summaryrefslogtreecommitdiff
path: root/external/nss
AgeCommit message (Collapse)AuthorFilesLines
2018-08-08nss: upgrade to release 3.38distro/collabora/cd-5.3-3.2Andras Timar7-127/+129
Fixes CVE-2018-0495 and "the ASN.1 code". Change-Id: I96ec90aaee7e4a803ebde1508951c55db4577e9e (cherry picked from commit b01ee1682286a52cda1ee14597257e1f862d4e16)
2017-05-04nss: upgrade to release 3.29.5Michael Stahl10-135/+51
- fixes CVE-2017-5461 and CVE-2017-5462 - drop ubsan-alignment.patch.0, there is apparently now some NO_SANITIZE_ALIGNMENT macro upstream to get this effect - drop some hunks to prevent hard-coding CC/CCC vars, upstream now respects environment vars (but doesn't quote them...) - drop first hunk of ubsan.patch.0, fixed upstream - drop hunk for gtest-internal.h, header looks much newer anyway Change-Id: I5c484c02c1235e185af1ef5166b069303d3378e1 Reviewed-on: https://gerrit.libreoffice.org/36756 Reviewed-by: Michael Stahl <mstahl@redhat.com> Tested-by: Michael Stahl <mstahl@redhat.com> (cherry picked from commit 0cdf41419af854acccee0f819d4add7e8cafb7dc) Reviewed-on: https://gerrit.libreoffice.org/36795 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Caolán McNamara <caolanm@redhat.com> Tested-by: Caolán McNamara <caolanm@redhat.com> (cherry picked from commit fd957eadfa1a042ceccc4083c275fcc43dfea458)
2016-11-17chmod -xTor Lillqvist3-0/+0
Change-Id: Ie07ef2f9e9f6d0b31b513afa913b79d9c641e4f1
2016-10-26Linux: Build NSS in debug mode only in '--enable-dbgutil' mode.Giuseppe Castagno1-0/+1
With this commit, NSS debug mode is enabled only if you compile with --enable-dbgutil using ./autogen.sh command. Only for the Linux platform builds. Change-Id: Ia8626f36692fd38e8b1dbd774e4bc0ccedc59072 Reviewed-on: https://gerrit.libreoffice.org/29781 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Giuseppe Castagno <giuseppe.castagno@acca-esse.eu> Reviewed-by: Michael Stahl <mstahl@redhat.com>
2016-10-23cond. build is already handled in Module_external.mkDavid Tardon1-2/+0
Change-Id: I5efe3bafc4f0b97578a75dc1f43e6c130a93bc4a
2016-10-11external/nss: Adapt ASan/UBSan-specific patches to nss 3.27Stephan Bergmann2-23/+23
Change-Id: Ic96a57a1f43f7aae4e0733d2e65edd843b827a54
2016-10-10bump nss to 3.27Caolán McNamara10-42/+106
Notable changes in NSS 3.24: * Add a shared library (libfreeblpriv3) on Linux platforms that define FREEBL_LOWHASH Change-Id: If99ee77bea40796cc56944724291a83068ff8198 Reviewed-on: https://gerrit.libreoffice.org/27304 Reviewed-by: Caolán McNamara <caolanm@redhat.com> Tested-by: Caolán McNamara <caolanm@redhat.com>
2016-08-22Silence -fsanitize=array-bounds in external/nssStephan Bergmann1-0/+29
...by making lgdbDataStr::names a "by-convention flexible array member". Otherwise, e.g. CppunitTest_xmlsecurity_signing_test fails with "index 30 out of bounds for type 'unsigned char [6]'". Change-Id: Ie5bf4199b8b49090a987143d355754a69512e309
2016-08-22Remove noise from patch fileStephan Bergmann1-3/+2
Change-Id: I5b09280dbd5bda1751aa44b4ef6d5e3b8d88ea2c
2016-07-19Revert "bump nss to 3.25"Caolán McNamara4-26/+23
This reverts commit f10b31c2fe16bfcbb7cb278fdec65deacbe06219.
2016-07-19bump nss to 3.25Caolán McNamara4-23/+26
Change-Id: If99ee77bea40796cc56944724291a83068ff8198
2016-07-04Avoid -fsanitize=alignment in external/nssStephan Bergmann2-0/+41
...in a way that might be a performance issue, so include the patch only conditionally. Change-Id: I483a77d0d199c2dee00139fdd4fa41223192289c
2016-04-13switch off 'warning treated as error' in external/nss in Win32Oliver Specht2-0/+15
This prevents errors from ms sdk sal_supp.h: warning '__useHeader': macro redefinition Change-Id: I122bbf6171c73d77970a549353dca67dd26d0300 Reviewed-on: https://gerrit.libreoffice.org/24055 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Oliver Specht <oliver.specht@cib.de>
2016-04-05Allow NSS to build under cp950 in windows.Mark Hung2-0/+32
Change-Id: I4a5ef736ad714dd3b1beb4054e2347973db70e39 Reviewed-on: https://gerrit.libreoffice.org/23704 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Michael Stahl <mstahl@redhat.com>
2016-04-01nss: remove nss-pem.patchMichael Stahl4-6402/+0
It looks like commit 30b9c6a457de61f3c94431ecc75716f866c3379e made this obsolete: by default, curl's configure will pick some OpenSSL certificate database in /etc to use, which is in PEM format. But since every distribution uses a different path in /etc for that, it will work only on the same distribution as the build host anyway, which makes it mostly useless in practice. So we don't need our NSS to be able to read PEM format now. Speaking of which, PEM support was only required for Linux builds anyway, not for WNT/Mac builds. Change-Id: Ib9bc6ec0b7d71c14e9a53454e6efed038072e913 Reviewed-on: https://gerrit.libreoffice.org/23435 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Giuseppe Castagno <giuseppe.castagno@acca-esse.eu> Reviewed-by: Michael Stahl <mstahl@redhat.com>
2016-03-15fix nss build when targeting windows XP (using 7.1A SDK)Christian Lohmaier2-0/+11
otherwise build fails because of macro redefinitions warnings (that are now fatal because of warnings=errors) Change-Id: I0a15083d9ffd032c48ab491695319309f3053fb7
2016-03-05Fix nss on MSVC 14.0 in debug modeDavid Ostrovsky2-0/+24
outdir doesn't seem to be created. Use current directory for pdb files as the obj files are already stored in the current directory. Change-Id: I41dd65714d314cd374cc5de073d48f1a58b18c56 Reviewed-on: https://gerrit.libreoffice.org/22888 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Norbert Thiebaud <nthiebaud@gmail.com>
2016-03-05nss: Fix pointer truncation from 'char *' to 'long'David Ostrovsky1-0/+11
Change-Id: Ie1659c62cbf77f8b685fdf7d79cd62336fa99005 Reviewed-on: https://gerrit.libreoffice.org/22916 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Norbert Thiebaud <nthiebaud@gmail.com>
2016-03-04external/nss: -Werror,-Wundef (__GNUC__ vs. clang-cl)Stephan Bergmann1-2/+20
Change-Id: I4641767451ac1ec9f580d24bafa57a11e2f99ac3
2016-02-28Bump nss to 3.22.1 and nspr to 4.12David Ostrovsky7-40/+68
It seems like nss has activated -Werror, even though the code is not warning free: [1]. This applies also to the additional patches that would need to be patched to be a warning free patch, endless recursion. To avoid messing around with something like that: [2], we disable -Werror option for now. Also note, that [2] doesn't fix all warnings, but only part of them so that we let with unsolved non-trivially to fix warnings on different supported compilers if we would choose the warning-free-compilation-path. [1] https://groups.google.com/d/topic/mozilla.dev.tech.crypto/TgnF3tIMxJ0/discussion [2] https://git.fedorahosted.org/cgit/nss-pem.git/commit/?id=ec2b9a90623b1ec5adb6ebe8d6651b35854786ec Change-Id: I762c03acede6c4eac715d3b0589061eeabbcc7c2 Reviewed-on: https://gerrit.libreoffice.org/22650 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: David Ostrovsky <david@ostrovsky.org>
2016-02-25nss: remove obvious cruft from READMEMichael Stahl1-60/+4
Change-Id: If99babda104a35563208e89d86bf10bcff8f22f4
2015-12-02external/nss: work around missing clang-cl #pragma supportStephan Bergmann2-0/+57
Change-Id: I068ff0ef2252409689c0c376ec41bdd97b4567cc
2015-12-01Fix patch file attributesStephan Bergmann1-0/+0
Change-Id: I4f86aba24f2dad14f43effd6e0b291f8f58f1712
2015-11-12Generalize COM_GCC_IS_CLANG -> COM_IS_CLANGStephan Bergmann1-1/+1
...in anticipation of building with clang-cl.exe on Windows Change-Id: I1d723c9d3b5ca8a2bc6b27ef0189a7b053581398 Reviewed-on: https://gerrit.libreoffice.org/19928 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
2015-09-02Fix nss on MSVC 14.0David Ostrovsky2-1/+14
Change-Id: I8c2f18a509ae6686af4ede5b0daa8291d164c9fd Reviewed-on: https://gerrit.libreoffice.org/18211 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Michael Stahl <mstahl@redhat.com>
2015-07-03nss: upgrade to release 3.19.2Michael Stahl5-2589/+4
- drop nss-linux-x86-patch.0: this was actually patching OS/2-specific code so is evidently obsolete - drop nspr-build-config.patch: there does not appear to be any justification why this huge patch exists at all, so the only reasonable thing to do is to drop it - nss_macosx.patch: drop several hunks relevant only to unuspported MacOSX/PPC platform Change-Id: Id55fcb8eaa637c10a42203f1897480df8a6ec0fa
2015-06-13TyposJulien Nabet1-1/+1
Change-Id: I21c352a63d668c174eef212dbfbe6346c678ce4d
2015-06-12external/nss: -fsanitize=nonnull-attributeStephan Bergmann1-0/+11
Change-Id: Ic3a20f56250d99a347df5deaf785800a2f96e470
2015-05-19Update Apache Bugzilla’s URLAdolfo Jayme Barrientos1-1/+1
Change-Id: I6ef4ae530b7fb4e615100803ae6e3972d9b4545f
2014-11-13Work around InterlockedExchange not exported from kernel32.dll on x64Stephan Bergmann1-0/+11
...as reported in a comment on <http://msdn.microsoft.com/en-us/library/windows/ desktop/ms683590%28v=vs.85%29.aspx> "InterlockedExchange function" Change-Id: Ie71edd7a5ce8ff3c922d607e174a4c4d43c08c1d
2014-10-27nss: add libnsspem.dylib to macosx-change-install-names.pl callRobert Antoni Buj i Gelonch1-0/+1
Change-Id: If457f9e090a4ef3a5b2b8e4f09ce0b5e3b3d04ec Signed-off-by: Stephan Bergmann <sbergman@redhat.com>
2014-10-21Cross-compilation fixTor Lillqvist1-1/+5
Change-Id: I205afbd9c1cbe3a286359036cbdcf6aa9d986f71
2014-10-21Make the patch apply again after NSS updateTor Lillqvist1-2/+2
Change-Id: I935188ee90b4c56c5a4d7cc374a26e4b182beb5f
2014-10-16MAC_OS_X_VERSION_MIN_REQUIRED is always >= 1080 nowTor Lillqvist2-2/+1
Change-Id: I40d03ab9acb67ab72b9047017452f069ce88fd4b
2014-10-09bump nss from 3.15.3 to 3.16.5Caolán McNamara7-1629/+2073
Change-Id: I8318982eb1cee1a694dbdd504e0ca106a29d807e Reviewed-on: https://gerrit.libreoffice.org/11700 Reviewed-by: Caolán McNamara <caolanm@redhat.com> Tested-by: Caolán McNamara <caolanm@redhat.com>
2014-10-02fdo#82430: MSVC build: avoid using SSE2 instructions in some externalsMichael Stahl1-1/+1
Hopefully this should fix up the most important external libraries. Change-Id: I744cb5a2ce7fafb10852059050cf24589d6ca400
2014-08-13Make NSS build also as 64-bit ARM code for iOSTor Lillqvist2-0/+13
Change-Id: I03cda6ca1886a3cfad87cc438282eeea8c2a5299
2014-08-12More NSS static linking patchesTor Lillqvist2-0/+40
I noticed in the debugger that this code tried to load a freebl dylib, but after then making it link to the freebl entry point statically, I no longer see it being entered. Huh, confusing. Making NSS work on iOS to the extent we need is a pain. Change-Id: Iafc3785752587c38566441f566e187859022733e
2014-08-12Use Chromium's patch to build NSS statically for iOSTor Lillqvist2-0/+488
Change-Id: Ica2cf641bc54f6e924b759cd4cf96dd96347c53b
2014-08-11First attempt at building NSS for iOS, tooTor Lillqvist5-5/+115
Let's hope that the various static archives that get built by the NSS build machinery contain what an iOS app that needs NSS services requires. I patch out the construction of any dylibs and executables in nss. We don't use any dylibs on iOS anyway, and of course don't need any NSS executables either. Change-Id: Ic977c6e3d6c4e953202e78f8e08c4e61f6c9cb1b
2014-08-08Generalize -fsanitize=address checksStephan Bergmann1-1/+3
...that are at least also relevant for -fsanitize=undefined Change-Id: I39044d2a73912a605af8e965eb1cdf8dfd4f0051
2014-08-06left shift of 4276994303 by 32 places cannot be represented in type 'long'Stephan Bergmann2-1/+15
Change-Id: Ie9ddc5a42116720e0602d7fb38360f01b71df69c
2014-07-17fdo#72277: don't build and use nsspem when building against system curlCédric Bosdonnat2-4/+23
System CURL will know how to get the CA bundle from the system openSSL. There is no need to have internal NSS CA database support. Change-Id: Ie5074c78f7d78b2c2f452d4d4e11c98222529883
2014-07-16nss: document why --with-system-nss can't be used in generic buildsMichael Stahl1-0/+16
Change-Id: I93ce16b4dd059ca0ed79975cfb6373dd629f29a9
2014-07-15fdo#72277: NSS-PEM windows fixes.Cédric Bosdonnat1-7/+82
Added missing SEC_ASN1_MKSUB for windows to build Use PL_strcasecmp instead of strcasecmp. Fixed remaining declaration not at begining of a block Added missing nsspem.rc for windows Change-Id: I144f9cf19c0efe85ad68011cf81e0466aa1ac9f5
2014-07-15fdo#72277: NSS-PEM, use PR_snprintf instead of snprintfCédric Bosdonnat1-13/+18
Change-Id: I8aeb9a787992deb784e4e4430f7e0eab57f9a598
2014-07-15fdo#72277: NSS-PEM yet another build fix for MS compilerCédric Bosdonnat1-3/+4
Change-Id: I524a14cd124e69e288de5ae8464eb611989dffde
2014-07-15fdo#72277: nss-pem fixed windows and macos build errorsCédric Bosdonnat1-11/+10
Change-Id: I30b4036b6cf00dec753115bbc59990daec27ef20
2014-07-15fdo#72277: Use NSS CACERT in cmis ucp with internal curlCédric Bosdonnat3-0/+6285
This fix contains two parts: * initialize NSS in the CMIS UCP right before sending an HTTP request in case internal curl is used. This makes internal curl find the NSS CACERT database from the user mozilla profile. * add nsspem to allow curl to use CACERTs from libnssckbi. Without libnsspem curl is unable to read the certificates from the NSS database. The nss-pem code has been extracted from the fedora-hosted repository: https://git.fedorahosted.org/cgit/nss-pem.git Change-Id: Ie8dedf020480cca01bf9761382886566a1150778
2014-07-11avoid -arch for bundled OpenSSL, Python3, and nss/nspr on OSX@PowerPCDouglas Mencken2-16/+36
this fixes gcc: error: unrecognized command line option '-arch' The '-arch' option is part of Apple's extensions to GCC, and it is uncompatible with "vanilla" GCC from FSF. Also, we're not building "universal binaries". Change-Id: I44e7c72bbb1dd4be5ac9cdbc4f210aaccea513b4 Reviewed-on: https://gerrit.libreoffice.org/10117 Reviewed-by: Caolán McNamara <caolanm@redhat.com> Tested-by: Caolán McNamara <caolanm@redhat.com>
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-17 23:40:04 +0000