8254 (bug 1593141) because it's
no longer necessary r=jcj
Bug 1593141 added the certificate's notBefore field as an argument
to TrustDomain::CheckRevocation so that Firefox could use it with
CRLite. However, since CAs can backdate that field, we need to use
the earliest embedded SCT timestamp instead.
[c1f4d565ceda]
Pushed by jjones@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/7e50f86ea20b
land NSS 8ebee3cec9cf UPGRADE_NSS_RELEASE, r=kjacobs
|
||
Comment 6•4 years ago
|
||
Backed out changeset 7e50f86ea20b (bug 1666567) for security related bustage.
Backout link: https://hg.mozilla.org/integration/autoland/rev/6537439bb7895ab775685f15755aa7c03447a63d
Failure log: https://treeherder.mozilla.org/logviewer.html#/jobs?job_id=316544900&repo=autoland&lineNumber=47021
[task 2020-09-24T00:49:54.983Z] 00:49:54 INFO - make[4]: Entering directory '/builds/worker/workspace/obj-build/security/ct'
[task 2020-09-24T00:49:54.987Z] 00:49:54 INFO - /builds/worker/fetches/sccache/sccache /builds/worker/fetches/clang/bin/clang++ -std=gnu++17 -o Unified_cpp_security_ct0.o -c -I/builds/worker/workspace/obj-build/dist/stl_wrappers -I/builds/worker/workspace/obj-build/dist/system_wrappers -include /builds/worker/checkouts/gecko/config/gcc_hidden.h -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -fstack-protector-strong -DNDEBUG -DTRIMMED=1 -DMOZ_HAS_MOZGLUE -DMOZILLA_INTERNAL_API -DIMPL_LIBXUL -DSTATIC_EXPORTABLE_JS_API -I/builds/worker/checkouts/gecko/security/ct -I/builds/worker/workspace/obj-build/security/ct -I/builds/worker/workspace/obj-build/dist/include -I/builds/worker/workspace/obj-build/dist/include/nspr -I/builds/worker/workspace/obj-build/dist/include/nss -fPIC -DMOZILLA_CLIENT -include /builds/worker/workspace/obj-build/mozilla-config.h -Qunused-arguments -Qunused-arguments -Wall -Wbitfield-enum-conversion -Wempty-body -Wignored-qualifiers -Woverloaded-virtual -Wpointer-arith -Wshadow-field-in-constructor-modified -Wsign-compare -Wtype-limits -Wunreachable-code -Wunreachable-code-return -Wwrite-strings -Wno-invalid-offsetof -Wclass-varargs -Wempty-init-stmt -Wfloat-overflow-conversion -Wfloat-zero-conversion -Wloop-analysis -Wc++2a-compat -Wcomma -Wimplicit-fallthrough -Wunused-function -Wunused-variable -Werror=non-literal-null-conversion -Wstring-conversion -Wtautological-overlap-compare -Wtautological-unsigned-enum-zero-compare -Wtautological-unsigned-zero-compare -Wno-error=tautological-type-limit-compare -Wno-inline-new-delete -Wno-error=deprecated-declarations -Wno-error=array-bounds -Wno-error=backend-plugin -Wno-error=return-std-move -Wno-error=atomic-alignment -Wno-error=deprecated-copy -Wformat -Wformat-security -Wno-gnu-zero-variadic-macro-arguments -Werror=implicit-function-declaration -Wno-psabi -Wno-unknown-warning-option -D_GLIBCXX_USE_CXX11_ABI=0 -fno-sized-deallocation -fno-aligned-new -fcrash-diagnostics-dir=/builds/worker/artifacts -fno-exceptions -fno-strict-aliasing -fno-rtti -ffunction-sections -fdata-sections -fno-exceptions -fno-math-errno -pthread -pipe -g -Xclang -load -Xclang /builds/worker/workspace/obj-build/build/clang-plugin/libclang-plugin.so -Xclang -add-plugin -Xclang moz-check -O2 -fno-omit-frame-pointer -funwind-tables -Werror -Wall -Wextra -Wunreachable-code -Wno-unused-parameter -fexperimental-new-pass-manager -MD -MP -MF .deps/Unified_cpp_security_ct0.o.pp Unified_cpp_security_ct0.cpp
[task 2020-09-24T00:49:54.987Z] 00:49:54 INFO - In file included from Unified_cpp_security_ct0.cpp:29:
[task 2020-09-24T00:49:54.987Z] 00:49:54 ERROR - /builds/worker/checkouts/gecko/security/ct/CTLogVerifier.cpp:42:54: error: non-virtual member function marked 'override' hides virtual member function
[task 2020-09-24T00:49:54.987Z] 00:49:54 INFO - const Input*, const Input*) override {
[task 2020-09-24T00:49:54.987Z] 00:49:54 INFO - ^
[task 2020-09-24T00:49:54.987Z] 00:49:54 INFO - /builds/worker/workspace/obj-build/dist/include/nss/mozpkix/pkixtypes.h:279:18: note: hidden overloaded virtual function 'mozilla::pkix::TrustDomain::CheckRevocation' declared here: type mismatch at 4th parameter ('mozilla::pkix::Duration' vs 'mozilla::pkix::Time')
[task 2020-09-24T00:49:54.987Z] 00:49:54 INFO - virtual Result CheckRevocation(EndEntityOrCA endEntityOrCA,
[task 2020-09-24T00:49:54.987Z] 00:49:54 INFO - ^
[task 2020-09-24T00:49:54.987Z] 00:49:54 INFO - In file included from Unified_cpp_security_ct0.cpp:29:
[task 2020-09-24T00:49:54.987Z] 00:49:54 ERROR - /builds/worker/checkouts/gecko/security/ct/CTLogVerifier.cpp:27:7: error: abstract class is marked 'final' [-Werror,-Wabstract-final-class]
[task 2020-09-24T00:49:54.987Z] 00:49:54 INFO - class SignatureParamsTrustDomain final : public TrustDomain {
[task 2020-09-24T00:49:54.987Z] 00:49:54 INFO - ^
[task 2020-09-24T00:49:54.987Z] 00:49:54 INFO - /builds/worker/workspace/obj-build/dist/include/nss/mozpkix/pkixtypes.h:279:18: note: unimplemented pure virtual method 'CheckRevocation' in 'SignatureParamsTrustDomain'
[task 2020-09-24T00:49:54.988Z] 00:49:54 INFO - virtual Result CheckRevocation(EndEntityOrCA endEntityOrCA,
[task 2020-09-24T00:49:54.988Z] 00:49:54 INFO - ^
[task 2020-09-24T00:49:54.988Z] 00:49:54 INFO - In file included from Unified_cpp_security_ct0.cpp:29:
[task 2020-09-24T00:49:54.988Z] 00:49:54 ERROR - /builds/worker/checkouts/gecko/security/ct/CTLogVerifier.cpp:127:30: error: variable type 'mozilla::ct::SignatureParamsTrustDomain' is an abstract class
[task 2020-09-24T00:49:54.988Z] 00:49:54 INFO - SignatureParamsTrustDomain trustDomain;
[task 2020-09-24T00:49:54.988Z] 00:49:54 INFO - ^
[task 2020-09-24T00:49:54.988Z] 00:49:54 INFO - 3 errors generated.
[task 2020-09-24T00:49:54.988Z] 00:49:54 INFO - /builds/worker/checkouts/gecko/config/rules.mk:723: recipe for target 'Unified_cpp_security_ct0.o' failed
[task 2020-09-24T00:49:54.988Z] 00:49:54 ERROR - make[4]: *** [Unified_cpp_security_ct0.o] Error 1
[task 2020-09-24T00:49:54.988Z] 00:49:54 INFO - make[4]: Leaving directory '/builds/worker/workspace/obj-build/security/ct'
[task 2020-09-24T00:49:54.988Z] 00:49:54 INFO - /builds/worker/checkouts/gecko/config/recurse.mk:72: recipe for target 'security/ct/target-objects' failed
[task 2020-09-24T00:49:54.988Z] 00:49:54 ERROR - make[3]: *** [security/ct/target-objects] Error 2
[task 2020-09-24T00:49:54.989Z] 00:49:54 INFO - make[3]: *** Waiting for unfinished jobs....
[task 2020-09-24T00:49:54.990Z] 00:49:54 INFO - make[4]: Entering directory '/builds/worker/workspace/obj-build/netwerk/protocol/http'
[task 2020-09-24T00:49:54.990Z] 00:49:54 INFO - netwerk/protocol/http/Unified_cpp_protocol_http2.o
[task 2020-09-24T00:49:54.990Z] 00:49:54 INFO - make[4]: Leaving directory '/builds/worker/workspace/obj-build/netwerk/protocol/http'
[task 2020-09-24T00:49:55.143Z] 00:49:55 INFO - make[4]: Entering directory '/builds/worker/workspace/obj-build/netwerk/protocol/http'
[task 2020-09-24T00:49:55.148Z] 00:49:55 INFO - /builds/worker/fetches/sccache/sccache /builds/worker/fetches/clang/bin/clang++ -std=gnu++17 -o nsHttpHandler.o -c -I/builds/worker/workspace/obj-build/dist/stl_wrappers -I/builds/worker/workspace/obj-build/dist/system_wrappers -include /builds/worker/checkouts/gecko/config/gcc_hidden.h -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -fstack-protector-strong -DNDEBUG=1 -DTRIMMED=1 -DOS_POSIX=1 -DOS_LINUX=1 -DMOZ_HAS_MOZGLUE -DMOZILLA_INTERNAL_API -DIMPL_LIBXUL -DSTATIC_EXPORTABLE_JS_API -I/builds/worker/checkouts/gecko/netwerk/protocol/http -I/builds/worker/workspace/obj-build/netwerk/protocol/http -I/builds/worker/workspace/obj-build/ipc/ipdl/_ipdlheaders -I/builds/worker/checkouts/gecko/ipc/chromium/src -I/builds/worker/checkouts/gecko/ipc/glue -I/builds/worker/checkouts/gecko/dom/base -I/builds/worker/checkouts/gecko/extensions/auth -I/builds/worker/checkouts/gecko/netwerk/base -I/builds/worker/checkouts/gecko/netwerk/cookie -I/builds/worker/checkouts/gecko/netwerk/dns -I/builds/worker/checkouts/gecko/netwerk/ipc -I/builds/worker/checkouts/gecko/netwerk/socket/neqo_glue -I/builds/worker/checkouts/gecko/netwerk/url-classifier -I/builds/worker/workspace/obj-build/dist/include -I/builds/worker/workspace/obj-build/dist/include/nspr -I/builds/worker/workspace/obj-build/dist/include/nss -fPIC -DMOZILLA_CLIENT -include /builds/worker/workspace/obj-build/mozilla-config.h -Qunused-arguments -Qunused-arguments -Wall -Wbitfield-enum-conversion -Wempty-body -Wignored-qualifiers -Woverloaded-virtual -Wpointer-arith -Wshadow-field-in-constructor-modified -Wsign-compare -Wtype-limits -Wunreachable-code -Wunreachable-code-return -Wwrite-strings -Wno-invalid-offsetof -Wclass-varargs -Wempty-init-stmt -Wfloat-overflow-conversion -Wfloat-zero-conversion -Wloop-analysis -Wc++2a-compat -Wcomma -Wimplicit-fallthrough -Wunused-function -Wunused-variable -Werror=non-literal-null-conversion -Wstring-conversion -Wtautological-overlap-compare -Wtautological-unsigned-enum-zero-compare -Wtautological-unsigned-zero-compare -Wno-error=tautological-type-limit-compare -Wno-inline-new-delete -Wno-error=deprecated-declarations -Wno-error=array-bounds -Wno-error=backend-plugin -Wno-error=return-std-move -Wno-error=atomic-alignment -Wno-error=deprecated-copy -Wformat -Wformat-security -Wno-gnu-zero-variadic-macro-arguments -Werror=implicit-function-declaration -Wno-psabi -Wno-unknown-warning-option -D_GLIBCXX_USE_CXX11_ABI=0 -fno-sized-deallocation -fno-aligned-new -fcrash-diagnostics-dir=/builds/worker/artifacts -fno-exceptions -fno-strict-aliasing -fno-rtti -ffunction-sections -fdata-sections -fno-exceptions -fno-math-errno -pthread -pipe -g -Xclang -load -Xclang /builds/worker/workspace/obj-build/build/clang-plugin/libclang-plugin.so -Xclang -add-plugin -Xclang moz-check -O2 -fno-omit-frame-pointer -funwind-tables -Werror -fexperimental-new-pass-manager -MD -MP -MF .deps/nsHttpHandler.o.pp /builds/worker/checkouts/gecko/netwerk/protocol/http/nsHttpHandler.cpp
[task 2020-09-24T00:49:55.148Z] 00:49:55 INFO - make[4]: Leaving directory '/builds/worker/workspace/obj-build/netwerk/protocol/http'
[task 2020-09-24T00:49:55.148Z] 00:49:55 INFO - make[4]: Entering directory '/builds/worker/workspace/obj-build/netwerk/protocol/http'
[task 2020-09-24T00:49:55.148Z] 00:49:55 INFO - netwerk/protocol/http/Unified_cpp_protocol_http3.o
[task 2020-09-24T00:49:55.148Z] 00:49:55 INFO - make[4]: Leaving directory '/builds/worker/workspace/obj-build/netwerk/protocol/http'
[task 2020-09-24T00:49:55.846Z] 00:49:55 INFO - make[4]: Entering directory '/builds/worker/workspace/obj-build/netwerk/base'
[task 2020-09-24T00:49:55.846Z] 00:49:55 INFO - /builds/worker/fetches/sccache/sccache /builds/worker/fetches/clang/bin/clang++ -std=gnu++17 -o Unified_cpp_netwerk_base2.o -c -I/builds/worker/workspace/obj-build/dist/stl_wrappers -I/builds/worker/workspace/obj-build/dist/system_wrappers -include /builds/worker/checkouts/gecko/config/gcc_hidden.h -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -fstack-protector-strong -DNDEBUG=1 -DTRIMMED=1 -DOS_POSIX=1 -DOS_LINUX=1 -DMOZ_HAS_MOZGLUE -DMOZILLA_INTERNAL_API -DIMPL_LIBXUL -DSTATIC_EXPORTABLE_JS_API -I/builds/worker/checkouts/gecko/netwerk/base -I/builds/worker/workspace/obj-build/netwerk/base -I/builds/worker/workspace/obj-build/ipc/ipdl/_ipdlheaders -I/builds/worker/checkouts/gecko/ipc/chromium/src -I/builds/worker/checkouts/gecko/ipc/glue -I/builds/worker/checkouts/gecko/docshell/base -I/builds/worker/checkouts/gecko/dom/base -I/builds/worker/checkouts/gecko/netwerk/protocol/http -I/builds/worker/checkouts/gecko/netwerk/socket -I/builds/worker/checkouts/gecko/netwerk/url-classifier -I/builds/worker/checkouts/gecko/security/manager/ssl -I/builds/worker/workspace/obj-build/dist/include -I/builds/worker/workspace/obj-build/dist/include/nspr -I/builds/worker/workspace/obj-build/dist/include/nss -fPIC -DMOZILLA_CLIENT -include /builds/worker/workspace/obj-build/mozilla-config.h -Qunused-arguments -Qunused-arguments -Wall -Wbitfield-enum-conversion -Wempty-body -Wignored-qualifiers -Woverloaded-virtual -Wpointer-arith -Wshadow-field-in-constructor-modified -Wsign-compare -Wtype-limits -Wunreachable-code -Wunreachable-code-return -Wwrite-strings -Wno-invalid-offsetof -Wclass-varargs -Wempty-init-stmt -Wfloat-overflow-conversion -Wfloat-zero-conversion -Wloop-analysis -Wc++2a-compat -Wcomma -Wimplicit-fallthrough -Wunused-function -Wunused-variable -Werror=non-literal-null-conversion -Wstring-conversion -Wtautological-overlap-compare -Wtautological-unsigned-enum-zero-compare -Wtautological-unsigned-zero-compare -Wno-error=tautological-type-limit-compare -Wno-inline-new-delete -Wno-error=deprecated-declarations -Wno-error=array-bounds -Wno-error=backend-plugin -Wno-error=return-std-move -Wno-error=atomic-alignment -Wno-error=deprecated-copy -Wformat -Wformat-security -Wno-gnu-zero-variadic-macro-arguments -Werror=implicit-function-declaration -Wno-psabi -Wno-unknown-warning-option -D_GLIBCXX_USE_CXX11_ABI=0 -fno-sized-deallocation -fno-aligned-new -fcrash-diagnostics-dir=/builds/worker/artifacts -fno-exceptions -fno-strict-aliasing -fno-rtti -ffunction-sections -fdata-sections -fno-exceptions -fno-math-errno -pthread -pipe -g -Xclang -load -Xclang /builds/worker/workspace/obj-build/build/clang-plugin/libclang-plugin.so -Xclang -add-plugin -Xclang moz-check -O2 -fno-omit-frame-pointer -funwind-tables -Werror -Wno-error=shadow -fexperimental-new-pass-manager -MD -MP -MF .deps/Unified_cpp_netwerk_base2.o.pp Unified_cpp_netwerk_base2.cpp
[task 2020-09-24T00:49:55.846Z] 00:49:55 INFO - make[4]: Leaving directory '/builds/worker/workspace/obj-build/netwerk/base'
[task 2020-09-24T00:49:55.848Z] 00:49:55 INFO - make[4]: Entering directory '/builds/worker/workspace/obj-build/netwerk/url-classifier'
[task 2020-09-24T00:49:55.848Z] 00:49:55 INFO - netwerk/url-classifier/Unified_cpp_url-classifier1.o
[task 2020-09-24T00:49:55.848Z] 00:49:55 INFO - make[4]: Leaving directory '/builds/worker/workspace/obj-build/netwerk/url-classifier'
[task 2020-09-24T00:49:55.887Z] 00:49:55 INFO - make[4]: Entering directory '/builds/worker/workspace/obj-build/security/apps'
[task 2020-09-24T00:49:55.894Z] 00:49:55 INFO - /builds/worker/fetches/sccache/sccache /builds/worker/fetches/clang/bin/clang++ -std=gnu++17 -o Unified_cpp_security_apps0.o -c -I/builds/worker/workspace/obj-build/dist/stl_wrappers -I/builds/worker/workspace/obj-build/dist/system_wrappers -include /builds/worker/checkouts/gecko/config/gcc_hidden.h -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -fstack-protector-strong -DNDEBUG=1 -DTRIMMED=1 -DOS_POSIX=1 -DOS_LINUX=1 -DNSS_ENABLE_ECC=True '-DDLL_PREFIX="lib"' '-DDLL_SUFFIX=".so"' -DMOZ_HAS_MOZGLUE -DMOZILLA_INTERNAL_API -DIMPL_LIBXUL -DSTATIC_EXPORTABLE_JS_API -I/builds/worker/checkouts/gecko/security/apps -I/builds/worker/workspace/obj-build/security/apps -I/builds/worker/workspace/obj-build/ipc/ipdl/_ipdlheaders -I/builds/worker/checkouts/gecko/ipc/chromium/src -I/builds/worker/checkouts/gecko/ipc/glue -I/builds/worker/checkouts/gecko/security/certverifier -I/builds/worker/checkouts/gecko/security/manager/ssl -I/builds/worker/checkouts/gecko/third_party/rust/cose-c/include -I/builds/worker/workspace/obj-build/dist/include -I/builds/worker/workspace/obj-build/dist/include/nspr -I/builds/worker/workspace/obj-build/dist/include/nss -fPIC -DMOZILLA_CLIENT -include /builds/worker/workspace/obj-build/mozilla-config.h -Qunused-arguments -Qunused-arguments -Wall -Wbitfield-enum-conversion -Wempty-body -Wignored-qualifiers -Woverloaded-virtual -Wpointer-arith -Wshadow-field-in-constructor-modified -Wsign-compare -Wtype-limits -Wunreachable-code -Wunreachable-code-return -Wwrite-strings -Wno-invalid-offsetof -Wclass-varargs -Wempty-init-stmt -Wfloat-overflow-conversion -Wfloat-zero-conversion -Wloop-analysis -Wc++2a-compat -Wcomma -Wimplicit-fallthrough -Wunused-function -Wunused-variable -Werror=non-literal-null-conversion -Wstring-conversion -Wtautological-overlap-compare -Wtautological-unsigned-enum-zero-compare -Wtautological-unsigned-zero-compare -Wno-error=tautological-type-limit-compare -Wno-inline-new-delete -Wno-error=deprecated-declarations -Wno-error=array-bounds -Wno-error=backend-plugin -Wno-error=return-std-move -Wno-error=atomic-alignment -Wno-error=deprecated-copy -Wformat -Wformat-security -Wno-gnu-zero-variadic-macro-arguments -Werror=implicit-function-declaration -Wno-psabi -Wno-unknown-warning-option -D_GLIBCXX_USE_CXX11_ABI=0 -fno-sized-deallocation -fno-aligned-new -fcrash-diagnostics-dir=/builds/worker/artifacts -fno-exceptions -fno-strict-aliasing -fno-rtti -ffunction-sections -fdata-sections -fno-exceptions -fno-math-errno -pthread -pipe -g -Xclang -load -Xclang /builds/worker/workspace/obj-build/build/clang-plugin/libclang-plugin.so -Xclang -add-plugin -Xclang moz-check -O2 -fno-omit-frame-pointer -funwind-tables -Werror -Wextra -Wno-unused-parameter -fexperimental-new-pass-manager -MD -MP -MF .deps/Unified_cpp_security_apps0.o.pp Unified_cpp_security_apps0.cpp
[task 2020-09-24T00:49:55.894Z] 00:49:55 INFO - In file included from Unified_cpp_security_apps0.cpp:2:
[task 2020-09-24T00:49:55.894Z] 00:49:55 INFO - In file included from /builds/worker/checkouts/gecko/security/apps/AppSignatureVerification.cpp:9:
[task 2020-09-24T00:49:55.894Z] 00:49:55 ERROR - /builds/worker/checkouts/gecko/security/apps/AppTrustDomain.h:39:18: error: 'CheckRevocation' marked 'override' but does not override any member functions
[task 2020-09-24T00:49:55.894Z] 00:49:55 INFO - virtual Result CheckRevocation(
[task 2020-09-24T00:49:55.894Z] 00:49:55 INFO - ^
[task 2020-09-24T00:49:55.894Z] 00:49:55 ERROR - /builds/worker/checkouts/gecko/security/apps/AppTrustDomain.h:23:7: error: abstract class is marked 'final' [-Werror,-Wabstract-final-class]
[task 2020-09-24T00:49:55.894Z] 00:49:55 INFO - class AppTrustDomain final : public mozilla::pkix::TrustDomain {
[task 2020-09-24T00:49:55.894Z] 00:49:55 INFO - ^
[task 2020-09-24T00:49:55.895Z] 00:49:55 INFO - /builds/worker/workspace/obj-build/dist/include/nss/mozpkix/pkixtypes.h:279:18: note: unimplemented pure virtual method 'CheckRevocation' in 'AppTrustDomain'
[task 2020-09-24T00:49:55.895Z] 00:49:55 INFO - virtual Result CheckRevocation(EndEntityOrCA endEntityOrCA,
[task 2020-09-24T00:49:55.895Z] 00:49:55 INFO - ^
[task 2020-09-24T00:49:55.895Z] 00:49:55 INFO - In file included from Unified_cpp_security_apps0.cpp:2:
[task 2020-09-24T00:49:55.895Z] 00:49:55 INFO - In file included from /builds/worker/checkouts/gecko/security/apps/AppSignatureVerification.cpp:9:
[task 2020-09-24T00:49:55.895Z] 00:49:55 ERROR - /builds/worker/checkouts/gecko/security/apps/AppTrustDomain.h:39:18: error: 'mozilla::psm::AppTrustDomain::CheckRevocation' hides overloaded virtual function [-Werror,-Woverloaded-virtual]
[task 2020-09-24T00:49:55.895Z] 00:49:55 INFO - virtual Result CheckRevocation(
[task 2020-09-24T00:49:55.895Z] 00:49:55 INFO - ^
[task 2020-09-24T00:49:55.895Z] 00:49:55 INFO - /builds/worker/workspace/obj-build/dist/include/nss/mozpkix/pkixtypes.h:279:18: note: hidden overloaded virtual function 'mozilla::pkix::TrustDomain::CheckRevocation' declared here: type mismatch at 4th parameter ('mozilla::pkix::Duration' vs 'mozilla::pkix::Time')
[task 2020-09-24T00:49:55.895Z] 00:49:55 INFO - virtual Result CheckRevocation(EndEntityOrCA endEntityOrCA,
[task 2020-09-24T00:49:55.895Z] 00:49:55 INFO - ^
[task 2020-09-24T00:49:55.895Z] 00:49:55 INFO - In file included from Unified_cpp_security_apps0.cpp:2:
[task 2020-09-24T00:49:55.895Z] 00:49:55 INFO - In file included from /builds/worker/checkouts/gecko/security/apps/AppSignatureVerification.cpp:11:
[task 2020-09-24T00:49:55.895Z] 00:49:55 ERROR - /builds/worker/checkouts/gecko/security/certverifier/NSSCertDBTrustDomain.h:223:18: error: 'CheckRevocation' marked 'override' but does not override any member functions
[task 2020-09-24T00:49:55.895Z] 00:49:55 INFO - virtual Result CheckRevocation(
[task 2020-09-24T00:49:55.895Z] 00:49:55 INFO - ^
[task 2020-09-24T00:49:55.895Z] 00:49:55 ERROR - /builds/worker/checkouts/gecko/security/certverifier/NSSCertDBTrustDomain.h:223:18: error: 'mozilla::psm::NSSCertDBTrustDomain::CheckRevocation' hides overloaded virtual function [-Werror,-Woverloaded-virtual]
[task 2020-09-24T00:49:55.895Z] 00:49:55 INFO - /builds/worker/workspace/obj-build/dist/include/nss/mozpkix/pkixtypes.h:279:18: note: hidden overloaded virtual function 'mozilla::pkix::TrustDomain::CheckRevocation' declared here: type mismatch at 4th parameter ('mozilla::pkix::Duration' vs 'mozilla::pkix::Time')
[task 2020-09-24T00:49:55.895Z] 00:49:55 INFO - virtual Result CheckRevocation(EndEntityOrCA endEntityOrCA,
[task 2020-09-24T00:49:55.895Z] 00:49:55 INFO - ^
[task 2020-09-24T00:49:55.895Z] 00:49:55 INFO - In file included from Unified_cpp_security_apps0.cpp:2:
[task 2020-09-24T00:49:55.895Z] 00:49:55 ERROR - /builds/worker/checkouts/gecko/security/apps/AppSignatureVerification.cpp:624:18: error: variable type 'mozilla::psm::AppTrustDomain' is an abstract class
[task 2020-09-24T00:49:55.895Z] 00:49:55 INFO - AppTrustDomain trustDomain(std::move(collectedCerts));
[task 2020-09-24T00:49:55.895Z] 00:49:55 INFO - ^
[task 2020-09-24T00:49:55.895Z] 00:49:55 INFO - 6 errors generated.
[task 2020-09-24T00:49:55.895Z] 00:49:55 INFO - /builds/worker/checkouts/gecko/config/rules.mk:723: recipe for target 'Unified_cpp_security_apps0.o' failed
[task 2020-09-24T00:49:55.895Z] 00:49:55 ERROR - make[4]: *** [Unified_cpp_security_apps0.o] Error 1
[task 2020-09-24T00:49:55.895Z] 00:49:55 INFO - make[4]: Leaving directory '/builds/worker/workspace/obj-build/security/apps'
[task 2020-09-24T00:49:55.895Z] 00:49:55 INFO - /builds/worker/checkouts/gecko/config/recurse.mk:72: recipe for target 'security/apps/target-objects' failed
[task 2020-09-24T00:49:55.895Z] 00:49:55 ERROR - make[3]: *** [security/apps/target-objects] Error 2
[task 2020-09-24T00:49:57.146Z] 00:49:57 INFO - make[4]: Entering directory '/builds/worker/workspace/obj-build/parser/prototype'
[task 2020-09-24T00:49:57.149Z] 00:49:57 INFO - /builds/worker/fetches/sccache/sccache /builds/worker/fetches/clang/bin/clang++ -std=gnu++17 -o Unified_cpp_parser_prototype0.o -c -I/builds/worker/workspace/obj-build/dist/stl_wrappers -I/builds/worker/workspace/obj-build/dist/system_wrappers -include /builds/worker/checkouts/gecko/config/gcc_hidden.h -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -fstack-protector-strong -DNDEBUG=1 -DTRIMMED=1 -DMOZ_HAS_MOZGLUE -DMOZILLA_INTERNAL_API -DIMPL_LIBXUL -DSTATIC_EXPORTABLE_JS_API -I/builds/worker/checkouts/gecko/parser/prototype -I/builds/worker/workspace/obj-build/parser/prototype -I/builds/worker/checkouts/gecko/dom/xul -I/builds/worker/workspace/obj-build/dist/include -I/builds/worker/workspace/obj-build/dist/include/nspr -I/builds/worker/workspace/obj-build/dist/include/nss -fPIC -DMOZILLA_CLIENT -include /builds/worker/workspace/obj-build/mozilla-config.h -Qunused-arguments -Qunused-arguments -Wall -Wbitfield-enum-conversion -Wempty-body -Wignored-qualifiers -Woverloaded-virtual -Wpointer-arith -Wshadow-field-in-constructor-modified -Wsign-compare -Wtype-limits -Wunreachable-code -Wunreachable-code-return -Wwrite-strings -Wno-invalid-offsetof -Wclass-varargs -Wempty-init-stmt -Wfloat-overflow-conversion -Wfloat-zero-conversion -Wloop-analysis -Wc++2a-compat -Wcomma -Wimplicit-fallthrough -Wunused-function -Wunused-variable -Werror=non-literal-null-conversion -Wstring-conversion -Wtautological-overlap-compare -Wtautological-unsigned-enum-zero-compare -Wtautological-unsigned-zero-compare -Wno-error=tautological-type-limit-compare -Wno-inline-new-delete -Wno-error=deprecated-declarations -Wno-error=array-bounds -Wno-error=backend-plugin -Wno-error=return-std-move -Wno-error=atomic-alignment -Wno-error=deprecated-copy -Wformat -Wformat-security -Wno-gnu-zero-variadic-macro-arguments -Werror=implicit-function-declaration -Wno-psabi -Wno-unknown-warning-option -D_GLIBCXX_USE_CXX11_ABI=0 -fno-sized-deallocation -fno-aligned-new -fcrash-diagnostics-dir=/builds/worker/artifacts -fno-exceptions -fno-strict-aliasing -fno-rtti -ffunction-sections -fdata-sections -fno-exceptions -fno-math-errno -pthread -pipe -g -Xclang -load -Xclang /builds/worker/workspace/obj-build/build/clang-plugin/libclang-plugin.so -Xclang -add-plugin -Xclang moz-check -O2 -fno-omit-frame-pointer -funwind-tables -Werror -fexperimental-new-pass-manager -MD -MP -MF .deps/Unified_cpp_parser_prototype0.o.pp Unified_cpp_parser_prototype0.cpp
[task 2020-09-24T00:49:57.149Z] 00:49:57 INFO - make[4]: Leaving directory '/builds/worker/workspace/obj-build/parser/prototype'
[task 2020-09-24T00:49:57.301Z] 00:49:57 INFO - make[4]: Entering directory '/builds/worker/workspace/obj-build/netwerk/ipc'
[task 2020-09-24T00:49:57.304Z] 00:49:57 INFO - /builds/worker/fetches/sccache/sccache /builds/worker/fetches/clang/bin/clang++ -std=gnu++17 -o Unified_cpp_netwerk_ipc1.o -c -I/builds/worker/workspace/obj-build/dist/stl_wrappers -I/builds/worker/workspace/obj-build/dist/system_wrappers -include /builds/worker/checkouts/gecko/config/gcc_hidden.h -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -fstack-protector-strong -DNDEBUG=1 -DTRIMMED=1 -DOS_POSIX=1 -DOS_LINUX=1 -DMOZ_HAS_MOZGLUE -DMOZILLA_INTERNAL_API -DIMPL_LIBXUL -DSTATIC_EXPORTABLE_JS_API -I/builds/worker/checkouts/gecko/netwerk/ipc -I/builds/worker/workspace/obj-build/netwerk/ipc -I/builds/worker/workspace/obj-build/ipc/ipdl/_ipdlheaders -I/builds/worker/checkouts/gecko/ipc/chromium/src -I/builds/worker/checkouts/gecko/ipc/glue -I/builds/worker/checkouts/gecko/caps -I/builds/worker/checkouts/gecko/dom/base -I/builds/worker/checkouts/gecko/dom/media/webrtc/transport -I/builds/worker/checkouts/gecko/media/webrtc -I/builds/worker/checkouts/gecko/modules/libjar -I/builds/worker/checkouts/gecko/netwerk/base -I/builds/worker/checkouts/gecko/netwerk/protocol/http -I/builds/worker/checkouts/gecko/security/manager/ssl -I/builds/worker/checkouts/gecko/xpcom/threads -I/builds/worker/workspace/obj-build/dist/include -I/builds/worker/workspace/obj-build/dist/include/nspr -I/builds/worker/workspace/obj-build/dist/include/nss -fPIC -DMOZILLA_CLIENT -include /builds/worker/workspace/obj-build/mozilla-config.h -Qunused-arguments -Qunused-arguments -Wall -Wbitfield-enum-conversion -Wempty-body -Wignored-qualifiers -Woverloaded-virtual -Wpointer-arith -Wshadow-field-in-constructor-modified -Wsign-compare -Wtype-limits -Wunreachable-code -Wunreachable-code-return -Wwrite-strings -Wno-invalid-offsetof -Wclass-varargs -Wempty-init-stmt -Wfloat-overflow-conversion -Wfloat-zero-conversion -Wloop-analysis -Wc++2a-compat -Wcomma -Wimplicit-fallthrough -Wunused-function -Wunused-variable -Werror=non-literal-null-conversion -Wstring-conversion -Wtautological-overlap-compare -Wtautological-unsigned-enum-zero-compare -Wtautological-unsigned-zero-compare -Wno-error=tautological-type-limit-compare -Wno-inline-new-delete -Wno-error=deprecated-declarations -Wno-error=array-bounds -Wno-error=backend-plugin -Wno-error=return-std-move -Wno-error=atomic-alignment -Wno-error=deprecated-copy -Wformat -Wformat-security -Wno-gnu-zero-variadic-macro-arguments -Werror=implicit-function-declaration -Wno-psabi -Wno-unknown-warning-option -D_GLIBCXX_USE_CXX11_ABI=0 -fno-sized-deallocation -fno-aligned-new -fcrash-diagnostics-dir=/builds/worker/artifacts -fno-exceptions -fno-strict-aliasing -fno-rtti -ffunction-sections -fdata-sections -fno-exceptions -fno-math-errno -pthread -pipe -g -Xclang -load -Xclang /builds/worker/workspace/obj-build/build/clang-plugin/libclang-plugin.so -Xclang -add-plugin -Xclang moz-check -O2 -fno-omit-frame-pointer -funwind-tables -Werror -fexperimental-new-pass-manager -MD -MP -MF .deps/Unified_cpp_netwerk_ipc1.o.pp Unified_cpp_netwerk_ipc1.cpp
[task 2020-09-24T00:49:57.304Z] 00:49:57 INFO - make[4]: Leaving directory '/builds/worker/workspace/obj-build/netwerk/ipc'
[task 2020-09-24T00:49:57.709Z] 00:49:57 INFO - make[4]: Entering directory '/builds/worker/workspace/obj-build/security/certverifier'
[task 2020-09-24T00:49:57.713Z] 00:49:57 INFO - /builds/worker/fetches/sccache/sccache /builds/worker/fetches/clang/bin/clang++ -std=gnu++17 -o Unified_cpp_certverifier0.o -c -I/builds/worker/workspace/obj-build/dist/stl_wrappers -I/builds/worker/workspace/obj-build/dist/system_wrappers -include /builds/worker/checkouts/gecko/config/gcc_hidden.h -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -fstack-protector-strong -DNDEBUG=1 -DTRIMMED=1 -DOS_POSIX=1 -DOS_LINUX=1 -DMOZ_HAS_MOZGLUE -DMOZILLA_INTERNAL_API -DIMPL_LIBXUL -DSTATIC_EXPORTABLE_JS_API -I/builds/worker/checkouts/gecko/security/certverifier -I/builds/worker/workspace/obj-build/security/certverifier -I/builds/worker/checkouts/gecko/security/ct -I/builds/worker/checkouts/gecko/security/manager/ssl -I/builds/worker/workspace/obj-build/ipc/ipdl/_ipdlheaders -I/builds/worker/checkouts/gecko/ipc/chromium/src -I/builds/worker/checkouts/gecko/ipc/glue -I/builds/worker/workspace/obj-build/dist/include -I/builds/worker/workspace/obj-build/dist/include/nspr -I/builds/worker/workspace/obj-build/dist/include/nss -fPIC -DMOZILLA_CLIENT -include /builds/worker/workspace/obj-build/mozilla-config.h -Qunused-arguments -Qunused-arguments -Wall -Wbitfield-enum-conversion -Wempty-body -Wignored-qualifiers -Woverloaded-virtual -Wpointer-arith -Wshadow-field-in-constructor-modified -Wsign-compare -Wtype-limits -Wunreachable-code -Wunreachable-code-return -Wwrite-strings -Wno-invalid-offsetof -Wclass-varargs -Wempty-init-stmt -Wfloat-overflow-conversion -Wfloat-zero-conversion -Wloop-analysis -Wc++2a-compat -Wcomma -Wimplicit-fallthrough -Wunused-function -Wunused-variable -Werror=non-literal-null-conversion -Wstring-conversion -Wtautological-overlap-compare -Wtautological-unsigned-enum-zero-compare -Wtautological-unsigned-zero-compare -Wno-error=tautological-type-limit-compare -Wno-inline-new-delete -Wno-error=deprecated-declarations -Wno-error=array-bounds -Wno-error=backend-plugin -Wno-error=return-std-move -Wno-error=atomic-alignment -Wno-error=deprecated-copy -Wformat -Wformat-security -Wno-gnu-zero-variadic-macro-arguments -Werror=implicit-function-declaration -Wno-psabi -Wno-unknown-warning-option -D_GLIBCXX_USE_CXX11_ABI=0 -fno-sized-deallocation -fno-aligned-new -fcrash-diagnostics-dir=/builds/worker/artifacts -fno-exceptions -fno-strict-aliasing -fno-rtti -ffunction-sections -fdata-sections -fno-exceptions -fno-math-errno -pthread -pipe -g -Xclang -load -Xclang /builds/worker/workspace/obj-build/build/clang-plugin/libclang-plugin.so -Xclang -add-plugin -Xclang moz-check -O2 -fno-omit-frame-pointer -funwind-tables -Werror -Wall -Wextra -Wunreachable-code -Wno-unused-parameter -fexperimental-new-pass-manager -MD -MP -MF .deps/Unified_cpp_certverifier0.o.pp Unified_cpp_certverifier0.cpp
[task 2020-09-24T00:49:57.713Z] 00:49:57 INFO - In file included from Unified_cpp_certverifier0.cpp:11:
[task 2020-09-24T00:49:57.714Z] 00:49:57 INFO - In file included from /builds/worker/checkouts/gecko/security/certverifier/CertVerifier.cpp:16:
[task 2020-09-24T00:49:57.714Z] 00:49:57 ERROR - /builds/worker/checkouts/gecko/security/certverifier/NSSCertDBTrustDomain.h:223:18: error: 'CheckRevocation' marked 'override' but does not override any member functions
[task 2020-09-24T00:49:57.714Z] 00:49:57 INFO - virtual Result CheckRevocation(
[task 2020-09-24T00:49:57.715Z] 00:49:57 INFO - ^
[task 2020-09-24T00:49:57.715Z] 00:49:57 ERROR - /builds/worker/checkouts/gecko/security/certverifier/NSSCertDBTrustDomain.h:223:18: error: 'mozilla::psm::NSSCertDBTrustDomain::CheckRevocation' hides overloaded virtual function [-Werror,-Woverloaded-virtual]
[task 2020-09-24T00:49:57.716Z] 00:49:57 INFO - /builds/worker/workspace/obj-build/dist/include/nss/mozpkix/pkixtypes.h:279:18: note: hidden overloaded virtual function 'mozilla::pkix::TrustDomain::CheckRevocation' declared here: type mismatch at 4th parameter ('mozilla::pkix::Duration' vs 'mozilla::pkix::Time')
[task 2020-09-24T00:49:57.716Z] 00:49:57 INFO - virtual Result CheckRevocation(EndEntityOrCA endEntityOrCA,
[task 2020-09-24T00:49:57.716Z] 00:49:57 INFO - ^
[task 2020-09-24T00:49:57.716Z] 00:49:57 INFO - In file included from Unified_cpp_certverifier0.cpp:11:
[task 2020-09-24T00:49:57.717Z] 00:49:57 ERROR - /builds/worker/checkouts/gecko/security/certverifier/CertVerifier.cpp:564:28: error: variable type 'mozilla::psm::NSSCertDBTrustDomain' is an abstract class
[task 2020-09-24T00:49:57.717Z] 00:49:57 INFO - NSSCertDBTrustDomain trustDomain(
[task 2020-09-24T00:49:57.717Z] 00:49:57 INFO - ^
[task 2020-09-24T00:49:57.718Z] 00:49:57 INFO - /builds/worker/workspace/obj-build/dist/include/nss/mozpkix/pkixtypes.h:279:18: note: unimplemented pure virtual method 'CheckRevocation' in 'NSSCertDBTrustDomain'
[task 2020-09-24T00:49:57.718Z] 00:49:57 INFO - virtual Result CheckRevocation(EndEntityOrCA endEntityOrCA,
[task 2020-09-24T00:49:57.718Z] 00:49:57 INFO - ^
[task 2020-09-24T00:49:57.719Z] 00:49:57 INFO - In file included from Unified_cpp_certverifier0.cpp:11:
[task 2020-09-24T00:49:57.719Z] 00:49:57 ERROR - /builds/worker/checkouts/gecko/security/certverifier/CertVerifier.cpp:641:30: error: variable type 'mozilla::psm::NSSCertDBTrustDomain' is an abstract class
[task 2020-09-24T00:49:57.719Z] 00:49:57 INFO - NSSCertDBTrustDomain trustDomain(
...
...
...
Flags: needinfo?(jjones)
Pushed by btara@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/9bc4c7e79cd6
land NSS 8ebee3cec9cf UPGRADE_NSS_RELEASE, r=kjacobs
|
|
||
Comment 8•4 years ago
|
||
Re-landed after bug 1605273 landed.
|
|
Assignee | |
Updated•4 years ago
|
Flags: needinfo?(jjones)
|
|
||
Comment 9•4 years ago
|
||
Backed out alongside bug 1605273.
Backout link: https://hg.mozilla.org/integration/autoland/rev/f651f595aa7fd2f245faaa05761f3acb508c8376
Flags: needinfo?(jjones)
|
||
Comment 10•4 years ago
|
||
Pushed by jjones@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/9a924b9ddabf
land NSS 8ebee3cec9cf UPGRADE_NSS_RELEASE, r=kjacobs
|
||
Comment 11•4 years ago
|
||
| bugherder | ||
|
|
Assignee | |
Updated•4 years ago
|
Flags: needinfo?(jjones)
|
|
Assignee | |
Comment 12•4 years ago
|
||
2020-09-24 Kevin Jacobs <kjacobs@mozilla.com>
* automation/abi-check/expected-report-libnss3.so.txt,
gtests/pk11_gtest/pk11_hkdf_unittest.cc, lib/nss/nss.def,
lib/pk11wrap/pk11pub.h, lib/pk11wrap/pk11skey.c,
lib/ssl/tls13hkdf.c:
Bug 1667153 - Add PK11_ImportDataKey API. r=rrelyea
This patch adds and exports `PK11_ImportDataKey`, and refactors the
null PSK TLS 1.3 code to use it.
[8fdbec414ce2] [tip]
|
|
||
Comment 13•4 years ago
|
||
Pushed by jjones@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/ab875fa23be4
land NSS 8fdbec414ce2 UPGRADE_NSS_RELEASE, r=kjacobs
|
|
||
Comment 14•4 years ago
|
||
| bugherder | ||
|
|
Assignee | |
Comment 15•4 years ago
|
||
2020-10-05 Ricky Stewart <rstewart@mozilla.com>
* coreconf/config.gypi:
Bug 1668328 - Enclose Python paths in `coreconf/config.gypi` in
quotes r=kjacobs,mt
This fixes a breakage if the Python path happens to have a space in
it.
[c7d3b214dd41] [tip]
|
|
||
Comment 16•4 years ago
|
||
Pushed by jjones@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/d22eea8d7760
land NSS c7d3b214dd41 UPGRADE_NSS_RELEASE, r=kjacobs
|
|
||
Comment 17•4 years ago
|
||
| bugherder | ||
|
|
Assignee | |
Comment 18•4 years ago
|
||
2020-10-12 Daiki Ueno <dueno@redhat.com>
* gtests/ssl_gtest/ssl_tls13compat_unittest.cc, lib/ssl/ssl3con.c,
lib/ssl/sslimpl.h:
Bug 1641480, TLS 1.3: tighten CCS handling in compatibility mode,
r=mt
This makes the server reject CCS when the client doesn't indicate
the use of the middlebox compatibility mode with a non-empty
ClientHello.legacy_session_id, or it sends multiple CCS in a row.
[57bbefa79323] [NSS_3_58_BETA1]
2020-10-12 Kevin Jacobs <kjacobs@mozilla.com>
* automation/abi-check/expected-report-libnss3.so.txt,
automation/taskcluster/scripts/build_gyp.sh,
automation/taskcluster/windows/build_gyp.sh, coreconf/config.gypi,
coreconf/config.mk, cpputil/nss_scoped_ptrs.h,
gtests/common/testvectors/hpke-vectors.h,
gtests/pk11_gtest/manifest.mn, gtests/pk11_gtest/pk11_gtest.gyp,
gtests/pk11_gtest/pk11_hpke_unittest.cc, lib/nss/nss.def,
lib/pk11wrap/exports.gyp, lib/pk11wrap/manifest.mn,
lib/pk11wrap/pk11hpke.c, lib/pk11wrap/pk11hpke.h,
lib/pk11wrap/pk11pub.h, lib/pk11wrap/pk11wrap.gyp,
lib/util/SECerrs.h, lib/util/secerr.h:
Bug 1631890 - Add support for Hybrid Public Key Encryption (draft-
irtf-cfrg-hpke-05). r=mt
This patch adds support for Hybrid Public Key Encryption (draft-
irtf-cfrg-hpke-05).
Because the draft number (and the eventual RFC number) is an input
to the key schedule, future updates will *not* be backwards
compatible in terms of key material or encryption/decryption. For
this reason, a default compilation will produce stubs that simply
return an "Invalid Algorithm" error. To opt into using the HPKE
functionality , compile with `NSS_ENABLE_DRAFT_HPKE` defined. Once
finalized, this flag will not be required to access the functions.
Lastly, the `DeriveKeyPair` API is not implemented as it adds
complextiy around PKCS #11 and is unnecessary for ECH.
[6e3bc17f0508]
2020-10-12 Makoto Kato <m_kato@ga2.so-net.ne.jp>
* automation/taskcluster/graph/src/extend.js, tests/common/cleanup.sh:
Bug 1657255 - Update CI for aarch64. r=kjacobs
Actually, we have the implementation of ARM Crypto extension, so CI
is always run with this extension. It means that we don't run CI
without ARM Crypto extension. So I would like to add NoAES and NoSHA
for aarch64 CI.
Also, we still run NoSSE4_1 on aarch64 CI, so we shouldn't run this
on aarch64 hardware.
[e8c370a8db13]
|
|
||
Comment 19•4 years ago
|
||
Pushed by jjones@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/42043250eaf2
land NSS NSS_3_58_BETA1 UPGRADE_NSS_RELEASE, r=kjacobs
|
||
Comment 20•4 years ago
|
||
| bugherder | ||
|
|
Assignee | |
Comment 21•4 years ago
|
||
2020-10-16 J.C. Jones <jjones@mozilla.com>
* lib/nss/nss.h, lib/softoken/softkver.h, lib/util/nssutil.h:
Set version numbers to 3.58 final
[1f3db03bba02] [NSS_3_58_RTM] <NSS_3_58_BRANCH>
2020-10-12 J.C. Jones <jjones@mozilla.com>
* .hgtags:
Added tag NSS_3_58_BETA1 for changeset 57bbefa79323
[a8deadf7adbe]
|
|
Assignee | |
Updated•4 years ago
|
Keywords: leave-open
|
|
||
Comment 22•4 years ago
|
||
Pushed by jjones@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/25d37fda4a41
land NSS NSS_3_58_RTM UPGRADE_NSS_RELEASE, r=kjacobs
|
|
Assignee | |
Updated•4 years ago
|
|
||
Comment 23•4 years ago
|
||
| bugherder | ||
You need to log in
before you can comment on or make changes to this bug.
Description
•