security/nss: update to 3.50

Changes:	https://developer.mozilla.org/docs/Mozilla/Projects/NSS/NSS_3.50_release_notes
Changes:	https://hg.mozilla.org/projects/nss/shortlog/NSS_3_50_RTM
ABI:		https://abi-laboratory.pro/tracker/timeline/nss/
Reported by:	Repology

security/ca_root_nss/Makefile

@@ -32,7 +32,7 @@ PLIST_SUB+=	CERTDIR=${CERTDIR}
 # !!!  Please DO NOT submit patches for new version until it has !!!
 # !!!  been committed there first.                               !!!
 # !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-VERSION_NSS=	3.49.2
+VERSION_NSS=	3.50
 #NSS_SUFFIX=	-with-ckbi-1.98
 CERTDATA_TXT_PATH=	nss-${VERSION_NSS}/nss/lib/ckfw/builtins/certdata.txt
 BUNDLE_PROCESSOR=	MAca-bundle.pl

security/ca_root_nss/distinfo

@@ -1,3 +1,3 @@
-TIMESTAMP = 1579818145
-SHA256 (nss-3.49.2.tar.gz) = faa7502c3ce9240d4be2aa88f63d88cf7d1cc512060e63ef21a7813c236160b2
-SIZE (nss-3.49.2.tar.gz) = 76489641
+TIMESTAMP = 1581109126
+SHA256 (nss-3.50.tar.gz) = 185df319775243f5f5daa9d49b7f9cc5f2b389435be3247c3376579bee063ba7
+SIZE (nss-3.50.tar.gz) = 78041630

security/nss/Makefile

@@ -2,8 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	nss
-PORTVERSION=	3.49.2
-PORTREVISION=	2
+PORTVERSION=	3.50
 CATEGORIES=	security
 MASTER_SITES=	MOZILLA/security/${PORTNAME}/releases/${DISTNAME:tu:C/[-.]/_/g}_RTM/src
 

security/nss/distinfo

@@ -1,3 +1,3 @@
-TIMESTAMP = 1579818145
-SHA256 (nss-3.49.2.tar.gz) = faa7502c3ce9240d4be2aa88f63d88cf7d1cc512060e63ef21a7813c236160b2
-SIZE (nss-3.49.2.tar.gz) = 76489641
+TIMESTAMP = 1581109126
+SHA256 (nss-3.50.tar.gz) = 185df319775243f5f5daa9d49b7f9cc5f2b389435be3247c3376579bee063ba7
+SIZE (nss-3.50.tar.gz) = 78041630

security/nss/files/patch-bug1575843

@@ -1,94 +0,0 @@
-commit fbde548e8114
-Author: Greg V <greg@unrelenting.technology>
-Date:   Tue Jan 14 16:25:56 2020 +0000
-
-    Bug 1575843 - Detect AArch64 CPU features on FreeBSD r=jcj
-    
-    Environment checks are reogranized to be separate from platform code
-        to make it impossible to forget to check disable_FEATURE on one platform
-        but not the other.
-    
-    Differential Revision: https://phabricator.services.mozilla.com/D55386
----
- lib/freebl/blinit.c | 48 +++++++++++++++++++++++++++++++++++++-----------
- 1 file changed, 37 insertions(+), 11 deletions(-)
-
-diff --git lib/freebl/blinit.c lib/freebl/blinit.c
-index 050b32113e..4723d3bb16 100644
---- lib/freebl/blinit.c
-+++ lib/freebl/blinit.c
-@@ -133,6 +133,8 @@ static unsigned long (*getauxval)(unsigned long) = NULL;
- /* clang-format on */
- 
- #if defined(__aarch64__)
-+
-+#if defined(__linux__)
- // Defines from hwcap.h in Linux kernel - ARM64
- #ifndef HWCAP_AES
- #define HWCAP_AES (1 << 3)
-@@ -146,30 +148,54 @@ static unsigned long (*getauxval)(unsigned long) = NULL;
- #ifndef HWCAP_SHA2
- #define HWCAP_SHA2 (1 << 6)
- #endif
-+#endif /* defined(__linux__) */
-+
-+#if defined(__FreeBSD__)
-+#include <stdint.h>
-+#include <machine/armreg.h>
-+// Support for older version of armreg.h
-+#ifndef ID_AA64ISAR0_AES_VAL
-+#define ID_AA64ISAR0_AES_VAL ID_AA64ISAR0_AES
-+#endif
-+#ifndef ID_AA64ISAR0_SHA1_VAL
-+#define ID_AA64ISAR0_SHA1_VAL ID_AA64ISAR0_SHA1
-+#endif
-+#ifndef ID_AA64ISAR0_SHA2_VAL
-+#define ID_AA64ISAR0_SHA2_VAL ID_AA64ISAR0_SHA2
-+#endif
-+#endif /* defined(__FreeBSD__) */
- 
- void
- CheckARMSupport()
- {
--    char *disable_arm_neon = PR_GetEnvSecure("NSS_DISABLE_ARM_NEON");
--    char *disable_hw_aes = PR_GetEnvSecure("NSS_DISABLE_HW_AES");
--    char *disable_pmull = PR_GetEnvSecure("NSS_DISABLE_PMULL");
- #if defined(_WIN64)
-     BOOL arm_crypto_support = IsProcessorFeaturePresent(PF_ARM_V8_CRYPTO_INSTRUCTIONS_AVAILABLE);
--    arm_aes_support_ = arm_crypto_support && disable_hw_aes == NULL;
--    arm_pmull_support_ = arm_crypto_support && disable_pmull == NULL;
-+    arm_aes_support_ = arm_crypto_support;
-+    arm_pmull_support_ = arm_crypto_support;
-     arm_sha1_support_ = arm_crypto_support;
-     arm_sha2_support_ = arm_crypto_support;
--#else
-+#elif defined(__linux__)
-     if (getauxval) {
-         long hwcaps = getauxval(AT_HWCAP);
--        arm_aes_support_ = hwcaps & HWCAP_AES && disable_hw_aes == NULL;
--        arm_pmull_support_ = hwcaps & HWCAP_PMULL && disable_pmull == NULL;
--        arm_sha1_support_ = hwcaps & HWCAP_SHA1;
--        arm_sha2_support_ = hwcaps & HWCAP_SHA2;
-+        arm_aes_support_ = (hwcaps & HWCAP_AES) == HWCAP_AES;
-+        arm_pmull_support_ = (hwcaps & HWCAP_PMULL) == HWCAP_PMULL;
-+        arm_sha1_support_ = (hwcaps & HWCAP_SHA1) == HWCAP_SHA1;
-+        arm_sha2_support_ = (hwcaps & HWCAP_SHA2) == HWCAP_SHA2;
-+    }
-+#elif defined(__FreeBSD__)
-+    /* qemu-user does not support register access from userspace */
-+    if (PR_GetEnvSecure("QEMU_EMULATING") == NULL) {
-+        uint64_t isar0 = READ_SPECIALREG(id_aa64isar0_el1);
-+        arm_aes_support_ = ID_AA64ISAR0_AES_VAL(isar0) >= ID_AA64ISAR0_AES_BASE;
-+        arm_pmull_support_ = ID_AA64ISAR0_AES_VAL(isar0) >= ID_AA64ISAR0_AES_PMULL;
-+        arm_sha1_support_ = ID_AA64ISAR0_SHA1_VAL(isar0) >= ID_AA64ISAR0_SHA1_BASE;
-+        arm_sha2_support_ = ID_AA64ISAR0_SHA2_VAL(isar0) >= ID_AA64ISAR0_SHA2_BASE;
-     }
- #endif
-     /* aarch64 must support NEON. */
--    arm_neon_support_ = disable_arm_neon == NULL;
-+    arm_neon_support_ = PR_GetEnvSecure("NSS_DISABLE_ARM_NEON") == NULL;
-+    arm_aes_support_ &= PR_GetEnvSecure("NSS_DISABLE_HW_AES") == NULL;
-+    arm_pmull_support_ &= PR_GetEnvSecure("NSS_DISABLE_PMULL") == NULL;
- }
- #endif /* defined(__aarch64__) */
- 

security/nss/files/patch-bug1602386

@@ -1,49 +0,0 @@
-Fix build on FreeBSD/powerpc platforms.
-
-https://bugzilla.mozilla.org/show_bug.cgi?id=1602386
-
---- lib/freebl/Makefile.orig	2019-12-04 01:03:31.000000000 +0100
-+++ lib/freebl/Makefile	2019-12-11 16:48:47.959791000 +0100
-@@ -788,5 +788,7 @@
- endif
- 
- ifeq ($(CPU_ARCH),ppc)
--$(OBJDIR)/$(PROG_PREFIX)gcm-ppc$(OBJ_SUFFIX): CFLAGS += -mcrypto -maltivec
-+$(OBJDIR)/$(PROG_PREFIX)gcm-ppc$(OBJ_SUFFIX): CFLAGS += -mcrypto -maltivec -mvsx
-+$(OBJDIR)/$(PROG_PREFIX)gcm$(OBJ_SUFFIX): CFLAGS += -mcrypto -maltivec -mvsx
-+$(OBJDIR)/$(PROG_PREFIX)rijndael$(OBJ_SUFFIX): CFLAGS += -mcrypto -maltivec -mvsx
- endif
---- lib/freebl/blinit.c.orig	2019-12-11 17:45:06.930646000 +0100
-+++ lib/freebl/blinit.c	2019-12-11 17:50:04.797680000 +0100
-@@ -393,7 +393,12 @@
- 
- #if defined(__powerpc__)
- 
-+#if defined(__FreeBSD__) && __FreeBSD__ < 12
-+#include <sys/types.h>
-+#include <sys/sysctl.h>
-+#else
- #include <sys/auxv.h>
-+#endif
- 
- // Defines from cputable.h in Linux kernel - PPC, letting us build on older kernels
- #ifndef PPC_FEATURE2_VEC_CRYPTO
-@@ -405,7 +410,17 @@
- {
-     char *disable_hw_crypto = PR_GetEnvSecure("NSS_DISABLE_PPC_GHASH");
- 
--    long hwcaps = getauxval(AT_HWCAP2);
-+    unsigned long hwcaps = 0;
-+#if defined(__linux__)
-+    hwcaps = getauxval(AT_HWCAP2);
-+#elif defined(__FreeBSD__)
-+#  if __FreeBSD__ >= 12
-+    elf_aux_info(AT_HWCAP2, &hwcaps, sizeof(hwcaps));
-+#  else
-+    size_t len = sizeof(hwcaps);
-+    sysctlbyname("hw.cpu_features2", &hwcaps, &len, NULL, 0);
-+#  endif
-+#endif
- 
-     ppc_crypto_support_ = hwcaps & PPC_FEATURE2_VEC_CRYPTO && disable_hw_crypto == NULL;
- }

security/nss/files/patch-bug1609181

@@ -1,31 +0,0 @@
-Detect ARM CPU features on FreeBSD.
-    
-Implement `getauxval` via `elf_aux_info` to avoid code duplication.
-`AT_HWCAP*` can be used on powerpc* and riscv64 as well.
-
-diff --git lib/freebl/blinit.c lib/freebl/blinit.c
-index 4723d3bb16..63865eb103 100644
---- lib/freebl/blinit.c
-+++ lib/freebl/blinit.c
-@@ -122,6 +122,21 @@ extern unsigned long getauxval(unsigned long type) __attribute__((weak));
- static unsigned long (*getauxval)(unsigned long) = NULL;
- #endif /* defined(__GNUC__) && __GNUC__ >= 2 && defined(__ELF__)*/
- 
-+#if defined(__FreeBSD__) && !defined(__aarch64__) && __has_include(<sys/auxv.h>)
-+/* Avoid conflict with static declaration above */
-+#define getauxval freebl_getauxval
-+static unsigned long getauxval(unsigned long type)
-+{
-+    /* Only AT_HWCAP* return unsigned long */
-+    if (type != AT_HWCAP && type != AT_HWCAP2)
-+	return 0;
-+
-+    unsigned long ret = 0;
-+    elf_aux_info(type, &ret, sizeof(ret));
-+    return ret;
-+}
-+#endif
-+
- #ifndef AT_HWCAP2
- #define AT_HWCAP2 26
- #endif