Closed
Bug 399590
Opened 18 years ago
Closed 17 years ago
Update Mozilla trunk to use NSS tag NSS_3_12_BETA1
Categories
(Core :: Security: PSM, defect)
Core
Security: PSM
Tracking
()
RESOLVED
FIXED
mozilla1.9beta3
People
(Reporter: KaiE, Assigned: KaiE)
References
Details
Attachments
(4 files, 1 obsolete file)
|
5.07 KB,
patch
|
rrelyea
:
review+
|
Details | Diff | Splinter Review |
|
725 bytes,
patch
|
rrelyea
:
review+
|
Details | Diff | Splinter Review |
|
4.40 KB,
patch
|
KaiE
:
review+
mtschrep
:
approval1.9+
|
Details | Diff | Splinter Review |
|
9.91 KB,
patch
|
Details | Diff | Splinter Review |
Sooner or later we'll have to deliver the next NSS snapshot into Mozilla trunk.
This bug is for tracking this task and other changes that must happen at the same time.
|
Assignee | |
Comment 1•18 years ago
|
||
This is what I had to do to make things link with latest NSS and new libnssutil3.so
Attachment #284633 -
Flags: review?(rrelyea)
|
||
Comment 2•18 years ago
|
||
Comment on attachment 284633 [details] [diff] [review]
Patch v1 (remember to run autoconf-2.13)
This is a necessary but not sufficient change. We also need to add nssutil to the package files as well..
r+ (to be landed with next NSS landing).
The changes the the package files can happen before (it's currently not an error for a shared library to be missing IIRC).
bob
Attachment #284633 -
Flags: review?(rrelyea) → review+
|
||
Comment 3•18 years ago
|
||
Bob, are you saying that you intend to land a newer tag than the one you
created last week? The new nss util shared lib didn't happen until this
week, after you created the tag...
|
|
||
Comment 4•18 years ago
|
||
Not immediately, but eventually I presume we will land a newer version;).
|
||
Comment 5•17 years ago
|
||
A lot of fixes have gone on the NSS trunk in the last two months. Any chance we can get an updated snapshot to work with?
|
||
Comment 6•17 years ago
|
||
Note: there is a planned FF3.0beta3 for late January. It would be nice to land any NSS updates with time to settle before that beta3...
Blocks: 409880
|
|
Assignee | |
Comment 7•17 years ago
|
||
This patch does not replace v1, it shall be used in addition.
This is a change that is required for EV to work correctly, but requires the most recent NSS, therefore landing must be delayed until the update NSS.
This patch will require a successful OCSP check when verifying a potential EV cert for a valid EV policy.
|
|
Assignee | |
Updated•17 years ago
|
Attachment #296570 -
Attachment is obsolete: true
|
|
Assignee | |
Comment 8•17 years ago
|
||
Attachment #296573 -
Flags: review?(rrelyea)
|
|
||
Comment 9•17 years ago
|
||
Comment on attachment 296573 [details] [diff] [review]
Additional Patch v2, enable OCSP checking for EV (corrected)
r+
Attachment #296573 -
Flags: review?(rrelyea) → review+
|
|
||
Comment 10•17 years ago
|
||
Word from Bob Lord is that this new NSS version should be ready to land mid-to-late this week - do we have an ETA?
Shaver asked if there was a try-server build to play with, or whether this tag/rev had gone through valgrind/perf testing, and I didn't have a good answer for him up front, so I figured I'd ask that here too.
|
|
Assignee | |
Comment 11•17 years ago
|
||
The next NSS tag will be NSS_3_12_BETA1, updating summary.
Summary: Update Mozilla trunk to use NSS tag {{next-after-alpha-2}} → Update Mozilla trunk to use NSS tag NSS_3_12_BETA1
|
|
Assignee | |
Updated•17 years ago
|
Attachment #284633 -
Attachment description: Patch v1 → Patch v1 (remember to run autoconf-2.13)
|
|
Assignee | |
Comment 12•17 years ago
|
||
This patch combines the earlier v1 and v2.
It also changes client.mk
-NSS_CO_TAG = NSS_3_12_ALPHA_2B
+NSS_CO_TAG = NSS_3_12_BETA1
which is obviously what we want to do.
Carrying forward reviews.
Requesting approval.
I've done a Linux build with the above patch and SSL works fine for me.
(With the additional patch from regression bug 412455 I even get EV UI...)
I've started local verification builds on Windows and Mac.
Attachment #297618 -
Flags: review+
Attachment #297618 -
Flags: approval1.9?
|
|
Assignee | |
Comment 13•17 years ago
|
||
builds on windows and mac universal completed and run fine
|
|
Assignee | |
Comment 14•17 years ago
|
||
With patch from 412455 applied I get EV UI on all 3 platforms.
(It's no longer necessary to set environment variables. With this new NSS snapshot we no longer use the "test-ev-hack", we now use pkix based verification for EV by default.)
|
|
||
Updated•17 years ago
|
Attachment #297618 -
Flags: approval1.9? → approval1.9+
|
|
Assignee | |
Comment 15•17 years ago
|
||
Checking in client.mk;
/cvsroot/mozilla/client.mk,v <-- client.mk
new revision: 1.361; previous revision: 1.360
done
Checking in configure;
/cvsroot/mozilla/configure,v <-- configure
new revision: 1.1944; previous revision: 1.1943
done
Checking in configure.in;
/cvsroot/mozilla/configure.in,v <-- configure.in
new revision: 1.1914; previous revision: 1.1913
done
Checking in security/manager/Makefile.in;
/cvsroot/mozilla/security/manager/Makefile.in,v <-- Makefile.in
new revision: 1.80; previous revision: 1.79
done
Checking in security/manager/ssl/src/nsIdentityChecking.cpp;
/cvsroot/mozilla/security/manager/ssl/src/nsIdentityChecking.cpp,v <-- nsIdentityChecking.cpp
new revision: 1.6; previous revision: 1.5
done
|
|
Assignee | |
Comment 16•17 years ago
|
||
|
|
Assignee | |
Comment 17•17 years ago
|
||
Checking in mozilla/xpcom/stub/Makefile.in;
/cvsroot/mozilla/xpcom/stub/Makefile.in,v <-- Makefile.in
new revision: 1.22; previous revision: 1.21
done
Checking in mozilla/suite/installer/unix/packages;
/cvsroot/mozilla/suite/installer/unix/packages,v <-- packages
new revision: 1.9; previous revision: 1.8
done
Checking in mozilla/suite/installer/windows/packages;
/cvsroot/mozilla/suite/installer/windows/packages,v <-- packages
new revision: 1.44; previous revision: 1.43
done
Checking in mozilla/calendar/installer/windows/packages-static;
/cvsroot/mozilla/calendar/installer/windows/packages-static,v <-- packages-static
new revision: 1.60; previous revision: 1.59
done
Checking in mozilla/minimo/config/linux_package.sh;
/cvsroot/mozilla/minimo/config/linux_package.sh,v <-- linux_package.sh
new revision: 1.9; previous revision: 1.8
done
Checking in mozilla/browser/installer/unix/config.it;
/cvsroot/mozilla/browser/installer/unix/config.it,v <-- config.it
new revision: 1.22; previous revision: 1.21
done
Checking in mozilla/browser/installer/unix/packages-static;
/cvsroot/mozilla/browser/installer/unix/packages-static,v <-- packages-static
new revision: 1.140; previous revision: 1.139
done
Checking in mozilla/browser/installer/windows/packages-static;
/cvsroot/mozilla/browser/installer/windows/packages-static,v <-- packages-static
new revision: 1.145; previous revision: 1.144
done
Checking in mozilla/mail/installer/windows/packages-static;
/cvsroot/mozilla/mail/installer/windows/packages-static,v <-- packages-static
new revision: 1.79; previous revision: 1.78
done
Checking in mozilla/xulrunner/installer/mozilla-nss.pc.in;
/cvsroot/mozilla/xulrunner/installer/mozilla-nss.pc.in,v <-- mozilla-nss.pc.in
new revision: 1.2; previous revision: 1.1
done
Checking in mozilla/embedding/config/basebrowser-installer-win.pkg;
/cvsroot/mozilla/embedding/config/basebrowser-installer-win.pkg,v <-- basebrowser-installer-win.pkg
new revision: 1.46; previous revision: 1.45
done
Checking in mozilla/embedding/config/basebrowser-mac-macho;
/cvsroot/mozilla/embedding/config/basebrowser-mac-macho,v <-- basebrowser-mac-macho
new revision: 1.59; previous revision: 1.58
done
Checking in mozilla/embedding/config/basebrowser-qnx;
/cvsroot/mozilla/embedding/config/basebrowser-qnx,v <-- basebrowser-qnx
new revision: 1.24; previous revision: 1.23
done
Checking in mozilla/embedding/config/basebrowser-unix;
/cvsroot/mozilla/embedding/config/basebrowser-unix,v <-- basebrowser-unix
new revision: 1.95; previous revision: 1.94
done
Checking in mozilla/embedding/config/basebrowser-win;
/cvsroot/mozilla/embedding/config/basebrowser-win,v <-- basebrowser-win
new revision: 1.112; previous revision: 1.111
done
Checking in mozilla/embedding/config/minimo-qnx;
/cvsroot/mozilla/embedding/config/minimo-qnx,v <-- minimo-qnx
new revision: 1.15; previous revision: 1.14
done
Checking in mozilla/embedding/config/minimo-unix;
/cvsroot/mozilla/embedding/config/minimo-unix,v <-- minimo-unix
new revision: 1.22; previous revision: 1.21
done
|
|
Assignee | |
Comment 18•17 years ago
|
||
tinderbox looks greenish, marking fixed
Status: NEW → RESOLVED
Closed: 17 years ago
Resolution: --- → FIXED
|
||
Comment 19•17 years ago
|
||
Z:14.18MB -> 14.09MB
Zdiff:-93222 (+148099/-241321)
mZ:2.385MB -> 2.343MB
mZdiff:-43814
Target Milestone: --- → mozilla1.9 M11
|
||
Comment 20•17 years ago
|
||
This breaks external nss, looks like -lnssutil3 is not added to linker when linking libxul.so
|
|
Assignee | |
Comment 21•17 years ago
|
||
(In reply to comment #20)
> This breaks external nss, looks like -lnssutil3 is not added to linker when
> linking libxul.so
Can you please file a separate bug where you describe your problem in more detail? (please cc me) Thanks!
|
|
||
Comment 22•17 years ago
|
||
(In reply to comment #20)
same here
|
|
||
Comment 23•17 years ago
|
||
Created bug #412982 for external nss breakage.
You need to log in
before you can comment on or make changes to this bug.
Description
•