Closed
Bug 698552
Opened 13 years ago
Closed 13 years ago
Update mozilla-central to NSS 3.13.2 BETA 1 (NSS_3_13_2_BETA1)
Categories
(Core :: Security: PSM, enhancement, P1)
Core
Security: PSM
Tracking
()
RESOLVED
FIXED
mozilla11
People
(Reporter: briansmith, Assigned: briansmith)
References
Details
Attachments
(3 files)
NSS 3.13.2 will contain changes needed for SPDY. We are going to update mozilla-central with the current state of NSS 3.13.2 and then track updates to NSS 3.13.2 until sometime after the Aurora merge date. Then we will freeze the NSS 3.13.2 release and import the 3.13.2 RTM into mozilla-central and mozilla-aurora.
Assignee | ||
Comment 1•13 years ago
|
||
This is what I will do:
* python client.py update_nss NSS_3_13_2_MOZILLA_10_PRERELEASE_1.
* verify that security/coreconf/coreconf.dep is +/- a line
* update configure.in to require NSS 3.13.2 or later for --use-system-nss.
Assignee | ||
Updated•13 years ago
|
Summary: Update mozilla-central to NSS 3.13.2 → Update mozilla-central to NSS 3.13.2 BETA 1 (NSS_3_13_2_BETA1)
Assignee | ||
Comment 3•13 years ago
|
||
I will update to NSS 3.13.2 using:
python client.py update_nss NSS_3_13_2_BETA1
I verified that this will add a blank line to security/coreconf/coreconf.def so that a full rebuild of NSS is done.
I will post the patch to configure.in next.
Attachment #578152 -
Flags: review?(honzab.moz)
Assignee | ||
Comment 4•13 years ago
|
||
Attachment #578154 -
Flags: review?(honzab.moz)
Assignee | ||
Comment 5•13 years ago
|
||
This patch is a Mercurial patch that adds two patches reviewed by rrelyea in bug 542832 to NSS in mozilla-central:
bug-542832-ssl-restart-4.patch
bug-542832-ssl-restart-tstclnt-4.patch
We are taking these local patches so we can start testing the functionality in mozilla-central, while we wait for feedback from Wan-Teh about any changes Google would like to make to the patches. Once all the feedback is in and the final changes (if any) are made, we will commit this to the NSS CVS HEAD, back out this patch, and then import the final NSS 3.13.2 release into mozilla-central.
Notice that this patch adds the above patch files to the security/patches/ directory, as is required for patches to NSS that are local to mozilla-central.
Attachment #578157 -
Flags: review?(honzab.moz)
Assignee | ||
Comment 6•13 years ago
|
||
Honza, please work with Kai on reviewing the patch, to make sure you understand everything that is happening.
See the documentation for this at https://developer.mozilla.org/en/Updating_NSPR_or_NSS_in_mozilla-central
Comment 7•13 years ago
|
||
(In reply to Brian Smith (:bsmith) from comment #5)
>
> We are taking these local patches so we can start testing the functionality
> in mozilla-central, while we wait for feedback from Wan-Teh about any
> changes Google would like to make to the patches.
If I understand correctly, both patches have been reviewed in bug 542832 already.
Wouldn't it be less confusing to:
- check in the code that has been reviewed
- include that in the BETA tag
- for the additional discussion and feedback, do a follow patch?
(I don't want to create additional burden for you to handle at the last minute, but we should use this approach in the future.)
Comment 8•13 years ago
|
||
Comment on attachment 578152 [details]
TAG-INFO for NSS_3_13_2
During the conf. call the NSS team decided this is OK. r=kaie
Attachment #578152 -
Flags: review?(honzab.moz) → review+
Comment 9•13 years ago
|
||
Comment on attachment 578154 [details] [diff] [review]
Update configure.in to require at least NSS 3.13.2 for --use-system-nss
r=kaie
Attachment #578154 -
Flags: review+
Comment 10•13 years ago
|
||
Comment on attachment 578157 [details] [diff] [review]
Add SSL_RestartAfterAuthCertificate to mozilla-central's copy of NSS_3_13_2_BETA1
I assume this is identical to the patches, already reviewed, mentioned attached in the bug you have mentioned,
plus adding the patch file to the security/patches directory.
During the conf. call, Wan-Teh requested that you also add/update a README file in that directory, and add the respective bug numbers and a one line description of the patch.
If you do that, r=kaie
(it's not necessary to add a patch here, just commit a reasonable README file)
Attachment #578157 -
Flags: review+
Updated•13 years ago
|
Attachment #578154 -
Flags: review?(honzab.moz) → review+
Comment 11•13 years ago
|
||
Comment on attachment 578157 [details] [diff] [review]
Add SSL_RestartAfterAuthCertificate to mozilla-central's copy of NSS_3_13_2_BETA1
Review of attachment 578157 [details] [diff] [review]:
-----------------------------------------------------------------
r=honzab, I checked (in limits of how CVS and HG patches can be compared byte-to-byte) the patches are identical.
Attachment #578157 -
Flags: review?(honzab.moz) → review+
Assignee | ||
Comment 12•13 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/0ef53633ccc7
https://hg.mozilla.org/mozilla-central/rev/9381d62e583d
https://hg.mozilla.org/mozilla-central/rev/2050e4dfe6e3
Status: ASSIGNED → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Target Milestone: mozilla10 → mozilla11
Assignee | ||
Comment 13•13 years ago
|
||
(In reply to Kai Engert (:kaie) from comment #10)
> Comment on attachment 578157 [details] [diff] [review] [diff] [details] [review]
> Add SSL_RestartAfterAuthCertificate to mozilla-central's copy of
> NSS_3_13_2_BETA1
>
> I assume this is identical to the patches, already reviewed, mentioned
> attached in the bug you have mentioned,
> plus adding the patch file to the security/patches directory.
>
> During the conf. call, Wan-Teh requested that you also add/update a README
> file in that directory, and add the respective bug numbers and a one line
> description of the patch.
>
> If you do that, r=kaie
>
> (it's not necessary to add a patch here, just commit a reasonable README
> file)
I added the comment when I checked this in:
https://hg.mozilla.org/mozilla-central/diff/0ef53633ccc7/security/patches/README
Comment 14•13 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/2050e4dfe6e3
1.1 --- a/dbm/src/Makefile.in
1.2 +++ b/dbm/src/Makefile.in
1.3 @@ -74,16 +74,17 @@ endif
1.4 ifeq (,$(filter -DHAVE_SNPRINTF=1,$(ACDEFINES)))
1.5 CSRCS += snprintf.c
1.6 endif
1.7 endif # WINNT
1.8
1.9 LOCAL_INCLUDES = -I$(srcdir)/../include
1.10
1.11 FORCE_STATIC_LIB = 1
1.12 +FORCE_USE_PIC = 1
Note bug 698248.
Assignee | ||
Comment 15•13 years ago
|
||
(In reply to Ms2ger from comment #14)
> 1.12 +FORCE_USE_PIC = 1
>
> Note bug 698248.
I filed bug 707300 about changing this in NSS CVS. Please reply to my question in that bug.
You need to log in
before you can comment on or make changes to this bug.
Description
•