Tested on sparc64 & hppa, and went into an amd64 bulk build.
Node that builtins/certdata.c patch goes to the attic since it's
autogenerated at build time from builtins/certdata.txt (which we patch
too for CACert roots) since bug #683266.
There might be a chemspill for a TURKTRUST CA distrust soon (bug
#825022, sg-only) but let's get this in now.
- use ${SUBST_CMD} instead of old-style perl -pi -e commands
- update nss-config from debian's nss-config.in, since apparently it
comes from there.. needed to fix detection by mozillas, otherwise the
current script returns 3.14 for --version while configure scripts
expect 3.14.0... grab version via awk on nss.h at runtime.
Tested on amd64/i386/powerpc and in an amd64 bulk build. Needed by
firefox 18.
ok sthen@ ajacoutot@ jasper@
SSL 2.0 is disabled by default.
A defense against the SSL 3.0 and TLS 1.0 CBC chosen plaintext attack
demonstrated by Rizzo and Duong (CVE-2011-3389) is enabled by default.
SHA-224 is supported.
additional blacklist CA's. Malaysia-based DigiCert Sdn. Bhd
Ok sthen@
at runtime via other libs (cups, kerberos...) so causing a crash due to
using the wrong binding.
Rename here to avoid conflict.
from pkgsrc
ok sthen@ jasper@ robert@
returning without waiting for the child process to complete which causes
a deadlock between nspr's WaitPidDaemonThread() and PR_WaitProcess().
Reported upstream w/more details:
https://bugzilla.mozilla.org/show_bug.cgi?id=385465
okay martynas@
Network Security Services (NSS) is a set of libraries designed to
support cross-platform development of security-enabled client and
server applications.
Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5,
PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other
security standards.
from MAINTAINER Martynas Venckus <martynas at altroot.org>. okay jolan@
